diff --git a/deps/openssl/openssl/CHANGES b/deps/openssl/openssl/CHANGES index d92f55969c8f..3c13c90f2189 100644 --- a/deps/openssl/openssl/CHANGES +++ b/deps/openssl/openssl/CHANGES @@ -2,6 +2,21 @@ OpenSSL CHANGES _______________ + Changes between 1.0.1o and 1.0.1p [9 Jul 2015] + + *) Alternate chains certificate forgery + + During certificate verfification, OpenSSL will attempt to find an + alternative certificate chain if the first attempt to build such a chain + fails. An error in the implementation of this logic can mean that an + attacker could cause certain checks on untrusted certificates to be + bypassed, such as the CA flag, enabling them to use a valid leaf + certificate to act as a CA and "issue" an invalid certificate. + + This issue was reported to OpenSSL by Adam Langley/David Benjamin + (Google/BoringSSL). + [Matt Caswell] + Changes between 1.0.1n and 1.0.1o [12 Jun 2015] *) Fix HMAC ABI incompatibility. The previous version introduced an ABI diff --git a/deps/openssl/openssl/Makefile b/deps/openssl/openssl/Makefile index 0b3badbd99f8..cd1c08cc5133 100644 --- a/deps/openssl/openssl/Makefile +++ b/deps/openssl/openssl/Makefile @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=1.0.1o +VERSION=1.0.1p MAJOR=1 MINOR=0.1 SHLIB_VERSION_NUMBER=1.0.0 @@ -270,6 +270,7 @@ reflect: @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV) sub_all: build_all + build_all: build_libs build_apps build_tests build_tools build_libs: build_libcrypto build_libssl openssl.pc @@ -279,15 +280,15 @@ build_libssl: build_ssl libssl.pc build_crypto: @dir=crypto; target=all; $(BUILD_ONE_CMD) -build_ssl: +build_ssl: build_crypto @dir=ssl; target=all; $(BUILD_ONE_CMD) -build_engines: +build_engines: build_crypto @dir=engines; target=all; $(BUILD_ONE_CMD) -build_apps: +build_apps: build_libs @dir=apps; target=all; $(BUILD_ONE_CMD) -build_tests: +build_tests: build_libs @dir=test; target=all; $(BUILD_ONE_CMD) -build_tools: +build_tools: build_libs @dir=tools; target=all; $(BUILD_ONE_CMD) all_testapps: build_libs build_testapps diff --git a/deps/openssl/openssl/Makefile.bak b/deps/openssl/openssl/Makefile.bak index 29cc85e76892..e7aa39127e28 100644 --- a/deps/openssl/openssl/Makefile.bak +++ b/deps/openssl/openssl/Makefile.bak @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=1.0.1o-dev +VERSION=1.0.1p-dev MAJOR=1 MINOR=0.1 SHLIB_VERSION_NUMBER=1.0.0 @@ -270,6 +270,7 @@ reflect: @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV) sub_all: build_all + build_all: build_libs build_apps build_tests build_tools build_libs: build_libcrypto build_libssl openssl.pc @@ -279,15 +280,15 @@ build_libssl: build_ssl libssl.pc build_crypto: @dir=crypto; target=all; $(BUILD_ONE_CMD) -build_ssl: +build_ssl: build_crypto @dir=ssl; target=all; $(BUILD_ONE_CMD) -build_engines: +build_engines: build_crypto @dir=engines; target=all; $(BUILD_ONE_CMD) -build_apps: +build_apps: build_libs @dir=apps; target=all; $(BUILD_ONE_CMD) -build_tests: +build_tests: build_libs @dir=test; target=all; $(BUILD_ONE_CMD) -build_tools: +build_tools: build_libs @dir=tools; target=all; $(BUILD_ONE_CMD) all_testapps: build_libs build_testapps diff --git a/deps/openssl/openssl/Makefile.org b/deps/openssl/openssl/Makefile.org index cf82487f43ae..55a37008a95b 100644 --- a/deps/openssl/openssl/Makefile.org +++ b/deps/openssl/openssl/Makefile.org @@ -268,6 +268,7 @@ reflect: @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV) sub_all: build_all + build_all: build_libs build_apps build_tests build_tools build_libs: build_libcrypto build_libssl openssl.pc @@ -277,15 +278,15 @@ build_libssl: build_ssl libssl.pc build_crypto: @dir=crypto; target=all; $(BUILD_ONE_CMD) -build_ssl: +build_ssl: build_crypto @dir=ssl; target=all; $(BUILD_ONE_CMD) -build_engines: +build_engines: build_crypto @dir=engines; target=all; $(BUILD_ONE_CMD) -build_apps: +build_apps: build_libs @dir=apps; target=all; $(BUILD_ONE_CMD) -build_tests: +build_tests: build_libs @dir=test; target=all; $(BUILD_ONE_CMD) -build_tools: +build_tools: build_libs @dir=tools; target=all; $(BUILD_ONE_CMD) all_testapps: build_libs build_testapps diff --git a/deps/openssl/openssl/NEWS b/deps/openssl/openssl/NEWS index fb69ad3e5daa..5e76d3fed42b 100644 --- a/deps/openssl/openssl/NEWS +++ b/deps/openssl/openssl/NEWS @@ -5,6 +5,10 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015] + + o Alternate chains certificate forgery (CVE-2015-1793) + Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015] o Fix HMAC ABI incompatibility diff --git a/deps/openssl/openssl/README b/deps/openssl/openssl/README index bf3b71540d5c..bf03f3026812 100644 --- a/deps/openssl/openssl/README +++ b/deps/openssl/openssl/README @@ -1,5 +1,5 @@ - OpenSSL 1.0.1o 12 Jun 2015 + OpenSSL 1.0.1p 9 Jul 2015 Copyright (c) 1998-2011 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/deps/openssl/openssl/apps/s_client.c b/deps/openssl/openssl/apps/s_client.c index c2e6c0bfdcc1..28737b6d1e6b 100644 --- a/deps/openssl/openssl/apps/s_client.c +++ b/deps/openssl/openssl/apps/s_client.c @@ -180,13 +180,6 @@ typedef unsigned int u_int; # include #endif -/* Use Windows API with STD_INPUT_HANDLE when checking for input? - Don't look at OPENSSL_SYS_MSDOS for this, since it is always defined if - OPENSSL_SYS_WINDOWS is defined */ -#if defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_WINCE) && defined(STD_INPUT_HANDLE) -#define OPENSSL_USE_STD_INPUT_HANDLE -#endif - #undef PROG #define PROG s_client_main @@ -1591,7 +1584,10 @@ int MAIN(int argc, char **argv) tv.tv_usec = 0; i = select(width, (void *)&readfds, (void *)&writefds, NULL, &tv); -#if defined(OPENSSL_USE_STD_INPUT_HANDLE) +# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS) + if (!i && (!_kbhit() || !read_tty)) + continue; +# else if (!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle @@ -1599,8 +1595,6 @@ int MAIN(int argc, char **argv) 0))) || !read_tty)) continue; -#else - if(!i && (!_kbhit() || !read_tty) ) continue; # endif } else i = select(width, (void *)&readfds, (void *)&writefds, @@ -1799,12 +1793,12 @@ int MAIN(int argc, char **argv) } } #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) -#if defined(OPENSSL_USE_STD_INPUT_HANDLE) +# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS) + else if (_kbhit()) +# else else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) -#else - else if (_kbhit()) # endif #elif defined (OPENSSL_SYS_NETWARE) else if (_kbhit()) diff --git a/deps/openssl/openssl/crypto/bio/bio.h b/deps/openssl/openssl/crypto/bio/bio.h index be9cd0eff39b..d583cc108508 100644 --- a/deps/openssl/openssl/crypto/bio/bio.h +++ b/deps/openssl/openssl/crypto/bio/bio.h @@ -290,7 +290,7 @@ void BIO_clear_flags(BIO *b, int flags); * BIO_CB_RETURN flag indicates if it is after the call */ # define BIO_CB_RETURN 0x80 -# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)) +# define BIO_CB_return(a) ((a)|BIO_CB_RETURN) # define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN)) # define BIO_cb_post(a) ((a)&BIO_CB_RETURN) diff --git a/deps/openssl/openssl/crypto/evp/e_aes.c b/deps/openssl/openssl/crypto/evp/e_aes.c index 1ede7bd39ec0..a4327fcb0554 100644 --- a/deps/openssl/openssl/crypto/evp/e_aes.c +++ b/deps/openssl/openssl/crypto/evp/e_aes.c @@ -1146,7 +1146,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) case EVP_CTRL_CCM_SET_TAG: if ((arg & 1) || arg < 4 || arg > 16) return 0; - if ((c->encrypt && ptr) || (!c->encrypt && !ptr)) + if (c->encrypt && ptr) return 0; if (ptr) { cctx->tag_set = 1; diff --git a/deps/openssl/openssl/crypto/opensslconf.h b/deps/openssl/openssl/crypto/opensslconf.h index 76c99d433ab8..4a6e2766e0bb 100644 --- a/deps/openssl/openssl/crypto/opensslconf.h +++ b/deps/openssl/openssl/crypto/opensslconf.h @@ -1 +1,241 @@ -#include "../../config/opensslconf.h" +/* opensslconf.h */ +/* WARNING: Generated automatically from opensslconf.h.in by Configure. */ + +#ifdef __cplusplus +extern "C" { +#endif +/* OpenSSL was configured with the following options: */ +#ifndef OPENSSL_DOING_MAKEDEPEND + + +#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 +# define OPENSSL_NO_EC_NISTP_64_GCC_128 +#endif +#ifndef OPENSSL_NO_GMP +# define OPENSSL_NO_GMP +#endif +#ifndef OPENSSL_NO_JPAKE +# define OPENSSL_NO_JPAKE +#endif +#ifndef OPENSSL_NO_KRB5 +# define OPENSSL_NO_KRB5 +#endif +#ifndef OPENSSL_NO_MD2 +# define OPENSSL_NO_MD2 +#endif +#ifndef OPENSSL_NO_RC5 +# define OPENSSL_NO_RC5 +#endif +#ifndef OPENSSL_NO_RFC3779 +# define OPENSSL_NO_RFC3779 +#endif +#ifndef OPENSSL_NO_SCTP +# define OPENSSL_NO_SCTP +#endif +#ifndef OPENSSL_NO_STORE +# define OPENSSL_NO_STORE +#endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif + +#endif /* OPENSSL_DOING_MAKEDEPEND */ + +#ifndef OPENSSL_NO_DYNAMIC_ENGINE +# define OPENSSL_NO_DYNAMIC_ENGINE +#endif + +/* The OPENSSL_NO_* macros are also defined as NO_* if the application + asks for it. This is a transient feature that is provided for those + who haven't had the time to do the appropriate changes in their + applications. */ +#ifdef OPENSSL_ALGORITHM_DEFINES +# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128) +# define NO_EC_NISTP_64_GCC_128 +# endif +# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP) +# define NO_GMP +# endif +# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE) +# define NO_JPAKE +# endif +# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5) +# define NO_KRB5 +# endif +# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2) +# define NO_MD2 +# endif +# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5) +# define NO_RC5 +# endif +# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779) +# define NO_RFC3779 +# endif +# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) +# define NO_SCTP +# endif +# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) +# define NO_STORE +# endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif +#endif + +/* crypto/opensslconf.h.in */ + +/* Generate 80386 code? */ +#undef I386_ONLY + +#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ +#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) +#define ENGINESDIR "/usr/local/ssl/lib/engines" +#define OPENSSLDIR "/usr/local/ssl" +#endif +#endif + +#undef OPENSSL_UNISTD +#define OPENSSL_UNISTD + +#undef OPENSSL_EXPORT_VAR_AS_FUNCTION + +#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) +#define IDEA_INT unsigned int +#endif + +#if defined(HEADER_MD2_H) && !defined(MD2_INT) +#define MD2_INT unsigned int +#endif + +#if defined(HEADER_RC2_H) && !defined(RC2_INT) +/* I need to put in a mod for the alpha - eay */ +#define RC2_INT unsigned int +#endif + +#if defined(HEADER_RC4_H) +#if !defined(RC4_INT) +/* using int types make the structure larger but make the code faster + * on most boxes I have tested - up to %20 faster. */ +/* + * I don't know what does "most" mean, but declaring "int" is a must on: + * - Intel P6 because partial register stalls are very expensive; + * - elder Alpha because it lacks byte load/store instructions; + */ +#define RC4_INT unsigned int +#endif +#if !defined(RC4_CHUNK) +/* + * This enables code handling data aligned at natural CPU word + * boundary. See crypto/rc4/rc4_enc.c for further details. + */ +#undef RC4_CHUNK +#endif +#endif + +#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) +/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a + * %20 speed up (longs are 8 bytes, int's are 4). */ +#ifndef DES_LONG +#define DES_LONG unsigned long +#endif +#endif + +#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) +#define CONFIG_HEADER_BN_H +#undef BN_LLONG + +/* Should we define BN_DIV2W here? */ + +/* Only one for the following should be defined */ +#undef SIXTY_FOUR_BIT_LONG +#undef SIXTY_FOUR_BIT +#define THIRTY_TWO_BIT +#endif + +#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H) +#define CONFIG_HEADER_RC4_LOCL_H +/* if this is defined data[i] is used instead of *data, this is a %20 + * speedup on x86 */ +#undef RC4_INDEX +#endif + +#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) +#define CONFIG_HEADER_BF_LOCL_H +#undef BF_PTR +#endif /* HEADER_BF_LOCL_H */ + +#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) +#define CONFIG_HEADER_DES_LOCL_H +#ifndef DES_DEFAULT_OPTIONS +/* the following is tweaked from a config script, that is why it is a + * protected undef/define */ +#ifndef DES_PTR +#undef DES_PTR +#endif + +/* This helps C compiler generate the correct code for multiple functional + * units. It reduces register dependancies at the expense of 2 more + * registers */ +#ifndef DES_RISC1 +#undef DES_RISC1 +#endif + +#ifndef DES_RISC2 +#undef DES_RISC2 +#endif + +#if defined(DES_RISC1) && defined(DES_RISC2) +#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! +#endif + +/* Unroll the inner loop, this sometimes helps, sometimes hinders. + * Very mucy CPU dependant */ +#ifndef DES_UNROLL +#undef DES_UNROLL +#endif + +/* These default values were supplied by + * Peter Gutman + * They are only used if nothing else has been defined */ +#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) +/* Special defines which change the way the code is built depending on the + CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find + even newer MIPS CPU's, but at the moment one size fits all for + optimization options. Older Sparc's work better with only UNROLL, but + there's no way to tell at compile time what it is you're running on */ + +#if defined( sun ) /* Newer Sparc's */ +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL +#elif defined( __ultrix ) /* Older MIPS */ +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL +#elif defined( __osf1__ ) /* Alpha */ +# define DES_PTR +# define DES_RISC2 +#elif defined ( _AIX ) /* RS6000 */ + /* Unknown */ +#elif defined( __hpux ) /* HP-PA */ + /* Unknown */ +#elif defined( __aux ) /* 68K */ + /* Unknown */ +#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ +# define DES_UNROLL +#elif defined( __sgi ) /* Newer MIPS */ +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL +#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL +#endif /* Systems-specific speed defines */ +#endif + +#endif /* DES_DEFAULT_OPTIONS */ +#endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/deps/openssl/openssl/crypto/opensslconf.h.in b/deps/openssl/openssl/crypto/opensslconf.h.in index 97e37455634d..814309becb6c 100644 --- a/deps/openssl/openssl/crypto/opensslconf.h.in +++ b/deps/openssl/openssl/crypto/opensslconf.h.in @@ -101,7 +101,7 @@ #endif #if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! +#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. diff --git a/deps/openssl/openssl/crypto/opensslv.h b/deps/openssl/openssl/crypto/opensslv.h index 84d0bf9d1f43..bd66999c1c6b 100644 --- a/deps/openssl/openssl/crypto/opensslv.h +++ b/deps/openssl/openssl/crypto/opensslv.h @@ -30,11 +30,11 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x100010ffL +# define OPENSSL_VERSION_NUMBER 0x1000110fL # ifdef OPENSSL_FIPS -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1o-fips 12 Jun 2015" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1p-fips 9 Jul 2015" # else -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1o 12 Jun 2015" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1p 9 Jul 2015" # endif # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/deps/openssl/openssl/crypto/perlasm/x86masm.pl b/deps/openssl/openssl/crypto/perlasm/x86masm.pl index 6b33b146f0f8..f937d07c87df 100644 --- a/deps/openssl/openssl/crypto/perlasm/x86masm.pl +++ b/deps/openssl/openssl/crypto/perlasm/x86masm.pl @@ -80,7 +80,7 @@ sub ::file IF \@Version LT 800 ECHO MASM version 8.00 or later is strongly recommended. ENDIF -.686 +.486 .MODEL FLAT OPTION DOTNAME IF \@Version LT 800 diff --git a/deps/openssl/openssl/crypto/pkcs12/p12_kiss.c b/deps/openssl/openssl/crypto/pkcs12/p12_kiss.c index ee476c38f4a7..9aa3c90c4e57 100644 --- a/deps/openssl/openssl/crypto/pkcs12/p12_kiss.c +++ b/deps/openssl/openssl/crypto/pkcs12/p12_kiss.c @@ -135,10 +135,12 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, while ((x = sk_X509_pop(ocerts))) { if (pkey && *pkey && cert && !