1
0
Fork 0
mirror of https://github.com/ossrs/srs.git synced 2025-03-09 15:49:59 +00:00

Upgrade openssl from 1.1.0e to 1.1.1b, with source code. 4.0.78

This commit is contained in:
winlin 2021-03-01 20:47:57 +08:00
parent 8f1c992379
commit 96dbd7bced
1476 changed files with 616554 additions and 4 deletions

View file

@ -0,0 +1,288 @@
#! /usr/bin/env perl
# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
use warnings;
use lib '.';
use configdata;
use File::Spec::Functions qw(:DEFAULT rel2abs);
use File::Compare qw(compare_text);
use feature 'state';
# When using stat() on Windows, we can get it to perform better by avoid some
# data. This doesn't affect the mtime field, so we're not losing anything...
${^WIN32_SLOPPY_STAT} = 1;
my $debug = $ENV{ADD_DEPENDS_DEBUG};
my $buildfile = $config{build_file};
my $build_mtime = (stat($buildfile))[9];
my $rebuild = 0;
my $depext = $target{dep_extension} || ".d";
my @depfiles =
sort
grep {
# This grep has side effects. Not only does if check the existence
# of the dependency file given in $_, but it also checks if it's
# newer than the build file, and if it is, sets $rebuild.
my @st = stat($_);
$rebuild = 1 if @st && $st[9] > $build_mtime;
scalar @st > 0; # Determines the grep result
}
map { (my $x = $_) =~ s|\.o$|$depext|; $x; }
( ( grep { $unified_info{sources}->{$_}->[0] =~ /\.cc?$/ }
keys %{$unified_info{sources}} ),
( grep { $unified_info{shared_sources}->{$_}->[0] =~ /\.cc?$/ }
keys %{$unified_info{shared_sources}} ) );
exit 0 unless $rebuild;
# Ok, primary checks are done, time to do some real work
my $producer = shift @ARGV;
die "Producer not given\n" unless $producer;
my $srcdir = $config{sourcedir};
my $blddir = $config{builddir};
my $abs_srcdir = rel2abs($srcdir);
my $abs_blddir = rel2abs($blddir);
# Convenient cache of absolute to relative map. We start with filling it
# with mappings for the known generated header files. They are relative to
# the current working directory, so that's an easy task.
# NOTE: there's more than C header files that are generated. They will also
# generate entries in this map. We could of course deal with C header files
# only, but in case we decide to handle more than just C files in the future,
# we already have the mechanism in place here.
# NOTE2: we lower case the index to make it searchable without regard for
# character case. That could seem dangerous, but as long as we don't have
# files we depend on in the same directory that only differ by character case,
# we're fine.
my %depconv_cache =
map { catfile($abs_blddir, $_) => $_ }
keys %{$unified_info{generate}};
my %procedures = (
'gcc' => undef, # gcc style dependency files needs no mods
'makedepend' =>
sub {
# makedepend, in its infinite wisdom, wants to have the object file
# in the same directory as the source file. This doesn't work too
# well with out-of-source-tree builds, so we must resort to tricks
# to get things right. Fortunately, the .d files are always placed
# parallel with the object files, so all we need to do is construct
# the object file name from the dep file name.
(my $objfile = shift) =~ s|\.d$|.o|i;
my $line = shift;
# Discard comments
return undef if $line =~ /^(#.*|\s*)$/;
# Remove the original object file
$line =~ s|^.*\.o: | |;
# Also, remove any dependency that starts with a /, because those
# are typically system headers
$line =~ s/\s+\/(\\.|\S)*//g;
# Finally, discard all empty lines
return undef if $line =~ /^\s*$/;
# All we got now is a dependency, just shave off surrounding spaces
$line =~ s/^\s+//;
$line =~ s/\s+$//;
return ($objfile, $line);
},
'VMS C' =>
sub {
state $abs_srcdir_shaved = undef;
state $srcdir_shaved = undef;
unless (defined $abs_srcdir_shaved) {
($abs_srcdir_shaved = $abs_srcdir) =~ s|[>\]]$||;
($srcdir_shaved = $srcdir) =~ s|[>\]]$||;
}
# current versions of DEC / Compaq / HP / VSI C strips away all
# directory information from the object file, so we must insert it
# back. To make life simpler, we simply replace it with the
# corresponding .D file that's had its extension changed. Since
# .D files are always written parallel to the object files, we
# thereby get the directory information for free.
(my $objfile = shift) =~ s|\.D$|.OBJ|i;
my $line = shift;
# Shave off the target.
#
# The pattern for target and dependencies will always take this
# form:
#
# target SPACE : SPACE deps
#
# This is so a volume delimiter (a : without any spaces around it)
# won't get mixed up with the target / deps delimiter. We use this
# to easily identify what needs to be removed.
m|\s:\s|; $line = $';
# We know that VMS has system header files in text libraries,
# extension .TLB. We also know that our header files aren't stored
# in text libraries. Finally, we know that VMS C produces exactly
# one dependency per line, so we simply discard any line ending with
# .TLB.
return undef if /\.TLB\s*$/;
# All we got now is a dependency, just shave off surrounding spaces
$line =~ s/^\s+//;
$line =~ s/\s+$//;
# VMS C gives us absolute paths, always. Let's see if we can
# make them relative instead.
$line = canonpath($line);
unless (defined $depconv_cache{$line}) {
my $dep = $line;
# Since we have already pre-populated the cache with
# mappings for generated headers, we only need to deal
# with the source tree.
if ($dep =~ s|^\Q$abs_srcdir_shaved\E([\.>\]])?|$srcdir_shaved$1|i) {
$depconv_cache{$line} = $dep;
}
}
return ($objfile, $depconv_cache{$line})
if defined $depconv_cache{$line};
print STDERR "DEBUG[VMS C]: ignoring $objfile <- $line\n"
if $debug;
return undef;
},
'VC' =>
sub {
# For the moment, we only support Visual C on native Windows, or
# compatible compilers. With those, the flags /Zs /showIncludes
# give us the necessary output to be able to create dependencies
# that nmake (or any 'make' implementation) should be able to read,
# with a bit of help. The output we're interested in looks like
# this (it always starts the same)
#
# Note: including file: {whatever header file}
#
# Since there's no object file name at all in that information,
# we must construct it ourselves.
(my $objfile = shift) =~ s|\.d$|.obj|i;
my $line = shift;
# There are also other lines mixed in, for example compiler
# warnings, so we simply discard anything that doesn't start with
# the Note:
if (/^Note: including file: */) {
(my $tail = $') =~ s/\s*\R$//;
# VC gives us absolute paths for all include files, so to
# remove system header dependencies, we need to check that
# they don't match $abs_srcdir or $abs_blddir.
$tail = canonpath($tail);
unless (defined $depconv_cache{$tail}) {
my $dep = $tail;
# Since we have already pre-populated the cache with
# mappings for generated headers, we only need to deal
# with the source tree.
if ($dep =~ s|^\Q$abs_srcdir\E\\|\$(SRCDIR)\\|i) {
$depconv_cache{$tail} = $dep;
}
}
return ($objfile, '"'.$depconv_cache{$tail}.'"')
if defined $depconv_cache{$tail};
print STDERR "DEBUG[VC]: ignoring $objfile <- $tail\n"
if $debug;
}
return undef;
},
);
my %continuations = (
'gcc' => undef,
'makedepend' => "\\",
'VMS C' => "-",
'VC' => "\\",
);
die "Producer unrecognised: $producer\n"
unless exists $procedures{$producer} && exists $continuations{$producer};
my $procedure = $procedures{$producer};
my $continuation = $continuations{$producer};
my $buildfile_new = "$buildfile-$$";
my %collect = ();
if (defined $procedure) {
foreach my $depfile (@depfiles) {
open IDEP,$depfile or die "Trying to read $depfile: $!\n";
while (<IDEP>) {
s|\R$||; # The better chomp
my ($target, $deps) = $procedure->($depfile, $_);
$collect{$target}->{$deps} = 1 if defined $target;
}
close IDEP;
}
}
open IBF, $buildfile or die "Trying to read $buildfile: $!\n";
open OBF, '>', $buildfile_new or die "Trying to write $buildfile_new: $!\n";
while (<IBF>) {
last if /^# DO NOT DELETE THIS LINE/;
print OBF or die "$!\n";
}
close IBF;
print OBF "# DO NOT DELETE THIS LINE -- make depend depends on it.\n";
if (defined $procedure) {
foreach my $target (sort keys %collect) {
my $prefix = $target . ' :';
my @deps = sort keys %{$collect{$target}};
while (@deps) {
my $buf = $prefix;
$prefix = '';
while (@deps && ($buf eq ''
|| length($buf) + length($deps[0]) <= 77)) {
$buf .= ' ' . shift @deps;
}
$buf .= ' '.$continuation if @deps;
print OBF $buf,"\n" or die "Trying to print: $!\n"
}
}
} else {
foreach my $depfile (@depfiles) {
open IDEP,$depfile or die "Trying to read $depfile: $!\n";
while (<IDEP>) {
print OBF or die "Trying to print: $!\n";
}
close IDEP;
}
}
close OBF;
if (compare_text($buildfile_new, $buildfile) != 0) {
rename $buildfile_new, $buildfile
or die "Trying to rename $buildfile_new -> $buildfile: $!\n";
}
END {
# On VMS, we want to remove all generations of this file, in case there
# are more than one, so we loop.
if (defined $buildfile_new) {
while (unlink $buildfile_new) {}
}
}

View file

@ -0,0 +1,8 @@
IF[{- $target{build_scheme}->[1] eq "VMS" -}]
SCRIPTS_NO_INST=local_shlib.com unlocal_shlib.com
SOURCE[local_shlib.com]=local_shlib.com.in
SOURCE[unlocal_shlib.com]=unlocal_shlib.com.in
ELSIF[{- $target{build_scheme}->[1] eq "unix" -}]
SCRIPTS_NO_INST=shlib_wrap.sh
SOURCE[shlib_wrap.sh]=shlib_wrap.sh.in
ENDIF

View file

@ -0,0 +1,16 @@
#! /bin/sh
# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
(
pcregrep -rnM 'OPENSSL_.?alloc.*\n.*if.*NULL.*\n.*return' crypto ssl
pcregrep -rnM 'if.*OPENSSL_.?alloc.*NULL.*\n.*.*return' crypto ssl
) | tee /tmp/out$$
X=0
test -s /tmp/out$$ && X=1
rm /tmp/out$$
exit $X

152
trunk/3rdparty/openssl-1.1-fit/util/ck_errf.pl vendored Executable file
View file

@ -0,0 +1,152 @@
#! /usr/bin/env perl
# Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# This is just a quick script to scan for cases where the 'error'
# function name in a XXXerr() macro is wrong.
#
# Run in the top level by going
# perl util/ck_errf.pl */*.c */*/*.c
#
use strict;
use warnings;
my $config;
my $err_strict = 0;
my $debug = 0;
my $internal = 0;
sub help
{
print STDERR <<"EOF";
mkerr.pl [options] [files...]
Options:
-conf FILE Use the named config file FILE instead of the default.
-debug Verbose output debugging on stderr.
-internal Generate code that is to be built as part of OpenSSL itself.
Also scans internal list of files.
-strict If any error was found, fail with exit code 1, otherwise 0.
-help Show this help text.
... Additional arguments are added to the file list to scan,
if '-internal' was NOT specified on the command line.
EOF
}
while ( @ARGV ) {
my $arg = $ARGV[0];
last unless $arg =~ /-.*/;
$arg = $1 if $arg =~ /-(-.*)/;
if ( $arg eq "-conf" ) {
$config = $ARGV[1];
shift @ARGV;
} elsif ( $arg eq "-debug" ) {
$debug = 1;
} elsif ( $arg eq "-internal" ) {
$internal = 1;
} elsif ( $arg eq "-strict" ) {
$err_strict = 1;
} elsif ( $arg =~ /-*h(elp)?/ ) {
&help();
exit;
} elsif ( $arg =~ /-.*/ ) {
die "Unknown option $arg; use -h for help.\n";
}
shift @ARGV;
}
my @source;
if ( $internal ) {
die "Extra parameters given.\n" if @ARGV;
$config = "crypto/err/openssl.ec" unless defined $config;
@source = ( glob('crypto/*.c'), glob('crypto/*/*.c'),
glob('ssl/*.c'), glob('ssl/*/*.c') );
} else {
die "Configuration file not given.\nSee '$0 -help' for information\n"
unless defined $config;
@source = @ARGV;
}
# To detect if there is any error generation for a libcrypto/libssl libs
# we don't know, we need to find out what libs we do know. That list is
# readily available in crypto/err/openssl.ec, in form of lines starting
# with "L ". Note that we always rely on the modules SYS and ERR to be
# generally available.
my %libs = ( SYS => 1, ERR => 1 );
open my $cfh, $config or die "Trying to read $config: $!\n";
while (<$cfh>) {
s|\R$||; # Better chomp
next unless m|^L ([0-9A-Z_]+)\s|;
next if $1 eq "NONE";
$libs{$1} = 1;
}
my $bad = 0;
foreach my $file (@source) {
open( IN, "<$file" ) || die "Can't open $file, $!";
my $func = "";
while (<IN>) {
if ( !/;$/ && /^\**([a-zA-Z_].*[\s*])?([A-Za-z_0-9]+)\(.*([),]|$)/ ) {
/^([^()]*(\([^()]*\)[^()]*)*)\(/;
$1 =~ /([A-Za-z_0-9]*)$/;
$func = $1;
$func =~ tr/A-Z/a-z/;
}
if ( /([A-Z0-9_]+[A-Z0-9])err\(([^,]+)/ && !/ckerr_ignore/ ) {
my $errlib = $1;
my $n = $2;
unless ( $libs{$errlib} ) {
print "$file:$.:$errlib not listed in $config\n";
$libs{$errlib} = 1; # To not display it again
$bad = 1;
}
if ( $func eq "" ) {
print "$file:$.:???:$n\n";
$bad = 1;
next;
}
if ( $n !~ /^(.+)_F_(.+)$/ ) {
#print "check -$file:$.:$func:$n\n";
next;
}
my $lib = $1;
$n = $2;
if ( $lib ne $errlib ) {
print "$file:$.:$func:$n [${errlib}err]\n";
$bad = 1;
next;
}
$n =~ tr/A-Z/a-z/;
if ( $n ne $func && $errlib ne "SYS" ) {
print "$file:$.:$func:$n\n";
$bad = 1;
next;
}
# print "$func:$1\n";
}
}
close(IN);
}
if ( $bad && $err_strict ) {
print STDERR "FATAL: error discrepancy\n";
exit 1;
}

View file

@ -0,0 +1,84 @@
#! /usr/bin/env perl
# Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use Fcntl;
# copy.pl
# Perl script 'copy' comment. On Windows the built in "copy" command also
# copies timestamps: this messes up Makefile dependencies.
my $stripcr = 0;
my $arg;
my @excludes = ();
foreach $arg (@ARGV) {
if ($arg eq "-stripcr")
{
$stripcr = 1;
next;
}
if ($arg =~ /^-exclude_re=(.*)$/)
{
push @excludes, $1;
next;
}
$arg =~ s|\\|/|g; # compensate for bug/feature in cygwin glob...
$arg = qq("$arg") if ($arg =~ /\s/); # compensate for bug in 5.10...
foreach my $f (glob $arg)
{
push @filelist, $f unless grep { $f =~ /$_/ } @excludes;
}
}
$fnum = @filelist;
if ($fnum <= 1)
{
die "Need at least two filenames";
}
$dest = pop @filelist;
if ($fnum > 2 && ! -d $dest)
{
die "Destination must be a directory";
}
foreach (@filelist)
{
if (-d $dest)
{
$dfile = $_;
$dfile =~ s|^.*[/\\]([^/\\]*)$|$1|;
$dfile = "$dest/$dfile";
}
else
{
$dfile = $dest;
}
sysopen(IN, $_, O_RDONLY|O_BINARY) || die "Can't Open $_";
sysopen(OUT, $dfile, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY)
|| die "Can't Open $dfile";
while (sysread IN, $buf, 10240)
{
if ($stripcr)
{
$buf =~ tr/\015//d;
}
syswrite(OUT, $buf, length($buf));
}
close(IN);
close(OUT);
print "Copying: $_ to $dfile\n";
}

View file

@ -0,0 +1,210 @@
#! /usr/bin/env perl
# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# Reads one or more template files and runs it through Text::Template
#
# It is assumed that this scripts is called with -Mconfigdata, a module
# that holds configuration data in %config
use strict;
use warnings;
use FindBin;
use Getopt::Std;
# We actually expect to get the following hash tables from configdata:
#
# %config
# %target
# %withargs
# %unified_info
#
# We just do a minimal test to see that we got what we expected.
# $config{target} must exist as an absolute minimum.
die "You must run this script with -Mconfigdata\n" if !exists($config{target});
# Make a subclass of Text::Template to override append_text_to_result,
# as recommended here:
#
# http://search.cpan.org/~mjd/Text-Template-1.46/lib/Text/Template.pm#Automatic_postprocessing_of_template_hunks
package OpenSSL::Template;
# Because we know that Text::Template isn't a core Perl module, we use
# a fallback in case it's not installed on the system
use File::Basename;
use File::Spec::Functions;
use lib "$FindBin::Bin/perl";
use with_fallback "Text::Template 1.46";
#use parent qw/Text::Template/;
use vars qw/@ISA/;
push @ISA, qw/Text::Template/;
# Override constructor
sub new {
my ($class) = shift;
# Call the constructor of the parent class, Person.
my $self = $class->SUPER::new( @_ );
# Add few more attributes
$self->{_output_off} = 0; # Default to output hunks
bless $self, $class;
return $self;
}
sub append_text_to_output {
my $self = shift;
if ($self->{_output_off} == 0) {
$self->SUPER::append_text_to_output(@_);
}
return;
}
sub output_reset_on {
my $self = shift;
$self->{_output_off} = 0;
}
sub output_on {
my $self = shift;
if (--$self->{_output_off} < 0) {
$self->{_output_off} = 0;
}
}
sub output_off {
my $self = shift;
$self->{_output_off}++;
}
# Come back to main
package main;
# Helper functions for the templates #################################
# It might be practical to quotify some strings and have them protected
# from possible harm. These functions primarily quote things that might
# be interpreted wrongly by a perl eval.
# quotify1 STRING
# This adds quotes (") around the given string, and escapes any $, @, \,
# " and ' by prepending a \ to them.
sub quotify1 {
my $s = shift @_;
$s =~ s/([\$\@\\"'])/\\$1/g;
'"'.$s.'"';
}
# quotify_l LIST
# For each defined element in LIST (i.e. elements that aren't undef), have
# it quotified with 'quotify1'
sub quotify_l {
map {
if (!defined($_)) {
();
} else {
quotify1($_);
}
} @_;
}
# Error reporter #####################################################
# The error reporter uses %lines to figure out exactly which file the
# error happened and at what line. Not that the line number may be
# the start of a perl snippet rather than the exact line where it
# happened. Nothing we can do about that here.
my %lines = ();
sub broken {
my %args = @_;
my $filename = "<STDIN>";
my $deducelines = 0;
foreach (sort keys %lines) {
$filename = $lines{$_};
last if ($_ > $args{lineno});
$deducelines += $_;
}
print STDERR $args{error}," in $filename, fragment starting at line ",$args{lineno}-$deducelines;
undef;
}
# Check options ######################################################
my %opts = ();
# -o ORIGINATOR
# declares ORIGINATOR as the originating script.
getopt('o', \%opts);
my @autowarntext = ("WARNING: do not edit!",
"Generated"
. (defined($opts{o}) ? " by ".$opts{o} : "")
. (scalar(@ARGV) > 0 ? " from ".join(", ",@ARGV) : ""));
# Template reading ###################################################
# Read in all the templates into $text, while keeping track of each
# file and its size in lines, to try to help report errors with the
# correct file name and line number.
my $prev_linecount = 0;
my $text =
@ARGV
? join("", map { my $x = Text::Template::_load_text($_);
if (!defined($x)) {
die $Text::Template::ERROR, "\n";
}
$x = "{- output_reset_on() -}" . $x;
my $linecount = $x =~ tr/\n//;
$prev_linecount = ($linecount += $prev_linecount);
$lines{$linecount} = $_;
$x } @ARGV)
: join("", <STDIN>);
# Engage! ############################################################
# Load the full template (combination of files) into Text::Template
# and fill it up with our data. Output goes directly to STDOUT
my $template =
OpenSSL::Template->new(TYPE => 'STRING',
SOURCE => $text,
PREPEND => qq{use lib "$FindBin::Bin/perl";});
sub output_reset_on {
$template->output_reset_on();
"";
}
sub output_on {
$template->output_on();
"";
}
sub output_off {
$template->output_off();
"";
}
$template->fill_in(OUTPUT => \*STDOUT,
HASH => { config => \%config,
target => \%target,
disabled => \%disabled,
withargs => \%withargs,
unified_info => \%unified_info,
autowarntext => \@autowarntext,
quotify1 => \&quotify1,
quotify_l => \&quotify_l,
output_reset_on => \&output_reset_on,
output_on => \&output_on,
output_off => \&output_off },
DELIMITERS => [ "{-", "-}" ],
BROKEN => \&broken);

View file

@ -0,0 +1,12 @@
#! /usr/bin/perl
use strict;
use warnings;
use Getopt::Std;
our $opt_n = 0;
getopts('n') or die "Invalid option: $!\n";
print join(' ', @ARGV);
print "\n" unless $opt_n;

View file

@ -0,0 +1,545 @@
#! /usr/bin/env perl
# Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
require 5.10.0;
use warnings;
use strict;
use Pod::Checker;
use File::Find;
use File::Basename;
use File::Spec::Functions;
use Getopt::Std;
use lib catdir(dirname($0), "perl");
use OpenSSL::Util::Pod;
# Options.
our($opt_d);
our($opt_h);
our($opt_l);
our($opt_n);
our($opt_p);
our($opt_u);
our($opt_c);
sub help()
{
print <<EOF;
Find small errors (nits) in documentation. Options:
-d Detailed list of undocumented (implies -u)
-l Print bogus links
-n Print nits in POD pages
-p Warn if non-public name documented (implies -n)
-u List undocumented functions
-h Print this help message
-c List undocumented commands and options
EOF
exit;
}
my $temp = '/tmp/docnits.txt';
my $OUT;
my %public;
my %mandatory_sections =
( '*' => [ 'NAME', 'DESCRIPTION', 'COPYRIGHT' ],
1 => [ 'SYNOPSIS', 'OPTIONS' ],
3 => [ 'SYNOPSIS', 'RETURN VALUES' ],
5 => [ ],
7 => [ ] );
# Cross-check functions in the NAME and SYNOPSIS section.
sub name_synopsis()
{
my $id = shift;
my $filename = shift;
my $contents = shift;
# Get NAME section and all words in it.
return unless $contents =~ /=head1 NAME(.*)=head1 SYNOPSIS/ms;
my $tmp = $1;
$tmp =~ tr/\n/ /;
print "$id trailing comma before - in NAME\n" if $tmp =~ /, *-/;
$tmp =~ s/ -.*//g;
$tmp =~ s/ */ /g;
print "$id missing comma in NAME\n" if $tmp =~ /[^,] /;
$tmp =~ s/,//g;
my $dirname = dirname($filename);
my $simplename = basename($filename);
$simplename =~ s/.pod$//;
my $foundfilename = 0;
my %foundfilenames = ();
my %names;
foreach my $n ( split ' ', $tmp ) {
$names{$n} = 1;
$foundfilename++ if $n eq $simplename;
$foundfilenames{$n} = 1
if -f "$dirname/$n.pod" && $n ne $simplename;
}
print "$id the following exist as other .pod files:\n",
join(" ", sort keys %foundfilenames), "\n"
if %foundfilenames;
print "$id $simplename (filename) missing from NAME section\n"
unless $foundfilename;
foreach my $n ( keys %names ) {
print "$id $n is not public\n"
if $opt_p and !defined $public{$n};
}
# Find all functions in SYNOPSIS
return unless $contents =~ /=head1 SYNOPSIS(.*)=head1 DESCRIPTION/ms;
my $syn = $1;
foreach my $line ( split /\n+/, $syn ) {
my $sym;
$line =~ s/STACK_OF\([^)]+\)/int/g;
$line =~ s/__declspec\([^)]+\)//;
if ( $line =~ /env (\S*)=/ ) {
# environment variable env NAME=...
$sym = $1;
} elsif ( $line =~ /typedef.*\(\*(\S+)\)\(.*/ ) {
# a callback function pointer: typedef ... (*NAME)(...
$sym = $1;
} elsif ( $line =~ /typedef.* (\S+)\(.*/ ) {
# a callback function signature: typedef ... NAME(...
$sym = $1;
} elsif ( $line =~ /typedef.* (\S+);/ ) {
# a simple typedef: typedef ... NAME;
$sym = $1;
} elsif ( $line =~ /enum (\S*) \{/ ) {
# an enumeration: enum ... {
$sym = $1;
} elsif ( $line =~ /#define ([A-Za-z0-9_]+)/ ) {
$sym = $1;
} elsif ( $line =~ /([A-Za-z0-9_]+)\(/ ) {
$sym = $1;
}
else {
next;
}
print "$id $sym missing from NAME section\n"
unless defined $names{$sym};
$names{$sym} = 2;
# Do some sanity checks on the prototype.
print "$id prototype missing spaces around commas: $line\n"
if ( $line =~ /[a-z0-9],[^ ]/ );
}
foreach my $n ( keys %names ) {
next if $names{$n} == 2;
print "$id $n missing from SYNOPSIS\n";
}
}
sub check()
{
my $filename = shift;
my $dirname = basename(dirname($filename));
my $contents = '';
{
local $/ = undef;
open POD, $filename or die "Couldn't open $filename, $!";
$contents = <POD>;
close POD;
}
my $id = "${filename}:1:";
&name_synopsis($id, $filename, $contents)
unless $contents =~ /=for comment generic/
or $filename =~ m@man[157]/@;
print "$id doesn't start with =pod\n"
if $contents !~ /^=pod/;
print "$id doesn't end with =cut\n"
if $contents !~ /=cut\n$/;
print "$id more than one cut line.\n"
if $contents =~ /=cut.*=cut/ms;
print "$id missing copyright\n"
if $contents !~ /Copyright .* The OpenSSL Project Authors/;
print "$id copyright not last\n"
if $contents =~ /head1 COPYRIGHT.*=head/ms;
print "$id head2 in All uppercase\n"
if $contents =~ /head2\s+[A-Z ]+\n/;
print "$id extra space after head\n"
if $contents =~ /=head\d\s\s+/;
print "$id period in NAME section\n"
if $contents =~ /=head1 NAME.*\.\n.*=head1 SYNOPSIS/ms;
print "$id POD markup in NAME section\n"
if $contents =~ /=head1 NAME.*[<>].*=head1 SYNOPSIS/ms;
print "$id Duplicate $1 in L<>\n"
if $contents =~ /L<([^>]*)\|([^>]*)>/ && $1 eq $2;
print "$id Bad =over $1\n"
if $contents =~ /=over([^ ][^24])/;
print "$id Possible version style issue\n"
if $contents =~ /OpenSSL version [019]/;
if ( $contents !~ /=for comment multiple includes/ ) {
# Look for multiple consecutive openssl #include lines
# (non-consecutive lines are okay; see man3/MD5.pod).
if ( $contents =~ /=head1 SYNOPSIS(.*)=head1 DESCRIPTION/ms ) {
my $count = 0;
foreach my $line ( split /\n+/, $1 ) {
if ( $line =~ m@include <openssl/@ ) {
print "$id has multiple includes\n" if ++$count == 2;
} else {
$count = 0;
}
}
}
}
open my $OUT, '>', $temp
or die "Can't open $temp, $!";
podchecker($filename, $OUT);
close $OUT;
open $OUT, '<', $temp
or die "Can't read $temp, $!";
while ( <$OUT> ) {
next if /\(section\) in.*deprecated/;
print;
}
close $OUT;
unlink $temp || warn "Can't remove $temp, $!";
# Find what section this page is in; assume 3.
my $section = 3;
$section = $1 if $dirname =~ /man([1-9])/;
foreach ((@{$mandatory_sections{'*'}}, @{$mandatory_sections{$section}})) {
# Skip "return values" if not -s
print "$id: missing $_ head1 section\n"
if $contents !~ /^=head1\s+${_}\s*$/m;
}
}
my %dups;
sub parsenum()
{
my $file = shift;
my @apis;
open my $IN, '<', $file
or die "Can't open $file, $!, stopped";
while ( <$IN> ) {
next if /^#/;
next if /\bNOEXIST\b/;
next if /\bEXPORT_VAR_AS_FUNC\b/;
my @fields = split();
die "Malformed line $_"
if scalar @fields != 2 && scalar @fields != 4;
push @apis, $fields[0];
}
close $IN;
print "# Found ", scalar(@apis), " in $file\n" unless $opt_p;
return sort @apis;
}
sub getdocced()
{
my $dir = shift;
my %return;
foreach my $pod ( glob("$dir/*.pod") ) {
my %podinfo = extract_pod_info($pod);
foreach my $n ( @{$podinfo{names}} ) {
$return{$n} = $pod;
print "# Duplicate $n in $pod and $dups{$n}\n"
if defined $dups{$n} && $dups{$n} ne $pod;
$dups{$n} = $pod;
}
}
return %return;
}
my %docced;
sub checkmacros()
{
my $count = 0;
print "# Checking macros (approximate)\n";
foreach my $f ( glob('include/openssl/*.h') ) {
# Skip some internals we don't want to document yet.
next if $f eq 'include/openssl/asn1.h';
next if $f eq 'include/openssl/asn1t.h';
next if $f eq 'include/openssl/err.h';
open(IN, $f) || die "Can't open $f, $!";
while ( <IN> ) {
next unless /^#\s*define\s*(\S+)\(/;
my $macro = $1;
next if $docced{$macro};
next if $macro =~ /i2d_/
|| $macro =~ /d2i_/
|| $macro =~ /DEPRECATEDIN/
|| $macro =~ /IMPLEMENT_/
|| $macro =~ /DECLARE_/;
print "$f:$macro\n" if $opt_d;
$count++;
}
close(IN);
}
print "# Found $count macros missing (not all should be documented)\n"
}
sub printem()
{
my $libname = shift;
my $numfile = shift;
my $count = 0;
foreach my $func ( &parsenum($numfile) ) {
next if $docced{$func};
# Skip ASN1 utilities
next if $func =~ /^ASN1_/;
print "$libname:$func\n" if $opt_d;
$count++;
}
print "# Found $count missing from $numfile\n\n";
}
# Collection of links in each POD file.
# filename => [ "foo(1)", "bar(3)", ... ]
my %link_collection = ();
# Collection of names in each POD file.
# "name(s)" => filename
my %name_collection = ();
sub collectnames {
my $filename = shift;
$filename =~ m|man(\d)/|;
my $section = $1;
my $simplename = basename($filename, ".pod");
my $id = "${filename}:1:";
my $contents = '';
{
local $/ = undef;
open POD, $filename or die "Couldn't open $filename, $!";
$contents = <POD>;
close POD;
}
$contents =~ /=head1 NAME([^=]*)=head1 /ms;
my $tmp = $1;
unless (defined $tmp) {
print "$id weird name section\n";
return;
}
$tmp =~ tr/\n/ /;
$tmp =~ s/-.*//g;
my @names = map { s/\s+//g; $_ } split(/,/, $tmp);
unless (grep { $simplename eq $_ } @names) {
print "$id missing $simplename\n";
push @names, $simplename;
}
foreach my $name (@names) {
next if $name eq "";
my $name_sec = "$name($section)";
if (! exists $name_collection{$name_sec}) {
$name_collection{$name_sec} = $filename;
} else { #elsif ($filename ne $name_collection{$name_sec}) {
print "$id $name_sec also in $name_collection{$name_sec}\n";
}
}
my @foreign_names =
map { map { s/\s+//g; $_ } split(/,/, $_) }
$contents =~ /=for\s+comment\s+foreign\s+manuals:\s*(.*)\n\n/;
foreach (@foreign_names) {
$name_collection{$_} = undef; # It still exists!
}
my @links = $contents =~ /L<
# if the link is of the form L<something|name(s)>,
# then remove 'something'. Note that 'something'
# may contain POD codes as well...
(?:(?:[^\|]|<[^>]*>)*\|)?
# we're only interested in references that have
# a one digit section number
([^\/>\(]+\(\d\))
/gx;
$link_collection{$filename} = [ @links ];
}
sub checklinks {
foreach my $filename (sort keys %link_collection) {
foreach my $link (@{$link_collection{$filename}}) {
print "${filename}:1: reference to non-existing $link\n"
unless exists $name_collection{$link};
}
}
}
sub publicize() {
foreach my $name ( &parsenum('util/libcrypto.num') ) {
$public{$name} = 1;
}
foreach my $name ( &parsenum('util/libssl.num') ) {
$public{$name} = 1;
}
foreach my $name ( &parsenum('util/private.num') ) {
$public{$name} = 1;
}
}
my %skips = (
'aes128' => 1,
'aes192' => 1,
'aes256' => 1,
'aria128' => 1,
'aria192' => 1,
'aria256' => 1,
'camellia128' => 1,
'camellia192' => 1,
'camellia256' => 1,
'des' => 1,
'des3' => 1,
'idea' => 1,
'[cipher]' => 1,
'[digest]' => 1,
);
sub checkflags() {
my $cmd = shift;
my %cmdopts;
my %docopts;
my $ok = 1;
# Get the list of options in the command.
open CFH, "./apps/openssl list --options $cmd|"
|| die "Can list options for $cmd, $!";
while ( <CFH> ) {
chop;
s/ .$//;
$cmdopts{$_} = 1;
}
close CFH;
# Get the list of flags from the synopsis
open CFH, "<doc/man1/$cmd.pod"
|| die "Can't open $cmd.pod, $!";
while ( <CFH> ) {
chop;
last if /DESCRIPTION/;
next unless /\[B<-([^ >]+)/;
$docopts{$1} = 1;
}
close CFH;
# See what's in the command not the manpage.
my @undocced = ();
foreach my $k ( keys %cmdopts ) {
push @undocced, $k unless $docopts{$k};
}
if ( scalar @undocced > 0 ) {
$ok = 0;
foreach ( @undocced ) {
print "doc/man1/$cmd.pod: Missing -$_\n";
}
}
# See what's in the command not the manpage.
my @unimpl = ();
foreach my $k ( keys %docopts ) {
push @unimpl, $k unless $cmdopts{$k};
}
if ( scalar @unimpl > 0 ) {
$ok = 0;
foreach ( @unimpl ) {
next if defined $skips{$_};
print "doc/man1/$cmd.pod: Not implemented -$_\n";
}
}
return $ok;
}
getopts('cdlnphu');
&help() if $opt_h;
$opt_n = 1 if $opt_p;
$opt_u = 1 if $opt_d;
die "Need one of -[cdlnpu] flags.\n"
unless $opt_c or $opt_l or $opt_n or $opt_u;
if ( $opt_c ) {
my $ok = 1;
my @commands = ();
# Get list of commands.
open FH, "./apps/openssl list -1 -commands|"
|| die "Can't list commands, $!";
while ( <FH> ) {
chop;
push @commands, $_;
}
close FH;
# See if each has a manpage.
foreach ( @commands ) {
next if $_ eq 'help' || $_ eq 'exit';
if ( ! -f "doc/man1/$_.pod" ) {
print "doc/man1/$_.pod does not exist\n";
$ok = 0;
} else {
$ok = 0 if not &checkflags($_);
}
}
# See what help is missing.
open FH, "./apps/openssl list --missing-help |"
|| die "Can't list missing help, $!";
while ( <FH> ) {
chop;
my ($cmd, $flag) = split;
print "$cmd has no help for -$flag\n";
$ok = 0;
}
close FH;
exit 1 if not $ok;
}
if ( $opt_l ) {
foreach (@ARGV ? @ARGV : glob('doc/*/*.pod')) {
collectnames($_);
}
checklinks();
}
if ( $opt_n ) {
&publicize() if $opt_p;
foreach (@ARGV ? @ARGV : glob('doc/*/*.pod')) {
&check($_);
}
}
if ( $opt_u ) {
my %temp = &getdocced('doc/man3');
foreach ( keys %temp ) {
$docced{$_} = $temp{$_};
}
&printem('crypto', 'util/libcrypto.num');
&printem('ssl', 'util/libssl.num');
&checkmacros();
}
exit;

