diff options
| -rw-r--r-- | CHANGES | 17 | ||||
| -rwxr-xr-x | util/mkdef.pl | 80 |
2 files changed, 71 insertions, 26 deletions
@@ -4,6 +4,9 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 1999] + *) Honor the no-xxx Configure options when creating .DEF files. + [Ulf Möller] + *) Add PKCS#10 attributes to field table: challengePassword, unstructuredName and unstructuredAddress. These are taken from draft PKCS#9 v2.0 but are compatible with v1.2 provided no @@ -24,13 +27,13 @@ used all over the place including certificate requests and PKCS#7 structures. They are currently handled manually where necessary with some primitive wrappers for PKCS#7. The new functions behave in a - manner analagous to the X509 extension functions: they allow + manner analogous to the X509 extension functions: they allow attributes to be looked up by NID and added. Later something similar to the X509V3 code would be desirable to automatically handle the encoding, decoding and printing of the more complex types. The string types like challengePassword can - be handled by the string table fuctions. + be handled by the string table functions. Also modified the multi byte string table handling. Now there is a 'global mask' which masks out certain types. The table itself @@ -54,7 +57,7 @@ *) Enhanced support for Alpha Linux is added. Now ./config checks if the host supports BWX extension and if Compaq C is present on the - $PATH. Just exploiting of the BWX extention results in 20-30% + $PATH. Just exploiting of the BWX extension results in 20-30% performance kick for some algorithms, e.g. DES and RC4 to mention a couple. Compaq C in turn generates ~20% faster code for MD5 and SHA1. @@ -161,7 +164,7 @@ CRYPTO_get_mem_debug_functions() [F] CRYPTO_dbg_set_options() [F] CRYPTO_dbg_get_options() [F] - CRYPTO_melloc_debug_init() [M] + CRYPTO_malloc_debug_init() [M] The memory debug functions are NULL by default, unless the library is compiled with CRYPTO_MDEBUG or friends is defined. If someone @@ -442,7 +445,7 @@ the key length in bits: so a 40 bit RC2 key uses a 40 bit (5 byte) key. A few however don't do this and instead use the size of the decrypted key to determine the RC2 key length and the AlgorithmIdentifier to determine - the effective key length. In this case the effective key lenth can still + the effective key length. In this case the effective key length can still be 40 bits but the key length can be 168 bits for example. This is fixed by manually forcing an RC2 key into the EVP_PKEY structure because the EVP code can't currently handle unusual RC2 key sizes: it always assumes @@ -611,7 +614,7 @@ *) Add new -verify -CAfile and -CApath options to the crl program, these will lookup a CRL issuers certificate and verify the signature in a similar way to the verify program. Tidy up the crl program so it - no longer acesses structures directly. Make the ASN1 CRL parsing a bit + no longer accesses structures directly. Make the ASN1 CRL parsing a bit less strict. It will now permit CRL extensions even if it is not a V2 CRL: this will allow it to tolerate some broken CRLs. [Steve Henson] @@ -705,7 +708,7 @@ copies of the data and an O(n^2) reading algorithm. There is a new function BIO_new_mem_buf() which creates a read only memory BIO from an area of memory. Also modified the PKCS#7 routines to use read only - memory BIOSs. + memory BIOs. [Steve Henson] *) Bugfix: ssl23_get_client_hello did not work properly when called in diff --git a/util/mkdef.pl b/util/mkdef.pl index 23fdd7f..06b9426 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -6,26 +6,34 @@ # prototyped functions: it then prunes the output. # -$crypto_num="util/libeay.num"; -$ssl_num= "util/ssleay.num"; +my $crypto_num="util/libeay.num"; +my $ssl_num= "util/ssleay.num"; my $do_update = 0; my $do_crypto = 0; my $do_ssl = 0; -$rsaref = 0; +my $do_ctest = 0; +my $rsaref = 0; -$W32=1; -$NT=0; +my $W32=1; +my $NT=0; # Set this to make typesafe STACK definitions appear in DEF -$safe_stack_def = 1; +my $safe_stack_def = 1; -$options=""; +my $options=""; open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n"; while(<IN>) { $options=$1 if (/^OPTIONS=(.