*cert) { + ERR_set_mark(); if (X509_check_private_key(x, *pkey)) { *cert = x; x = NULL; } + ERR_pop_to_mark(); } if (ca && x) { diff --git a/deps/openssl/openssl/crypto/sha/asm/sha256-x86_64.pl b/deps/openssl/openssl/crypto/sha/asm/sha256-x86_64.pl deleted file mode 100755 index 205a8e6f9a04..000000000000 --- a/deps/openssl/openssl/crypto/sha/asm/sha256-x86_64.pl +++ /dev/null @@ -1,438 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. -# ==================================================================== -# -# sha256/512_block procedure for x86_64. -# -# 40% improvement over compiler-generated code on Opteron. On EM64T -# sha256 was observed to run >80% faster and sha512 - >40%. No magical -# tricks, just straight implementation... I really wonder why gcc -# [being armed with inline assembler] fails to generate as fast code. -# The only thing which is cool about this module is that it's very -# same instruction sequence used for both SHA-256 and SHA-512. In -# former case the instructions operate on 32-bit operands, while in -# latter - on 64-bit ones. All I had to do is to get one flavor right, -# the other one passed the test right away:-) -# -# sha256_block runs in ~1005 cycles on Opteron, which gives you -# asymptotic performance of 64*1000/1005=63.7MBps times CPU clock -# frequency in GHz. sha512_block runs in ~1275 cycles, which results -# in 128*1000/1275=100MBps per GHz. Is there room for improvement? -# Well, if you compare it to IA-64 implementation, which maintains -# X[16] in register bank[!], tends to 4 instructions per CPU clock -# cycle and runs in 1003 cycles, 1275 is very good result for 3-way -# issue Opteron pipeline and X[16] maintained in memory. So that *if* -# there is a way to improve it, *then* the only way would be to try to -# offload X[16] updates to SSE unit, but that would require "deeper" -# loop unroll, which in turn would naturally cause size blow-up, not -# to mention increased complexity! And once again, only *if* it's -# actually possible to noticeably improve overall ILP, instruction -# level parallelism, on a given CPU implementation in this case. -# -# Special note on Intel EM64T. While Opteron CPU exhibits perfect -# perfromance ratio of 1.5 between 64- and 32-bit flavors [see above], -# [currently available] EM64T CPUs apparently are far from it. On the -# contrary, 64-bit version, sha512_block, is ~30% *slower* than 32-bit -# sha256_block:-( This is presumably because 64-bit shifts/rotates -# apparently are not atomic instructions, but implemented in microcode. - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -$func="sha256_block_data_order"; -$TABLE="K256"; -$SZ=4; -@ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%eax","%ebx","%ecx","%edx", - "%r8d","%r9d","%r10d","%r11d"); -($T1,$a0,$a1,$a2)=("%r12d","%r13d","%r14d","%r15d"); -@Sigma0=( 2,13,22); -@Sigma1=( 6,11,25); -@sigma0=( 7,18, 3); -@sigma1=(17,19,10); -$rounds=64; - - -$ctx="%rdi"; # 1st arg -$round="%rdi"; # zaps $ctx -$inp="%rsi"; # 2nd arg -$Tbl="%rbp"; - -$_ctx="16*$SZ+0*8(%rsp)"; -$_inp="16*$SZ+1*8(%rsp)"; -$_end="16*$SZ+2*8(%rsp)"; -$_rsp="16*$SZ+3*8(%rsp)"; -$framesz="16*$SZ+4*8"; - - -sub ROUND_00_15() -{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_; - -$code.=<<___; - ror \$`$Sigma1[2]-$Sigma1[1]`,$a0 - mov $f,$a2 - mov $T1,`$SZ*($i&0xf)`(%rsp) - - ror \$`$Sigma0[2]-$Sigma0[1]`,$a1 - xor $e,$a0 - xor $g,$a2 # f^g - - ror \$`$Sigma1[1]-$Sigma1[0]`,$a0 - add $h,$T1 # T1+=h - xor $a,$a1 - - add ($Tbl,$round,$SZ),$T1 # T1+=K[round] - and $e,$a2 # (f^g)&e - mov $b,$h - - ror \$`$Sigma0[1]-$Sigma0[0]`,$a1 - xor $e,$a0 - xor $g,$a2 # Ch(e,f,g)=((f^g)&e)^g - - xor $c,$h # b^c - xor $a,$a1 - add $a2,$T1 # T1+=Ch(e,f,g) - mov $b,$a2 - - ror \$$Sigma1[0],$a0 # Sigma1(e) - and $a,$h # h=(b^c)&a - and $c,$a2 # b&c - - ror \$$Sigma0[0],$a1 # Sigma0(a) - add $a0,$T1 # T1+=Sigma1(e) - add $a2,$h # h+=b&c (completes +=Maj(a,b,c) - - add $T1,$d # d+=T1 - add $T1,$h # h+=T1 - lea 1($round),$round # round++ - add $a1,$h # h+=Sigma0(a) - -___ -} - -sub ROUND_16_XX() -{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_; - -$code.=<<___; - mov `$SZ*(($i+1)&0xf)`(%rsp),$a0 - mov `$SZ*(($i+14)&0xf)`(%rsp),$a1 - mov $a0,$T1 - mov $a1,$a2 - - ror \$`$sigma0[1]-$sigma0[0]`,$T1 - xor $a0,$T1 - shr \$$sigma0[2],$a0 - - ror \$$sigma0[0],$T1 - xor $T1,$a0 # sigma0(X[(i+1)&0xf]) - mov `$SZ*(($i+9)&0xf)`(%rsp),$T1 - - ror \$`$sigma1[1]-$sigma1[0]`,$a2 - xor $a1,$a2 - shr \$$sigma1[2],$a1 - - ror \$$sigma1[0],$a2 - add $a0,$T1 - xor $a2,$a1 # sigma1(X[(i+14)&0xf]) - - add `$SZ*($i&0xf)`(%rsp),$T1 - mov $e,$a0 - add $a1,$T1 - mov $a,$a1 -___ - &ROUND_00_15(@_); -} - -$code=<<___; -.text - -.globl $func -.type $func,\@function,4 -.align 16 -$func: - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - mov %rsp,%r11 # copy %rsp - shl \$4,%rdx # num*16 - sub \$$framesz,%rsp - lea ($inp,%rdx,$SZ),%rdx # inp+num*16*$SZ - and \$-64,%rsp # align stack frame - mov $ctx,$_ctx # save ctx, 1st arg - mov $inp,$_inp # save inp, 2nd arh - mov %rdx,$_end # save end pointer, "3rd" arg - mov %r11,$_rsp # save copy of %rsp -.Lprologue: - - lea $TABLE(%rip),$Tbl - - mov $SZ*0($ctx),$A - mov $SZ*1($ctx),$B - mov $SZ*2($ctx),$C - mov $SZ*3($ctx),$D - mov $SZ*4($ctx),$E - mov $SZ*5($ctx),$F - mov $SZ*6($ctx),$G - mov $SZ*7($ctx),$H - jmp .Lloop - -.align 16 -.Lloop: - xor $round,$round -___ - for($i=0;$i<16;$i++) { - $code.=" mov $SZ*$i($inp),$T1\n"; - $code.=" mov @ROT[4],$a0\n"; - $code.=" mov @ROT[0],$a1\n"; - $code.=" bswap $T1\n"; - &ROUND_00_15($i,@ROT); - unshift(@ROT,pop(@ROT)); - } -$code.=<<___; - jmp .Lrounds_16_xx -.align 16 -.Lrounds_16_xx: -___ - for(;$i<32;$i++) { - &ROUND_16_XX($i,@ROT); - unshift(@ROT,pop(@ROT)); - } - -$code.=<<___; - cmp \$$rounds,$round - jb .Lrounds_16_xx - - mov $_ctx,$ctx - lea 16*$SZ($inp),$inp - - add $SZ*0($ctx),$A - add $SZ*1($ctx),$B - add $SZ*2($ctx),$C - add $SZ*3($ctx),$D - add $SZ*4($ctx),$E - add $SZ*5($ctx),$F - add $SZ*6($ctx),$G - add $SZ*7($ctx),$H - - cmp $_end,$inp - - mov $A,$SZ*0($ctx) - mov $B,$SZ*1($ctx) - mov $C,$SZ*2($ctx) - mov $D,$SZ*3($ctx) - mov $E,$SZ*4($ctx) - mov $F,$SZ*5($ctx) - mov $G,$SZ*6($ctx) - mov $H,$SZ*7($ctx) - jb .Lloop - - mov $_rsp,%rsi - mov (%rsi),%r15 - mov 8(%rsi),%r14 - mov 16(%rsi),%r13 - mov 24(%rsi),%r12 - mov 32(%rsi),%rbp - mov 40(%rsi),%rbx - lea 48(%rsi),%rsp -.Lepilogue: - ret -.size $func,.-$func -___ - -if ($SZ==4) { -$code.=<<___; -.align 64 -.type $TABLE,\@object -$TABLE: - .long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 - .long 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5 - .long 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3 - .long 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174 - .long 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc - .long 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da - .long 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7 - .long 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967 - .long 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13 - .long 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85 - .long 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3 - .long 0xd192e819,0xd6990624,0xf40e3585,0x106aa070 - .long 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5 - .long 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3 - .long 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208 - .long 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2 -___ -} else { -$code.=<<___; -.align 64 -.type $TABLE,\@object -$TABLE: - .quad 0x428a2f98d728ae22,0x7137449123ef65cd - .quad 0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc - .quad 0x3956c25bf348b538,0x59f111f1b605d019 - .quad 0x923f82a4af194f9b,0xab1c5ed5da6d8118 - .quad 0xd807aa98a3030242,0x12835b0145706fbe - .quad 0x243185be4ee4b28c,0x550c7dc3d5ffb4e2 - .quad 0x72be5d74f27b896f,0x80deb1fe3b1696b1 - .quad 0x9bdc06a725c71235,0xc19bf174cf692694 - .quad 0xe49b69c19ef14ad2,0xefbe4786384f25e3 - .quad 0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65 - .quad 0x2de92c6f592b0275,0x4a7484aa6ea6e483 - .quad 0x5cb0a9dcbd41fbd4,0x76f988da831153b5 - .quad 0x983e5152ee66dfab,0xa831c66d2db43210 - .quad 0xb00327c898fb213f,0xbf597fc7beef0ee4 - .quad 0xc6e00bf33da88fc2,0xd5a79147930aa725 - .quad 0x06ca6351e003826f,0x142929670a0e6e70 - .quad 0x27b70a8546d22ffc,0x2e1b21385c26c926 - .quad 0x4d2c6dfc5ac42aed,0x53380d139d95b3df - .quad 0x650a73548baf63de,0x766a0abb3c77b2a8 - .quad 0x81c2c92e47edaee6,0x92722c851482353b - .quad 0xa2bfe8a14cf10364,0xa81a664bbc423001 - .quad 0xc24b8b70d0f89791,0xc76c51a30654be30 - .quad 0xd192e819d6ef5218,0xd69906245565a910 - .quad 0xf40e35855771202a,0x106aa07032bbd1b8 - .quad 0x19a4c116b8d2d0c8,0x1e376c085141ab53 - .quad 0x2748774cdf8eeb99,0x34b0bcb5e19b48a8 - .quad 0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb - .quad 0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3 - .quad 0x748f82ee5defb2fc,0x78a5636f43172f60 - .quad 0x84c87814a1f0ab72,0x8cc702081a6439ec - .quad 0x90befffa23631e28,0xa4506cebde82bde9 - .quad 0xbef9a3f7b2c67915,0xc67178f2e372532b - .quad 0xca273eceea26619c,0xd186b8c721c0c207 - .quad 0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178 - .quad 0x06f067aa72176fba,0x0a637dc5a2c898a6 - .quad 0x113f9804bef90dae,0x1b710b35131c471b - .quad 0x28db77f523047d84,0x32caab7b40c72493 - .quad 0x3c9ebe0a15c9bebc,0x431d67c49c100d4c - .quad 0x4cc5d4becb3e42b6,0x597f299cfc657e2a - .quad 0x5fcb6fab3ad6faec,0x6c44198c4a475817 -___ -} - -# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, -# CONTEXT *context,DISPATCHER_CONTEXT *disp) -if ($win64) { -$rec="%rcx"; -$frame="%rdx"; -$context="%r8"; -$disp="%r9"; - -$code.=<<___; -.extern __imp_RtlVirtualUnwind -.type se_handler,\@abi-omnipotent -.align 16 -se_handler: - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - lea .Lprologue(%rip),%r10 - cmp %r10,%rbx # context->Rip<.Lprologue - jb .Lin_prologue - - mov 152($context),%rax # pull context->Rsp - - lea .Lepilogue(%rip),%r10 - cmp %r10,%rbx # context->Rip>=.Lepilogue - jae .Lin_prologue - - mov 16*$SZ+3*8(%rax),%rax # pull $_rsp - lea 48(%rax),%rax - - mov -8(%rax),%rbx - mov -16(%rax),%rbp - mov -24(%rax),%r12 - mov -32(%rax),%r13 - mov -40(%rax),%r14 - mov -48(%rax),%r15 - mov %rbx,144($context) # restore context->Rbx - mov %rbp,160($context) # restore context->Rbp - mov %r12,216($context) # restore context->R12 - mov %r13,224($context) # restore context->R13 - mov %r14,232($context) # restore context->R14 - mov %r15,240($context) # restore context->R15 - -.Lin_prologue: - mov 8(%rax),%rdi - mov 16(%rax),%rsi - mov %rax,152($context) # restore context->Rsp - mov %rsi,168($context) # restore context->Rsi - mov %rdi,176($context) # restore context->Rdi - - mov 40($disp),%rdi # disp->ContextRecord - mov $context,%rsi # context - mov \$154,%ecx # sizeof(CONTEXT) - .long 0xa548f3fc # cld; rep movsq - - mov $disp,%rsi - xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER - mov 8(%rsi),%rdx # arg2, disp->ImageBase - mov 0(%rsi),%r8 # arg3, disp->ControlPc - mov 16(%rsi),%r9 # arg4, disp->FunctionEntry - mov 40(%rsi),%r10 # disp->ContextRecord - lea 56(%rsi),%r11 # &disp->HandlerData - lea 24(%rsi),%r12 # &disp->EstablisherFrame - mov %r10,32(%rsp) # arg5 - mov %r11,40(%rsp) # arg6 - mov %r12,48(%rsp) # arg7 - mov %rcx,56(%rsp) # arg8, (NULL) - call *__imp_RtlVirtualUnwind(%rip) - - mov \$1,%eax # ExceptionContinueSearch - add \$64,%rsp - popfq - pop %r15 - pop %r14 - pop %r13 - pop %r12 - pop %rbp - pop %rbx - pop %rdi - pop %rsi - ret -.size se_handler,.-se_handler - -.section .pdata -.align 4 - .rva .LSEH_begin_$func - .rva .LSEH_end_$func - .rva .LSEH_info_$func - -.section .xdata -.align 8 -.LSEH_info_$func: - .byte 9,0,0,0 - .rva se_handler -___ -} - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -print $code; -close STDOUT; diff --git a/deps/openssl/openssl/crypto/sha/asm/sha512-x86_64.pl b/deps/openssl/openssl/crypto/sha/asm/sha512-x86_64.pl index 86c593a2c83e..8d5167855781 100755 --- a/deps/openssl/openssl/crypto/sha/asm/sha512-x86_64.pl +++ b/deps/openssl/openssl/crypto/sha/asm/sha512-x86_64.pl @@ -54,17 +54,31 @@ open OUT,"| \"$^X\" $xlate $flavour $output"; *STDOUT=*OUT; -$func="sha512_block_data_order"; -$TABLE="K512"; -$SZ=8; -@ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%rax","%rbx","%rcx","%rdx", - "%r8", "%r9", "%r10","%r11"); -($T1,$a0,$a1,$a2)=("%r12","%r13","%r14","%r15"); -@Sigma0=(28,34,39); -@Sigma1=(14,18,41); -@sigma0=(1, 8, 7); -@sigma1=(19,61, 6); -$rounds=80; +if ($output =~ /512/) { + $func="sha512_block_data_order"; + $TABLE="K512"; + $SZ=8; + @ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%rax","%rbx","%rcx","%rdx", + "%r8", "%r9", "%r10","%r11"); + ($T1,$a0,$a1,$a2)=("%r12","%r13","%r14","%r15"); + @Sigma0=(28,34,39); + @Sigma1=(14,18,41); + @sigma0=(1, 8, 7); + @sigma1=(19,61, 6); + $rounds=80; +} else { + $func="sha256_block_data_order"; + $TABLE="K256"; + $SZ=4; + @ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%eax","%ebx","%ecx","%edx", + "%r8d","%r9d","%r10d","%r11d"); + ($T1,$a0,$a1,$a2)=("%r12d","%r13d","%r14d","%r15d"); + @Sigma0=( 2,13,22); + @Sigma1=( 6,11,25); + @sigma0=( 7,18, 3); + @sigma1=(17,19,10); + $rounds=64; +} $ctx="%rdi"; # 1st arg $round="%rdi"; # zaps $ctx diff --git a/deps/openssl/openssl/crypto/threads/mttest.c b/deps/openssl/openssl/crypto/threads/mttest.c index 8f67db6ee3c9..dbff4a69f3a4 100644 --- a/deps/openssl/openssl/crypto/threads/mttest.c +++ b/deps/openssl/openssl/crypto/threads/mttest.c @@ -56,7 +56,6 @@ * [including the GNU Public Licence.] */ -#include #include #include #include @@ -86,17 +85,11 @@ #include #include #include -#include "../../e_os.h" #include #include #include #include -#ifdef OPENSSL_NO_FP_API -# define APPS_WIN16 -# include "../buffer/bss_file.c" -#endif - #ifdef OPENSSL_SYS_NETWARE # define TEST_SERVER_CERT "/openssl/apps/server.pem" # define TEST_CLIENT_CERT "/openssl/apps/client.pem" @@ -107,23 +100,23 @@ #define MAX_THREAD_NUMBER 100 -int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *xs); +int verify_callback(int ok, X509_STORE_CTX *xs); void thread_setup(void); void thread_cleanup(void); void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx); -void irix_locking_callback(int mode, int type, char *file, int line); -void solaris_locking_callback(int mode, int type, char *file, int line); -void win32_locking_callback(int mode, int type, char *file, int line); -void pthreads_locking_callback(int mode, int type, char *file, int line); -void netware_locking_callback(int mode, int type, char *file, int line); +void irix_locking_callback(int mode, int type, const char *file, int line); +void solaris_locking_callback(int mode, int type, const char *file, int line); +void win32_locking_callback(int mode, int type, const char *file, int line); +void pthreads_locking_callback(int mode, int type, const char *file, int line); +void netware_locking_callback(int mode, int type, const char *file, int line); void beos_locking_callback(int mode, int type, const char *file, int line); -unsigned long irix_thread_id(void); -unsigned long solaris_thread_id(void); -unsigned long pthreads_thread_id(void); -unsigned long netware_thread_id(void); -unsigned long beos_thread_id(void); +void irix_thread_id(CRYPTO_THREADID *tid); +void solaris_thread_id(CRYPTO_THREADID *tid); +void pthreads_thread_id(CRYPTO_THREADID *tid); +void netware_thread_id(CRYPTO_THREADID *tid); +void beos_thread_id(CRYPTO_THREADID *tid); #if defined(OPENSSL_SYS_NETWARE) static MPKMutex *lock_cs; @@ -149,39 +142,39 @@ static const char rnd_seed[] = "string to make the random number generator think it has entropy"; int doit(char *ctx[4]); -static void print_stats(FILE *fp, SSL_CTX *ctx) +static void print_stats(BIO *bio, SSL_CTX *ctx) { - fprintf(fp, "%4ld items in the session cache\n", - SSL_CTX_sess_number(ctx)); - fprintf(fp, "%4d client connects (SSL_connect())\n", - SSL_CTX_sess_connect(ctx)); - fprintf(fp, "%4d client connects that finished\n", - SSL_CTX_sess_connect_good(ctx)); - fprintf(fp, "%4d server connects (SSL_accept())\n", - SSL_CTX_sess_accept(ctx)); - fprintf(fp, "%4d server connects that finished\n", - SSL_CTX_sess_accept_good(ctx)); - fprintf(fp, "%4d session cache hits\n", SSL_CTX_sess_hits(ctx)); - fprintf(fp, "%4d session cache misses\n", SSL_CTX_sess_misses(ctx)); - fprintf(fp, "%4d session cache timeouts\n", SSL_CTX_sess_timeouts(ctx)); + BIO_printf(bio, "%4ld items in the session cache\n", + SSL_CTX_sess_number(ctx)); + BIO_printf(bio, "%4d client connects (SSL_connect())\n", + SSL_CTX_sess_connect(ctx)); + BIO_printf(bio, "%4d client connects that finished\n", + SSL_CTX_sess_connect_good(ctx)); + BIO_printf(bio, "%4d server connects (SSL_accept())\n", + SSL_CTX_sess_accept(ctx)); + BIO_printf(bio, "%4d server connects that finished\n", + SSL_CTX_sess_accept_good(ctx)); + BIO_printf(bio, "%4d session cache hits\n", SSL_CTX_sess_hits(ctx)); + BIO_printf(bio, "%4d session cache misses\n", SSL_CTX_sess_misses(ctx)); + BIO_printf(bio, "%4d session cache timeouts\n", SSL_CTX_sess_timeouts(ctx)); } static void sv_usage(void) { - fprintf(stderr, "usage: ssltest [args ...]\n"); - fprintf(stderr, "\n"); - fprintf(stderr, " -server_auth - check server certificate\n"); - fprintf(stderr, " -client_auth - do client authentication\n"); - fprintf(stderr, " -v - more output\n"); - fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); - fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); - fprintf(stderr, " -threads arg - number of threads\n"); - fprintf(stderr, " -loops arg - number of 'connections', per thread\n"); - fprintf(stderr, " -reconnect - reuse session-id's\n"); - fprintf(stderr, " -stats - server session-id cache stats\n"); - fprintf(stderr, " -cert arg - server certificate/key\n"); - fprintf(stderr, " -ccert arg - client certificate/key\n"); - fprintf(stderr, " -ssl3 - just SSLv3n\n"); + BIO_printf(bio_err, "usage: ssltest [args ...]