View file

@ -0,0 +1,54 @@
#! /bin/bash
# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# Find unused error function-names and reason-codes, and edit them
# out of the source. Doesn't handle line-wrapping, might have to do
# some manual cleanups to fix compile errors.
export X1=/tmp/f.1.$$
export X2=/tmp/f.2.$$
case "$1" in
-f)
PAT='_F_'
echo Functions only
;;
-[er])
PAT='_R_'
echo Reason codes only
;;
"")
PAT='_[FR]_'
echo Function and reasons
;;
*)
echo "Usage error; one of -[efr] required."
exit 1;
;;
esac
cd include/openssl || exit 1
grep "$PAT" * | grep -v ERR_FATAL_ERROR | awk '{print $3;}' | sort -u >$X1
cd ../..
for F in `cat $X1` ; do
git grep -l --full-name -F $F >$X2
NUM=`wc -l <$X2`
test $NUM -gt 2 && continue
if grep -q $F crypto/err/openssl.ec ; then
echo Possibly unused $F found in openssl.ec
continue
fi
echo $F
for FILE in `cat $X2` ; do
grep -v -w $F <$FILE >$FILE.new
mv $FILE.new $FILE
done
done
rm $X1 $X2

View file

@ -0,0 +1,643 @@
-bap
-bbo
-br
-brs
-c33
-cd33
-ce
-ci4
-cli0
-cp33
-d0
-di1
-hnl
-i4
-il1
-ip0
-l80
-lp
-nbad
-nbc
-ncdb
-ncs
-nfc1
-nfca
-npcs
-nprs
-npsl
-nsc
-ppi1
-saf
-sai
-saw
-sob
-ss
-ts0
-T ACCESS_DESCRIPTION
-T ADDED_OBJ
-T AES_KEY
-T APP_INFO
-T ARGS
-T ASIdOrRange
-T ASIdOrRanges
-T ASIdentifierChoice
-T ASIdentifiers
-T ASN1_ADB
-T ASN1_ADB_TABLE
-T ASN1_AUX
-T ASN1_BIT_STRING
-T ASN1_BMPSTRING
-T ASN1_BOOLEAN
-T ASN1_ENCODING
-T ASN1_ENUMERATED
-T ASN1_EXTERN_FUNCS
-T ASN1_GENERALIZEDTIME
-T ASN1_GENERALSTRING
-T ASN1_IA5STRING
-T ASN1_INTEGER
-T ASN1_ITEM
-T ASN1_ITEM_EXP
-T ASN1_NULL
-T ASN1_OBJECT
-T ASN1_OCTET_STRING
-T ASN1_PCTX
-T ASN1_PRIMITIVE_FUNCS
-T ASN1_PRINTABLESTRING
-T ASN1_PRINT_ARG
-T ASN1_SCTX
-T ASN1_STREAM_ARG
-T ASN1_STRING
-T ASN1_STRING_TABLE
-T ASN1_T61STRING
-T ASN1_TEMPLATE
-T ASN1_TIME
-T ASN1_TLC
-T ASN1_TYPE
-T ASN1_UNIVERSALSTRING
-T ASN1_UTCTIME
-T ASN1_UTF8STRING
-T ASN1_VALUE
-T ASN1_VISIBLESTRING
-T AUTHORITY_INFO_ACCESS
-T AUTHORITY_KEYID
-T BASIC_CONSTRAINTS
-T BF_KEY
-T BF_LONG
-T BIGNUM
-T BIO
-T BIO_ACCEPT
-T BIO_ADDR
-T BIO_ASN1_BUF_CTX
-T BIO_ASN1_EX_FUNCS
-T BIO_B64_CTX
-T BIO_CONNECT
-T BIO_ENC_CTX
-T BIO_F_BUFFER_CTX
-T BIO_LINEBUFFER_CTX
-T BIO_METHOD
-T BIO_OK_CTX
-T BIO_SSL
-T BIT_STRING_BITNAME
-T BN_BLINDING
-T BN_CTX
-T BN_GENCB
-T BN_MONT_CTX
-T BN_POOL
-T BN_POOL_ITEM
-T BN_RECP_CTX
-T BN_STACK
-T BN_ULONG
-T BUF_MEM
-T BY_DIR
-T BY_DIR_ENTRY
-T BY_DIR_HASH
-T Bytef
-T CAMELLIA_KEY
-T CAST_KEY
-T CAST_LONG
-T CA_DB
-T CCM128_CONTEXT
-T CERT
-T CERTIFICATEPOLICIES
-T CERT_PKEY
-T CIPHER_ORDER
-T CMAC_CTX
-T CMS_AuthenticatedData
-T CMS_CertificateChoices
-T CMS_CompressedData
-T CMS_ContentInfo
-T CMS_DigestedData
-T CMS_EncapsulatedContentInfo
-T CMS_EncryptedContentInfo
-T CMS_EncryptedData
-T CMS_EnvelopedData
-T CMS_IssuerAndSerialNumber
-T CMS_KEKIdentifier
-T CMS_KEKRecipientInfo
-T CMS_KeyAgreeRecipientIdentifier
-T CMS_KeyAgreeRecipientInfo
-T CMS_KeyTransRecipientInfo
-T CMS_OriginatorIdentifierOrKey
-T CMS_OriginatorInfo
-T CMS_OriginatorPublicKey
-T CMS_OtherCertificateFormat
-T CMS_OtherKeyAttribute
-T CMS_OtherRecipientInfo
-T CMS_OtherRevocationInfoFormat
-T CMS_PasswordRecipientInfo
-T CMS_Receipt
-T CMS_ReceiptRequest
-T CMS_ReceiptsFrom
-T CMS_RecipientEncryptedKey
-T CMS_RecipientIdentifier
-T CMS_RecipientInfo
-T CMS_RecipientKeyIdentifier
-T CMS_RevocationInfoChoice
-T CMS_SignedData
-T CMS_SignerIdentifier
-T CMS_SignerInfo
-T COMP_CTX
-T COMP_METHOD
-T CONF
-T CONF_IMODULE
-T CONF_METHOD
-T CONF_MODULE
-T CONF_VALUE
-T CRYPTO_EX_DATA
-T CRYPTO_EX_dup
-T CRYPTO_EX_free
-T CRYPTO_EX_new
-T CRYPTO_THREADID
-T DB_ATTR
-T DES_LONG
-T DES_cblock
-T DES_key_schedule
-T DH
-T DH_METHOD
-T DH_PKEY_CTX
-T DIST_POINT
-T DIST_POINT_NAME
-T DSA
-T DSA_METHOD
-T DSA_SIG
-T DSO
-T DSO_FUNC_TYPE
-T DSO_MERGER_FUNC
-T DSO_METHOD
-T DSO_NAME_CONVERTER_FUNC
-T DSO_VMS_INTERNAL
-T DTLS1_BITMAP
-T DTLS1_RECORD_DATA
-T DTLS1_STATE
-T Dl_info
-T ECDH_METHOD
-T ECDSA_METHOD
-T ECDSA_SIG
-T ECPARAMETERS
-T ECPKPARAMETERS
-T EC_GROUP
-T EC_KEY
-T EC_METHOD
-T EC_POINT
-T EC_PRE_COMP
-T EC_PRIVATEKEY
-T EC_builtin_curve
-T EDIPARTYNAME
-T ENGINE
-T ENGINE_CIPHERS_PTR
-T ENGINE_CLEANUP_CB
-T ENGINE_CLEANUP_ITEM
-T ENGINE_CMD_DEFN
-T ENGINE_CTRL_FUNC_PTR
-T ENGINE_DIGESTS_PTR
-T ENGINE_GEN_FUNC_PTR
-T ENGINE_GEN_INT_FUNC_PTR
-T ENGINE_LOAD_KEY_PTR
-T ENGINE_PILE
-T ENGINE_PILE_DOALL
-T ENGINE_PKEY_ASN1_METHS_PTR
-T ENGINE_PKEY_METHS_PTR
-T ENGINE_SSL_CLIENT_CERT_PTR
-T ENGINE_TABLE
-T ENUMERATED_NAMES
-T ERR_STATE
-T ERR_STRING_DATA
-T ESS_CERT_ID
-T ESS_CERT_ID_V2
-T ESS_ISSUER_SERIAL
-T ESS_SIGNING_CERT
-T ESS_SIGNING_CERT_V2
-T EVP_AES_HMAC_SHA1
-T EVP_AES_HMAC_SHA256
-T EVP_CIPHER
-T EVP_CIPHER_CTX
-T EVP_CIPHER_INFO
-T EVP_ENCODE_CTX
-T EVP_MD
-T EVP_MD_CTX
-T EVP_PBE_CTL
-T EVP_PBE_KEYGEN
-T EVP_PKEY
-T EVP_PKEY_ASN1_METHOD
-T EVP_PKEY_CTX
-T EVP_PKEY_METHOD
-T EVP_PKEY_gen_cb
-T FILE
-T GCM128_CONTEXT
-T GENERAL_NAME
-T GENERAL_NAMES
-T GENERAL_SUBTREE
-T GEN_SESSION_CB
-T HASH_CTX
-T HEAPENTRY32
-T HEAPLIST32
-T HMAC_CTX
-T IDEA_KEY_SCHEDULE
-T IPAddrBlocks
-T IPAddressFamily
-T IPAddressOrRange
-T IPAddressOrRanges
-T ISSUING_DIST_POINT
-T KEY_TABLE_TYPE
-T LHASH
-T LHASH_DOALL_ARG_FN_TYPE
-T LHASH_NODE
-T LPHEAPENTRY32
-T LPHEAPLIST32
-T LPMODULEENTRY32
-T LPMODULEENTRY32W
-T LPPROCESSENTRY32
-T LPPROCESSENTRY32W
-T LPTHREADENTRY32
-T LP_DIR_CTX
-T MD2_CTX
-T MD4_CTX
-T MD5_CTX
-T MDC2_CTX
-T MEM
-T MEM_LEAK
-T MIME_HEADER
-T MIME_PARAM
-T MODULEENTRY32
-T MODULEENTRY32W
-T NAME_CONSTRAINTS
-T NAME_FUNCS
-T NBIO_TEST
-T NDEF_SUPPORT
-T NETSCAPE_CERT_SEQUENCE
-T NETSCAPE_ENCRYPTED_PKEY
-T NETSCAPE_PKEY
-T NETSCAPE_SPKAC
-T NETSCAPE_SPKI
-T NOTICEREF
-T OBJ_NAME
-T OCB128_CONTEXT
-T OCB_BLOCK
-T OCSP_BASICRESP
-T OCSP_CERTID
-T OCSP_CERTSTATUS
-T OCSP_CRLID
-T OCSP_ONEREQ
-T OCSP_REQINFO
-T OCSP_REQUEST
-T OCSP_REQ_CTX
-T OCSP_RESPBYTES
-T OCSP_RESPDATA
-T OCSP_RESPID
-T OCSP_RESPONSE
-T OCSP_REVOKEDINFO
-T OCSP_SERVICELOC
-T OCSP_SIGNATURE
-T OCSP_SINGLERESP
-T OCSP_TBLSTR
-T OPENSSL_BLOCK
-T OPENSSL_CSTRING
-T OPENSSL_DIR_CTX
-T OPENSSL_PSTRING
-T OPENSSL_STRING
-T OSSL_ASYNC_FD
-T OTHERNAME
-T P256_POINT
-T P256_POINT_AFFINE
-T PBE2PARAM
-T PBEPARAM
-T PBKDF2PARAM
-T PHEAPENTRY32
-T PHEAPLIST32
-T PKCS12
-T PKCS12_BAGS
-T PKCS12_SAFEBAG
-T PKCS7
-T PKCS7_DIGEST
-T PKCS7_ENCRYPT
-T PKCS7_ENC_CONTENT
-T PKCS7_ENVELOPE
-T PKCS7_ISSUER_AND_SERIAL
-T PKCS7_RECIP_INFO
-T PKCS7_SIGNED
-T PKCS7_SIGNER_INFO
-T PKCS7_SIGN_ENVELOPE
-T PKCS8_PRIV_KEY_INFO
-T PKEY_USAGE_PERIOD
-T PMODULEENTRY32
-T PMODULEENTRY32W
-T POLICYINFO
-T POLICYQUALINFO
-T POLICY_CONSTRAINTS
-T POLICY_MAPPING
-T POLICY_MAPPINGS
-T PPROCESSENTRY32
-T PPROCESSENTRY32W
-T PRECOMP256_ROW
-T PROCESSENTRY32
-T PROCESSENTRY32W
-T PROXY_CERT_INFO_EXTENSION
-T PROXY_POLICY
-T PTHREADENTRY32
-T PW_CB_DATA
-T RAND_METHOD
-T RC2_KEY
-T RC4_KEY
-T RC5_32_KEY
-T RIPEMD160_CTX
-T RSA
-T RSA_METHOD
-T RSA_OAEP_PARAMS
-T RSA_PKEY_CTX
-T RSA_PSS_PARAMS
-T SCT
-T SEED_KEY_SCHEDULE
-T SHA256_CTX
-T SHA512_CTX
-T SHA_CTX
-T SRP_ARG
-T SRP_CLIENT_ARG
-T SRP_CTX
-T SRP_SERVER_ARG
-T SRP_VBASE
-T SRP_gN_cache
-T SRP_user_pwd
-T SRTP_PROTECTION_PROFILE
-T SSL
-T SSL3_BUFFER
-T SSL3_COMP
-T SSL3_ENC_METHOD
-T SSL3_RECORD
-T SSL3_STATE
-T SSL_CIPHER
-T SSL_COMP
-T SSL_CONF_CTX
-T SSL_CTX
-T SSL_DANE
-T SSL_EXCERT
-T SSL_METHOD
-T SSL_SESSION
-T SSL_SESSION_ASN1
-T STACK_OF
-T SXNET
-T SXNETID
-T TCHAR
-T TEST_INFO
-T THREADENTRY32
-T TIMEOUT_PARAM
-T TLS_SESSION_TICKET_EXT
-T TLS_SIGALGS
-T TS_ACCURACY
-T TS_MSG_IMPRINT
-T TS_REQ
-T TS_RESP
-T TS_RESP_CTX
-T TS_STATUS_INFO
-T TS_TST_INFO
-T TS_VERIFY_CTX
-T TXT_DB
-T UI
-T UINT64
-T UI_METHOD
-T UI_STRING
-T USERNOTICE
-T WCHAR
-T WHIRLPOOL_CTX
-T WINAPI
-T X509
-T X509V3_CONF_METHOD
-T X509V3_CTX
-T X509V3_EXT_D2I
-T X509V3_EXT_FREE
-T X509V3_EXT_I2D
-T X509V3_EXT_I2R
-T X509V3_EXT_I2S
-T X509V3_EXT_METHOD
-T X509V3_EXT_NEW
-T X509V3_EXT_R2I
-T X509V3_EXT_S2I
-T X509V3_EXT_V2I
-T X509_ALGOR
-T X509_ATTRIBUTE
-T X509_CERT_AUX
-T X509_CINF
-T X509_CRL
-T X509_CRL_INFO
-T X509_CRL_METHOD
-T X509_EXTENSION
-T X509_INFO
-T X509_LOOKUP
-T X509_LOOKUP_METHOD
-T X509_NAME
-T X509_NAME_ENTRY
-T X509_OBJECT
-T X509_PKEY
-T X509_POLICY_CACHE
-T X509_POLICY_DATA
-T X509_POLICY_LEVEL
-T X509_POLICY_NODE
-T X509_POLICY_TREE
-T X509_PUBKEY
-T X509_PURPOSE
-T X509_REQ
-T X509_REQ_INFO
-T X509_REVOKED
-T X509_SIG
-T X509_STORE
-T X509_STORE_CTX
-T X509_TRUST
-T X509_VAL
-T X509_VERIFY_PARAM
-T X9_62_CHARACTERISTIC_TWO
-T X9_62_CURVE
-T X9_62_FIELDID
-T X9_62_PENTANOMIAL
-T XTS128_CONTEXT
-T _LHASH
-T _STACK
-T __int64
-T asn1_ps_func
-T bio_dgram_data
-T bio_info_cb
-T BIO_info_cb
-T BIO_callback_fn
-T char_io
-T conf_finish_func
-T conf_init_func
-T const_DES_cblock
-T d2i_of_void
-T des_cblock
-T dynamic_data_ctx
-T dynamic_fns
-T engine_table_doall_cb
-T i2d_of_void
-T int_dhx942_dh
-T nid_triple
-T pem_password_cb
-T pitem
-T piterator
-T pqueue_s
-T session_op
-T size_t
-T tag_exp_arg
-T testdata
-T time_t
-T time_t
-T u32
-T u64
-T u8
-T v3_ext_ctx
-T v3_ext_method
-T STACK_OF_ACCESS_DESCRIPTION_
-T STACK_OF_ASIdOrRange_
-T STACK_OF_ASN1_ADB_TABLE_
-T STACK_OF_ASN1_INTEGER_
-T STACK_OF_ASN1_OBJECT_
-T STACK_OF_ASN1_STRING_TABLE_
-T STACK_OF_ASN1_TYPE_
-T STACK_OF_ASN1_UTF8STRING_
-T STACK_OF_ASN1_VALUE_
-T STACK_OF_BIO_
-T STACK_OF_BY_DIR_ENTRY_
-T STACK_OF_BY_DIR_HASH_
-T STACK_OF_CMS_CertificateChoices_
-T STACK_OF_CMS_RecipientEncryptedKey_
-T STACK_OF_CMS_RecipientInfo_
-T STACK_OF_CMS_RevocationInfoChoice_
-T STACK_OF_CMS_SignerInfo_
-T STACK_OF_CONF_IMODULE_
-T STACK_OF_CONF_MODULE_
-T STACK_OF_CONF_VALUE_
-T STACK_OF_CRYPTO_dynlock_
-T STACK_OF_DIST_POINT_
-T STACK_OF_ENGINE_
-T STACK_OF_ENGINE_CLEANUP_ITEM_
-T STACK_OF_ESS_CERT_ID_
-T STACK_OF_ESS_CERT_ID_V2_
-T STACK_OF_EVP_PBE_CTL_
-T STACK_OF_EVP_PKEY_ASN1_METHOD_
-T STACK_OF_EVP_PKEY_METHOD_
-T STACK_OF_GENERAL_NAMES_
-T STACK_OF_GENERAL_NAME_
-T STACK_OF_GENERAL_SUBTREE_
-T STACK_OF_IPAddressFamily_
-T STACK_OF_IPAddressOrRange_
-T STACK_OF_MIME_HEADER_
-T STACK_OF_MIME_PARAM_
-T STACK_OF_NAME_FUNCS_
-T STACK_OF_OCSP_CERTID_
-T STACK_OF_OCSP_ONEREQ_
-T STACK_OF_OCSP_RESPID_
-T STACK_OF_OCSP_SINGLERESP_
-T STACK_OF_OPENSSL_BLOCK_
-T STACK_OF_OPENSSL_PSTRING_
-T STACK_OF_OPENSSL_STRING_
-T STACK_OF_PKCS12_SAFEBAG_
-T STACK_OF_PKCS7_
-T STACK_OF_PKCS7_RECIP_INFO_
-T STACK_OF_PKCS7_SIGNER_INFO_
-T STACK_OF_POLICYINFO_
-T STACK_OF_POLICYQUALINFO_
-T STACK_OF_POLICY_MAPPING_
-T STACK_OF_Request_
-T STACK_OF_SCT_
-T STACK_OF_SRP_gN_
-T STACK_OF_SRP_gN_cache_
-T STACK_OF_SRP_user_pwd_
-T STACK_OF_SRTP_PROTECTION_PROFILE_
-T STACK_OF_SSL_CIPHER_
-T STACK_OF_SSL_COMP_
-T STACK_OF_STRING_
-T STACK_OF_SXNETID_
-T STACK_OF_SingleResponse_
-T STACK_OF_UI_STRING_
-T STACK_OF_X509V3_EXT_METHOD_
-T STACK_OF_X509_
-T STACK_OF_X509_ALGOR_
-T STACK_OF_X509_ATTRIBUTE_
-T STACK_OF_X509_CRL_
-T STACK_OF_X509_EXTENSION_
-T STACK_OF_X509_INFO_
-T STACK_OF_X509_LOOKUP_
-T STACK_OF_X509_NAME_
-T STACK_OF_X509_NAME_ENTRY_
-T STACK_OF_X509_OBJECT_
-T STACK_OF_X509_POLICY_DATA_
-T STACK_OF_X509_POLICY_NODE_
-T STACK_OF_X509_PURPOSE_
-T STACK_OF_X509_REVOKED_
-T STACK_OF_X509_TRUST_
-T STACK_OF_X509_VERIFY_PARAM_
-T STACK_OF_nid_triple_
-T STACK_OF_void_
-T LHASH_OF_ADDED_OBJ_
-T LHASH_OF_APP_INFO_
-T LHASH_OF_CONF_VALUE_
-T LHASH_OF_ENGINE_PILE_
-T LHASH_OF_ERR_STATE_
-T LHASH_OF_ERR_STRING_DATA_
-T LHASH_OF_FUNCTION_
-T LHASH_OF_MEM_
-T LHASH_OF_OBJ_NAME_
-T LHASH_OF_OPENSSL_STRING_
-T LHASH_OF_SSL_SESSION_
-T LHASH_OF_STRING_
-T clock_t
-T custom_ext_methods
-T hm_fragment
-T record_pqueue
-T ssl_ctx_st
-T ssl_flag_tbl
-T ssl_st
-T ssl_trace_tbl
-T _stdcall
-T OPTIONS
-T OPT_PAIR
-T uint64_t
-T int64_t
-T uint32_t
-T int32_t
-T uint16_t
-T int16_t
-T uint8_t
-T int8_t
-T STRINT_PAIR
-T felem
-T felem_bytearray
-T SH_LIST
-T PACKET
-T RECORD_LAYER
-T ASYNC_CTX
-T ASYNC_JOB
-T intmax_t
-T uintmax_t
-T pqueue
-T danetls_record
-T CTLOG_STORE
-T OPENSSL_INIT_SETTINGS
-T OSSL_HANDSHAKE_STATE
-T OSSL_STATEM
-T ossl_intmax_t
-T ossl_intmax_t
-T ossl_uintmax_t
-T ossl_uintmax_t
-T CT_POLICY_EVAL_CTX
-T RAND_DRBG
-T RAND_DRBG_CTR
-T RAND_POOL
-T RAND_METHOD

