svn commit: r215997 - in stable/7: crypto/openssl
crypto/openssl/apps crypto/openssl/certs
crypto/openssl/certs/demo crypto/openssl/certs/expired
crypto/openssl/crypto crypto/openssl/crypto/aes cry...
Simon L. Nielsen
simon at FreeBSD.org
Sun Nov 28 13:45:53 UTC 2010
Author: simon
Date: Sun Nov 28 13:45:51 2010
New Revision: 215997
URL: http://svn.freebsd.org/changeset/base/215997
Log:
Merge OpenSSL 0.9.8p into stable/7.
This merges up to and including head/crypto/openssl/ r215697; and
head/secure/lib/libcrypto/, head/secure/lib/libssl/,
head/secure/usr.bin/openssl/ r215698.
To make the merge simpler, a hack was added to set MACHINE_CPUARCH.
A few old OpenSSL security fixes are still the stable/7 tree - these
will be backed out to the vendor version shortly.
Security: CVE-2010-2939, CVE-2010-3864
Security: http://www.openssl.org/news/secadv_20101116.txt
Security: FreeBSD-SA-10:10.openssl
Approved by: re (implicitly - they did not object of the general idea
of OpenSSL update)
Added:
stable/7/crypto/openssl/apps/cms.c
- copied unchanged from r215994, head/crypto/openssl/apps/cms.c
stable/7/crypto/openssl/certs/README.RootCerts
- copied unchanged from r215994, head/crypto/openssl/certs/README.RootCerts
stable/7/crypto/openssl/crypto/aes/aes_wrap.c
- copied unchanged from r215994, head/crypto/openssl/crypto/aes/aes_wrap.c
stable/7/crypto/openssl/crypto/aes/asm/aes-x86_64.pl
- copied unchanged from r215994, head/crypto/openssl/crypto/aes/asm/aes-x86_64.pl
stable/7/crypto/openssl/crypto/asn1/asn_mime.c
- copied unchanged from r215994, head/crypto/openssl/crypto/asn1/asn_mime.c
stable/7/crypto/openssl/crypto/bn/asm/mo-586.pl
- copied unchanged from r215994, head/crypto/openssl/crypto/bn/asm/mo-586.pl
stable/7/crypto/openssl/crypto/bn/asm/x86_64-mont.pl
- copied unchanged from r215994, head/crypto/openssl/crypto/bn/asm/x86_64-mont.pl
stable/7/crypto/openssl/crypto/bn/bn_opt.c
- copied unchanged from r215994, head/crypto/openssl/crypto/bn/bn_opt.c
stable/7/crypto/openssl/crypto/bn/bn_x931p.c
- copied unchanged from r215994, head/crypto/openssl/crypto/bn/bn_x931p.c
stable/7/crypto/openssl/crypto/buffer/buf_str.c
- copied unchanged from r215994, head/crypto/openssl/crypto/buffer/buf_str.c
stable/7/crypto/openssl/crypto/cms/
- copied from r215994, head/crypto/openssl/crypto/cms/
stable/7/crypto/openssl/crypto/des/des_lib.c
- copied unchanged from r215994, head/crypto/openssl/crypto/des/des_lib.c
stable/7/crypto/openssl/crypto/dsa/dsa_utl.c
- copied unchanged from r215994, head/crypto/openssl/crypto/dsa/dsa_utl.c
stable/7/crypto/openssl/crypto/dyn_lck.c
- copied unchanged from r215994, head/crypto/openssl/crypto/dyn_lck.c
stable/7/crypto/openssl/crypto/err/err_bio.c
- copied unchanged from r215994, head/crypto/openssl/crypto/err/err_bio.c
stable/7/crypto/openssl/crypto/err/err_def.c
- copied unchanged from r215994, head/crypto/openssl/crypto/err/err_def.c
stable/7/crypto/openssl/crypto/err/err_str.c
- copied unchanged from r215994, head/crypto/openssl/crypto/err/err_str.c
stable/7/crypto/openssl/crypto/evp/dig_eng.c
- copied unchanged from r215994, head/crypto/openssl/crypto/evp/dig_eng.c
stable/7/crypto/openssl/crypto/evp/e_seed.c
- copied unchanged from r215994, head/crypto/openssl/crypto/evp/e_seed.c
stable/7/crypto/openssl/crypto/evp/enc_min.c
- copied unchanged from r215994, head/crypto/openssl/crypto/evp/enc_min.c
stable/7/crypto/openssl/crypto/evp/evp_cnf.c
- copied unchanged from r215994, head/crypto/openssl/crypto/evp/evp_cnf.c
stable/7/crypto/openssl/crypto/fips_err.c
- copied unchanged from r215994, head/crypto/openssl/crypto/fips_err.c
stable/7/crypto/openssl/crypto/fips_err.h
- copied unchanged from r215994, head/crypto/openssl/crypto/fips_err.h
stable/7/crypto/openssl/crypto/jpake/
- copied from r215994, head/crypto/openssl/crypto/jpake/
stable/7/crypto/openssl/crypto/o_init.c
- copied unchanged from r215994, head/crypto/openssl/crypto/o_init.c
stable/7/crypto/openssl/crypto/rand/rand_eng.c
- copied unchanged from r215994, head/crypto/openssl/crypto/rand/rand_eng.c
stable/7/crypto/openssl/crypto/rc4/rc4_fblk.c
- copied unchanged from r215994, head/crypto/openssl/crypto/rc4/rc4_fblk.c
stable/7/crypto/openssl/crypto/rsa/rsa_eng.c
- copied unchanged from r215994, head/crypto/openssl/crypto/rsa/rsa_eng.c
stable/7/crypto/openssl/crypto/rsa/rsa_x931g.c
- copied unchanged from r215994, head/crypto/openssl/crypto/rsa/rsa_x931g.c
stable/7/crypto/openssl/crypto/seed/
- copied from r215994, head/crypto/openssl/crypto/seed/
stable/7/crypto/openssl/crypto/sha/asm/sha1-x86_64.pl
- copied unchanged from r215994, head/crypto/openssl/crypto/sha/asm/sha1-x86_64.pl
stable/7/crypto/openssl/crypto/sha/asm/sha512-x86_64.pl
- copied unchanged from r215994, head/crypto/openssl/crypto/sha/asm/sha512-x86_64.pl
stable/7/crypto/openssl/demos/jpake/
- copied from r215994, head/crypto/openssl/demos/jpake/
stable/7/crypto/openssl/engines/alpha.opt
- copied unchanged from r215994, head/crypto/openssl/engines/alpha.opt
stable/7/crypto/openssl/engines/e_capi.c
- copied unchanged from r215994, head/crypto/openssl/engines/e_capi.c
stable/7/crypto/openssl/engines/e_capi.ec
- copied unchanged from r215994, head/crypto/openssl/engines/e_capi.ec
stable/7/crypto/openssl/engines/e_capi_err.c
- copied unchanged from r215994, head/crypto/openssl/engines/e_capi_err.c
stable/7/crypto/openssl/engines/e_capi_err.h
- copied unchanged from r215994, head/crypto/openssl/engines/e_capi_err.h
stable/7/crypto/openssl/engines/ia64.opt
- copied unchanged from r215994, head/crypto/openssl/engines/ia64.opt
stable/7/crypto/openssl/fips/
- copied from r215994, head/crypto/openssl/fips/
stable/7/crypto/openssl/ssl/t1_reneg.c
- copied unchanged from r215994, head/crypto/openssl/ssl/t1_reneg.c
stable/7/crypto/openssl/test/SHAmix.r
- copied unchanged from r215994, head/crypto/openssl/test/SHAmix.r
stable/7/crypto/openssl/test/SHAmix.x
- copied unchanged from r215994, head/crypto/openssl/test/SHAmix.x
stable/7/crypto/openssl/test/cms-examples.pl
- copied unchanged from r215994, head/crypto/openssl/test/cms-examples.pl
stable/7/crypto/openssl/test/cms-test.pl
- copied unchanged from r215994, head/crypto/openssl/test/cms-test.pl
stable/7/crypto/openssl/test/smcont.txt
- copied unchanged from r215994, head/crypto/openssl/test/smcont.txt
stable/7/crypto/openssl/test/smime-certs/
- copied from r215994, head/crypto/openssl/test/smime-certs/
stable/7/crypto/openssl/test/testfipsssl
- copied unchanged from r215994, head/crypto/openssl/test/testfipsssl
stable/7/crypto/openssl/util/arx.pl
- copied unchanged from r215994, head/crypto/openssl/util/arx.pl
stable/7/crypto/openssl/util/fipslink.pl
- copied unchanged from r215994, head/crypto/openssl/util/fipslink.pl
stable/7/crypto/openssl/util/mksdef.pl
- copied unchanged from r215994, head/crypto/openssl/util/mksdef.pl
stable/7/secure/lib/libcrypto/opensslconf-mips.h
- copied unchanged from r213737, head/secure/lib/libcrypto/opensslconf-mips.h
Deleted:
stable/7/crypto/openssl/ChangeLog.0_9_7-stable_not-in-head
stable/7/crypto/openssl/ChangeLog.0_9_7-stable_not-in-head_FIPS
stable/7/crypto/openssl/FREEBSD-Xlist
stable/7/crypto/openssl/FREEBSD-upgrade
stable/7/crypto/openssl/certs/RegTP-5R.pem
stable/7/crypto/openssl/certs/RegTP-6R.pem
stable/7/crypto/openssl/certs/aol1.pem
stable/7/crypto/openssl/certs/aol2.pem
stable/7/crypto/openssl/certs/aoltw1.pem
stable/7/crypto/openssl/certs/aoltw2.pem
stable/7/crypto/openssl/certs/argena.pem
stable/7/crypto/openssl/certs/argeng.pem
stable/7/crypto/openssl/certs/demo/nortelCA.pem
stable/7/crypto/openssl/certs/demo/timCA.pem
stable/7/crypto/openssl/certs/demo/tjhCA.pem
stable/7/crypto/openssl/certs/demo/vsigntca.pem
stable/7/crypto/openssl/certs/eng1.pem
stable/7/crypto/openssl/certs/eng2.pem
stable/7/crypto/openssl/certs/eng3.pem
stable/7/crypto/openssl/certs/eng4.pem
stable/7/crypto/openssl/certs/eng5.pem
stable/7/crypto/openssl/certs/expired/ICE-CA.pem
stable/7/crypto/openssl/certs/expired/ICE-root.pem
stable/7/crypto/openssl/certs/expired/ICE-user.pem
stable/7/crypto/openssl/certs/expired/RegTP-4R.pem
stable/7/crypto/openssl/certs/expired/factory.pem
stable/7/crypto/openssl/certs/expired/rsa-cca.pem
