diff options
Diffstat (limited to 'thirdparties')
87 files changed, 586 insertions, 501 deletions
diff --git a/thirdparties/android/armv5te/lib/dist/libcrypto.a b/thirdparties/android/armv5te/lib/dist/libcrypto.a Binary files differindex 5308e67..83d360a 100755 --- a/thirdparties/android/armv5te/lib/dist/libcrypto.a +++ b/thirdparties/android/armv5te/lib/dist/libcrypto.a diff --git a/thirdparties/android/armv5te/lib/dist/libssl.a b/thirdparties/android/armv5te/lib/dist/libssl.a Binary files differindex 5473fb7..d8d4396 100755 --- a/thirdparties/android/armv5te/lib/dist/libssl.a +++ b/thirdparties/android/armv5te/lib/dist/libssl.a diff --git a/thirdparties/android/armv7-a-neon/lib/dist/libcrypto.a b/thirdparties/android/armv7-a-neon/lib/dist/libcrypto.a Binary files differindex 5691266..dff7077 100755 --- a/thirdparties/android/armv7-a-neon/lib/dist/libcrypto.a +++ b/thirdparties/android/armv7-a-neon/lib/dist/libcrypto.a diff --git a/thirdparties/android/armv7-a-neon/lib/dist/libssl.a b/thirdparties/android/armv7-a-neon/lib/dist/libssl.a Binary files differindex c88b2a1..656b2e2 100755 --- a/thirdparties/android/armv7-a-neon/lib/dist/libssl.a +++ b/thirdparties/android/armv7-a-neon/lib/dist/libssl.a diff --git a/thirdparties/android/armv7-a/lib/dist/libcrypto.a b/thirdparties/android/armv7-a/lib/dist/libcrypto.a Binary files differindex 4a86764..557559c 100755 --- a/thirdparties/android/armv7-a/lib/dist/libcrypto.a +++ b/thirdparties/android/armv7-a/lib/dist/libcrypto.a diff --git a/thirdparties/android/armv7-a/lib/dist/libssl.a b/thirdparties/android/armv7-a/lib/dist/libssl.a Binary files differindex 3314d29..a95f01b 100755 --- a/thirdparties/android/armv7-a/lib/dist/libssl.a +++ b/thirdparties/android/armv7-a/lib/dist/libssl.a diff --git a/thirdparties/android/x86/lib/dist/libcrypto.a b/thirdparties/android/x86/lib/dist/libcrypto.a Binary files differindex 9fe5c7b..5295df0 100755 --- a/thirdparties/android/x86/lib/dist/libcrypto.a +++ b/thirdparties/android/x86/lib/dist/libcrypto.a diff --git a/thirdparties/android/x86/lib/dist/libssl.a b/thirdparties/android/x86/lib/dist/libssl.a Binary files differindex 183bd0b..0176ee9 100755 --- a/thirdparties/android/x86/lib/dist/libssl.a +++ b/thirdparties/android/x86/lib/dist/libssl.a diff --git a/thirdparties/common/include/openssl/aes.h b/thirdparties/common/include/openssl/aes.h index 87bf60f..faa66c4 100755..100644 --- a/thirdparties/common/include/openssl/aes.h +++ b/thirdparties/common/include/openssl/aes.h @@ -1,4 +1,4 @@ -/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes.h */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * diff --git a/thirdparties/common/include/openssl/asn1.h b/thirdparties/common/include/openssl/asn1.h index c51d3bb..68e791f 100755..100644 --- a/thirdparties/common/include/openssl/asn1.h +++ b/thirdparties/common/include/openssl/asn1.h @@ -158,7 +158,7 @@ extern "C" { # define SMIME_OLDMIME 0x400 # define SMIME_CRLFEOL 0x800 # define SMIME_STREAM 0x1000 -struct X509_algor_st; + struct X509_algor_st; DECLARE_STACK_OF(X509_ALGOR) # define DECLARE_ASN1_SET_OF(type)/* filled in by mkstack.pl */ @@ -769,7 +769,7 @@ typedef struct BIT_STRING_BITNAME_st { (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\ ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING) -/* for the is_set parameter to i2d_ASN1_SET */ + /* for the is_set parameter to i2d_ASN1_SET */ # define IS_SEQUENCE 0 # define IS_SET 1 @@ -800,10 +800,10 @@ int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str); ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a); ASN1_STRING *ASN1_STRING_type_new(int type); int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b); -/* - * Since this is used to store all sorts of things, via macros, for now, - * make its data void * - */ + /* + * Since this is used to store all sorts of things, via macros, for now, + * make its data void * + */ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len); int ASN1_STRING_length(const ASN1_STRING *x); @@ -855,10 +855,10 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a); ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, - time_t t); + time_t t); ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, - time_t t, int offset_day, - long offset_sec); + time_t t, int offset_day, + long offset_sec); int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str); int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from, const ASN1_TIME *to); @@ -898,7 +898,7 @@ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec); int ASN1_TIME_check(ASN1_TIME *t); ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME - **out); + **out); int ASN1_TIME_set_string(ASN1_TIME *s, const char *str); int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, @@ -1059,8 +1059,8 @@ int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data, int max_len); STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len, - d2i_of_void *d2i, - void (*free_func) (OPENSSL_BLOCK)); + d2i_of_void *d2i, + void (*free_func) (OPENSSL_BLOCK)); unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d, unsigned char **buf, int *len); void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i); diff --git a/thirdparties/common/include/openssl/asn1_mac.h b/thirdparties/common/include/openssl/asn1_mac.h index abc6dc3..abc6dc3 100755..100644 --- a/thirdparties/common/include/openssl/asn1_mac.h +++ b/thirdparties/common/include/openssl/asn1_mac.h diff --git a/thirdparties/common/include/openssl/asn1t.h b/thirdparties/common/include/openssl/asn1t.h index 99bc0ee..99bc0ee 100755..100644 --- a/thirdparties/common/include/openssl/asn1t.h +++ b/thirdparties/common/include/openssl/asn1t.h diff --git a/thirdparties/common/include/openssl/bio.h b/thirdparties/common/include/openssl/bio.h index 965f933..6790aed 100755..100644 --- a/thirdparties/common/include/openssl/bio.h +++ b/thirdparties/common/include/openssl/bio.h @@ -291,7 +291,7 @@ void BIO_clear_flags(BIO *b, int flags); * BIO_CB_RETURN flag indicates if it is after the call */ # define BIO_CB_RETURN 0x80 -# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)) +# define BIO_CB_return(a) ((a)|BIO_CB_RETURN) # define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN)) # define BIO_cb_post(a) ((a)&BIO_CB_RETURN) @@ -479,11 +479,11 @@ struct bio_dgram_sctp_prinfo { # define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0) # define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1) # define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2) -# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0) +# define BIO_get_conn_int_port(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL) # define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) -/* BIO_s_accept_socket() */ +/* BIO_s_accept() */ # define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name) # define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0) /* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */ @@ -496,6 +496,7 @@ struct bio_dgram_sctp_prinfo { # define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL) # define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL) +/* BIO_s_accept() and BIO_s_connect() */ # define BIO_do_connect(b) BIO_do_handshake(b) # define BIO_do_accept(b) BIO_do_handshake(b) # define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL) @@ -515,12 +516,15 @@ struct bio_dgram_sctp_prinfo { # define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url)) # define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL) +/* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */ # define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd) # define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c) +/* BIO_s_file() */ # define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp) # define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp) +/* BIO_s_fd() and BIO_s_file() */ # define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL) # define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL) @@ -685,7 +689,7 @@ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi, long argl, long ret); BIO_METHOD *BIO_s_mem(void); -BIO *BIO_new_mem_buf(void *buf, int len); +BIO *BIO_new_mem_buf(const void *buf, int len); BIO_METHOD *BIO_s_socket(void); BIO_METHOD *BIO_s_connect(void); BIO_METHOD *BIO_s_accept(void); @@ -757,9 +761,9 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag); int BIO_dgram_is_sctp(BIO *bio); int BIO_dgram_sctp_notification_cb(BIO *b, void (*handle_notifications) (BIO *bio, - void - *context, - void *buf), + void + *context, + void *buf), void *context); int BIO_dgram_sctp_wait_for_dry(BIO *b); int BIO_dgram_sctp_msg_waiting(BIO *b); diff --git a/thirdparties/common/include/openssl/blowfish.h b/thirdparties/common/include/openssl/blowfish.h index 8329302..8329302 100755..100644 --- a/thirdparties/common/include/openssl/blowfish.h +++ b/thirdparties/common/include/openssl/blowfish.h diff --git a/thirdparties/common/include/openssl/bn.h b/thirdparties/common/include/openssl/bn.h index 5f24cba..86264ae 100755..100644 --- a/thirdparties/common/include/openssl/bn.h +++ b/thirdparties/common/include/openssl/bn.h @@ -125,6 +125,7 @@ #ifndef HEADER_BN_H # define HEADER_BN_H +# include <limits.h> # include <openssl/e_os2.h> # ifndef OPENSSL_NO_FP_API # include <stdio.h> /* FILE */ @@ -280,7 +281,7 @@ extern "C" { # ifndef OPENSSL_NO_DEPRECATED # define BN_FLG_FREE 0x8000 -/* used for debuging */ + /* used for debuging */ # endif # define BN_set_flags(b,n) ((b)->flags|=(n)) # define BN_get_flags(b,n) ((b)->flags&(n)) @@ -609,11 +610,11 @@ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, int (*bn_mod_exp) (BIGNUM *r, - const BIGNUM *a, - const BIGNUM *p, - const BIGNUM *m, - BN_CTX *ctx, - BN_MONT_CTX *m_ctx), + const BIGNUM *a, + const BIGNUM *p, + const BIGNUM *m, + BN_CTX *ctx, + BN_MONT_CTX *m_ctx), BN_MONT_CTX *m_ctx); # ifndef OPENSSL_NO_DEPRECATED @@ -721,8 +722,17 @@ const BIGNUM *BN_get0_nist_prime_521(void); /* library internal functions */ -# define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\ - (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2)) +# define bn_expand(a,bits) \ + ( \ + bits > (INT_MAX - BN_BITS2 + 1) ? \ + NULL \ + : \ + (((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax) ? \ + (a) \ + : \ + bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2) \ + ) + # define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words))) BIGNUM *bn_expand2(BIGNUM *a, int words); # ifndef OPENSSL_NO_DEPRECATED @@ -779,6 +789,7 @@ int RAND_pseudo_bytes(unsigned char *buf, int num); * wouldn't be constructed with top!=dmax. */ \ BN_ULONG *_not_const; \ memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \ + /* Debug only - safe to ignore error return */ \ RAND_pseudo_bytes(&_tmp_char, 1); \ memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \ (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \ @@ -892,6 +903,7 @@ void ERR_load_BN_strings(void); # define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135 # define BN_F_BN_GF2M_MOD_SQR 136 # define BN_F_BN_GF2M_MOD_SQRT 137 +# define BN_F_BN_LSHIFT 145 # define BN_F_BN_MOD_EXP2_MONT 118 # define BN_F_BN_MOD_EXP_MONT 109 # define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 @@ -907,12 +919,14 @@ void ERR_load_BN_strings(void); # define BN_F_BN_NEW 113 # define BN_F_BN_RAND 114 # define BN_F_BN_RAND_RANGE 122 +# define BN_F_BN_RSHIFT 146 # define BN_F_BN_USUB 115 /* Reason codes. */ # define BN_R_ARG2_LT_ARG3 100 # define BN_R_BAD_RECIPROCAL 101 # define BN_R_BIGNUM_TOO_LONG 114 +# define BN_R_BITS_TOO_SMALL 118 # define BN_R_CALLED_WITH_EVEN_MODULUS 102 # define BN_R_DIV_BY_ZERO 103 # define BN_R_ENCODING_ERROR 104 @@ -920,6 +934,7 @@ void ERR_load_BN_strings(void); # define BN_R_INPUT_NOT_REDUCED 110 # define BN_R_INVALID_LENGTH 106 # define BN_R_INVALID_RANGE 115 +# define BN_R_INVALID_SHIFT 119 # define BN_R_NOT_A_SQUARE 111 # define BN_R_NOT_INITIALIZED 107 # define BN_R_NO_INVERSE 108 diff --git a/thirdparties/common/include/openssl/buffer.h b/thirdparties/common/include/openssl/buffer.h index c343dd7..efd240a 100755..100644 --- a/thirdparties/common/include/openssl/buffer.h +++ b/thirdparties/common/include/openssl/buffer.h @@ -86,7 +86,13 @@ int BUF_MEM_grow(BUF_MEM *str, size_t len); int BUF_MEM_grow_clean(BUF_MEM *str, size_t len); size_t BUF_strnlen(const char *str, size_t maxlen); char *BUF_strdup(const char *str); + +/* + * Like strndup, but in addition, explicitly guarantees to never read past the + * first |siz| bytes of |str|. + */ char *BUF_strndup(const char *str, size_t siz); + void *BUF_memdup(const void *data, size_t siz); void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz); diff --git a/thirdparties/common/include/openssl/camellia.h b/thirdparties/common/include/openssl/camellia.h index 9be7c0f..45e8d25 100755..100644 --- a/thirdparties/common/include/openssl/camellia.h +++ b/thirdparties/common/include/openssl/camellia.h @@ -1,4 +1,4 @@ -/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/camellia/camellia.h */ /* ==================================================================== * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * diff --git a/thirdparties/common/include/openssl/cast.h b/thirdparties/common/include/openssl/cast.h index 0003ec9..0003ec9 100755..100644 --- a/thirdparties/common/include/openssl/cast.h +++ b/thirdparties/common/include/openssl/cast.h diff --git a/thirdparties/common/include/openssl/cmac.h b/thirdparties/common/include/openssl/cmac.h index 175be83..175be83 100755..100644 --- a/thirdparties/common/include/openssl/cmac.h +++ b/thirdparties/common/include/openssl/cmac.h diff --git a/thirdparties/common/include/openssl/cms.h b/thirdparties/common/include/openssl/cms.h index fe72417..e6c7f96 100755..100644 --- a/thirdparties/common/include/openssl/cms.h +++ b/thirdparties/common/include/openssl/cms.h @@ -164,8 +164,8 @@ int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags); CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, - const unsigned char *key, - size_t keylen, unsigned int flags); + const unsigned char *key, + size_t keylen, unsigned int flags); int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph, const unsigned char *key, size_t keylen); @@ -197,23 +197,23 @@ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri); EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri); CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, - X509 *recip, unsigned int flags); + X509 *recip, unsigned int flags); int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey); int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert); int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, EVP_PKEY **pk, X509 **recip, X509_ALGOR **palg); int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, - ASN1_OCTET_STRING **keyid, - X509_NAME **issuer, - ASN1_INTEGER **sno); + ASN1_OCTET_STRING **keyid, + X509_NAME **issuer, + ASN1_INTEGER **sno); CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, - unsigned char *key, size_t keylen, - unsigned char *id, size_t idlen, - ASN1_GENERALIZEDTIME *date, - ASN1_OBJECT *otherTypeId, - ASN1_TYPE *otherType); + unsigned char *key, size_t keylen, + unsigned char *id, size_t idlen, + ASN1_GENERALIZEDTIME *date, + ASN1_OBJECT *otherTypeId, + ASN1_TYPE *otherType); int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg, @@ -233,11 +233,11 @@ int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, ossl_ssize_t passlen); CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, - int iter, int wrap_nid, - int pbe_nid, - unsigned char *pass, - ossl_ssize_t passlen, - const EVP_CIPHER *kekciph); + int iter, int wrap_nid, + int pbe_nid, + unsigned char *pass, + ossl_ssize_t passlen, + const EVP_CIPHER *kekciph); int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); @@ -331,10 +331,10 @@ void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid, int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr); CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen, - int allorfirst, - STACK_OF(GENERAL_NAMES) - *receiptList, STACK_OF(GENERAL_NAMES) - *receiptsTo); + int allorfirst, + STACK_OF(GENERAL_NAMES) + *receiptList, STACK_OF(GENERAL_NAMES) + *receiptsTo); int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr); void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid, diff --git a/thirdparties/common/include/openssl/comp.h b/thirdparties/common/include/openssl/comp.h index 406c428..60a0734 100755..100644 --- a/thirdparties/common/include/openssl/comp.h +++ b/thirdparties/common/include/openssl/comp.h @@ -4,6 +4,10 @@ # include <openssl/crypto.h> +# ifdef OPENSSL_NO_COMP +# error COMP is disabled. +# endif + #ifdef __cplusplus extern "C" { #endif diff --git a/thirdparties/common/include/openssl/conf.h b/thirdparties/common/include/openssl/conf.h index 8d926d5..8d926d5 100755..100644 --- a/thirdparties/common/include/openssl/conf.h +++ b/thirdparties/common/include/openssl/conf.h diff --git a/thirdparties/common/include/openssl/conf_api.h b/thirdparties/common/include/openssl/conf_api.h index 719ff92..e478f7d 100755..100644 --- a/thirdparties/common/include/openssl/conf_api.h +++ b/thirdparties/common/include/openssl/conf_api.h @@ -72,7 +72,7 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section); CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section); /* Up until OpenSSL 0.9.5a, this was CONF_get_section */ STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf, - const char *section); + const char *section); int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value); char *_CONF_get_string(const CONF *conf, const char *section, diff --git a/thirdparties/common/include/openssl/crypto.h b/thirdparties/common/include/openssl/crypto.h index 2dd0443..6c644ce 100755..100644 --- a/thirdparties/common/include/openssl/crypto.h +++ b/thirdparties/common/include/openssl/crypto.h @@ -435,14 +435,14 @@ int CRYPTO_get_new_lockid(char *name); int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */ void CRYPTO_lock(int mode, int type, const char *file, int line); void CRYPTO_set_locking_callback(void (*func) (int mode, int type, - const char *file, int line)); + const char *file, int line)); void (*CRYPTO_get_locking_callback(void)) (int mode, int type, - const char *file, int line); + const char *file, int line); void CRYPTO_set_add_lock_callback(int (*func) - (int *num, int mount, int type, - const char *file, int line)); + (int *num, int mount, int type, + const char *file, int line)); int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type, - const char *file, int line); + const char *file, int line); /* Don't use this structure directly. */ typedef struct crypto_threadid_st { @@ -473,24 +473,24 @@ void CRYPTO_destroy_dynlockid(int i); struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i); void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*dyn_create_function) (const char - *file, - int line)); + *file, + int line)); void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function) - (int mode, - struct CRYPTO_dynlock_value *l, - const char *file, int line)); + (int mode, + struct CRYPTO_dynlock_value *l, + const char *file, int line)); void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function) - (struct CRYPTO_dynlock_value *l, - const char *file, int line)); + (struct CRYPTO_dynlock_value *l, + const char *file, int line)); struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void)) (const char *file, int line); void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode, - struct CRYPTO_dynlock_value - *l, const char *file, - int line); + struct CRYPTO_dynlock_value + *l, const char *file, + int line); void (*CRYPTO_get_dynlock_destroy_callback(void)) (struct CRYPTO_dynlock_value - *l, const char *file, - int line); + *l, const char *file, + int line); /* * CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- call @@ -502,13 +502,13 @@ int CRYPTO_set_locked_mem_functions(void *(*m) (size_t), void (*free_func) (void *)); int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), void *(*r) (void *, size_t, const char *, - int), void (*f) (void *)); + int), void (*f) (void *)); int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int), void (*free_func) (void *)); int CRYPTO_set_mem_debug_functions(void (*m) - (void *, int, const char *, int, int), + (void *, int, const char *, int, int), void (*r) (void *, void *, int, - const char *, int, int), + const char *, int, int), void (*f) (void *, int), void (*so) (long), long (*go) (void)); void CRYPTO_get_mem_functions(void *(**m) (size_t), @@ -518,14 +518,14 @@ void CRYPTO_get_locked_mem_functions(void *(**m) (size_t), void (**f) (void *)); void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int), void *(**r) (void *, size_t, const char *, - int), void (**f) (void *)); + int), void (**f) (void *)); void CRYPTO_get_locked_mem_ex_functions(void *(**m) (size_t, const char *, int), void (**f) (void *)); void CRYPTO_get_mem_debug_functions(void (**m) - (void *, int, const char *, int, int), + (void *, int, const char *, int, int), void (**r) (void *, void *, int, - const char *, int, int), + const char *, int, int), void (**f) (void *, int), void (**so) (long), long (**go) (void)); @@ -628,7 +628,7 @@ void OPENSSL_init(void); * into a defined order as the return value when a != b is undefined, other * than to be non-zero. */ -int CRYPTO_memcmp(const void *a, const void *b, size_t len); +int CRYPTO_memcmp(const volatile void *a, const volatile void *b, size_t len); /* BEGIN ERROR CODES */ /* diff --git a/thirdparties/common/include/openssl/des.h b/thirdparties/common/include/openssl/des.h index 1b40144..1b40144 100755..100644 --- a/thirdparties/common/include/openssl/des.h +++ b/thirdparties/common/include/openssl/des.h diff --git a/thirdparties/common/include/openssl/des_old.h b/thirdparties/common/include/openssl/des_old.h index f1e1e2c..ee7607a 100755..100644 --- a/thirdparties/common/include/openssl/des_old.h +++ b/thirdparties/common/include/openssl/des_old.h @@ -1,4 +1,4 @@ -/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/des/des_old.h */ /*- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING diff --git a/thirdparties/common/include/openssl/dh.h b/thirdparties/common/include/openssl/dh.h index 0502f1a..a5bd901 100755..100644 --- a/thirdparties/common/include/openssl/dh.h +++ b/thirdparties/common/include/openssl/dh.h @@ -142,7 +142,7 @@ struct dh_st { BIGNUM *p; BIGNUM *g; long length; /* optional */ - BIGNUM *pub_key; /* g^x */ + BIGNUM *pub_key; /* g^x % p */ BIGNUM *priv_key; /* x */ int flags; BN_MONT_CTX *method_mont_p; @@ -174,6 +174,7 @@ struct dh_st { /* DH_check_pub_key error codes */ # define DH_CHECK_PUBKEY_TOO_SMALL 0x01 # define DH_CHECK_PUBKEY_TOO_LARGE 0x02 +# define DH_CHECK_PUBKEY_INVALID 0x04 /* * primes p where (p-1)/2 is prime too are called "safe"; we define this for diff --git a/thirdparties/common/include/openssl/dsa.h b/thirdparties/common/include/openssl/dsa.h index af8d8d2..545358f 100755..100644 --- a/thirdparties/common/include/openssl/dsa.h +++ b/thirdparties/common/include/openssl/dsa.h @@ -206,7 +206,7 @@ void DSA_free(DSA *r); /* "up" the DSA object's reference count */ int DSA_up_ref(DSA *r); int DSA_size(const DSA *); -/* next 4 return -1 on error */ + /* next 4 return -1 on error */ int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, unsigned int *siglen, DSA *dsa); @@ -226,7 +226,7 @@ DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length); DSA *DSA_generate_parameters(int bits, unsigned char *seed, int seed_len, int *counter_ret, unsigned long *h_ret, void - (*callback) (int, int, void *), void *cb_arg); + (*callback) (int, int, void *), void *cb_arg); # endif /* !defined(OPENSSL_NO_DEPRECATED) */ /* New version */ diff --git a/thirdparties/common/include/openssl/dso.h b/thirdparties/common/include/openssl/dso.h index 24b5655..c9013f5 100755..100644 --- a/thirdparties/common/include/openssl/dso.h +++ b/thirdparties/common/include/openssl/dso.h @@ -1,4 +1,4 @@ -/* dso.h -*- mode:C; c-file-style: "eay" -*- */ +/* dso.h */ /* * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project * 2000. @@ -157,7 +157,7 @@ typedef struct dso_meth_st { * libraries at all, let alone a DSO_METHOD implemented for them. */ DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname); - /* I don't think this would actually be used in any circumstances. */ +/* I don't think this would actually be used in any circumstances. */ # if 0 /* Unbinds a variable */ int (*dso_unbind_var) (DSO *dso, char *symname, void *symptr); diff --git a/thirdparties/common/include/openssl/dtls1.h b/thirdparties/common/include/openssl/dtls1.h index 30bbcf2..30bbcf2 100755..100644 --- a/thirdparties/common/include/openssl/dtls1.h +++ b/thirdparties/common/include/openssl/dtls1.h diff --git a/thirdparties/common/include/openssl/e_os2.h b/thirdparties/common/include/openssl/e_os2.h index 613607f..7be9989 100755..100644 --- a/thirdparties/common/include/openssl/e_os2.h +++ b/thirdparties/common/include/openssl/e_os2.h @@ -109,6 +109,12 @@ extern "C" { # undef OPENSSL_SYS_UNIX # define OPENSSL_SYS_WIN32 # endif +# if defined(_WIN64) || defined(OPENSSL_SYSNAME_WIN64) +# undef OPENSSL_SYS_UNIX +# if !defined(OPENSSL_SYS_WIN64) +# define OPENSSL_SYS_WIN64 +# endif +# endif # if defined(OPENSSL_SYSNAME_WINNT) # undef OPENSSL_SYS_UNIX # define OPENSSL_SYS_WINNT @@ -121,7 +127,7 @@ extern "C" { # endif /* Anything that tries to look like Microsoft is "Windows" */ -# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE) +# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN64) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE) # undef OPENSSL_SYS_UNIX # define OPENSSL_SYS_WINDOWS # ifndef OPENSSL_SYS_MSDOS diff --git a/thirdparties/common/include/openssl/ebcdic.h b/thirdparties/common/include/openssl/ebcdic.h index 4cbdfeb..4cbdfeb 100755..100644 --- a/thirdparties/common/include/openssl/ebcdic.h +++ b/thirdparties/common/include/openssl/ebcdic.h diff --git a/thirdparties/common/include/openssl/ec.h b/thirdparties/common/include/openssl/ec.h index 020dcaa..81e6faf 100755..100644 --- a/thirdparties/common/include/openssl/ec.h +++ b/thirdparties/common/include/openssl/ec.h @@ -103,29 +103,28 @@ extern "C" { /** Enum for the point conversion form as defined in X9.62 (ECDSA) * for the encoding of a elliptic curve point (x,y) */ typedef enum { - /** the point is encoded as z||x, where the octet z specifies - * which solution of the quadratic equation y is */ + /** the point is encoded as z||x, where the octet z specifies + * which solution of the quadratic equation y is */ POINT_CONVERSION_COMPRESSED = 2, - /** the point is encoded as z||x||y, where z is the octet 0x02 */ + /** the point is encoded as z||x||y, where z is the octet 0x04 */ POINT_CONVERSION_UNCOMPRESSED = 4, - /** the point is encoded as z||x||y, where the octet z specifies - * which solution of the quadratic equation y is */ + /** the point is encoded as z||x||y, where the octet z specifies + * which solution of the quadratic equation y is */ POINT_CONVERSION_HYBRID = 6 -} -point_conversion_form_t; +} point_conversion_form_t; typedef struct ec_method_st EC_METHOD; typedef struct ec_group_st -/*- - EC_METHOD *meth; - -- field definition - -- curve coefficients - -- optional generator with associated information (order, cofactor) - -- optional extra data (precomputed table for fast computation of multiples of generator) - -- ASN1 stuff -*/ - EC_GROUP; + /*- + EC_METHOD *meth; + -- field definition + -- curve coefficients + -- optional generator with associated information (order, cofactor) + -- optional extra data (precomputed table for fast computation of multiples of generator) + -- ASN1 stuff + */ + EC_GROUP; typedef struct ec_point_st EC_POINT; @@ -472,9 +471,9 @@ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point); * \return 1 on success and 0 if an error occured */ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, - EC_POINT *p, const BIGNUM *x, - const BIGNUM *y, const BIGNUM *z, - BN_CTX *ctx); + EC_POINT *p, const BIGNUM *x, + const BIGNUM *y, const BIGNUM *z, + BN_CTX *ctx); /** Gets the jacobian projective coordinates of a EC_POINT over GFp * \param group underlying EC_GROUP object @@ -486,9 +485,9 @@ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, * \return 1 on success and 0 if an error occured */ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group, - const EC_POINT *p, BIGNUM *x, - BIGNUM *y, BIGNUM *z, - BN_CTX *ctx); + const EC_POINT *p, BIGNUM *x, + BIGNUM *y, BIGNUM *z, + BN_CTX *ctx); /** Sets the affine coordinates of a EC_POINT over GFp * \param group underlying EC_GROUP object @@ -523,8 +522,8 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, * \return 1 on success and 0 if an error occured */ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, - EC_POINT *p, const BIGNUM *x, - int y_bit, BN_CTX *ctx); + EC_POINT *p, const BIGNUM *x, + int y_bit, BN_CTX *ctx); # ifndef OPENSSL_NO_EC2M /** Sets the affine coordinates of a EC_POINT over GF2m * \param group underlying EC_GROUP object @@ -535,8 +534,8 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, * \return 1 on success and 0 if an error occured */ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, - const BIGNUM *x, const BIGNUM *y, - BN_CTX *ctx); + const BIGNUM *x, const BIGNUM *y, + BN_CTX *ctx); /** Gets the affine coordinates of a EC_POINT over GF2m * \param group underlying EC_GROUP object @@ -547,8 +546,8 @@ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, * \return 1 on success and 0 if an error occured */ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, - const EC_POINT *p, BIGNUM *x, - BIGNUM *y, BN_CTX *ctx); + const EC_POINT *p, BIGNUM *x, + BIGNUM *y, BN_CTX *ctx); /** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m * \param group underlying EC_GROUP object @@ -559,8 +558,8 @@ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, * \return 1 on success and 0 if an error occured */ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, - EC_POINT *p, const BIGNUM *x, - int y_bit, BN_CTX *ctx); + EC_POINT *p, const BIGNUM *x, + int y_bit, BN_CTX *ctx); # endif /** Encodes a EC_POINT object to a octet string * \param group underlying EC_GROUP object @@ -885,7 +884,7 @@ int EC_KEY_check_key(const EC_KEY *key); * \return 1 on success and 0 otherwise. */ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, - BIGNUM *y); + BIGNUM *y); /********************************************************************/ /* de- and encoding functions for SEC1 ECPrivateKey */ @@ -1098,6 +1097,12 @@ void ERR_load_EC_strings(void); # define EC_F_ECPARAMETERS_PRINT_FP 148 # define EC_F_ECPKPARAMETERS_PRINT 149 # define EC_F_ECPKPARAMETERS_PRINT_FP 150 +# define EC_F_ECP_NISTZ256_GET_AFFINE 240 +# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243 +# define EC_F_ECP_NISTZ256_POINTS_MUL 241 +# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244 +# define EC_F_ECP_NISTZ256_SET_WORDS 245 +# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242 # define EC_F_ECP_NIST_MOD_192 203 # define EC_F_ECP_NIST_MOD_224 204 # define EC_F_ECP_NIST_MOD_256 205 @@ -1209,11 +1214,6 @@ void ERR_load_EC_strings(void); # define EC_F_NISTP224_PRE_COMP_NEW 227 # define EC_F_NISTP256_PRE_COMP_NEW 236 # define EC_F_NISTP521_PRE_COMP_NEW 237 -# define EC_F_ECP_NISTZ256_GET_AFFINE 240 -# define EC_F_ECP_NISTZ256_POINTS_MUL 241 -# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242 -# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243 -# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244 # define EC_F_O2I_ECPUBLICKEY 152 # define EC_F_OLD_EC_PRIV_DECODE 222 # define EC_F_PKEY_EC_CTRL 197 diff --git a/thirdparties/common/include/openssl/ecdh.h b/thirdparties/common/include/openssl/ecdh.h index d688275..25348b3 100755..100644 --- a/thirdparties/common/include/openssl/ecdh.h +++ b/thirdparties/common/include/openssl/ecdh.h @@ -95,7 +95,7 @@ int ECDH_set_method(EC_KEY *, const ECDH_METHOD *); int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen, - void *out, size_t *outlen)); + void *out, size_t *outlen)); int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, diff --git a/thirdparties/common/include/openssl/ecdsa.h b/thirdparties/common/include/openssl/ecdsa.h index a919198..a6f0930 100755..100644 --- a/thirdparties/common/include/openssl/ecdsa.h +++ b/thirdparties/common/include/openssl/ecdsa.h @@ -233,7 +233,7 @@ void *ECDSA_get_ex_data(EC_KEY *d, int idx); * \return pointer to a ECDSA_METHOD structure or NULL if an error occurred */ -ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method); +ECDSA_METHOD *ECDSA_METHOD_new(const ECDSA_METHOD *ecdsa_method); /** frees a ECDSA_METHOD structure * \param ecdsa_method pointer to the ECDSA_METHOD structure @@ -261,10 +261,10 @@ void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method); void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method, ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char - *dgst, int dgst_len, - const BIGNUM *inv, - const BIGNUM *rp, - EC_KEY *eckey)); + *dgst, int dgst_len, + const BIGNUM *inv, + const BIGNUM *rp, + EC_KEY *eckey)); /** Set the ECDSA_sign_setup function in the ECDSA_METHOD * \param ecdsa_method pointer to existing ECDSA_METHOD @@ -273,9 +273,9 @@ void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method, void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method, int (*ecdsa_sign_setup) (EC_KEY *eckey, - BN_CTX *ctx, - BIGNUM **kinv, - BIGNUM **r)); + BN_CTX *ctx, + BIGNUM **kinv, + BIGNUM **r)); /** Set the ECDSA_do_verify function in the ECDSA_METHOD * \param ecdsa_method pointer to existing ECDSA_METHOD @@ -284,9 +284,9 @@ void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method, void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method, int (*ecdsa_do_verify) (const unsigned char - *dgst, int dgst_len, - const ECDSA_SIG *sig, - EC_KEY *eckey)); + *dgst, int dgst_len, + const ECDSA_SIG *sig, + EC_KEY *eckey)); void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags); diff --git a/thirdparties/common/include/openssl/engine.h b/thirdparties/common/include/openssl/engine.h index dba27c3..bd7b591 100755..100644 --- a/thirdparties/common/include/openssl/engine.h +++ b/thirdparties/common/include/openssl/engine.h @@ -299,16 +299,16 @@ extern "C" { /* Flags specific to the nCipher "chil" engine */ # define ENGINE_CTRL_CHIL_SET_FORKCHECK 100 -/* - * Depending on the value of the (long)i argument, this sets or - * unsets the SimpleForkCheck flag in the CHIL API to enable or - * disable checking and workarounds for applications that fork(). - */ + /* + * Depending on the value of the (long)i argument, this sets or + * unsets the SimpleForkCheck flag in the CHIL API to enable or + * disable checking and workarounds for applications that fork(). + */ # define ENGINE_CTRL_CHIL_NO_LOCKING 101 -/* - * This prevents the initialisation function from providing mutex - * callbacks to the nCipher library. - */ + /* + * This prevents the initialisation function from providing mutex + * callbacks to the nCipher library. + */ /* * If an ENGINE supports its own specific control commands and wishes the @@ -336,14 +336,14 @@ typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *, void (*f) (void)); /* Generic load_key function pointer */ typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, - UI_METHOD *ui_method, - void *callback_data); + UI_METHOD *ui_method, + void *callback_data); typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl, - STACK_OF(X509_NAME) *ca_dn, - X509 **pcert, EVP_PKEY **pkey, - STACK_OF(X509) **pother, - UI_METHOD *ui_method, - void *callback_data); + STACK_OF(X509_NAME) *ca_dn, + X509 **pcert, EVP_PKEY **pkey, + STACK_OF(X509) **pother, + UI_METHOD *ui_method, + void *callback_data); /*- * These callback types are for an ENGINE's handler for cipher and digest logic. * These handlers have these prototypes; @@ -366,7 +366,7 @@ typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **, typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **, const int **, int); typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **, - const int **, int); + const int **, int); /* * STRUCTURE functions ... all of these functions deal with pointers to * ENGINE structures where the pointers have a "structural reference". This @@ -567,8 +567,8 @@ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f); int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f); int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, - ENGINE_SSL_CLIENT_CERT_PTR - loadssl_f); + ENGINE_SSL_CLIENT_CERT_PTR + loadssl_f); int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f); @@ -612,7 +612,7 @@ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e); ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e); ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e); ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE - *e); + *e); ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e); @@ -622,11 +622,11 @@ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid); const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid); const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e, - const char *str, - int len); + const char *str, + int len); const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe, - const char *str, - int len); + const char *str, + int len); const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); int ENGINE_get_flags(const ENGINE *e); @@ -763,7 +763,7 @@ typedef struct st_dynamic_MEM_fns { typedef void (*dyn_lock_locking_cb) (int, int, const