ag/cpython-source-deps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Import OpenSSL 1.0.2p

Browse Source
This commit is contained in:
Steve Dower
2018-08-14 08:51:39 -07:00
parent 4933cd8231
commit 4b1c388f4d
157 changed files with 2471 additions and 1482 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
apps/apps.c
View File

@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -1359,7 +1359,8 @@ int set_name_ex(unsigned long *flags, const char *arg)
};
if (set_multi_opts(flags, arg, ex_tbl) == 0)
return 0;
if ((*flags & XN_FLAG_SEP_MASK) == 0)
if (*flags != XN_FLAG_COMPAT
&& (*flags & XN_FLAG_SEP_MASK) == 0)
*flags |= XN_FLAG_SEP_CPLUS_SPC;
return 1;
}

8
apps/asn1pars.c
View File

@@ -295,7 +295,7 @@ int MAIN(int argc, char **argv)
ASN1_TYPE *atmp;
int typ;
j = atoi(sk_OPENSSL_STRING_value(osk, i));
if (j == 0) {
if (j <= 0 || j >= tmplen) {
BIO_printf(bio_err, "'%s' is an invalid number\n",
sk_OPENSSL_STRING_value(osk, i));
continue;
@@ -327,14 +327,14 @@ int MAIN(int argc, char **argv)
num = tmplen;
}
if (offset >= num) {
BIO_printf(bio_err, "Error: offset too large\n");
if (offset < 0 || offset >= num) {
BIO_printf(bio_err, "Error: offset out of range\n");
goto end;
}
num -= offset;
if ((length == 0) || ((long)length > num))
if (length == 0 || length > (unsigned int)num)
length = (unsigned int)num;
if (derout) {
if (BIO_write(derout, str + offset, length) != (int)length) {

5
apps/ca.c
View File

@@ -1176,10 +1176,13 @@ int MAIN(int argc, char **argv)
if (j > 0) {
total_done++;
BIO_printf(bio_err, "\n");
if (!BN_add_word(serial, 1))
if (!BN_add_word(serial, 1)) {
X509_free(x);
goto err;
}
if (!sk_X509_push(cert_sk, x)) {
BIO_printf(bio_err, "Memory allocation failure\n");
X509_free(x);
goto err;
}
}

3
apps/ocsp.c
View File

@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -787,7 +787,6 @@ int MAIN(int argc, char **argv)
OCSP_response_status_str(i), i);
if (ignore_err)
goto redo_accept;
ret = 0;
goto end;
}

6
apps/passwd.c
View File

@@ -306,9 +306,9 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
out_buf[0] = '$';
out_buf[1] = 0;
assert(strlen(magic) <= 4); /* "1" or "apr1" */
strncat(out_buf, magic, 4);
strncat(out_buf, "$", 1);
strncat(out_buf, salt, 8);
BUF_strlcat(out_buf, magic, sizeof(out_buf));
BUF_strlcat(out_buf, "$", sizeof(out_buf));
BUF_strlcat(out_buf, salt, sizeof(out_buf));
assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
salt_out = out_buf + 2 + strlen(magic);
salt_len = strlen(salt_out);

7
apps/s_apps.h
View File

@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -152,9 +152,8 @@ typedef fd_mask fd_set;
#define PROTOCOL "tcp"
int do_server(int port, int type, int *ret,
int (*cb) (char *hostname, int s, int stype,
unsigned char *context), unsigned char *context,
int naccept);
int (*cb) (int s, int stype, unsigned char *context),
unsigned char *context, int naccept);
#ifdef HEADER_X509_H
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
#endif

4
apps/s_client.c
View File

@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -337,7 +337,7 @@ static void sc_usage(void)
BIO_printf(bio_err,
" -prexit - print session information even on connection failure\n");
BIO_printf(bio_err,
" -showcerts - show all certificates in the chain\n");
" -showcerts - Show all certificates sent by the server\n");
BIO_printf(bio_err, " -debug - extra output\n");
#ifdef WATT32
BIO_printf(bio_err, " -wdebug - WATT-32 tcp debugging\n");