\n"); + BIO_printf(bio_err, "\n"); + BIO_printf(bio_err, " -server_auth - check server certificate\n"); + BIO_printf(bio_err, " -client_auth - do client authentication\n"); + BIO_printf(bio_err, " -v - more output\n"); + BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n"); + BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n"); + BIO_printf(bio_err, " -threads arg - number of threads\n"); + BIO_printf(bio_err, " -loops arg - number of 'connections', per thread\n"); + BIO_printf(bio_err, " -reconnect - reuse session-id's\n"); + BIO_printf(bio_err, " -stats - server session-id cache stats\n"); + BIO_printf(bio_err, " -cert arg - server certificate/key\n"); + BIO_printf(bio_err, " -ccert arg - client certificate/key\n"); + BIO_printf(bio_err, " -ssl3 - just SSLv3n\n"); } int main(int argc, char *argv[]) @@ -195,14 +188,14 @@ int main(int argc, char *argv[]) SSL_CTX *c_ctx = NULL; char *scert = TEST_SERVER_CERT; char *ccert = TEST_CLIENT_CERT; - SSL_METHOD *ssl_method = SSLv23_method(); + const SSL_METHOD *ssl_method = SSLv23_method(); RAND_seed(rnd_seed, sizeof rnd_seed); if (bio_err == NULL) - bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); + bio_err = BIO_new_fd(2, BIO_NOCLOSE); if (bio_stdout == NULL) - bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE); + bio_stdout = BIO_new_fd(1, BIO_NOCLOSE); argc--; argv++; @@ -250,7 +243,7 @@ int main(int argc, char *argv[]) if (number_of_loops == 0) number_of_loops = 1; } else { - fprintf(stderr, "unknown option %s\n", *argv); + BIO_printf(bio_err, "unknown option %s\n", *argv); badop = 1; break; } @@ -284,9 +277,12 @@ int main(int argc, char *argv[]) SSL_SESS_CACHE_SERVER); if (!SSL_CTX_use_certificate_file(s_ctx, scert, SSL_FILETYPE_PEM)) { + BIO_printf(bio_err, "SSL_CTX_use_certificate_file (%s)\n", scert); ERR_print_errors(bio_err); + goto end; } else if (!SSL_CTX_use_RSAPrivateKey_file(s_ctx, scert, SSL_FILETYPE_PEM)) { + BIO_printf(bio_err, "SSL_CTX_use_RSAPrivateKey_file (%s)\n", scert); ERR_print_errors(bio_err); goto end; } @@ -300,19 +296,19 @@ int main(int argc, char *argv[]) (!SSL_CTX_set_default_verify_paths(s_ctx)) || (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || (!SSL_CTX_set_default_verify_paths(c_ctx))) { - fprintf(stderr, "SSL_load_verify_locations\n"); + BIO_printf(bio_err, "SSL_load_verify_locations\n"); ERR_print_errors(bio_err); goto end; } if (client_auth) { - fprintf(stderr, "client authentication\n"); + BIO_printf(bio_err, "client authentication\n"); SSL_CTX_set_verify(s_ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, verify_callback); } if (server_auth) { - fprintf(stderr, "server authentication\n"); + BIO_printf(bio_err, "server authentication\n"); SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback); } @@ -322,24 +318,24 @@ int main(int argc, char *argv[]) end: if (c_ctx != NULL) { - fprintf(stderr, "Client SSL_CTX stats then free it\n"); - print_stats(stderr, c_ctx); + BIO_printf(bio_err, "Client SSL_CTX stats then free it\n"); + print_stats(bio_err, c_ctx); SSL_CTX_free(c_ctx); } if (s_ctx != NULL) { - fprintf(stderr, "Server SSL_CTX stats then free it\n"); - print_stats(stderr, s_ctx); + BIO_printf(bio_err, "Server SSL_CTX stats then free it\n"); + print_stats(bio_err, s_ctx); if (cache_stats) { - fprintf(stderr, "-----\n"); - lh_stats(SSL_CTX_sessions(s_ctx), stderr); - fprintf(stderr, "-----\n"); - /*- lh_node_stats(SSL_CTX_sessions(s_ctx),stderr); - fprintf(stderr,"-----\n"); */ - lh_node_usage_stats(SSL_CTX_sessions(s_ctx), stderr); - fprintf(stderr, "-----\n"); + BIO_printf(bio_err, "-----\n"); + lh_SSL_SESSION_stats_bio(SSL_CTX_sessions(s_ctx), bio_err); + BIO_printf(bio_err, "-----\n"); + /*- lh_SSL_SESSION_node_stats_bio(SSL_CTX_sessions(s_ctx),bio_err); + BIO_printf(bio_err,"-----\n"); */ + lh_SSL_SESSION_node_usage_stats_bio(SSL_CTX_sessions(s_ctx), bio_err); + BIO_printf(bio_err, "-----\n"); } SSL_CTX_free(s_ctx); - fprintf(stderr, "done free\n"); + BIO_printf(bio_err, "done free\n"); } exit(ret); return (0); @@ -355,6 +351,7 @@ int ndoit(SSL_CTX *ssl_ctx[2]) int i; int ret; char *ctx[4]; + CRYPTO_THREADID thread_id; ctx[0] = (char *)ssl_ctx[0]; ctx[1] = (char *)ssl_ctx[1]; @@ -367,22 +364,24 @@ int ndoit(SSL_CTX *ssl_ctx[2]) ctx[3] = NULL; } - fprintf(stdout, "started thread %lu\n", CRYPTO_thread_id()); + CRYPTO_THREADID_current(&thread_id); + BIO_printf(bio_stdout, "started thread %lu\n", + CRYPTO_THREADID_hash(&thread_id)); for (i = 0; i < number_of_loops; i++) { -/*- fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n", - CRYPTO_thread_id(),i, - ssl_ctx[0]->references, - ssl_ctx[1]->references); */ +/*- BIO_printf(bio_err,"%4d %2d ctx->ref (%3d,%3d)\n", + CRYPTO_THREADID_hash(&thread_id),i, + ssl_ctx[0]->references, + ssl_ctx[1]->references); */ /* pthread_delay_np(&tm); */ ret = doit(ctx); if (ret != 0) { - fprintf(stdout, "error[%d] %lu - %d\n", - i, CRYPTO_thread_id(), ret); + BIO_printf(bio_stdout, "error[%d] %lu - %d\n", + i, CRYPTO_THREADID_hash(&thread_id), ret); return (ret); } } - fprintf(stdout, "DONE %lu\n", CRYPTO_thread_id()); + BIO_printf(bio_stdout, "DONE %lu\n", CRYPTO_THREADID_hash(&thread_id)); if (reconnect) { SSL_free((SSL *)ctx[2]); SSL_free((SSL *)ctx[3]); @@ -467,26 +466,26 @@ int doit(char *ctx[4]) if (do_server && verbose) { if (SSL_in_init(s_ssl)) - printf("server waiting in SSL_accept - %s\n", - SSL_state_string_long(s_ssl)); + BIO_printf(bio_stdout, "server waiting in SSL_accept - %s\n", + SSL_state_string_long(s_ssl)); else if (s_write) - printf("server:SSL_write()\n"); + BIO_printf(bio_stdout, "server:SSL_write()\n"); else - printf("server:SSL_read()\n"); + BIO_printf(bio_stdout, "server:SSL_read()\n"); } if (do_client && verbose) { if (SSL_in_init(c_ssl)) - printf("client waiting in SSL_connect - %s\n", - SSL_state_string_long(c_ssl)); + BIO_printf(bio_stdout, "client waiting in SSL_connect - %s\n", + SSL_state_string_long(c_ssl)); else if (c_write) - printf("client:SSL_write()\n"); + BIO_printf(bio_stdout, "client:SSL_write()\n"); else - printf("client:SSL_read()\n"); + BIO_printf(bio_stdout, "client:SSL_read()\n"); } if (!do_client && !do_server) { - fprintf(stdout, "ERROR IN STARTUP\n"); + BIO_printf(bio_stdout, "ERROR IN STARTUP\n"); break; } if (do_client && !(done & C_DONE)) { @@ -501,12 +500,12 @@ int doit(char *ctx[4]) if (BIO_should_write(c_bio)) c_w = 1; } else { - fprintf(stderr, "ERROR in CLIENT\n"); + BIO_printf(bio_err, "ERROR in CLIENT\n"); ERR_print_errors_fp(stderr); return (1); } } else if (i == 0) { - fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); + BIO_printf(bio_err, "SSL CLIENT STARTUP FAILED\n"); return (1); } else { /* ok */ @@ -523,19 +522,19 @@ int doit(char *ctx[4]) if (BIO_should_write(c_bio)) c_w = 1; } else { - fprintf(stderr, "ERROR in CLIENT\n"); + BIO_printf(bio_err, "ERROR in CLIENT\n"); ERR_print_errors_fp(stderr); return (1); } } else if (i == 0) { - fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); + BIO_printf(bio_err, "SSL CLIENT STARTUP FAILED\n"); return (1); } else { done |= C_DONE; #ifdef undef - fprintf(stdout, "CLIENT:from server:"); - fwrite(cbuf, 1, i, stdout); - fflush(stdout); + BIO_printf(bio_stdout, "CLIENT:from server:"); + BIO_write(bio_stdout, cbuf, i); + BIO_flush(bio_stdout); #endif } } @@ -553,20 +552,20 @@ int doit(char *ctx[4]) if (BIO_should_write(s_bio)) s_w = 1; } else { - fprintf(stderr, "ERROR in SERVER\n"); + BIO_printf(bio_err, "ERROR in SERVER\n"); ERR_print_errors_fp(stderr); return (1); } } else if (i == 0) { - fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); + BIO_printf(bio_err, "SSL SERVER STARTUP FAILED\n"); return (1); } else { s_write = 1; s_w = 1; #ifdef undef - fprintf(stdout, "SERVER:from client:"); - fwrite(sbuf, 1, i, stdout); - fflush(stdout); + BIO_printf(bio_stdout, "SERVER:from client:"); + BIO_write(bio_stdout, sbuf, i); + BIO_flush(bio_stdout); #endif } } else { @@ -580,12 +579,12 @@ int doit(char *ctx[4]) if (BIO_should_write(s_bio)) s_w = 1; } else { - fprintf(stderr, "ERROR in SERVER\n"); + BIO_printf(bio_err, "ERROR in SERVER\n"); ERR_print_errors_fp(stderr); return (1); } } else if (i == 0) { - fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); + BIO_printf(bio_err, "SSL SERVER STARTUP FAILED\n"); return (1); } else { s_write = 0; @@ -606,7 +605,7 @@ int doit(char *ctx[4]) SSL_set_shutdown(s_ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); #ifdef undef - fprintf(stdout, "DONE\n"); + BIO_printf(bio_stdout, "DONE\n"); #endif err: /* @@ -640,7 +639,7 @@ int doit(char *ctx[4]) return (0); } -int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) +int verify_callback(int ok, X509_STORE_CTX *ctx) { char *s, buf[256]; @@ -649,9 +648,9 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) buf, 256); if (s != NULL) { if (ok) - fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf); + BIO_printf(bio_err, "depth=%d %s\n", ctx->error_depth, buf); else - fprintf(stderr, "depth=%d error=%d %s\n", + BIO_printf(bio_err, "depth=%d error=%d %s\n", ctx->error_depth, ctx->error, buf); } } @@ -688,7 +687,7 @@ void thread_cleanup(void) OPENSSL_free(lock_cs); } -void win32_locking_callback(int mode, int type, char *file, int line) +void win32_locking_callback(int mode, int type, const char *file, int line) { if (mode & CRYPTO_LOCK) { WaitForSingleObject(lock_cs[type], INFINITE); @@ -717,7 +716,7 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx) (void *)ssl_ctx, 0L, &(thread_id[i])); } - printf("reaping\n"); + BIO_printf(bio_stdout, "reaping\n"); for (i = 0; i < thread_number; i += 50) { int j; @@ -727,7 +726,7 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx) (CONST HANDLE *) & (thread_handle[i]), TRUE, INFINITE) == WAIT_FAILED) { - fprintf(stderr, "WaitForMultipleObjects failed:%d\n", + BIO_printf(bio_err, "WaitForMultipleObjects failed:%d\n", GetLastError()); exit(1); } @@ -743,7 +742,7 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx) ret = (ret + end.wSecond - start.wSecond); ret += (end.wMilliseconds - start.wMilliseconds) / 1000.0; - printf("win32 threads done - %.3f seconds\n", ret); + BIO_printf(bio_stdout, "win32 threads done - %.3f seconds\n", ret); } #endif /* OPENSSL_SYS_WIN32 */ @@ -768,8 +767,8 @@ void thread_setup(void) mutex_init(&(lock_cs[i]), USYNC_THREAD, NULL); } - CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id); - CRYPTO_set_locking_callback((void (*)())solaris_locking_callback); + CRYPTO_set_id_callback(solaris_thread_id); + CRYPTO_set_locking_callback(solaris_locking_callback); } void thread_cleanup(void) @@ -778,34 +777,34 @@ void thread_cleanup(void) CRYPTO_set_locking_callback(NULL); - fprintf(stderr, "cleanup\n"); + BIO_printf(bio_err, "cleanup\n"); for (i = 0; i < CRYPTO_num_locks(); i++) { /* rwlock_destroy(&(lock_cs[i])); */ mutex_destroy(&(lock_cs[i])); - fprintf(stderr, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i)); + BIO_printf(bio_err, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i)); } OPENSSL_free(lock_cs); OPENSSL_free(lock_count); - fprintf(stderr, "done cleanup\n"); + BIO_printf(bio_err, "done cleanup\n"); } -void solaris_locking_callback(int mode, int type, char *file, int line) +void solaris_locking_callback(int mode, int type, const char *file, int line) { # ifdef undef - fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n", - CRYPTO_thread_id(), - (mode & CRYPTO_LOCK) ? "l" : "u", - (type & CRYPTO_READ) ? "r" : "w", file, line); + BIO_printf(bio_err, "thread=%4d mode=%s lock=%s %s:%d\n", + CRYPTO_thread_id(), + (mode & CRYPTO_LOCK) ? "l" : "u", + (type & CRYPTO_READ) ? "r" : "w", file, line); # endif /*- if (CRYPTO_LOCK_SSL_CERT == type) - fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n", - CRYPTO_thread_id(), - mode,file,line); + BIO_printf(bio_err,"(t,m,f,l) %ld %d %s %d\n", + CRYPTO_thread_id(), + mode,file,line); */ if (mode & CRYPTO_LOCK) { /*- @@ -837,21 +836,22 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx) (void *(*)())ndoit, (void *)ssl_ctx, 0L, &(thread_ctx[i])); } - printf("reaping\n"); + BIO_printf(bio_stdout, "reaping\n"); for (i = 0; i < thread_number; i++) { thr_join(thread_ctx[i], NULL, NULL); } - printf("solaris threads done (%d,%d)\n", - s_ctx->references, c_ctx->references); +#if 0 /* We can't currently find out the reference amount */ + BIO_printf(bio_stdout, "solaris threads done (%d,%d)\n", + s_ctx->references, c_ctx->references); +#else + BIO_printf(bio_stdout, "solaris threads done\n"); +#endif } -unsigned long solaris_thread_id(void) +void solaris_thread_id(CRYPTO_THREADID *tid) { - unsigned long ret; - - ret = (unsigned long)thr_self(); - return (ret); + CRYPTO_THREADID_set_numeric((unsigned long)thr_self()); } #endif /* SOLARIS */ @@ -880,8 +880,8 @@ void thread_setup(void) lock_cs[i] = usnewsema(arena, 1); } - CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id); - CRYPTO_set_locking_callback((void (*)())irix_locking_callback); + CRYPTO_set_id_callback(irix_thread_id); + CRYPTO_set_locking_callback(irix_locking_callback); } void thread_cleanup(void) @@ -899,13 +899,13 @@ void thread_cleanup(void) OPENSSL_free(lock_cs); } -void irix_locking_callback(int mode, int type, char *file, int line) +void irix_locking_callback(int mode, int type, const char *file, int line) { if (mode & CRYPTO_LOCK) { - printf("lock %d\n", type); + BIO_printf(bio_stdout, "lock %d\n", type); uspsema(lock_cs[type]); } else { - printf("unlock %d\n", type); + BIO_printf(bio_stdout, "unlock %d\n", type); usvsema(lock_cs[type]); } } @@ -924,21 +924,22 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx) PR_SADDR | PR_SFDS, (void *)ssl_ctx); } - printf("reaping\n"); + BIO_printf(bio_stdout, "reaping\n"); for (i = 0; i < thread_number; i++) { wait(NULL); } - printf("irix threads done (%d,%d)\n", - s_ctx->references, c_ctx->references); +#if 0 /* We can't currently find out the reference amount */ + BIO_printf(bio_stdout, "irix threads done (%d,%d)\n", + s_ctx->references, c_ctx->references); +#else + BIO_printf(bio_stdout, "irix threads done\n"); +#endif } unsigned long irix_thread_id(void) { - unsigned long ret; - - ret = (unsigned long)getpid(); - return (ret); + CRYPTO_THREADID_set_numeric((unsigned long)getpid()); } #endif /* IRIX */ @@ -958,8 +959,8 @@ void thread_setup(void) pthread_mutex_init(&(lock_cs[i]), NULL); } - CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id); - CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback); + CRYPTO_THREADID_set_callback(pthreads_thread_id); + CRYPTO_set_locking_callback(pthreads_locking_callback); } void thread_cleanup(void) @@ -967,30 +968,30 @@ void thread_cleanup(void) int i; CRYPTO_set_locking_callback(NULL); - fprintf(stderr, "cleanup\n"); + BIO_printf(bio_err, "cleanup\n"); for (i = 0; i < CRYPTO_num_locks(); i++) { pthread_mutex_destroy(&(lock_cs[i])); - fprintf(stderr, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i)); + BIO_printf(bio_err, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i)); } OPENSSL_free(lock_cs); OPENSSL_free(lock_count); - fprintf(stderr, "done cleanup\n"); + BIO_printf(bio_err, "done cleanup\n"); } -void pthreads_locking_callback(int mode, int type, char *file, int line) +void pthreads_locking_callback(int mode, int type, const char *file, int line) { # ifdef undef - fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n", - CRYPTO_thread_id(), - (mode & CRYPTO_LOCK) ? "l" : "u", - (type & CRYPTO_READ) ? "r" : "w", file, line); + BIO_printf(bio_err, "thread=%4d mode=%s lock=%s %s:%d\n", + CRYPTO_thread_id(), + (mode & CRYPTO_LOCK) ? "l" : "u", + (type & CRYPTO_READ) ? "r" : "w", file, line); # endif /*- if (CRYPTO_LOCK_SSL_CERT == type) - fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n", - CRYPTO_thread_id(), - mode,file,line); + BIO_printf(bio_err,"(t,m,f,l) %ld %d %s %d\n", + CRYPTO_thread_id(), + mode,file,line); */ if (mode & CRYPTO_LOCK) { pthread_mutex_lock(&(lock_cs[type])); @@ -1017,21 +1018,22 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx) (void *(*)())ndoit, (void *)ssl_ctx); } - printf("reaping\n"); + BIO_printf(bio_stdout, "reaping\n"); for (i = 0; i < thread_number; i++) { pthread_join(thread_ctx[i], NULL); } - printf("pthreads threads done (%d,%d)\n", - s_ctx->references, c_ctx->references); +#if 0 /* We can't currently find out the reference amount */ + BIO_printf(bio_stdout, "pthreads threads done (%d,%d)\n", + s_ctx->references, c_ctx->references); +#else + BIO_printf(bio_stdout, "pthreads threads done\n"); +#endif } -unsigned long pthreads_thread_id(void) +void pthreads_thread_id(CRYPTO_THREADID *tid) { - unsigned long ret; - - ret = (unsigned long)pthread_self(); - return (ret); + CRYPTO_THREADID_set_numeric(tid, (unsigned long)pthread_self()); } #endif /* PTHREADS */ @@ -1051,8 +1053,8 @@ void thread_setup(void) ThreadSem = MPKSemaphoreAlloc("OpenSSL mttest semaphore", 0); - CRYPTO_set_id_callback((unsigned long (*)())netware_thread_id); - CRYPTO_set_locking_callback((void (*)())netware_locking_callback); + CRYPTO_set_id_callback(netware_thread_id); + CRYPTO_set_locking_callback(netware_locking_callback); } void thread_cleanup(void) @@ -1061,21 +1063,21 @@ void thread_cleanup(void) CRYPTO_set_locking_callback(NULL); - fprintf(stdout, "thread_cleanup\n"); + BIO_printf(bio_stdout, "thread_cleanup\n"); for (i = 0; i < CRYPTO_num_locks(); i++) { MPKMutexFree(lock_cs[i]); - fprintf(stdout, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i)); + BIO_printf(bio_stdout, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i)); } OPENSSL_free(lock_cs); OPENSSL_free(lock_count); MPKSemaphoreFree(ThreadSem); - fprintf(stdout, "done cleanup\n"); + BIO_printf(bio_stdout, "done cleanup\n"); } -void netware_locking_callback(int mode, int type, char *file, int line) +void netware_locking_callback(int mode, int type, const char *file, int line) { if (mode & CRYPTO_LOCK) { MPKMutexLock(lock_cs[type]); @@ -1097,22 +1099,23 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx) ThreadSwitchWithDelay(); } - printf("reaping\n"); + BIO_printf(bio_stdout, "reaping\n"); /* loop until all threads have signaled the semaphore */ for (i = 0; i < thread_number; i++) { MPKSemaphoreWait(ThreadSem); } - printf("netware threads done (%d,%d)\n", - s_ctx->references, c_ctx->references); +#if 0 /* We can't currently find out the reference amount */ + BIO_printf(bio_stdout, "netware threads done (%d,%d)\n", + s_ctx->references, c_ctx->references); +#else + BIO_printf(bio_stdout, "netware threads done\n"); +#endif } unsigned long netware_thread_id(void) { - unsigned long ret; - - ret = (unsigned long)GetThreadID(); - return (ret); + CRYPTO_THREADID_set_numeric((unsigned long)GetThreadID()); } #endif /* NETWARE */ @@ -1144,24 +1147,24 @@ void thread_cleanup(void) int i; CRYPTO_set_locking_callback(NULL); - fprintf(stderr, "cleanup\n"); + BIO_printf(bio_err, "cleanup\n"); for (i = 0; i < CRYPTO_num_locks(); i++) { delete lock_cs[i]; - fprintf(stderr, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i)); + BIO_printf(bio_err, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i)); } OPENSSL_free(lock_cs); OPENSSL_free(lock_count); - fprintf(stderr, "done cleanup\n"); + BIO_printf(bio_err, "done cleanup\n"); } void beos_locking_callback(int mode, int type, const char *file, int line) { # if 0 - fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n", - CRYPTO_thread_id(), - (mode & CRYPTO_LOCK) ? "l" : "u", - (type & CRYPTO_READ) ? "r" : "w", file, line); + BIO_printf(bio_err, "thread=%4d mode=%s lock=%s %s:%d\n", + CRYPTO_thread_id(), + (mode & CRYPTO_LOCK) ? "l" : "u", + (type & CRYPTO_READ) ? "r" : "w", file, line); # endif if (mode & CRYPTO_LOCK) { lock_cs[type]->Lock(); @@ -1187,14 +1190,14 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx) resume_thread(thread_ctx[i]); } - printf("waiting...