stable/7/crypto/openssl/certs/expired/rsa-ssca.pem
stable/7/crypto/openssl/certs/expired/vsign2.pem
stable/7/crypto/openssl/certs/expired/vsign3.pem
stable/7/crypto/openssl/certs/thawteCb.pem
stable/7/crypto/openssl/certs/thawteCp.pem
stable/7/crypto/openssl/certs/vsign1.pem
stable/7/crypto/openssl/certs/vsign3.pem
stable/7/crypto/openssl/certs/vsignss.pem
stable/7/crypto/openssl/certs/wellsfgo.pem
stable/7/crypto/openssl/crypto/md5/asm/md5-sparcv9.S
stable/7/crypto/openssl/engines/axp.opt
Modified:
stable/7/crypto/openssl/CHANGES
stable/7/crypto/openssl/Configure
stable/7/crypto/openssl/FAQ
stable/7/crypto/openssl/INSTALL
stable/7/crypto/openssl/LICENSE
stable/7/crypto/openssl/Makefile
stable/7/crypto/openssl/Makefile.org
stable/7/crypto/openssl/Makefile.shared
stable/7/crypto/openssl/NEWS
stable/7/crypto/openssl/PROBLEMS
stable/7/crypto/openssl/README
stable/7/crypto/openssl/apps/CA.sh
stable/7/crypto/openssl/apps/Makefile
stable/7/crypto/openssl/apps/apps.c
stable/7/crypto/openssl/apps/apps.h
stable/7/crypto/openssl/apps/asn1pars.c
stable/7/crypto/openssl/apps/ca.c
stable/7/crypto/openssl/apps/crl.c
stable/7/crypto/openssl/apps/dgst.c
stable/7/crypto/openssl/apps/dh.c
stable/7/crypto/openssl/apps/dhparam.c
stable/7/crypto/openssl/apps/dsa.c
stable/7/crypto/openssl/apps/dsaparam.c
stable/7/crypto/openssl/apps/ec.c
stable/7/crypto/openssl/apps/ecparam.c
stable/7/crypto/openssl/apps/enc.c
stable/7/crypto/openssl/apps/engine.c
stable/7/crypto/openssl/apps/gendh.c
stable/7/crypto/openssl/apps/gendsa.c
stable/7/crypto/openssl/apps/genrsa.c
stable/7/crypto/openssl/apps/nseq.c
stable/7/crypto/openssl/apps/ocsp.c
stable/7/crypto/openssl/apps/openssl.c
stable/7/crypto/openssl/apps/pkcs12.c
stable/7/crypto/openssl/apps/pkcs7.c
stable/7/crypto/openssl/apps/pkcs8.c
stable/7/crypto/openssl/apps/progs.h
stable/7/crypto/openssl/apps/progs.pl
stable/7/crypto/openssl/apps/rand.c
stable/7/crypto/openssl/apps/req.c
stable/7/crypto/openssl/apps/rsa.c
stable/7/crypto/openssl/apps/rsautl.c
stable/7/crypto/openssl/apps/s_apps.h
stable/7/crypto/openssl/apps/s_cb.c
stable/7/crypto/openssl/apps/s_client.c
stable/7/crypto/openssl/apps/s_server.c
stable/7/crypto/openssl/apps/s_socket.c
stable/7/crypto/openssl/apps/smime.c
stable/7/crypto/openssl/apps/speed.c
stable/7/crypto/openssl/apps/spkac.c
stable/7/crypto/openssl/apps/version.c
stable/7/crypto/openssl/apps/x509.c
stable/7/crypto/openssl/config
stable/7/crypto/openssl/crypto/Makefile
stable/7/crypto/openssl/crypto/aes/Makefile
stable/7/crypto/openssl/crypto/aes/aes.h
stable/7/crypto/openssl/crypto/aes/aes_cbc.c
stable/7/crypto/openssl/crypto/aes/aes_cfb.c
stable/7/crypto/openssl/crypto/aes/aes_core.c
stable/7/crypto/openssl/crypto/aes/aes_ige.c
stable/7/crypto/openssl/crypto/aes/asm/aes-586.pl
stable/7/crypto/openssl/crypto/aes/asm/aes-ia64.S
stable/7/crypto/openssl/crypto/asn1/Makefile
stable/7/crypto/openssl/crypto/asn1/a_bytes.c
stable/7/crypto/openssl/crypto/asn1/a_int.c
stable/7/crypto/openssl/crypto/asn1/a_mbstr.c
stable/7/crypto/openssl/crypto/asn1/a_object.c
stable/7/crypto/openssl/crypto/asn1/a_sign.c
stable/7/crypto/openssl/crypto/asn1/a_strex.c
stable/7/crypto/openssl/crypto/asn1/a_strnid.c
stable/7/crypto/openssl/crypto/asn1/a_type.c
stable/7/crypto/openssl/crypto/asn1/a_verify.c
stable/7/crypto/openssl/crypto/asn1/asn1.h
stable/7/crypto/openssl/crypto/asn1/asn1_err.c
stable/7/crypto/openssl/crypto/asn1/asn1_gen.c
stable/7/crypto/openssl/crypto/asn1/asn1_lib.c
stable/7/crypto/openssl/crypto/asn1/asn1_par.c
stable/7/crypto/openssl/crypto/asn1/asn1t.h
stable/7/crypto/openssl/crypto/asn1/asn_moid.c
stable/7/crypto/openssl/crypto/asn1/asn_pack.c
stable/7/crypto/openssl/crypto/asn1/n_pkey.c
stable/7/crypto/openssl/crypto/asn1/nsseq.c
stable/7/crypto/openssl/crypto/asn1/p5_pbe.c
stable/7/crypto/openssl/crypto/asn1/p5_pbev2.c
stable/7/crypto/openssl/crypto/asn1/p8_pkey.c
stable/7/crypto/openssl/crypto/asn1/t_bitst.c
stable/7/crypto/openssl/crypto/asn1/t_crl.c
stable/7/crypto/openssl/crypto/asn1/t_req.c
stable/7/crypto/openssl/crypto/asn1/t_spki.c
stable/7/crypto/openssl/crypto/asn1/t_x509.c
stable/7/crypto/openssl/crypto/asn1/t_x509a.c
stable/7/crypto/openssl/crypto/asn1/tasn_dec.c
stable/7/crypto/openssl/crypto/asn1/tasn_enc.c
stable/7/crypto/openssl/crypto/asn1/tasn_fre.c
stable/7/crypto/openssl/crypto/asn1/tasn_new.c
stable/7/crypto/openssl/crypto/asn1/tasn_prn.c
stable/7/crypto/openssl/crypto/asn1/tasn_typ.c
stable/7/crypto/openssl/crypto/asn1/tasn_utl.c
stable/7/crypto/openssl/crypto/asn1/x_algor.c
stable/7/crypto/openssl/crypto/asn1/x_bignum.c
stable/7/crypto/openssl/crypto/asn1/x_crl.c
stable/7/crypto/openssl/crypto/asn1/x_exten.c
stable/7/crypto/openssl/crypto/asn1/x_long.c
stable/7/crypto/openssl/crypto/asn1/x_name.c
stable/7/crypto/openssl/crypto/asn1/x_x509.c
stable/7/crypto/openssl/crypto/asn1/x_x509a.c
stable/7/crypto/openssl/crypto/bf/Makefile
stable/7/crypto/openssl/crypto/bf/bf_skey.c
stable/7/crypto/openssl/crypto/bf/blowfish.h
stable/7/crypto/openssl/crypto/bio/Makefile
stable/7/crypto/openssl/crypto/bio/b_print.c
stable/7/crypto/openssl/crypto/bio/b_sock.c
stable/7/crypto/openssl/crypto/bio/bf_nbio.c
stable/7/crypto/openssl/crypto/bio/bio.h
stable/7/crypto/openssl/crypto/bio/bio_lib.c
stable/7/crypto/openssl/crypto/bio/bss_acpt.c
stable/7/crypto/openssl/crypto/bio/bss_bio.c
stable/7/crypto/openssl/crypto/bio/bss_dgram.c
stable/7/crypto/openssl/crypto/bio/bss_file.c
stable/7/crypto/openssl/crypto/bio/bss_mem.c
stable/7/crypto/openssl/crypto/bio/bss_sock.c
stable/7/crypto/openssl/crypto/bn/Makefile
stable/7/crypto/openssl/crypto/bn/asm/ia64.S
stable/7/crypto/openssl/crypto/bn/asm/ppc.pl
stable/7/crypto/openssl/crypto/bn/asm/x86_64-gcc.c
stable/7/crypto/openssl/crypto/bn/bn.h
stable/7/crypto/openssl/crypto/bn/bn_blind.c
stable/7/crypto/openssl/crypto/bn/bn_div.c
stable/7/crypto/openssl/crypto/bn/bn_err.c
stable/7/crypto/openssl/crypto/bn/bn_exp.c
stable/7/crypto/openssl/crypto/bn/bn_exp2.c
stable/7/crypto/openssl/crypto/bn/bn_gcd.c
stable/7/crypto/openssl/crypto/bn/bn_gf2m.c
stable/7/crypto/openssl/crypto/bn/bn_lcl.h
stable/7/crypto/openssl/crypto/bn/bn_lib.c
stable/7/crypto/openssl/crypto/bn/bn_mont.c
stable/7/crypto/openssl/crypto/bn/bn_mul.c
stable/7/crypto/openssl/crypto/bn/bn_nist.c
stable/7/crypto/openssl/crypto/bn/bn_prime.c
stable/7/crypto/openssl/crypto/bn/bn_prime.h
stable/7/crypto/openssl/crypto/bn/bn_prime.pl
stable/7/crypto/openssl/crypto/bn/bn_rand.c
stable/7/crypto/openssl/crypto/bn/bn_shift.c
stable/7/crypto/openssl/crypto/bn/bntest.c
stable/7/crypto/openssl/crypto/buffer/Makefile
stable/7/crypto/openssl/crypto/buffer/buffer.c
stable/7/crypto/openssl/crypto/camellia/Makefile
stable/7/crypto/openssl/crypto/camellia/camellia.h
stable/7/crypto/openssl/crypto/camellia/cmll_misc.c
stable/7/crypto/openssl/crypto/cast/Makefile
stable/7/crypto/openssl/crypto/cast/c_cfb64.c
stable/7/crypto/openssl/crypto/cast/c_ecb.c
stable/7/crypto/openssl/crypto/cast/c_enc.c
stable/7/crypto/openssl/crypto/cast/c_ofb64.c
stable/7/crypto/openssl/crypto/cast/c_skey.c
stable/7/crypto/openssl/crypto/cast/cast.h
stable/7/crypto/openssl/crypto/comp/Makefile
stable/7/crypto/openssl/crypto/comp/c_zlib.c
stable/7/crypto/openssl/crypto/comp/comp.h
stable/7/crypto/openssl/crypto/comp/comp_err.c
stable/7/crypto/openssl/crypto/conf/Makefile
stable/7/crypto/openssl/crypto/conf/conf.h
stable/7/crypto/openssl/crypto/conf/conf_api.c
stable/7/crypto/openssl/crypto/conf/conf_def.c
stable/7/crypto/openssl/crypto/conf/conf_mall.c
stable/7/crypto/openssl/crypto/conf/conf_mod.c
stable/7/crypto/openssl/crypto/conf/conf_sap.c
stable/7/crypto/openssl/crypto/cryptlib.c
stable/7/crypto/openssl/crypto/cryptlib.h
stable/7/crypto/openssl/crypto/crypto.h
stable/7/crypto/openssl/crypto/des/Makefile
stable/7/crypto/openssl/crypto/des/asm/des_enc.m4
stable/7/crypto/openssl/crypto/des/des.h
stable/7/crypto/openssl/crypto/des/des_enc.c
stable/7/crypto/openssl/crypto/des/des_old.c
stable/7/crypto/openssl/crypto/des/des_old.h
stable/7/crypto/openssl/crypto/des/ecb_enc.c
stable/7/crypto/openssl/crypto/des/enc_read.c
stable/7/crypto/openssl/crypto/des/enc_writ.c
stable/7/crypto/openssl/crypto/des/rpc_des.h
stable/7/crypto/openssl/crypto/des/set_key.c