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,500 @@
SSL_get_selected_srtp_profile 1 1_1_0 EXIST::FUNCTION:SRTP
SSL_set_read_ahead 2 1_1_0 EXIST::FUNCTION:
SSL_set_accept_state 3 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_cipher_list 4 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_srp_client_pwd_callback 5 1_1_0 EXIST::FUNCTION:SRP
SSL_copy_session_id 6 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_srp_password 7 1_1_0 EXIST::FUNCTION:SRP
SSL_shutdown 8 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_msg_callback 9 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get0_ticket 11 1_1_0 EXIST::FUNCTION:
SSL_get1_supported_ciphers 12 1_1_0 EXIST::FUNCTION:
SSL_state_string_long 13 1_1_0 EXIST::FUNCTION:
SSL_CTX_get0_certificate 14 1_1_0 EXIST::FUNCTION:
SSL_SESSION_set_ex_data 15 1_1_0 EXIST::FUNCTION:
SSL_get_verify_depth 16 1_1_0 EXIST::FUNCTION:
SSL_get0_dane 17 1_1_0 EXIST::FUNCTION:
SSL_CTX_sess_get_get_cb 18 1_1_0 EXIST::FUNCTION:
SSL_CTX_get_default_passwd_cb_userdata 19 1_1_0 EXIST::FUNCTION:
SSL_set_tmp_dh_callback 20 1_1_0 EXIST::FUNCTION:DH
SSL_CTX_get_verify_depth 21 1_1_0 EXIST::FUNCTION:
SSL_CTX_use_RSAPrivateKey_file 22 1_1_0 EXIST::FUNCTION:RSA
SSL_use_PrivateKey_file 23 1_1_0 EXIST::FUNCTION:
SSL_set_generate_session_id 24 1_1_0 EXIST::FUNCTION:
SSL_get_ex_data_X509_STORE_CTX_idx 25 1_1_0 EXIST::FUNCTION:
SSL_get_quiet_shutdown 26 1_1_0 EXIST::FUNCTION:
SSL_dane_enable 27 1_1_0 EXIST::FUNCTION:
SSL_COMP_add_compression_method 28 1_1_0 EXIST::FUNCTION:
SSL_CTX_use_RSAPrivateKey 29 1_1_0 EXIST::FUNCTION:RSA
SSL_CTX_sess_get_new_cb 30 1_1_0 EXIST::FUNCTION:
d2i_SSL_SESSION 31 1_1_0 EXIST::FUNCTION:
SSL_use_PrivateKey_ASN1 32 1_1_0 EXIST::FUNCTION:
PEM_write_SSL_SESSION 33 1_1_0 EXIST::FUNCTION:STDIO
SSL_CTX_set_session_id_context 34 1_1_0 EXIST::FUNCTION:
SSL_CIPHER_get_cipher_nid 35 1_1_0 EXIST::FUNCTION:
SSL_get_srp_g 36 1_1_0 EXIST::FUNCTION:SRP
SSL_want 37 1_1_0 EXIST::FUNCTION:
SSL_get_cipher_list 38 1_1_0 EXIST::FUNCTION:
SSL_get_verify_result 39 1_1_0 EXIST::FUNCTION:
SSL_renegotiate 40 1_1_0 EXIST::FUNCTION:
SSL_get_privatekey 41 1_1_0 EXIST::FUNCTION:
SSL_peek 42 1_1_0 EXIST::FUNCTION:
SRP_Calc_A_param 43 1_1_0 EXIST::FUNCTION:SRP
SSL_SESSION_get_ticket_lifetime_hint 44 1_1_0 EXIST::FUNCTION:
SSL_SRP_CTX_free 45 1_1_0 EXIST::FUNCTION:SRP
SSL_CTX_set_client_CA_list 46 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_next_proto_select_cb 47 1_1_0 EXIST::FUNCTION:NEXTPROTONEG
BIO_ssl_copy_session_id 48 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_security_callback 49 1_1_0 EXIST::FUNCTION:
SSL_CONF_cmd_value_type 50 1_1_0 EXIST::FUNCTION:
SSL_CTX_remove_session 51 1_1_0 EXIST::FUNCTION:
SSL_SESSION_new 52 1_1_0 EXIST::FUNCTION:
TLSv1_2_server_method 53 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD
BIO_new_buffer_ssl_connect 54 1_1_0 EXIST::FUNCTION:
SSL_CTX_set0_security_ex_data 55 1_1_0 EXIST::FUNCTION:
SSL_alert_desc_string 56 1_1_0 EXIST::FUNCTION:
SSL_get0_dane_authority 57 1_1_0 EXIST::FUNCTION:
SSL_set_purpose 58 1_1_0 EXIST::FUNCTION:
SSL_CTX_use_PrivateKey_file 59 1_1_0 EXIST::FUNCTION:
SSL_get_rfd 60 1_1_0 EXIST::FUNCTION:
DTLSv1_listen 61 1_1_0 EXIST::FUNCTION:SOCK
SSL_set_ssl_method 62 1_1_0 EXIST::FUNCTION:
SSL_get0_security_ex_data 63 1_1_0 EXIST::FUNCTION:
SSLv3_client_method 64 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD
SSL_set_security_level 65 1_1_0 EXIST::FUNCTION:
DTLSv1_2_method 66 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD
SSL_get_fd 67 1_1_0 EXIST::FUNCTION:
SSL_get1_session 68 1_1_0 EXIST::FUNCTION:
SSL_use_RSAPrivateKey 69 1_1_0 EXIST::FUNCTION:RSA
SSL_CTX_set_srp_cb_arg 70 1_1_0 EXIST::FUNCTION:SRP
SSL_CTX_add_session 71 1_1_0 EXIST::FUNCTION:
SSL_get_srp_N 72 1_1_0 EXIST::FUNCTION:SRP
SSL_has_matching_session_id 73 1_1_0 EXIST::FUNCTION:
PEM_read_SSL_SESSION 74 1_1_0 EXIST::FUNCTION:STDIO
SSL_get_shared_ciphers 75 1_1_0 EXIST::FUNCTION:
SSL_add1_host 76 1_1_0 EXIST::FUNCTION:
SSL_CONF_cmd_argv 77 1_1_0 EXIST::FUNCTION:
SSL_version 78 1_1_0 EXIST::FUNCTION:
SSL_SESSION_print 79 1_1_0 EXIST::FUNCTION:
SSL_get_client_ciphers 80 1_1_0 EXIST::FUNCTION:
SSL_get_srtp_profiles 81 1_1_0 EXIST::FUNCTION:SRTP
SSL_use_certificate_ASN1 82 1_1_0 EXIST::FUNCTION:
SSL_get_peer_certificate 83 1_1_0 EXIST::FUNCTION:
DTLSv1_2_server_method 84 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD
SSL_set_cert_cb 85 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_cookie_verify_cb 86 1_1_0 EXIST::FUNCTION:
SSL_get_shared_sigalgs 87 1_1_0 EXIST::FUNCTION:
SSL_config 88 1_1_0 EXIST::FUNCTION:
TLSv1_1_client_method 89 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD
SSL_CIPHER_standard_name 90 1_1_0 EXIST::FUNCTION:
SSL_CTX_get_verify_mode 91 1_1_0 EXIST::FUNCTION:
SSL_get_all_async_fds 92 1_1_0 EXIST::FUNCTION:
SSL_CTX_check_private_key 93 1_1_0 EXIST::FUNCTION:
SSL_set_wfd 94 1_1_0 EXIST::FUNCTION:SOCK
SSL_get_client_CA_list 95 1_1_0 EXIST::FUNCTION:
SSL_CONF_CTX_set_flags 96 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_srp_username_callback 97 1_1_0 EXIST::FUNCTION:SRP
SSL_connect 98 1_1_0 EXIST::FUNCTION:
SSL_get_psk_identity 99 1_1_0 EXIST::FUNCTION:PSK
SSL_CTX_use_certificate_file 100 1_1_0 EXIST::FUNCTION:
SSL_set_session_ticket_ext 101 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_psk_server_callback 102 1_1_0 EXIST::FUNCTION:PSK
SSL_get_sigalgs 103 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_next_protos_advertised_cb 104 1_1_0 EXIST::FUNCTION:NEXTPROTONEG
SSL_CTX_set_trust 105 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_verify 106 1_1_0 EXIST::FUNCTION:
SSL_set_rfd 107 1_1_0 EXIST::FUNCTION:SOCK
SSL_SESSION_set_timeout 108 1_1_0 EXIST::FUNCTION:
SSL_set_psk_client_callback 109 1_1_0 EXIST::FUNCTION:PSK
SSL_get_client_random 110 1_1_0 EXIST::FUNCTION:
TLS_method 111 1_1_0 EXIST::FUNCTION:
SSL_CONF_CTX_clear_flags 112 1_1_0 EXIST::FUNCTION:
TLSv1_client_method 113 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD
SSL_CIPHER_get_bits 114 1_1_0 EXIST::FUNCTION:
SSL_test_functions 115 1_1_0 EXIST::FUNCTION:UNIT_TEST
SSL_get_SSL_CTX 116 1_1_0 EXIST::FUNCTION:
SSL_get_session 117 1_1_0 EXIST::FUNCTION:
SSL_CTX_callback_ctrl 118 1_1_0 EXIST::FUNCTION:
SSL_get_finished 119 1_1_0 EXIST::FUNCTION:
SSL_add_dir_cert_subjects_to_stack 120 1_1_0 EXIST::FUNCTION:
SSL_get_state 121 1_1_0 EXIST::FUNCTION:
SSL_CONF_CTX_finish 122 1_1_0 EXIST::FUNCTION:
SSL_CTX_add_server_custom_ext 123 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get_ex_data 124 1_1_0 EXIST::FUNCTION:
SSL_get_srp_username 125 1_1_0 EXIST::FUNCTION:SRP
SSL_CTX_set_purpose 126 1_1_0 EXIST::FUNCTION:
SSL_clear 127 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_cert_store 128 1_1_0 EXIST::FUNCTION:
TLSv1_2_method 129 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD
SSL_session_reused 130 1_1_0 EXIST::FUNCTION:
SSL_free 131 1_1_0 EXIST::FUNCTION:
BIO_ssl_shutdown 132 1_1_0 EXIST::FUNCTION:
SSL_CTX_get_client_CA_list 133 1_1_0 EXIST::FUNCTION:
SSL_CTX_sessions 134 1_1_0 EXIST::FUNCTION:
SSL_get_options 135 1_1_0 EXIST::FUNCTION:
SSL_set_verify_depth 136 1_1_0 EXIST::FUNCTION:
SSL_get_error 137 1_1_0 EXIST::FUNCTION:
SSL_get_servername 138 1_1_0 EXIST::FUNCTION:
SSL_get_version 139 1_1_0 EXIST::FUNCTION:
SSL_state_string 140 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get_timeout 141 1_1_0 EXIST::FUNCTION:
SSL_CTX_sess_get_remove_cb 142 1_1_0 EXIST::FUNCTION:
SSL_get_current_cipher 143 1_1_0 EXIST::FUNCTION:
SSL_up_ref 144 1_1_0 EXIST::FUNCTION:
SSL_export_keying_material 145 1_1_0 EXIST::FUNCTION:
SSL_callback_ctrl 146 1_1_0 EXIST::FUNCTION:
SSL_set_security_callback 147 1_1_0 EXIST::FUNCTION:
SSL_SRP_CTX_init 148 1_1_0 EXIST::FUNCTION:SRP
ERR_load_SSL_strings 149 1_1_0 EXIST::FUNCTION:
SSL_CTX_SRP_CTX_init 150 1_1_0 EXIST::FUNCTION:SRP
SSL_SESSION_set_time 151 1_1_0 EXIST::FUNCTION:
i2d_SSL_SESSION 152 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get_master_key 153 1_1_0 EXIST::FUNCTION:
SSL_COMP_get_compression_methods 154 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_alpn_select_cb 155 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_tmp_dh_callback 156 1_1_0 EXIST::FUNCTION:DH
SSL_CTX_get_default_passwd_cb 157 1_1_0 EXIST::FUNCTION:
TLSv1_server_method 158 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD
DTLS_server_method 159 1_1_0 EXIST::FUNCTION:
SSL_set0_rbio 160 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_options 161 1_1_0 EXIST::FUNCTION:
SSL_set_msg_callback 162 1_1_0 EXIST::FUNCTION:
SSL_CONF_CTX_free 163 1_1_0 EXIST::FUNCTION:
SSL_CTX_get_ssl_method 164 1_1_0 EXIST::FUNCTION:
SSL_get_server_random 165 1_1_0 EXIST::FUNCTION:
SSL_set_shutdown 166 1_1_0 EXIST::FUNCTION:
SSL_CTX_add_client_CA 167 1_1_0 EXIST::FUNCTION:
TLSv1_1_server_method 168 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD
PEM_write_bio_SSL_SESSION 169 1_1_0 EXIST::FUNCTION:
SSL_write 170 1_1_0 EXIST::FUNCTION:
SSL_set1_host 171 1_1_0 EXIST::FUNCTION:
SSL_use_RSAPrivateKey_file 172 1_1_0 EXIST::FUNCTION:RSA
SSL_CTX_get_info_callback 173 1_1_0 EXIST::FUNCTION:
SSL_get0_peername 174 1_1_0 EXIST::FUNCTION:
SSL_set_srp_server_param 175 1_1_0 EXIST::FUNCTION:SRP
TLS_server_method 176 1_1_0 EXIST::FUNCTION:
SSL_get_psk_identity_hint 177 1_1_0 EXIST::FUNCTION:PSK
SSL_set_session 178 1_1_0 EXIST::FUNCTION:
SSL_get0_param 179 1_1_0 EXIST::FUNCTION:
SSL_set_default_passwd_cb 180 1_1_0 EXIST::FUNCTION:
SSL_get_read_ahead 181 1_1_0 EXIST::FUNCTION:
SSL_dup_CA_list 182 1_1_0 EXIST::FUNCTION:
SSL_get_verify_callback 183 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_default_passwd_cb 184 1_1_0 EXIST::FUNCTION:
SSL_get_servername_type 185 1_1_0 EXIST::FUNCTION:
TLSv1_2_client_method 186 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD
SSL_add_client_CA 187 1_1_0 EXIST::FUNCTION:
SSL_CTX_get0_security_ex_data 188 1_1_0 EXIST::FUNCTION:
SSL_get_ex_data 189 1_1_0 EXIST::FUNCTION:
SSL_CTX_flush_sessions 190 1_1_0 EXIST::FUNCTION:
SSL_use_PrivateKey 191 1_1_0 EXIST::FUNCTION:
DTLSv1_client_method 192 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD
SSL_CTX_dane_mtype_set 193 1_1_0 EXIST::FUNCTION:
SSL_get_wfd 194 1_1_0 EXIST::FUNCTION:
SSL_get_ssl_method 195 1_1_0 EXIST::FUNCTION:
SSL_set_verify_result 196 1_1_0 EXIST::FUNCTION:
SSL_use_RSAPrivateKey_ASN1 197 1_1_0 EXIST::FUNCTION:RSA
SSL_CIPHER_get_name 198 1_1_0 EXIST::FUNCTION:
OPENSSL_init_ssl 199 1_1_0 EXIST::FUNCTION:
SSL_dup 200 1_1_0 EXIST::FUNCTION:
SSL_CTX_use_serverinfo 201 1_1_0 EXIST::FUNCTION:
SSL_CTX_use_serverinfo_file 202 1_1_0 EXIST::FUNCTION:
SSL_set_options 203 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_default_verify_dir 204 1_1_0 EXIST::FUNCTION:
SSL_do_handshake 205 1_1_0 EXIST::FUNCTION:
SSL_CTX_get_ex_data 206 1_1_0 EXIST::FUNCTION:
SSL_is_init_finished 207 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_default_verify_file 208 1_1_0 EXIST::FUNCTION:
SSLv3_method 209 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD
SSL_CTX_set_cookie_generate_cb 210 1_1_0 EXIST::FUNCTION:
SSL_certs_clear 211 1_1_0 EXIST::FUNCTION:
SSL_set_connect_state 212 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_ex_data 213 1_1_0 EXIST::FUNCTION:
SSL_rstate_string 214 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get0_peer 215 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get_compress_id 216 1_1_0 EXIST::FUNCTION:
SSL_get_peer_cert_chain 217 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_cert_cb 218 1_1_0 EXIST::FUNCTION:
PEM_read_bio_SSL_SESSION 219 1_1_0 EXIST::FUNCTION:
SSL_set_info_callback 220 1_1_0 EXIST::FUNCTION:
SSL_CTX_sess_set_new_cb 221 1_1_0 EXIST::FUNCTION:
SSL_CTX_get_security_level 222 1_1_0 EXIST::FUNCTION:
SSL_CTX_ctrl 223 1_1_0 EXIST::FUNCTION:
SSL_set_alpn_protos 224 1_1_0 EXIST::FUNCTION:
SSL_set_ex_data 225 1_1_0 EXIST::FUNCTION:
SSL_rstate_string_long 226 1_1_0 EXIST::FUNCTION:
SSL_ctrl 227 1_1_0 EXIST::FUNCTION:
SSL_get_current_compression 228 1_1_0 EXIST::FUNCTION:
SSL_SESSION_has_ticket 229 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_cert_verify_callback 230 1_1_0 EXIST::FUNCTION:
SSL_set_session_secret_cb 231 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_client_cert_engine 232 1_1_0 EXIST::FUNCTION:ENGINE
SSL_CTX_get0_param 233 1_1_0 EXIST::FUNCTION:
SSL_CTX_set1_param 234 1_1_0 EXIST::FUNCTION:
SSL_get_certificate 235 1_1_0 EXIST::FUNCTION:
DTLSv1_server_method 236 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD
SSL_set_fd 237 1_1_0 EXIST::FUNCTION:SOCK
SSL_use_certificate 238 1_1_0 EXIST::FUNCTION:
DTLSv1_method 239 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD
SSL_set0_wbio 240 1_1_0 EXIST::FUNCTION:
SSL_read 241 1_1_0 EXIST::FUNCTION:
SSL_CTX_get_options 242 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_ssl_version 243 1_1_0 EXIST::FUNCTION:
SSL_set_SSL_CTX 244 1_1_0 EXIST::FUNCTION:
SSL_renegotiate_abbreviated 245 1_1_0 EXIST::FUNCTION:
SSL_get_verify_mode 246 1_1_0 EXIST::FUNCTION:
SSL_CIPHER_get_id 247 1_1_0 EXIST::FUNCTION:
SSL_SESSION_print_keylog 248 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_psk_client_callback 249 1_1_0 EXIST::FUNCTION:PSK
SSL_SESSION_get_time 250 1_1_0 EXIST::FUNCTION:
SSL_set_debug 251 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0
SSL_get_security_level 252 1_1_0 EXIST::FUNCTION:
SSL_CIPHER_description 253 1_1_0 EXIST::FUNCTION:
SSL_set_default_passwd_cb_userdata 254 1_1_0 EXIST::FUNCTION:
SSL_get_srp_userinfo 255 1_1_0 EXIST::FUNCTION:SRP
SSL_extension_supported 256 1_1_0 EXIST::FUNCTION:
SSL_dane_tlsa_add 257 1_1_0 EXIST::FUNCTION:
SSL_srp_server_param_with_username 258 1_1_0 EXIST::FUNCTION:SRP
SSL_CIPHER_get_version 259 1_1_0 EXIST::FUNCTION:
SSL_get0_verified_chain 260 1_1_0 EXIST::FUNCTION:
SSL_CIPHER_find 261 1_1_0 EXIST::FUNCTION:
SSL_get_rbio 262 1_1_0 EXIST::FUNCTION:
SSL_CONF_CTX_set_ssl 263 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_verify_depth 264 1_1_0 EXIST::FUNCTION:
SSL_get_ciphers 265 1_1_0 EXIST::FUNCTION:
SSL_CTX_config 266 1_1_0 EXIST::FUNCTION:
SSL_CONF_CTX_set_ssl_ctx 267 1_1_0 EXIST::FUNCTION:
SSL_CONF_cmd 268 1_1_0 EXIST::FUNCTION:
SSL_add_ssl_module 269 1_1_0 EXIST::FUNCTION:
SSL_CTX_get_verify_callback 270 1_1_0 EXIST::FUNCTION:
SSL_set1_param 271 1_1_0 EXIST::FUNCTION:
SSL_use_certificate_file 272 1_1_0 EXIST::FUNCTION:
SSL_get_changed_async_fds 273 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_client_cert_cb 274 1_1_0 EXIST::FUNCTION:
DTLS_client_method 275 1_1_0 EXIST::FUNCTION:
SSL_set_trust 276 1_1_0 EXIST::FUNCTION:
SSL_CTX_get_security_callback 277 1_1_0 EXIST::FUNCTION:
SSL_CTX_clear_options 278 1_1_0 EXIST::FUNCTION:
SSL_check_chain 279 1_1_0 EXIST::FUNCTION:
SSL_CTX_sess_set_remove_cb 280 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_info_callback 281 1_1_0 EXIST::FUNCTION:
SSL_pending 282 1_1_0 EXIST::FUNCTION:
SSL_set_bio 283 1_1_0 EXIST::FUNCTION:
BIO_new_ssl_connect 284 1_1_0 EXIST::FUNCTION:
SSL_waiting_for_async 285 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_srp_strength 286 1_1_0 EXIST::FUNCTION:SRP
SSL_CTX_get_quiet_shutdown 287 1_1_0 EXIST::FUNCTION:
SSL_CTX_use_certificate_chain_file 288 1_1_0 EXIST::FUNCTION:
SSL_CTX_dane_enable 289 1_1_0 EXIST::FUNCTION:
SSL_CONF_CTX_new 290 1_1_0 EXIST::FUNCTION:
SSL_get0_alpn_selected 291 1_1_0 EXIST::FUNCTION:
SSL_get0_next_proto_negotiated 292 1_1_0 EXIST::FUNCTION:NEXTPROTONEG
SSL_set0_security_ex_data 293 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_tlsext_use_srtp 294 1_1_0 EXIST::FUNCTION:SRTP
SSL_COMP_set0_compression_methods 295 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_not_resumable_session_callback 296 1_1_0 EXIST::FUNCTION:
SSL_accept 297 1_1_0 EXIST::FUNCTION:
SSL_use_psk_identity_hint 298 1_1_0 EXIST::FUNCTION:PSK
SSL_trace 299 1_1_0 EXIST::FUNCTION:SSL_TRACE
DTLS_method 300 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_srp_verify_param_callback 301 1_1_0 EXIST::FUNCTION:SRP
SSL_CTX_set_timeout 302 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_security_level 303 1_1_0 EXIST::FUNCTION:
TLS_client_method 304 1_1_0 EXIST::FUNCTION:
SSL_set_quiet_shutdown 305 1_1_0 EXIST::FUNCTION:
SSL_CTX_up_ref 306 1_1_0 EXIST::FUNCTION:
SSL_check_private_key 307 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_quiet_shutdown 308 1_1_0 EXIST::FUNCTION:
SSL_select_next_proto 309 1_1_0 EXIST::FUNCTION:
SSL_load_client_CA_file 310 1_1_0 EXIST::FUNCTION:
SSL_set_srp_server_param_pw 311 1_1_0 EXIST::FUNCTION:SRP
SSL_renegotiate_pending 312 1_1_0 EXIST::FUNCTION:
SSL_CTX_new 313 1_1_0 EXIST::FUNCTION:
SSL_set_session_ticket_ext_cb 314 1_1_0 EXIST::FUNCTION:
SSL_CTX_get_timeout 315 1_1_0 EXIST::FUNCTION:
SSL_use_certificate_chain_file 316 1_1_0 EXIST::FUNCTION:
SSL_set_not_resumable_session_callback 317 1_1_0 EXIST::FUNCTION:
SSL_CTX_SRP_CTX_free 318 1_1_0 EXIST::FUNCTION:SRP
SSL_get_current_expansion 319 1_1_0 EXIST::FUNCTION:
SSL_clear_options 320 1_1_0 EXIST::FUNCTION:
SSL_CTX_use_PrivateKey 321 1_1_0 EXIST::FUNCTION:
SSL_get_info_callback 322 1_1_0 EXIST::FUNCTION:
SSL_CTX_use_psk_identity_hint 323 1_1_0 EXIST::FUNCTION:PSK
SSL_CTX_use_RSAPrivateKey_ASN1 324 1_1_0 EXIST::FUNCTION:RSA
SSL_CTX_use_PrivateKey_ASN1 325 1_1_0 EXIST::FUNCTION:
SSL_CTX_get0_privatekey 326 1_1_0 EXIST::FUNCTION:
BIO_f_ssl 327 1_1_0 EXIST::FUNCTION:
SSLv3_server_method 328 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD
SSL_SESSION_free 329 1_1_0 EXIST::FUNCTION:
SSL_get_shutdown 330 1_1_0 EXIST::FUNCTION:
SSL_get_peer_finished 331 1_1_0 EXIST::FUNCTION:
SSL_set_tlsext_use_srtp 332 1_1_0 EXIST::FUNCTION:SRTP
TLSv1_method 333 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD
SSL_set_psk_server_callback 334 1_1_0 EXIST::FUNCTION:PSK
SSL_CTX_set_alpn_protos 335 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_default_verify_paths 336 1_1_0 EXIST::FUNCTION:
SSL_CTX_sess_set_get_cb 337 1_1_0 EXIST::FUNCTION:
SSL_add_file_cert_subjects_to_stack 338 1_1_0 EXIST::FUNCTION:
SSL_get_default_passwd_cb_userdata 339 1_1_0 EXIST::FUNCTION:
SSL_get_security_callback 340 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_srp_username 341 1_1_0 EXIST::FUNCTION:SRP
SSL_COMP_get_name 342 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_default_passwd_cb_userdata 343 1_1_0 EXIST::FUNCTION:
SSL_set_verify 344 1_1_0 EXIST::FUNCTION:
SSL_in_before 345 1_1_0 EXIST::FUNCTION:
SSL_CIPHER_get_digest_nid 346 1_1_0 EXIST::FUNCTION:
SSL_CTX_add_client_custom_ext 347 1_1_0 EXIST::FUNCTION:
SSL_CTX_use_certificate 348 1_1_0 EXIST::FUNCTION:
SSL_set_cipher_list 349 1_1_0 EXIST::FUNCTION:
SSL_get_wbio 350 1_1_0 EXIST::FUNCTION:
SSL_set_hostflags 351 1_1_0 EXIST::FUNCTION:
SSL_alert_desc_string_long 352 1_1_0 EXIST::FUNCTION:
SSL_get_default_timeout 353 1_1_0 EXIST::FUNCTION:
SSL_set_session_id_context 354 1_1_0 EXIST::FUNCTION:
SSL_new 355 1_1_0 EXIST::FUNCTION:
TLSv1_1_method 356 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD
SSL_CTX_get_cert_store 357 1_1_0 EXIST::FUNCTION:
SSL_CTX_load_verify_locations 358 1_1_0 EXIST::FUNCTION:
SSL_SESSION_print_fp 359 1_1_0 EXIST::FUNCTION:STDIO
SSL_get0_dane_tlsa 360 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_generate_session_id 361 1_1_0 EXIST::FUNCTION:
SSL_alert_type_string_long 362 1_1_0 EXIST::FUNCTION:
SSL_CONF_CTX_set1_prefix 363 1_1_0 EXIST::FUNCTION:
SSL_in_init 364 1_1_0 EXIST::FUNCTION:
BIO_new_ssl 365 1_1_0 EXIST::FUNCTION:
SSL_CTX_get_client_cert_cb 366 1_1_0 EXIST::FUNCTION:
SSL_CTX_use_certificate_ASN1 367 1_1_0 EXIST::FUNCTION:
SSL_set_client_CA_list 368 1_1_0 EXIST::FUNCTION:
SSL_CTX_free 369 1_1_0 EXIST::FUNCTION:
SSL_get_default_passwd_cb 370 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get_id 371 1_1_0 EXIST::FUNCTION:
SSL_SESSION_set1_id_context 372 1_1_0 EXIST::FUNCTION:
SSL_is_server 373 1_1_0 EXIST::FUNCTION:
SSL_alert_type_string 374 1_1_0 EXIST::FUNCTION:
DTLSv1_2_client_method 375 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD
SSL_CTX_set_ctlog_list_file 376 1_1_0 EXIST::FUNCTION:CT
SSL_set_ct_validation_callback 377 1_1_0 EXIST::FUNCTION:CT
SSL_CTX_set_default_ctlog_list_file 378 1_1_0 EXIST::FUNCTION:CT
SSL_CTX_has_client_custom_ext 379 1_1_0 EXIST::FUNCTION:
SSL_ct_is_enabled 380 1_1_0 EXIST::FUNCTION:CT
SSL_get0_peer_scts 381 1_1_0 EXIST::FUNCTION:CT
SSL_CTX_set_ct_validation_callback 382 1_1_0 EXIST::FUNCTION:CT
SSL_CTX_ct_is_enabled 383 1_1_0 EXIST::FUNCTION:CT
SSL_set_default_read_buffer_len 384 1_1_0 EXIST::FUNCTION:
SSL_CTX_set_default_read_buffer_len 385 1_1_0 EXIST::FUNCTION:
SSL_has_pending 386 1_1_0 EXIST::FUNCTION:
SSL_CIPHER_get_auth_nid 387 1_1_0 EXIST::FUNCTION:
SSL_CIPHER_get_kx_nid 388 1_1_0 EXIST::FUNCTION:
SSL_CIPHER_is_aead 389 1_1_0 EXIST::FUNCTION:
SSL_SESSION_up_ref 390 1_1_0 EXIST::FUNCTION:
SSL_CTX_set0_ctlog_store 391 1_1_0 EXIST::FUNCTION:CT
SSL_CTX_get0_ctlog_store 392 1_1_0 EXIST::FUNCTION:CT
SSL_enable_ct 393 1_1_0 EXIST::FUNCTION:CT
SSL_CTX_enable_ct 394 1_1_0 EXIST::FUNCTION:CT
SSL_CTX_get_ciphers 395 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get0_hostname 396 1_1_0 EXIST::FUNCTION:
SSL_client_version 397 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get_protocol_version 398 1_1_0 EXIST::FUNCTION:
SSL_is_dtls 399 1_1_0 EXIST::FUNCTION:
SSL_CTX_dane_set_flags 400 1_1_0 EXIST::FUNCTION:
SSL_dane_set_flags 401 1_1_0 EXIST::FUNCTION:
SSL_CTX_dane_clear_flags 402 1_1_0 EXIST::FUNCTION:
SSL_dane_clear_flags 403 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get0_cipher 404 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get0_id_context 405 1_1_0 EXIST::FUNCTION:
SSL_SESSION_set1_id 406 1_1_0 EXIST::FUNCTION:
SSL_CTX_set1_cert_store 407 1_1_1 EXIST::FUNCTION:
DTLS_get_data_mtu 408 1_1_1 EXIST::FUNCTION:
SSL_read_ex 409 1_1_1 EXIST::FUNCTION:
SSL_peek_ex 410 1_1_1 EXIST::FUNCTION:
SSL_write_ex 411 1_1_1 EXIST::FUNCTION:
SSL_COMP_get_id 412 1_1_0d EXIST::FUNCTION:
SSL_COMP_get0_name 413 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_keylog_callback 414 1_1_1 EXIST::FUNCTION:
SSL_CTX_get_keylog_callback 415 1_1_1 EXIST::FUNCTION:
SSL_get_peer_signature_type_nid 416 1_1_1 EXIST::FUNCTION:
SSL_key_update 417 1_1_1 EXIST::FUNCTION:
SSL_get_key_update_type 418 1_1_1 EXIST::FUNCTION:
SSL_bytes_to_cipher_list 419 1_1_1 EXIST::FUNCTION:
SSL_client_hello_get0_compression_methods 420 1_1_1 EXIST::FUNCTION:
SSL_client_hello_get0_ciphers 421 1_1_1 EXIST::FUNCTION:
SSL_client_hello_get0_ext 422 1_1_1 EXIST::FUNCTION:
SSL_client_hello_get0_session_id 423 1_1_1 EXIST::FUNCTION:
SSL_client_hello_get0_random 424 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_client_hello_cb 425 1_1_1 EXIST::FUNCTION:
SSL_client_hello_get0_legacy_version 426 1_1_1 EXIST::FUNCTION:
SSL_client_hello_isv2 427 1_1_1 EXIST::FUNCTION:
SSL_set_max_early_data 428 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_max_early_data 429 1_1_1 EXIST::FUNCTION:
SSL_get_max_early_data 430 1_1_1 EXIST::FUNCTION:
SSL_CTX_get_max_early_data 431 1_1_1 EXIST::FUNCTION:
SSL_write_early_data 432 1_1_1 EXIST::FUNCTION:
SSL_read_early_data 433 1_1_1 EXIST::FUNCTION:
SSL_get_early_data_status 434 1_1_1 EXIST::FUNCTION:
SSL_SESSION_get_max_early_data 435 1_1_1 EXIST::FUNCTION:
SSL_add1_to_CA_list 436 1_1_1 EXIST::FUNCTION:
SSL_set0_CA_list 437 1_1_1 EXIST::FUNCTION:
SSL_CTX_set0_CA_list 438 1_1_1 EXIST::FUNCTION:
SSL_get0_CA_list 439 1_1_1 EXIST::FUNCTION:
SSL_get0_peer_CA_list 440 1_1_1 EXIST::FUNCTION:
SSL_CTX_add1_to_CA_list 441 1_1_1 EXIST::FUNCTION:
SSL_CTX_get0_CA_list 442 1_1_1 EXIST::FUNCTION:
SSL_CTX_add_custom_ext 443 1_1_1 EXIST::FUNCTION:
SSL_SESSION_is_resumable 444 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_record_padding_callback 445 1_1_1 EXIST::FUNCTION:
SSL_set_record_padding_callback 446 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_block_padding 447 1_1_1 EXIST::FUNCTION:
SSL_CTX_get_record_padding_callback_arg 448 1_1_1 EXIST::FUNCTION:
SSL_get_record_padding_callback_arg 449 1_1_1 EXIST::FUNCTION:
SSL_set_block_padding 450 1_1_1 EXIST::FUNCTION:
SSL_set_record_padding_callback_arg 451 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_record_padding_callback_arg 452 1_1_1 EXIST::FUNCTION:
SSL_CTX_use_serverinfo_ex 453 1_1_1 EXIST::FUNCTION:
SSL_client_hello_get1_extensions_present 454 1_1_1 EXIST::FUNCTION:
SSL_set_psk_find_session_callback 455 1_1_1 EXIST::FUNCTION:
SSL_set_psk_use_session_callback 456 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_psk_use_session_callback 457 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_psk_find_session_callback 458 1_1_1 EXIST::FUNCTION:
SSL_CIPHER_get_handshake_digest 459 1_1_1 EXIST::FUNCTION:
SSL_SESSION_set1_master_key 460 1_1_1 EXIST::FUNCTION:
SSL_SESSION_set_cipher 461 1_1_1 EXIST::FUNCTION:
SSL_SESSION_set_protocol_version 462 1_1_1 EXIST::FUNCTION:
OPENSSL_cipher_name 463 1_1_1 EXIST::FUNCTION:
SSL_alloc_buffers 464 1_1_1 EXIST::FUNCTION:
SSL_free_buffers 465 1_1_1 EXIST::FUNCTION:
SSL_SESSION_dup 466 1_1_1 EXIST::FUNCTION:
SSL_get_pending_cipher 467 1_1_1 EXIST::FUNCTION:
SSL_CIPHER_get_protocol_id 468 1_1_1 EXIST::FUNCTION:
SSL_SESSION_set_max_early_data 469 1_1_1 EXIST::FUNCTION:
SSL_SESSION_set1_alpn_selected 470 1_1_1 EXIST::FUNCTION:
SSL_SESSION_set1_hostname 471 1_1_1 EXIST::FUNCTION:
SSL_SESSION_get0_alpn_selected 472 1_1_1 EXIST::FUNCTION:
DTLS_set_timer_cb 473 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_tlsext_max_fragment_length 474 1_1_1 EXIST::FUNCTION:
SSL_set_tlsext_max_fragment_length 475 1_1_1 EXIST::FUNCTION:
SSL_SESSION_get_max_fragment_length 476 1_1_1 EXIST::FUNCTION:
SSL_stateless 477 1_1_1 EXIST::FUNCTION:
SSL_verify_client_post_handshake 478 1_1_1 EXIST::FUNCTION:
SSL_set_post_handshake_auth 479 1_1_1 EXIST::FUNCTION:
SSL_export_keying_material_early 480 1_1_1 EXIST::FUNCTION:
SSL_CTX_use_cert_and_key 481 1_1_1 EXIST::FUNCTION:
SSL_use_cert_and_key 482 1_1_1 EXIST::FUNCTION:
SSL_SESSION_get0_ticket_appdata 483 1_1_1 EXIST::FUNCTION:
SSL_SESSION_set1_ticket_appdata 484 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_session_ticket_cb 485 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_stateless_cookie_generate_cb 486 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_stateless_cookie_verify_cb 487 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_ciphersuites 488 1_1_1 EXIST::FUNCTION:
SSL_set_ciphersuites 489 1_1_1 EXIST::FUNCTION:
SSL_set_num_tickets 490 1_1_1 EXIST::FUNCTION:
SSL_CTX_get_num_tickets 491 1_1_1 EXIST::FUNCTION:
SSL_get_num_tickets 492 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_num_tickets 493 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_allow_early_data_cb 494 1_1_1 EXIST::FUNCTION:
SSL_set_allow_early_data_cb 495 1_1_1 EXIST::FUNCTION:
SSL_set_recv_max_early_data 496 1_1_1 EXIST::FUNCTION:
SSL_get_recv_max_early_data 497 1_1_1 EXIST::FUNCTION:
SSL_CTX_get_recv_max_early_data 498 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_recv_max_early_data 499 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_post_handshake_auth 500 1_1_1 EXIST::FUNCTION:
SSL_get_signature_type_nid 501 1_1_1a EXIST::FUNCTION:

View file

@ -0,0 +1,30 @@
${-
use File::Spec::Functions qw(rel2abs);
my $bldtop = rel2abs($config{builddir});
our %names = ( map { $_ => $bldtop.$_.".EXE" }
map { $unified_info{sharednames}->{$_} || () }
@{$unified_info{libraries}} );
"" -}
$ ! Create a local environment with the shared library logical names
$ ! properly set. Undo this with unlocal_shlib.com
$
$ OPENSSL_NAMES := OPENSSL_NAMES_'F$GETJPI("","PID")'
$ CREATE/NAME_TABLE/PARENT_TABLE=LNM$PROCESS_DIRECTORY 'OPENSSL_NAMES'
$ DEFINE/TABLE='OPENSSL_NAMES' OSSL_FLAG YES
$
$ NAMES := {- join(",", keys %names); -}
{-
join("\n", map { "\$ __$_ = \"".$names{$_}."\"" } keys %names);
-}
$ I = 0
$ LOOP:
$ E = F$ELEMENT(I,",",NAMES)
$ I = I + 1
$ IF E .EQS. "," THEN GOTO ENDLOOP
$ EV = __'E'
$ OLDV = F$TRNLNM(E,"LNM$PROCESS")
$ IF OLDV .NES. "" THEN DEFINE/TABLE='OPENSSL_NAMES' 'E' 'OLDV'
$ DEFINE 'E' 'EV'
$ GOTO LOOP
$ ENDLOOP:

View file

@ -0,0 +1,56 @@
#! /usr/bin/env perl
# Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
use warnings;
my ($cflags, $platform) = @ARGV;
$cflags = "compiler: $cflags";
my $date = gmtime($ENV{'SOURCE_DATE_EPOCH'} || time()) . " UTC";
print <<"END_OUTPUT";
/*
* WARNING: do not edit!
* Generated by util/mkbuildinf.pl
*
* Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#define PLATFORM "platform: $platform"
#define DATE "built on: $date"
/*
* Generate compiler_flags as an array of individual characters. This is a
* workaround for the situation where CFLAGS gets too long for a C90 string
* literal
*/
static const char compiler_flags[] = {
END_OUTPUT
my $ctr = 0;
foreach my $c (split //, $cflags) {
$c =~ s|([\\'])|\\$1|;
# Max 16 characters per line
if (($ctr++ % 16) == 0) {
if ($ctr != 1) {
print "\n";
}
print " ";
}
print "'$c',";
}
print <<"END_OUTPUT";
'\\0'
};
END_OUTPUT

1633
trunk/3rdparty/openssl-1.1-fit/util/mkdef.pl vendored Executable file

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,44 @@
#! /usr/bin/env perl
# Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# On some systems, the -p option to mkdir (= also create any missing parent
# directories) is not available.
my $arg;
foreach $arg (@ARGV) {
$arg =~ tr|\\|/|;
&do_mkdir_p($arg);
}
sub do_mkdir_p {
local($dir) = @_;
$dir =~ s|/*\Z(?!\n)||s;
if (-d $dir) {
return;
}
if ($dir =~ m|[^/]/|s) {
local($parent) = $dir;
$parent =~ s|[^/]*\Z(?!\n)||s;
do_mkdir_p($parent);
}
unless (mkdir($dir, 0777)) {
if (-d $dir) {
# We raced against another instance doing the same thing.
return;
}
die "Cannot create directory $dir: $!\n";
}
print "created directory `$dir'\n";
}

753
trunk/3rdparty/openssl-1.1-fit/util/mkerr.pl vendored Executable file
View file

@ -0,0 +1,753 @@
#! /usr/bin/env perl
# Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
use warnings;
use lib ".";
use configdata;
my $config = "crypto/err/openssl.ec";
my $debug = 0;
my $internal = 0;
my $nowrite = 0;
my $rebuild = 0;
my $reindex = 0;
my $static = 0;
my $unref = 0;
my %modules = ();
my $errors = 0;
my @t = localtime();
my $YEAR = $t[5] + 1900;
sub phase
{
my $text = uc(shift);
print STDERR "\n---\n$text\n" if $debug;
}
sub help
{
print STDERR <<"EOF";
mkerr.pl [options] [files...]
Options:
-conf FILE Use the named config file FILE instead of the default.
-debug Verbose output debugging on stderr.
-internal Generate code that is to be built as part of OpenSSL itself.
Also scans internal list of files.
-module M Only useful with -internal!
Only write files for library module M. Whether files are
actually written or not depends on other options, such as
-rebuild.
Note: this option is cumulative. If not given at all, all
internal modules will be considered.
-nowrite Do not write the header/source files, even if changed.
-rebuild Rebuild all header and C source files, even if there
were no changes.
-reindex Ignore previously assigned values (except for R records in
the config file) and renumber everything starting at 100.
-static Make the load/unload functions static.
-unref List all unreferenced function and reason codes on stderr;
implies -nowrite.
-help Show this help text.
... Additional arguments are added to the file list to scan,
if '-internal' was NOT specified on the command line.
EOF
}
while ( @ARGV ) {
my $arg = $ARGV[0];
last unless $arg =~ /-.*/;
$arg = $1 if $arg =~ /-(-.*)/;
if ( $arg eq "-conf" ) {
$config = $ARGV[1];
shift @ARGV;
} elsif ( $arg eq "-debug" ) {
$debug = 1;
$unref = 1;
} elsif ( $arg eq "-internal" ) {
$internal = 1;
} elsif ( $arg eq "-nowrite" ) {
$nowrite = 1;
} elsif ( $arg eq "-rebuild" ) {
$rebuild = 1;
} elsif ( $arg eq "-reindex" ) {
$reindex = 1;
} elsif ( $arg eq "-static" ) {
$static = 1;
} elsif ( $arg eq "-unref" ) {
$unref = 1;
$nowrite = 1;
} elsif ( $arg eq "-module" ) {
shift @ARGV;
$modules{uc $ARGV[0]} = 1;
} elsif ( $arg =~ /-*h(elp)?/ ) {
&help();
exit;
} elsif ( $arg =~ /-.*/ ) {
die "Unknown option $arg; use -h for help.\n";
}
shift @ARGV;
}
my @source;
if ( $internal ) {
die "Cannot mix -internal and -static\n" if $static;
die "Extra parameters given.\n" if @ARGV;
@source = ( glob('crypto/*.c'), glob('crypto/*/*.c'),
glob('ssl/*.c'), glob('ssl/*/*.c') );
} else {
die "-module isn't useful without -internal\n" if scalar keys %modules > 0;
@source = @ARGV;
}
# Data parsed out of the config and state files.
my %hinc; # lib -> header
my %libinc; # header -> lib
my %cskip; # error_file -> lib
my %errorfile; # lib -> error file name
my %fmax; # lib -> max assigned function code
my %rmax; # lib -> max assigned reason code
my %fassigned; # lib -> colon-separated list of assigned function codes
my %rassigned; # lib -> colon-separated list of assigned reason codes
my %fnew; # lib -> count of new function codes
my %rnew; # lib -> count of new reason codes
my %rextra; # "extra" reason code -> lib
my %rcodes; # reason-name -> value
my %ftrans; # old name -> #define-friendly name (all caps)
my %fcodes; # function-name -> value
my $statefile; # state file with assigned reason and function codes
my %strings; # define -> text
# Read and parse the config file
open(IN, "$config") || die "Can't open config file $config, $!,";
while ( <IN> ) {
next if /^#/ || /^$/;
if ( /^L\s+(\S+)\s+(\S+)\s+(\S+)/ ) {
my $lib = $1;
my $hdr = $2;
my $err = $3;
$hinc{$lib} = $hdr;
$libinc{$hdr} = $lib;
$cskip{$err} = $lib;
next if $err eq 'NONE';
$errorfile{$lib} = $err;
$fmax{$lib} = 100;
$rmax{$lib} = 100;
$fassigned{$lib} = ":";
$rassigned{$lib} = ":";
$fnew{$lib} = 0;
$rnew{$lib} = 0;
} elsif ( /^R\s+(\S+)\s+(\S+)/ ) {
$rextra{$1} = $2;
$rcodes{$1} = $2;
} elsif ( /^S\s+(\S+)/ ) {
$statefile = $1;
} else {
die "Illegal config line $_\n";
}
}
close IN;
if ( ! $statefile ) {
$statefile = $config;
$statefile =~ s/.ec/.txt/;
}
# The statefile has all the previous assignments.
&phase("Reading state");
my $skippedstate = 0;
if ( ! $reindex && $statefile ) {
open(STATE, "<$statefile") || die "Can't open $statefile, $!";
# Scan function and reason codes and store them: keep a note of the
# maximum code used.
while ( <STATE> ) {
next if /^#/ || /^$/;
my $name;
my $code;
if ( /^(.+):(\d+):\\$/ ) {
$name = $1;
$code = $2;
my $next = <STATE>;
$next =~ s/^\s*(.*)\s*$/$1/;
die "Duplicate define $name" if exists $strings{$name};
$strings{$name} = $next;
} elsif ( /^(\S+):(\d+):(.*)$/ ) {
$name = $1;
$code = $2;
die "Duplicate define $name" if exists $strings{$name};
$strings{$name} = $3;
} else {
die "Bad line in $statefile:\n$_\n";
}
my $lib = $name;
$lib =~ s/^((?:OSSL_|OPENSSL_)?[^_]{2,}).*$/$1/;
$lib = "SSL" if $lib =~ /TLS/;
if ( !defined $errorfile{$lib} ) {
print "Skipping $_";
$skippedstate++;
next;
}
if ( $name =~ /^(?:OSSL_|OPENSSL_)?[A-Z0-9]{2,}_R_/ ) {
die "$lib reason code $code collision at $name\n"
if $rassigned{$lib} =~ /:$code:/;
$rassigned{$lib} .= "$code:";
if ( !exists $rextra{$name} ) {
$rmax{$lib} = $code if $code > $rmax{$lib};
}
$rcodes{$name} = $code;
} elsif ( $name =~ /^(?:OSSL_|OPENSSL_)?[A-Z0-9]{2,}_F_/ ) {
die "$lib function code $code collision at $name\n"
if $fassigned{$lib} =~ /:$code:/;
$fassigned{$lib} .= "$code:";
$fmax{$lib} = $code if $code > $fmax{$lib};
$fcodes{$name} = $code;
} else {
die "Bad line in $statefile:\n$_\n";
}
}
close(STATE);
if ( $debug ) {
foreach my $lib ( sort keys %rmax ) {
print STDERR "Reason codes for ${lib}:\n";
if ( $rassigned{$lib} =~ m/^:(.*):$/ ) {
my @rassigned = sort { $a <=> $b } split( ":", $1 );
print STDERR " ", join(' ', @rassigned), "\n";
} else {
print STDERR " --none--\n";
}
}
print STDERR "\n";
foreach my $lib ( sort keys %fmax ) {
print STDERR "Function codes for ${lib}:\n";
if ( $fassigned{$lib} =~ m/^:(.*):$/ ) {
my @fassigned = sort { $a <=> $b } split( ":", $1 );
print STDERR " ", join(' ', @fassigned), "\n";
} else {
print STDERR " --none--\n";
}
}
}
}
# Scan each header file and make a list of error codes
# and function names
&phase("Scanning headers");
while ( ( my $hdr, my $lib ) = each %libinc ) {
next if $hdr eq "NONE";
print STDERR " ." if $debug;
my $line = "";
my $def = "";
my $linenr = 0;
my $cpp = 0;
open(IN, "<$hdr") || die "Can't open $hdr, $!,";
while ( <IN> ) {
$linenr++;
if ( $line ne '' ) {
$_ = $line . $_;
$line = '';
}
if ( /\\$/ ) {
$line = $_;
next;
}
if ( /\/\*/ ) {
if ( not /\*\// ) { # multiline comment...
$line = $_; # ... just accumulate
next;
} else {
s/\/\*.*?\*\///gs; # wipe it
}
}
if ( $cpp ) {
$cpp++ if /^#\s*if/;
$cpp-- if /^#\s*endif/;
next;
}
$cpp = 1 if /^#.*ifdef.*cplusplus/; # skip "C" declaration
next if /^\#/; # skip preprocessor directives
s/{[^{}]*}//gs; # ignore {} blocks
if ( /\{|\/\*/ ) { # Add a so editor works...
$line = $_;
} else {
$def .= $_;
}
}
# Delete any DECLARE_ macros
my $defnr = 0;
$def =~ s/DECLARE_\w+\([\w,\s]+\)//gs;
foreach ( split /;/, $def ) {
$defnr++;
# The goal is to collect function names from function declarations.
s/^[\n\s]*//g;
s/[\n\s]*$//g;
# Skip over recognized non-function declarations
next if /typedef\W/ or /DECLARE_STACK_OF/ or /TYPEDEF_.*_OF/;
# Remove STACK_OF(foo)
s/STACK_OF\(\w+\)/void/;
# Reduce argument lists to empty ()
# fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {}
while ( /\(.*\)/s ) {
s/\([^\(\)]+\)/\{\}/gs;
s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs; #(*f{}) -> f
}
# pretend as we didn't use curly braces: {} -> ()
s/\{\}/\(\)/gs;
# Last token just before the first () is a function name.
if ( /(\w+)\s*\(\).*/s ) {
my $name = $1;
$name =~ tr/[a-z]/[A-Z]/;
$ftrans{$name} = $1;
} elsif ( /[\(\)]/ and not(/=/) ) {
print STDERR "Header $hdr: cannot parse: $_;\n";
}
}
next if $reindex;
if ( $lib eq "SSL" && $rmax{$lib} >= 1000 ) {
print STDERR "SSL error codes 1000+ are reserved for alerts.\n";
print STDERR "Any new alerts must be added to $config.\n";
$errors++;
}
close IN;
}
print STDERR "\n" if $debug;
# Scan each C source file and look for function and reason codes
# This is done by looking for strings that "look like" function or
# reason codes: basically anything consisting of all upper case and
# numerics which has _F_ or _R_ in it and which has the name of an
# error library at the start. This seems to work fine except for the
# oddly named structure BIO_F_CTX which needs to be ignored.
# If a code doesn't exist in list compiled from headers then mark it
# with the value "X" as a place holder to give it a value later.
# Store all function and reason codes found in %usedfuncs and %usedreasons
# so all those unreferenced can be printed out.
&phase("Scanning source");
my %usedfuncs;
my %usedreasons;
foreach my $file ( @source ) {
# Don't parse the error source file.
next if exists $cskip{$file};
open( IN, "<$file" ) || die "Can't open $file, $!,";
my $func;
my $linenr = 0;
print STDERR "$file:\n" if $debug;
while ( <IN> ) {
# skip obsoleted source files entirely!
last if /^#error\s+obsolete/;
$linenr++;
if ( !/;$/ && /^\**([a-zA-Z_].*[\s*])?([A-Za-z_0-9]+)\(.*([),]|$)/ ) {
/^([^()]*(\([^()]*\)[^()]*)*)\(/;
$1 =~ /([A-Za-z_0-9]*)$/;
$func = $1;
}
if ( /(((?:OSSL_|OPENSSL_)?[A-Z0-9]{2,})_F_([A-Z0-9_]+))/ ) {
next unless exists $errorfile{$2};
next if $1 eq "BIO_F_BUFFER_CTX";
$usedfuncs{$1} = 1;
if ( !exists $fcodes{$1} ) {
print STDERR " New function $1\n" if $debug;
$fcodes{$1} = "X";
$fnew{$2}++;
}
$ftrans{$3} = $func unless exists $ftrans{$3};
if ( uc($func) ne $3 ) {
print STDERR "ERROR: mismatch $file:$linenr $func:$3\n";
$errors++;
}
print STDERR " Function $1 = $fcodes{$1}\n"
if $debug;
}
if ( /(((?:OSSL_|OPENSSL_)?[A-Z0-9]{2,})_R_[A-Z0-9_]+)/ ) {
next unless exists $errorfile{$2};
$usedreasons{$1} = 1;
if ( !exists $rcodes{$1} ) {
print STDERR " New reason $1\n" if $debug;
$rcodes{$1} = "X";
$rnew{$2}++;
}
print STDERR " Reason $1 = $rcodes{$1}\n" if $debug;
}
}
close IN;
}
print STDERR "\n" if $debug;
# Now process each library in turn.
&phase("Writing files");
my $newstate = 0;
foreach my $lib ( keys %errorfile ) {
if ( ! $fnew{$lib} && ! $rnew{$lib} ) {
next unless $rebuild;
}
next if scalar keys %modules > 0 && !$modules{$lib};
next if $nowrite;
print STDERR "$lib: $fnew{$lib} new functions\n" if $fnew{$lib};
print STDERR "$lib: $rnew{$lib} new reasons\n" if $rnew{$lib};
$newstate = 1;
# If we get here then we have some new error codes so we
# need to rebuild the header file and C file.
# Make a sorted list of error and reason codes for later use.
my @function = sort grep( /^${lib}_/, keys %fcodes );
my @reasons = sort grep( /^${lib}_/, keys %rcodes );
# indent level for innermost preprocessor lines
my $indent = " ";
# Rewrite the header file
my $hfile = $hinc{$lib};
$hfile =~ s/.h$/err.h/ if $internal;
open( OUT, ">$hfile" ) || die "Can't write to $hfile, $!,";
print OUT <<"EOF";
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-$YEAR The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the \"License\"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef HEADER_${lib}ERR_H
# define HEADER_${lib}ERR_H
EOF
if ( $internal ) {
# Declare the load function because the generate C file
# includes "fooerr.h" not "foo.h"
if ($lib ne "SSL" && $lib ne "ASYNC"
&& grep { $lib eq uc $_ } @disablables) {
print OUT <<"EOF";
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_${lib}
EOF
$indent = " ";
}
print OUT <<"EOF";
#${indent}ifdef __cplusplus
extern \"C\"
#${indent}endif
int ERR_load_${lib}_strings(void);
EOF
} else {
print OUT <<"EOF";
# define ${lib}err(f, r) ERR_${lib}_error((f), (r), OPENSSL_FILE, OPENSSL_LINE)
EOF
if ( ! $static ) {
print OUT <<"EOF";
# ifdef __cplusplus
extern \"C\" {
# endif
int ERR_load_${lib}_strings(void);
void ERR_unload_${lib}_strings(void);
void ERR_${lib}_error(int function, int reason, char *file, int line);
# ifdef __cplusplus
}
# endif
EOF
}
}
print OUT "\n/*\n * $lib function codes.\n */\n";
foreach my $i ( @function ) {
my $z = 48 - length($i);
$z = 0 if $z < 0;
if ( $fcodes{$i} eq "X" ) {
$fassigned{$lib} =~ m/^:([^:]*):/;
my $findcode = $1;
$findcode = $fmax{$lib} if !defined $findcode;
while ( $fassigned{$lib} =~ m/:$findcode:/ ) {
$findcode++;
}
$fcodes{$i} = $findcode;
$fassigned{$lib} .= "$findcode:";
print STDERR "New Function code $i\n" if $debug;
}
printf OUT "#${indent}define $i%s $fcodes{$i}\n", " " x $z;
}
print OUT "\n/*\n * $lib reason codes.\n */\n";
foreach my $i ( @reasons ) {
my $z = 48 - length($i);
$z = 0 if $z < 0;
if ( $rcodes{$i} eq "X" ) {
$rassigned{$lib} =~ m/^:([^:]*):/;
my $findcode = $1;
$findcode = $rmax{$lib} if !defined $findcode;
while ( $rassigned{$lib} =~ m/:$findcode:/ ) {
$findcode++;
}
$rcodes{$i} = $findcode;
$rassigned{$lib} .= "$findcode:";
print STDERR "New Reason code $i\n" if $debug;
}
printf OUT "#${indent}define $i%s $rcodes{$i}\n", " " x $z;
}
print OUT "\n";
while (length($indent) > 0) {
$indent = substr $indent, 0, -1;
print OUT "#${indent}endif\n";
}
# Rewrite the C source file containing the error details.
# First, read any existing reason string definitions:
my $cfile = $errorfile{$lib};
my $pack_lib = $internal ? "ERR_LIB_${lib}" : "0";
my $hincf = $hfile;
$hincf =~ s|.*include/||;
if ( $hincf =~ m|^openssl/| ) {
$hincf = "<${hincf}>";
} else {
$hincf = "\"${hincf}\"";
}
open( OUT, ">$cfile" )
|| die "Can't open $cfile for writing, $!, stopped";
my $const = $internal ? 'const ' : '';
print OUT <<"EOF";
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-$YEAR The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/err.h>
#include $hincf
#ifndef OPENSSL_NO_ERR
static ${const}ERR_STRING_DATA ${lib}_str_functs[] = {
EOF
# Add each function code: if a function name is found then use it.
foreach my $i ( @function ) {
my $fn;
if ( exists $strings{$i} and $strings{$i} ne '' ) {
$fn = $strings{$i};
$fn = "" if $fn eq '*';
} else {
$i =~ /^${lib}_F_(\S+)$/;
$fn = $1;
$fn = $ftrans{$fn} if exists $ftrans{$fn};
$strings{$i} = $fn;
}
my $short = " {ERR_PACK($pack_lib, $i, 0), \"$fn\"},";
if ( length($short) <= 80 ) {
print OUT "$short\n";
} else {
print OUT " {ERR_PACK($pack_lib, $i, 0),\n \"$fn\"},\n";
}
}
print OUT <<"EOF";
{0, NULL}
};
static ${const}ERR_STRING_DATA ${lib}_str_reasons[] = {
EOF
# Add each reason code.
foreach my $i ( @reasons ) {
my $rn;
if ( exists $strings{$i} ) {
$rn = $strings{$i};
$rn = "" if $rn eq '*';
} else {
$i =~ /^${lib}_R_(\S+)$/;
$rn = $1;
$rn =~ tr/_[A-Z]/ [a-z]/;
$strings{$i} = $rn;
}
my $short = " {ERR_PACK($pack_lib, 0, $i), \"$rn\"},";
if ( length($short) <= 80 ) {
print OUT "$short\n";
} else {
print OUT " {ERR_PACK($pack_lib, 0, $i),\n \"$rn\"},\n";
}
}
print OUT <<"EOF";
{0, NULL}
};
#endif
EOF
if ( $internal ) {
print OUT <<"EOF";
int ERR_load_${lib}_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(${lib}_str_functs[0].error) == NULL) {
ERR_load_strings_const(${lib}_str_functs);
ERR_load_strings_const(${lib}_str_reasons);
}
#endif
return 1;
}
EOF
} else {
my $st = $static ? "static " : "";
print OUT <<"EOF";
static int lib_code = 0;
static int error_loaded = 0;
${st}int ERR_load_${lib}_strings(void)
{
if (lib_code == 0)
lib_code = ERR_get_next_error_library();
if (!error_loaded) {
#ifndef OPENSSL_NO_ERR
ERR_load_strings(lib_code, ${lib}_str_functs);
ERR_load_strings(lib_code, ${lib}_str_reasons);
#endif
error_loaded = 1;
}
return 1;
}
${st}void ERR_unload_${lib}_strings(void)
{
if (error_loaded) {
#ifndef OPENSSL_NO_ERR
ERR_unload_strings(lib_code, ${lib}_str_functs);
ERR_unload_strings(lib_code, ${lib}_str_reasons);
#endif
error_loaded = 0;
}
}
${st}void ERR_${lib}_error(int function, int reason, char *file, int line)
{
if (lib_code == 0)
lib_code = ERR_get_next_error_library();
ERR_PUT_error(lib_code, function, reason, file, line);
}
EOF
}
close OUT;
}
&phase("Ending");
# Make a list of unreferenced function and reason codes
if ( $unref ) {
my @funref;
foreach ( keys %fcodes ) {
push( @funref, $_ ) unless exists $usedfuncs{$_};
}
my @runref;
foreach ( keys %rcodes ) {
push( @runref, $_ ) unless exists $usedreasons{$_};
}
if ( @funref ) {
print STDERR "The following function codes were not referenced:\n";
foreach ( sort @funref ) {
print STDERR " $_\n";
}
}
if ( @runref ) {
print STDERR "The following reason codes were not referenced:\n";
foreach ( sort @runref ) {
print STDERR " $_\n";
}
}
}
die "Found $errors errors, quitting" if $errors;
# Update the state file
if ( $newstate ) {
open(OUT, ">$statefile.new")
|| die "Can't write $statefile.new, $!";
print OUT <<"EOF";
# Copyright 1999-$YEAR The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
EOF
print OUT "\n# Function codes\n";
foreach my $i ( sort keys %fcodes ) {
my $short = "$i:$fcodes{$i}:";
my $t = exists $strings{$i} ? $strings{$i} : "";
$t = "\\\n\t" . $t if length($short) + length($t) > 80;
print OUT "$short$t\n";
}
print OUT "\n#Reason codes\n";
foreach my $i ( sort keys %rcodes ) {
my $short = "$i:$rcodes{$i}:";
my $t = exists $strings{$i} ? "$strings{$i}" : "";
$t = "\\\n\t" . $t if length($short) + length($t) > 80;
print OUT "$short$t\n" if !exists $rextra{$i};
}
close(OUT);
if ( $skippedstate ) {
print "Skipped state, leaving update in $statefile.new";
} else {
rename "$statefile", "$statefile.old"
|| die "Can't backup $statefile to $statefile.old, $!";
rename "$statefile.new", "$statefile"
|| die "Can't rename $statefile to $statefile.new, $!";
}
}
exit;

93
trunk/3rdparty/openssl-1.1-fit/util/mkrc.pl vendored Executable file
View file

@ -0,0 +1,93 @@
#! /usr/bin/env perl
# Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
use warnings;
use lib ".";
use configdata;
use File::Spec::Functions;
my $versionfile = catfile( $config{sourcedir}, "include/openssl/opensslv.h" );
my ( $ver, $v1, $v2, $v3, $v4, $beta, $version );
open FD, $versionfile or die "Couldn't open include/openssl/opensslv.h: $!\n";
while (<FD>) {
if (/OPENSSL_VERSION_NUMBER\s+(0x[0-9a-f]+)/i) {
$ver = hex($1);
$v1 = ( $ver >> 28 );
$v2 = ( $ver >> 20 ) & 0xff;
$v3 = ( $ver >> 12 ) & 0xff;
$v4 = ( $ver >> 4 ) & 0xff;
$beta = $ver & 0xf;
$version = "$v1.$v2.$v3";
if ( $beta == 0xf ) {
$version .= chr( ord('a') + $v4 - 1 ) if ($v4);
} elsif ( $beta == 0 ) {
$version .= "-dev";
} else {
$version .= "-beta$beta";
}
last;
}
}
close(FD);
my $filename = $ARGV[0];
my $description = "OpenSSL library";
my $vft = "VFT_DLL";
if ( $filename =~ /openssl/i ) {
$description = "OpenSSL application";
$vft = "VFT_APP";
}
my $YEAR = [localtime()]->[5] + 1900;
print <<___;
#include <winver.h>
LANGUAGE 0x09,0x01
1 VERSIONINFO
FILEVERSION $v1,$v2,$v3,$v4
PRODUCTVERSION $v1,$v2,$v3,$v4
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x01L
#else
FILEFLAGS 0x00L
#endif
FILEOS VOS__WINDOWS32
FILETYPE $vft
FILESUBTYPE 0x0L
BEGIN
BLOCK "StringFileInfo"
BEGIN
BLOCK "040904b0"
BEGIN
// Required:
VALUE "CompanyName", "The OpenSSL Project, https://www.openssl.org/\\0"
VALUE "FileDescription", "$description\\0"
VALUE "FileVersion", "$version\\0"
VALUE "InternalName", "$filename\\0"
VALUE "OriginalFilename", "$filename\\0"
VALUE "ProductName", "The OpenSSL Toolkit\\0"
VALUE "ProductVersion", "$version\\0"
// Optional:
//VALUE "Comments", "\\0"
VALUE "LegalCopyright", "Copyright 1998-$YEAR The OpenSSL Authors. All rights reserved.\\0"
//VALUE "LegalTrademarks", "\\0"
//VALUE "PrivateBuild", "\\0"
//VALUE "SpecialBuild", "\\0"
END
END
BLOCK "VarFileInfo"
BEGIN
VALUE "Translation", 0x409, 0x4b0
END
END
___

View file

@ -0,0 +1,175 @@
#!/bin/sh
#
# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
#
# openssl-format-source
# - format source tree according to OpenSSL coding style using indent
#
# usage:
# openssl-format-source [-v] [-n] [file|directory] ...
#
# note: the indent options assume GNU indent v2.2.10 which was released
# Feb-2009 so if you have an older indent the options may not
# match what is expected
#
# any marked block comment blocks have to be moved to align manually after
# the reformatting has been completed as marking a block causes indent to
# not move it at all ...
#
PATH=/usr/local/bin:/bin:/usr/bin:$PATH
export PATH
HERE="`dirname $0`"
set -e
INDENT=indent
uname -s | grep BSD > /dev/null && type gindent > /dev/null 2>&1 && INDENT=gindent
if [ $# -eq 0 ]; then
echo "usage: $0 [-v] [-n] [-c] [sourcefile|sourcedir] ..." >&2
exit 1
fi
VERBOSE=false
DONT=false
STOPARGS=false
COMMENTS=false
CHANGED=false
DEBUG=""
# for this exercise, we want to force the openssl style, so we roll
# our own indent profile, which is at a well known location
INDENT_PROFILE="$HERE/indent.pro"
export INDENT_PROFILE
if [ ! -f "$INDENT_PROFILE" ]; then
echo "$0: unable to locate the openssl indent.pro file" >&2
exit 1
fi
# Extra arguments; for adding the comment-formatting
INDENT_ARGS=""
for i
do
if [ "$STOPARGS" != "true" ]; then
case $i in
--) STOPARGS="true"; continue;;
-n) DONT="true"; continue;;
-v) VERBOSE="true";
echo "INDENT_PROFILE=$INDENT_PROFILE";
continue;;
-c) COMMENTS="true";
INDENT_ARGS="-fc1 -fca -cdb -sc";
continue;;
-nc) COMMENTS="true";
continue;;
-d) DEBUG='eval tee "$j.pre" |'
continue;;
esac
fi
if [ -d "$i" ]; then
LIST=`find "$i" -name '*.[ch]' -print`
else
if [ ! -f "$i" ]; then
echo "$0: source file not found: $i" >&2
exit 1
fi
LIST="$i"
fi
for j in $LIST
do
# ignore symlinks - we only ever process the base file - so if we
# expand a directory tree we need to ignore any located symlinks
if [ -d "$i" ]; then
if [ -h "$j" ]; then
continue;
fi
fi
if [ "$DONT" = "false" ]; then
tmp=$(mktemp /tmp/indent.XXXXXX)
trap 'rm -f "$tmp"' HUP INT TERM EXIT
case `basename $j` in
# the list of files that indent is unable to handle correctly
# that we simply leave alone for manual formatting now
obj_dat.h|aes_core.c|aes_x86core.c|ecp_nistz256.c)
echo "skipping $j"
;;
*)
if [ "$COMMENTS" = "true" ]; then
# we have to mark single line comments as /*- ...*/ to stop indent
# messing with them, run expand then indent as usual but with the
# the process-comments options and then undo that marking, and then
# finally re-run indent without process-comments so the marked-to-
# be-ignored comments we did automatically end up getting moved
# into the right position within the code as indent leaves marked
# comments entirely untouched - we appear to have no way to avoid
# the double processing and get the desired output
cat "$j" | \
expand | \
perl -0 -np \
-e 's/(\n#[ \t]*ifdef[ \t]+__cplusplus\n[^\n]*\n#[ \t]*endif\n)/\n\/**INDENT-OFF**\/$1\/**INDENT-ON**\/\n/g;' \
-e 's/(\n\/\*\!)/\n\/**/g;' \
-e 's/(STACK_OF|LHASH_OF)\(([^ \t,\)]+)\)( |\n)/$1_$2_$3/g;' \
| \
perl -np \
-e 's/^([ \t]*)\/\*([ \t]+.*)\*\/[ \t]*$/my ($x1,$x2) = ($1, $2); if (length("$x1$x2")<75 && $x2 !~ m#^\s*\*INDENT-(ON|OFF)\*\s*$#) {$c="-"}else{$c=""}; "$x1\/*$c$x2*\/"/e;' \
-e 's/^\/\* ((Copyright|=|----).*)$/\/*-$1/;' \
-e 's/^((DECLARE|IMPLEMENT)_.*)$/\/**INDENT-OFF**\/\n$1\n\/**INDENT-ON**\//;' \
-e 's/^([ \t]*(make_dh|make_dh_bn|make_rfc5114_td)\(.*\)[ \t,]*)$/\/**INDENT-OFF**\/\n$1\n\/**INDENT-ON**\//;' \
-e 's/^(ASN1_ADB_TEMPLATE\(.*)$/\/**INDENT-OFF**\/\n$1\n\/**INDENT-ON**\//;' \
-e 's/^((ASN1|ADB)_.*_(end|END)\(.*[\){=,;]+[ \t]*)$/$1\n\/**INDENT-ON**\//;' \
-e '/ASN1_(ITEM_ref|ITEM_ptr|ITEM_rptr|PCTX)/ || s/^((ASN1|ADB)_[^\*]*[){=,]+[ \t]*)$/\/**INDENT-OFF**\/\n$1/;' \
-e 's/^(} (ASN1|ADB)_[^\*]*[\){=,;]+)$/$1\n\/**INDENT-ON**\//;' \
| \
$DEBUG $INDENT $INDENT_ARGS | \
perl -np \
-e 's/^([ \t]*)\/\*-(.*)\*\/[ \t]*$/$1\/*$2*\//;' \
-e 's/^\/\*-((Copyright|=|----).*)$/\/* $1/;' \
| $INDENT | \
perl -0 -np \
-e 's/\/\*\*INDENT-(ON|OFF)\*\*\/\n//g;' \
| perl -np \
-e 's/(STACK_OF|LHASH_OF)_([^ \t,]+)_( |\/)/$1($2)$3/g;' \
-e 's/(STACK_OF|LHASH_OF)_([^ \t,]+)_$/$1($2)/g;' \
| perl "$HERE"/su-filter.pl \
> "$tmp"
else
expand "$j" | $INDENT $INDENT_ARGS > "$tmp"
fi;
if cmp -s "$tmp" "$j"; then
if [ "$VERBOSE" = "true" ]; then
echo "$j unchanged"
fi
rm "$tmp"
else
if [ "$VERBOSE" = "true" ]; then
echo "$j changed"
fi
CHANGED=true
mv "$tmp" "$j"
fi
;;
esac
fi
done
done
if [ "$VERBOSE" = "true" ]; then
echo
if [ "$CHANGED" = "true" ]; then
echo "SOURCE WAS MODIFIED"
else
echo "SOURCE WAS NOT MODIFIED"
fi
fi