35
apps/s_server.c
View File

@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -209,9 +209,9 @@ typedef unsigned int u_int;
#ifndef OPENSSL_NO_RSA
static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
#endif
static int sv_body(char *hostname, int s, int stype, unsigned char *context);
static int www_body(char *hostname, int s, int stype, unsigned char *context);
static int rev_body(char *hostname, int s, int stype, unsigned char *context);
static int sv_body(int s, int stype, unsigned char *context);
static int www_body(int s, int stype, unsigned char *context);
static int rev_body(int s, int stype, unsigned char *context);
static void close_accept_socket(void);
static void sv_usage(void);
static int init_ssl_connection(SSL *s);
@@ -1087,11 +1087,14 @@ int MAIN(int argc, char *argv[])
char *chCApath = NULL, *chCAfile = NULL;
char *vfyCApath = NULL, *vfyCAfile = NULL;
unsigned char *context = NULL;
#ifndef OPENSSL_NO_DH
char *dhfile = NULL;
int no_dhe = 0;
#endif
int badop = 0;
int ret = 1;
int build_chain = 0;
int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0;
int no_tmp_rsa = 0, no_ecdhe = 0, nocert = 0;
int state = 0;
const SSL_METHOD *meth = NULL;
int socket_type = SOCK_STREAM;
@@ -1239,11 +1242,15 @@ int MAIN(int argc, char *argv[])
if (--argc < 1)
goto bad;
s_chain_file = *(++argv);
} else if (strcmp(*argv, "-dhparam") == 0) {
}
#ifndef OPENSSL_NO_DH
else if (strcmp(*argv, "-dhparam") == 0) {
if (--argc < 1)
goto bad;
dhfile = *(++argv);
} else if (strcmp(*argv, "-dcertform") == 0) {
}
#endif
else if (strcmp(*argv, "-dcertform") == 0) {
if (--argc < 1)
goto bad;
s_dcert_format = str2fmt(*(++argv));
@@ -1390,9 +1397,13 @@ int MAIN(int argc, char *argv[])
verify_quiet = 1;
} else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
no_tmp_rsa = 1;
} else if (strcmp(*argv, "-no_dhe") == 0) {
}
#ifndef OPENSSL_NO_DH
else if (strcmp(*argv, "-no_dhe") == 0) {
no_dhe = 1;
} else if (strcmp(*argv, "-no_ecdhe") == 0) {
}
#endif
else if (strcmp(*argv, "-no_ecdhe") == 0) {
no_ecdhe = 1;
} else if (strcmp(*argv, "-no_resume_ephemeral") == 0) {
no_resume_ephemeral = 1;
@@ -2165,7 +2176,7 @@ static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
SSL_CTX_sess_get_cache_size(ssl_ctx));
}
static int sv_body(char *hostname, int s, int stype, unsigned char *context)
static int sv_body(int s, int stype, unsigned char *context)
{
char *buf = NULL;
fd_set readfds;
@@ -2780,7 +2791,7 @@ static int load_CA(SSL_CTX *ctx, char *file)
}
#endif
static int www_body(char *hostname, int s, int stype, unsigned char *context)
static int www_body(int s, int stype, unsigned char *context)
{
char *buf = NULL;
int ret = 1;
@@ -3183,7 +3194,7 @@ static int www_body(char *hostname, int s, int stype, unsigned char *context)
return (ret);
}
static int rev_body(char *hostname, int s, int stype, unsigned char *context)
static int rev_body(int s, int stype, unsigned char *context)
{
char *buf = NULL;
int i;