stable/7/crypto/openssl/crypto/des/times/usparc.cc
stable/7/crypto/openssl/crypto/des/xcbc_enc.c
stable/7/crypto/openssl/crypto/dh/Makefile
stable/7/crypto/openssl/crypto/dh/dh.h
stable/7/crypto/openssl/crypto/dh/dh_asn1.c
stable/7/crypto/openssl/crypto/dh/dh_check.c
stable/7/crypto/openssl/crypto/dh/dh_err.c
stable/7/crypto/openssl/crypto/dh/dh_gen.c
stable/7/crypto/openssl/crypto/dh/dh_key.c
stable/7/crypto/openssl/crypto/dsa/Makefile
stable/7/crypto/openssl/crypto/dsa/dsa.h
stable/7/crypto/openssl/crypto/dsa/dsa_asn1.c
stable/7/crypto/openssl/crypto/dsa/dsa_err.c
stable/7/crypto/openssl/crypto/dsa/dsa_gen.c
stable/7/crypto/openssl/crypto/dsa/dsa_key.c
stable/7/crypto/openssl/crypto/dsa/dsa_lib.c
stable/7/crypto/openssl/crypto/dsa/dsa_ossl.c
stable/7/crypto/openssl/crypto/dsa/dsa_sign.c
stable/7/crypto/openssl/crypto/dsa/dsa_vrf.c
stable/7/crypto/openssl/crypto/dso/Makefile
stable/7/crypto/openssl/crypto/dso/dso_dlfcn.c
stable/7/crypto/openssl/crypto/ec/Makefile
stable/7/crypto/openssl/crypto/ec/ec.h
stable/7/crypto/openssl/crypto/ec/ec2_mult.c
stable/7/crypto/openssl/crypto/ec/ec2_smpl.c
stable/7/crypto/openssl/crypto/ec/ec_err.c
stable/7/crypto/openssl/crypto/ec/ec_key.c
stable/7/crypto/openssl/crypto/ec/ec_mult.c
stable/7/crypto/openssl/crypto/ec/ectest.c
stable/7/crypto/openssl/crypto/ecdh/Makefile
stable/7/crypto/openssl/crypto/ecdh/ecdhtest.c
stable/7/crypto/openssl/crypto/ecdh/ech_lib.c
stable/7/crypto/openssl/crypto/ecdsa/Makefile
stable/7/crypto/openssl/crypto/ecdsa/ecdsatest.c
stable/7/crypto/openssl/crypto/ecdsa/ecs_lib.c
stable/7/crypto/openssl/crypto/ecdsa/ecs_ossl.c
stable/7/crypto/openssl/crypto/ecdsa/ecs_sign.c
stable/7/crypto/openssl/crypto/engine/Makefile
stable/7/crypto/openssl/crypto/engine/eng_all.c
stable/7/crypto/openssl/crypto/engine/eng_cnf.c
stable/7/crypto/openssl/crypto/engine/eng_cryptodev.c
stable/7/crypto/openssl/crypto/engine/eng_ctrl.c
stable/7/crypto/openssl/crypto/engine/eng_err.c
stable/7/crypto/openssl/crypto/engine/eng_int.h
stable/7/crypto/openssl/crypto/engine/eng_list.c
stable/7/crypto/openssl/crypto/engine/eng_padlock.c
stable/7/crypto/openssl/crypto/engine/eng_pkey.c
stable/7/crypto/openssl/crypto/engine/eng_table.c
stable/7/crypto/openssl/crypto/engine/engine.h
stable/7/crypto/openssl/crypto/engine/enginetest.c
stable/7/crypto/openssl/crypto/err/Makefile
stable/7/crypto/openssl/crypto/err/err.c
stable/7/crypto/openssl/crypto/err/err.h
stable/7/crypto/openssl/crypto/err/err_all.c
stable/7/crypto/openssl/crypto/err/err_prn.c
stable/7/crypto/openssl/crypto/err/openssl.ec
stable/7/crypto/openssl/crypto/evp/Makefile
stable/7/crypto/openssl/crypto/evp/bio_b64.c
stable/7/crypto/openssl/crypto/evp/bio_md.c
stable/7/crypto/openssl/crypto/evp/c_allc.c
stable/7/crypto/openssl/crypto/evp/c_alld.c
stable/7/crypto/openssl/crypto/evp/digest.c
stable/7/crypto/openssl/crypto/evp/e_aes.c
stable/7/crypto/openssl/crypto/evp/e_camellia.c
stable/7/crypto/openssl/crypto/evp/e_des.c
stable/7/crypto/openssl/crypto/evp/e_des3.c
stable/7/crypto/openssl/crypto/evp/e_null.c
stable/7/crypto/openssl/crypto/evp/e_rc4.c
stable/7/crypto/openssl/crypto/evp/encode.c
stable/7/crypto/openssl/crypto/evp/evp.h
stable/7/crypto/openssl/crypto/evp/evp_acnf.c
stable/7/crypto/openssl/crypto/evp/evp_enc.c
stable/7/crypto/openssl/crypto/evp/evp_err.c
stable/7/crypto/openssl/crypto/evp/evp_lib.c
stable/7/crypto/openssl/crypto/evp/evp_locl.h
stable/7/crypto/openssl/crypto/evp/evp_pbe.c
stable/7/crypto/openssl/crypto/evp/evp_pkey.c
stable/7/crypto/openssl/crypto/evp/evp_test.c
stable/7/crypto/openssl/crypto/evp/evptests.txt
stable/7/crypto/openssl/crypto/evp/m_dss.c
stable/7/crypto/openssl/crypto/evp/m_dss1.c
stable/7/crypto/openssl/crypto/evp/m_md2.c
stable/7/crypto/openssl/crypto/evp/m_md4.c
stable/7/crypto/openssl/crypto/evp/m_md5.c
stable/7/crypto/openssl/crypto/evp/m_mdc2.c
stable/7/crypto/openssl/crypto/evp/m_sha.c
stable/7/crypto/openssl/crypto/evp/m_sha1.c
stable/7/crypto/openssl/crypto/evp/names.c
stable/7/crypto/openssl/crypto/evp/p5_crpt.c
stable/7/crypto/openssl/crypto/evp/p5_crpt2.c
stable/7/crypto/openssl/crypto/evp/p_sign.c
stable/7/crypto/openssl/crypto/evp/p_verify.c
stable/7/crypto/openssl/crypto/ex_data.c
stable/7/crypto/openssl/crypto/hmac/Makefile
stable/7/crypto/openssl/crypto/hmac/hmac.c
stable/7/crypto/openssl/crypto/hmac/hmac.h
stable/7/crypto/openssl/crypto/idea/Makefile
stable/7/crypto/openssl/crypto/idea/i_skey.c
stable/7/crypto/openssl/crypto/idea/idea.h
stable/7/crypto/openssl/crypto/krb5/Makefile
stable/7/crypto/openssl/crypto/lhash/Makefile
stable/7/crypto/openssl/crypto/lhash/lhash.c
stable/7/crypto/openssl/crypto/md2/Makefile
stable/7/crypto/openssl/crypto/md2/md2.h
stable/7/crypto/openssl/crypto/md2/md2_dgst.c
stable/7/crypto/openssl/crypto/md32_common.h
stable/7/crypto/openssl/crypto/md4/Makefile
stable/7/crypto/openssl/crypto/md4/md4.h
stable/7/crypto/openssl/crypto/md4/md4_dgst.c
stable/7/crypto/openssl/crypto/md4/md4_locl.h
stable/7/crypto/openssl/crypto/md4/md4test.c
stable/7/crypto/openssl/crypto/md5/Makefile
stable/7/crypto/openssl/crypto/md5/asm/md5-586.pl
stable/7/crypto/openssl/crypto/md5/asm/md5-x86_64.pl
stable/7/crypto/openssl/crypto/md5/md5.h
stable/7/crypto/openssl/crypto/md5/md5_dgst.c
stable/7/crypto/openssl/crypto/md5/md5_locl.h
stable/7/crypto/openssl/crypto/md5/md5test.c
stable/7/crypto/openssl/crypto/mdc2/Makefile
stable/7/crypto/openssl/crypto/mdc2/mdc2.h
stable/7/crypto/openssl/crypto/mdc2/mdc2dgst.c
stable/7/crypto/openssl/crypto/mem.c
stable/7/crypto/openssl/crypto/mem_clr.c
stable/7/crypto/openssl/crypto/mem_dbg.c
stable/7/crypto/openssl/crypto/o_str.c
stable/7/crypto/openssl/crypto/objects/Makefile
stable/7/crypto/openssl/crypto/objects/obj_dat.c
stable/7/crypto/openssl/crypto/objects/obj_dat.h
stable/7/crypto/openssl/crypto/objects/obj_dat.pl
stable/7/crypto/openssl/crypto/objects/obj_mac.h
stable/7/crypto/openssl/crypto/objects/obj_mac.num
stable/7/crypto/openssl/crypto/objects/objects.txt
stable/7/crypto/openssl/crypto/ocsp/Makefile
stable/7/crypto/openssl/crypto/ocsp/ocsp.h
stable/7/crypto/openssl/crypto/ocsp/ocsp_asn.c
stable/7/crypto/openssl/crypto/ocsp/ocsp_err.c
stable/7/crypto/openssl/crypto/ocsp/ocsp_ht.c
stable/7/crypto/openssl/crypto/ocsp/ocsp_prn.c
stable/7/crypto/openssl/crypto/ocsp/ocsp_srv.c
stable/7/crypto/openssl/crypto/ocsp/ocsp_vfy.c
stable/7/crypto/openssl/crypto/opensslconf.h
stable/7/crypto/openssl/crypto/opensslconf.h.in
stable/7/crypto/openssl/crypto/opensslv.h
stable/7/crypto/openssl/crypto/ossl_typ.h
stable/7/crypto/openssl/crypto/pem/Makefile
stable/7/crypto/openssl/crypto/pem/pem.h
stable/7/crypto/openssl/crypto/pem/pem_all.c
stable/7/crypto/openssl/crypto/pem/pem_info.c
stable/7/crypto/openssl/crypto/pem/pem_lib.c
stable/7/crypto/openssl/crypto/pem/pem_seal.c
stable/7/crypto/openssl/crypto/pem/pem_x509.c
stable/7/crypto/openssl/crypto/pem/pem_xaux.c
stable/7/crypto/openssl/crypto/perlasm/x86_64-xlate.pl
stable/7/crypto/openssl/crypto/perlasm/x86ms.pl
stable/7/crypto/openssl/crypto/perlasm/x86nasm.pl
stable/7/crypto/openssl/crypto/perlasm/x86unix.pl
stable/7/crypto/openssl/crypto/pkcs12/Makefile
stable/7/crypto/openssl/crypto/pkcs12/p12_add.c
stable/7/crypto/openssl/crypto/pkcs12/p12_asn.c
stable/7/crypto/openssl/crypto/pkcs12/p12_attr.c
stable/7/crypto/openssl/crypto/pkcs12/p12_crpt.c
stable/7/crypto/openssl/crypto/pkcs12/p12_crt.c
stable/7/crypto/openssl/crypto/pkcs12/p12_decr.c
stable/7/crypto/openssl/crypto/pkcs12/p12_init.c
stable/7/crypto/openssl/crypto/pkcs12/p12_key.c
stable/7/crypto/openssl/crypto/pkcs12/p12_kiss.c
stable/7/crypto/openssl/crypto/pkcs12/p12_mutl.c
stable/7/crypto/openssl/crypto/pkcs12/p12_npas.c
stable/7/crypto/openssl/crypto/pkcs12/p12_p8d.c
stable/7/crypto/openssl/crypto/pkcs12/p12_p8e.c
stable/7/crypto/openssl/crypto/pkcs12/p12_utl.c
stable/7/crypto/openssl/crypto/pkcs12/pkcs12.h
stable/7/crypto/openssl/crypto/pkcs7/Makefile
stable/7/crypto/openssl/crypto/pkcs7/pk7_asn1.c
stable/7/crypto/openssl/crypto/pkcs7/pk7_attr.c
stable/7/crypto/openssl/crypto/pkcs7/pk7_doit.c
stable/7/crypto/openssl/crypto/pkcs7/pk7_lib.c
stable/7/crypto/openssl/crypto/pkcs7/pk7_mime.c
stable/7/crypto/openssl/crypto/pkcs7/pk7_smime.c
stable/7/crypto/openssl/crypto/pqueue/Makefile