View file

@ -0,0 +1,63 @@
#!/usr/bin/env bash
#
# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
myname="$(basename $0)"
this_year="$(date '+%Y')"
some_year="[12][0-9][0-9][0-9]"
year_range="(${some_year})(-${some_year})?"
copyright_owner="The OpenSSL Project"
copyright="Copyright .*${year_range} .*${copyright_owner}"
# sed_script:
# for all lines that contain ${copyright} : {
# replace years yyyy-zzzz (or year yyyy) by yyyy-${this_year}
# replace repeated years yyyy-yyyy by yyyy
# }
sed_script="/${copyright}/{ s/${year_range}/\1-${this_year}/ ; s/(${some_year})-\1/\1/ }"
function usage() {
cat >&2 <<EOF
usage: $myname [-h|--help] [file|directory] ...
Updates the year ranges of all OpenSSL copyright statements in the given
files or directories. (Directories are traversed recursively.)
EOF
}
if [ $# -eq 0 ]; then
usage
exit 0
fi
for arg in "$@"; do
case $arg in
-h|--help)
usage
exit 0
;;
-*)
echo -e "illegal option: $arg\n" >& 2
usage
exit 1
;;
*)
if [ -f "$arg" ]; then
sed -E -i "${sed_script}" "$arg"
elif [ -d "$arg" ]; then
find "$arg" -name '.[a-z]*' -prune -o -type f -exec sed -E -i "${sed_script}" {} +
else
echo "$arg: no such file or directory" >&2
fi
;;
esac
done

View file

@ -0,0 +1,26 @@
#!/bin/sh
HERE="`echo $0 | sed -e 's|[^/]*$||'`"
OPENSSL="${HERE}../apps/openssl"
if [ -d "${HERE}../engines" -a "x$OPENSSL_ENGINES" = "x" ]; then
OPENSSL_ENGINES="${HERE}../engines"; export OPENSSL_ENGINES
fi
if [ -x "${OPENSSL}.exe" ]; then
# The original reason for this script existence is to work around
# certain caveats in run-time linker behaviour. On Windows platforms
# adjusting $PATH used to be sufficient, but with introduction of
# SafeDllSearchMode in XP/2003 the only way to get it right in
# *all* possible situations is to copy newly built .DLLs to apps/
# and test/, which is now done elsewhere... The $PATH is adjusted
# for backward compatibility (and nostagical reasons:-).
if [ "$OSTYPE" != msdosdjgpp ]; then
PATH="${HERE}..:$PATH"; export PATH
fi
exec "${OPENSSL}.exe" "$@"
elif [ -x "${OPENSSL}" -a -x "${HERE}shlib_wrap.sh" ]; then
exec "${HERE}shlib_wrap.sh" "${OPENSSL}" "$@"
else
exec "${OPENSSL}" "$@" # hope for the best...
fi

View file

@ -0,0 +1,21 @@
package OpenSSL::Glob;
use strict;
use warnings;
use File::Glob;
use Exporter;
use vars qw($VERSION @ISA @EXPORT);
$VERSION = '0.1';
@ISA = qw(Exporter);
@EXPORT = qw(glob);
sub glob {
goto &File::Glob::bsd_glob if $^O ne "VMS";
goto &CORE::glob;
}
1;
__END__

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,91 @@
# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
package OpenSSL::Test::Simple;
use strict;
use warnings;
use Exporter;
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
$VERSION = "0.2";
@ISA = qw(Exporter);
@EXPORT = qw(simple_test);
=head1 NAME
OpenSSL::Test::Simple - a few very simple test functions
=head1 SYNOPSIS
use OpenSSL::Test::Simple;
simple_test("my_test_name", "destest", "des");
=head1 DESCRIPTION
Sometimes, the functions in L<OpenSSL::Test> are quite tedious for some
repetitive tasks. This module provides functions to make life easier.
You could call them hacks if you wish.
=cut
use OpenSSL::Test;
use OpenSSL::Test::Utils;
=over 4
=item B<simple_test NAME, PROGRAM, ALGORITHM>
Runs a test named NAME, running the program PROGRAM with no arguments,
to test the algorithm ALGORITHM.
A complete recipe looks like this:
use OpenSSL::Test::Simple;
simple_test("test_bf", "bftest", "bf");
=back
=cut
# args:
# name (used with setup())
# algorithm (used to check if it's at all supported)
# name of binary (the program that does the actual test)
sub simple_test {
my ($name, $prgr, @algos) = @_;
setup($name);
if (scalar(disabled(@algos))) {
if (scalar(@algos) == 1) {
plan skip_all => $algos[0]." is not supported by this OpenSSL build";
} else {
my $last = pop @algos;
plan skip_all => join(", ", @algos)." and $last are not supported by this OpenSSL build";
}
}
plan tests => 1;
ok(run(test([$prgr])), "running $prgr");
}
=head1 SEE ALSO
L<OpenSSL::Test>
=head1 AUTHORS
Richard Levitte E<lt>levitte@openssl.orgE<gt> with inspiration
from Rich Salz E<lt>rsalz@openssl.orgE<gt>.
=cut
1;

View file

@ -0,0 +1,240 @@
# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
package OpenSSL::Test::Utils;
use strict;
use warnings;
use Exporter;
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
$VERSION = "0.1";
@ISA = qw(Exporter);
@EXPORT = qw(alldisabled anydisabled disabled config available_protocols
have_IPv4 have_IPv6);
=head1 NAME
OpenSSL::Test::Utils - test utility functions
=head1 SYNOPSIS
use OpenSSL::Test::Utils;
my @tls = available_protocols("tls");
my @dtls = available_protocols("dtls");
alldisabled("dh", "dsa");
anydisabled("dh", "dsa");
config("fips");
have_IPv4();
have_IPv6();
=head1 DESCRIPTION
This module provides utility functions for the testing framework.
=cut
use OpenSSL::Test qw/:DEFAULT bldtop_file/;
=over 4
=item B<available_protocols STRING>
Returns a list of strings for all the available SSL/TLS versions if
STRING is "tls", or for all the available DTLS versions if STRING is
"dtls". Otherwise, it returns the empty list. The strings in the
returned list can be used with B<alldisabled> and B<anydisabled>.
=item B<alldisabled ARRAY>
=item B<anydisabled ARRAY>
In an array context returns an array with each element set to 1 if the
corresponding feature is disabled and 0 otherwise.
In a scalar context, alldisabled returns 1 if all of the features in
ARRAY are disabled, while anydisabled returns 1 if any of them are
disabled.
=item B<config STRING>
Returns an item from the %config hash in \$TOP/configdata.pm.
=item B<have_IPv4>
=item B<have_IPv6>
Return true if IPv4 / IPv6 is possible to use on the current system.
=back
=cut
our %available_protocols;
our %disabled;
our %config;
my $configdata_loaded = 0;
sub load_configdata {
# We eval it so it doesn't run at compile time of this file.
# The latter would have bldtop_file() complain that setup() hasn't
# been run yet.
my $configdata = bldtop_file("configdata.pm");
eval { require $configdata;
%available_protocols = %configdata::available_protocols;
%disabled = %configdata::disabled;
%config = %configdata::config;
};
$configdata_loaded = 1;
}
# args
# list of 1s and 0s, coming from check_disabled()
sub anyof {
my $x = 0;
foreach (@_) { $x += $_ }
return $x > 0;
}
# args
# list of 1s and 0s, coming from check_disabled()
sub allof {
my $x = 1;
foreach (@_) { $x *= $_ }
return $x > 0;
}
# args
# list of strings, all of them should be names of features
# that can be disabled.
# returns a list of 1s (if the corresponding feature is disabled)
# and 0s (if it isn't)
sub check_disabled {
return map { exists $disabled{lc $_} ? 1 : 0 } @_;
}
# Exported functions #################################################
# args:
# list of features to check
sub anydisabled {
load_configdata() unless $configdata_loaded;
my @ret = check_disabled(@_);
return @ret if wantarray;
return anyof(@ret);
}
# args:
# list of features to check
sub alldisabled {
load_configdata() unless $configdata_loaded;
my @ret = check_disabled(@_);
return @ret if wantarray;
return allof(@ret);
}
# !!! Kept for backward compatibility
# args:
# single string
sub disabled {
anydisabled(@_);
}
sub available_protocols {
load_configdata() unless $configdata_loaded;
my $protocol_class = shift;
if (exists $available_protocols{lc $protocol_class}) {
return @{$available_protocols{lc $protocol_class}}
}
return ();
}
sub config {
load_configdata() unless $configdata_loaded;
return $config{$_[0]};
}
# IPv4 / IPv6 checker
my $have_IPv4 = -1;
my $have_IPv6 = -1;
my $IP_factory;
sub check_IP {
my $listenaddress = shift;
eval {
require IO::Socket::IP;
my $s = IO::Socket::IP->new(
LocalAddr => $listenaddress,
LocalPort => 0,
Listen=>1,
);
$s or die "\n";
$s->close();
};
if ($@ eq "") {
return 1;
}
eval {
require IO::Socket::INET6;
my $s = IO::Socket::INET6->new(
LocalAddr => $listenaddress,
LocalPort => 0,
Listen=>1,
);
$s or die "\n";
$s->close();
};
if ($@ eq "") {
return 1;
}
eval {
require IO::Socket::INET;
my $s = IO::Socket::INET->new(
LocalAddr => $listenaddress,
LocalPort => 0,
Listen=>1,
);
$s or die "\n";
$s->close();
};
if ($@ eq "") {
return 1;
}
return 0;
}
sub have_IPv4 {
if ($have_IPv4 < 0) {
$have_IPv4 = check_IP("127.0.0.1");
}
return $have_IPv4;
}
sub have_IPv6 {
if ($have_IPv6 < 0) {
$have_IPv6 = check_IP("::1");
}
return $have_IPv6;
}
=head1 SEE ALSO
L<OpenSSL::Test>
=head1 AUTHORS
Stephen Henson E<lt>steve@openssl.orgE<gt> and
Richard Levitte E<lt>levitte@openssl.orgE<gt>
=cut
1;

View file

@ -0,0 +1,149 @@
# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
package OpenSSL::Util::Pod;
use strict;
use warnings;
use Exporter;
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
$VERSION = "0.1";
@ISA = qw(Exporter);
@EXPORT = qw(extract_pod_info);
@EXPORT_OK = qw();
=head1 NAME
OpenSSL::Util::Pod - utilities to manipulate .pod files
=head1 SYNOPSIS
use OpenSSL::Util::Pod;
my %podinfo = extract_pod_info("foo.pod");
# or if the file is already opened... Note that this consumes the
# remainder of the file.
my %podinfo = extract_pod_info(\*STDIN);
=head1 DESCRIPTION
=over
=item B<extract_pod_info "FILENAME", HASHREF>
=item B<extract_pod_info "FILENAME">
=item B<extract_pod_info GLOB, HASHREF>
=item B<extract_pod_info GLOB>
Extracts information from a .pod file, given a STRING (file name) or a
GLOB (a file handle). The result is given back as a hash table.
The additional hash is for extra parameters:
=over
=item B<section =E<gt> N>
The value MUST be a number, and will be the man section number
to be used with the given .pod file.
=item B<debug =E<gt> 0|1>
If set to 1, extra debug text will be printed on STDERR
=back
=back
=head1 RETURN VALUES
=over
=item B<extract_pod_info> returns a hash table with the following
items:
=over
=item B<section =E<gt> N>
The man section number this .pod file belongs to. Often the same as
was given as input.
=item B<names =E<gt> [ "name", ... ]>
All the names extracted from the NAME section.
=back
=back
=cut
sub extract_pod_info {
my $input = shift;
my $defaults_ref = shift || {};
my %defaults = ( debug => 0, section => 0, %$defaults_ref );
my $fh = undef;
my $filename = undef;
# If not a file handle, then it's assume to be a file path (a string)
unless (ref $input eq "GLOB") {
$filename = $input;
open $fh, $input or die "Trying to read $filename: $!\n";
print STDERR "DEBUG: Reading $input\n" if $defaults{debug};
$input = $fh;
}
my %podinfo = ( section => $defaults{section});
while(<$input>) {
s|\R$||;
# Stop reading when we have reached past the NAME section.
last if (m|^=head1|
&& defined $podinfo{lastsect}
&& $podinfo{lastsect} eq "NAME");
# Collect the section name
if (m|^=head1\s*(.*)|) {
$podinfo{lastsect} = $1;
$podinfo{lastsect} =~ s/\s+$//;
print STDERR "DEBUG: Found new pod section $1\n"
if $defaults{debug};
print STDERR "DEBUG: Clearing pod section text\n"
if $defaults{debug};
$podinfo{lastsecttext} = "";
}
next if (m|^=| || m|^\s*$|);
# Collect the section text
print STDERR "DEBUG: accumulating pod section text \"$_\"\n"
if $defaults{debug};
$podinfo{lastsecttext} .= " " if $podinfo{lastsecttext};
$podinfo{lastsecttext} .= $_;
}
if (defined $fh) {
close $fh;
print STDERR "DEBUG: Done reading $filename\n" if $defaults{debug};
}
$podinfo{lastsecttext} =~ s| - .*$||;
my @names =
map { s|\s+||g; $_ }
split(m|,|, $podinfo{lastsecttext});
return ( section => $podinfo{section}, names => [ @names ] );
}
1;

View file

@ -0,0 +1,51 @@
# Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
package TLSProxy::Alert;
sub new
{
my $class = shift;
my ($server,
$encrypted,
$level,
$description) = @_;
my $self = {
server => $server,
encrypted => $encrypted,
level => $level,
description => $description
};
return bless $self, $class;
}
#Read only accessors
sub server
{
my $self = shift;
return $self->{server};
}
sub encrypted
{
my $self = shift;
return $self->{encrypted};
}
sub level
{
my $self = shift;
return $self->{level};
}
sub description
{
my $self = shift;
return $self->{description};
}
1;

View file

@ -0,0 +1,214 @@
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
package TLSProxy::Certificate;
use vars '@ISA';
push @ISA, 'TLSProxy::Message';
sub new
{
my $class = shift;
my ($server,
$data,
$records,
$startoffset,
$message_frag_lens) = @_;
my $self = $class->SUPER::new(
$server,
TLSProxy::Message::MT_CERTIFICATE,
$data,
$records,
$startoffset,
$message_frag_lens);
$self->{first_certificate} = "";
$self->{extension_data} = "";
$self->{remaining_certdata} = "";
return $self;
}
sub parse
{
my $self = shift;
if (TLSProxy::Proxy->is_tls13()) {
my $context_len = unpack('C', $self->data);
my $context = substr($self->data, 1, $context_len);
my $remdata = substr($self->data, 1 + $context_len);
my ($hicertlistlen, $certlistlen) = unpack('Cn', $remdata);
$certlistlen += ($hicertlistlen << 16);
$remdata = substr($remdata, 3);
die "Invalid Certificate List length"
if length($remdata) != $certlistlen;
my ($hicertlen, $certlen) = unpack('Cn', $remdata);
$certlen += ($hicertlen << 16);
die "Certificate too long" if ($certlen + 3) > $certlistlen;
$remdata = substr($remdata, 3);
my $certdata = substr($remdata, 0, $certlen);
$remdata = substr($remdata, $certlen);
my $extensions_len = unpack('n', $remdata);
$remdata = substr($remdata, 2);
die "Extensions too long"
if ($certlen + 3 + $extensions_len + 2) > $certlistlen;
my $extension_data = "";
if ($extensions_len != 0) {
$extension_data = substr($remdata, 0, $extensions_len);
if (length($extension_data) != $extensions_len) {
die "Invalid extension length\n";
}
}
my %extensions = ();
while (length($extension_data) >= 4) {
my ($type, $size) = unpack("nn", $extension_data);
my $extdata = substr($extension_data, 4, $size);
$extension_data = substr($extension_data, 4 + $size);
$extensions{$type} = $extdata;
}
$remdata = substr($remdata, $extensions_len);
$self->context($context);
$self->first_certificate($certdata);
$self->extension_data(\%extensions);
$self->remaining_certdata($remdata);
print " Context:".$context."\n";
print " Certificate List Len:".$certlistlen."\n";
print " Certificate Len:".$certlen."\n";
print " Extensions Len:".$extensions_len."\n";
} else {
my ($hicertlistlen, $certlistlen) = unpack('Cn', $self->data);
$certlistlen += ($hicertlistlen << 16);
my $remdata = substr($self->data, 3);
die "Invalid Certificate List length"
if length($remdata) != $certlistlen;
my ($hicertlen, $certlen) = unpack('Cn', $remdata);
$certlen += ($hicertlen << 16);
die "Certificate too long" if ($certlen + 3) > $certlistlen;
$remdata = substr($remdata, 3);
my $certdata = substr($remdata, 0, $certlen);
$remdata = substr($remdata, $certlen);
$self->first_certificate($certdata);
$self->remaining_certdata($remdata);
print " Certificate List Len:".$certlistlen."\n";
print " Certificate Len:".$certlen."\n";
}
}
#Reconstruct the on-the-wire message data following changes
sub set_message_contents
{
my $self = shift;
my $data;
my $extensions = "";
if (TLSProxy::Proxy->is_tls13()) {
foreach my $key (keys %{$self->extension_data}) {
my $extdata = ${$self->extension_data}{$key};
$extensions .= pack("n", $key);
$extensions .= pack("n", length($extdata));
$extensions .= $extdata;
}
$data = pack('C', length($self->context()));
$data .= $self->context;
my $certlen = length($self->first_certificate);
my $certlistlen = $certlen + length($extensions)
+ length($self->remaining_certdata);
my $hi = $certlistlen >> 16;
$certlistlen = $certlistlen & 0xffff;
$data .= pack('Cn', $hi, $certlistlen);
$hi = $certlen >> 16;
$certlen = $certlen & 0xffff;
$data .= pack('Cn', $hi, $certlen);
$data .= pack('n', length($extensions));
$data .= $extensions;
$data .= $self->remaining_certdata();
$self->data($data);
} else {
my $certlen = length($self->first_certificate);
my $certlistlen = $certlen + length($self->remaining_certdata);
my $hi = $certlistlen >> 16;
$certlistlen = $certlistlen & 0xffff;
$data .= pack('Cn', $hi, $certlistlen);
$hi = $certlen >> 16;
$certlen = $certlen & 0xffff;
$data .= pack('Cn', $hi, $certlen);
$data .= $self->remaining_certdata();
$self->data($data);
}
}
#Read/write accessors
sub context
{
my $self = shift;
if (@_) {
$self->{context} = shift;
}
return $self->{context};
}
sub first_certificate
{
my $self = shift;
if (@_) {
$self->{first_certificate} = shift;
}
return $self->{first_certificate};
}
sub remaining_certdata
{
my $self = shift;
if (@_) {
$self->{remaining_certdata} = shift;
}
return $self->{remaining_certdata};
}
sub extension_data
{
my $self = shift;
if (@_) {
$self->{extension_data} = shift;
}
return $self->{extension_data};
}
sub set_extension
{
my ($self, $ext_type, $ext_data) = @_;
$self->{extension_data}{$ext_type} = $ext_data;
}
sub delete_extension
{
my ($self, $ext_type) = @_;
delete $self->{extension_data}{$ext_type};
}
1;

View file

@ -0,0 +1,96 @@
# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
package TLSProxy::CertificateVerify;
use vars '@ISA';
push @ISA, 'TLSProxy::Message';
sub new
{
my $class = shift;
my ($server,
$data,
$records,
$startoffset,
$message_frag_lens) = @_;
my $self = $class->SUPER::new(
$server,
TLSProxy::Message::MT_CERTIFICATE_VERIFY,
$data,
$records,
$startoffset,
$message_frag_lens);
$self->{sigalg} = -1;
$self->{signature} = "";
return $self;
}
sub parse
{
my $self = shift;
my $sigalg = -1;
my $remdata = $self->data;
my $record = ${$self->records}[0];
if (TLSProxy::Proxy->is_tls13()
|| $record->version() == TLSProxy::Record::VERS_TLS_1_2) {
$sigalg = unpack('n', $remdata);
$remdata = substr($remdata, 2);
}
my $siglen = unpack('n', substr($remdata, 0, 2));
my $sig = substr($remdata, 2);
die "Invalid CertificateVerify signature length" if length($sig) != $siglen;
print " SigAlg:".$sigalg."\n";
print " Signature Len:".$siglen."\n";
$self->sigalg($sigalg);
$self->signature($sig);
}
#Reconstruct the on-the-wire message data following changes
sub set_message_contents
{
my $self = shift;
my $data = "";
my $sig = $self->signature();
my $olddata = $self->data();
$data .= pack("n", $self->sigalg()) if ($self->sigalg() != -1);
$data .= pack("n", length($sig));
$data .= $sig;
$self->data($data);
}
#Read/write accessors
sub sigalg
{
my $self = shift;
if (@_) {
$self->{sigalg} = shift;
}
return $self->{sigalg};
}
sub signature
{
my $self = shift;
if (@_) {
$self->{signature} = shift;
}
return $self->{signature};
}
1;

View file

@ -0,0 +1,258 @@
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
package TLSProxy::ClientHello;
use vars '@ISA';
push @ISA, 'TLSProxy::Message';
sub new
{
my $class = shift;
my ($server,
$data,
$records,
$startoffset,
$message_frag_lens) = @_;
my $self = $class->SUPER::new(
$server,
1,
$data,
$records,
$startoffset,
$message_frag_lens);
$self->{client_version} = 0;
$self->{random} = [];
$self->{session_id_len} = 0;
$self->{session} = "";
$self->{ciphersuite_len} = 0;
$self->{ciphersuites} = [];
$self->{comp_meth_len} = 0;
$self->{comp_meths} = [];
$self->{extensions_len} = 0;
$self->{extension_data} = "";
return $self;
}
sub parse
{
my $self = shift;
my $ptr = 2;
my ($client_version) = unpack('n', $self->data);
my $random = substr($self->data, $ptr, 32);
$ptr += 32;
my $session_id_len = unpack('C', substr($self->data, $ptr));
$ptr++;
my $session = substr($self->data, $ptr, $session_id_len);
$ptr += $session_id_len;
my $ciphersuite_len = unpack('n', substr($self->data, $ptr));
$ptr += 2;
my @ciphersuites = unpack('n*', substr($self->data, $ptr,
$ciphersuite_len));
$ptr += $ciphersuite_len;
my $comp_meth_len = unpack('C', substr($self->data, $ptr));
$ptr++;
my @comp_meths = unpack('C*', substr($self->data, $ptr, $comp_meth_len));
$ptr += $comp_meth_len;
my $extensions_len = unpack('n', substr($self->data, $ptr));
$ptr += 2;
#For now we just deal with this as a block of data. In the future we will
#want to parse this
my $extension_data = substr($self->data, $ptr);
if (length($extension_data) != $extensions_len) {
die "Invalid extension length\n";
}
my %extensions = ();
while (length($extension_data) >= 4) {
my ($type, $size) = unpack("nn", $extension_data);
my $extdata = substr($extension_data, 4, $size);
$extension_data = substr($extension_data, 4 + $size);
$extensions{$type} = $extdata;
}
$self->client_version($client_version);
$self->random($random);
$self->session_id_len($session_id_len);
$self->session($session);
$self->ciphersuite_len($ciphersuite_len);
$self->ciphersuites(\@ciphersuites);
$self->comp_meth_len($comp_meth_len);
$self->comp_meths(\@comp_meths);
$self->extensions_len($extensions_len);
$self->extension_data(\%extensions);
$self->process_extensions();
print " Client Version:".$client_version."\n";
print " Session ID Len:".$session_id_len."\n";
print " Ciphersuite len:".$ciphersuite_len."\n";
print " Compression Method Len:".$comp_meth_len."\n";
print " Extensions Len:".$extensions_len."\n";
}
#Perform any actions necessary based on the extensions we've seen
sub process_extensions
{
my $self = shift;
my %extensions = %{$self->extension_data};
#Clear any state from a previous run
TLSProxy::Record->etm(0);
if (exists $extensions{TLSProxy::Message::EXT_ENCRYPT_THEN_MAC}) {
TLSProxy::Record->etm(1);
}
}
sub extension_contents
{
my $self = shift;
my $key = shift;
my $extension = "";
my $extdata = ${$self->extension_data}{$key};
$extension .= pack("n", $key);
$extension .= pack("n", length($extdata));
$extension .= $extdata;
return $extension;
}
#Reconstruct the on-the-wire message data following changes
sub set_message_contents
{
my $self = shift;
my $data;
my $extensions = "";
$data = pack('n', $self->client_version);
$data .= $self->random;
$data .= pack('C', $self->session_id_len);
$data .= $self->session;
$data .= pack('n', $self->ciphersuite_len);
$data .= pack("n*", @{$self->ciphersuites});
$data .= pack('C', $self->comp_meth_len);
$data .= pack("C*", @{$self->comp_meths});
foreach my $key (keys %{$self->extension_data}) {
next if ($key == TLSProxy::Message::EXT_PSK);
$extensions .= $self->extension_contents($key);
#Add extension twice if we are duplicating that extension
$extensions .= $self->extension_contents($key) if ($key == $self->dupext);
}
#PSK extension always goes last...
if (defined ${$self->extension_data}{TLSProxy::Message::EXT_PSK}) {
$extensions .= $self->extension_contents(TLSProxy::Message::EXT_PSK);
}
#unless we have EXT_FORCE_LAST
if (defined ${$self->extension_data}{TLSProxy::Message::EXT_FORCE_LAST}) {
$extensions .= $self->extension_contents(TLSProxy::Message::EXT_FORCE_LAST);
}
$data .= pack('n', length($extensions));
$data .= $extensions;
$self->data($data);
}
#Read/write accessors
sub client_version
{
my $self = shift;
if (@_) {
$self->{client_version} = shift;
}
return $self->{client_version};
}
sub random
{
my $self = shift;
if (@_) {
$self->{random} = shift;
}
return $self->{random};
}
sub session_id_len
{
my $self = shift;
if (@_) {
$self->{session_id_len} = shift;
}
return $self->{session_id_len};
}
sub session
{
my $self = shift;
if (@_) {
$self->{session} = shift;
}
return $self->{session};
}
sub ciphersuite_len
{
my $self = shift;
if (@_) {
$self->{ciphersuite_len} = shift;
}
return $self->{ciphersuite_len};
}
sub ciphersuites
{
my $self = shift;
if (@_) {
$self->{ciphersuites} = shift;
}
return $self->{ciphersuites};
}
sub comp_meth_len
{
my $self = shift;
if (@_) {
$self->{comp_meth_len} = shift;
}
return $self->{comp_meth_len};
}
sub comp_meths
{
my $self = shift;
if (@_) {
$self->{comp_meths} = shift;
}
return $self->{comp_meths};
}
sub extensions_len
{
my $self = shift;
if (@_) {
$self->{extensions_len} = shift;
}
return $self->{extensions_len};
}
sub extension_data
{
my $self = shift;
if (@_) {
$self->{extension_data} = shift;
}
return $self->{extension_data};
}
sub set_extension
{
my ($self, $ext_type, $ext_data) = @_;
$self->{extension_data}{$ext_type} = $ext_data;
}
sub delete_extension
{
my ($self, $ext_type) = @_;
delete $self->{extension_data}{$ext_type};
}
1;

View file

@ -0,0 +1,110 @@
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
package TLSProxy::EncryptedExtensions;
use vars '@ISA';
push @ISA, 'TLSProxy::Message';
sub new
{
my $class = shift;
my ($server,
$data,
$records,
$startoffset,
$message_frag_lens) = @_;
my $self = $class->SUPER::new(
$server,
TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS,
$data,
$records,
$startoffset,
$message_frag_lens);
$self->{extension_data} = "";
return $self;
}
sub parse
{
my $self = shift;
my $extensions_len = unpack('n', $self->data);
if (!defined $extensions_len) {
$extensions_len = 0;
}
my $extension_data;
if ($extensions_len != 0) {
$extension_data = substr($self->data, 2);
if (length($extension_data) != $extensions_len) {
die "Invalid extension length\n";
}
} else {
if (length($self->data) != 2) {
die "Invalid extension length\n";
}
$extension_data = "";
}
my %extensions = ();
while (length($extension_data) >= 4) {
my ($type, $size) = unpack("nn", $extension_data);
my $extdata = substr($extension_data, 4, $size);
$extension_data = substr($extension_data, 4 + $size);
$extensions{$type} = $extdata;
}
$self->extension_data(\%extensions);
print " Extensions Len:".$extensions_len."\n";
}
#Reconstruct the on-the-wire message data following changes
sub set_message_contents
{
my $self = shift;
my $data;
my $extensions = "";
foreach my $key (keys %{$self->extension_data}) {
my $extdata = ${$self->extension_data}{$key};
$extensions .= pack("n", $key);
$extensions .= pack("n", length($extdata));
$extensions .= $extdata;
}
$data = pack('n', length($extensions));
$data .= $extensions;
$self->data($data);
}
#Read/write accessors
sub extension_data
{
my $self = shift;
if (@_) {
$self->{extension_data} = shift;
}
return $self->{extension_data};
}
sub set_extension
{
my ($self, $ext_type, $ext_data) = @_;
$self->{extension_data}{$ext_type} = $ext_data;
}
sub delete_extension
{
my ($self, $ext_type) = @_;
delete $self->{extension_data}{$ext_type};
}
1;