char *, int); typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int); typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *, - int); + int); typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *, const char *, int); typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *, diff --git a/thirdparties/common/include/openssl/err.h b/thirdparties/common/include/openssl/err.h index 488a6f7..585aa8b 100755..100644 --- a/thirdparties/common/include/openssl/err.h +++ b/thirdparties/common/include/openssl/err.h @@ -329,7 +329,7 @@ unsigned long ERR_peek_error_line_data(const char **file, int *line, unsigned long ERR_peek_last_error(void); unsigned long ERR_peek_last_error_line(const char **file, int *line); unsigned long ERR_peek_last_error_line_data(const char **file, int *line, - const char **data, int *flags); + const char **data, int *flags); void ERR_clear_error(void); char *ERR_error_string(unsigned long e, char *buf); void ERR_error_string_n(unsigned long e, char *buf, size_t len); diff --git a/thirdparties/common/include/openssl/evp.h b/thirdparties/common/include/openssl/evp.h index df0dead..39ab793 100755..100644 --- a/thirdparties/common/include/openssl/evp.h +++ b/thirdparties/common/include/openssl/evp.h @@ -103,7 +103,6 @@ # define EVP_PKS_RSA 0x0100 # define EVP_PKS_DSA 0x0200 # define EVP_PKS_EC 0x0400 -# define EVP_PKT_EXP 0x1000 /* <= 512 bit key */ # define EVP_PKEY_NONE NID_undef # define EVP_PKEY_RSA NID_rsaEncryption @@ -424,6 +423,9 @@ struct evp_cipher_st { # define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b # define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c +/* RFC 5246 defines additional data to be 13 bytes in length */ +# define EVP_AEAD_TLS1_AAD_LEN 13 + typedef struct { unsigned char *out; const unsigned char *inp; @@ -928,15 +930,15 @@ void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph, const char *from, const char *to, void *x), void *arg); void EVP_CIPHER_do_all_sorted(void (*fn) - (const EVP_CIPHER *ciph, const char *from, - const char *to, void *x), void *arg); + (const EVP_CIPHER *ciph, const char *from, + const char *to, void *x), void *arg); void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph, const char *from, const char *to, void *x), void *arg); void EVP_MD_do_all_sorted(void (*fn) - (const EVP_MD *ciph, const char *from, - const char *to, void *x), void *arg); + (const EVP_MD *ciph, const char *from, + const char *to, void *x), void *arg); int EVP_PKEY_decrypt_old(unsigned char *dec_key, const unsigned char *enc_key, int enc_key_len, @@ -1063,7 +1065,7 @@ int EVP_PKEY_asn1_get_count(void); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe, - const char *str, int len); + const char *str, int len); int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth); int EVP_PKEY_asn1_add_alias(int to, int from); int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, @@ -1080,47 +1082,60 @@ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth); void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, int (*pub_decode) (EVP_PKEY *pk, - X509_PUBKEY *pub), + X509_PUBKEY *pub), int (*pub_encode) (X509_PUBKEY *pub, - const EVP_PKEY *pk), + const EVP_PKEY *pk), int (*pub_cmp) (const EVP_PKEY *a, - const EVP_PKEY *b), + const EVP_PKEY *b), int (*pub_print) (BIO *out, - const EVP_PKEY *pkey, - int indent, ASN1_PCTX *pctx), + const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx), int (*pkey_size) (const EVP_PKEY *pk), int (*pkey_bits) (const EVP_PKEY *pk)); void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, int (*priv_decode) (EVP_PKEY *pk, - PKCS8_PRIV_KEY_INFO - *p8inf), + PKCS8_PRIV_KEY_INFO + *p8inf), int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, - const EVP_PKEY *pk), + const EVP_PKEY *pk), int (*priv_print) (BIO *out, - const EVP_PKEY *pkey, - int indent, - ASN1_PCTX *pctx)); + const EVP_PKEY *pkey, + int indent, + ASN1_PCTX *pctx)); void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, int (*param_decode) (EVP_PKEY *pkey, - const unsigned char **pder, - int derlen), + const unsigned char **pder, + int derlen), int (*param_encode) (const EVP_PKEY *pkey, - unsigned char **pder), + unsigned char **pder), int (*param_missing) (const EVP_PKEY *pk), int (*param_copy) (EVP_PKEY *to, - const EVP_PKEY *from), + const EVP_PKEY *from), int (*param_cmp) (const EVP_PKEY *a, - const EVP_PKEY *b), + const EVP_PKEY *b), int (*param_print) (BIO *out, - const EVP_PKEY *pkey, - int indent, - ASN1_PCTX *pctx)); + const EVP_PKEY *pkey, + int indent, + ASN1_PCTX *pctx)); void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, void (*pkey_free) (EVP_PKEY *pkey)); void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_ctrl) (EVP_PKEY *pkey, int op, - long arg1, void *arg2)); + long arg1, void *arg2)); +void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth, + int (*item_verify) (EVP_MD_CTX *ctx, + const ASN1_ITEM *it, + void *asn, + X509_ALGOR *a, + ASN1_BIT_STRING *sig, + EVP_PKEY *pkey), + int (*item_sign) (EVP_MD_CTX *ctx, + const ASN1_ITEM *it, + void *asn, + X509_ALGOR *alg1, + X509_ALGOR *alg2, + ASN1_BIT_STRING *sig)); # define EVP_PKEY_OP_UNDEFINED 0 # define EVP_PKEY_OP_PARAMGEN (1<<1) @@ -1261,7 +1276,7 @@ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, int (*copy) (EVP_PKEY_CTX *dst, - EVP_PKEY_CTX *src)); + EVP_PKEY_CTX *src)); void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, void (*cleanup) (EVP_PKEY_CTX *ctx)); @@ -1269,84 +1284,84 @@ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, int (*paramgen_init) (EVP_PKEY_CTX *ctx), int (*paramgen) (EVP_PKEY_CTX *ctx, - EVP_PKEY *pkey)); + EVP_PKEY *pkey)); void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, int (*keygen_init) (EVP_PKEY_CTX *ctx), int (*keygen) (EVP_PKEY_CTX *ctx, - EVP_PKEY *pkey)); + EVP_PKEY *pkey)); void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, int (*sign_init) (EVP_PKEY_CTX *ctx), int (*sign) (EVP_PKEY_CTX *ctx, - unsigned char *sig, size_t *siglen, - const unsigned char *tbs, - size_t tbslen)); + unsigned char *sig, size_t *siglen, + const unsigned char *tbs, + size_t tbslen)); void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, int (*verify_init) (EVP_PKEY_CTX *ctx), int (*verify) (EVP_PKEY_CTX *ctx, - const unsigned char *sig, - size_t siglen, - const unsigned char *tbs, - size_t tbslen)); + const unsigned char *sig, + size_t siglen, + const unsigned char *tbs, + size_t tbslen)); void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, int (*verify_recover_init) (EVP_PKEY_CTX - *ctx), + *ctx), int (*verify_recover) (EVP_PKEY_CTX - *ctx, - unsigned char - *sig, - size_t *siglen, - const unsigned - char *tbs, - size_t tbslen)); + *ctx, + unsigned char + *sig, + size_t *siglen, + const unsigned + char *tbs, + size_t tbslen)); void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, int (*signctx_init) (EVP_PKEY_CTX *ctx, - EVP_MD_CTX *mctx), + EVP_MD_CTX *mctx), int (*signctx) (EVP_PKEY_CTX *ctx, - unsigned char *sig, - size_t *siglen, - EVP_MD_CTX *mctx)); + unsigned char *sig, + size_t *siglen, + EVP_MD_CTX *mctx)); void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, int (*verifyctx_init) (EVP_PKEY_CTX *ctx, - EVP_MD_CTX *mctx), + EVP_MD_CTX *mctx), int (*verifyctx) (EVP_PKEY_CTX *ctx, - const unsigned char *sig, - int siglen, - EVP_MD_CTX *mctx)); + const unsigned char *sig, + int siglen, + EVP_MD_CTX *mctx)); void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, int (*encrypt_init) (EVP_PKEY_CTX *ctx), int (*encryptfn) (EVP_PKEY_CTX *ctx, - unsigned char *out, - size_t *outlen, - const unsigned char *in, - size_t inlen)); + unsigned char *out, + size_t *outlen, + const unsigned char *in, + size_t inlen)); void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, int (*decrypt_init) (EVP_PKEY_CTX *ctx), int (*decrypt) (EVP_PKEY_CTX *ctx, - unsigned char *out, - size_t *outlen, - const unsigned char *in, - size_t inlen)); + unsigned char *out, + size_t *outlen, + const unsigned char *in, + size_t inlen)); void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, int (*derive_init) (EVP_PKEY_CTX *ctx), int (*derive) (EVP_PKEY_CTX *ctx, - unsigned char *key, - size_t *keylen)); + unsigned char *key, + size_t *keylen)); void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, - void *p2), + void *p2), int (*ctrl_str) (EVP_PKEY_CTX *ctx, - const char *type, - const char *value)); + const char *type, + const char *value)); void EVP_add_alg_module(void); diff --git a/thirdparties/common/include/openssl/hmac.h b/thirdparties/common/include/openssl/hmac.h index b8b55cd..b8b55cd 100755..100644 --- a/thirdparties/common/include/openssl/hmac.h +++ b/thirdparties/common/include/openssl/hmac.h diff --git a/thirdparties/common/include/openssl/idea.h b/thirdparties/common/include/openssl/idea.h index 6075984..6075984 100755..100644 --- a/thirdparties/common/include/openssl/idea.h +++ b/thirdparties/common/include/openssl/idea.h diff --git a/thirdparties/common/include/openssl/krb5_asn.h b/thirdparties/common/include/openssl/krb5_asn.h index 9cf5a26..9cf5a26 100755..100644 --- a/thirdparties/common/include/openssl/krb5_asn.h +++ b/thirdparties/common/include/openssl/krb5_asn.h diff --git a/thirdparties/common/include/openssl/kssl.h b/thirdparties/common/include/openssl/kssl.h index 9a57672..ae8a51f 100755..100644 --- a/thirdparties/common/include/openssl/kssl.h +++ b/thirdparties/common/include/openssl/kssl.h @@ -1,4 +1,4 @@ -/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */ +/* ssl/kssl.h */ /* * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project * 2000. project 2000. diff --git a/thirdparties/common/include/openssl/lhash.h b/thirdparties/common/include/openssl/lhash.h index b6c328b..b6c328b 100755..100644 --- a/thirdparties/common/include/openssl/lhash.h +++ b/thirdparties/common/include/openssl/lhash.h diff --git a/thirdparties/common/include/openssl/md4.h b/thirdparties/common/include/openssl/md4.h index 11fd712..11fd712 100755..100644 --- a/thirdparties/common/include/openssl/md4.h +++ b/thirdparties/common/include/openssl/md4.h diff --git a/thirdparties/common/include/openssl/md5.h b/thirdparties/common/include/openssl/md5.h index 2659038..2659038 100755..100644 --- a/thirdparties/common/include/openssl/md5.h +++ b/thirdparties/common/include/openssl/md5.h diff --git a/thirdparties/common/include/openssl/mdc2.h b/thirdparties/common/include/openssl/mdc2.h index 7efe53b..7efe53b 100755..100644 --- a/thirdparties/common/include/openssl/mdc2.h +++ b/thirdparties/common/include/openssl/mdc2.h diff --git a/thirdparties/common/include/openssl/modes.h b/thirdparties/common/include/openssl/modes.h index fd48849..fd48849 100755..100644 --- a/thirdparties/common/include/openssl/modes.h +++ b/thirdparties/common/include/openssl/modes.h diff --git a/thirdparties/common/include/openssl/obj_mac.h b/thirdparties/common/include/openssl/obj_mac.h index 779c309..779c309 100755..100644 --- a/thirdparties/common/include/openssl/obj_mac.h +++ b/thirdparties/common/include/openssl/obj_mac.h diff --git a/thirdparties/common/include/openssl/objects.h b/thirdparties/common/include/openssl/objects.h index b8dafa8..b8dafa8 100755..100644 --- a/thirdparties/common/include/openssl/objects.h +++ b/thirdparties/common/include/openssl/objects.h diff --git a/thirdparties/common/include/openssl/ocsp.h b/thirdparties/common/include/openssl/ocsp.h index 89c052b..ca2ee76 100755..100644 --- a/thirdparties/common/include/openssl/ocsp.h +++ b/thirdparties/common/include/openssl/ocsp.h @@ -274,26 +274,26 @@ typedef struct ocsp_response_data_st { * signature BIT STRING, * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } */ -/* - * Note 1: The value for "signature" is specified in the OCSP rfc2560 as - * follows: "The value for the signature SHALL be computed on the hash of - * the DER encoding ResponseData." This means that you must hash the - * DER-encoded tbsResponseData, and then run it through a crypto-signing - * function, which will (at least w/RSA) do a hash-'n'-private-encrypt - * operation. This seems a bit odd, but that's the spec. Also note that - * the data structures do not leave anywhere to independently specify the - * algorithm used for the initial hash. So, we look at the - * signature-specification algorithm, and try to do something intelligent. - * -- Kathy Weinhold, CertCo - */ -/* - * Note 2: It seems that the mentioned passage from RFC 2560 (section - * 4.2.1) is open for interpretation. I've done tests against another - * responder, and found that it doesn't do the double hashing that the