stable/7/crypto/openssl/crypto/pqueue/pq_compat.h
stable/7/crypto/openssl/crypto/pqueue/pqueue.c
stable/7/crypto/openssl/crypto/pqueue/pqueue.h
stable/7/crypto/openssl/crypto/rand/Makefile
stable/7/crypto/openssl/crypto/rand/md_rand.c
stable/7/crypto/openssl/crypto/rand/rand.h
stable/7/crypto/openssl/crypto/rand/rand_err.c
stable/7/crypto/openssl/crypto/rand/rand_lcl.h
stable/7/crypto/openssl/crypto/rand/rand_lib.c
stable/7/crypto/openssl/crypto/rand/rand_nw.c
stable/7/crypto/openssl/crypto/rand/rand_unix.c
stable/7/crypto/openssl/crypto/rand/rand_win.c
stable/7/crypto/openssl/crypto/rand/randfile.c
stable/7/crypto/openssl/crypto/rc2/Makefile
stable/7/crypto/openssl/crypto/rc2/rc2.h
stable/7/crypto/openssl/crypto/rc2/rc2_skey.c
stable/7/crypto/openssl/crypto/rc4/Makefile
stable/7/crypto/openssl/crypto/rc4/asm/rc4-586.pl
stable/7/crypto/openssl/crypto/rc4/asm/rc4-ia64.S
stable/7/crypto/openssl/crypto/rc4/asm/rc4-x86_64.pl
stable/7/crypto/openssl/crypto/rc4/rc4.h
stable/7/crypto/openssl/crypto/rc4/rc4_skey.c
stable/7/crypto/openssl/crypto/rc5/Makefile
stable/7/crypto/openssl/crypto/rc5/rc5.h
stable/7/crypto/openssl/crypto/rc5/rc5_locl.h
stable/7/crypto/openssl/crypto/rc5/rc5_skey.c
stable/7/crypto/openssl/crypto/ripemd/Makefile
stable/7/crypto/openssl/crypto/ripemd/README
stable/7/crypto/openssl/crypto/ripemd/asm/rmd-586.pl
stable/7/crypto/openssl/crypto/ripemd/ripemd.h
stable/7/crypto/openssl/crypto/ripemd/rmd_dgst.c
stable/7/crypto/openssl/crypto/ripemd/rmd_locl.h
stable/7/crypto/openssl/crypto/ripemd/rmdtest.c
stable/7/crypto/openssl/crypto/rsa/Makefile
stable/7/crypto/openssl/crypto/rsa/rsa.h
stable/7/crypto/openssl/crypto/rsa/rsa_asn1.c
stable/7/crypto/openssl/crypto/rsa/rsa_eay.c
stable/7/crypto/openssl/crypto/rsa/rsa_err.c
stable/7/crypto/openssl/crypto/rsa/rsa_gen.c
stable/7/crypto/openssl/crypto/rsa/rsa_lib.c
stable/7/crypto/openssl/crypto/rsa/rsa_null.c
stable/7/crypto/openssl/crypto/rsa/rsa_oaep.c
stable/7/crypto/openssl/crypto/rsa/rsa_pss.c
stable/7/crypto/openssl/crypto/rsa/rsa_sign.c
stable/7/crypto/openssl/crypto/rsa/rsa_ssl.c
stable/7/crypto/openssl/crypto/rsa/rsa_test.c
stable/7/crypto/openssl/crypto/rsa/rsa_x931.c
stable/7/crypto/openssl/crypto/sha/Makefile
stable/7/crypto/openssl/crypto/sha/asm/sha1-586.pl
stable/7/crypto/openssl/crypto/sha/asm/sha1-ia64.pl
stable/7/crypto/openssl/crypto/sha/asm/sha512-ia64.pl
stable/7/crypto/openssl/crypto/sha/sha.h
stable/7/crypto/openssl/crypto/sha/sha1_one.c
stable/7/crypto/openssl/crypto/sha/sha1dgst.c
stable/7/crypto/openssl/crypto/sha/sha1test.c
stable/7/crypto/openssl/crypto/sha/sha256.c
stable/7/crypto/openssl/crypto/sha/sha512.c
stable/7/crypto/openssl/crypto/sha/sha_dgst.c
stable/7/crypto/openssl/crypto/sha/sha_locl.h
stable/7/crypto/openssl/crypto/sha/shatest.c
stable/7/crypto/openssl/crypto/stack/Makefile
stable/7/crypto/openssl/crypto/stack/safestack.h
stable/7/crypto/openssl/crypto/store/Makefile
stable/7/crypto/openssl/crypto/store/str_lib.c
stable/7/crypto/openssl/crypto/symhacks.h
stable/7/crypto/openssl/crypto/txt_db/Makefile
stable/7/crypto/openssl/crypto/ui/Makefile
stable/7/crypto/openssl/crypto/ui/ui_lib.c
stable/7/crypto/openssl/crypto/ui/ui_openssl.c
stable/7/crypto/openssl/crypto/x509/Makefile
stable/7/crypto/openssl/crypto/x509/by_dir.c
stable/7/crypto/openssl/crypto/x509/x509.h
stable/7/crypto/openssl/crypto/x509/x509_att.c
stable/7/crypto/openssl/crypto/x509/x509_cmp.c
stable/7/crypto/openssl/crypto/x509/x509_lu.c
stable/7/crypto/openssl/crypto/x509/x509_trs.c
stable/7/crypto/openssl/crypto/x509/x509_txt.c
stable/7/crypto/openssl/crypto/x509/x509_vfy.c
stable/7/crypto/openssl/crypto/x509/x509_vfy.h
stable/7/crypto/openssl/crypto/x509/x509_vpm.c
stable/7/crypto/openssl/crypto/x509/x509cset.c
stable/7/crypto/openssl/crypto/x509/x509spki.c
stable/7/crypto/openssl/crypto/x509/x_all.c
stable/7/crypto/openssl/crypto/x509v3/Makefile
stable/7/crypto/openssl/crypto/x509v3/ext_dat.h
stable/7/crypto/openssl/crypto/x509v3/pcy_cache.c
stable/7/crypto/openssl/crypto/x509v3/pcy_data.c
stable/7/crypto/openssl/crypto/x509v3/pcy_int.h
stable/7/crypto/openssl/crypto/x509v3/pcy_lib.c
stable/7/crypto/openssl/crypto/x509v3/pcy_map.c
stable/7/crypto/openssl/crypto/x509v3/pcy_node.c
stable/7/crypto/openssl/crypto/x509v3/pcy_tree.c
stable/7/crypto/openssl/crypto/x509v3/tabtest.c
stable/7/crypto/openssl/crypto/x509v3/v3_addr.c
stable/7/crypto/openssl/crypto/x509v3/v3_akey.c
stable/7/crypto/openssl/crypto/x509v3/v3_akeya.c
stable/7/crypto/openssl/crypto/x509v3/v3_alt.c
stable/7/crypto/openssl/crypto/x509v3/v3_asid.c
stable/7/crypto/openssl/crypto/x509v3/v3_bcons.c
stable/7/crypto/openssl/crypto/x509v3/v3_bitst.c
stable/7/crypto/openssl/crypto/x509v3/v3_conf.c
stable/7/crypto/openssl/crypto/x509v3/v3_cpols.c
stable/7/crypto/openssl/crypto/x509v3/v3_crld.c
stable/7/crypto/openssl/crypto/x509v3/v3_enum.c
stable/7/crypto/openssl/crypto/x509v3/v3_extku.c
stable/7/crypto/openssl/crypto/x509v3/v3_genn.c
stable/7/crypto/openssl/crypto/x509v3/v3_ia5.c
stable/7/crypto/openssl/crypto/x509v3/v3_info.c
stable/7/crypto/openssl/crypto/x509v3/v3_int.c
stable/7/crypto/openssl/crypto/x509v3/v3_lib.c
stable/7/crypto/openssl/crypto/x509v3/v3_ncons.c
stable/7/crypto/openssl/crypto/x509v3/v3_ocsp.c
stable/7/crypto/openssl/crypto/x509v3/v3_pci.c
stable/7/crypto/openssl/crypto/x509v3/v3_pcons.c
stable/7/crypto/openssl/crypto/x509v3/v3_pku.c
stable/7/crypto/openssl/crypto/x509v3/v3_pmaps.c
stable/7/crypto/openssl/crypto/x509v3/v3_prn.c
stable/7/crypto/openssl/crypto/x509v3/v3_purp.c
stable/7/crypto/openssl/crypto/x509v3/v3_skey.c
stable/7/crypto/openssl/crypto/x509v3/v3_sxnet.c
stable/7/crypto/openssl/crypto/x509v3/v3_utl.c
stable/7/crypto/openssl/crypto/x509v3/v3conf.c
stable/7/crypto/openssl/crypto/x509v3/v3prin.c
stable/7/crypto/openssl/crypto/x509v3/x509v3.h
stable/7/crypto/openssl/crypto/x86_64cpuid.pl
stable/7/crypto/openssl/crypto/x86cpuid.pl
stable/7/crypto/openssl/demos/asn1/ocsp.c
stable/7/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs_err.h
stable/7/crypto/openssl/demos/engines/ibmca/hw_ibmca_err.h
stable/7/crypto/openssl/demos/engines/zencod/hw_zencod_err.h
stable/7/crypto/openssl/demos/x509/mkcert.c
stable/7/crypto/openssl/demos/x509/mkreq.c
stable/7/crypto/openssl/doc/apps/ciphers.pod
stable/7/crypto/openssl/doc/apps/dgst.pod
stable/7/crypto/openssl/doc/apps/enc.pod
stable/7/crypto/openssl/doc/apps/ocsp.pod
stable/7/crypto/openssl/doc/apps/openssl.pod
stable/7/crypto/openssl/doc/apps/rand.pod
stable/7/crypto/openssl/doc/apps/rsautl.pod
stable/7/crypto/openssl/doc/apps/s_client.pod
stable/7/crypto/openssl/doc/apps/s_server.pod
stable/7/crypto/openssl/doc/apps/smime.pod
stable/7/crypto/openssl/doc/apps/verify.pod
stable/7/crypto/openssl/doc/apps/x509.pod
stable/7/crypto/openssl/doc/c-indentation.el
stable/7/crypto/openssl/doc/crypto/ASN1_OBJECT_new.pod
stable/7/crypto/openssl/doc/crypto/ASN1_STRING_length.pod
stable/7/crypto/openssl/doc/crypto/ASN1_STRING_new.pod
stable/7/crypto/openssl/doc/crypto/ASN1_generate_nconf.pod
stable/7/crypto/openssl/doc/crypto/BIO_f_buffer.pod
stable/7/crypto/openssl/doc/crypto/BIO_should_retry.pod
stable/7/crypto/openssl/doc/crypto/CRYPTO_set_ex_data.pod
stable/7/crypto/openssl/doc/crypto/DH_set_method.pod
stable/7/crypto/openssl/doc/crypto/DSA_set_method.pod
stable/7/crypto/openssl/doc/crypto/EVP_DigestInit.pod
stable/7/crypto/openssl/doc/crypto/OBJ_nid2obj.pod
stable/7/crypto/openssl/doc/crypto/OPENSSL_ia32cap.pod
stable/7/crypto/openssl/doc/crypto/PKCS12_parse.pod
stable/7/crypto/openssl/doc/crypto/PKCS7_decrypt.pod
stable/7/crypto/openssl/doc/crypto/PKCS7_encrypt.pod
stable/7/crypto/openssl/doc/crypto/PKCS7_sign.pod
stable/7/crypto/openssl/doc/crypto/PKCS7_verify.pod
stable/7/crypto/openssl/doc/crypto/RAND_bytes.pod
stable/7/crypto/openssl/doc/crypto/RAND_egd.pod
stable/7/crypto/openssl/doc/crypto/RAND_set_rand_method.pod
stable/7/crypto/openssl/doc/crypto/RSA_set_method.pod
stable/7/crypto/openssl/doc/crypto/SMIME_read_PKCS7.pod
stable/7/crypto/openssl/doc/crypto/SMIME_write_PKCS7.pod
stable/7/crypto/openssl/doc/crypto/X509_NAME_ENTRY_get_object.pod
stable/7/crypto/openssl/doc/crypto/X509_NAME_add_entry_by_txt.pod