View file

@ -0,0 +1,592 @@
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
package TLSProxy::Message;
use TLSProxy::Alert;
use constant TLS_MESSAGE_HEADER_LENGTH => 4;
#Message types
use constant {
MT_HELLO_REQUEST => 0,
MT_CLIENT_HELLO => 1,
MT_SERVER_HELLO => 2,
MT_NEW_SESSION_TICKET => 4,
MT_ENCRYPTED_EXTENSIONS => 8,
MT_CERTIFICATE => 11,
MT_SERVER_KEY_EXCHANGE => 12,
MT_CERTIFICATE_REQUEST => 13,
MT_SERVER_HELLO_DONE => 14,
MT_CERTIFICATE_VERIFY => 15,
MT_CLIENT_KEY_EXCHANGE => 16,
MT_FINISHED => 20,
MT_CERTIFICATE_STATUS => 22,
MT_NEXT_PROTO => 67
};
#Alert levels
use constant {
AL_LEVEL_WARN => 1,
AL_LEVEL_FATAL => 2
};
#Alert descriptions
use constant {
AL_DESC_CLOSE_NOTIFY => 0,
AL_DESC_UNEXPECTED_MESSAGE => 10,
AL_DESC_ILLEGAL_PARAMETER => 47,
AL_DESC_NO_RENEGOTIATION => 100
};
my %message_type = (
MT_HELLO_REQUEST, "HelloRequest",
MT_CLIENT_HELLO, "ClientHello",
MT_SERVER_HELLO, "ServerHello",
MT_NEW_SESSION_TICKET, "NewSessionTicket",
MT_ENCRYPTED_EXTENSIONS, "EncryptedExtensions",
MT_CERTIFICATE, "Certificate",
MT_SERVER_KEY_EXCHANGE, "ServerKeyExchange",
MT_CERTIFICATE_REQUEST, "CertificateRequest",
MT_SERVER_HELLO_DONE, "ServerHelloDone",
MT_CERTIFICATE_VERIFY, "CertificateVerify",
MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange",
MT_FINISHED, "Finished",
MT_CERTIFICATE_STATUS, "CertificateStatus",
MT_NEXT_PROTO, "NextProto"
);
use constant {
EXT_SERVER_NAME => 0,
EXT_MAX_FRAGMENT_LENGTH => 1,
EXT_STATUS_REQUEST => 5,
EXT_SUPPORTED_GROUPS => 10,
EXT_EC_POINT_FORMATS => 11,
EXT_SRP => 12,
EXT_SIG_ALGS => 13,
EXT_USE_SRTP => 14,
EXT_ALPN => 16,
EXT_SCT => 18,
EXT_PADDING => 21,
EXT_ENCRYPT_THEN_MAC => 22,
EXT_EXTENDED_MASTER_SECRET => 23,
EXT_SESSION_TICKET => 35,
EXT_KEY_SHARE => 51,
EXT_PSK => 41,
EXT_SUPPORTED_VERSIONS => 43,
EXT_COOKIE => 44,
EXT_PSK_KEX_MODES => 45,
EXT_POST_HANDSHAKE_AUTH => 49,
EXT_SIG_ALGS_CERT => 50,
EXT_RENEGOTIATE => 65281,
EXT_NPN => 13172,
EXT_CRYPTOPRO_BUG_EXTENSION => 0xfde8,
EXT_UNKNOWN => 0xfffe,
#Unknown extension that should appear last
EXT_FORCE_LAST => 0xffff
};
# SignatureScheme of TLS 1.3 from:
# https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-signaturescheme
# We have to manually grab the SHA224 equivalents from the old registry
use constant {
SIG_ALG_RSA_PKCS1_SHA256 => 0x0401,
SIG_ALG_RSA_PKCS1_SHA384 => 0x0501,
SIG_ALG_RSA_PKCS1_SHA512 => 0x0601,
SIG_ALG_ECDSA_SECP256R1_SHA256 => 0x0403,
SIG_ALG_ECDSA_SECP384R1_SHA384 => 0x0503,
SIG_ALG_ECDSA_SECP521R1_SHA512 => 0x0603,
SIG_ALG_RSA_PSS_RSAE_SHA256 => 0x0804,
SIG_ALG_RSA_PSS_RSAE_SHA384 => 0x0805,
SIG_ALG_RSA_PSS_RSAE_SHA512 => 0x0806,
SIG_ALG_ED25519 => 0x0807,
SIG_ALG_ED448 => 0x0808,
SIG_ALG_RSA_PSS_PSS_SHA256 => 0x0809,
SIG_ALG_RSA_PSS_PSS_SHA384 => 0x080a,
SIG_ALG_RSA_PSS_PSS_SHA512 => 0x080b,
SIG_ALG_RSA_PKCS1_SHA1 => 0x0201,
SIG_ALG_ECDSA_SHA1 => 0x0203,
SIG_ALG_DSA_SHA1 => 0x0202,
SIG_ALG_DSA_SHA256 => 0x0402,
SIG_ALG_DSA_SHA384 => 0x0502,
SIG_ALG_DSA_SHA512 => 0x0602,
OSSL_SIG_ALG_RSA_PKCS1_SHA224 => 0x0301,
OSSL_SIG_ALG_DSA_SHA224 => 0x0302,
OSSL_SIG_ALG_ECDSA_SHA224 => 0x0303
};
use constant {
CIPHER_RSA_WITH_AES_128_CBC_SHA => 0x002f,
CIPHER_DHE_RSA_AES_128_SHA => 0x0033,
CIPHER_ADH_AES_128_SHA => 0x0034,
CIPHER_TLS13_AES_128_GCM_SHA256 => 0x1301,
CIPHER_TLS13_AES_256_GCM_SHA384 => 0x1302
};
my $payload = "";
my $messlen = -1;
my $mt;
my $startoffset = -1;
my $server = 0;
my $success = 0;
my $end = 0;
my @message_rec_list = ();
my @message_frag_lens = ();
my $ciphersuite = 0;
my $successondata = 0;
my $alert;
sub clear
{
$payload = "";
$messlen = -1;
$startoffset = -1;
$server = 0;
$success = 0;
$end = 0;
$successondata = 0;
@message_rec_list = ();
@message_frag_lens = ();
$alert = undef;
}
#Class method to extract messages from a record
sub get_messages
{
my $class = shift;
my $serverin = shift;
my $record = shift;
my @messages = ();
my $message;
@message_frag_lens = ();
if ($serverin != $server && length($payload) != 0) {
die "Changed peer, but we still have fragment data\n";
}
$server = $serverin;
if ($record->content_type == TLSProxy::Record::RT_CCS) {
if ($payload ne "") {
#We can't handle this yet
die "CCS received before message data complete\n";
}
if (!TLSProxy::Proxy->is_tls13()) {
if ($server) {
TLSProxy::Record->server_encrypting(1);
} else {
TLSProxy::Record->client_encrypting(1);
}
}
} elsif ($record->content_type == TLSProxy::Record::RT_HANDSHAKE) {
if ($record->len == 0 || $record->len_real == 0) {
print " Message truncated\n";
} else {
my $recoffset = 0;
if (length $payload > 0) {
#We are continuing processing a message started in a previous
#record. Add this record to the list associated with this
#message
push @message_rec_list, $record;
if ($messlen <= length($payload)) {
#Shouldn't happen
die "Internal error: invalid messlen: ".$messlen
." payload length:".length($payload)."\n";
}
if (length($payload) + $record->decrypt_len >= $messlen) {
#We can complete the message with this record
$recoffset = $messlen - length($payload);
$payload .= substr($record->decrypt_data, 0, $recoffset);
push @message_frag_lens, $recoffset;
$message = create_message($server, $mt, $payload,
$startoffset);
push @messages, $message;
$payload = "";
} else {
#This is just part of the total message
$payload .= $record->decrypt_data;
$recoffset = $record->decrypt_len;
push @message_frag_lens, $record->decrypt_len;
}
print " Partial message data read: ".$recoffset." bytes\n";
}
while ($record->decrypt_len > $recoffset) {
#We are at the start of a new message
if ($record->decrypt_len - $recoffset < 4) {
#Whilst technically probably valid we can't cope with this
die "End of record in the middle of a message header\n";
}
@message_rec_list = ($record);
my $lenhi;
my $lenlo;
($mt, $lenhi, $lenlo) = unpack('CnC',
substr($record->decrypt_data,
$recoffset));
$messlen = ($lenhi << 8) | $lenlo;
print " Message type: $message_type{$mt}\n";
print " Message Length: $messlen\n";
$startoffset = $recoffset;
$recoffset += 4;
$payload = "";
if ($recoffset <= $record->decrypt_len) {
#Some payload data is present in this record
if ($record->decrypt_len - $recoffset >= $messlen) {
#We can complete the message with this record
$payload .= substr($record->decrypt_data, $recoffset,
$messlen);
$recoffset += $messlen;
push @message_frag_lens, $messlen;
$message = create_message($server, $mt, $payload,
$startoffset);
push @messages, $message;
$payload = "";
} else {
#This is just part of the total message
$payload .= substr($record->decrypt_data, $recoffset,
$record->decrypt_len - $recoffset);
$recoffset = $record->decrypt_len;
push @message_frag_lens, $recoffset;
}
}
}
}
} elsif ($record->content_type == TLSProxy::Record::RT_APPLICATION_DATA) {
print " [ENCRYPTED APPLICATION DATA]\n";
print " [".$record->decrypt_data."]\n";
if ($successondata) {
$success = 1;
$end = 1;
}
} elsif ($record->content_type == TLSProxy::Record::RT_ALERT) {
my ($alertlev, $alertdesc) = unpack('CC', $record->decrypt_data);
print " [$alertlev, $alertdesc]\n";
#A CloseNotify from the client indicates we have finished successfully
#(we assume)
if (!$end && !$server && $alertlev == AL_LEVEL_WARN
&& $alertdesc == AL_DESC_CLOSE_NOTIFY) {
$success = 1;
}
#Fatal or close notify alerts end the test
if ($alertlev == AL_LEVEL_FATAL || $alertdesc == AL_DESC_CLOSE_NOTIFY) {
$end = 1;
}
$alert = TLSProxy::Alert->new(
$server,
$record->encrypted,
$alertlev,
$alertdesc);
}
return @messages;
}
#Function to work out which sub-class we need to create and then
#construct it
sub create_message
{
my ($server, $mt, $data, $startoffset) = @_;
my $message;
#We only support ClientHello in this version...needs to be extended for
#others
if ($mt == MT_CLIENT_HELLO) {
$message = TLSProxy::ClientHello->new(
$server,
$data,
[@message_rec_list],
$startoffset,
[@message_frag_lens]
);
$message->parse();
} elsif ($mt == MT_SERVER_HELLO) {
$message = TLSProxy::ServerHello->new(
$server,
$data,
[@message_rec_list],
$startoffset,
[@message_frag_lens]
);
$message->parse();
} elsif ($mt == MT_ENCRYPTED_EXTENSIONS) {
$message = TLSProxy::EncryptedExtensions->new(
$server,
$data,
[@message_rec_list],
$startoffset,
[@message_frag_lens]
);
$message->parse();
} elsif ($mt == MT_CERTIFICATE) {
$message = TLSProxy::Certificate->new(
$server,
$data,
[@message_rec_list],
$startoffset,
[@message_frag_lens]
);
$message->parse();
} elsif ($mt == MT_CERTIFICATE_VERIFY) {
$message = TLSProxy::CertificateVerify->new(
$server,
$data,
[@message_rec_list],
$startoffset,
[@message_frag_lens]
);
$message->parse();
} elsif ($mt == MT_SERVER_KEY_EXCHANGE) {
$message = TLSProxy::ServerKeyExchange->new(
$server,
$data,
[@message_rec_list],
$startoffset,
[@message_frag_lens]
);
$message->parse();
} elsif ($mt == MT_NEW_SESSION_TICKET) {
$message = TLSProxy::NewSessionTicket->new(
$server,
$data,
[@message_rec_list],
$startoffset,
[@message_frag_lens]
);
$message->parse();
} else {
#Unknown message type
$message = TLSProxy::Message->new(
$server,
$mt,
$data,
[@message_rec_list],
$startoffset,
[@message_frag_lens]
);
}
return $message;
}
sub end
{
my $class = shift;
return $end;
}
sub success
{
my $class = shift;
return $success;
}
sub fail
{
my $class = shift;
return !$success && $end;
}
sub alert
{
return $alert;
}
sub new
{
my $class = shift;
my ($server,
$mt,
$data,
$records,
$startoffset,
$message_frag_lens) = @_;
my $self = {
server => $server,
data => $data,
records => $records,
mt => $mt,
startoffset => $startoffset,
message_frag_lens => $message_frag_lens,
dupext => -1
};
return bless $self, $class;
}
sub ciphersuite
{
my $class = shift;
if (@_) {
$ciphersuite = shift;
}
return $ciphersuite;
}
#Update all the underlying records with the modified data from this message
#Note: Only supports re-encrypting for TLSv1.3
sub repack
{
my $self = shift;
my $msgdata;
my $numrecs = $#{$self->records};
$self->set_message_contents();
my $lenhi;
my $lenlo;
$lenlo = length($self->data) & 0xff;
$lenhi = length($self->data) >> 8;
$msgdata = pack('CnC', $self->mt, $lenhi, $lenlo).$self->data;
if ($numrecs == 0) {
#The message is fully contained within one record
my ($rec) = @{$self->records};
my $recdata = $rec->decrypt_data;
my $old_length;
# We use empty message_frag_lens to indicates that pre-repacking,
# the message wasn't present. The first fragment length doesn't include
# the TLS header, so we need to check and compute the right length.
if (@{$self->message_frag_lens}) {
$old_length = ${$self->message_frag_lens}[0] +
TLS_MESSAGE_HEADER_LENGTH;
} else {
$old_length = 0;
}
my $prefix = substr($recdata, 0, $self->startoffset);
my $suffix = substr($recdata, $self->startoffset + $old_length);
$rec->decrypt_data($prefix.($msgdata).($suffix));
# TODO(openssl-team): don't keep explicit lengths.
# (If a length override is ever needed to construct invalid packets,
# use an explicit override field instead.)
$rec->decrypt_len(length($rec->decrypt_data));
$rec->len($rec->len + length($msgdata) - $old_length);
# Only support re-encryption for TLSv1.3.
if (TLSProxy::Proxy->is_tls13() && $rec->encrypted()) {
#Add content type (1 byte) and 16 tag bytes
$rec->data($rec->decrypt_data
.pack("C", TLSProxy::Record::RT_HANDSHAKE).("\0"x16));
} else {
$rec->data($rec->decrypt_data);
}
#Update the fragment len in case we changed it above
${$self->message_frag_lens}[0] = length($msgdata)
- TLS_MESSAGE_HEADER_LENGTH;
return;
}
#Note we don't currently support changing a fragmented message length
my $recctr = 0;
my $datadone = 0;
foreach my $rec (@{$self->records}) {
my $recdata = $rec->decrypt_data;
if ($recctr == 0) {
#This is the first record
my $remainlen = length($recdata) - $self->startoffset;
$rec->data(substr($recdata, 0, $self->startoffset)
.substr(($msgdata), 0, $remainlen));
$datadone += $remainlen;
} elsif ($recctr + 1 == $numrecs) {
#This is the last record
$rec->data(substr($msgdata, $datadone));
} else {
#This is a middle record
$rec->data(substr($msgdata, $datadone, length($rec->data)));
$datadone += length($rec->data);
}
$recctr++;
}
}
#To be overridden by sub-classes
sub set_message_contents
{
}
#Read only accessors
sub server
{
my $self = shift;
return $self->{server};
}
#Read/write accessors
sub mt
{
my $self = shift;
if (@_) {
$self->{mt} = shift;
}
return $self->{mt};
}
sub data
{
my $self = shift;
if (@_) {
$self->{data} = shift;
}
return $self->{data};
}
sub records
{
my $self = shift;
if (@_) {
$self->{records} = shift;
}
return $self->{records};
}
sub startoffset
{
my $self = shift;
if (@_) {
$self->{startoffset} = shift;
}
return $self->{startoffset};
}
sub message_frag_lens
{
my $self = shift;
if (@_) {
$self->{message_frag_lens} = shift;
}
return $self->{message_frag_lens};
}
sub encoded_length
{
my $self = shift;
return TLS_MESSAGE_HEADER_LENGTH + length($self->data);
}
sub dupext
{
my $self = shift;
if (@_) {
$self->{dupext} = shift;
}
return $self->{dupext};
}
sub successondata
{
my $class = shift;
if (@_) {
$successondata = shift;
}
return $successondata;
}
1;

View file

@ -0,0 +1,81 @@
# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
package TLSProxy::NewSessionTicket;
use vars '@ISA';
push @ISA, 'TLSProxy::Message';
sub new
{
my $class = shift;
my ($server,
$data,
$records,
$startoffset,
$message_frag_lens) = @_;
my $self = $class->SUPER::new(
$server,
TLSProxy::Message::MT_NEW_SESSION_TICKET,
$data,
$records,
$startoffset,
$message_frag_lens);
$self->{ticket_lifetime_hint} = 0;
$self->{ticket} = "";
return $self;
}
sub parse
{
my $self = shift;
my $ticket_lifetime_hint = unpack('N', $self->data);
my $ticket_len = unpack('n', $self->data);
my $ticket = substr($self->data, 6, $ticket_len);
$self->ticket_lifetime_hint($ticket_lifetime_hint);
$self->ticket($ticket);
}
#Reconstruct the on-the-wire message data following changes
sub set_message_contents
{
my $self = shift;
my $data;
$data = pack('N', $self->ticket_lifetime_hint);
$data .= pack('n', length($self->ticket));
$data .= $self->ticket;
$self->data($data);
}
#Read/write accessors
sub ticket_lifetime_hint
{
my $self = shift;
if (@_) {
$self->{ticket_lifetime_hint} = shift;
}
return $self->{ticket_lifetime_hint};
}
sub ticket
{
my $self = shift;
if (@_) {
$self->{ticket} = shift;
}
return $self->{ticket};
}
1;

View file

@ -0,0 +1,728 @@
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
use POSIX ":sys_wait_h";
package TLSProxy::Proxy;
use File::Spec;
use IO::Socket;
use IO::Select;
use TLSProxy::Record;
use TLSProxy::Message;
use TLSProxy::ClientHello;
use TLSProxy::ServerHello;
use TLSProxy::EncryptedExtensions;
use TLSProxy::Certificate;
use TLSProxy::CertificateVerify;
use TLSProxy::ServerKeyExchange;
use TLSProxy::NewSessionTicket;
my $have_IPv6;
my $IP_factory;
BEGIN
{
# IO::Socket::IP is on the core module list, IO::Socket::INET6 isn't.
# However, IO::Socket::INET6 is older and is said to be more widely
# deployed for the moment, and may have less bugs, so we try the latter
# first, then fall back on the core modules. Worst case scenario, we
# fall back to IO::Socket::INET, only supports IPv4.
eval {
require IO::Socket::INET6;
my $s = IO::Socket::INET6->new(
LocalAddr => "::1",
LocalPort => 0,
Listen=>1,
);
$s or die "\n";
$s->close();
};
if ($@ eq "") {
$IP_factory = sub { IO::Socket::INET6->new(Domain => AF_INET6, @_); };
$have_IPv6 = 1;
} else {
eval {
require IO::Socket::IP;
my $s = IO::Socket::IP->new(
LocalAddr => "::1",
LocalPort => 0,
Listen=>1,
);
$s or die "\n";
$s->close();
};
if ($@ eq "") {
$IP_factory = sub { IO::Socket::IP->new(@_); };
$have_IPv6 = 1;
} else {
$IP_factory = sub { IO::Socket::INET->new(@_); };
$have_IPv6 = 0;
}
}
}
my $is_tls13 = 0;
my $ciphersuite = undef;
sub new
{
my $class = shift;
my ($filter,
$execute,
$cert,
$debug) = @_;
my $self = {
#Public read/write
proxy_addr => $have_IPv6 ? "[::1]" : "127.0.0.1",
filter => $filter,
serverflags => "",
clientflags => "",
serverconnects => 1,
reneg => 0,
sessionfile => undef,
#Public read
proxy_port => 0,
server_port => 0,
serverpid => 0,
clientpid => 0,
execute => $execute,
cert => $cert,
debug => $debug,
cipherc => "",
ciphersuitesc => "",
ciphers => "AES128-SHA",
ciphersuitess => "TLS_AES_128_GCM_SHA256",
flight => -1,
direction => -1,
partial => ["", ""],
record_list => [],
message_list => [],
};
# Create the Proxy socket
my $proxaddr = $self->{proxy_addr};
$proxaddr =~ s/[\[\]]//g; # Remove [ and ]
my @proxyargs = (
LocalHost => $proxaddr,
LocalPort => 0,
Proto => "tcp",
Listen => SOMAXCONN,
);
if (my $sock = $IP_factory->(@proxyargs)) {
$self->{proxy_sock} = $sock;
$self->{proxy_port} = $sock->sockport();
$self->{proxy_addr} = $sock->sockhost();
$self->{proxy_addr} =~ s/(.*:.*)/[$1]/;
print "Proxy started on port ",
"$self->{proxy_addr}:$self->{proxy_port}\n";
# use same address for s_server
$self->{server_addr} = $self->{proxy_addr};
} else {
warn "Failed creating proxy socket (".$proxaddr.",0): $!\n";
}
return bless $self, $class;
}
sub DESTROY
{
my $self = shift;
$self->{proxy_sock}->close() if $self->{proxy_sock};
}
sub clearClient
{
my $self = shift;
$self->{cipherc} = "";
$self->{ciphersuitec} = "";
$self->{flight} = -1;
$self->{direction} = -1;
$self->{partial} = ["", ""];
$self->{record_list} = [];
$self->{message_list} = [];
$self->{clientflags} = "";
$self->{sessionfile} = undef;
$self->{clientpid} = 0;
$is_tls13 = 0;
$ciphersuite = undef;
TLSProxy::Message->clear();
TLSProxy::Record->clear();
}
sub clear
{
my $self = shift;
$self->clearClient;
$self->{ciphers} = "AES128-SHA";
$self->{ciphersuitess} = "TLS_AES_128_GCM_SHA256";
$self->{serverflags} = "";
$self->{serverconnects} = 1;
$self->{serverpid} = 0;
$self->{reneg} = 0;
}
sub restart
{
my $self = shift;
$self->clear;
$self->start;
}
sub clientrestart
{
my $self = shift;
$self->clear;
$self->clientstart;
}
sub connect_to_server
{
my $self = shift;
my $servaddr = $self->{server_addr};
$servaddr =~ s/[\[\]]//g; # Remove [ and ]
my $sock = $IP_factory->(PeerAddr => $servaddr,
PeerPort => $self->{server_port},
Proto => 'tcp');
if (!defined($sock)) {
my $err = $!;
kill(3, $self->{real_serverpid});
die "unable to connect: $err\n";
}
$self->{server_sock} = $sock;
}
sub start
{
my ($self) = shift;
my $pid;
if ($self->{proxy_sock} == 0) {
return 0;
}
my $execcmd = $self->execute
." s_server -max_protocol TLSv1.3 -no_comp -rev -engine ossltest"
#In TLSv1.3 we issue two session tickets. The default session id
#callback gets confused because the ossltest engine causes the same
#session id to be created twice due to the changed random number
#generation. Using "-ext_cache" replaces the default callback with a
#different one that doesn't get confused.
." -ext_cache"
." -accept $self->{server_addr}:0"
." -cert ".$self->cert." -cert2 ".$self->cert
." -naccept ".$self->serverconnects;
if ($self->ciphers ne "") {
$execcmd .= " -cipher ".$self->ciphers;
}
if ($self->ciphersuitess ne "") {
$execcmd .= " -ciphersuites ".$self->ciphersuitess;
}
if ($self->serverflags ne "") {
$execcmd .= " ".$self->serverflags;
}
if ($self->debug) {
print STDERR "Server command: $execcmd\n";
}
open(my $savedin, "<&STDIN");
# Temporarily replace STDIN so that sink process can inherit it...
$pid = open(STDIN, "$execcmd 2>&1 |") or die "Failed to $execcmd: $!\n";
$self->{real_serverpid} = $pid;
# Process the output from s_server until we find the ACCEPT line, which
# tells us what the accepting address and port are.
while (<>) {
print;
s/\R$//; # Better chomp
next unless (/^ACCEPT\s.*:(\d+)$/);
$self->{server_port} = $1;
last;
}
if ($self->{server_port} == 0) {
# This actually means that s_server exited, because otherwise
# we would still searching for ACCEPT...
waitpid($pid, 0);
die "no ACCEPT detected in '$execcmd' output: $?\n";
}
# Just make sure everything else is simply printed [as separate lines].
# The sub process simply inherits our STD* and will keep consuming
# server's output and printing it as long as there is anything there,
# out of our way.
my $error;
$pid = undef;
if (eval { require Win32::Process; 1; }) {
if (Win32::Process::Create(my $h, $^X, "perl -ne print", 0, 0, ".")) {
$pid = $h->GetProcessID();
$self->{proc_handle} = $h; # hold handle till next round [or exit]
} else {
$error = Win32::FormatMessage(Win32::GetLastError());
}
} else {
if (defined($pid = fork)) {
$pid or exec("$^X -ne print") or exit($!);
} else {
$error = $!;
}
}
# Change back to original stdin
open(STDIN, "<&", $savedin);
close($savedin);
if (!defined($pid)) {
kill(3, $self->{real_serverpid});
die "Failed to capture s_server's output: $error\n";
}
$self->{serverpid} = $pid;
print STDERR "Server responds on ",
"$self->{server_addr}:$self->{server_port}\n";
# Connect right away...
$self->connect_to_server();
return $self->clientstart;
}
sub clientstart
{
my ($self) = shift;
if ($self->execute) {
my $pid;
my $execcmd = $self->execute
." s_client -max_protocol TLSv1.3 -engine ossltest"
." -connect $self->{proxy_addr}:$self->{proxy_port}";
if ($self->cipherc ne "") {
$execcmd .= " -cipher ".$self->cipherc;
}
if ($self->ciphersuitesc ne "") {
$execcmd .= " -ciphersuites ".$self->ciphersuitesc;
}
if ($self->clientflags ne "") {
$execcmd .= " ".$self->clientflags;
}
if ($self->clientflags !~ m/-(no)?servername/) {
$execcmd .= " -servername localhost";
}
if (defined $self->sessionfile) {
$execcmd .= " -ign_eof";
}
if ($self->debug) {
print STDERR "Client command: $execcmd\n";
}
open(my $savedout, ">&STDOUT");
# If we open pipe with new descriptor, attempt to close it,
# explicitly or implicitly, would incur waitpid and effectively
# dead-lock...
if (!($pid = open(STDOUT, "| $execcmd"))) {
my $err = $!;
kill(3, $self->{real_serverpid});
die "Failed to $execcmd: $err\n";
}
$self->{clientpid} = $pid;
# queue [magic] input
print $self->reneg ? "R" : "test";
# this closes client's stdin without waiting for its pid
open(STDOUT, ">&", $savedout);
close($savedout);
}
# Wait for incoming connection from client
my $fdset = IO::Select->new($self->{proxy_sock});
if (!$fdset->can_read(60)) {
kill(3, $self->{real_serverpid});
die "s_client didn't try to connect\n";
}
my $client_sock;
if(!($client_sock = $self->{proxy_sock}->accept())) {
warn "Failed accepting incoming connection: $!\n";
return 0;
}
print "Connection opened\n";
my $server_sock = $self->{server_sock};
my $indata;
#Wait for either the server socket or the client socket to become readable
$fdset = IO::Select->new($server_sock, $client_sock);
my @ready;
my $ctr = 0;
local $SIG{PIPE} = "IGNORE";
$self->{saw_session_ticket} = undef;
while($fdset->count && $ctr < 10) {
if (defined($self->{sessionfile})) {
# s_client got -ign_eof and won't be exiting voluntarily, so we
# look for data *and* session ticket...
last if TLSProxy::Message->success()
&& $self->{saw_session_ticket};
}
if (!(@ready = $fdset->can_read(1))) {
$ctr++;
next;
}
foreach my $hand (@ready) {
if ($hand == $server_sock) {
if ($server_sock->sysread($indata, 16384)) {
if ($indata = $self->process_packet(1, $indata)) {
$client_sock->syswrite($indata) or goto END;
}
$ctr = 0;
} else {
$fdset->remove($server_sock);
$client_sock->shutdown(SHUT_WR);
}
} elsif ($hand == $client_sock) {
if ($client_sock->sysread($indata, 16384)) {
if ($indata = $self->process_packet(0, $indata)) {
$server_sock->syswrite($indata) or goto END;
}
$ctr = 0;
} else {
$fdset->remove($client_sock);
$server_sock->shutdown(SHUT_WR);
}
} else {
kill(3, $self->{real_serverpid});
die "Unexpected handle";
}
}
}
if ($ctr >= 10) {
kill(3, $self->{real_serverpid});
die "No progress made";
}
END:
print "Connection closed\n";
if($server_sock) {
$server_sock->close();
$self->{server_sock} = undef;
}
if($client_sock) {
#Closing this also kills the child process
$client_sock->close();
}
my $pid;
if (--$self->{serverconnects} == 0) {
$pid = $self->{serverpid};
print "Waiting for 'perl -ne print' process to close: $pid...\n";
$pid = waitpid($pid, 0);
if ($pid > 0) {
die "exit code $? from 'perl -ne print' process\n" if $? != 0;
} elsif ($pid == 0) {
kill(3, $self->{real_serverpid});
die "lost control over $self->{serverpid}?";
}
$pid = $self->{real_serverpid};
print "Waiting for s_server process to close: $pid...\n";
# it's done already, just collect the exit code [and reap]...
waitpid($pid, 0);
die "exit code $? from s_server process\n" if $? != 0;
} else {
# It's a bit counter-intuitive spot to make next connection to
# the s_server. Rationale is that established connection works
# as syncronization point, in sense that this way we know that
# s_server is actually done with current session...
$self->connect_to_server();
}
$pid = $self->{clientpid};
print "Waiting for s_client process to close: $pid...\n";
waitpid($pid, 0);
return 1;
}
sub process_packet
{
my ($self, $server, $packet) = @_;
my $len_real;
my $decrypt_len;
my $data;
my $recnum;
if ($server) {
print "Received server packet\n";
} else {
print "Received client packet\n";
}
if ($self->{direction} != $server) {
$self->{flight} = $self->{flight} + 1;
$self->{direction} = $server;
}
print "Packet length = ".length($packet)."\n";
print "Processing flight ".$self->flight."\n";
#Return contains the list of record found in the packet followed by the
#list of messages in those records and any partial message
my @ret = TLSProxy::Record->get_records($server, $self->flight,
$self->{partial}[$server].$packet);
$self->{partial}[$server] = $ret[2];
push @{$self->{record_list}}, @{$ret[0]};
push @{$self->{message_list}}, @{$ret[1]};
print "\n";
if (scalar(@{$ret[0]}) == 0 or length($ret[2]) != 0) {
return "";
}
#Finished parsing. Call user provided filter here
if (defined $self->filter) {
$self->filter->($self);
}
#Take a note on NewSessionTicket
foreach my $message (reverse @{$self->{message_list}}) {
if ($message->{mt} == TLSProxy::Message::MT_NEW_SESSION_TICKET) {
$self->{saw_session_ticket} = 1;
last;
}
}
#Reconstruct the packet
$packet = "";
foreach my $record (@{$self->record_list}) {
$packet .= $record->reconstruct_record($server);
}
print "Forwarded packet length = ".length($packet)."\n\n";
return $packet;
}
#Read accessors
sub execute
{
my $self = shift;
return $self->{execute};
}
sub cert
{
my $self = shift;
return $self->{cert};
}
sub debug
{
my $self = shift;
return $self->{debug};
}
sub flight
{
my $self = shift;
return $self->{flight};
}
sub record_list
{
my $self = shift;
return $self->{record_list};
}
sub success
{
my $self = shift;
return $self->{success};
}
sub end
{
my $self = shift;
return $self->{end};
}
sub supports_IPv6
{
my $self = shift;
return $have_IPv6;
}
sub proxy_addr
{
my $self = shift;
return $self->{proxy_addr};
}
sub proxy_port
{
my $self = shift;
return $self->{proxy_port};
}
sub server_addr
{
my $self = shift;
return $self->{server_addr};
}
sub server_port
{
my $self = shift;
return $self->{server_port};
}
sub serverpid
{
my $self = shift;
return $self->{serverpid};
}
sub clientpid
{
my $self = shift;
return $self->{clientpid};
}
#Read/write accessors
sub filter
{
my $self = shift;
if (@_) {
$self->{filter} = shift;
}
return $self->{filter};
}
sub cipherc
{
my $self = shift;
if (@_) {
$self->{cipherc} = shift;
}
return $self->{cipherc};
}
sub ciphersuitesc
{
my $self = shift;
if (@_) {
$self->{ciphersuitesc} = shift;
}
return $self->{ciphersuitesc};
}
sub ciphers
{
my $self = shift;
if (@_) {
$self->{ciphers} = shift;
}
return $self->{ciphers};
}
sub ciphersuitess
{
my $self = shift;
if (@_) {
$self->{ciphersuitess} = shift;
}
return $self->{ciphersuitess};
}
sub serverflags
{
my $self = shift;
if (@_) {
$self->{serverflags} = shift;
}
return $self->{serverflags};
}
sub clientflags
{
my $self = shift;
if (@_) {
$self->{clientflags} = shift;
}
return $self->{clientflags};
}
sub serverconnects
{
my $self = shift;
if (@_) {
$self->{serverconnects} = shift;
}
return $self->{serverconnects};
}
# This is a bit ugly because the caller is responsible for keeping the records
# in sync with the updated message list; simply updating the message list isn't
# sufficient to get the proxy to forward the new message.
# But it does the trick for the one test (test_sslsessiontick) that needs it.
sub message_list
{
my $self = shift;
if (@_) {
$self->{message_list} = shift;
}
return $self->{message_list};
}
sub fill_known_data
{
my $length = shift;
my $ret = "";
for (my $i = 0; $i < $length; $i++) {
$ret .= chr($i);
}
return $ret;
}
sub is_tls13
{
my $class = shift;
if (@_) {
$is_tls13 = shift;
}
return $is_tls13;
}
sub reneg
{
my $self = shift;
if (@_) {
$self->{reneg} = shift;
}
return $self->{reneg};
}
#Setting a sessionfile means that the client will not close until the given
#file exists. This is useful in TLSv1.3 where otherwise s_client will close
#immediately at the end of the handshake, but before the session has been
#received from the server. A side effect of this is that s_client never sends
#a close_notify, so instead we consider success to be when it sends application
#data over the connection.
sub sessionfile
{
my $self = shift;
if (@_) {
$self->{sessionfile} = shift;
TLSProxy::Message->successondata(1);
}
return $self->{sessionfile};
}
sub ciphersuite
{
my $class = shift;
if (@_) {
$ciphersuite = shift;
}
return $ciphersuite;
}
1;