RFC - * seems to say one should. Therefore, all relevant functions take a flag - * saying which variant should be used. -- Richard Levitte, OpenSSL team - * and CeloCom - */ + /* + * Note 1: The value for "signature" is specified in the OCSP rfc2560 as + * follows: "The value for the signature SHALL be computed on the hash of + * the DER encoding ResponseData." This means that you must hash the + * DER-encoded tbsResponseData, and then run it through a crypto-signing + * function, which will (at least w/RSA) do a hash-'n'-private-encrypt + * operation. This seems a bit odd, but that's the spec. Also note that + * the data structures do not leave anywhere to independently specify the + * algorithm used for the initial hash. So, we look at the + * signature-specification algorithm, and try to do something intelligent. + * -- Kathy Weinhold, CertCo + */ + /* + * Note 2: It seems that the mentioned passage from RFC 2560 (section + * 4.2.1) is open for interpretation. I've done tests against another + * responder, and found that it doesn't do the double hashing that the RFC + * seems to say one should. Therefore, all relevant functions take a flag + * saying which variant should be used. -- Richard Levitte, OpenSSL team + * and CeloCom + */ typedef struct ocsp_basic_response_st { OCSP_RESPDATA *tbsResponseData; X509_ALGOR *signatureAlgorithm; diff --git a/thirdparties/common/include/openssl/opensslconf.h b/thirdparties/common/include/openssl/opensslconf.h index 8d1f983..bc71549 100755..100644 --- a/thirdparties/common/include/openssl/opensslconf.h +++ b/thirdparties/common/include/openssl/opensslconf.h @@ -5,8 +5,8 @@ extern "C" { #endif /* OpenSSL was configured with the following options: */ -#ifndef OPENSSL_SYSNAME_MACOSX -# define OPENSSL_SYSNAME_MACOSX +#ifndef OPENSSL_SYSNAME_WIN32 +# define OPENSSL_SYSNAME_WIN32 #endif #ifndef OPENSSL_DOING_MAKEDEPEND @@ -41,21 +41,24 @@ extern "C" { #ifndef OPENSSL_NO_SSL_TRACE # define OPENSSL_NO_SSL_TRACE #endif +#ifndef OPENSSL_NO_SSL2 +# define OPENSSL_NO_SSL2 +#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif #ifndef OPENSSL_NO_UNIT_TEST # define OPENSSL_NO_UNIT_TEST #endif +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS +# define OPENSSL_NO_WEAK_SSL_CIPHERS +#endif #endif /* OPENSSL_DOING_MAKEDEPEND */ #ifndef OPENSSL_THREADS # define OPENSSL_THREADS #endif -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -# define OPENSSL_NO_DYNAMIC_ENGINE -#endif /* The OPENSSL_NO_* macros are also defined as NO_* if the application asks for it. This is a transient feature that is provided for those @@ -92,12 +95,18 @@ extern "C" { # if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE) # define NO_SSL_TRACE # endif +# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) +# define NO_SSL2 +# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif # if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) # define NO_UNIT_TEST # endif +# if defined(OPENSSL_NO_WEAK_SSL_CIPHERS) && !defined(NO_WEAK_SSL_CIPHERS) +# define NO_WEAK_SSL_CIPHERS +# endif #endif #define OPENSSL_CPUID_OBJ @@ -109,8 +118,8 @@ extern "C" { #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) -#define ENGINESDIR "/tmp/openssl-1.0.2a-i386/lib/engines" -#define OPENSSLDIR "/tmp/openssl-1.0.2a-i386" +#define ENGINESDIR "T:\\Build-OpenSSL-VC32-Release-DLL/lib/engines" +#define OPENSSLDIR "T:\\Build-OpenSSL-VC32-Release-DLL/ssl" #endif #endif @@ -118,6 +127,7 @@ extern "C" { #define OPENSSL_UNISTD <unistd.h> #undef OPENSSL_EXPORT_VAR_AS_FUNCTION +#define OPENSSL_EXPORT_VAR_AS_FUNCTION #if defined(HEADER_IDEA_H) && !defined(IDEA_INT) #define IDEA_INT unsigned int @@ -148,7 +158,7 @@ extern "C" { * This enables code handling data aligned at natural CPU word * boundary. See crypto/rc4/rc4_enc.c for further details. */ -#define RC4_CHUNK unsigned long +#undef RC4_CHUNK #endif #endif @@ -176,12 +186,12 @@ extern "C" { #define CONFIG_HEADER_RC4_LOCL_H /* if this is defined data[i] is used instead of *data, this is a %20 * speedup on x86 */ -#undef RC4_INDEX +#define RC4_INDEX #endif #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) #define CONFIG_HEADER_BF_LOCL_H -#define BF_PTR +#undef BF_PTR #endif /* HEADER_BF_LOCL_H */ #if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) @@ -205,13 +215,13 @@ extern "C" { #endif #if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! +#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. * Very mucy CPU dependant */ #ifndef DES_UNROLL -#define DES_UNROLL +#undef DES_UNROLL #endif /* These default values were supplied by @@ -223,8 +233,8 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! even newer MIPS CPU's, but at the moment one size fits all for optimization options. Older Sparc's work better with only UNROLL, but there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ + +#if defined( __sun ) || defined ( sun ) /* Newer Sparc's */ # define DES_PTR # define DES_RISC1 # define DES_UNROLL @@ -236,11 +246,11 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! # define DES_PTR # define DES_RISC2 #elif defined ( _AIX ) /* RS6000 */ -/* Unknown */ + /* Unknown */ #elif defined( __hpux ) /* HP-PA */ -/* Unknown */ + /* Unknown */ #elif defined( __aux ) /* 68K */ -/* Unknown */ + /* Unknown */ #elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ # define DES_UNROLL #elif defined( __sgi ) /* Newer MIPS */ diff --git a/thirdparties/common/include/openssl/opensslv.h b/thirdparties/common/include/openssl/opensslv.h index 4f20b97..13fe440 100755..100644 --- a/thirdparties/common/include/openssl/opensslv.h +++ b/thirdparties/common/include/openssl/opensslv.h @@ -30,11 +30,11 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x1000201fL +# define OPENSSL_VERSION_NUMBER 0x1000208fL # ifdef OPENSSL_FIPS -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2a-fips 19 Mar 2015" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2h-fips 3 May 2016" # else -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2a 19 Mar 2015" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2h 3 May 2016" # endif # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/thirdparties/common/include/openssl/ossl_typ.h b/thirdparties/common/include/openssl/ossl_typ.h index 65572c7..9144ea2 100755..100644 --- a/thirdparties/common/include/openssl/ossl_typ.h +++ b/thirdparties/common/include/openssl/ossl_typ.h @@ -188,7 +188,7 @@ typedef struct DIST_POINT_st DIST_POINT; typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT; typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS; -/* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */ + /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */ # define DECLARE_PKCS12_STACK_OF(type)/* Nothing */ # define IMPLEMENT_PKCS12_STACK_OF(type)/* Nothing */ diff --git a/thirdparties/common/include/openssl/pem.h b/thirdparties/common/include/openssl/pem.h index 3f6e7a1..d3b23fc 100755..100644 --- a/thirdparties/common/include/openssl/pem.h +++ b/thirdparties/common/include/openssl/pem.h @@ -138,10 +138,10 @@ extern "C" { # define PEM_STRING_PARAMETERS "PARAMETERS" # define PEM_STRING_CMS "CMS" -/* - * Note that this structure is initialised by PEM_SealInit and cleaned up - * by PEM_SealFinal (at least for now) - */ + /* + * Note that this structure is initialised by PEM_SealInit and cleaned up + * by PEM_SealFinal (at least for now) + */ typedef struct PEM_Encode_Seal_st { EVP_ENCODE_CTX encode; EVP_MD_CTX md; @@ -182,9 +182,9 @@ typedef struct pem_ctx_st { int num_recipient; PEM_USER **recipient; - /*- - XXX(ben): don#t think this is used! - STACK *x509_chain; / * certificate chain */ +/*- + XXX(ben): don#t think this is used! + STACK *x509_chain; / * certificate chain */ EVP_MD *md; /* signature type */ int md_enc; /* is the md encrypted or not? */ @@ -194,9 +194,9 @@ typedef struct pem_ctx_st { EVP_CIPHER *dec; /* date encryption cipher */ int key_len; /* key length */ unsigned char *key; /* key */ - /*- - unused, and wrong size - unsigned char iv[8]; */ + /*- + unused, and wrong size + unsigned char iv[8]; */ int data_enc; /* is the data encrypted */ int data_len; @@ -411,7 +411,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, pem_password_cb *cb, void *u); STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u); + pem_password_cb *cb, void *u); int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cd, void *u); diff --git a/thirdparties/common/include/openssl/pem2.h b/thirdparties/common/include/openssl/pem2.h index 84897d5..84897d5 100755..100644 --- a/thirdparties/common/include/openssl/pem2.h +++ b/thirdparties/common/include/openssl/pem2.h diff --git a/thirdparties/common/include/openssl/pkcs12.h b/thirdparties/common/include/openssl/pkcs12.h index 31c781a..a39adf5 100755..100644 --- a/thirdparties/common/include/openssl/pkcs12.h +++ b/thirdparties/common/include/openssl/pkcs12.h @@ -175,12 +175,12 @@ X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag); X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag); PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, - int nid1, int nid2); + int nid1, int nid2); PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8); PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass, int passlen); PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag, - const char *pass, int passlen); + const char *pass, int passlen); X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8); @@ -194,7 +194,7 @@ PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, STACK_OF(PKCS12_SAFEBAG) *bags); STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, - int passlen); + int passlen); int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes); STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12); @@ -218,9 +218,9 @@ void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf); ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, - const ASN1_ITEM *it, - const char *pass, int passlen, - void *obj, int zbuf); + const ASN1_ITEM *it, + const char *pass, int passlen, + void *obj, int zbuf); PKCS12 *PKCS12_init(int mode); int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, diff --git a/thirdparties/common/include/openssl/pkcs7.h b/thirdparties/common/include/openssl/pkcs7.h index 49d9a3b..b51b386 100755..100644 --- a/thirdparties/common/include/openssl/pkcs7.h +++ b/thirdparties/common/include/openssl/pkcs7.h @@ -339,8 +339,8 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags); PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, - X509 *signcert, EVP_PKEY *pkey, - const EVP_MD *md, int flags); + X509 *signcert, EVP_PKEY *pkey, + const EVP_MD *md, int flags); int PKCS7_final(PKCS7 *p7, BIO *data, int flags); int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, diff --git a/thirdparties/common/include/openssl/pqueue.h b/thirdparties/common/include/openssl/pqueue.h index d40d9c7..d40d9c7 100755..100644 --- a/thirdparties/common/include/openssl/pqueue.h +++ b/thirdparties/common/include/openssl/pqueue.h diff --git a/thirdparties/common/include/openssl/rand.h b/thirdparties/common/include/openssl/rand.h index 2553afd..2553afd 100755..100644 --- a/thirdparties/common/include/openssl/rand.h +++ b/thirdparties/common/include/openssl/rand.h diff --git a/thirdparties/common/include/openssl/rc2.h b/thirdparties/common/include/openssl/rc2.h index 29d02d7..29d02d7 100755..100644 --- a/thirdparties/common/include/openssl/rc2.h +++ b/thirdparties/common/include/openssl/rc2.h diff --git a/thirdparties/common/include/openssl/rc4.h b/thirdparties/common/include/openssl/rc4.h index 39162b1..39162b1 100755..100644 --- a/thirdparties/common/include/openssl/rc4.h +++ b/thirdparties/common/include/openssl/rc4.h diff --git a/thirdparties/common/include/openssl/ripemd.h b/thirdparties/common/include/openssl/ripemd.h index b88ef25..b88ef25 100755..100644 --- a/thirdparties/common/include/openssl/ripemd.h +++ b/thirdparties/common/include/openssl/ripemd.h diff --git a/thirdparties/common/include/openssl/rsa.h b/thirdparties/common/include/openssl/rsa.h index 8bc95d0..d2ee374 100755..100644 --- a/thirdparties/common/include/openssl/rsa.h +++ b/thirdparties/common/include/openssl/rsa.h @@ -324,14 +324,14 @@ int RSA_size(const RSA *rsa); /* Deprecated version */ # ifndef OPENSSL_NO_DEPRECATED RSA *RSA_generate_key(int bits, unsigned long e, void - (*callback) (int, int, void *), void *cb_arg); + (*callback) (int, int, void *), void *cb_arg); # endif /* !defined(OPENSSL_NO_DEPRECATED) */ /* New version */ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); int RSA_check_key(const RSA *); -/* next 