75
apps/s_socket.c
View File

@@ -109,7 +109,7 @@ static int ssl_sock_init(void);
static int init_client_ip(int *sock, unsigned char ip[4], int port, int type);
static int init_server(int *sock, int port, int type);
static int init_server_long(int *sock, int port, char *ip, int type);
static int do_accept(int acc_sock, int *sock, char **host);
static int do_accept(int acc_sock, int *sock);
static int host_ip(char *str, unsigned char ip[4]);
# ifdef OPENSSL_SYS_WIN16
@@ -290,12 +290,10 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
}
int do_server(int port, int type, int *ret,
int (*cb) (char *hostname, int s, int stype,
unsigned char *context), unsigned char *context,
int naccept)
int (*cb) (int s, int stype, unsigned char *context),
unsigned char *context, int naccept)
{
int sock;
char *name = NULL;
int accept_socket = 0;
int i;
@@ -308,15 +306,13 @@ int do_server(int port, int type, int *ret,
}
for (;;) {
if (type == SOCK_STREAM) {
if (do_accept(accept_socket, &sock, &name) == 0) {
if (do_accept(accept_socket, &sock) == 0) {
SHUTDOWN(accept_socket);
return (0);
}
} else
sock = accept_socket;
i = (*cb) (name, sock, type, context);
if (name != NULL)
OPENSSL_free(name);
i = (*cb) (sock, type, context);
if (type == SOCK_STREAM)
SHUTDOWN2(sock);
if (naccept != -1)
@@ -386,30 +382,24 @@ static int init_server(int *sock, int port, int type)
return (init_server_long(sock, port, NULL, type));
}
static int do_accept(int acc_sock, int *sock, char **host)
static int do_accept(int acc_sock, int *sock)
{
int ret;
struct hostent *h1, *h2;
static struct sockaddr_in from;
int len;
/* struct linger ling; */
if (!ssl_sock_init())
return (0);
return 0;
# ifndef OPENSSL_SYS_WINDOWS
redoit:
# endif
memset((char *)&from, 0, sizeof(from));
len = sizeof(from);
/*
* Note: under VMS with SOCKETSHR the fourth parameter is currently of
* type (int *) whereas under other systems it is (void *) if you don't
* have a cast it will choke the compiler: if you do have a cast then you
* can either go for (int *) or (void *).
*/
ret = accept(acc_sock, (struct sockaddr *)&from, (void *)&len);
ret = accept(acc_sock, NULL, NULL);
if (ret == INVALID_SOCKET) {
# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
int i;
@@ -425,56 +415,11 @@ static int do_accept(int acc_sock, int *sock, char **host)
fprintf(stderr, "errno=%d ", errno);
perror("accept");
# endif
return (0);
return 0;
}
/*-
ling.l_onoff=1;
ling.l_linger=0;
i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
if (i < 0) { perror("linger"); return(0); }
i=0;
i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
if (i < 0) { perror("keepalive"); return(0); }
*/
if (host == NULL)
goto end;
# ifndef BIT_FIELD_LIMITS
/* I should use WSAAsyncGetHostByName() under windows */
h1 = gethostbyaddr((char *)&from.sin_addr.s_addr,
sizeof(from.sin_addr.s_addr), AF_INET);
# else
h1 = gethostbyaddr((char *)&from.sin_addr,
sizeof(struct in_addr), AF_INET);
# endif
if (h1 == NULL) {
BIO_printf(bio_err, "bad gethostbyaddr\n");
*host = NULL;
/* return(0); */
} else {
if ((*host = (char *)OPENSSL_malloc(strlen(h1->h_name) + 1)) == NULL) {
perror("OPENSSL_malloc");
closesocket(ret);
return (0);
}
BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1);
h2 = GetHostByName(*host);
if (h2 == NULL) {
BIO_printf(bio_err, "gethostbyname failure\n");
closesocket(ret);
return (0);
}
if (h2->h_addrtype != AF_INET) {
BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
closesocket(ret);
return (0);
}
}
end:
*sock = ret;
return (1);
return 1;
}
int extract_host_port(char *str, char **host_ptr, unsigned char *ip,

1
apps/verify.c
View File

@@ -277,6 +277,7 @@ static int check(X509_STORE *ctx, char *file,
X509_STORE_set_flags(ctx, vflags);
if (!X509_STORE_CTX_init(csc, ctx, x, uchain)) {
ERR_print_errors(bio_err);
X509_STORE_CTX_free(csc);
goto end;
}
if (tchain)