stable/7/crypto/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod
stable/7/crypto/openssl/doc/crypto/X509_NAME_print_ex.pod
stable/7/crypto/openssl/doc/crypto/X509_new.pod
stable/7/crypto/openssl/doc/crypto/bn_internal.pod
stable/7/crypto/openssl/doc/crypto/d2i_X509.pod
stable/7/crypto/openssl/doc/crypto/d2i_X509_CRL.pod
stable/7/crypto/openssl/doc/crypto/d2i_X509_REQ.pod
stable/7/crypto/openssl/doc/crypto/des_modes.pod
stable/7/crypto/openssl/doc/crypto/engine.pod
stable/7/crypto/openssl/doc/crypto/hmac.pod
stable/7/crypto/openssl/doc/crypto/pem.pod
stable/7/crypto/openssl/doc/crypto/ui_compat.pod
stable/7/crypto/openssl/doc/ssl/SSL_CIPHER_get_name.pod
stable/7/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod
stable/7/crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod
stable/7/crypto/openssl/doc/ssl/SSL_SESSION_free.pod
stable/7/crypto/openssl/doc/ssl/SSL_free.pod
stable/7/crypto/openssl/doc/ssl/SSL_library_init.pod
stable/7/crypto/openssl/doc/ssl/SSL_read.pod
stable/7/crypto/openssl/doc/ssleay.txt
stable/7/crypto/openssl/doc/standards.txt
stable/7/crypto/openssl/e_os.h
stable/7/crypto/openssl/engines/Makefile
stable/7/crypto/openssl/engines/e_4758cca_err.h
stable/7/crypto/openssl/engines/e_aep.c
stable/7/crypto/openssl/engines/e_aep_err.h
stable/7/crypto/openssl/engines/e_atalla_err.h
stable/7/crypto/openssl/engines/e_chil.c
stable/7/crypto/openssl/engines/e_chil_err.c
stable/7/crypto/openssl/engines/e_chil_err.h
stable/7/crypto/openssl/engines/e_cswift.c
stable/7/crypto/openssl/engines/e_cswift_err.h
stable/7/crypto/openssl/engines/e_gmp.c
stable/7/crypto/openssl/engines/e_gmp_err.h
stable/7/crypto/openssl/engines/e_nuron_err.h
stable/7/crypto/openssl/engines/e_sureware_err.h
stable/7/crypto/openssl/engines/e_ubsec.c
stable/7/crypto/openssl/engines/e_ubsec_err.h
stable/7/crypto/openssl/openssl.spec
stable/7/crypto/openssl/ssl/Makefile
stable/7/crypto/openssl/ssl/d1_both.c
stable/7/crypto/openssl/ssl/d1_clnt.c
stable/7/crypto/openssl/ssl/d1_enc.c
stable/7/crypto/openssl/ssl/d1_lib.c
stable/7/crypto/openssl/ssl/d1_pkt.c
stable/7/crypto/openssl/ssl/d1_srvr.c
stable/7/crypto/openssl/ssl/dtls1.h
stable/7/crypto/openssl/ssl/kssl.c
stable/7/crypto/openssl/ssl/s23_clnt.c
stable/7/crypto/openssl/ssl/s23_lib.c
stable/7/crypto/openssl/ssl/s23_srvr.c
stable/7/crypto/openssl/ssl/s2_clnt.c
stable/7/crypto/openssl/ssl/s2_srvr.c
stable/7/crypto/openssl/ssl/s3_both.c
stable/7/crypto/openssl/ssl/s3_clnt.c
stable/7/crypto/openssl/ssl/s3_enc.c
stable/7/crypto/openssl/ssl/s3_lib.c
stable/7/crypto/openssl/ssl/s3_pkt.c
stable/7/crypto/openssl/ssl/s3_srvr.c
stable/7/crypto/openssl/ssl/ssl.h
stable/7/crypto/openssl/ssl/ssl3.h
stable/7/crypto/openssl/ssl/ssl_algs.c
stable/7/crypto/openssl/ssl/ssl_asn1.c
stable/7/crypto/openssl/ssl/ssl_cert.c
stable/7/crypto/openssl/ssl/ssl_ciph.c
stable/7/crypto/openssl/ssl/ssl_err.c
stable/7/crypto/openssl/ssl/ssl_lib.c
stable/7/crypto/openssl/ssl/ssl_locl.h
stable/7/crypto/openssl/ssl/ssl_rsa.c
stable/7/crypto/openssl/ssl/ssl_sess.c
stable/7/crypto/openssl/ssl/ssl_stat.c
stable/7/crypto/openssl/ssl/ssl_txt.c
stable/7/crypto/openssl/ssl/ssltest.c
stable/7/crypto/openssl/ssl/t1_enc.c
stable/7/crypto/openssl/ssl/t1_lib.c
stable/7/crypto/openssl/ssl/tls1.h
stable/7/crypto/openssl/test/CAss.cnf
stable/7/crypto/openssl/test/Makefile
stable/7/crypto/openssl/test/Uss.cnf
stable/7/crypto/openssl/test/evptests.txt
stable/7/crypto/openssl/test/igetest.c
stable/7/crypto/openssl/test/times
stable/7/crypto/openssl/tools/c_rehash
stable/7/crypto/openssl/tools/c_rehash.in
stable/7/crypto/openssl/util/clean-depend.pl
stable/7/crypto/openssl/util/copy.pl
stable/7/crypto/openssl/util/domd
stable/7/crypto/openssl/util/libeay.num
stable/7/crypto/openssl/util/mk1mf.pl
stable/7/crypto/openssl/util/mkdef.pl
stable/7/crypto/openssl/util/mkerr.pl
stable/7/crypto/openssl/util/mkfiles.pl
stable/7/crypto/openssl/util/mklink.pl
stable/7/crypto/openssl/util/opensslwrap.sh
stable/7/crypto/openssl/util/pl/Mingw32.pl
stable/7/crypto/openssl/util/pl/VC-32.pl
stable/7/crypto/openssl/util/pl/netware.pl
stable/7/crypto/openssl/util/pod2man.pl
stable/7/crypto/openssl/util/shlib_wrap.sh
stable/7/crypto/openssl/util/ssleay.num
stable/7/secure/lib/libcrypto/Makefile
stable/7/secure/lib/libcrypto/Makefile.inc
stable/7/secure/lib/libcrypto/Makefile.man
stable/7/secure/lib/libcrypto/man/ASN1_OBJECT_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ASN1_STRING_length.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ASN1_STRING_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ASN1_generate_nconf.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_ctrl.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_f_base64.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_f_buffer.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_f_cipher.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_f_md.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_f_null.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_f_ssl.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_find_type.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_push.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_read.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_s_accept.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_s_bio.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_s_connect.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_s_fd.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_s_file.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_s_mem.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_s_null.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_s_socket.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_set_callback.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BIO_should_retry.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_BLINDING_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_CTX_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_CTX_start.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_add.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_add_word.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_bn2bin.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_cmp.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_copy.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_generate_prime.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_mod_inverse.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_num_bytes.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_rand.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_set_bit.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_swap.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/BN_zero.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/CONF_modules_free.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/CONF_modules_load_file.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DH_generate_key.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DH_generate_parameters.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DH_get_ex_new_index.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DH_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DH_set_method.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DH_size.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DSA_SIG_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DSA_do_sign.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DSA_dup_DH.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DSA_generate_key.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DSA_generate_parameters.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DSA_get_ex_new_index.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DSA_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DSA_set_method.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DSA_sign.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/DSA_size.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ERR_GET_LIB.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ERR_clear_error.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ERR_error_string.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ERR_get_error.