4 return -1 on error */ + /* next 4 return -1 on error */ int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding); int RSA_private_encrypt(int flen, const unsigned char *from, diff --git a/thirdparties/common/include/openssl/safestack.h b/thirdparties/common/include/openssl/safestack.h index 1d4f87e..1d4f87e 100755..100644 --- a/thirdparties/common/include/openssl/safestack.h +++ b/thirdparties/common/include/openssl/safestack.h diff --git a/thirdparties/common/include/openssl/seed.h b/thirdparties/common/include/openssl/seed.h index 8cbf0d9..8cbf0d9 100755..100644 --- a/thirdparties/common/include/openssl/seed.h +++ b/thirdparties/common/include/openssl/seed.h diff --git a/thirdparties/common/include/openssl/sha.h b/thirdparties/common/include/openssl/sha.h index e5169e4..e5169e4 100755..100644 --- a/thirdparties/common/include/openssl/sha.h +++ b/thirdparties/common/include/openssl/sha.h diff --git a/thirdparties/common/include/openssl/srp.h b/thirdparties/common/include/openssl/srp.h index ae363d4..028892a 100755..100644 --- a/thirdparties/common/include/openssl/srp.h +++ b/thirdparties/common/include/openssl/srp.h @@ -82,20 +82,25 @@ typedef struct SRP_gN_cache_st { DECLARE_STACK_OF(SRP_gN_cache) typedef struct SRP_user_pwd_st { + /* Owned by us. */ char *id; BIGNUM *s; BIGNUM *v; + /* Not owned by us. */ const BIGNUM *g; const BIGNUM *N; + /* Owned by us. */ char *info; } SRP_user_pwd; DECLARE_STACK_OF(SRP_user_pwd) +void SRP_user_pwd_free(SRP_user_pwd *user_pwd); + typedef struct SRP_VBASE_st { STACK_OF(SRP_user_pwd) *users_pwd; STACK_OF(SRP_gN_cache) *gN_cache; - /* to simulate a user */ +/* to simulate a user */ char *seed_key; BIGNUM *default_g; BIGNUM *default_N; @@ -115,7 +120,12 @@ DECLARE_STACK_OF(SRP_gN) SRP_VBASE *SRP_VBASE_new(char *seed_key); int SRP_VBASE_free(SRP_VBASE *vb); int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file); + +/* This method ignores the configured seed and fails for an unknown user. */ SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username); +/* NOTE: unlike in SRP_VBASE_get_by_user, caller owns the returned pointer.*/ +SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username); + char *SRP_create_verifier(const char *user, const char *pass, char **salt, char **verifier, const char *N, const char *g); int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, diff --git a/thirdparties/common/include/openssl/srtp.h b/thirdparties/common/include/openssl/srtp.h index 2279c32..2279c32 100755..100644 --- a/thirdparties/common/include/openssl/srtp.h +++ b/thirdparties/common/include/openssl/srtp.h diff --git a/thirdparties/common/include/openssl/ssl.h b/thirdparties/common/include/openssl/ssl.h index f79cea6..5ef56fa 100755..100644 --- a/thirdparties/common/include/openssl/ssl.h +++ b/thirdparties/common/include/openssl/ssl.h @@ -338,7 +338,7 @@ extern "C" { * The following cipher list is used by default. It also is substituted when * an application-defined cipher list string starts with 'DEFAULT'. */ -# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2" +# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2" /* * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always * starts with a reasonable order, and all we have to do for DEFAULT is @@ -388,12 +388,12 @@ typedef struct srtp_protection_profile_st { DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE) typedef int (*tls_session_ticket_ext_cb_fn) (SSL *s, - const unsigned char *data, - int len, void *arg); + const unsigned char *data, + int len, void *arg); typedef int (*tls_session_secret_cb_fn) (SSL *s, void *secret, - int *secret_len, - STACK_OF(SSL_CIPHER) *peer_ciphers, - SSL_CIPHER **cipher, void *arg); + int *secret_len, + STACK_OF(SSL_CIPHER) *peer_ciphers, + SSL_CIPHER **cipher, void *arg); # ifndef OPENSSL_NO_TLSEXT @@ -625,7 +625,7 @@ struct ssl_session_st { # define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L /* If set, always create a new key when using tmp_ecdh parameters */ # define SSL_OP_SINGLE_ECDH_USE 0x00080000L -/* If set, always create a new key when using tmp_dh parameters */ +/* Does nothing: retained for compatibility */ # define SSL_OP_SINGLE_DH_USE 0x00100000L /* Does nothing: retained for compatibiity */ # define SSL_OP_EPHEMERAL_RSA 0x0 @@ -833,8 +833,8 @@ struct ssl_session_st { void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb) (int write_p, int version, - int content_type, const void *buf, - size_t len, SSL *ssl, void *arg)); + int content_type, const void *buf, + size_t len, SSL *ssl, void *arg)); void SSL_set_msg_callback(SSL *ssl, void (*cb) (int write_p, int version, int content_type, const void *buf, @@ -879,10 +879,10 @@ int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key); # if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) # define SSL_MAX_CERT_LIST_DEFAULT 1024*30 -/* 30k max cert list :-) */ + /* 30k max cert list :-) */ # else # define SSL_MAX_CERT_LIST_DEFAULT 1024*100 -/* 100k max cert list :-) */ + /* 100k max cert list :-) */ # endif # define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20) @@ -1092,7 +1092,7 @@ struct ssl_ctx_st { /* draft-rescorla-tls-opaque-prf-input-00.txt information */ int (*tlsext_opaque_prf_input_callback) (SSL *, void *peerinput, - size_t len, void *arg); + size_t len, void *arg); void *tlsext_opaque_prf_input_callback_arg; # endif @@ -1224,64 +1224,64 @@ LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx); void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, int (*new_session_cb) (struct ssl_st *ssl, - SSL_SESSION *sess)); + SSL_SESSION *sess)); int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (struct ssl_st *ssl, - SSL_SESSION *sess); + SSL_SESSION *sess); void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, void (*remove_session_cb) (struct ssl_ctx_st - *ctx, - SSL_SESSION - *sess)); + *ctx, + SSL_SESSION + *sess)); void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (struct ssl_ctx_st *ctx, - SSL_SESSION *sess); + SSL_SESSION *sess); void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*get_session_cb) (struct ssl_st - *ssl, - unsigned char - *data, int len, - int *copy)); + *ssl, + unsigned char + *data, int len, + int *copy)); SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (struct ssl_st *ssl, - unsigned char *Data, - int len, int *copy); + unsigned char *Data, + int len, int *copy); void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb) (const SSL *ssl, int type, - int val)); + int val)); void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type, - int val); + int val); void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb) (SSL *ssl, X509 **x509, - EVP_PKEY **pkey)); + EVP_PKEY **pkey)); int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509, - EVP_PKEY **pkey); + EVP_PKEY **pkey); # ifndef OPENSSL_NO_ENGINE int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e); # endif void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb) (SSL *ssl, - unsigned char - *cookie, - unsigned int - *cookie_len)); + unsigned char + *cookie, + unsigned int + *cookie_len)); void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb) (SSL *ssl, - unsigned char - *cookie, - unsigned int - cookie_len)); + unsigned char + *cookie, + unsigned int + cookie_len)); # ifndef OPENSSL_NO_NEXTPROTONEG void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, - int (*cb) (SSL *ssl, - const unsigned char - **out, - unsigned int *outlen, - void *arg), void *arg); + int (*cb) (SSL *ssl, + const unsigned char + **out, + unsigned int *outlen, + void *arg), void *arg); void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s, int (*cb) (SSL *ssl, - unsigned char **out, - unsigned char *outlen, - const unsigned char *in, - unsigned int inlen, - void *arg), void *arg); + unsigned char **out, + unsigned char *outlen, + const unsigned char *in, + unsigned int inlen, + void *arg), void *arg); void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, unsigned *len); # endif @@ -1303,11 +1303,11 @@ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos, unsigned protos_len); void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl, - const unsigned char **out, - unsigned char *outlen, - const unsigned char *in, - unsigned int inlen, - void *arg), void *arg); + const unsigned char **out, + unsigned char *outlen, + const unsigned char *in, + unsigned int inlen, + void *arg), void *arg); void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, unsigned *len); @@ -1320,62 +1320,62 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, # define PSK_MAX_PSK_LEN 256 void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, unsigned int (*psk_client_callback) (SSL - *ssl, - const - char - *hint, - char - *identity, - unsigned - int - max_identity_len, - unsigned - char - *psk, - unsigned - int - max_psk_len)); + *ssl, + const + char + *hint, + char + *identity, + unsigned + int + max_identity_len, + unsigned + char + *psk, + unsigned + int + max_psk_len)); void SSL_set_psk_client_callback(SSL *ssl, unsigned int (*psk_client_callback) (SSL - *ssl, - const - char - *hint, - char - *identity, - unsigned - int - max_identity_len, - unsigned - char - *psk, - unsigned - int - max_psk_len)); + *ssl, + const + char + *hint, + char + *identity, + unsigned + int + max_identity_len, + unsigned + char + *psk, + unsigned + int + max_psk_len)); void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, unsigned int (*psk_server_callback) (SSL - *ssl, - const - char - *identity, - unsigned - char - *psk, - unsigned - int - max_psk_len)); + *ssl, + const + char + *identity, + unsigned + char + *psk, + unsigned + int + max_psk_len)); void SSL_set_psk_server_callback(SSL *ssl, unsigned int (*psk_server_callback) (SSL - *ssl, - const - char - *identity, - unsigned - char - *psk, - unsigned - int - max_psk_len)); + *ssl, + const + char + *identity, + unsigned + char + *psk, + unsigned + int + max_psk_len)); int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint); int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint); const char *SSL_get_psk_identity_hint(const SSL *s); @@ -1653,12 +1653,12 @@ struct ssl_st { STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What's been chosen */ SRTP_PROTECTION_PROFILE *srtp_profile; - /*- - * Is use of the Heartbeat extension negotiated? - * 0: disabled - * 1: enabled - * 2: enabled, but not allowed to send Requests - */ + /*- + * Is use of the Heartbeat extension negotiated? + * 0: disabled + * 1: enabled + * 2: enabled, but not allowed to send Requests + */ unsigned int tlsext_heartbeat; /* Indicates if a HeartbeatRequest is in flight */ unsigned int tlsext_hb_pending; @@ -1727,6 +1727,7 @@ extern "C" { # define SSL_ST_BEFORE 0x4000 # define SSL_ST_OK 0x03 # define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT) +# define SSL_ST_ERR 0x05 # define SSL_CB_LOOP 0x01 # define SSL_CB_EXIT 0x02 @@ -2091,7 +2092,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) # define SSL_CTX_set1_sigalgs_list(ctx, s) \ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s) # define SSL_set1_sigalgs(ctx, slist, slistlen) \ - SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,clistlen,(int *)slist) + SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)slist) # define SSL_set1_sigalgs_list(ctx, s) \ SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s) # define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \ @@ -2257,7 +2258,7 @@ STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s); int SSL_CTX_get_verify_mode(const SSL_CTX *ctx); int SSL_CTX_get_verify_depth(const SSL_CTX *ctx); int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int, - X509_STORE_CTX *); + X509_STORE_CTX *); void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*callback) (int, X509_STORE_CTX *)); void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth); @@ -2309,7 +2310,7 @@ int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength); int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, char *(*cb) (SSL *, void *)); int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx, - int (*cb) (SSL *, void *)); + int (*cb) (SSL *, void *)); int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx, int (*cb) (SSL *, int *, void *)); int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg); @@ -2344,7 +2345,7 @@ const char *SSL_get_version(const SSL *s); /* This sets the 'default' SSL version that SSL_new() will create */ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); -# ifndef OPENSSL_NO_SSL2 +# ifndef OPENSSL_NO_SSL2_METHOD const