\n"); + BIO_printf(bio_stdout, "waiting...\n"); for (i = 0; i < thread_number; i++) { status_t result; wait_for_thread(thread_ctx[i], &result); } - printf("beos threads done (%d,%d)\n", - s_ctx->references, c_ctx->references); + BIO_printf(bio_stdout, "beos threads done (%d,%d)\n", + s_ctx->references, c_ctx->references); } unsigned long beos_thread_id(void) diff --git a/deps/openssl/openssl/crypto/threads/pthread2.sh b/deps/openssl/openssl/crypto/threads/pthread2.sh index 41264c6a5046..ec945c451b96 100755 --- a/deps/openssl/openssl/crypto/threads/pthread2.sh +++ b/deps/openssl/openssl/crypto/threads/pthread2.sh @@ -3,5 +3,4 @@ # build using pthreads where it's already built into the system # /bin/rm -f mttest -gcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto -lpthread - +gcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto -lpthread -ldl diff --git a/deps/openssl/openssl/crypto/x509/Makefile b/deps/openssl/openssl/crypto/x509/Makefile index af3c25514049..aac3ece18cb2 100644 --- a/deps/openssl/openssl/crypto/x509/Makefile +++ b/deps/openssl/openssl/crypto/x509/Makefile @@ -13,7 +13,7 @@ AR= ar r CFLAGS= $(INCLUDES) $(CFLAG) GENERAL=Makefile README -TEST= +TEST=verify_extra_test.c APPS= LIB=$(TOP)/libcrypto.a diff --git a/deps/openssl/openssl/crypto/x509/verify_extra_test.c b/deps/openssl/openssl/crypto/x509/verify_extra_test.c new file mode 100644 index 000000000000..a1e41f2822bd --- /dev/null +++ b/deps/openssl/openssl/crypto/x509/verify_extra_test.c @@ -0,0 +1,209 @@ +/* + * Written by Matt Caswell for the OpenSSL project. + */ +/* ==================================================================== + * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include +#include +#include +#include +#include +#include + +static STACK_OF(X509) *load_certs_from_file(const char *filename) +{ + STACK_OF(X509) *certs; + BIO *bio; + X509 *x; + + bio = BIO_new_file(filename, "r"); + + if (bio == NULL) { + return NULL; + } + + certs = sk_X509_new_null(); + if (certs == NULL) { + BIO_free(bio); + return NULL; + } + + ERR_set_mark(); + do { + x = PEM_read_bio_X509(bio, NULL, 0, NULL); + if (x != NULL && !sk_X509_push(certs, x)) { + sk_X509_pop_free(certs, X509_free); + BIO_free(bio); + return NULL; + } else if (x == NULL) { + /* + * We probably just ran out of certs, so ignore any errors + * generated + */ + ERR_pop_to_mark(); + } + } while (x != NULL); + + BIO_free(bio); + + return certs; +} + +/* + * Test for CVE-2015-1793 (Alternate Chains Certificate Forgery) + * + * Chain is as follows: + * + * rootCA (self-signed) + * | + * interCA + * | + * subinterCA subinterCA (self-signed) + * | | + * leaf ------------------ + * | + * bad + * + * rootCA, interCA, subinterCA, subinterCA (ss) all have CA=TRUE + * leaf and bad have CA=FALSE + * + * subinterCA and subinterCA (ss) have the same subject name and keys + * + * interCA (but not rootCA) and subinterCA (ss) are in the trusted store + * (roots.pem) + * leaf and subinterCA are in the untrusted list (untrusted.pem) + * bad is the certificate being verified (bad.pem) + * + * Versions vulnerable to CVE-2015-1793 will fail to detect that leaf has + * CA=FALSE, and will therefore incorrectly verify bad + * + */ +static int test_alt_chains_cert_forgery(void) +{ + int ret = 0; + int i; + X509 *x = NULL; + STACK_OF(X509) *untrusted = NULL; + BIO *bio = NULL; + X509_STORE_CTX *sctx = NULL; + X509_STORE *store = NULL; + X509_LOOKUP *lookup = NULL; + + store = X509_STORE_new(); + if (store == NULL) + goto err; + + lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); + if (lookup == NULL) + goto err; + if(!X509_LOOKUP_load_file(lookup, "certs/roots.pem", X509_FILETYPE_PEM)) + goto err; + + untrusted = load_certs_from_file("certs/untrusted.pem"); + + if ((bio = BIO_new_file("certs/bad.pem", "r")) == NULL) + goto err; + + if((x = PEM_read_bio_X509(bio, NULL, 0, NULL)) == NULL) + goto err; + + sctx = X509_STORE_CTX_new(); + if (sctx == NULL) + goto err; + + if (!X509_STORE_CTX_init(sctx, store, x, untrusted)) + goto err; + + i = X509_verify_cert(sctx); + + if(i == 0 && X509_STORE_CTX_get_error(sctx) + == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT) { + /* This is the result we were expecting: Test passed */ + ret = 1; + } + err: + X509_STORE_CTX_free(sctx); + X509_free(x); + BIO_free(bio); + sk_X509_pop_free(untrusted, X509_free); + X509_STORE_free(store); + if (ret != 1) + ERR_print_errors_fp(stderr); + return ret; +} + +int main(void) +{ + CRYPTO_malloc_debug_init(); + CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + + ERR_load_crypto_strings(); + OpenSSL_add_all_digests(); + + if (!test_alt_chains_cert_forgery()) { + fprintf(stderr, "Test alt chains cert forgery failed\n"); + return 1; + } + + EVP_cleanup(); + CRYPTO_cleanup_all_ex_data(); + ERR_remove_thread_state(NULL); + ERR_free_strings(); + CRYPTO_mem_leaks_fp(stderr); + + printf("PASS\n"); + return 0; +} diff --git a/deps/openssl/openssl/crypto/x509/x509_vfy.c b/deps/openssl/openssl/crypto/x509/x509_vfy.c index 16db4c025a14..7009ae63076e 100644 --- a/deps/openssl/openssl/crypto/x509/x509_vfy.c +++ b/deps/openssl/openssl/crypto/x509/x509_vfy.c @@ -162,6 +162,14 @@ int X509_verify_cert(X509_STORE_CTX *ctx) X509err(X509_F_X509_VERIFY_CERT, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); return -1; } + if (ctx->chain != NULL) { + /* + * This X509_STORE_CTX has already been used to verify a cert. We + * cannot do another one. + */ + X509err(X509_F_X509_VERIFY_CERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return -1; + } cb = ctx->verify_cb; @@ -169,15 +177,13 @@ int X509_verify_cert(X509_STORE_CTX *ctx) * first we make sure the chain we are going to build is present and that * the first entry is in place */ - if (ctx->chain == NULL) { - if (((ctx->chain = sk_X509_new_null()) == NULL) || - (!sk_X509_push(ctx->chain, ctx->cert))) { - X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE); - goto end; - } - CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509); - ctx->last_untrusted = 1; + if (((ctx->chain = sk_X509_new_null()) == NULL) || + (!sk_X509_push(ctx->chain, ctx->cert))) { + X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE); + goto end; } + CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509); + ctx->last_untrusted = 1; /* We use a temporary STACK so we can chop and hack at it */ if (ctx->untrusted != NULL @@ -306,7 +312,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) * if the user hasn't switched off alternate chain checking */ retry = 0; - if (j == ctx->last_untrusted && + if (num == ctx->last_untrusted && !(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) { while (j-- > 1) { xtmp2 = sk_X509_value(ctx->chain, j - 1); @@ -328,8 +334,8 @@ int X509_verify_cert(X509_STORE_CTX *ctx) xtmp = sk_X509_pop(ctx->chain); X509_free(xtmp); num--; - ctx->last_untrusted--; } + ctx->last_untrusted = sk_X509_num(ctx->chain); retry = 1; break; } diff --git a/deps/openssl/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod b/deps/openssl/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod index c8a812879561..109f56132498 100644 --- a/deps/openssl/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod +++ b/deps/openssl/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod @@ -29,6 +29,7 @@ and issuer names. X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() retrieve the next index matching B or B after B. B should initially be set to -1. If there are no more entries -1 is returned. +If B is invalid (doesn't correspond to a valid OID) then -2 is returned. X509_NAME_entry_count() returns the total number of entries in B. @@ -63,6 +64,10 @@ The list of all relevant B and B can be found in the source code header files Eopenssl/obj_mac.hE and/or Eopenssl/objects.hE. +Applications which could pass invalid NIDs to X509_NAME_get_index_by_NID() +should check for the return value of -2. Alternatively the NID validity +can be determined first by checking OBJ_nid2obj(nid) is not NULL. + =head1 EXAMPLES Process all entries: @@ -95,6 +100,8 @@ Process all commonName entries: X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() return the index of the next matching entry or -1 if not found. +X509_NAME_get_index_by_NID() can also return -2 if the supplied +NID is invalid. X509_NAME_entry_count() returns the total number of entries. diff --git a/deps/openssl/openssl/doc/crypto/X509_STORE_CTX_new.pod b/deps/openssl/openssl/doc/crypto/X509_STORE_CTX_new.pod index b17888f149e9..eb38b0a10905 100644 --- a/deps/openssl/openssl/doc/crypto/X509_STORE_CTX_new.pod +++ b/deps/openssl/openssl/doc/crypto/X509_STORE_CTX_new.pod @@ -39,10 +39,15 @@ X509_STORE_CTX_free() completely frees up B. After this call B is no longer valid. X509_STORE_CTX_init() sets up B for a subsequent verification operation. -The trusted certificate store is set to B, the end entity certificate -to be verified is set to B and a set of additional certificates (which -will be untrusted but may be used to build the chain) in B. Any or -all of the B, B and B parameters can be B. +It must be called before each call to X509_verify_cert(), i.e. a B is only +good for one call to X509_verify_cert(); if you want to verify a second +certificate with the same B then you must call X509_XTORE_CTX_cleanup() +and then X509_STORE_CTX_init() again before the second call to +X509_verify_cert(). The trusted certificate store is set to B, the end +entity certificate to be verified is set to B and a set of additional +certificates (which will be untrusted but may be used to build the chain) in +B. Any or all of the B, B and B parameters can be +B. X509_STORE_CTX_trusted_stack() sets the set of trusted certificates of B to B. This is an alternative way of specifying trusted certificates diff --git a/deps/openssl/openssl/doc/crypto/X509_verify_cert.pod b/deps/openssl/openssl/doc/crypto/X509_verify_cert.pod index 5253bdcd7072..a22e44118cfc 100644 --- a/deps/openssl/openssl/doc/crypto/X509_verify_cert.pod +++ b/deps/openssl/openssl/doc/crypto/X509_verify_cert.pod @@ -32,7 +32,8 @@ OpenSSL internally for certificate validation, in both the S/MIME and SSL/TLS code. The negative return value from X509_verify_cert() can only occur if no -certificate is set in B (due to a programming error) or if a retry +certificate is set in B (due to a programming error); if X509_verify_cert() +twice without reinitialising B in between; or if a retry operation is requested during internal lookups (which never happens with standard lookup methods). It is however recommended that application check for <= 0 return value on error. diff --git a/deps/openssl/openssl/include/openssl/aes.h b/deps/openssl/openssl/include/openssl/aes.h deleted file mode 100644 index f646d41f0604..000000000000 --- a/deps/openssl/openssl/include/openssl/aes.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/aes/aes.h" diff --git a/deps/openssl/openssl/include/openssl/aes.h b/deps/openssl/openssl/include/openssl/aes.h new file mode 120000 index 000000000000..f555c13ed7b4 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/aes.h @@ -0,0 +1 @@ +../../crypto/aes/aes.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/asn1.h b/deps/openssl/openssl/include/openssl/asn1.h deleted file mode 100644 index 5432ed8dc837..000000000000 --- a/deps/openssl/openssl/include/openssl/asn1.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/asn1/asn1.h" diff --git a/deps/openssl/openssl/include/openssl/asn1.h b/deps/openssl/openssl/include/openssl/asn1.h new file mode 120000 index 000000000000..dd514954a115 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/asn1.h @@ -0,0 +1 @@ +../../crypto/asn1/asn1.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/asn1_mac.h b/deps/openssl/openssl/include/openssl/asn1_mac.h deleted file mode 100644 index 214787c47746..000000000000 --- a/deps/openssl/openssl/include/openssl/asn1_mac.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/asn1/asn1_mac.h" diff --git a/deps/openssl/openssl/include/openssl/asn1_mac.h b/deps/openssl/openssl/include/openssl/asn1_mac.h new file mode 120000 index 000000000000..97781d99331b --- /dev/null +++ b/deps/openssl/openssl/include/openssl/asn1_mac.h @@ -0,0 +1 @@ +../../crypto/asn1/asn1_mac.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/asn1t.h b/deps/openssl/openssl/include/openssl/asn1t.h deleted file mode 100644 index 4de87a9c610d..000000000000 --- a/deps/openssl/openssl/include/openssl/asn1t.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/asn1/asn1t.h" diff --git a/deps/openssl/openssl/include/openssl/asn1t.h b/deps/openssl/openssl/include/openssl/asn1t.h new file mode 120000 index 000000000000..31c87c38853d --- /dev/null +++ b/deps/openssl/openssl/include/openssl/asn1t.h @@ -0,0 +1 @@ +../../crypto/asn1/asn1t.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/bio.h b/deps/openssl/openssl/include/openssl/bio.h deleted file mode 100644 index 34f8a2df07ee..000000000000 --- a/deps/openssl/openssl/include/openssl/bio.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/bio/bio.h" diff --git a/deps/openssl/openssl/include/openssl/bio.h b/deps/openssl/openssl/include/openssl/bio.h new file mode 120000 index 000000000000..c598b6f73a74 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/bio.h @@ -0,0 +1 @@ +../../crypto/bio/bio.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/blowfish.h b/deps/openssl/openssl/include/openssl/blowfish.h deleted file mode 100644 index 8d515feb0588..000000000000 --- a/deps/openssl/openssl/include/openssl/blowfish.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/bf/blowfish.h" diff --git a/deps/openssl/openssl/include/openssl/blowfish.h b/deps/openssl/openssl/include/openssl/blowfish.h new file mode 120000 index 000000000000..88bf92234233 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/blowfish.h @@ -0,0 +1 @@ +../../crypto/bf/blowfish.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/bn.h b/deps/openssl/openssl/include/openssl/bn.h deleted file mode 100644 index f47d65a93f49..000000000000 --- a/deps/openssl/openssl/include/openssl/bn.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/bn/bn.h" diff --git a/deps/openssl/openssl/include/openssl/bn.h b/deps/openssl/openssl/include/openssl/bn.h new file mode 120000 index 000000000000..5c251c135af4 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/bn.h @@ -0,0 +1 @@ +../../crypto/bn/bn.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/buffer.h b/deps/openssl/openssl/include/openssl/buffer.h deleted file mode 100644 index 1d2c2a2ec1b2..000000000000 --- a/deps/openssl/openssl/include/openssl/buffer.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/buffer/buffer.h" diff --git a/deps/openssl/openssl/include/openssl/buffer.h b/deps/openssl/openssl/include/openssl/buffer.h new file mode 120000 index 000000000000..76ea7114a2b4 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/buffer.h @@ -0,0 +1 @@ +../../crypto/buffer/buffer.