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ERR_load_crypto_strings.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ERR_load_strings.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ERR_print_errors.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ERR_put_error.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ERR_remove_state.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ERR_set_mark.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/EVP_BytesToKey.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/EVP_DigestInit.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/EVP_EncryptInit.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/EVP_OpenInit.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/EVP_PKEY_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/EVP_SealInit.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/EVP_SignInit.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/EVP_VerifyInit.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/OBJ_nid2obj.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/OPENSSL_Applink.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/OPENSSL_config.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/OPENSSL_ia32cap.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/PKCS12_create.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/PKCS12_parse.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/PKCS7_decrypt.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/PKCS7_encrypt.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/PKCS7_sign.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/PKCS7_verify.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RAND_add.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RAND_bytes.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RAND_cleanup.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RAND_egd.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RAND_load_file.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RAND_set_rand_method.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_blinding_on.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_check_key.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_generate_key.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_get_ex_new_index.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_print.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_private_encrypt.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_public_encrypt.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_set_method.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_sign.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/RSA_size.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/SMIME_read_PKCS7.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/SMIME_write_PKCS7.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/X509_NAME_print_ex.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/X509_new.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/bio.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/blowfish.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/bn.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/bn_internal.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/buffer.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/crypto.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/d2i_DHparams.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/d2i_DSAPublicKey.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/d2i_RSAPublicKey.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/d2i_X509.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/d2i_X509_ALGOR.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/d2i_X509_CRL.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/d2i_X509_NAME.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/d2i_X509_REQ.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/d2i_X509_SIG.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/des.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/dh.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/dsa.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ecdsa.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/engine.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/err.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/evp.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/hmac.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/lh_stats.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/lhash.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/md5.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/mdc2.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/pem.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/rand.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/rc4.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ripemd.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/rsa.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/sha.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/threads.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ui.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/ui_compat.3 (contents, props changed)
stable/7/secure/lib/libcrypto/man/x509.3 (contents, props changed)
stable/7/secure/lib/libcrypto/opensslconf-amd64.h
stable/7/secure/lib/libcrypto/opensslconf-arm.h
stable/7/secure/lib/libcrypto/opensslconf-i386.h
stable/7/secure/lib/libcrypto/opensslconf-ia64.h
stable/7/secure/lib/libcrypto/opensslconf-powerpc.h
stable/7/secure/lib/libcrypto/opensslconf-sparc64.h
stable/7/secure/lib/libssl/Makefile
stable/7/secure/lib/libssl/Makefile.man
stable/7/secure/lib/libssl/man/SSL_CIPHER_get_name.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_add_session.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_ctrl.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_free.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_new.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_sess_number.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_sessions.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_mode.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_options.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_timeout.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_set_verify.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_CTX_use_certificate.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_SESSION_free.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_SESSION_get_time.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_accept.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_alert_type_string.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_clear.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_connect.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_do_handshake.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_free.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_SSL_CTX.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_ciphers.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_client_CA_list.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_current_cipher.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_default_timeout.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_error.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_ex_new_index.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_fd.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_peer_certificate.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_rbio.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_session.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_verify_result.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_get_version.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_library_init.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_load_client_CA_file.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_new.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_pending.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_read.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_rstate_string.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_session_reused.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_set_bio.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_set_connect_state.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_set_fd.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_set_session.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_set_shutdown.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_set_verify_result.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_shutdown.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_state_string.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_want.3 (contents, props changed)