SSL_METHOD *SSLv2_method(void); /* SSLv2 */ const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */ const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */ @@ -2448,7 +2449,7 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx); void SSL_set_info_callback(SSL *ssl, void (*cb) (const SSL *ssl, int type, int val)); void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type, - int val); + int val); int SSL_state(const SSL *ssl); void SSL_set_state(SSL *ssl, int state); @@ -2504,20 +2505,20 @@ int SSL_get_ex_data_X509_STORE_CTX_idx(void); # define SSL_set_max_send_fragment(ssl,m) \ SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL) -/* NB: the keylength is only applicable when is_export is true */ + /* NB: the keylength is only applicable when is_export is true */ # ifndef OPENSSL_NO_RSA void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb) (SSL *ssl, int is_export, - int keylength)); + int keylength)); void SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb) (SSL *ssl, int is_export, - int keylength)); + int keylength)); # endif # ifndef OPENSSL_NO_DH void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh) (SSL *ssl, int is_export, - int keylength)); + int keylength)); void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export, int keylength)); @@ -2525,10 +2526,10 @@ void SSL_set_tmp_dh_callback(SSL *ssl, # ifndef OPENSSL_NO_ECDH void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh) (SSL *ssl, int is_export, - int keylength)); + int keylength)); void SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh) (SSL *ssl, int is_export, - int keylength)); + int keylength)); # endif # ifndef OPENSSL_NO_COMP @@ -2537,7 +2538,7 @@ const COMP_METHOD *SSL_get_current_expansion(SSL *s); const char *SSL_COMP_get_name(const COMP_METHOD *comp); STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) - *meths); + *meths); void SSL_COMP_free_compression_methods(void); int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm); # else @@ -2640,6 +2641,7 @@ void ERR_load_SSL_strings(void); # define SSL_F_GET_CLIENT_MASTER_KEY 107 # define SSL_F_GET_SERVER_FINISHED 108 # define SSL_F_GET_SERVER_HELLO 109 +# define SSL_F_GET_SERVER_STATIC_DH_KEY 340 # define SSL_F_GET_SERVER_VERIFY 110 # define SSL_F_I2D_SSL_SESSION 111 # define SSL_F_READ_N 112 @@ -2670,6 +2672,7 @@ void ERR_load_SSL_strings(void); # define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 # define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 # define SSL_F_SSL3_CHECK_CLIENT_HELLO 304 +# define SSL_F_SSL3_CHECK_FINISHED 339 # define SSL_F_SSL3_CLIENT_HELLO 131 # define SSL_F_SSL3_CONNECT 132 # define SSL_F_SSL3_CTRL 213 @@ -2678,6 +2681,7 @@ void ERR_load_SSL_strings(void); # define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292 # define SSL_F_SSL3_ENC 134 # define SSL_F_SSL3_GENERATE_KEY_BLOCK 238 +# define SSL_F_SSL3_GENERATE_MASTER_SECRET 388 # define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 # define SSL_F_SSL3_GET_CERT_STATUS 289 # define SSL_F_SSL3_GET_CERT_VERIFY 136 @@ -2784,6 +2788,7 @@ void ERR_load_SSL_strings(void); # define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 # define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 320 # define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 321 +# define SSL_F_SSL_SESSION_DUP 348 # define SSL_F_SSL_SESSION_NEW 189 # define SSL_F_SSL_SESSION_PRINT_FP 190 # define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312 @@ -2842,8 +2847,11 @@ void ERR_load_SSL_strings(void); # define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 # define SSL_R_BAD_DECOMPRESSION 107 # define SSL_R_BAD_DH_G_LENGTH 108 +# define SSL_R_BAD_DH_G_VALUE 375 # define SSL_R_BAD_DH_PUB_KEY_LENGTH 109 +# define SSL_R_BAD_DH_PUB_KEY_VALUE 393 # define SSL_R_BAD_DH_P_LENGTH 110 +# define SSL_R_BAD_DH_P_VALUE 395 # define SSL_R_BAD_DIGEST_LENGTH 111 # define SSL_R_BAD_DSA_SIGNATURE 112 # define SSL_R_BAD_ECC_CERT 304 @@ -2904,6 +2912,7 @@ void ERR_load_SSL_strings(void); # define SSL_R_DATA_LENGTH_TOO_LONG 146 # define SSL_R_DECRYPTION_FAILED 147 # define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281 +# define SSL_R_DH_KEY_TOO_SMALL 372 # define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 # define SSL_R_DIGEST_CHECK_FAILED 149 # define SSL_R_DTLS_MESSAGE_TOO_BIG 334 @@ -3047,6 +3056,7 @@ void ERR_load_SSL_strings(void); # define SSL_R_SERVERHELLO_TLSEXT 275 # define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 # define SSL_R_SHORT_READ 219 +# define SSL_R_SHUTDOWN_WHILE_IN_INIT 407 # define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360 # define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 # define SSL_R_SRP_A_CALC 361 diff --git a/thirdparties/common/include/openssl/ssl2.h b/thirdparties/common/include/openssl/ssl2.h index 499d921..03c7dd8 100755..100644 --- a/thirdparties/common/include/openssl/ssl2.h +++ b/thirdparties/common/include/openssl/ssl2.h @@ -137,7 +137,7 @@ extern "C" { # define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u # else # define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u -/* 2^15-1 */ + /* 2^15-1 */ # endif # define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383/* 2^14-1 */ diff --git a/thirdparties/common/include/openssl/ssl23.h b/thirdparties/common/include/openssl/ssl23.h index 9de4685..9de4685 100755..100644 --- a/thirdparties/common/include/openssl/ssl23.h +++ b/thirdparties/common/include/openssl/ssl23.h diff --git a/thirdparties/common/include/openssl/ssl3.h b/thirdparties/common/include/openssl/ssl3.h index 8c0c7fb..e681d50 100755..100644 --- a/thirdparties/common/include/openssl/ssl3.h +++ b/thirdparties/common/include/openssl/ssl3.h @@ -284,14 +284,14 @@ extern "C" { # define SSL3_HM_HEADER_LENGTH 4 # ifndef SSL3_ALIGN_PAYLOAD -/* - * Some will argue that this increases memory footprint, but it's not - * actually true. Point is that malloc has to return at least 64-bit aligned - * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case. - * Suggested pre-gaping simply moves these wasted bytes from the end of - * allocated region to its front, but makes data payload aligned, which - * improves performance:-) - */ + /* + * Some will argue that this increases memory footprint, but it's not + * actually true. Point is that malloc has to return at least 64-bit aligned + * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case. + * Suggested pre-gaping simply moves these wasted bytes from the end of + * allocated region to its front, but makes data payload aligned, which + * improves performance:-) + */ # define SSL3_ALIGN_PAYLOAD 8 # else # if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0 diff --git a/thirdparties/common/include/openssl/stack.h b/thirdparties/common/include/openssl/stack.h index 539e95e..eb07216 100755..100644 --- a/thirdparties/common/include/openssl/stack.h +++ b/thirdparties/common/include/openssl/stack.h @@ -95,7 +95,7 @@ void *sk_shift(_STACK *st); void *sk_pop(_STACK *st); void sk_zero(_STACK *st); int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *))) -(const void *, const void *); + (const void *, const void *); _STACK *sk_dup(_STACK *st); void sk_sort(_STACK *st); int sk_is_sorted(const _STACK *st); diff --git a/thirdparties/common/include/openssl/symhacks.h b/thirdparties/common/include/openssl/symhacks.h index 239fa4f..239fa4f 100755..100644 --- a/thirdparties/common/include/openssl/symhacks.h +++ b/thirdparties/common/include/openssl/symhacks.h diff --git a/thirdparties/common/include/openssl/tls1.h b/thirdparties/common/include/openssl/tls1.h index 5929607..7e237d0 100755..100644 --- a/thirdparties/common/include/openssl/tls1.h +++ b/thirdparties/common/include/openssl/tls1.h @@ -231,13 +231,12 @@ extern "C" { /* ExtensionType value from RFC5620 */ # define TLSEXT_TYPE_heartbeat 15 -/* ExtensionType value from draft-ietf-tls-applayerprotoneg-00 */ +/* ExtensionType value from RFC7301 */ # define TLSEXT_TYPE_application_layer_protocol_negotiation 16 /* * ExtensionType value for TLS padding extension. - * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml - * http://tools.ietf.org/html/draft-agl-tls-padding-03 + * http://tools.ietf.org/html/draft-agl-tls-padding */ # define TLSEXT_TYPE_padding 21 @@ -262,20 +261,19 @@ extern "C" { # define TLSEXT_TYPE_next_proto_neg 13172 # endif -/* NameType value from RFC 3546 */ +/* NameType value from RFC3546 */ # define TLSEXT_NAMETYPE_host_name 0 -/* status request value from RFC 3546 */ +/* status request value from RFC3546 */ # define TLSEXT_STATUSTYPE_ocsp 1 -/* ECPointFormat values from draft-ietf-tls-ecc-12 */ +/* ECPointFormat values from RFC4492 */ # define TLSEXT_ECPOINTFORMAT_first 0 # define TLSEXT_ECPOINTFORMAT_uncompressed 0 # define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1 # define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2 # define TLSEXT_ECPOINTFORMAT_last 2 -/* Signature and hash algorithms from RFC 5246 */ - +/* Signature and hash algorithms from RFC5246 */ # define TLSEXT_signature_anonymous 0 # define TLSEXT_signature_rsa 1 # define TLSEXT_signature_dsa 2 @@ -430,7 +428,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) # define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066 /* AES ciphersuites from RFC3268 */ - # define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F # define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030 # define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031 @@ -595,7 +592,7 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) # define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA" # define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA" -/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */ +/* ECC ciphersuites from RFC4492 */ # define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA" # define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA" # define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA" diff --git a/thirdparties/common/include/openssl/ts.h b/thirdparties/common/include/openssl/ts.h index 3f87394..16eccbb 100755..100644 --- a/thirdparties/common/include/openssl/ts.h +++ b/thirdparties/common/include/openssl/ts.h @@ -341,8 +341,8 @@ ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void); void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a); int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **pp); ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a, - const unsigned char **pp, - long length); + const unsigned char **pp, + long length); ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a); ESS_CERT_ID *ESS_CERT_ID_new(void); @@ -561,7 +561,7 @@ int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx, * '3' msec, '6' usec, and so on. Default is 0. */ int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx, - unsigned clock_precision_digits); + unsigned clock_precision_digits); /* At most we accept usec precision. */ # define TS_MAX_CLOCK_PRECISION_DIGITS 6 diff --git a/thirdparties/common/include/openssl/txt_db.h b/thirdparties/common/include/openssl/txt_db.h index 98e23a2..98e23a2 100755..100644 --- a/thirdparties/common/include/openssl/txt_db.h +++ b/thirdparties/common/include/openssl/txt_db.h diff --git a/thirdparties/common/include/openssl/ui.h b/thirdparties/common/include/openssl/ui.h index 9f3371a..0dc1633 100755..100644 --- a/thirdparties/common/include/openssl/ui.h +++ b/thirdparties/common/include/openssl/ui.h @@ -1,4 +1,4 @@ -/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/ui/ui.h */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2001. @@ -329,18 +329,18 @@ int UI_method_set_reader(UI_METHOD *method, int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui)); int UI_method_set_prompt_constructor(UI_METHOD *method, char *(*prompt_constructor) (UI *ui, - const char - *object_desc, - const char - *object_name)); + const char + *object_desc, + const char + *object_name)); int (*UI_method_get_opener(UI_METHOD *method)) (UI *); int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *); int (*UI_method_get_flusher(UI_METHOD *method)) (UI *); int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *); int (*UI_method_get_closer(UI_METHOD *method)) (UI *); char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *, - const char *, - const char *); + const char *, + const char *); /* * The following functions are helpers for method writers to access relevant diff --git a/thirdparties/common/include/openssl/ui_compat.h b/thirdparties/common/include/openssl/ui_compat.h index 42fb9ff..bf54154 