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/camellia.h b/deps/openssl/openssl/include/openssl/camellia.h deleted file mode 100644 index 5a0a141eed57..000000000000 --- a/deps/openssl/openssl/include/openssl/camellia.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/camellia/camellia.h" diff --git a/deps/openssl/openssl/include/openssl/camellia.h b/deps/openssl/openssl/include/openssl/camellia.h new file mode 120000 index 000000000000..ad10f9792b6b --- /dev/null +++ b/deps/openssl/openssl/include/openssl/camellia.h @@ -0,0 +1 @@ +../../crypto/camellia/camellia.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/cast.h b/deps/openssl/openssl/include/openssl/cast.h deleted file mode 100644 index 12cf92c4a9b6..000000000000 --- a/deps/openssl/openssl/include/openssl/cast.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/cast/cast.h" diff --git a/deps/openssl/openssl/include/openssl/cast.h b/deps/openssl/openssl/include/openssl/cast.h new file mode 120000 index 000000000000..b775ab04b814 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/cast.h @@ -0,0 +1 @@ +../../crypto/cast/cast.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/cmac.h b/deps/openssl/openssl/include/openssl/cmac.h deleted file mode 100644 index a7579aeabdd0..000000000000 --- a/deps/openssl/openssl/include/openssl/cmac.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/cmac/cmac.h" diff --git a/deps/openssl/openssl/include/openssl/cmac.h b/deps/openssl/openssl/include/openssl/cmac.h new file mode 120000 index 000000000000..bfb70c468304 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/cmac.h @@ -0,0 +1 @@ +../../crypto/cmac/cmac.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/cms.h b/deps/openssl/openssl/include/openssl/cms.h deleted file mode 100644 index 8687c7fe467f..000000000000 --- a/deps/openssl/openssl/include/openssl/cms.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/cms/cms.h" diff --git a/deps/openssl/openssl/include/openssl/cms.h b/deps/openssl/openssl/include/openssl/cms.h new file mode 120000 index 000000000000..0f651adde2c0 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/cms.h @@ -0,0 +1 @@ +../../crypto/cms/cms.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/comp.h b/deps/openssl/openssl/include/openssl/comp.h deleted file mode 100644 index d14e36cc36b8..000000000000 --- a/deps/openssl/openssl/include/openssl/comp.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/comp/comp.h" diff --git a/deps/openssl/openssl/include/openssl/comp.h b/deps/openssl/openssl/include/openssl/comp.h new file mode 120000 index 000000000000..712c9d4ae58c --- /dev/null +++ b/deps/openssl/openssl/include/openssl/comp.h @@ -0,0 +1 @@ +../../crypto/comp/comp.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/conf.h b/deps/openssl/openssl/include/openssl/conf.h deleted file mode 100644 index 3882c82f8d06..000000000000 --- a/deps/openssl/openssl/include/openssl/conf.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/conf/conf.h" diff --git a/deps/openssl/openssl/include/openssl/conf.h b/deps/openssl/openssl/include/openssl/conf.h new file mode 120000 index 000000000000..44156b189b09 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/conf.h @@ -0,0 +1 @@ +../../crypto/conf/conf.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/conf_api.h b/deps/openssl/openssl/include/openssl/conf_api.h deleted file mode 100644 index 03933578574d..000000000000 --- a/deps/openssl/openssl/include/openssl/conf_api.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/conf/conf_api.h" diff --git a/deps/openssl/openssl/include/openssl/conf_api.h b/deps/openssl/openssl/include/openssl/conf_api.h new file mode 120000 index 000000000000..26b42198a86a --- /dev/null +++ b/deps/openssl/openssl/include/openssl/conf_api.h @@ -0,0 +1 @@ +../../crypto/conf/conf_api.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/crypto.h b/deps/openssl/openssl/include/openssl/crypto.h deleted file mode 100644 index 7e3d91e42f06..000000000000 --- a/deps/openssl/openssl/include/openssl/crypto.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/crypto.h" diff --git a/deps/openssl/openssl/include/openssl/crypto.h b/deps/openssl/openssl/include/openssl/crypto.h new file mode 120000 index 000000000000..2f3f63cb016c --- /dev/null +++ b/deps/openssl/openssl/include/openssl/crypto.h @@ -0,0 +1 @@ +../../crypto/crypto.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/des.h b/deps/openssl/openssl/include/openssl/des.h deleted file mode 100644 index 1d6631e9b6a2..000000000000 --- a/deps/openssl/openssl/include/openssl/des.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/des/des.h" diff --git a/deps/openssl/openssl/include/openssl/des.h b/deps/openssl/openssl/include/openssl/des.h new file mode 120000 index 000000000000..5eb7c88b38a1 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/des.h @@ -0,0 +1 @@ +../../crypto/des/des.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/des_old.h b/deps/openssl/openssl/include/openssl/des_old.h deleted file mode 100644 index e5828733cca6..000000000000 --- a/deps/openssl/openssl/include/openssl/des_old.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/des/des_old.h" diff --git a/deps/openssl/openssl/include/openssl/des_old.h b/deps/openssl/openssl/include/openssl/des_old.h new file mode 120000 index 000000000000..970989880523 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/des_old.h @@ -0,0 +1 @@ +../../crypto/des/des_old.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/dh.h b/deps/openssl/openssl/include/openssl/dh.h deleted file mode 100644 index f70a767ac90d..000000000000 --- a/deps/openssl/openssl/include/openssl/dh.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/dh/dh.h" diff --git a/deps/openssl/openssl/include/openssl/dh.h b/deps/openssl/openssl/include/openssl/dh.h new file mode 120000 index 000000000000..c0eacb5eb352 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/dh.h @@ -0,0 +1 @@ +../../crypto/dh/dh.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/dsa.h b/deps/openssl/openssl/include/openssl/dsa.h deleted file mode 100644 index 0365acfe665b..000000000000 --- a/deps/openssl/openssl/include/openssl/dsa.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/dsa/dsa.h" diff --git a/deps/openssl/openssl/include/openssl/dsa.h b/deps/openssl/openssl/include/openssl/dsa.h new file mode 120000 index 000000000000..ad4695f9b6ae --- /dev/null +++ b/deps/openssl/openssl/include/openssl/dsa.h @@ -0,0 +1 @@ +../../crypto/dsa/dsa.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/dso.h b/deps/openssl/openssl/include/openssl/dso.h deleted file mode 100644 index f3c8de230659..000000000000 --- a/deps/openssl/openssl/include/openssl/dso.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/dso/dso.h" diff --git a/deps/openssl/openssl/include/openssl/dso.h b/deps/openssl/openssl/include/openssl/dso.h new file mode 120000 index 000000000000..b1f215dafc89 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/dso.h @@ -0,0 +1 @@ +../../crypto/dso/dso.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/dtls1.h b/deps/openssl/openssl/include/openssl/dtls1.h deleted file mode 100644 index ac8ab57453cb..000000000000 --- a/deps/openssl/openssl/include/openssl/dtls1.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../ssl/dtls1.h" diff --git a/deps/openssl/openssl/include/openssl/dtls1.h b/deps/openssl/openssl/include/openssl/dtls1.h new file mode 120000 index 000000000000..95aef9913ab0 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/dtls1.h @@ -0,0 +1 @@ +../../ssl/dtls1.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/e_os2.h b/deps/openssl/openssl/include/openssl/e_os2.h deleted file mode 100644 index ab3f1ee44f4e..000000000000 --- a/deps/openssl/openssl/include/openssl/e_os2.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../e_os2.h" diff --git a/deps/openssl/openssl/include/openssl/e_os2.h b/deps/openssl/openssl/include/openssl/e_os2.h new file mode 120000 index 000000000000..0e8c03992489 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/e_os2.h @@ -0,0 +1 @@ +../../e_os2.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ebcdic.h b/deps/openssl/openssl/include/openssl/ebcdic.h deleted file mode 100644 index 6dedc7051d22..000000000000 --- a/deps/openssl/openssl/include/openssl/ebcdic.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/ebcdic.h" diff --git a/deps/openssl/openssl/include/openssl/ebcdic.h b/deps/openssl/openssl/include/openssl/ebcdic.h new file mode 120000 index 000000000000..a7ee60e0aeef --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ebcdic.h @@ -0,0 +1 @@ +../../crypto/ebcdic.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ec.h b/deps/openssl/openssl/include/openssl/ec.h deleted file mode 100644 index 7d2061452608..000000000000 --- a/deps/openssl/openssl/include/openssl/ec.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/ec/ec.h" diff --git a/deps/openssl/openssl/include/openssl/ec.h b/deps/openssl/openssl/include/openssl/ec.h new file mode 120000 index 000000000000..245497eda7c0 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ec.h @@ -0,0 +1 @@ +../../crypto/ec/ec.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ecdh.h b/deps/openssl/openssl/include/openssl/ecdh.h deleted file mode 100644 index ad6e3dc9c7e1..000000000000 --- a/deps/openssl/openssl/include/openssl/ecdh.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/ecdh/ecdh.h" diff --git a/deps/openssl/openssl/include/openssl/ecdh.h b/deps/openssl/openssl/include/openssl/ecdh.h new file mode 120000 index 000000000000..3fd1c3ba39fd --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ecdh.h @@ -0,0 +1 @@ +../../crypto/ecdh/ecdh.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ecdsa.h b/deps/openssl/openssl/include/openssl/ecdsa.h deleted file mode 100644 index da451230932b..000000000000 --- a/deps/openssl/openssl/include/openssl/ecdsa.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/ecdsa/ecdsa.h" diff --git a/deps/openssl/openssl/include/openssl/ecdsa.h b/deps/openssl/openssl/include/openssl/ecdsa.h new file mode 120000 index 000000000000..e48acc669ce0 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ecdsa.h @@ -0,0 +1 @@ +../../crypto/ecdsa/ecdsa.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/engine.h b/deps/openssl/openssl/include/openssl/engine.h deleted file mode 100644 index 2dceaac6c785..000000000000 --- a/deps/openssl/openssl/include/openssl/engine.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/engine/engine.h" diff --git a/deps/openssl/openssl/include/openssl/engine.h b/deps/openssl/openssl/include/openssl/engine.h new file mode 120000 index 000000000000..a02073e32aad --- /dev/null +++ b/deps/openssl/openssl/include/openssl/engine.h @@ -0,0 +1 @@ +../../crypto/engine/engine.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/err.h b/deps/openssl/openssl/include/openssl/err.h deleted file mode 100644 index caf89a936cd4..000000000000 --- a/deps/openssl/openssl/include/openssl/err.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/err/err.h" diff --git a/deps/openssl/openssl/include/openssl/err.h b/deps/openssl/openssl/include/openssl/err.h new file mode 120000 index 000000000000..20f65bd9c8c7 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/err.h @@ -0,0 +1 @@ +../../crypto/err/err.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/evp.h b/deps/openssl/openssl/include/openssl/evp.h deleted file mode 100644 index dd7bcda8f3c8..000000000000 --- a/deps/openssl/openssl/include/openssl/evp.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/evp/evp.h" diff --git a/deps/openssl/openssl/include/openssl/evp.h b/deps/openssl/openssl/include/openssl/evp.h new file mode 120000 index 000000000000..7e3a904ae95a --- /dev/null +++ b/deps/openssl/openssl/include/openssl/evp.h @@ -0,0 +1 @@ +../../crypto/evp/evp.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/hmac.h b/deps/openssl/openssl/include/openssl/hmac.h deleted file mode 100644 index 202128bf52ca..000000000000 --- a/deps/openssl/openssl/include/openssl/hmac.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/hmac/hmac.h" diff --git a/deps/openssl/openssl/include/openssl/hmac.h b/deps/openssl/openssl/include/openssl/hmac.h new file mode 120000 index 000000000000..de19ba7ede0c --- /dev/null +++ b/deps/openssl/openssl/include/openssl/hmac.h @@ -0,0 +1 @@ +../../crypto/hmac/hmac.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/idea.h b/deps/openssl/openssl/include/openssl/idea.h deleted file mode 100644 index bdf697d6805d..000000000000 --- a/deps/openssl/openssl/include/openssl/idea.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/idea/idea.h" diff --git a/deps/openssl/openssl/include/openssl/idea.h b/deps/openssl/openssl/include/openssl/idea.h new file mode 120000 index 000000000000..724fa3458113 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/idea.h @@ -0,0 +1 @@ +../../crypto/idea/idea.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/krb5_asn.h b/deps/openssl/openssl/include/openssl/krb5_asn.h deleted file mode 100644 index 0d3feea281f1..000000000000 --- a/deps/openssl/openssl/include/openssl/krb5_asn.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/krb5/krb5_asn.h" diff --git a/deps/openssl/openssl/include/openssl/krb5_asn.h b/deps/openssl/openssl/include/openssl/krb5_asn.h new file mode 120000 index 000000000000..1172e522e4fe --- /dev/null +++ b/deps/openssl/openssl/include/openssl/krb5_asn.h @@ -0,0 +1 @@ +../../crypto/krb5/krb5_asn.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/kssl.h b/deps/openssl/openssl/include/openssl/kssl.h deleted file mode 100644 index 719634aad90f..000000000000 --- a/deps/openssl/openssl/include/openssl/kssl.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../ssl/kssl.h" diff --git a/deps/openssl/openssl/include/openssl/kssl.h b/deps/openssl/openssl/include/openssl/kssl.h new file mode 120000 index 000000000000..2e5c2cd4dcbb --- /dev/null +++ b/deps/openssl/openssl/include/openssl/kssl.h @@ -0,0 +1 @@ +../../ssl/kssl.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/lhash.h b/deps/openssl/openssl/include/openssl/lhash.h deleted file mode 100644 index 2d3db87cd5de..000000000000 --- a/deps/openssl/openssl/include/openssl/lhash.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/lhash/lhash.h" diff --git a/deps/openssl/openssl/include/openssl/lhash.h b/deps/openssl/openssl/include/openssl/lhash.h new file mode 120000 index 000000000000..56eb09918c79 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/lhash.h @@ -0,0 +1 @@ +../../crypto/lhash/lhash.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/md4.h b/deps/openssl/openssl/include/openssl/md4.h deleted file mode 100644 index 611806e5eafb..000000000000 --- a/deps/openssl/openssl/include/openssl/md4.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/md4/md4.h" diff --git a/deps/openssl/openssl/include/openssl/md4.h b/deps/openssl/openssl/include/openssl/md4.h new file mode 120000 index 000000000000..4ff863e7fc92 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/md4.h @@ -0,0 +1 @@ +../../crypto/md4/md4.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/md5.h b/deps/openssl/openssl/include/openssl/md5.h deleted file mode 100644 index aa8cd0bf863b..000000000000 --- a/deps/openssl/openssl/include/openssl/md5.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/md5/md5.h" diff --git a/deps/openssl/openssl/include/openssl/md5.h b/deps/openssl/openssl/include/openssl/md5.h new file mode 120000 index 000000000000..26fa47eb5ce7 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/md5.h @@ -0,0 +1 @@ +../../crypto/md5/md5.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/mdc2.h b/deps/openssl/openssl/include/openssl/mdc2.h deleted file mode 100644 index ac284a179a04..000000000000 --- a/deps/openssl/openssl/include/openssl/mdc2.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/mdc2/mdc2.h" diff --git a/deps/openssl/openssl/include/openssl/mdc2.h b/deps/openssl/openssl/include/openssl/mdc2.h new file mode 120000 index 000000000000..0bc32f121cb3 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/mdc2.h @@ -0,0 +1 @@ +../../crypto/mdc2/mdc2.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/modes.h b/deps/openssl/openssl/include/openssl/modes.h deleted file mode 100644 index f57fcfea8001..000000000000 --- a/deps/openssl/openssl/include/openssl/modes.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/modes/modes.h" diff --git a/deps/openssl/openssl/include/openssl/modes.h b/deps/openssl/openssl/include/openssl/modes.h new file mode 120000 index 000000000000..ccc172827f11 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/modes.h @@ -0,0 +1 @@ +../../crypto/modes/modes.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/obj_mac.h b/deps/openssl/openssl/include/openssl/obj_mac.h deleted file mode 100644 index 3890fa9bc419..000000000000 --- a/deps/openssl/openssl/include/openssl/obj_mac.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/objects/obj_mac.h" diff --git a/deps/openssl/openssl/include/openssl/obj_mac.h b/deps/openssl/openssl/include/openssl/obj_mac.h new file mode 120000 index 000000000000..0f443c828bc5 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/obj_mac.h @@ -0,0 +1 @@ +../../crypto/objects/obj_mac.