stable/7/secure/lib/libssl/man/SSL_write.3 (contents, props changed)
stable/7/secure/lib/libssl/man/d2i_SSL_SESSION.3 (contents, props changed)
stable/7/secure/lib/libssl/man/ssl.3 (contents, props changed)
stable/7/secure/usr.bin/openssl/Makefile
stable/7/secure/usr.bin/openssl/man/CA.pl.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/asn1parse.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/ca.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/ciphers.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/crl.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/crl2pkcs7.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/dgst.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/dhparam.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/dsa.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/dsaparam.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/ec.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/ecparam.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/enc.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/errstr.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/gendsa.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/genrsa.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/nseq.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/ocsp.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/openssl.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/passwd.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/pkcs12.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/pkcs7.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/pkcs8.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/rand.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/req.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/rsa.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/rsautl.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/s_client.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/s_server.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/s_time.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/sess_id.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/smime.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/speed.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/spkac.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/verify.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/version.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/x509.1 (contents, props changed)
stable/7/secure/usr.bin/openssl/man/x509v3_config.1 (contents, props changed)
Directory Properties:
stable/7/crypto/openssl/ (props changed)
stable/7/crypto/openssl/crypto/pkcs7/p7/a1 (props changed)
stable/7/crypto/openssl/crypto/pkcs7/p7/a2 (props changed)
stable/7/crypto/openssl/crypto/pkcs7/p7/cert.p7c (props changed)
stable/7/crypto/openssl/crypto/pkcs7/p7/smime.p7m (props changed)
stable/7/crypto/openssl/crypto/pkcs7/p7/smime.p7s (props changed)
stable/7/crypto/openssl/doc/openssl_button.gif (props changed)
stable/7/secure/lib/libcrypto/ (props changed)
stable/7/secure/lib/libcrypto/man/des_modes.3 (props changed)
stable/7/secure/lib/libssl/ (props changed)
stable/7/secure/usr.bin/openssl/ (props changed)
stable/7/secure/usr.bin/openssl/man/config.1 (props changed)
Modified: stable/7/crypto/openssl/CHANGES
==============================================================================
--- stable/7/crypto/openssl/CHANGES Sun Nov 28 13:01:10 2010 (r215996)
+++ stable/7/crypto/openssl/CHANGES Sun Nov 28 13:45:51 2010 (r215997)
@@ -2,13 +2,689 @@
OpenSSL CHANGES
_______________
- Changes between 0.9.8d and 0.9.8e [23 Feb 2007]
+ Changes between 0.9.8o and 0.9.8p [16 Nov 2010]
+
+ *) Fix extension code to avoid race conditions which can result in a buffer
+ overrun vulnerability: resumed sessions must not be modified as they can
+ be shared by multiple threads. CVE-2010-3864
+ [Steve Henson]
+
+ *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
+ [Steve Henson]
+
+ *) Don't reencode certificate when calculating signature: cache and use
+ the original encoding instead. This makes signature verification of
+ some broken encodings work correctly.
+ [Steve Henson]
+
+ *) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT
+ is also one of the inputs.
+ [Emilia Käsper <emilia.kasper at esat.kuleuven.be> (Google)]
+
+ *) Don't repeatedly append PBE algorithms to table if they already exist.
+ Sort table on each new add. This effectively makes the table read only
+ after all algorithms are added and subsequent calls to PKCS12_pbe_add
+ etc are non-op.
+ [Steve Henson]
+
+ Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
+
+ [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after
+ OpenSSL 1.0.0.]
+
+ *) Correct a typo in the CMS ASN1 module which can result in invalid memory
+ access or freeing data twice (CVE-2010-0742)
+ [Steve Henson, Ronald Moesbergen <intercommit at gmail.com>]
+
+ *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
+ common in certificates and some applications which only call
+ SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
+ [Steve Henson]
+
+ *) VMS fixes:
+ Reduce copying into .apps and .test in makevms.com
+ Don't try to use blank CA certificate in CA.com
+ Allow use of C files from original directories in maketests.com
+ [Steven M. Schweda" <sms at antinode.info>]
+
+ Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
+
+ *) When rejecting SSL/TLS records due to an incorrect version number, never
+ update s->server with a new major version number. As of
+ - OpenSSL 0.9.8m if 'short' is a 16-bit type,
+ - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
+ the previous behavior could result in a read attempt at NULL when
+ receiving specific incorrect SSL/TLS records once record payload
+ protection is active. (CVE-2010-0740)
+ [Bodo Moeller, Adam Langley <agl at chromium.org>]
+
+ *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
+ could be crashed if the relevant tables were not present (e.g. chrooted).
+ [Tomas Hoger <thoger at redhat.com>]
+
+ Changes between 0.9.8l and 0.9.8m [25 Feb 2010]
+
+ *) Always check bn_wexpend() return values for failure. (CVE-2009-3245)
+ [Martin Olsson, Neel Mehta]
+
+ *) Fix X509_STORE locking: Every 'objs' access requires a lock (to
+ accommodate for stack sorting, always a write lock!).
+ [Bodo Moeller]
+
+ *) On some versions of WIN32 Heap32Next is very slow. This can cause
+ excessive delays in the RAND_poll(): over a minute. As a workaround
+ include a time check in the inner Heap32Next loop too.
+ [Steve Henson]
+
+ *) The code that handled flushing of data in SSL/TLS originally used the
+ BIO_CTRL_INFO ctrl to see if any data was pending first. This caused
+ the problem outlined in PR#1949. The fix suggested there however can
+ trigger problems with buggy BIO_CTRL_WPENDING (e.g. some versions
+ of Apache). So instead simplify the code to flush unconditionally.
+ This should be fine since flushing with no data to flush is a no op.
+ [Steve Henson]
+
+ *) Handle TLS versions 2.0 and later properly and correctly use the
+ highest version of TLS/SSL supported. Although TLS >= 2.0 is some way
+ off ancient servers have a habit of sticking around for a while...
+ [Steve Henson]
+
+ *) Modify compression code so it frees up structures without using the
+ ex_data callbacks. This works around a problem where some applications
+ call CRYPTO_cleanup_all_ex_data() before application exit (e.g. when
+ restarting) then use compression (e.g. SSL with compression) later.