*)$/); } close(IN); +# The following ciphers may be excluded (by Configure). This means functions +# defined with ifndef(NO_XXX) are not included in the .def file, and everything +# in directory xxx is ignored. +my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf; +my $no_cast; my $no_md2; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; +my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; + foreach (@ARGV, split(/ /, $options)) { $W32=1 if $_ eq "32"; @@ -72,9 +80,9 @@ $max_ssl = $max_num; %crypto_list=&load_numbers($crypto_num); $max_crypto = $max_num; -$ssl="ssl/ssl.h"; +my $ssl="ssl/ssl.h"; -$crypto ="crypto/crypto.h"; +my $crypto ="crypto/crypto.h"; $crypto.=" crypto/des/des.h" unless $no_des; $crypto.=" crypto/idea/idea.h" unless $no_idea; $crypto.=" crypto/rc4/rc4.h" unless $no_rc4; @@ -117,8 +125,8 @@ $crypto.=" crypto/rand/rand.h"; $crypto.=" crypto/comp/comp.h"; $crypto.=" crypto/tmdiff.h"; -@ssl_func = &do_defs("SSLEAY", $ssl); -@crypto_func = &do_defs("LIBEAY", $crypto); +my @ssl_func = &do_defs("SSLEAY", $ssl); +my @crypto_func = &do_defs("LIBEAY", $crypto); if ($do_update) { @@ -168,14 +176,15 @@ EOF sub do_defs { my($name,$files)=@_; + my $file; my @ret; my %funcs; + my $cpp; foreach $file (split(/\s+/,$files)) { open(IN,"<$file") || die "unable to open $file:$!\n"; - - my $line = "", $def= ""; + my $line = "", my $def= ""; my %tag = ( FreeBSD => 0, NOPROTO => 0, @@ -185,6 +194,22 @@ sub do_defs NO_FP_API => 0, CONST_STRICT => 0, TRUE => 1, + NO_RC2 => 0, + NO_RC4 => 0, + NO_RC5 => 0, + NO_IDEA => 0, + NO_DES => 0, + NO_BF => 0, + NO_CAST => 0, + NO_MD2 => 0, + NO_MD5 => 0, + NO_SHA => 0, + NO_RIPEMD => 0, + NO_MDC2 => 0, + NO_RSA => 0, + NO_DSA => 0, + NO_DH => 0, + NO_HMAC => 0, ); while(<IN>) { last if (/BEGIN ERROR CODES/); @@ -276,7 +301,7 @@ sub do_defs } $funcs{"PEM_read_bio_${1}"} = 1; $funcs{"PEM_write_bio_${1}"} = 1; - } elsif ( + } elsif ( ($tag{'TRUE'} != -1) && ($tag{'FreeBSD'} != 1) && ($tag{'CONST_STRICT'} != 1) && @@ -287,7 +312,23 @@ sub do_defs ((!$W32 && $tag{'_WINDLL'} != -1) || ($W32 && $tag{'_WINDLL'} != 1)) && ((($tag{'NO_FP_API'} != 1) && $W32) || - (($tag{'NO_FP_API'} != -1) && !$W32))) + (($tag{'NO_FP_API'} != -1) && !$W32)) && + ($tag{'NO_RC2'} == 0 || !$no_rc2) && + ($tag{'NO_RC4'} == 0 || !$no_rc4) && + ($tag{'NO_RC5'} == 0 || !$no_rc5) && + ($tag{'NO_IDEA'} == 0 || !$no_idea) && + ($tag{'NO_DES'} == 0 || !$no_des) && + ($tag{'NO_BF'} == 0 || !$no_bf) && + ($tag{'NO_CAST'} == 0 || !$no_cast) && + ($tag{'NO_MD2'} == 0 || !$no_md2) && + ($tag{'NO_MD5'} == 0 || !$no_md5) && + ($tag{'NO_SHA'} == 0 || !$no_sha) && + ($tag{'NO_RIPEMD'} == 0 || !$no_ripemd) && + ($tag{'NO_MDC2'} == 0 || !$no_mdc2) && + ($tag{'NO_RSA'} == 0 || !$no_rsa) && + ($tag{'NO_DSA'} == 0 || !$no_dsa) && + ($tag{'NO_DH'} == 0 || !$no_dh) && + ($tag{'NO_HMAC'} == 0 || !$no_hmac)) { if (/{|\/\*/) { # } $line = $_; @@ -363,8 +404,9 @@ sub do_defs sub print_test_file { - (*OUT,my $name,*nums,@functions)=@_; - my $n =1; + (*OUT,my $name,*nums,my @functions)=@_; + my $n = 1; my @e; my @r; + my $func; (@e)=grep(/^SSLeay/,@functions); (@r)=grep(!/^SSLeay/,@functions); @@ -383,8 +425,8 @@ sub print_test_file sub print_def_file { - (*OUT,my $name,*nums,@functions)=@_; - my $n =1; + (*OUT,my $name,*nums,my @functions)=@_; + my $n = 1; my @e; my @r; if ($W32) { $name.="32"; } |