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/objects.h b/deps/openssl/openssl/include/openssl/objects.h deleted file mode 100644 index 5365a044bdc0..000000000000 --- a/deps/openssl/openssl/include/openssl/objects.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/objects/objects.h" diff --git a/deps/openssl/openssl/include/openssl/objects.h b/deps/openssl/openssl/include/openssl/objects.h new file mode 120000 index 000000000000..7bd145ca0864 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/objects.h @@ -0,0 +1 @@ +../../crypto/objects/objects.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ocsp.h b/deps/openssl/openssl/include/openssl/ocsp.h deleted file mode 100644 index 50e2885cedb5..000000000000 --- a/deps/openssl/openssl/include/openssl/ocsp.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/ocsp/ocsp.h" diff --git a/deps/openssl/openssl/include/openssl/ocsp.h b/deps/openssl/openssl/include/openssl/ocsp.h new file mode 120000 index 000000000000..08288c84a65a --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ocsp.h @@ -0,0 +1 @@ +../../crypto/ocsp/ocsp.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/opensslconf.h b/deps/openssl/openssl/include/openssl/opensslconf.h deleted file mode 100644 index 221be629b722..000000000000 --- a/deps/openssl/openssl/include/openssl/opensslconf.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/opensslconf.h" diff --git a/deps/openssl/openssl/include/openssl/opensslconf.h b/deps/openssl/openssl/include/openssl/opensslconf.h new file mode 120000 index 000000000000..25d2bea96c84 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/opensslconf.h @@ -0,0 +1 @@ +../../crypto/opensslconf.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/opensslv.h b/deps/openssl/openssl/include/openssl/opensslv.h deleted file mode 100644 index c39a0c3882d3..000000000000 --- a/deps/openssl/openssl/include/openssl/opensslv.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/opensslv.h" diff --git a/deps/openssl/openssl/include/openssl/opensslv.h b/deps/openssl/openssl/include/openssl/opensslv.h new file mode 120000 index 000000000000..f314f5fc717d --- /dev/null +++ b/deps/openssl/openssl/include/openssl/opensslv.h @@ -0,0 +1 @@ +../../crypto/opensslv.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ossl_typ.h b/deps/openssl/openssl/include/openssl/ossl_typ.h deleted file mode 100644 index ddd7e580dd6c..000000000000 --- a/deps/openssl/openssl/include/openssl/ossl_typ.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/ossl_typ.h" diff --git a/deps/openssl/openssl/include/openssl/ossl_typ.h b/deps/openssl/openssl/include/openssl/ossl_typ.h new file mode 120000 index 000000000000..e8f42456e143 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ossl_typ.h @@ -0,0 +1 @@ +../../crypto/ossl_typ.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/pem.h b/deps/openssl/openssl/include/openssl/pem.h deleted file mode 100644 index 5bcc5c59eed0..000000000000 --- a/deps/openssl/openssl/include/openssl/pem.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/pem/pem.h" diff --git a/deps/openssl/openssl/include/openssl/pem.h b/deps/openssl/openssl/include/openssl/pem.h new file mode 120000 index 000000000000..ca371423e7bd --- /dev/null +++ b/deps/openssl/openssl/include/openssl/pem.h @@ -0,0 +1 @@ +../../crypto/pem/pem.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/pem2.h b/deps/openssl/openssl/include/openssl/pem2.h deleted file mode 100644 index bcd3acf856be..000000000000 --- a/deps/openssl/openssl/include/openssl/pem2.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/pem/pem2.h" diff --git a/deps/openssl/openssl/include/openssl/pem2.h b/deps/openssl/openssl/include/openssl/pem2.h new file mode 120000 index 000000000000..c734dbdc3f3d --- /dev/null +++ b/deps/openssl/openssl/include/openssl/pem2.h @@ -0,0 +1 @@ +../../crypto/pem/pem2.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/pkcs12.h b/deps/openssl/openssl/include/openssl/pkcs12.h deleted file mode 100644 index 0b5fbbfe863d..000000000000 --- a/deps/openssl/openssl/include/openssl/pkcs12.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/pkcs12/pkcs12.h" diff --git a/deps/openssl/openssl/include/openssl/pkcs12.h b/deps/openssl/openssl/include/openssl/pkcs12.h new file mode 120000 index 000000000000..eebba777899c --- /dev/null +++ b/deps/openssl/openssl/include/openssl/pkcs12.h @@ -0,0 +1 @@ +../../crypto/pkcs12/pkcs12.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/pkcs7.h b/deps/openssl/openssl/include/openssl/pkcs7.h deleted file mode 100644 index 2e19d7c4c9b9..000000000000 --- a/deps/openssl/openssl/include/openssl/pkcs7.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/pkcs7/pkcs7.h" diff --git a/deps/openssl/openssl/include/openssl/pkcs7.h b/deps/openssl/openssl/include/openssl/pkcs7.h new file mode 120000 index 000000000000..73e1b23f77eb --- /dev/null +++ b/deps/openssl/openssl/include/openssl/pkcs7.h @@ -0,0 +1 @@ +../../crypto/pkcs7/pkcs7.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/pqueue.h b/deps/openssl/openssl/include/openssl/pqueue.h deleted file mode 100644 index 9681ff52cd25..000000000000 --- a/deps/openssl/openssl/include/openssl/pqueue.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/pqueue/pqueue.h" diff --git a/deps/openssl/openssl/include/openssl/pqueue.h b/deps/openssl/openssl/include/openssl/pqueue.h new file mode 120000 index 000000000000..93817c2dfcd9 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/pqueue.h @@ -0,0 +1 @@ +../../crypto/pqueue/pqueue.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/rand.h b/deps/openssl/openssl/include/openssl/rand.h deleted file mode 100644 index 9d1521bd4e33..000000000000 --- a/deps/openssl/openssl/include/openssl/rand.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/rand/rand.h" diff --git a/deps/openssl/openssl/include/openssl/rand.h b/deps/openssl/openssl/include/openssl/rand.h new file mode 120000 index 000000000000..11231f852391 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/rand.h @@ -0,0 +1 @@ +../../crypto/rand/rand.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/rc2.h b/deps/openssl/openssl/include/openssl/rc2.h deleted file mode 100644 index f2f2bd1f21c0..000000000000 --- a/deps/openssl/openssl/include/openssl/rc2.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/rc2/rc2.h" diff --git a/deps/openssl/openssl/include/openssl/rc2.h b/deps/openssl/openssl/include/openssl/rc2.h new file mode 120000 index 000000000000..bb5a05c5d1e7 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/rc2.h @@ -0,0 +1 @@ +../../crypto/rc2/rc2.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/rc4.h b/deps/openssl/openssl/include/openssl/rc4.h deleted file mode 100644 index 306de2f406e8..000000000000 --- a/deps/openssl/openssl/include/openssl/rc4.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/rc4/rc4.h" diff --git a/deps/openssl/openssl/include/openssl/rc4.h b/deps/openssl/openssl/include/openssl/rc4.h new file mode 120000 index 000000000000..ef7deeb7d4a8 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/rc4.h @@ -0,0 +1 @@ +../../crypto/rc4/rc4.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ripemd.h b/deps/openssl/openssl/include/openssl/ripemd.h deleted file mode 100644 index 11351fc819d1..000000000000 --- a/deps/openssl/openssl/include/openssl/ripemd.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/ripemd/ripemd.h" diff --git a/deps/openssl/openssl/include/openssl/ripemd.h b/deps/openssl/openssl/include/openssl/ripemd.h new file mode 120000 index 000000000000..200f562fa7d0 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ripemd.h @@ -0,0 +1 @@ +../../crypto/ripemd/ripemd.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/rsa.h b/deps/openssl/openssl/include/openssl/rsa.h deleted file mode 100644 index 975e5d355abd..000000000000 --- a/deps/openssl/openssl/include/openssl/rsa.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/rsa/rsa.h" diff --git a/deps/openssl/openssl/include/openssl/rsa.h b/deps/openssl/openssl/include/openssl/rsa.h new file mode 120000 index 000000000000..3e5a6547543c --- /dev/null +++ b/deps/openssl/openssl/include/openssl/rsa.h @@ -0,0 +1 @@ +../../crypto/rsa/rsa.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/safestack.h b/deps/openssl/openssl/include/openssl/safestack.h deleted file mode 100644 index 8a282b858ba1..000000000000 --- a/deps/openssl/openssl/include/openssl/safestack.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/stack/safestack.h" diff --git a/deps/openssl/openssl/include/openssl/safestack.h b/deps/openssl/openssl/include/openssl/safestack.h new file mode 120000 index 000000000000..8ca5b4cc7c5c --- /dev/null +++ b/deps/openssl/openssl/include/openssl/safestack.h @@ -0,0 +1 @@ +../../crypto/stack/safestack.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/seed.h b/deps/openssl/openssl/include/openssl/seed.h deleted file mode 100644 index bbbf596df86c..000000000000 --- a/deps/openssl/openssl/include/openssl/seed.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/seed/seed.h" diff --git a/deps/openssl/openssl/include/openssl/seed.h b/deps/openssl/openssl/include/openssl/seed.h new file mode 120000 index 000000000000..05d04a50bf80 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/seed.h @@ -0,0 +1 @@ +../../crypto/seed/seed.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/sha.h b/deps/openssl/openssl/include/openssl/sha.h deleted file mode 100644 index ab9d94c38689..000000000000 --- a/deps/openssl/openssl/include/openssl/sha.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/sha/sha.h" diff --git a/deps/openssl/openssl/include/openssl/sha.h b/deps/openssl/openssl/include/openssl/sha.h new file mode 120000 index 000000000000..3025cd5d7e5a --- /dev/null +++ b/deps/openssl/openssl/include/openssl/sha.h @@ -0,0 +1 @@ +../../crypto/sha/sha.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/srp.h b/deps/openssl/openssl/include/openssl/srp.h deleted file mode 100644 index 8217476779e6..000000000000 --- a/deps/openssl/openssl/include/openssl/srp.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/srp/srp.h" diff --git a/deps/openssl/openssl/include/openssl/srp.h b/deps/openssl/openssl/include/openssl/srp.h new file mode 120000 index 000000000000..16b73ebd3dde --- /dev/null +++ b/deps/openssl/openssl/include/openssl/srp.h @@ -0,0 +1 @@ +../../crypto/srp/srp.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/srtp.h b/deps/openssl/openssl/include/openssl/srtp.h deleted file mode 100644 index e185494a523b..000000000000 --- a/deps/openssl/openssl/include/openssl/srtp.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../ssl/srtp.h" diff --git a/deps/openssl/openssl/include/openssl/srtp.h b/deps/openssl/openssl/include/openssl/srtp.h new file mode 120000 index 000000000000..9800e4ee402f --- /dev/null +++ b/deps/openssl/openssl/include/openssl/srtp.h @@ -0,0 +1 @@ +../../ssl/srtp.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ssl.h b/deps/openssl/openssl/include/openssl/ssl.h deleted file mode 100644 index 0b0589c639a9..000000000000 --- a/deps/openssl/openssl/include/openssl/ssl.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../ssl/ssl.h" diff --git a/deps/openssl/openssl/include/openssl/ssl.h b/deps/openssl/openssl/include/openssl/ssl.h new file mode 120000 index 000000000000..e87d9be8fc66 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ssl.h @@ -0,0 +1 @@ +../../ssl/ssl.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ssl2.h b/deps/openssl/openssl/include/openssl/ssl2.h deleted file mode 100644 index 11b22055ea73..000000000000 --- a/deps/openssl/openssl/include/openssl/ssl2.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../ssl/ssl2.h" diff --git a/deps/openssl/openssl/include/openssl/ssl2.h b/deps/openssl/openssl/include/openssl/ssl2.h new file mode 120000 index 000000000000..72876883c634 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ssl2.h @@ -0,0 +1 @@ +../../ssl/ssl2.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ssl23.h b/deps/openssl/openssl/include/openssl/ssl23.h deleted file mode 100644 index fe4dae6661ff..000000000000 --- a/deps/openssl/openssl/include/openssl/ssl23.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../ssl/ssl23.h" diff --git a/deps/openssl/openssl/include/openssl/ssl23.h b/deps/openssl/openssl/include/openssl/ssl23.h new file mode 120000 index 000000000000..5605052d7013 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ssl23.h @@ -0,0 +1 @@ +../../ssl/ssl23.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ssl3.h b/deps/openssl/openssl/include/openssl/ssl3.h deleted file mode 100644 index 0fb66a6f7520..000000000000 --- a/deps/openssl/openssl/include/openssl/ssl3.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../ssl/ssl3.h" diff --git a/deps/openssl/openssl/include/openssl/ssl3.h b/deps/openssl/openssl/include/openssl/ssl3.h new file mode 120000 index 000000000000..5ae2507f28a1 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ssl3.h @@ -0,0 +1 @@ +../../ssl/ssl3.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/stack.h b/deps/openssl/openssl/include/openssl/stack.h deleted file mode 100644 index 295968cc1868..000000000000 --- a/deps/openssl/openssl/include/openssl/stack.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/stack/stack.h" diff --git a/deps/openssl/openssl/include/openssl/stack.h b/deps/openssl/openssl/include/openssl/stack.h new file mode 120000 index 000000000000..61d342fcdc58 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/stack.h @@ -0,0 +1 @@ +../../crypto/stack/stack.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/symhacks.h b/deps/openssl/openssl/include/openssl/symhacks.h deleted file mode 100644 index f946f4ffc6f3..000000000000 --- a/deps/openssl/openssl/include/openssl/symhacks.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/symhacks.h" diff --git a/deps/openssl/openssl/include/openssl/symhacks.h b/deps/openssl/openssl/include/openssl/symhacks.h new file mode 120000 index 000000000000..4a1a6913cf75 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/symhacks.h @@ -0,0 +1 @@ +../../crypto/symhacks.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/tls1.h b/deps/openssl/openssl/include/openssl/tls1.h deleted file mode 100644 index c43a70ff31fb..000000000000 --- a/deps/openssl/openssl/include/openssl/tls1.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../ssl/tls1.h" diff --git a/deps/openssl/openssl/include/openssl/tls1.h b/deps/openssl/openssl/include/openssl/tls1.h new file mode 120000 index 000000000000..53d998fbd860 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/tls1.h @@ -0,0 +1 @@ +../../ssl/tls1.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ts.h b/deps/openssl/openssl/include/openssl/ts.h deleted file mode 100644 index fe8a2cb51a2e..000000000000 --- a/deps/openssl/openssl/include/openssl/ts.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/ts/ts.h" diff --git a/deps/openssl/openssl/include/openssl/ts.h b/deps/openssl/openssl/include/openssl/ts.h new file mode 120000 index 000000000000..a75d99db1a88 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ts.h @@ -0,0 +1 @@ +../../crypto/ts/ts.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/txt_db.h b/deps/openssl/openssl/include/openssl/txt_db.h deleted file mode 100644 index 167621b6fa88..000000000000 --- a/deps/openssl/openssl/include/openssl/txt_db.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/txt_db/txt_db.h" diff --git a/deps/openssl/openssl/include/openssl/txt_db.h b/deps/openssl/openssl/include/openssl/txt_db.h new file mode 120000 index 000000000000..f672e35520c0 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/txt_db.h @@ -0,0 +1 @@ +../../crypto/txt_db/txt_db.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ui.h b/deps/openssl/openssl/include/openssl/ui.h deleted file mode 100644 index 43dd3ae83a51..000000000000 --- a/deps/openssl/openssl/include/openssl/ui.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/ui/ui.h" diff --git a/deps/openssl/openssl/include/openssl/ui.h b/deps/openssl/openssl/include/openssl/ui.h new file mode 120000 index 000000000000..b07defad72b1 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ui.h @@ -0,0 +1 @@ +../../crypto/ui/ui.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/ui_compat.h b/deps/openssl/openssl/include/openssl/ui_compat.h deleted file mode 100644 index c83f160d8021..000000000000 --- a/deps/openssl/openssl/include/openssl/ui_compat.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/ui/ui_compat.h" diff --git a/deps/openssl/openssl/include/openssl/ui_compat.h b/deps/openssl/openssl/include/openssl/ui_compat.h new file mode 120000 index 000000000000..d8c74b7c5d72 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/ui_compat.h @@ -0,0 +1 @@ +../../crypto/ui/ui_compat.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/whrlpool.h b/deps/openssl/openssl/include/openssl/whrlpool.h deleted file mode 100644 index e2424fadde27..000000000000 --- a/deps/openssl/openssl/include/openssl/whrlpool.