View file

@ -0,0 +1,401 @@
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
use TLSProxy::Proxy;
package TLSProxy::Record;
my $server_encrypting = 0;
my $client_encrypting = 0;
my $etm = 0;
use constant TLS_RECORD_HEADER_LENGTH => 5;
#Record types
use constant {
RT_APPLICATION_DATA => 23,
RT_HANDSHAKE => 22,
RT_ALERT => 21,
RT_CCS => 20,
RT_UNKNOWN => 100
};
my %record_type = (
RT_APPLICATION_DATA, "APPLICATION DATA",
RT_HANDSHAKE, "HANDSHAKE",
RT_ALERT, "ALERT",
RT_CCS, "CCS",
RT_UNKNOWN, "UNKNOWN"
);
use constant {
VERS_TLS_1_4 => 0x0305,
VERS_TLS_1_3 => 0x0304,
VERS_TLS_1_2 => 0x0303,
VERS_TLS_1_1 => 0x0302,
VERS_TLS_1_0 => 0x0301,
VERS_SSL_3_0 => 0x0300,
VERS_SSL_LT_3_0 => 0x02ff
};
my %tls_version = (
VERS_TLS_1_3, "TLS1.3",
VERS_TLS_1_2, "TLS1.2",
VERS_TLS_1_1, "TLS1.1",
VERS_TLS_1_0, "TLS1.0",
VERS_SSL_3_0, "SSL3",
VERS_SSL_LT_3_0, "SSL<3"
);
#Class method to extract records from a packet of data
sub get_records
{
my $class = shift;
my $server = shift;
my $flight = shift;
my $packet = shift;
my $partial = "";
my @record_list = ();
my @message_list = ();
my $recnum = 1;
while (length ($packet) > 0) {
print " Record $recnum ", $server ? "(server -> client)\n"
: "(client -> server)\n";
#Get the record header (unpack can't fail if $packet is too short)
my ($content_type, $version, $len) = unpack('Cnn', $packet);
if (length($packet) < TLS_RECORD_HEADER_LENGTH + ($len // 0)) {
print "Partial data : ".length($packet)." bytes\n";
$partial = $packet;
last;
}
my $data = substr($packet, TLS_RECORD_HEADER_LENGTH, $len);
print " Content type: ".$record_type{$content_type}."\n";
print " Version: $tls_version{$version}\n";
print " Length: $len\n";
my $record = TLSProxy::Record->new(
$flight,
$content_type,
$version,
$len,
0,
$len, # len_real
$len, # decrypt_len
$data, # data
$data # decrypt_data
);
if ($content_type != RT_CCS
&& (!TLSProxy::Proxy->is_tls13()
|| $content_type != RT_ALERT)) {
if (($server && $server_encrypting)
|| (!$server && $client_encrypting)) {
if (!TLSProxy::Proxy->is_tls13() && $etm) {
$record->decryptETM();
} else {
$record->decrypt();
}
$record->encrypted(1);
if (TLSProxy::Proxy->is_tls13()) {
print " Inner content type: "
.$record_type{$record->content_type()}."\n";
}
}
}
push @record_list, $record;
#Now figure out what messages are contained within this record
my @messages = TLSProxy::Message->get_messages($server, $record);
push @message_list, @messages;
$packet = substr($packet, TLS_RECORD_HEADER_LENGTH + $len);
$recnum++;
}
return (\@record_list, \@message_list, $partial);
}
sub clear
{
$server_encrypting = 0;
$client_encrypting = 0;
}
#Class level accessors
sub server_encrypting
{
my $class = shift;
if (@_) {
$server_encrypting = shift;
}
return $server_encrypting;
}
sub client_encrypting
{
my $class = shift;
if (@_) {
$client_encrypting= shift;
}
return $client_encrypting;
}
#Enable/Disable Encrypt-then-MAC
sub etm
{
my $class = shift;
if (@_) {
$etm = shift;
}
return $etm;
}
sub new
{
my $class = shift;
my ($flight,
$content_type,
$version,
$len,
$sslv2,
$len_real,
$decrypt_len,
$data,
$decrypt_data) = @_;
my $self = {
flight => $flight,
content_type => $content_type,
version => $version,
len => $len,
sslv2 => $sslv2,
len_real => $len_real,
decrypt_len => $decrypt_len,
data => $data,
decrypt_data => $decrypt_data,
orig_decrypt_data => $decrypt_data,
sent => 0,
encrypted => 0,
outer_content_type => RT_APPLICATION_DATA
};
return bless $self, $class;
}
#Decrypt using encrypt-then-MAC
sub decryptETM
{
my ($self) = shift;
my $data = $self->data;
if($self->version >= VERS_TLS_1_1()) {
#TLS1.1+ has an explicit IV. Throw it away
$data = substr($data, 16);
}
#Throw away the MAC (assumes MAC is 20 bytes for now. FIXME)
$data = substr($data, 0, length($data) - 20);
#Find out what the padding byte is
my $padval = unpack("C", substr($data, length($data) - 1));
#Throw away the padding
$data = substr($data, 0, length($data) - ($padval + 1));
$self->decrypt_data($data);
$self->decrypt_len(length($data));
return $data;
}
#Standard decrypt
sub decrypt()
{
my ($self) = shift;
my $mactaglen = 20;
my $data = $self->data;
#Throw away any IVs
if (TLSProxy::Proxy->is_tls13()) {
#A TLS1.3 client, when processing the server's initial flight, could
#respond with either an encrypted or an unencrypted alert.
if ($self->content_type() == RT_ALERT) {
#TODO(TLS1.3): Eventually it is sufficient just to check the record
#content type. If an alert is encrypted it will have a record
#content type of application data. However we haven't done the
#record layer changes yet, so it's a bit more complicated. For now
#we will additionally check if the data length is 2 (1 byte for
#alert level, 1 byte for alert description). If it is, then this is
#an unencrypted alert, so don't try to decrypt
return $data if (length($data) == 2);
}
$mactaglen = 16;
} elsif ($self->version >= VERS_TLS_1_1()) {
#16 bytes for a standard IV
$data = substr($data, 16);
#Find out what the padding byte is
my $padval = unpack("C", substr($data, length($data) - 1));
#Throw away the padding
$data = substr($data, 0, length($data) - ($padval + 1));
}
#Throw away the MAC or TAG
$data = substr($data, 0, length($data) - $mactaglen);
if (TLSProxy::Proxy->is_tls13()) {
#Get the content type
my $content_type = unpack("C", substr($data, length($data) - 1));
$self->content_type($content_type);
$data = substr($data, 0, length($data) - 1);
}
$self->decrypt_data($data);
$self->decrypt_len(length($data));
return $data;
}
#Reconstruct the on-the-wire record representation
sub reconstruct_record
{
my $self = shift;
my $server = shift;
my $data;
#We only replay the records in the same direction
if ($self->{sent} || ($self->flight & 1) != $server) {
return "";
}
$self->{sent} = 1;
if ($self->sslv2) {
$data = pack('n', $self->len | 0x8000);
} else {
if (TLSProxy::Proxy->is_tls13() && $self->encrypted) {
$data = pack('Cnn', $self->outer_content_type, $self->version,
$self->len);
} else {
$data = pack('Cnn', $self->content_type, $self->version,
$self->len);
}
}
$data .= $self->data;
return $data;
}
#Read only accessors
sub flight
{
my $self = shift;
return $self->{flight};
}
sub sslv2
{
my $self = shift;
return $self->{sslv2};
}
sub len_real
{
my $self = shift;
return $self->{len_real};
}
sub orig_decrypt_data
{
my $self = shift;
return $self->{orig_decrypt_data};
}
#Read/write accessors
sub decrypt_len
{
my $self = shift;
if (@_) {
$self->{decrypt_len} = shift;
}
return $self->{decrypt_len};
}
sub data
{
my $self = shift;
if (@_) {
$self->{data} = shift;
}
return $self->{data};
}
sub decrypt_data
{
my $self = shift;
if (@_) {
$self->{decrypt_data} = shift;
}
return $self->{decrypt_data};
}
sub len
{
my $self = shift;
if (@_) {
$self->{len} = shift;
}
return $self->{len};
}
sub version
{
my $self = shift;
if (@_) {
$self->{version} = shift;
}
return $self->{version};
}
sub content_type
{
my $self = shift;
if (@_) {
$self->{content_type} = shift;
}
return $self->{content_type};
}
sub encrypted
{
my $self = shift;
if (@_) {
$self->{encrypted} = shift;
}
return $self->{encrypted};
}
sub outer_content_type
{
my $self = shift;
if (@_) {
$self->{outer_content_type} = shift;
}
return $self->{outer_content_type};
}
sub is_fatal_alert
{
my $self = shift;
my $server = shift;
if (($self->{flight} & 1) == $server
&& $self->{content_type} == TLSProxy::Record::RT_ALERT) {
my ($level, $alert) = unpack('CC', $self->decrypt_data);
return $alert if ($level == 2);
}
return 0;
}
1;

View file

@ -0,0 +1,236 @@
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
package TLSProxy::ServerHello;
use vars '@ISA';
push @ISA, 'TLSProxy::Message';
my $hrrrandom = pack("C*", 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE,
0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2,
0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09,
0xE2, 0xC8, 0xA8, 0x33, 0x9C);
sub new
{
my $class = shift;
my ($server,
$data,
$records,
$startoffset,
$message_frag_lens) = @_;
my $self = $class->SUPER::new(
$server,
TLSProxy::Message::MT_SERVER_HELLO,
$data,
$records,
$startoffset,
$message_frag_lens);
$self->{server_version} = 0;
$self->{random} = [];
$self->{session_id_len} = 0;
$self->{session} = "";
$self->{ciphersuite} = 0;
$self->{comp_meth} = 0;
$self->{extension_data} = "";
return $self;
}
sub parse
{
my $self = shift;
my $ptr = 2;
my ($server_version) = unpack('n', $self->data);
my $neg_version = $server_version;
my $random = substr($self->data, $ptr, 32);
$ptr += 32;
my $session_id_len = 0;
my $session = "";
$session_id_len = unpack('C', substr($self->data, $ptr));
$ptr++;
$session = substr($self->data, $ptr, $session_id_len);
$ptr += $session_id_len;
my $ciphersuite = unpack('n', substr($self->data, $ptr));
$ptr += 2;
my $comp_meth = 0;
$comp_meth = unpack('C', substr($self->data, $ptr));
$ptr++;
my $extensions_len = unpack('n', substr($self->data, $ptr));
if (!defined $extensions_len) {
$extensions_len = 0;
} else {
$ptr += 2;
}
#For now we just deal with this as a block of data. In the future we will
#want to parse this
my $extension_data;
if ($extensions_len != 0) {
$extension_data = substr($self->data, $ptr);
if (length($extension_data) != $extensions_len) {
die "Invalid extension length\n";
}
} else {
if (length($self->data) != $ptr) {
die "Invalid extension length\n";
}
$extension_data = "";
}
my %extensions = ();
while (length($extension_data) >= 4) {
my ($type, $size) = unpack("nn", $extension_data);
my $extdata = substr($extension_data, 4, $size);
$extension_data = substr($extension_data, 4 + $size);
$extensions{$type} = $extdata;
if ($type == TLSProxy::Message::EXT_SUPPORTED_VERSIONS) {
$neg_version = unpack('n', $extdata);
}
}
if ($random eq $hrrrandom) {
TLSProxy::Proxy->is_tls13(1);
} elsif ($neg_version == TLSProxy::Record::VERS_TLS_1_3) {
TLSProxy::Proxy->is_tls13(1);
TLSProxy::Record->server_encrypting(1);
TLSProxy::Record->client_encrypting(1);
}
$self->server_version($server_version);
$self->random($random);
$self->session_id_len($session_id_len);
$self->session($session);
$self->ciphersuite($ciphersuite);
TLSProxy::Proxy->ciphersuite($ciphersuite);
$self->comp_meth($comp_meth);
$self->extension_data(\%extensions);
$self->process_data();
print " Server Version:".$server_version."\n";
print " Session ID Len:".$session_id_len."\n";
print " Ciphersuite:".$ciphersuite."\n";
print " Compression Method:".$comp_meth."\n";
print " Extensions Len:".$extensions_len."\n";
}
#Perform any actions necessary based on the data we've seen
sub process_data
{
my $self = shift;
TLSProxy::Message->ciphersuite($self->ciphersuite);
}
#Reconstruct the on-the-wire message data following changes
sub set_message_contents
{
my $self = shift;
my $data;
my $extensions = "";
$data = pack('n', $self->server_version);
$data .= $self->random;
$data .= pack('C', $self->session_id_len);
$data .= $self->session;
$data .= pack('n', $self->ciphersuite);
$data .= pack('C', $self->comp_meth);
foreach my $key (keys %{$self->extension_data}) {
my $extdata = ${$self->extension_data}{$key};
$extensions .= pack("n", $key);
$extensions .= pack("n", length($extdata));
$extensions .= $extdata;
if ($key == $self->dupext) {
$extensions .= pack("n", $key);
$extensions .= pack("n", length($extdata));
$extensions .= $extdata;
}
}
$data .= pack('n', length($extensions));
$data .= $extensions;
$self->data($data);
}
#Read/write accessors
sub server_version
{
my $self = shift;
if (@_) {
$self->{server_version} = shift;
}
return $self->{server_version};
}
sub random
{
my $self = shift;
if (@_) {
$self->{random} = shift;
}
return $self->{random};
}
sub session_id_len
{
my $self = shift;
if (@_) {
$self->{session_id_len} = shift;
}
return $self->{session_id_len};
}
sub session
{
my $self = shift;
if (@_) {
$self->{session} = shift;
}
return $self->{session};
}
sub ciphersuite
{
my $self = shift;
if (@_) {
$self->{ciphersuite} = shift;
}
return $self->{ciphersuite};
}
sub comp_meth
{
my $self = shift;
if (@_) {
$self->{comp_meth} = shift;
}
return $self->{comp_meth};
}
sub extension_data
{
my $self = shift;
if (@_) {
$self->{extension_data} = shift;
}
return $self->{extension_data};
}
sub set_extension
{
my ($self, $ext_type, $ext_data) = @_;
$self->{extension_data}{$ext_type} = $ext_data;
}
sub delete_extension
{
my ($self, $ext_type) = @_;
delete $self->{extension_data}{$ext_type};
}
1;

View file

@ -0,0 +1,157 @@
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
package TLSProxy::ServerKeyExchange;
use vars '@ISA';
push @ISA, 'TLSProxy::Message';
sub new
{
my $class = shift;
my ($server,
$data,
$records,
$startoffset,
$message_frag_lens) = @_;
my $self = $class->SUPER::new(
$server,
TLSProxy::Message::MT_SERVER_KEY_EXCHANGE,
$data,
$records,
$startoffset,
$message_frag_lens);
#DHE
$self->{p} = "";
$self->{g} = "";
$self->{pub_key} = "";
$self->{sigalg} = -1;
$self->{sig} = "";
return $self;
}
sub parse
{
my $self = shift;
my $sigalg = -1;
#Minimal SKE parsing. Only supports one known DHE ciphersuite at the moment
return if TLSProxy::Proxy->ciphersuite()
!= TLSProxy::Message::CIPHER_ADH_AES_128_SHA
&& TLSProxy::Proxy->ciphersuite()
!= TLSProxy::Message::CIPHER_DHE_RSA_AES_128_SHA;
my $p_len = unpack('n', $self->data);
my $ptr = 2;
my $p = substr($self->data, $ptr, $p_len);
$ptr += $p_len;
my $g_len = unpack('n', substr($self->data, $ptr));
$ptr += 2;
my $g = substr($self->data, $ptr, $g_len);
$ptr += $g_len;
my $pub_key_len = unpack('n', substr($self->data, $ptr));
$ptr += 2;
my $pub_key = substr($self->data, $ptr, $pub_key_len);
$ptr += $pub_key_len;
#We assume its signed
my $record = ${$self->records}[0];
if (TLSProxy::Proxy->is_tls13()
|| $record->version() == TLSProxy::Record::VERS_TLS_1_2) {
$sigalg = unpack('n', substr($self->data, $ptr));
$ptr += 2;
}
my $sig = "";
if (defined $sigalg) {
my $sig_len = unpack('n', substr($self->data, $ptr));
if (defined $sig_len) {
$ptr += 2;
$sig = substr($self->data, $ptr, $sig_len);
$ptr += $sig_len;
}
}
$self->p($p);
$self->g($g);
$self->pub_key($pub_key);
$self->sigalg($sigalg) if defined $sigalg;
$self->signature($sig);
}
#Reconstruct the on-the-wire message data following changes
sub set_message_contents
{
my $self = shift;
my $data;
$data = pack('n', length($self->p));
$data .= $self->p;
$data .= pack('n', length($self->g));
$data .= $self->g;
$data .= pack('n', length($self->pub_key));
$data .= $self->pub_key;
$data .= pack('n', $self->sigalg) if ($self->sigalg != -1);
if (length($self->signature) > 0) {
$data .= pack('n', length($self->signature));
$data .= $self->signature;
}
$self->data($data);
}
#Read/write accessors
#DHE
sub p
{
my $self = shift;
if (@_) {
$self->{p} = shift;
}
return $self->{p};
}
sub g
{
my $self = shift;
if (@_) {
$self->{g} = shift;
}
return $self->{g};
}
sub pub_key
{
my $self = shift;
if (@_) {
$self->{pub_key} = shift;
}
return $self->{pub_key};
}
sub sigalg
{
my $self = shift;
if (@_) {
$self->{sigalg} = shift;
}
return $self->{sigalg};
}
sub signature
{
my $self = shift;
if (@_) {
$self->{sig} = shift;
}
return $self->{sig};
}
1;

View file

@ -0,0 +1,228 @@
#! /usr/bin/env perl
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
package checkhandshake;
use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/;
use OpenSSL::Test::Utils;
use TLSProxy::Proxy;
use Exporter;
our @ISA = 'Exporter';
our @EXPORT = qw(@handmessages @extensions checkhandshake);
use constant {
DEFAULT_HANDSHAKE => 1,
OCSP_HANDSHAKE => 2,
RESUME_HANDSHAKE => 4,
CLIENT_AUTH_HANDSHAKE => 8,
RENEG_HANDSHAKE => 16,
NPN_HANDSHAKE => 32,
EC_HANDSHAKE => 64,
HRR_HANDSHAKE => 128,
HRR_RESUME_HANDSHAKE => 256,
ALL_HANDSHAKES => 511
};
use constant {
#DEFAULT also includes SESSION_TICKET_SRV_EXTENSION and SERVER_NAME_CLI
DEFAULT_EXTENSIONS => 0x00000007,
SESSION_TICKET_SRV_EXTENSION => 0x00000002,
SERVER_NAME_CLI_EXTENSION => 0x00000004,
SERVER_NAME_SRV_EXTENSION => 0x00000008,
STATUS_REQUEST_CLI_EXTENSION => 0x00000010,
STATUS_REQUEST_SRV_EXTENSION => 0x00000020,
ALPN_CLI_EXTENSION => 0x00000040,
ALPN_SRV_EXTENSION => 0x00000080,
SCT_CLI_EXTENSION => 0x00000100,
SCT_SRV_EXTENSION => 0x00000200,
RENEGOTIATE_CLI_EXTENSION => 0x00000400,
NPN_CLI_EXTENSION => 0x00000800,
NPN_SRV_EXTENSION => 0x00001000,
SRP_CLI_EXTENSION => 0x00002000,
#Client side for ec point formats is a default extension
EC_POINT_FORMAT_SRV_EXTENSION => 0x00004000,
PSK_CLI_EXTENSION => 0x00008000,
PSK_SRV_EXTENSION => 0x00010000,
KEY_SHARE_SRV_EXTENSION => 0x00020000,
PSK_KEX_MODES_EXTENSION => 0x00040000,
KEY_SHARE_HRR_EXTENSION => 0x00080000,
SUPPORTED_GROUPS_SRV_EXTENSION => 0x00100000,
POST_HANDSHAKE_AUTH_CLI_EXTENSION => 0x00200000
};
our @handmessages = ();
our @extensions = ();
sub checkhandshake($$$$)
{
my ($proxy, $handtype, $exttype, $testname) = @_;
subtest $testname => sub {
my $loop = 0;
my $numtests;
my $extcount;
my $clienthelloseen = 0;
my $lastmt = 0;
my $numsh = 0;
if (TLSProxy::Proxy::is_tls13()) {
#How many ServerHellos are we expecting?
for ($numtests = 0; $handmessages[$loop][1] != 0; $loop++) {
next if (($handmessages[$loop][1] & $handtype) == 0);
$numsh++ if ($lastmt != TLSProxy::Message::MT_SERVER_HELLO
&& $handmessages[$loop][0] == TLSProxy::Message::MT_SERVER_HELLO);
$lastmt = $handmessages[$loop][0];
}
}
#First count the number of tests
my $nextmess = 0;
my $message = undef;
my $chnum = 0;
my $shnum = 0;
if (!TLSProxy::Proxy::is_tls13()) {
# In non-TLSv1.3 we always treat reneg CH and SH like the first CH
# and SH
$chnum = 1;
$shnum = 1;
}
#If we're only expecting one ServerHello out of two then we skip the
#first ServerHello in the list completely
$shnum++ if ($numsh == 1 && TLSProxy::Proxy::is_tls13());
$loop = 0;
for ($numtests = 0; $handmessages[$loop][1] != 0; $loop++) {
next if (($handmessages[$loop][1] & $handtype) == 0);
if (scalar @{$proxy->message_list} > $nextmess) {
$message = ${$proxy->message_list}[$nextmess];
$nextmess++;
} else {
$message = undef;
}
$numtests++;
next if (!defined $message);
if (TLSProxy::Proxy::is_tls13()) {
$chnum++ if $message->mt() == TLSProxy::Message::MT_CLIENT_HELLO;
$shnum++ if $message->mt() == TLSProxy::Message::MT_SERVER_HELLO;
}
next if ($message->mt() != TLSProxy::Message::MT_CLIENT_HELLO
&& $message->mt() != TLSProxy::Message::MT_SERVER_HELLO
&& $message->mt() !=
TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS
&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE);
next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE
&& !TLSProxy::Proxy::is_tls13();
my $extchnum = 1;
my $extshnum = 1;
for (my $extloop = 0;
$extensions[$extloop][2] != 0;
$extloop++) {
$extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO
&& TLSProxy::Proxy::is_tls13();
$extshnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_SERVER_HELLO
&& $extchnum == 2;
next if $extensions[$extloop][0] == TLSProxy::Message::MT_CLIENT_HELLO
&& $extchnum != $chnum;
next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO
&& $extshnum != $shnum;
next if ($message->mt() != $extensions[$extloop][0]);
$numtests++;
}
$numtests++;
}
plan tests => $numtests;
$nextmess = 0;
$message = undef;
if (TLSProxy::Proxy::is_tls13()) {
$chnum = 0;
$shnum = 0;
} else {
# In non-TLSv1.3 we always treat reneg CH and SH like the first CH
# and SH
$chnum = 1;
$shnum = 1;
}
#If we're only expecting one ServerHello out of two then we skip the
#first ServerHello in the list completely
$shnum++ if ($numsh == 1 && TLSProxy::Proxy::is_tls13());
for ($loop = 0; $handmessages[$loop][1] != 0; $loop++) {
next if (($handmessages[$loop][1] & $handtype) == 0);
if (scalar @{$proxy->message_list} > $nextmess) {
$message = ${$proxy->message_list}[$nextmess];
$nextmess++;
} else {
$message = undef;
}
if (!defined $message) {
fail("Message type check. Got nothing, expected "
.$handmessages[$loop][0]);
next;
} else {
ok($message->mt == $handmessages[$loop][0],
"Message type check. Got ".$message->mt
.", expected ".$handmessages[$loop][0]);
}
if (TLSProxy::Proxy::is_tls13()) {
$chnum++ if $message->mt() == TLSProxy::Message::MT_CLIENT_HELLO;
$shnum++ if $message->mt() == TLSProxy::Message::MT_SERVER_HELLO;
}
next if ($message->mt() != TLSProxy::Message::MT_CLIENT_HELLO
&& $message->mt() != TLSProxy::Message::MT_SERVER_HELLO
&& $message->mt() !=
TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS
&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE);
next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE
&& !TLSProxy::Proxy::is_tls13();
if ($message->mt() == TLSProxy::Message::MT_CLIENT_HELLO) {
#Add renegotiate extension we will expect if renegotiating
$exttype |= RENEGOTIATE_CLI_EXTENSION
if ($clienthelloseen && !TLSProxy::Proxy::is_tls13());
$clienthelloseen = 1;
}
#Now check that we saw the extensions we expected
my $msgexts = $message->extension_data();
my $extchnum = 1;
my $extshnum = 1;
for (my $extloop = 0, $extcount = 0; $extensions[$extloop][2] != 0;
$extloop++) {
#In TLSv1.3 we can have two ClientHellos if there has been a
#HelloRetryRequest, and they may have different extensions. Skip
#if these are extensions for a different ClientHello
$extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO
&& TLSProxy::Proxy::is_tls13();
$extshnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_SERVER_HELLO
&& $extchnum == 2;
next if $extensions[$extloop][0] == TLSProxy::Message::MT_CLIENT_HELLO
&& $extchnum != $chnum;
next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO
&& $extshnum != $shnum;
next if ($message->mt() != $extensions[$extloop][0]);
ok (($extensions[$extloop][2] & $exttype) == 0
|| defined ($msgexts->{$extensions[$extloop][1]}),
"Extension presence check (Message: ".$message->mt()
." Extension: ".($extensions[$extloop][2] & $exttype).", "
.$extloop.")");
$extcount++ if (($extensions[$extloop][2] & $exttype) != 0);
}
ok($extcount == keys %$msgexts, "Extensions count mismatch ("
.$extcount.", ".(keys %$msgexts)
.")");
}
}
}
1;

View file

@ -0,0 +1,27 @@
# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
package with_fallback;
sub import {
shift;
use File::Basename;
use File::Spec::Functions;
foreach (@_) {
eval "use $_";
if ($@) {
unshift @INC, catdir(dirname(__FILE__),
"..", "..", "external", "perl");
my $transfer = "transfer::$_";
eval "use $transfer";
shift @INC;
warn $@ if $@;
}
}
}
1;