100755..100644 --- a/thirdparties/common/include/openssl/ui_compat.h +++ b/thirdparties/common/include/openssl/ui_compat.h @@ -1,4 +1,4 @@ -/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/ui/ui.h */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2001. diff --git a/thirdparties/common/include/openssl/whrlpool.h b/thirdparties/common/include/openssl/whrlpool.h index 73c749d..73c749d 100755..100644 --- a/thirdparties/common/include/openssl/whrlpool.h +++ b/thirdparties/common/include/openssl/whrlpool.h diff --git a/thirdparties/common/include/openssl/x509.h b/thirdparties/common/include/openssl/x509.h index eefd08f..fc613ce 100755..100644 --- a/thirdparties/common/include/openssl/x509.h +++ b/thirdparties/common/include/openssl/x509.h @@ -184,7 +184,7 @@ struct X509_name_st { # else char *bytes; # endif - /* unsigned long hash; Keep the hash around for lookups */ +/* unsigned long hash; Keep the hash around for lookups */ unsigned char *canon_enc; int canon_enclen; } /* X509_NAME */ ; @@ -550,7 +550,7 @@ typedef struct PBE2PARAM_st { } PBE2PARAM; typedef struct PBKDF2PARAM_st { - /* Usually OCTET STRING but could be anything */ +/* Usually OCTET STRING but could be anything */ ASN1_TYPE *salt; ASN1_INTEGER *iter; ASN1_INTEGER *keylength; @@ -609,11 +609,11 @@ void X509_CRL_set_default_method(const X509_CRL_METHOD *meth); X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl), int (*crl_free) (X509_CRL *crl), int (*crl_lookup) (X509_CRL *crl, - X509_REVOKED **ret, - ASN1_INTEGER *ser, - X509_NAME *issuer), + X509_REVOKED **ret, + ASN1_INTEGER *ser, + X509_NAME *issuer), int (*crl_verify) (X509_CRL *crl, - EVP_PKEY *pk)); + EVP_PKEY *pk)); void X509_CRL_METHOD_free(X509_CRL_METHOD *m); void X509_CRL_set_meth_data(X509_CRL *crl, void *dat); @@ -696,7 +696,7 @@ int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8); int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8); PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, - PKCS8_PRIV_KEY_INFO **p8inf); + PKCS8_PRIV_KEY_INFO **p8inf); int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf); int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); @@ -735,7 +735,7 @@ int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8); int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8); PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, - PKCS8_PRIV_KEY_INFO **p8inf); + PKCS8_PRIV_KEY_INFO **p8inf); int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf); int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); @@ -843,7 +843,7 @@ int X509_keyid_set1(X509 *x, unsigned char *id, int len); unsigned char *X509_alias_get0(X509 *x, int *len); unsigned char *X509_keyid_get0(X509 *x, int *len); int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *, - int); + int); int X509_TRUST_set(int *t, int trust); int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); @@ -1030,19 +1030,19 @@ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set); X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, - const char *field, int type, - const unsigned char *bytes, - int len); + const char *field, int type, + const unsigned char *bytes, + int len); X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, - int type, unsigned char *bytes, - int len); + int type, unsigned char *bytes, + int len); int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set); X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, - ASN1_OBJECT *obj, int type, - const unsigned char *bytes, - int len); + ASN1_OBJECT *obj, int type, + const unsigned char *bytes, + int len); int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj); int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len); @@ -1059,7 +1059,7 @@ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, - X509_EXTENSION *ex, int loc); + X509_EXTENSION *ex, int loc); int X509_get_ext_count(X509 *x); int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); @@ -1096,11 +1096,11 @@ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit, unsigned long flags); X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, - int nid, int crit, - ASN1_OCTET_STRING *data); + int nid, int crit, + ASN1_OCTET_STRING *data); X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, - ASN1_OBJECT *obj, int crit, - ASN1_OCTET_STRING *data); + ASN1_OBJECT *obj, int crit, + ASN1_OCTET_STRING *data); int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj); int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data); @@ -1116,34 +1116,34 @@ int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc); X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, - X509_ATTRIBUTE *attr); + X509_ATTRIBUTE *attr); STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) - **x, const ASN1_OBJECT *obj, - int type, - const unsigned char *bytes, - int len); + **x, const ASN1_OBJECT *obj, + int type, + const unsigned char *bytes, + int len); STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) - **x, int nid, int type, - const unsigned char *bytes, - int len); + **x, int nid, int type, + const unsigned char *bytes, + int len); STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) - **x, const char *attrname, - int type, - const unsigned char *bytes, - int len); + **x, const char *attrname, + int type, + const unsigned char *bytes, + int len); void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj, int lastpos, int type); X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, - int atrtype, const void *data, - int len); + int atrtype, const void *data, + int len); X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, - const ASN1_OBJECT *obj, - int atrtype, const void *data, - int len); + const ASN1_OBJECT *obj, + int atrtype, const void *data, + int len); X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, - const char *atrname, int type, - const unsigned char *bytes, - int len); + const char *atrname, int type, + const unsigned char *bytes, + int len); int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj); int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len); @@ -1305,6 +1305,7 @@ void ERR_load_X509_strings(void); # define X509_R_LOADING_CERT_DIR 103 # define X509_R_LOADING_DEFAULTS 104 # define X509_R_METHOD_NOT_SUPPORTED 124 +# define X509_R_NAME_TOO_LONG 134 # define X509_R_NEWER_CRL_NOT_NEWER 132 # define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 # define X509_R_NO_CRL_NUMBER 130 diff --git a/thirdparties/common/include/openssl/x509_vfy.h b/thirdparties/common/include/openssl/x509_vfy.h index 281228c..2663e1c 100755..100644 --- a/thirdparties/common/include/openssl/x509_vfy.h +++ b/thirdparties/common/include/openssl/x509_vfy.h @@ -313,7 +313,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) # define X509_V_OK 0 -/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */ +# define X509_V_ERR_UNSPECIFIED 1 # define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 # define X509_V_ERR_UNABLE_TO_GET_CRL 3 @@ -432,6 +432,12 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); /* Allow partial chains if at least one certificate is in trusted store */ # define X509_V_FLAG_PARTIAL_CHAIN 0x80000 +/* + * If the initial chain is not trusted, do not attempt to build an alternative + * chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag + * will force the behaviour to match that of previous versions. + */ +# define X509_V_FLAG_NO_ALT_CHAINS 0x100000 # define X509_VP_FLAG_DEFAULT 0x1 # define X509_VP_FLAG_OVERWRITE 0x2 @@ -448,7 +454,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, X509_NAME *name); X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, - int type, X509_NAME *name); + int type, X509_NAME *name); X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x); void X509_OBJECT_up_ref_count(X509_OBJECT *a); @@ -468,8 +474,8 @@ void X509_STORE_set_verify_cb(X509_STORE *ctx, void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx, STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX - *ctx, - X509_NAME *nm)); + *ctx, + X509_NAME *nm)); X509_STORE_CTX *X509_STORE_CTX_new(void); @@ -612,28 +618,28 @@ void X509_policy_tree_free(X509_POLICY_TREE *tree); int X509_policy_tree_level_count(const X509_POLICY_TREE *tree); X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree, - int i); + int i); STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const - X509_POLICY_TREE - *tree); + X509_POLICY_TREE + *tree); STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const - X509_POLICY_TREE - *tree); + X509_POLICY_TREE + *tree); int X509_policy_level_node_count(X509_POLICY_LEVEL *level); X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level, - int i); + int i); const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node); STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const - X509_POLICY_NODE - *node); + X509_POLICY_NODE + *node); const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE - *node); + *node); #ifdef __cplusplus } diff --git a/thirdparties/common/include/openssl/x509v3.h b/thirdparties/common/include/openssl/x509v3.h index 756faac..f5c6156 100755..100644 --- a/thirdparties/common/include/openssl/x509v3.h +++ b/thirdparties/common/include/openssl/x509v3.h @@ -85,8 +85,8 @@ typedef void (*X509V3_EXT_FREE) (void *); typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long); typedef int (*X509V3_EXT_I2D) (void *, unsigned char **); typedef STACK_OF(CONF_VALUE) * -(*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext, - STACK_OF(CONF_VALUE) *extlist); + (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext, + STACK_OF(CONF_VALUE) *extlist); typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values); @@ -104,20 +104,20 @@ typedef void *(*X509V3_EXT_R2I)(const struct v3_ext_method *method, struct v3_ext_method { int ext_nid; int ext_flags; - /* If this is set the following four fields are ignored */ +/* If this is set the following four fields are ignored */ ASN1_ITEM_EXP *it; - /* Old style ASN1 calls */ +/* Old style ASN1 calls */ X509V3_EXT_NEW ext_new; X509V3_EXT_FREE ext_free; X509V3_EXT_D2I d2i; X509V3_EXT_I2D i2d; - /* The following pair is used for string extensions */ +/* The following pair is used for string extensions */ X509V3_EXT_I2S i2s; X509V3_EXT_S2I s2i; - /* The following pair is used for multi-valued extensions */ +/* The following pair is used for multi-valued extensions */ X509V3_EXT_I2V i2v; X509V3_EXT_V2I v2i; - /* The following are used for raw extensions */ +/* The following are used for raw extensions */ X509V3_EXT_I2R i2r; X509V3_EXT_R2I r2i; void *usr_data; /* Any extension specific data */ @@ -140,7 +140,7 @@ struct v3_ext_ctx { X509_CRL *crl; X509V3_CONF_METHOD *db_meth; void *db; - /* Maybe more here */ +/* Maybe more here */ }; typedef struct v3_ext_method X509V3_EXT_METHOD; @@ -229,7 +229,7 @@ typedef struct DIST_POINT_NAME_st { GENERAL_NAMES *fullname; STACK_OF(X509_NAME_ENTRY) *relativename; } name; - /* If relativename then this contains the full distribution point name */ +/* If relativename then this contains the full distribution point name */ X509_NAME *dpname; } DIST_POINT_NAME; /* All existing reasons */ @@ -530,8 +530,8 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - ASN1_BIT_STRING *bits, - STACK_OF(CONF_VALUE) *extlist); + ASN1_BIT_STRING *bits, + STACK_OF(CONF_VALUE) *extlist); STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, @@ -559,7 +559,7 @@ int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, char *str); + X509V3_CTX *ctx, char *str); DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION *a); diff --git a/thirdparties/win32/lib/openssl/libeay32.lib b/thirdparties/win32/lib/openssl/libeay32.lib Binary files differindex 3067265..2c814a4 100755 --- a/thirdparties/win32/lib/openssl/libeay32.lib +++ b/thirdparties/win32/lib/openssl/libeay32.lib diff --git a/thirdparties/win32/lib/openssl/libeay64.lib b/thirdparties/win32/lib/openssl/libeay64.lib Binary files differindex c483b44..1b40636 100755 --- a/thirdparties/win32/lib/openssl/libeay64.lib +++ b/thirdparties/win32/lib/openssl/libeay64.lib diff --git a/thirdparties/win32/lib/openssl/ssleay32.lib b/thirdparties/win32/lib/openssl/ssleay32.lib Binary files differindex d19c96c..201cf40 100755 --- a/thirdparties/win32/lib/openssl/ssleay32.lib +++ b/thirdparties/win32/lib/openssl/ssleay32.lib diff --git a/thirdparties/win32/lib/openssl/ssleay64.lib b/thirdparties/win32/lib/openssl/ssleay64.lib Binary files differindex 8f11236..420ecf3 100755 --- a/thirdparties/win32/lib/openssl/ssleay64.lib +++ b/thirdparties/win32/lib/openssl/ssleay64.lib |