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/whrlpool/whrlpool.h" diff --git a/deps/openssl/openssl/include/openssl/whrlpool.h b/deps/openssl/openssl/include/openssl/whrlpool.h new file mode 120000 index 000000000000..125a0816f509 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/whrlpool.h @@ -0,0 +1 @@ +../../crypto/whrlpool/whrlpool.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/x509.h b/deps/openssl/openssl/include/openssl/x509.h deleted file mode 100644 index a4651a286524..000000000000 --- a/deps/openssl/openssl/include/openssl/x509.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/x509/x509.h" diff --git a/deps/openssl/openssl/include/openssl/x509.h b/deps/openssl/openssl/include/openssl/x509.h new file mode 120000 index 000000000000..b2b85c52486d --- /dev/null +++ b/deps/openssl/openssl/include/openssl/x509.h @@ -0,0 +1 @@ +../../crypto/x509/x509.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/x509_vfy.h b/deps/openssl/openssl/include/openssl/x509_vfy.h deleted file mode 100644 index b897aa087bda..000000000000 --- a/deps/openssl/openssl/include/openssl/x509_vfy.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/x509/x509_vfy.h" diff --git a/deps/openssl/openssl/include/openssl/x509_vfy.h b/deps/openssl/openssl/include/openssl/x509_vfy.h new file mode 120000 index 000000000000..bb99ad49811a --- /dev/null +++ b/deps/openssl/openssl/include/openssl/x509_vfy.h @@ -0,0 +1 @@ +../../crypto/x509/x509_vfy.h \ No newline at end of file diff --git a/deps/openssl/openssl/include/openssl/x509v3.h b/deps/openssl/openssl/include/openssl/x509v3.h deleted file mode 100644 index 363795e55a28..000000000000 --- a/deps/openssl/openssl/include/openssl/x509v3.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../crypto/x509v3/x509v3.h" diff --git a/deps/openssl/openssl/include/openssl/x509v3.h b/deps/openssl/openssl/include/openssl/x509v3.h new file mode 120000 index 000000000000..63d12f9dc5f7 --- /dev/null +++ b/deps/openssl/openssl/include/openssl/x509v3.h @@ -0,0 +1 @@ +../../crypto/x509v3/x509v3.h \ No newline at end of file diff --git a/deps/openssl/openssl/openssl.spec b/deps/openssl/openssl/openssl.spec index 3e8f3a9d6208..67a6074a8fee 100644 --- a/deps/openssl/openssl/openssl.spec +++ b/deps/openssl/openssl/openssl.spec @@ -7,7 +7,7 @@ Release: 1 Summary: Secure Sockets Layer and cryptography libraries and tools Name: openssl #Version: %{libmaj}.%{libmin}.%{librel} -Version: 1.0.1o +Version: 1.0.1p Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz License: OpenSSL Group: System Environment/Libraries diff --git a/deps/openssl/openssl/ssl/s3_clnt.c b/deps/openssl/openssl/ssl/s3_clnt.c index 0879a0f8baae..35ad1217a655 100644 --- a/deps/openssl/openssl/ssl/s3_clnt.c +++ b/deps/openssl/openssl/ssl/s3_clnt.c @@ -1381,8 +1381,6 @@ int ssl3_get_key_exchange(SSL *s) #ifndef OPENSSL_NO_PSK if (alg_k & SSL_kPSK) { - char tmp_id_hint[PSK_MAX_IDENTITY_LEN + 1]; - param_len = 2; if (param_len > n) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT); @@ -1408,17 +1406,8 @@ int ssl3_get_key_exchange(SSL *s) } param_len += i; - /* - * If received PSK identity hint contains NULL characters, the hint - * is truncated from the first NULL. p may not be ending with NULL, - * so create a NULL-terminated string. - */ - memcpy(tmp_id_hint, p, i); - memset(tmp_id_hint + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i); - if (s->ctx->psk_identity_hint != NULL) - OPENSSL_free(s->ctx->psk_identity_hint); - s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint); - if (s->ctx->psk_identity_hint == NULL) { + s->session->psk_identity_hint = BUF_strndup((char *)p, i); + if (s->session->psk_identity_hint == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); goto f_err; @@ -2951,7 +2940,7 @@ int ssl3_send_client_key_exchange(SSL *s) } memset(identity, 0, sizeof(identity)); - psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint, + psk_len = s->psk_client_callback(s, s->session->psk_identity_hint, identity, sizeof(identity) - 1, psk_or_pre_ms, sizeof(psk_or_pre_ms)); diff --git a/deps/openssl/openssl/ssl/s3_srvr.c b/deps/openssl/openssl/ssl/s3_srvr.c index 9aa329260ae7..3a5f71d745fa 100644 --- a/deps/openssl/openssl/ssl/s3_srvr.c +++ b/deps/openssl/openssl/ssl/s3_srvr.c @@ -2792,7 +2792,7 @@ int ssl3_get_client_key_exchange(SSL *s) if (s->session->psk_identity != NULL) OPENSSL_free(s->session->psk_identity); - s->session->psk_identity = BUF_strdup((char *)p); + s->session->psk_identity = BUF_strndup((char *)p, i); if (s->session->psk_identity == NULL) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); goto psk_err; diff --git a/deps/openssl/openssl/test/Makefile b/deps/openssl/openssl/test/Makefile index 0ee4ec28520d..eca1400a1c0c 100644 --- a/deps/openssl/openssl/test/Makefile +++ b/deps/openssl/openssl/test/Makefile @@ -66,6 +66,7 @@ SRPTEST= srptest ASN1TEST= asn1test HEARTBEATTEST= heartbeat_test CONSTTIMETEST= constant_time_test +VERIFYEXTRATEST= verify_extra_test TESTS= alltests @@ -77,7 +78,7 @@ EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST) $(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \ $(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \ $(EVPTEST)$(EXE_EXT) $(EVPEXTRATEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) $(SRPTEST)$(EXE_EXT) \ - $(ASN1TEST)$(EXE_EXT) $(HEARTBEATTEST)$(EXE_EXT) $(CONSTTIMETEST)$(EXE_EXT) + $(ASN1TEST)$(EXE_EXT) $(HEARTBEATTEST)$(EXE_EXT) $(CONSTTIMETEST)$(EXE_EXT) $(VERIFYEXTRATEST)$(EXE_EXT) # $(METHTEST)$(EXE_EXT) @@ -90,7 +91,7 @@ OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \ $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \ $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \ $(EVPTEST).o $(EVPEXTRATEST).o $(IGETEST).o $(JPAKETEST).o $(ASN1TEST).o \ - $(HEARTBEATTEST).o $(CONSTTIMETEST).o + $(HEARTBEATTEST).o $(CONSTTIMETEST).o $(VERIFYEXTRATEST).o SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \ $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \ @@ -100,7 +101,7 @@ SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \ $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \ $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \ $(EVPTEST).c $(EVPEXTRATEST).c $(IGETEST).c $(JPAKETEST).c $(SRPTEST).c $(ASN1TEST).c \ - $(HEARTBEATTEST).c $(CONSTTIMETEST).c + $(HEARTBEATTEST).c $(CONSTTIMETEST).c $(VERIFYEXTRATEST).c EXHEADER= HEADER= $(EXHEADER) @@ -143,7 +144,7 @@ alltests: \ test_enc test_x509 test_rsa test_crl test_sid \ test_gen test_req test_pkcs7 test_verify test_dh test_dsa \ test_ss test_ca test_engine test_evp test_evp_extra test_ssl test_tsa test_ige \ - test_jpake test_srp test_cms test_heartbeat test_constant_time + test_jpake test_srp test_cms test_heartbeat test_constant_time test_verify_extra test_evp: ../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt @@ -334,6 +335,10 @@ test_constant_time: $(CONSTTIMETEST)$(EXE_EXT) @echo "Test constant time utilites" ../util/shlib_wrap.sh ./$(CONSTTIMETEST) +test_verify_extra: $(VERIFYEXTRATEST)$(EXE_EXT) + @echo $(START) $@ + ../util/shlib_wrap.sh ./$(VERIFYEXTRATEST) + lint: lint -DLINT $(INCLUDES) $(SRC)>fluff @@ -502,6 +507,9 @@ $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o @target=$(CONSTTIMETEST) $(BUILD_CMD) +$(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEXTRATEST).o + @target=$(VERIFYEXTRATEST) $(BUILD_CMD) + #$(AESTEST).o: $(AESTEST).c # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c @@ -792,6 +800,21 @@ ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssltest.o: ../include/openssl/x509v3.h ssltest.c +verify_extra_test.o: ../include/openssl/asn1.h ../include/openssl/bio.h +verify_extra_test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h +verify_extra_test.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +verify_extra_test.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +verify_extra_test.o: ../include/openssl/err.h ../include/openssl/evp.h +verify_extra_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +verify_extra_test.o: ../include/openssl/objects.h +verify_extra_test.o: ../include/openssl/opensslconf.h +verify_extra_test.o: ../include/openssl/opensslv.h +verify_extra_test.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +verify_extra_test.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +verify_extra_test.o: ../include/openssl/safestack.h ../include/openssl/sha.h +verify_extra_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +verify_extra_test.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +verify_extra_test.o: verify_extra_test.c wp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h wp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h wp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h diff --git a/deps/openssl/openssl/test/certs/bad.key b/deps/openssl/openssl/test/certs/bad.key new file mode 100644 index 000000000000..4708495204d3 --- /dev/null +++ b/deps/openssl/openssl/test/certs/bad.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAwTqNko5vQiQ5BQohPJ3sySrjT6JedjsKtt1OZ8ndR2C1asUi +HgpVO8QDHKID88Qklx6UCieeKAwIY0VzqWzTyZWTwdqTU9t8arHHJu7IcFlmWsAL +fwTmARWJmpY+K8fGnQx1Kxfi6nQJ8Whq4bcAqJ2HXzG69Wjs3Ki70ScNbQ9RUwXJ +n/FeNrsphKAv5K22zBqjWAQdYMg6vtKZAXCET8jw6OkPVnUb/QvyoBEijWt0+HBh +7wLkSUvMj/7fc88+xtvGqZPyG2Py4DdWW1stpgiZ3TTohEk84t1u5L3qQaRQmVE6 +y5RMImyVY8hegC4zc6aGZDFRv8MR+gk6prcuUwIDAQABAoIBAEkz4YZwJ34rMt7R +452PRrE/ajY1EQxBeeGlHZr8QrRT0ubMIAy5ZWjq7TLfvhePaz1E/FiMgcIyLMtO ++G5rKCDqZbu/DqlqMUxKZWQ+efj2JWyj7LcGKAypGCRUXuE/IeNFYO4ecnzX0Rx/ +rl4scjdu1mYd9PIb+f/ufJjT7qYtykmwlb0MbEJ25yjTC4iHzacvFLJgdXrPp8b9 +ZGlVBKyuk9ZrZDC8/a4QrKt7Hp2SqqO4WqaTgM1G+cQFYuVBmj74bQhJHMmQ+Opr +5KXwBKEHMtJkq1GPVZ34W90V82d+8MJAxymuPomwRXKl1dKgnvny+0eobXkiBDcF +XCBCmIECgYEA8c/fE7Sa1vLZriw0Meq+TxU5hru4YM6OmQ+idc6diCp2U9lW+KJr +YrIRTZFcmhEGmRjAEZrdK0oFY7h5RhsZ+gTftmNZuL8WJCK9+y2DE9dB++md3oVC +PK0d4SmQKsivOTTeiK/VYFGoLc8t8Ud/anu2Q1kFdC+7cH/TrRseV4MCgYEAzJDw +MTil055rYlrAAH8ePEuONomu2MoZRRCX/tWuVvz+eIzA35mryW3OR45l5qNluQoZ +AdpVE68kBak2wIrF2oyWcF1s8VzSbAJCoqK42lKiSGVDVnr6jb69WUujCkYUZIwR +Q20QYBUUQu0JiFBU22tRgILIAK+rRah37EP4RPECgYBN3hKH1fDGpw1R+QoVyPHf +pYYQzQJiqiFhSJeYOCCiaIoSFjrbdfH+pjjMMbMQKctmIYI4KRZvijaSFiV3XeLP +kCI6KWQLCf2nRUjISa+cBAVLib88mMzrnROyHiA+psFGOrAuc/DSQ3lUxxKUT+HH ++G6I4XHQKE7Du2X+qGzs4QKBgBZyJNjRxWhF7rR5Dq4/RHsLM0yKqPPCoSkx2+ur +WJjU47sofpVKUE4mzUaOumGnNicqk3nfkgw54HL6kTZpQ7JqUKt9pNGLBM+zI8qi +njPec04MRmo7zjg1YKNmqDodXGl38QD7+5r/VRzO04fwgI8e5G98aiOhIuLezGHR +R3GRAoGAAyhwtKoC87fSGrpyZQ16UAYuqNy0fVAQtrDgRgP5Nu4esr9QxS/hWjcR +8s2P82wsR4gZna6l6vSz4awGVG4PGKnVjteAtZxok3nBHxPmRke5o7IpdObPjpQP +RJNZYbJ9G/PbYDhciEoTjVyig6Ol5BRe9stSbO7+JIxEYr7VSpA= +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/bad.pem b/deps/openssl/openssl/test/certs/bad.pem new file mode 100644 index 000000000000..876923151691 --- /dev/null +++ b/deps/openssl/openssl/test/certs/bad.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIJAJgwOOciuxjSMA0GCSqGSIb3DQEBCwUAMFQxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxDTALBgNVBAMTBGxlYWYwHhcNMTUwNzAyMTMyMDQ2WhcN +MzUwNzAyMTMyMDQ2WjBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0 +ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNi +YWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBOo2Sjm9CJDkFCiE8 +nezJKuNPol52Owq23U5nyd1HYLVqxSIeClU7xAMcogPzxCSXHpQKJ54oDAhjRXOp +bNPJlZPB2pNT23xqsccm7shwWWZawAt/BOYBFYmalj4rx8adDHUrF+LqdAnxaGrh +twConYdfMbr1aOzcqLvRJw1tD1FTBcmf8V42uymEoC/krbbMGqNYBB1gyDq+0pkB +cIRPyPDo6Q9WdRv9C/KgESKNa3T4cGHvAuRJS8yP/t9zzz7G28apk/IbY/LgN1Zb +Wy2mCJndNOiESTzi3W7kvepBpFCZUTrLlEwibJVjyF6ALjNzpoZkMVG/wxH6CTqm +ty5TAgMBAAGjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFJoH29IULbskIG8BwYp4 +9yD+q7wbMB8GA1UdIwQYMBaAFBwdxP7xJUYhGU31hO4z2uXPtRl/MA0GCSqGSIb3 +DQEBCwUAA4IBAQBl0tHkWMBHW6r3ywBlWWFdok04xlt2QD8eA4ywwz97t/8JgLht +OpuHO1bQtrZR6bxAgYT1+yHQnYBTfjKxFq+S9EP6nxBe94mEgizLmMv9pf7x5q+H +pfT8ejcY54E/oXlFXSbLDE1BDpfgkWll2/TIsTRJNoM2n8mytEdPqzRburwWnoFR +VchcfO968asdc9/8glSLJSNO+Wh9vQlbtcPzfbd4ZVE5E/P6drQzSwNjWvHQdswJ +ujkY1zkTP2rtVBGN4OyOfkE6enVKpt5lN6AqjEMhJ5i/yFM/jDndTrgd/JkAvyUJ +O2ELtifCd8DeSYNA9Qm8/MEUYq1xXQrGJHCE +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/interCA.key b/deps/openssl/openssl/test/certs/interCA.key new file mode 100644 index 000000000000..c32fe26bc979 --- /dev/null +++ b/deps/openssl/openssl/test/certs/interCA.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAu7NHo76UDp738A/nuEfvVkKL7a7Kjk8PJIYkRKouSZZgBW6Q +xBWptfJ6UZLeoDnBjJ47hc7s+ohLkJnnsodAalgMKTIFjDLXhMyzgGqpBJf/ydvl +oEWwP/KZsB32z1v3fn926euBaA9YUAHpwc15i8VaIREPQQPsRA0ZC/3AN2PpPztQ +vTkYUkKyTbAfWhN8ymxR3fZjph+GjUrBfDp90qpUVTgkIp3uXOgAkndB1BI2MvWj +m6mOO8kjVC281auculTozLNFvthv16q3FZMc3/W1aslQa6wCa529+f8v4itM1oCQ +T/h14cK+ZjE7zbhIqwXlWLs/uoVHq1G7iYa9BQIDAQABAoIBABa8FldNBB3pP1rC +cmytud2W3eACJeKqzMi9vrLachTTs/m0dLBrd0zke9BZm8GIfVsM52TDtYx66bww +CBJls3WuCHsM5gMfPV+Gc8+AG8zEpGTMz7lj938nYVolpvliyE14Hu0ia2AxS58V +PD0PKEO3ubz7lf9n/DwZ4gjDyX5r1Cq+thwPlIf4PbEcGHk5SYxNm2DGR0DNL676 +X7CrRu3JBa2mY+moTV/pMrjvwAInmSxs4RBO7ggdYEief/4cBYyzMdiQ1v0UxvdO +674dBJJFG32akPrnPqza7U41ivoDPlgCpKWHDaZadI0Joozd2pw0Mq0a8cyig0BJ +Wa3d9xkCgYEA9T3j8F52u+QMaMzV1VENUAwo0Sqhk8xU0r/4l5PsvCjOuJ7NZkkW +EQnNOI++zaPCeBRV55X0A5E8Pi3uEdKt6m+wsncJzGEVNRwixfd0Ul7Itntq7u9L +/DHTlwpQ4t4PLNu8/uSBDN9A2slY2WsoXkJsdYPgjkrS2rYkt5bHFN8CgYEAw+8w +Qw/zTCBmerzYLJSsjz9rcD2hTtDw72UF1rvEg4QP/9v0I/OU7Lu0ds0KmKJcJfay +ZDMeBT8tW6LFztqdFi24tKISfodfYdET32lNd4QnMtWhoqXXXNiJY5gQC16YmSJm +R7Dgw9hBrr0323/lhhwDDysq1lgD9QbUVEacJpsCgYAoau/TIK5u3vHQn9mqE3af +N7HObzk785QTO8JLsPx2Mj+Hm9x8PBVf736cEMzAdXnKcoeJ6GPT5q7IDKfM1i0F +kyzK7OV3gpSNMTrl55eLL8XilUqVYGjkgo29udyE11Ym7XwjgiNmrLCynjZ/drKr +fkUDxR1QNjK0CwrYGwhqfwKBgQDAYGn3foK4nRthqWdrJjLjlzZLBwgJldbqhjsc +YlIJezImWnU0k2YGpioDd0DPKqLlV3pCLXptVmGXlpM3jags7YlsObGE8C+zoBAu +DHtWPLgsDltckg6Jh8YltlkSgLe9q2vXOhEF2aBsDDb62nGmonxSeWTe/Z4tB56U +fJu2vwKBgFnGbZIcH8sDR7Vwh0sjSKnFkZ1v0T4qsBKpDz9yCvZVIgIFXPkKnALT ++OEpQTuLVN/MZxVlc8qo8UFflJprDsK1/Rm3iPaw+lwErswgddNUKNLnLPjlxcEe +nTinsfyf4i48+IW55UFVU118nyufNeDdasoU6SSBH/MdeNq4hrTa +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/interCA.pem b/deps/openssl/openssl/test/certs/interCA.pem new file mode 100644 index 000000000000..35568abe17a9 --- /dev/null +++ b/deps/openssl/openssl/test/certs/interCA.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDgDCCAmigAwIBAgIJANnoWlLlEsTgMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxDzANBgNVBAMMBnJvb3RDQTAeFw0xNTA3MDIxMzE3MDVa +Fw0zNTA3MDIxMzE3MDVaMFcxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0 +YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEDAOBgNVBAMT +B2ludGVyQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7s0ejvpQO +nvfwD+e4R+9WQovtrsqOTw8khiREqi5JlmAFbpDEFam18npRkt6gOcGMnjuFzuz6 +iEuQmeeyh0BqWAwpMgWMMteEzLOAaqkEl//J2+WgRbA/8pmwHfbPW/d+f3bp64Fo +D1hQAenBzXmLxVohEQ9BA+xEDRkL/cA3Y+k/O1C9ORhSQrJNsB9aE3zKbFHd9mOm +H4aNSsF8On3SqlRVOCQine5c6ACSd0HUEjYy9aObqY47ySNULbzVq5y6VOjMs0W+ +2G/XqrcVkxzf9bVqyVBrrAJrnb35/y/iK0zWgJBP+HXhwr5mMTvNuEirBeVYuz+6 +hUerUbuJhr0FAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFBj61iO5 +j11dE30+j6iRx9lhwBcuMB8GA1UdIwQYMBaAFIVWiTXinwAa4YYDC0uvdhJrM239 +MA0GCSqGSIb3DQEBCwUAA4IBAQDAU0MvL/yZpmibhxUsoSsa97UJbejn5IbxpPzZ +4WHw8lsoUGs12ZHzQJ9LxkZVeuccFXy9yFEHW56GTlkBmD2qrddlmQCfQ3m8jtZ9 +Hh5feKAyrqfmfsWF5QPjAmdj/MFdq+yMJVosDftkmUmaBHjzbvbcq1sWh/6drH8U +7pdYRpfeEY8dHSU6FHwVN/H8VaBB7vYYc2wXwtk8On7z2ocIVHn9RPkcLwmwJjb/ +e4jmcYiyZev22KXQudeHc4w6crWiEFkVspomn5PqDmza3rkdB3baXFVZ6sd23ufU +wjkiKKtwRBwU+5tCCagQZoeQ5dZXQThkiH2XEIOCOLxyD/tb +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/leaf.key b/deps/openssl/openssl/test/certs/leaf.key new file mode 100644 index 000000000000..a1b1721245b7 --- /dev/null +++ b/deps/openssl/openssl/test/certs/leaf.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAv0Qo9WC/BKA70LtQJdwVGSXqr9dut3cQmiFzTb/SaWldjOT1 +sRNDFxSzdTJjU/8cIDEZvaTIwRxP/dtVQLjc+4jzrUwz93NuZYlsEWUEUg4Lrnfs +0Nz50yHk4rJhVxWjb8Ii/wRBViWHFExP7CwTkXiTclC1bCqTuWkjxF3thTfTsttR +yY7qNkz2JpNx0guD8v4otQoYjA5AEZvK4IXLwOwxol5xBTMvIrvvff2kkh+c7OC2 +QVbUTow/oppjqIKCx2maNHCtLFTJELf3fwtRJLJsy4fKGP0/6kpZc8Sp88WK4B4F +auF9IV1CmoAJUC1vJxhagHIKfVtFjUWs8GPobQIDAQABAoIBAB1fCiskQDElqgnT +uesWcOb7u55lJstlrVb97Ab0fgtR8tvADTq0Colw1F4a7sXnVxpab+l/dJSzFFWX +aPAXc1ftH/5sxU4qm7lb8Qx6xr8TCRgxslwgkvypJ8zoN6p32DFBTr56mM3x1Vx4 +m41Y92hPa9USL8n8f9LpImT1R5Q9ShI/RUCowPyzhC6OGkFSBJu72nyA3WK0znXn +q5TNsTRdJLOug7eoJJvhOPfy3neNQV0f2jQ+2wDKCYvn6i4j9FSLgYC/vorqofEd +vFBHxl374117F6DXdBChyD4CD5vsplB0zcExRUCT5+iBqf5uc8CbLHeyNk6vSaf5 +BljHWsECgYEA93QnlKsVycgCQqHt2q8EIZ5p7ksGYRVfBEzgetsNdpxvSwrLyLQE +L5AKG3upndOofCeJnLuQF1j954FjCs5Y+8Sy2H1D1EPrHSBp4ig2F5aOxT3vYROd +v+/mF4ZUzlIlv3jNDz5IoLaxm9vhXTtLLUtQyTueGDmqwlht0Kr3/gcCgYEAxd86 +Q23jT4DmJqUl+g0lWdc2dgej0jwFfJ2BEw/Q55vHjqj96oAX5QQZFOUhZU8Otd/D +lLzlsFn0pOaSW/RB4l5Kv8ab+ZpxfAV6Gq47nlfzmEGGx4wcoL0xkHufiXg0sqaG +UtEMSKFhxPQZhWojUimK/+YIF69molxA6G9miOsCgYEA8mICSytxwh55qE74rtXz +1AJZfKJcc0f9tDahQ3XBsEb29Kh0h/lciEIsxFLTB9dFF6easb0/HL98pQElxHXu +z14SWOAKSqbka7lOPcppgZ1l52oNSiduw4z28mAQPbBVbUGkiqPVfCa3vhUYoLvt +nUZCsXoGF3CVBJydpGFzXI0CgYEAtt3Jg72PoM8YZEimI0R462F4xHXlEYtE6tjJ +C+vG/fU65P4Kw+ijrJQv9d6YEX+RscXdg51bjLJl5OvuAStopCLOZBPR3Ei+bobF +RNkW4gyYZHLSc6JqZqbSopuNYkeENEKvyuPFvW3f5FxPJbxkbi9UdZCKlBEXAh/O +IMGregcCgYBC8bS7zk6KNDy8q2uC/m/g6LRMxpb8G4jsrcLoyuJs3zDckBjQuLJQ +IOMXcQBWN1h+DKekF2ecr3fJAJyEv4pU4Ct2r/ZTYFMdJTyAbjw0mqOjUR4nsdOh +t/vCbt0QW3HXYTcVdCnFqBtelKnI12KoC0jAO9EAJGZ6kE/NwG6dQg== +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/leaf.pem b/deps/openssl/openssl/test/certs/leaf.pem new file mode 100644 index 000000000000..bb94d126e93f --- /dev/null +++ b/deps/openssl/openssl/test/certs/leaf.