View file

@ -0,0 +1,457 @@
# This isn't a library ".num" file but is a list of documented items
# that don't appear in lib*.num -- because they are define's, in
# assembly language, etc.
#
OPENSSL_ia32cap environment
OPENSSL_MALLOC_FD environment
OPENSSL_MALLOC_FAILURES environment
OPENSSL_instrument_bus assembler
OPENSSL_instrument_bus2 assembler
#
ADMISSION_SYNTAX datatype
ADMISSIONS datatype
ASN1_STRING_TABLE datatype
BIO_ADDR datatype
BIO_ADDRINFO datatype
BIO_callback_fn datatype
BIO_callback_fn_ex datatype
BIO_hostserv_priorities datatype
BIO_lookup_type datatype
CRYPTO_EX_dup datatype
CRYPTO_EX_free datatype
CRYPTO_EX_new datatype
DTLS_timer_cb datatype
EVP_PKEY_gen_cb datatype
EVP_PKEY_METHOD datatype
EVP_PKEY_ASN1_METHOD datatype
GEN_SESSION_CB datatype
OPENSSL_Applink external
NAMING_AUTHORITY datatype
OSSL_STORE_CTX datatype
OSSL_STORE_INFO datatype
OSSL_STORE_LOADER datatype
OSSL_STORE_LOADER_CTX datatype
OSSL_STORE_SEARCH datatype
OSSL_STORE_close_fn datatype
OSSL_STORE_ctrl_fn datatype
OSSL_STORE_expect_fn datatype
OSSL_STORE_find_fn datatype
OSSL_STORE_eof_fn datatype
OSSL_STORE_error_fn datatype
OSSL_STORE_load_fn datatype
OSSL_STORE_open_fn datatype
OSSL_STORE_post_process_info_fn datatype
PROFESSION_INFO datatype
PROFESSION_INFOS datatype
RAND_DRBG_cleanup_entropy_fn datatype
RAND_DRBG_cleanup_nonce_fn datatype
RAND_DRBG_get_entropy_fn datatype
RAND_DRBG_get_nonce_fn datatype
RAND_poll_cb datatype
SSL_CTX_allow_early_data_cb_fn datatype
SSL_CTX_keylog_cb_func datatype
SSL_allow_early_data_cb_fn datatype
SSL_client_hello_cb_fn datatype
SSL_psk_client_cb_func datatype
SSL_psk_find_session_cb_func datatype
SSL_psk_server_cb_func datatype
SSL_psk_use_session_cb_func datatype
SSL_verify_cb datatype
UI datatype
UI_METHOD datatype
UI_STRING datatype
UI_string_types datatype
UI_string_types datatype
X509_STORE_CTX_cert_crl_fn datatype
X509_STORE_CTX_check_crl_fn datatype
X509_STORE_CTX_check_issued_fn datatype
X509_STORE_CTX_check_policy_fn datatype
X509_STORE_CTX_check_revocation_fn datatype
X509_STORE_CTX_cleanup_fn datatype
X509_STORE_CTX_get_crl_fn datatype
X509_STORE_CTX_get_issuer_fn datatype
X509_STORE_CTX_lookup_certs_fn datatype
X509_STORE_CTX_lookup_crls_fn datatype
X509_STORE_CTX_verify_cb datatype
X509_STORE_CTX_verify_fn datatype
X509_STORE_set_verify_cb_func datatype
X509_LOOKUP_get_by_alias_fn datatype
X509_LOOKUP_get_by_subject_fn datatype
X509_LOOKUP_get_by_fingerprint_fn datatype
X509_LOOKUP_ctrl_fn datatype
X509_LOOKUP_get_by_issuer_serial_fn datatype
bio_info_cb datatype
BIO_info_cb datatype
custom_ext_add_cb datatype
custom_ext_free_cb datatype
custom_ext_parse_cb datatype
pem_password_cb datatype
ssl_ct_validation_cb datatype
#
BIO_append_filename define
BIO_destroy_bio_pair define
BIO_do_accept define
BIO_do_connect define
BIO_do_handshake define
BIO_eof define
BIO_flush define
BIO_get_accept_name define
BIO_get_accept_port define
BIO_get_accept_ip_family define
BIO_get_peer_name define
BIO_get_peer_port define
BIO_get_bind_mode define
BIO_get_buffer_num_lines define
BIO_get_cipher_ctx define
BIO_get_cipher_status define
BIO_get_close define
BIO_get_conn_address define
BIO_get_conn_hostname define
BIO_get_conn_port define
BIO_get_conn_ip_family define
BIO_get_fd define
BIO_get_fp define
BIO_get_info_callback define
BIO_get_md define
BIO_get_md_ctx define
BIO_get_mem_data define
BIO_get_mem_ptr define
BIO_get_num_renegotiates define
BIO_get_read_request define
BIO_get_ssl define
BIO_get_write_buf_size define
BIO_get_write_guarantee define
BIO_make_bio_pair define
BIO_pending define
BIO_read_filename define
BIO_reset define
BIO_retry_type define
BIO_rw_filename define
BIO_seek define
BIO_set_accept_bios define
BIO_set_accept_name define
BIO_set_accept_port define
BIO_set_accept_ip_family define
BIO_set_bind_mode define
BIO_set_buffer_read_data define
BIO_set_buffer_size define
BIO_set_close define
BIO_set_conn_address define
BIO_set_conn_hostname define
BIO_set_conn_port define
BIO_set_conn_ip_family define
BIO_set_fd define
BIO_set_fp define
BIO_set_info_callback define
BIO_set_md define
BIO_set_mem_buf define
BIO_set_mem_eof_return define
BIO_set_nbio define
BIO_set_nbio_accept define
BIO_set_read_buffer_size define
BIO_set_ssl define
BIO_set_ssl_mode define
BIO_set_ssl_renegotiate_bytes define
BIO_set_ssl_renegotiate_timeout define
BIO_set_write_buf_size define
BIO_set_write_buffer_size define
BIO_should_io_special define
BIO_should_read define
BIO_should_retry define
BIO_should_write define
BIO_shutdown_wr define
BIO_tell define
BIO_wpending define
BIO_write_filename define
BN_mod define
BN_num_bytes define
BN_one define
BN_zero define deprecated 0.9.8
CONF_modules_free define deprecated 1.1.0
DES_ecb2_encrypt define
DES_ede2_cbc_encrypt define
DES_ede2_cfb64_encrypt define
DES_ede2_ofb64_encrypt define
DTLS_get_link_min_mtu define
DTLS_set_link_mtu define
ENGINE_cleanup define deprecated 1.1.0
ERR_FATAL_ERROR define
ERR_GET_FUNC define
ERR_GET_LIB define
ERR_GET_REASON define
ERR_PACK define
ERR_free_strings define deprecated 1.1.0
ERR_load_crypto_strings define deprecated 1.1.0
EVP_DigestSignUpdate define
EVP_DigestVerifyUpdate define
EVP_MD_CTX_block_size define
EVP_MD_CTX_size define
EVP_MD_CTX_type define
EVP_OpenUpdate define
EVP_PKEY_CTX_add1_hkdf_info define
EVP_PKEY_CTX_add1_tls1_prf_seed define
EVP_PKEY_CTX_get0_dh_kdf_oid define
EVP_PKEY_CTX_get0_dh_kdf_ukm define
EVP_PKEY_CTX_get0_ecdh_kdf_ukm define
EVP_PKEY_CTX_get0_rsa_oaep_label define
EVP_PKEY_CTX_get_dh_kdf_md define
EVP_PKEY_CTX_get_dh_kdf_outlen define
EVP_PKEY_CTX_get_dh_kdf_type define
EVP_PKEY_CTX_get_ecdh_cofactor_mode define
EVP_PKEY_CTX_get_ecdh_kdf_md define
EVP_PKEY_CTX_get_ecdh_kdf_outlen define
EVP_PKEY_CTX_get_ecdh_kdf_type define
EVP_PKEY_CTX_get_rsa_mgf1_md define
EVP_PKEY_CTX_get_rsa_oaep_md define
EVP_PKEY_CTX_get_rsa_padding define
EVP_PKEY_CTX_get_rsa_pss_saltlen define
EVP_PKEY_CTX_get_signature_md define
EVP_PKEY_CTX_hkdf_mode define
EVP_PKEY_CTX_set0_dh_kdf_oid define
EVP_PKEY_CTX_set0_dh_kdf_ukm define
EVP_PKEY_CTX_set0_ecdh_kdf_ukm define
EVP_PKEY_CTX_set0_rsa_oaep_label define
EVP_PKEY_CTX_set1_hkdf_key define
EVP_PKEY_CTX_set1_hkdf_salt define
EVP_PKEY_CTX_set1_pbe_pass define
EVP_PKEY_CTX_set1_scrypt_salt define
EVP_PKEY_CTX_set1_tls1_prf_secret define
EVP_PKEY_CTX_set_dh_paramgen_generator define
EVP_PKEY_CTX_set_dh_paramgen_prime_len define
EVP_PKEY_CTX_set_dh_paramgen_subprime_len define
EVP_PKEY_CTX_set_dh_paramgen_type define
EVP_PKEY_CTX_set_dh_kdf_md define
EVP_PKEY_CTX_set_dh_kdf_outlen define
EVP_PKEY_CTX_set_dh_kdf_type define
EVP_PKEY_CTX_set_dh_nid define
EVP_PKEY_CTX_set_dh_pad define
EVP_PKEY_CTX_set_dh_rfc5114 define
EVP_PKEY_CTX_set_dhx_rfc5114 define
EVP_PKEY_CTX_set_dsa_paramgen_bits define
EVP_PKEY_CTX_set_ec_param_enc define
EVP_PKEY_CTX_set_ec_paramgen_curve_nid define
EVP_PKEY_CTX_set_ecdh_cofactor_mode define
EVP_PKEY_CTX_set_ecdh_kdf_md define
EVP_PKEY_CTX_set_ecdh_kdf_outlen define
EVP_PKEY_CTX_set_ecdh_kdf_type define
EVP_PKEY_CTX_set_hkdf_md define
EVP_PKEY_CTX_set_mac_key define
EVP_PKEY_CTX_set_rsa_keygen_bits define
EVP_PKEY_CTX_set_rsa_keygen_pubexp define
EVP_PKEY_CTX_set_rsa_keygen_primes define
EVP_PKEY_CTX_set_rsa_mgf1_md define
EVP_PKEY_CTX_set_rsa_oaep_md define
EVP_PKEY_CTX_set_rsa_padding define
EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md define
EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen define
EVP_PKEY_CTX_set_rsa_pss_keygen_md define
EVP_PKEY_CTX_set_rsa_pss_saltlen define
EVP_PKEY_CTX_set_scrypt_N define
EVP_PKEY_CTX_set_scrypt_r define
EVP_PKEY_CTX_set_scrypt_maxmem_bytes define
EVP_PKEY_CTX_set_scrypt_p define
EVP_PKEY_CTX_set_signature_md define
EVP_PKEY_CTX_set_tls1_prf_md define
EVP_PKEY_assign_DH define
EVP_PKEY_assign_DSA define
EVP_PKEY_assign_EC_KEY define
EVP_PKEY_assign_POLY1305 define
EVP_PKEY_assign_RSA define
EVP_PKEY_assign_SIPHASH define
EVP_SealUpdate define
EVP_SignInit define
EVP_SignInit_ex define
EVP_SignUpdate define
EVP_VerifyInit define
EVP_VerifyInit_ex define
EVP_VerifyUpdate define
EVP_bf_cfb define
EVP_cast5_cfb define
EVP_cleanup define deprecated 1.1.0
EVP_get_digestbynid define
EVP_get_digestbyobj define
EVP_idea_cfb define
EVP_rc2_cfb define
EVP_rc5_32_12_16_cfb define
EVP_seed_cfb define
EVP_sm4_cfb define
OBJ_cleanup define deprecated 1.1.0
OPENSSL_VERSION_NUMBER define
OPENSSL_VERSION_TEXT define
OPENSSL_clear_free define
OPENSSL_clear_realloc define
OPENSSL_free define
OPENSSL_malloc define
OPENSSL_malloc_init define
OPENSSL_mem_debug_pop define
OPENSSL_mem_debug_push define
OPENSSL_memdup define
OPENSSL_no_config define deprecated 1.1.0
OPENSSL_realloc define
OPENSSL_secure_actual_size define
OPENSSL_secure_clear_free define
OPENSSL_secure_free define
OPENSSL_secure_malloc define
OPENSSL_secure_zalloc define
OPENSSL_strdup define
OPENSSL_strndup define
OPENSSL_zalloc define
OpenSSL_add_all_algorithms define deprecated 1.1.0
OpenSSL_add_all_ciphers define deprecated 1.1.0
OpenSSL_add_all_digests define deprecated 1.1.0
OpenSSL_add_ssl_algorithms define
PEM_FLAG_EAY_COMPATIBLE define
PEM_FLAG_ONLY_B64 define
PEM_FLAG_SECURE define
RAND_cleanup define deprecated 1.1.0
RAND_DRBG_get_ex_new_index define
SSL_COMP_free_compression_methods define deprecated 1.1.0
SSL_CTX_add0_chain_cert define
SSL_CTX_add1_chain_cert define
SSL_CTX_add_extra_chain_cert define
SSL_CTX_build_cert_chain define
SSL_CTX_clear_chain_certs define
SSL_CTX_clear_extra_chain_certs define
SSL_CTX_clear_mode define
SSL_CTX_decrypt_session_ticket_fn define
SSL_CTX_disable_ct define
SSL_CTX_generate_session_ticket_fn define
SSL_CTX_get0_chain_certs define
SSL_CTX_get_default_read_ahead define
SSL_CTX_get_max_cert_list define
SSL_CTX_get_max_proto_version define
SSL_CTX_get_min_proto_version define
SSL_CTX_get_mode define
SSL_CTX_get_read_ahead define
SSL_CTX_get_session_cache_mode define
SSL_CTX_get_tlsext_status_arg define
SSL_CTX_get_tlsext_status_cb define
SSL_CTX_get_tlsext_status_type define
SSL_CTX_select_current_cert define
SSL_CTX_sess_accept define
SSL_CTX_sess_accept_good define
SSL_CTX_sess_accept_renegotiate define
SSL_CTX_sess_cache_full define
SSL_CTX_sess_cb_hits define
SSL_CTX_sess_connect define
SSL_CTX_sess_connect_good define
SSL_CTX_sess_connect_renegotiate define
SSL_CTX_sess_get_cache_size define
SSL_CTX_sess_hits define
SSL_CTX_sess_misses define
SSL_CTX_sess_number define
SSL_CTX_sess_set_cache_size define
SSL_CTX_sess_timeouts define
SSL_CTX_set0_chain define
SSL_CTX_set0_chain_cert_store define
SSL_CTX_set0_verify_cert_store define
SSL_CTX_set1_chain define
SSL_CTX_set1_chain_cert_store define
SSL_CTX_set1_client_sigalgs define
SSL_CTX_set1_client_sigalgs_list define
SSL_CTX_set1_curves define
SSL_CTX_set1_curves_list define
SSL_CTX_set1_groups define
SSL_CTX_set1_groups_list define
SSL_CTX_set1_sigalgs define
SSL_CTX_set1_sigalgs_list define
SSL_CTX_set1_verify_cert_store define
SSL_CTX_set_current_cert define
SSL_CTX_set_max_cert_list define
SSL_CTX_set_max_pipelines define
SSL_CTX_set_max_proto_version define
SSL_CTX_set_max_send_fragment define
SSL_CTX_set_min_proto_version define
SSL_CTX_set_mode define
SSL_CTX_set_msg_callback_arg define
SSL_CTX_set_read_ahead define
SSL_CTX_set_session_cache_mode define
SSL_CTX_set_split_send_fragment define
SSL_CTX_set_tlsext_servername_arg define
SSL_CTX_set_tlsext_servername_callback define
SSL_CTX_set_tlsext_status_arg define
SSL_CTX_set_tlsext_status_cb define
SSL_CTX_set_tlsext_status_type define
SSL_CTX_set_tlsext_ticket_key_cb define
SSL_CTX_set_tmp_dh define
SSL_add0_chain_cert define
SSL_add1_chain_cert define
SSL_build_cert_chain define
SSL_clear_chain_certs define
SSL_clear_mode define
SSL_disable_ct define
SSL_get0_chain_certs define
SSL_get0_session define
SSL_get1_curves define
SSL_get1_groups define
SSL_get_cipher define
SSL_get_cipher_bits define
SSL_get_cipher_name define
SSL_get_cipher_version define
SSL_get_extms_support define
SSL_get_max_cert_list define
SSL_get_max_proto_version define
SSL_get_min_proto_version define
SSL_get_mode define
SSL_get_peer_signature_nid define
SSL_get_peer_tmp_key define
SSL_get_secure_renegotiation_support define
SSL_get_server_tmp_key define
SSL_get_shared_curve define
SSL_get_shared_group define
SSL_get_signature_nid define
SSL_get_time define
SSL_get_timeout define
SSL_get_tlsext_status_ocsp_resp define
SSL_get_tlsext_status_type define
SSL_get_tmp_key define
SSL_in_accept_init define
SSL_in_connect_init define
SSL_library_init define
SSL_load_error_strings define deprecated 1.1.0
SSL_select_current_cert define
SSL_set0_chain define
SSL_set0_chain_cert_store define
SSL_set0_verify_cert_store define
SSL_set1_chain define
SSL_set1_chain_cert_store define
SSL_set1_client_sigalgs define
SSL_set1_client_sigalgs_list define
SSL_set1_curves define
SSL_set1_curves_list define
SSL_set1_groups define
SSL_set1_groups_list define
SSL_set1_sigalgs define
SSL_set1_sigalgs_list define
SSL_set1_verify_cert_store define
SSL_set_current_cert define
SSL_set_max_cert_list define
SSL_set_max_pipelines define
SSL_set_max_proto_version define
SSL_set_max_send_fragment define
SSL_set_min_proto_version define
SSL_set_mode define
SSL_set_msg_callback_arg define
SSL_set_mtu define
SSL_set_split_send_fragment define
SSL_set_time define
SSL_set_timeout define
SSL_set_tlsext_host_name define
SSL_set_tlsext_status_ocsp_resp define
SSL_set_tlsext_status_type define
SSL_set_tmp_dh define
SSL_want_async define
SSL_want_async_job define
SSL_want_client_hello_cb define
SSL_want_nothing define
SSL_want_read define
SSL_want_write define
SSL_want_x509_lookup define
SSLv23_client_method define
SSLv23_method define
SSLv23_server_method define
X509_STORE_set_lookup_crls_cb define
X509_STORE_set_verify_func define
EVP_PKEY_CTX_set1_id define
EVP_PKEY_CTX_get1_id define
EVP_PKEY_CTX_get1_id_len define

View file

@ -0,0 +1,271 @@
#! /usr/bin/env perl
# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
use warnings;
use File::Spec::Functions;
use File::Basename;
use File::Copy;
use File::Path;
use FindBin;
use lib "$FindBin::Bin/perl";
use OpenSSL::Glob;
use Getopt::Long;
use Pod::Usage;
use lib '.';
use configdata;
# We know we are in the 'util' directory and that our perl modules are
# in util/perl
use lib catdir(dirname($0), "perl");
use OpenSSL::Util::Pod;
my %options = ();
GetOptions(\%options,
'sourcedir=s', # Source directory
'section=i@', # Subdirectories to look through,
# with associated section numbers
'destdir=s', # Destination directory
#'in=s@', # Explicit files to process (ignores sourcedir)
'type=s', # The result type, 'man' or 'html'
'suffix:s', # Suffix to add to the extension.
# Only used with type=man
'remove', # To remove files rather than writing them
'dry-run|n', # Only output file names on STDOUT
'debug|D+',
);
unless ($options{section}) {
$options{section} = [ 1, 3, 5, 7 ];
}
unless ($options{sourcedir}) {
$options{sourcedir} = catdir($config{sourcedir}, "doc");
}
pod2usage(1) unless ( defined $options{section}
&& defined $options{sourcedir}
&& defined $options{destdir}
&& defined $options{type}
&& ($options{type} eq 'man'
|| $options{type} eq 'html') );
pod2usage(1) if ( $options{type} eq 'html'
&& defined $options{suffix} );
if ($options{debug}) {
print STDERR "DEBUG: options:\n";
print STDERR "DEBUG: --sourcedir = $options{sourcedir}\n"
if defined $options{sourcedir};
print STDERR "DEBUG: --destdir = $options{destdir}\n"
if defined $options{destdir};
print STDERR "DEBUG: --type = $options{type}\n"
if defined $options{type};
print STDERR "DEBUG: --suffix = $options{suffix}\n"
if defined $options{suffix};
foreach (sort @{$options{section}}) {
print STDERR "DEBUG: --section = $_\n";
}
print STDERR "DEBUG: --remove = $options{remove}\n"
if defined $options{remove};
print STDERR "DEBUG: --debug = $options{debug}\n"
if defined $options{debug};
print STDERR "DEBUG: --dry-run = $options{\"dry-run\"}\n"
if defined $options{"dry-run"};
}
my $symlink_exists = eval { symlink("",""); 1 };
foreach my $section (sort @{$options{section}}) {
my $subdir = "man$section";
my $podsourcedir = catfile($options{sourcedir}, $subdir);
my $podglob = catfile($podsourcedir, "*.pod");
foreach my $podfile (glob $podglob) {
my $podname = basename($podfile, ".pod");
my $podpath = catfile($podfile);
my %podinfo = extract_pod_info($podpath,
{ debug => $options{debug},
section => $section });
my @podfiles = grep { $_ ne $podname } @{$podinfo{names}};
my $updir = updir();
my $name = uc $podname;
my $suffix = { man => ".$podinfo{section}".($options{suffix} // ""),
html => ".html" } -> {$options{type}};
my $generate = { man => "pod2man --name=$name --section=$podinfo{section} --center=OpenSSL --release=$config{version} \"$podpath\"",
html => "pod2html \"--podroot=$options{sourcedir}\" --htmldir=$updir --podpath=man1:man3:man5:man7 \"--infile=$podpath\" \"--title=$podname\" --quiet"
} -> {$options{type}};
my $output_dir = catdir($options{destdir}, "man$podinfo{section}");
my $output_file = $podname . $suffix;
my $output_path = catfile($output_dir, $output_file);
if (! $options{remove}) {
my @output;
print STDERR "DEBUG: Processing, using \"$generate\"\n"
if $options{debug};
unless ($options{"dry-run"}) {
@output = `$generate`;
map { s|href="http://man\.he\.net/(man\d/[^"]+)(?:\.html)?"|href="../$1.html"|g; } @output
if $options{type} eq "html";
if ($options{type} eq "man") {
# Because some *roff parsers are more strict than others,
# multiple lines in the NAME section must be merged into
# one.
my $in_name = 0;
my $name_line = "";
my @newoutput = ();
foreach (@output) {
if ($in_name) {
if (/^\.SH "/) {
$in_name = 0;
push @newoutput, $name_line."\n";
} else {
chomp (my $x = $_);
$name_line .= " " if $name_line;
$name_line .= $x;
next;
}
}
if (/^\.SH +"NAME" *$/) {
$in_name = 1;
}
push @newoutput, $_;
}
@output = @newoutput;
}
}
print STDERR "DEBUG: Done processing\n" if $options{debug};
if (! -d $output_dir) {
print STDERR "DEBUG: Creating directory $output_dir\n" if $options{debug};
unless ($options{"dry-run"}) {
mkpath $output_dir
or die "Trying to create directory $output_dir: $!\n";
}
}
print STDERR "DEBUG: Writing $output_path\n" if $options{debug};
unless ($options{"dry-run"}) {
open my $output_fh, '>', $output_path
or die "Trying to write to $output_path: $!\n";
foreach (@output) {
print $output_fh $_;
}
close $output_fh;
}
print STDERR "DEBUG: Done writing $output_path\n" if $options{debug};
} else {
print STDERR "DEBUG: Removing $output_path\n" if $options{debug};
unless ($options{"dry-run"}) {
while (unlink $output_path) {}
}
}
print "$output_path\n";
foreach (@podfiles) {
my $link_file = $_ . $suffix;
my $link_path = catfile($output_dir, $link_file);
if (! $options{remove}) {
if ($symlink_exists) {
print STDERR "DEBUG: Linking $link_path -> $output_file\n"
if $options{debug};
unless ($options{"dry-run"}) {
symlink $output_file, $link_path;
}
} else {
print STDERR "DEBUG: Copying $output_path to link_path\n"
if $options{debug};
unless ($options{"dry-run"}) {
copy $output_path, $link_path;
}
}
} else {
print STDERR "DEBUG: Removing $link_path\n" if $options{debug};
unless ($options{"dry-run"}) {
while (unlink $link_path) {}
}
}
print "$link_path -> $output_path\n";
}
}
}
__END__
=pod
=head1 NAME
process_docs.pl - A script to process OpenSSL docs
=head1 SYNOPSIS
B<process_docs.pl>
[B<--sourcedir>=I<dir>]
B<--destdir>=I<dir>
B<--type>=B<man>|B<html>
[B<--suffix>=I<suffix>]
[B<--remove>]
[B<--dry-run>|B<-n>]
[B<--debug>|B<-D>]
=head1 DESCRIPTION
This script looks for .pod files in the subdirectories 'apps', 'crypto'
and 'ssl' under the given source directory.
The OpenSSL configuration data file F<configdata.pm> I<must> reside in
the current directory, I<or> perl must have the directory it resides in
in its inclusion array. For the latter variant, a call like this would
work:
perl -I../foo util/process_docs.pl {options ...}
=head1 OPTIONS
=over 4
=item B<--sourcedir>=I<dir>
Top directory where the source files are found.
=item B<--destdir>=I<dir>
Top directory where the resulting files should end up
=item B<--type>=B<man>|B<html>
Type of output to produce. Currently supported are man pages and HTML files.
=item B<--suffix>=I<suffix>
A suffix added to the extension. Only valid with B<--type>=B<man>
=item B<--remove>
Instead of writing the files, remove them.
=item B<--dry-run>|B<-n>
Do not perform any file writing, directory creation or file removal.
=item B<--debug>|B<-D>
Print extra debugging output.
=back
=head1 COPYRIGHT
Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
https://www.openssl.org/source/license.html
=cut

View file

@ -0,0 +1,138 @@
#!/bin/sh
{-
use lib '.';
use configdata;
sub shlib {
my $lib = shift;
return "" if $disabled{shared};
$lib = $unified_info{rename}->{$lib}
if defined $unified_info{rename}->{$lib};
$lib = $unified_info{sharednames}->{$lib}
. ($target{shlib_variant} || "")
. ($target{shared_extension} || ".so");
$lib =~ s|\.\$\(SHLIB_VERSION_NUMBER\)
|.$config{shlib_version_number}|x;
return $lib;
}
""; # Make sure no left over string sneaks its way into the script
-}
# To test this OpenSSL version's applications against another version's
# shared libraries, simply set
#
# OPENSSL_REGRESSION=/path/to/other/OpenSSL/build/tree
if [ -n "$OPENSSL_REGRESSION" ]; then
shlibwrap="$OPENSSL_REGRESSION/util/shlib_wrap.sh"
if [ -x "$shlibwrap" ]; then
# We clear OPENSSL_REGRESSION to avoid a loop, should the shlib_wrap.sh
# we exec also support that mechanism...
OPENSSL_REGRESSION= exec "$shlibwrap" "$@"
else
if [ -f "$shlibwrap" ]; then
echo "Not permitted to run $shlibwrap" >&2
else
echo "No $shlibwrap, perhaps OPENSSL_REGRESSION isn't properly set?" >&2
fi
exit 1
fi
fi
[ $# -ne 0 ] || set -x # debug mode without arguments:-)
THERE="`echo $0 | sed -e 's|[^/]*$||' 2>/dev/null`.."
[ -d "${THERE}" ] || exec "$@" # should never happen...
LIBCRYPTOSO="${THERE}/{- shlib('libcrypto') -}"
LIBSSLSO="${THERE}/{- shlib('libssl') -}"
SYSNAME=`(uname -s) 2>/dev/null`;
case "$SYSNAME" in
SunOS|IRIX*)
# SunOS and IRIX run-time linkers evaluate alternative
# variables depending on target ABI...
rld_var=LD_LIBRARY_PATH
case "`(/usr/bin/file "$LIBCRYPTOSO") 2>/dev/null`" in
*ELF\ 64*SPARC*|*ELF\ 64*AMD64*)
[ -n "$LD_LIBRARY_PATH_64" ] && rld_var=LD_LIBRARY_PATH_64
LD_PRELOAD_64="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_64
preload_var=LD_PRELOAD_64
;;
*ELF\ 32*SPARC*|*ELF\ 32*80386*)
# We only need to change LD_PRELOAD_32 and LD_LIBRARY_PATH_32
# on a multi-arch system. Otherwise, trust the fallbacks.
if [ -f /lib/64/ld.so.1 ]; then
[ -n "$LD_LIBRARY_PATH_32" ] && rld_var=LD_LIBRARY_PATH_32
LD_PRELOAD_32="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_32
preload_var=LD_PRELOAD_32
fi
;;
# Why are newly built .so's preloaded anyway? Because run-time
# .so lookup path embedded into application takes precedence
# over LD_LIBRARY_PATH and as result application ends up linking
# to previously installed .so's. On IRIX instead of preloading
# newly built .so's we trick run-time linker to fail to find
# the installed .so by setting _RLD_ROOT variable.
*ELF\ 32*MIPS*)
#_RLD_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD_LIST
_RLD_ROOT=/no/such/dir; export _RLD_ROOT
eval $rld_var=\"/usr/lib'${'$rld_var':+:$'$rld_var'}'\"
preload_var=_RLD_LIST
;;
*ELF\ N32*MIPS*)
[ -n "$LD_LIBRARYN32_PATH" ] && rld_var=LD_LIBRARYN32_PATH
#_RLDN32_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLDN32_LIST
_RLDN32_ROOT=/no/such/dir; export _RLDN32_ROOT
eval $rld_var=\"/usr/lib32'${'$rld_var':+:$'$rld_var'}'\"
preload_var=_RLDN32_LIST
;;
*ELF\ 64*MIPS*)
[ -n "$LD_LIBRARY64_PATH" ] && rld_var=LD_LIBRARY64_PATH
#_RLD64_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD64_LIST
_RLD64_ROOT=/no/such/dir; export _RLD64_ROOT
eval $rld_var=\"/usr/lib64'${'$rld_var':+:$'$rld_var'}'\"
preload_var=_RLD64_LIST
;;
esac
eval $rld_var=\"${THERE}'${'$rld_var':+:$'$rld_var'}'\"; export $rld_var
unset rld_var
;;
*) LD_LIBRARY_PATH="${THERE}:$LD_LIBRARY_PATH" # Linux, ELF HP-UX
DYLD_LIBRARY_PATH="${THERE}:$DYLD_LIBRARY_PATH" # MacOS X
SHLIB_PATH="${THERE}:$SHLIB_PATH" # legacy HP-UX
LIBPATH="${THERE}:$LIBPATH" # AIX, OS/2
export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH
# Even though $PATH is adjusted [for Windows sake], it doesn't
# necessarily does the trick. Trouble is that with introduction
# of SafeDllSearchMode in XP/2003 it's more appropriate to copy
# .DLLs in vicinity of executable, which is done elsewhere...
if [ "$OSTYPE" != msdosdjgpp ]; then
PATH="${THERE}:$PATH"; export PATH
fi
;;
esac
{- output_off() unless grep (/-rpath\b/, @{$config{LDFLAGS}}); ""; -}
if [ -f "$LIBCRYPTOSO" -a -z "$preload_var" ]; then
# Following three lines are major excuse for isolating them into
# this wrapper script. Original reason for setting LD_PRELOAD
# was to make it possible to pass 'make test' when user linked
# with -rpath pointing to previous version installation. Wrapping
# it into a script makes it possible to do so on multi-ABI
# platforms.
case "$SYSNAME" in
*BSD) LD_PRELOAD="$LIBCRYPTOSO:$LIBSSLSO" ;; # *BSD
*) LD_PRELOAD="$LIBCRYPTOSO $LIBSSLSO" ;; # SunOS, Linux, ELF HP-UX
esac
_RLD_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT" # Tru64, o32 IRIX
DYLD_INSERT_LIBRARIES="$LIBCRYPTOSO:$LIBSSLSO" # MacOS X
export LD_PRELOAD _RLD_LIST DYLD_INSERT_LIBRARIES
fi
{- output_on() unless grep (/-rpath\b/, @{$config{LDFLAGS}}); ""; -}
cmd="$1"; [ -x "$cmd" ] || cmd="$cmd${EXE_EXT}"
shift
if [ $# -eq 0 ]; then
exec "$cmd" # old sh, such as Tru64 4.x, fails to expand empty "$@"
else
exec "$cmd" "$@"
fi

View file

@ -0,0 +1,264 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
my $in_su = 0;
my $indent = 0;
my $out;
my $braces = 0;
my $arrcnt;
my $data;
my $tststr;
my $incomm = 0;
while(<>) {
$tststr = $_;
$incomm++ while $tststr =~ /\/\*/g;
$incomm-- while $tststr =~ /\*\//g;
if($in_su == 1) {
if(/}(.*);/) {
$out .= $_;
do_output($out);
$in_su = 0;
} elsif(/^ *\} [^\s]+(\[\d*\])* = \{/) {
$tststr = $1;
$arrcnt = 0;
$arrcnt++ while $tststr =~ /\[/g;
$in_su++;
$braces = 1;
/^(.* = \{)(.*)$/;
$data = $2;
$out .= $1."\n";
} else {
$out .= $_;
}
} elsif($in_su == 2) {
$data .= $_;
if(/};$/) {
#$data = "\n$data";
$data =~ s/\n */\n/g;
$data =~ s/};\n?//s;
my @strucdata = structureData($data);
$out .= displayData($indent, 0, \@strucdata);
$out .= "\n$indent};\n";
do_output($out);
$in_su = 0;
}
} elsif($incomm <= 0 && /( *)(static )?(const )?(union|struct) ([a-zA-Z_\$][\$0-9a-zA-Z_]+ )?\{/) {
$in_su = 1;
$indent = $1;
$out = $_;
next;
} else {
do_output($_);
}
}
sub structureData {
my $data = $_[0];
my @datalist = split(/(\{|\}|,|"|#|\n|\/\*|\*\/|\(|\))/, $data);
my $item;
my $dataitem = "";
my @struclist = ();
my $substruc;
my $inquote = 0;
my $inbrace = 0;
my $preproc = 0;
my $comment = 0;
my $inparen = 0;
foreach $item (@datalist) {
if($comment) {
if($item eq "*/") {
$comment = 0;
$dataitem .= "*/";
push @struclist, $dataitem;
$dataitem = "";
next;
}
$dataitem .= $item;
next;
}
if($inquote) {
$dataitem .= $item;
if($item eq "\"") {
$inquote--;
}
next;
}
if($preproc) {
if($item eq "\n") {
$preproc = 0;
push @struclist, $dataitem;
$dataitem = "";
next;
}
$dataitem .= $item;
next;
}
if($inbrace) {
if($item eq "}") {
$inbrace --;
if(!$inbrace) {
$substruc = structureData($dataitem);
$dataitem = $substruc;
next;
}
} elsif($item eq "{") {
$inbrace++;
} elsif ($item eq "\"") {
$inquote++;
}
$dataitem .= $item;
next;
}
if($inparen) {
if($item eq ")") {
$inparen--;
}
$dataitem .= $item;
next;
}
if($item eq "\n") {
next;
}
if($item eq "#") {
$preproc = 1;
push @struclist, $dataitem;
$dataitem = "#";
next;
}
if($item eq "/*") {
$comment = 1;
push @struclist, $dataitem;
$dataitem= "/*";
next;
}
if($item eq "\"") {
$dataitem .= $item;
$inquote++;
next;
}
if($item eq "{") {
$inbrace++;
next;
}
if($item eq ",") {
push @struclist, $dataitem;
$dataitem = "";
next;
}
if($item eq "(") {
$dataitem .= $item;
$inparen++;
next;
}
if($item =~ /^\s*$/) {
next;
}
if(ref $dataitem eq 'ARRAY') {
push @struclist, $dataitem;
$dataitem = "";
}
$dataitem .= $item;
}
push @struclist, $dataitem;
return \@struclist;
}
sub displayData {
my $indent = shift;
my $depth = shift;
my $data = shift;
my $item;
my $out = "";
my $currline = "";
my $first = 1;
my $prevpreproc = 0;
my $prevcomment = 0;
foreach $item (@{$data}) {
if($item =~ /^\/\*/) {
#Comment
$item =~ s/\n/\n$indent/g;
if($out =~ /\n\s*$/s) {
$out .= $item."\n".$indent;
} else {
$out .= "\n".$indent.$item."\n".$indent;
}
$currline = $indent;
$prevcomment = 1;
next;
}
$item =~ s/^\s+//;
if($item =~ /^#/) {
#Pre-processor directive
if($out =~ /\n\s*$/s) {
$out =~ s/\n\s*$/\n/;
$out .= $item."\n".$indent;
} else {
$out .= "\n".$item."\n".$indent;
}
$currline = $indent;
$prevpreproc = 1;
next;
}
if($first) {
$first = 0;
if($depth != 0) {
$out .= $indent;
$currline = $indent;
}
} else {
if(!$prevpreproc && !$prevcomment) {
$out .= ", ";
$currline .= ", ";
if($depth == 1) {
$out .= "\n";
$currline = "";
}
if($depth == 1) {
$out .= $indent;
$currline .= $indent;
}
}
}
$prevpreproc = 0;
$prevcomment = 0;
if (ref $item eq 'ARRAY') {
if($depth == 0) {
$out .= displayData("$indent ", $depth+1, $item);
} else {
$out .= "{\n".displayData("$indent ", $depth+1, $item)."\n".$indent."}";
$currline = $indent."}";
}
} else {
if(length $currline.$item > 79) {
$currline = $indent;
$out .= "\n$indent";
}
$out .= $item;
$currline .= $item;
}
}
return $out;
}
sub do_output {
my $out = shift;
# Strip any trailing whitespace
$out =~ s/\s+\n/\n/g;
print $out;
}

View file

@ -0,0 +1,26 @@
${-
use File::Spec::Functions qw(rel2abs);
my $bldtop = rel2abs($config{builddir});
our %names = ( map { $_ => $bldtop.$_.".EXE" }
map { $unified_info{sharednames}->{$_} || () }
@{$unified_info{libraries}} );
"" -}
$ ! Remove the local environment created by local_shlib.com
$
$ OPENSSL_NAMES := OPENSSL_NAMES_'F$GETJPI("","PID")'
$ IF F$TRNLNM("OSSL_FLAG",OPENSSL_NAMES) .EQS. "" THEN EXIT 0
$
$ NAMES := {- join(",", keys %names); -}
$ I = 0
$ LOOP:
$ E = F$ELEMENT(I,",",NAMES)
$ I = I + 1
$ IF E .EQS. "," THEN GOTO ENDLOOP
$ OLDV = F$TRNLNM(E,OPENSSL_NAMES)
$ DEASSIGN 'E'
$ IF OLDV .NES. "" THEN DEFINE 'E' 'OLDV'
$ GOTO LOOP
$ ENDLOOP:
$
$ DEASSIGN 'OPENSSL_NAMES' /TABLE=LNM$PROCESS_DIRECTORY