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDfjCCAmagAwIBAgIJAKRNsDKacUqNMA0GCSqGSIb3DQEBCwUAMFoxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMTCnN1YmludGVyQ0EwHhcNMTUwNzAyMTMx +OTQ5WhcNMzUwNzAyMTMxOTQ5WjBUMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29t +ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ0wCwYD +VQQDEwRsZWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0Qo9WC/ +BKA70LtQJdwVGSXqr9dut3cQmiFzTb/SaWldjOT1sRNDFxSzdTJjU/8cIDEZvaTI +wRxP/dtVQLjc+4jzrUwz93NuZYlsEWUEUg4Lrnfs0Nz50yHk4rJhVxWjb8Ii/wRB +ViWHFExP7CwTkXiTclC1bCqTuWkjxF3thTfTsttRyY7qNkz2JpNx0guD8v4otQoY +jA5AEZvK4IXLwOwxol5xBTMvIrvvff2kkh+c7OC2QVbUTow/oppjqIKCx2maNHCt +LFTJELf3fwtRJLJsy4fKGP0/6kpZc8Sp88WK4B4FauF9IV1CmoAJUC1vJxhagHIK +fVtFjUWs8GPobQIDAQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQcHcT+8SVG +IRlN9YTuM9rlz7UZfzAfBgNVHSMEGDAWgBTpZ30QdMGarrhMPwk+HHAV3R8aTzAN +BgkqhkiG9w0BAQsFAAOCAQEAGjmSkF8is+v0/RLcnSRiCXENz+yNi4pFCAt6dOtT +6Gtpqa1tY5It9lVppfWb26JrygMIzOr/fB0r1Q7FtZ/7Ft3P6IXVdk3GDO0QsORD +2dRAejhYpc5c7joHxAw9oRfKrEqE+ihVPUTcfcIuBaalvuhkpQRmKP71ws5DVzOw +QhnMd0TtIrbKHaNQ4kNsmSY5fQolwB0LtNfTus7OEFdcZWhOXrWImKXN9jewPKdV +mSG34NfXOnA6qx0eQg06z+TkdrptH6j1Va2vS1/bL+h1GxjpTHlvTGaZYxaloIjw +y/EzY5jygRoABnR3eBm15CYZwwKL9izIq1H3OhymEi/Ycg== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/rootCA.key b/deps/openssl/openssl/test/certs/rootCA.key new file mode 100644 index 000000000000..527f3ad75f8a --- /dev/null +++ b/deps/openssl/openssl/test/certs/rootCA.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAwPFrd4isNd/7c1MvkoAvdBYyTfUQIG9sOo7R3GvhLj7DBA+/ +m8TJEtHkC0WX5QbNZjrh4OIr36LE7HvTPTyK/150oKunA2oWW16SxH5beYpp1LyD +Xq5CknSlK+cAwanc1bFTBw9z946tFD4lnuUe5syRzZUMgEQgw/0Xz5E9YxAcFFv7 +w6jBiLJ3/5zb/GpERET3hewILNTfgaN5yf4em5MWU7eXq75PGqXi+kYF5A2cKqTM +uR4hoGzEq1mwQDm7+Yit/d+NtAuvfkHgITzIM0VJhC+TBu79T+1P87yb3vwlXlXV +ddTFezpANQafxIS0bJMMrzdar7ZBTSYjHLgCswIDAQABAoIBAC1EdwJEfqLlOgmE +qtSkXn3N919y76Wsfqf+eh5M8Tf4YajCSSIyuTpBJE/AtDJ3thkWF4i7h6+gcLNL +GfR0D+h6MMLBgx259iTZu3V+b9fEMbBHykqcd+IEm/wA5pyJTdaVE/XEGmEqiFEH +g6wT9XwQ4uRo49X0JfvVlZCNcumapYfPY+BwPQloydm/cLtgUtc1RKUCG7i27aHM +VaUm+NdYZIwwCQs0Aof/h7PkEWvHq0idaxY9qkLbbZHb1Np/IkmvqCo/PSS1whDj +/KIQGJDBGuXX/V+cZ+DYkCXAq1fCto9MjarEVmlLW5Hr5QojdbpvwsxSmrGfCqdH +bfc/9gECgYEA6y6EcYBuvCibmO4G2OA1sNSe5lJF911xUHuUl3CRORdeVFDi9Ch+ +LKzE+XEOlvA+qFSIA/KztevX3dvmvvBMwu0PUWDtBKJZ1mXt4Mgo63MHpYnKIzWz +YuDaMKpvbl3iTFJlKPUkPlv+/uDccd0QYYvk4gbBrWVQDghV3ya9LqMCgYEA0gW6 +Cu5yRWodehCh0z8VtFfOGDkhZEav6B5mZvyDCk5f+zVeRlsTJwY4BsgnoMUJ+SjQ +iQwQX3FbWrwcyYPOIA+ja6Hisgb9p/f+hxsQOOhN9nFsk2MNIHkwrMRcE8pj7pc1 +uBoYqpdX8blEs8wkJI+bTI3/SIZw6vjbogSqbLECgYEAhXuQho9byoXN0p3+2ude +8e+sBJPbzEuH/iM2MkIc2ueNjZOfTO8Sti6VWfK2UisnlQjtbjg5kd67Vdvy+pqP +Ju/ACvNVc5TmIo8V1cglmYVfaLBtP1DCcTOoA4ko196Hi8QUUIvat14lu+pKlIHh +Q0xQa41kLhNbvaszegWVyLsCgYEAxhuGySbw/U9CbNDhhL1eANZOXoUNXWRcK6z5 +VS3dgcw6N2C5A86G+2mfUa5dywXyCWgZhRyvGQh5btZApUlCFvYJZc63Ysy7WkTQ +f6rkm3ltiQimrURirn4CjwVOAZEIwJc7oeRj3g6Scz4acysd8KrRh93trwC55LtH +mcWi6JECgYAlqCQvaAnvaWpR0RX7m/UMpqWOVgIperGR7hrN3d04RaWG4yv1+66T +xANNBA8aDxhFwXjAKev4iOE/rp8SEjYXh3lbKmx+p9dk8REUdIFqoClX9tqctW9g +AkDF34S0mSE4T34zhs2+InfohJa6ojsuiNJSQMBPBxfr6wV2C+UWMQ== +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/rootCA.pem b/deps/openssl/openssl/test/certs/rootCA.pem new file mode 100644 index 000000000000..ef73d001b677 --- /dev/null +++ b/deps/openssl/openssl/test/certs/rootCA.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDfzCCAmegAwIBAgIJAIhDKcvC6xWaMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxDzANBgNVBAMMBnJvb3RDQTAeFw0xNTA3MDIxMzE1MTFa +Fw0zNTA3MDIxMzE1MTFaMFYxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0 +YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDzANBgNVBAMM +BnJvb3RDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDxa3eIrDXf ++3NTL5KAL3QWMk31ECBvbDqO0dxr4S4+wwQPv5vEyRLR5AtFl+UGzWY64eDiK9+i +xOx70z08iv9edKCrpwNqFlteksR+W3mKadS8g16uQpJ0pSvnAMGp3NWxUwcPc/eO +rRQ+JZ7lHubMkc2VDIBEIMP9F8+RPWMQHBRb+8OowYiyd/+c2/xqRERE94XsCCzU +34Gjecn+HpuTFlO3l6u+Txql4vpGBeQNnCqkzLkeIaBsxKtZsEA5u/mIrf3fjbQL +r35B4CE8yDNFSYQvkwbu/U/tT/O8m978JV5V1XXUxXs6QDUGn8SEtGyTDK83Wq+2 +QU0mIxy4ArMCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUhVaJNeKf +ABrhhgMLS692Emszbf0wHwYDVR0jBBgwFoAUhVaJNeKfABrhhgMLS692Emszbf0w +DQYJKoZIhvcNAQELBQADggEBADIKvyoK4rtPQ86I2lo5EDeAuzctXi2I3SZpnOe0 +mCCxJeZhWW0S7JuHvlfhEgXFBPEXzhS4HJLUlZUsWyiJ+3KcINMygaiF7MgIe6hZ +WzpsMatS4mbNFElc89M+YryRFrQc9d1Uqjxhl3ms5MhDNcMP/PNwHa/wnIoqkpNI +qtDoR741wcZ7bdr6XVdF8+pBjzbBPPRSf24x3bqavHBWcTjcSVcM/ZEXxeqH5SN0 +GbK2mQxrogX4UWjtl+DfYvl+ejpEcYNXKEmIabUUHtpG42544cuPtZizLW5bt/aT +JBQfpPZpvf9MUlACxUONFOLQdZ8SXpSJ0e93iX2J2Z52mSQ= +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/roots.pem b/deps/openssl/openssl/test/certs/roots.pem new file mode 100644 index 000000000000..0bc69127df52 --- /dev/null +++ b/deps/openssl/openssl/test/certs/roots.pem @@ -0,0 +1,42 @@ +-----BEGIN CERTIFICATE----- +MIIDgDCCAmigAwIBAgIJANnoWlLlEsTgMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxDzANBgNVBAMMBnJvb3RDQTAeFw0xNTA3MDIxMzE3MDVa +Fw0zNTA3MDIxMzE3MDVaMFcxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0 +YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEDAOBgNVBAMT +B2ludGVyQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7s0ejvpQO +nvfwD+e4R+9WQovtrsqOTw8khiREqi5JlmAFbpDEFam18npRkt6gOcGMnjuFzuz6 +iEuQmeeyh0BqWAwpMgWMMteEzLOAaqkEl//J2+WgRbA/8pmwHfbPW/d+f3bp64Fo +D1hQAenBzXmLxVohEQ9BA+xEDRkL/cA3Y+k/O1C9ORhSQrJNsB9aE3zKbFHd9mOm +H4aNSsF8On3SqlRVOCQine5c6ACSd0HUEjYy9aObqY47ySNULbzVq5y6VOjMs0W+ +2G/XqrcVkxzf9bVqyVBrrAJrnb35/y/iK0zWgJBP+HXhwr5mMTvNuEirBeVYuz+6 +hUerUbuJhr0FAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFBj61iO5 +j11dE30+j6iRx9lhwBcuMB8GA1UdIwQYMBaAFIVWiTXinwAa4YYDC0uvdhJrM239 +MA0GCSqGSIb3DQEBCwUAA4IBAQDAU0MvL/yZpmibhxUsoSsa97UJbejn5IbxpPzZ +4WHw8lsoUGs12ZHzQJ9LxkZVeuccFXy9yFEHW56GTlkBmD2qrddlmQCfQ3m8jtZ9 +Hh5feKAyrqfmfsWF5QPjAmdj/MFdq+yMJVosDftkmUmaBHjzbvbcq1sWh/6drH8U +7pdYRpfeEY8dHSU6FHwVN/H8VaBB7vYYc2wXwtk8On7z2ocIVHn9RPkcLwmwJjb/ +e4jmcYiyZev22KXQudeHc4w6crWiEFkVspomn5PqDmza3rkdB3baXFVZ6sd23ufU +wjkiKKtwRBwU+5tCCagQZoeQ5dZXQThkiH2XEIOCOLxyD/tb +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIJAJTed6XmFiu/MA0GCSqGSIb3DQEBCwUAMFoxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMMCnN1YmludGVyQ0EwHhcNMTUwNzAyMTMy +MTU4WhcNMzUwNzAyMTMyMTU4WjBaMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29t +ZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYD +VQQDDApzdWJpbnRlckNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +/zQjvhbU7RWDsRaEkVUBZWR/PqZ49GoE9p3OyRN4pkt1c1yb2ARVkYZP5e9gHb04 +wPVz2+FYy+2mNkl+uAZbcK5w5fWO3WJIEn57he4MkWu3ew1nJeSv3na8gyOoCheG +64kWVbA2YL92mR7QoSCo4SP7RmykLrwj6TlDxqgH6DxKSD/CpdCHE3DKAzAiri3G +Vc90OJAszYHlje4/maVIOayGROVET3xa5cbtRJl8IBgmqhMywtz4hhY/XZTvdEn2 +90aL857Hk7JjogA7mLKi07yKzknMxHV+k6JX7xJEttkcNQRFHONWZG1T4mRY1Drh +6VbJGb+0GNIldNLQqigkfwIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQW +BBTpZ30QdMGarrhMPwk+HHAV3R8aTzAfBgNVHSMEGDAWgBTpZ30QdMGarrhMPwk+ +HHAV3R8aTzANBgkqhkiG9w0BAQsFAAOCAQEAF8UAMtV1DClUWRw1h+THdAhjeo8S +9BOp6QphtlYuc9o+tQri5m+WqbyUZKIBEtumNhFb7QI1e4hO64y1kKbSs2AjWcJ2 +QxAyGiMM3wl2UfxPohDtgNhm0GFgQ1tUTeSnW3kAom9NqI7U/2lPpLh4rrFYTepR +wy0FV3NpRuHPtJE0VfqYnwWiTRdCJ7w1XzknKOUSHP/hRbyJVlwQp3VEQ9SIOYU6 +C+QEVGIgQiST6MRlCvoNP43guaRtrMuBZJaHKy/hLPvkdRpXHoUeKQFDuH77sZsF +sBv3EHNKoBvpSpSJndZN6UcH7Z1yn41Y6AnO4u492jiRAjQpP9+Nf/x1eg== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/subinterCA-ss.pem b/deps/openssl/openssl/test/certs/subinterCA-ss.pem new file mode 100644 index 000000000000..a436b4b00dbf --- /dev/null +++ b/deps/openssl/openssl/test/certs/subinterCA-ss.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIJAJTed6XmFiu/MA0GCSqGSIb3DQEBCwUAMFoxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMMCnN1YmludGVyQ0EwHhcNMTUwNzAyMTMy +MTU4WhcNMzUwNzAyMTMyMTU4WjBaMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29t +ZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYD +VQQDDApzdWJpbnRlckNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +/zQjvhbU7RWDsRaEkVUBZWR/PqZ49GoE9p3OyRN4pkt1c1yb2ARVkYZP5e9gHb04 +wPVz2+FYy+2mNkl+uAZbcK5w5fWO3WJIEn57he4MkWu3ew1nJeSv3na8gyOoCheG +64kWVbA2YL92mR7QoSCo4SP7RmykLrwj6TlDxqgH6DxKSD/CpdCHE3DKAzAiri3G +Vc90OJAszYHlje4/maVIOayGROVET3xa5cbtRJl8IBgmqhMywtz4hhY/XZTvdEn2 +90aL857Hk7JjogA7mLKi07yKzknMxHV+k6JX7xJEttkcNQRFHONWZG1T4mRY1Drh +6VbJGb+0GNIldNLQqigkfwIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQW +BBTpZ30QdMGarrhMPwk+HHAV3R8aTzAfBgNVHSMEGDAWgBTpZ30QdMGarrhMPwk+ +HHAV3R8aTzANBgkqhkiG9w0BAQsFAAOCAQEAF8UAMtV1DClUWRw1h+THdAhjeo8S +9BOp6QphtlYuc9o+tQri5m+WqbyUZKIBEtumNhFb7QI1e4hO64y1kKbSs2AjWcJ2 +QxAyGiMM3wl2UfxPohDtgNhm0GFgQ1tUTeSnW3kAom9NqI7U/2lPpLh4rrFYTepR +wy0FV3NpRuHPtJE0VfqYnwWiTRdCJ7w1XzknKOUSHP/hRbyJVlwQp3VEQ9SIOYU6 +C+QEVGIgQiST6MRlCvoNP43guaRtrMuBZJaHKy/hLPvkdRpXHoUeKQFDuH77sZsF +sBv3EHNKoBvpSpSJndZN6UcH7Z1yn41Y6AnO4u492jiRAjQpP9+Nf/x1eg== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/subinterCA.key b/deps/openssl/openssl/test/certs/subinterCA.key new file mode 100644 index 000000000000..c867af9463dc --- /dev/null +++ b/deps/openssl/openssl/test/certs/subinterCA.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA/zQjvhbU7RWDsRaEkVUBZWR/PqZ49GoE9p3OyRN4pkt1c1yb +2ARVkYZP5e9gHb04wPVz2+FYy+2mNkl+uAZbcK5w5fWO3WJIEn57he4MkWu3ew1n +JeSv3na8gyOoCheG64kWVbA2YL92mR7QoSCo4SP7RmykLrwj6TlDxqgH6DxKSD/C +pdCHE3DKAzAiri3GVc90OJAszYHlje4/maVIOayGROVET3xa5cbtRJl8IBgmqhMy +wtz4hhY/XZTvdEn290aL857Hk7JjogA7mLKi07yKzknMxHV+k6JX7xJEttkcNQRF +HONWZG1T4mRY1Drh6VbJGb+0GNIldNLQqigkfwIDAQABAoIBAQDg14MWGu+F4gqg +nwI1OPt95UjmXaz7Sd0NmoNxTKJjgN/9v33emBL7n6YNIxU/nlK+ToLBGo0tPjfO +ZHoskA1H/aiiMfKowcpV4PHbUZvpE0oYM/rIu+7mxR3ZPDT0jz3jjmgLHrEKFCXd +SfTtwOSJVzYvGdCdDE1nUXiRMcGlrJYxPf+0k3sGK7G90rYJkgffz92yuJote/s5 +P5nsK1h30yjKaWEzvf3ABladplykFN3GkICRGaCq0Nj5YWiG7qX9H9smYrioG0VH +VqgIbV2sHnmUYZaOTmC0RnwDWSZR25xOHVbugZ7rGnf4NdoM2S/oTI/SAXcDsaDX +lDpiEEuBAoGBAP/TISpeDRtUWzfVQxH+wbMdSbABjawf5sT7op7IsWsurY7u+KVh +ubhaSdeR7YbTyVUqbAc4mg9TIZxDe6+/I2S8LibQAa8wnv5aR1iPj/tZJOKrtu+Z +uHUyXMDR+8pIjQS0N+ukFp0tw9nicPNUt23JpqDFMvpASF+kUlnHOWAvAoGBAP9g +5rDid235QnnAhNJGkxE1ZwICPSo66AD/kF8XsMnAVasR0EPJCQ1+Zmh7wsXGq6Im +S65F4m0tsw4jeD67D1o5yuAnk/LLcdOdHW1w7iHuIhYKuWf1fqsOIqJLy7gdzwj4 +hImECoE40cqlLTge7xByxeHJwKF9ssXcwHFBIJyxAoGBAI5SeyUC5e/KYmURdBrS +zBhFtvUAKD0WEmCMTdBgfrPOaCgYsqPvVk9Fi8cuHCLiOCP1UdxClRLpgM1ajbkc +cShduJ9HIWjBd/KxbvfKBqQi1+5y8Xci4gfxWMC9EYNcEXgIewPRafNPvqG85HG7 +M8EUamsOymmG0bzDwjzIJRdpAoGAOUoVtmy3ehZG0WVc5ocqitu+BfdWnViln0O1 +sX9xC3F4Rm4ymGJLA5ntg1bwNMoCytdodun6h5+O4YcXfIseQJFib7KxP/Bf0qcW +aOzCnx36y5MQUMAD8H+1SU9TnjQhs9N8eBUE/kQu3BT99e8KllgJCEPoUNIP/s8s +5LtFg6ECgYEAgLwJoJ3hBwr0LmUi3kpFYdbZ+tAKIvKQH3xYMnQulOqtlXJFy0bu +ZcIAwsigRUqdCC2JuyAUw52HCtVVlpQjNs4BnUzaKooLOCm3w3i6X27mnHE0200S +zqC0rcB0xNz/IltGc7IP+T8UK5xX38uhJ/vUW75OvAjqheJSBwR9h5c= +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/subinterCA.pem b/deps/openssl/openssl/test/certs/subinterCA.pem new file mode 100644 index 000000000000..2cdf48011398 --- /dev/null +++ b/deps/openssl/openssl/test/certs/subinterCA.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDhDCCAmygAwIBAgIJAJkv2OGshkmUMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxEDAOBgNVBAMTB2ludGVyQ0EwHhcNMTUwNzAyMTMxODIz +WhcNMzUwNzAyMTMxODIzWjBaMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1T +dGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYDVQQD +EwpzdWJpbnRlckNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/zQj +vhbU7RWDsRaEkVUBZWR/PqZ49GoE9p3OyRN4pkt1c1yb2ARVkYZP5e9gHb04wPVz +2+FYy+2mNkl+uAZbcK5w5fWO3WJIEn57he4MkWu3ew1nJeSv3na8gyOoCheG64kW +VbA2YL92mR7QoSCo4SP7RmykLrwj6TlDxqgH6DxKSD/CpdCHE3DKAzAiri3GVc90 +OJAszYHlje4/maVIOayGROVET3xa5cbtRJl8IBgmqhMywtz4hhY/XZTvdEn290aL +857Hk7JjogA7mLKi07yKzknMxHV+k6JX7xJEttkcNQRFHONWZG1T4mRY1Drh6VbJ +Gb+0GNIldNLQqigkfwIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTp +Z30QdMGarrhMPwk+HHAV3R8aTzAfBgNVHSMEGDAWgBQY+tYjuY9dXRN9Po+okcfZ +YcAXLjANBgkqhkiG9w0BAQsFAAOCAQEAgVUsOf9rdHlQDw4clP8GMY7QahfXbvd8 +8o++P18KeInQXH6+sCg0axZXzhOmKwn+Ina3EsOP7xk4aKIYwJ4A1xBuT7fKxquQ +pbJyjkEBsNRVLC9t4gOA0FC791v5bOCZjyff5uN+hy8r0828nVxha6CKLqwrPd+E +mC7DtilSZIgO2vwbTBL6ifmw9n1dd/Bl8Wdjnl7YJqTIf0Ozc2SZSMRUq9ryn4Wq +YrjRl8NwioGb1LfjEJ0wJi2ngL3IgaN94qmDn10OJs8hlsufwP1n+Bca3fsl0m5U +gUMG+CXxbF0kdCKZ9kQb1MJE4vOk6zfyBGQndmQnxHjt5botI/xpXg== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/untrusted.pem b/deps/openssl/openssl/test/certs/untrusted.pem new file mode 100644 index 000000000000..d93d312ddb3d --- /dev/null +++ b/deps/openssl/openssl/test/certs/untrusted.pem @@ -0,0 +1,42 @@ +-----BEGIN CERTIFICATE----- +MIIDhDCCAmygAwIBAgIJAJkv2OGshkmUMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxEDAOBgNVBAMTB2ludGVyQ0EwHhcNMTUwNzAyMTMxODIz +WhcNMzUwNzAyMTMxODIzWjBaMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1T +dGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYDVQQD +EwpzdWJpbnRlckNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/zQj +vhbU7RWDsRaEkVUBZWR/PqZ49GoE9p3OyRN4pkt1c1yb2ARVkYZP5e9gHb04wPVz +2+FYy+2mNkl+uAZbcK5w5fWO3WJIEn57he4MkWu3ew1nJeSv3na8gyOoCheG64kW +VbA2YL92mR7QoSCo4SP7RmykLrwj6TlDxqgH6DxKSD/CpdCHE3DKAzAiri3GVc90 +OJAszYHlje4/maVIOayGROVET3xa5cbtRJl8IBgmqhMywtz4hhY/XZTvdEn290aL +857Hk7JjogA7mLKi07yKzknMxHV+k6JX7xJEttkcNQRFHONWZG1T4mRY1Drh6VbJ +Gb+0GNIldNLQqigkfwIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTp +Z30QdMGarrhMPwk+HHAV3R8aTzAfBgNVHSMEGDAWgBQY+tYjuY9dXRN9Po+okcfZ +YcAXLjANBgkqhkiG9w0BAQsFAAOCAQEAgVUsOf9rdHlQDw4clP8GMY7QahfXbvd8 +8o++P18KeInQXH6+sCg0axZXzhOmKwn+Ina3EsOP7xk4aKIYwJ4A1xBuT7fKxquQ +pbJyjkEBsNRVLC9t4gOA0FC791v5bOCZjyff5uN+hy8r0828nVxha6CKLqwrPd+E +mC7DtilSZIgO2vwbTBL6ifmw9n1dd/Bl8Wdjnl7YJqTIf0Ozc2SZSMRUq9ryn4Wq +YrjRl8NwioGb1LfjEJ0wJi2ngL3IgaN94qmDn10OJs8hlsufwP1n+Bca3fsl0m5U +gUMG+CXxbF0kdCKZ9kQb1MJE4vOk6zfyBGQndmQnxHjt5botI/xpXg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDfjCCAmagAwIBAgIJAKRNsDKacUqNMA0GCSqGSIb3DQEBCwUAMFoxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMTCnN1YmludGVyQ0EwHhcNMTUwNzAyMTMx +OTQ5WhcNMzUwNzAyMTMxOTQ5WjBUMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29t +ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ0wCwYD +VQQDEwRsZWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0Qo9WC/ +BKA70LtQJdwVGSXqr9dut3cQmiFzTb/SaWldjOT1sRNDFxSzdTJjU/8cIDEZvaTI +wRxP/dtVQLjc+4jzrUwz93NuZYlsEWUEUg4Lrnfs0Nz50yHk4rJhVxWjb8Ii/wRB +ViWHFExP7CwTkXiTclC1bCqTuWkjxF3thTfTsttRyY7qNkz2JpNx0guD8v4otQoY +jA5AEZvK4IXLwOwxol5xBTMvIrvvff2kkh+c7OC2QVbUTow/oppjqIKCx2maNHCt +LFTJELf3fwtRJLJsy4fKGP0/6kpZc8Sp88WK4B4FauF9IV1CmoAJUC1vJxhagHIK +fVtFjUWs8GPobQIDAQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQcHcT+8SVG +IRlN9YTuM9rlz7UZfzAfBgNVHSMEGDAWgBTpZ30QdMGarrhMPwk+HHAV3R8aTzAN +BgkqhkiG9w0BAQsFAAOCAQEAGjmSkF8is+v0/RLcnSRiCXENz+yNi4pFCAt6dOtT +6Gtpqa1tY5It9lVppfWb26JrygMIzOr/fB0r1Q7FtZ/7Ft3P6IXVdk3GDO0QsORD +2dRAejhYpc5c7joHxAw9oRfKrEqE+ihVPUTcfcIuBaalvuhkpQRmKP71ws5DVzOw +QhnMd0TtIrbKHaNQ4kNsmSY5fQolwB0LtNfTus7OEFdcZWhOXrWImKXN9jewPKdV +mSG34NfXOnA6qx0eQg06z+TkdrptH6j1Va2vS1/bL+h1GxjpTHlvTGaZYxaloIjw +y/EzY5jygRoABnR3eBm15CYZwwKL9izIq1H3OhymEi/Ycg== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/testssl b/deps/openssl/openssl/test/testssl index b9b86b3b63bb..261097beb048 100644 --- a/deps/openssl/openssl/test/testssl +++ b/deps/openssl/openssl/test/testssl @@ -120,16 +120,15 @@ echo test sslv2/sslv3 with both client and server authentication via BIO pair an $ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 test_cipher() { - local cipher=$1 - local protocol=$2 - echo "Testing $cipher" + _cipher=$1 + echo "Testing $_cipher" prot="" - if [ $protocol = "SSLv3" ] ; then + if [ $2 = "SSLv3" ] ; then prot="-ssl3" fi - $ssltest -cipher $cipher $prot + $ssltest -cipher $_cipher $prot if [ $? -ne 0 ] ; then - echo "Failed $cipher" + echo "Failed $_cipher" exit 1 fi } @@ -199,16 +198,16 @@ if ../util/shlib_wrap.sh ../apps/openssl no-srp; then echo skipping SRP tests else echo test tls1 with SRP - $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123 + $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123 || exit 1 echo test tls1 with SRP via BIO pair - $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123 + $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123 || exit 1 echo test tls1 with SRP auth - $ssltest -tls1 -cipher aSRP -srpuser test -srppass abc123 + $ssltest -tls1 -cipher aSRP -srpuser test -srppass abc123 || exit 1 echo test tls1 with SRP auth via BIO pair - $ssltest -bio_pair -tls1 -cipher aSRP -srpuser test -srppass abc123 + $ssltest -bio_pair -tls1 -cipher aSRP -srpuser test -srppass abc123 || exit 1 fi exit 0 diff --git a/deps/openssl/openssl/test/verify_extra_test.c b/deps/openssl/openssl/test/verify_extra_test.c new file mode 120000 index 000000000000..11d837c6fae4 --- /dev/null +++ b/deps/openssl/openssl/test/verify_extra_test.c @@ -0,0 +1 @@ +../crypto/x509/verify_extra_test.c \ No newline at end of file