+ This results in significant per-connection memory leaks and
+ has caused some security issues including CVE-2008-1678 and
+ CVE-2009-4355.
+ [Steve Henson]
+
+ *) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
+ change when encrypting or decrypting.
+ [Bodo Moeller]
+
+ *) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
+ connect and renegotiate with servers which do not support RI.
+ Until RI is more widely deployed this option is enabled by default.
+ [Steve Henson]
+
+ *) Add "missing" ssl ctrls to clear options and mode.
+ [Steve Henson]
+
+ *) If client attempts to renegotiate and doesn't support RI respond with
+ a no_renegotiation alert as required by RFC5746. Some renegotiating
+ TLS clients will continue a connection gracefully when they receive
+ the alert. Unfortunately OpenSSL mishandled this alert and would hang
+ waiting for a server hello which it will never receive. Now we treat a
+ received no_renegotiation alert as a fatal error. This is because
+ applications requesting a renegotiation might well expect it to succeed
+ and would have no code in place to handle the server denying it so the
+ only safe thing to do is to terminate the connection.
+ [Steve Henson]
+
+ *) Add ctrl macro SSL_get_secure_renegotiation_support() which returns 1 if
+ peer supports secure renegotiation and 0 otherwise. Print out peer
+ renegotiation support in s_client/s_server.
+ [Steve Henson]
+
+ *) Replace the highly broken and deprecated SPKAC certification method with
+ the updated NID creation version. This should correctly handle UTF8.
+ [Steve Henson]
+
+ *) Implement RFC5746. Re-enable renegotiation but require the extension
+ as needed. Unfortunately, SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+ turns out to be a bad idea. It has been replaced by
+ SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION which can be set with
+ SSL_CTX_set_options(). This is really not recommended unless you
+ know what you are doing.
+ [Eric Rescorla <ekr at networkresonance.com>, Ben Laurie, Steve Henson]
+
+ *) Fixes to stateless session resumption handling. Use initial_ctx when
+ issuing and attempting to decrypt tickets in case it has changed during
+ servername handling. Use a non-zero length session ID when attempting
+ stateless session resumption: this makes it possible to determine if
+ a resumption has occurred immediately after receiving server hello
+ (several places in OpenSSL subtly assume this) instead of later in
+ the handshake.
+ [Steve Henson]
+
+ *) The functions ENGINE_ctrl(), OPENSSL_isservice(),
+ CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error
+ fixes for a few places where the return code is not checked
+ correctly.
+ [Julia Lawall <julia at diku.dk>]
+
+ *) Add --strict-warnings option to Configure script to include devteam
+ warnings in other configurations.
+ [Steve Henson]
+
+ *) Add support for --libdir option and LIBDIR variable in makefiles. This
+ makes it possible to install openssl libraries in locations which
+ have names other than "lib", for example "/usr/lib64" which some
+ systems need.
+ [Steve Henson, based on patch from Jeremy Utley]
+
+ *) Don't allow the use of leading 0x80 in OIDs. This is a violation of
+ X690 8.9.12 and can produce some misleading textual output of OIDs.
+ [Steve Henson, reported by Dan Kaminsky]
+
+ *) Delete MD2 from algorithm tables. This follows the recommendation in
+ several standards that it is not used in new applications due to
+ several cryptographic weaknesses. For binary compatibility reasons
+ the MD2 API is still compiled in by default.
+ [Steve Henson]
+
+ *) Add compression id to {d2i,i2d}_SSL_SESSION so it is correctly saved
+ and restored.
+ [Steve Henson]
+
+ *) Rename uni2asc and asc2uni functions to OPENSSL_uni2asc and
+ OPENSSL_asc2uni conditionally on Netware platforms to avoid a name
+ clash.
+ [Guenter <lists at gknw.net>]
+
+ *) Fix the server certificate chain building code to use X509_verify_cert(),
+ it used to have an ad-hoc builder which was unable to cope with anything
+ other than a simple chain.
+ [David Woodhouse <dwmw2 at infradead.org>, Steve Henson]
+
+ *) Don't check self signed certificate signatures in X509_verify_cert()
+ by default (a flag can override this): it just wastes time without
+ adding any security. As a useful side effect self signed root CAs
+ with non-FIPS digests are now usable in FIPS mode.
+ [Steve Henson]
+
+ *) In dtls1_process_out_of_seq_message() the check if the current message
+ is already buffered was missing. For every new message was memory
+ allocated, allowing an attacker to perform an denial of service attack
+ with sending out of seq handshake messages until there is no memory
+ left. Additionally every future messege was buffered, even if the
+ sequence number made no sense and would be part of another handshake.
+ So only messages with sequence numbers less than 10 in advance will be
+ buffered. (CVE-2009-1378)
+ [Robin Seggelmann, discovered by Daniel Mentz]
+
+ *) Records are buffered if they arrive with a future epoch to be
+ processed after finishing the corresponding handshake. There is
+ currently no limitation to this buffer allowing an attacker to perform
+ a DOS attack with sending records with future epochs until there is no
+ memory left. This patch adds the pqueue_size() function to detemine
+ the size of a buffer and limits the record buffer to 100 entries.
+ (CVE-2009-1377)
+ [Robin Seggelmann, discovered by Daniel Mentz]
+
+ *) Keep a copy of frag->msg_header.frag_len so it can be used after the
+ parent structure is freed. (CVE-2009-1379)
+ [Daniel Mentz]
+
+ *) Handle non-blocking I/O properly in SSL_shutdown() call.
+ [Darryl Miles <darryl-mailinglists at netbauds.net>]
+
+ *) Add 2.5.4.* OIDs
+ [Ilya O. <vrghost at gmail.com>]
+
+ Changes between 0.9.8k and 0.9.8l [5 Nov 2009]
+
+ *) Disable renegotiation completely - this fixes a severe security
+ problem (CVE-2009-3555) at the cost of breaking all
+ renegotiation. Renegotiation can be re-enabled by setting
+ SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
+ run-time. This is really not recommended unless you know what
+ you're doing.
+ [Ben Laurie]
+
+ Changes between 0.9.8j and 0.9.8k [25 Mar 2009]
+
+ *) Don't set val to NULL when freeing up structures, it is freed up by
+ underlying code. If sizeof(void *) > sizeof(long) this can result in
+ zeroing past the valid field. (CVE-2009-0789)
+ [Paolo Ganci <Paolo.Ganci at AdNovum.CH>]
+
+ *) Fix bug where return value of CMS_SignerInfo_verify_content() was not
+ checked correctly. This would allow some invalid signed attributes to
+ appear to verify correctly. (CVE-2009-0591)
+ [Ivan Nestlerode <inestlerode at us.ibm.com>]
+
+ *) Reject UniversalString and BMPString types with invalid lengths. This
+ prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
+ a legal length. (CVE-2009-0590)
+ [Steve Henson]
+
+ *) Set S/MIME signing as the default purpose rather than setting it
+ unconditionally. This allows applications to override it at the store
+ level.
+ [Steve Henson]
+
+ *) Permit restricted recursion of ASN1 strings. This is needed in practice
+ to handle some structures.
+ [Steve Henson]
+
+ *) Improve efficiency of mem_gets: don't search whole buffer each time
+ for a '\n'
+ [Jeremy Shapiro <jnshapir at us.ibm.com>]
+
+ *) New -hex option for openssl rand.
+ [Matthieu Herrb]
+
+ *) Print out UTF8String and NumericString when parsing ASN1.
+ [Steve Henson]
+
+ *) Support NumericString type for name components.
+ [Steve Henson]
+
+ *) Allow CC in the environment to override the automatically chosen
+ compiler. Note that nothing is done to ensure flags work with the
+ chosen compiler.
+ [Ben Laurie]
+
+ Changes between 0.9.8i and 0.9.8j [07 Jan 2009]
+
+ *) Properly check EVP_VerifyFinal() and similar return values
+ (CVE-2008-5077).
+ [Ben Laurie, Bodo Moeller, Google Security Team]
+
+ *) Enable TLS extensions by default.
+ [Ben Laurie]
+
+ *) Allow the CHIL engine to be loaded, whether the application is
+ multithreaded or not. (This does not release the developer from the
+ obligation to set up the dynamic locking callbacks.)
+ [Sander Temme <sander at temme.net>]
+
+ *) Use correct exit code if there is an error in dgst command.
+ [Steve Henson; problem pointed out by Roland Dirlewanger]
+
+ *) Tweak Configure so that you need to say "experimental-jpake" to enable
+ JPAKE, and need to use -DOPENSSL_EXPERIMENTAL_JPAKE in applications.
+ [Bodo Moeller]
+
+ *) Add experimental JPAKE support, including demo authentication in
+ s_client and s_server.
+ [Ben Laurie]
+
+ *) Set the comparison function in v3_addr_canonize().
+ [Rob Austein <sra at hactrn.net>]
+
+ *) Add support for XMPP STARTTLS in s_client.
+ [Philip Paeps <philip at freebsd.org>]
+
+ *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior
+ to ensure that even with this option, only ciphersuites in the
+ server's preference list will be accepted. (Note that the option
+ applies only when resuming a session, so the earlier behavior was
+ just about the algorithm choice for symmetric cryptography.)
+ [Bodo Moeller]
+
+ Changes between 0.9.8h and 0.9.8i [15 Sep 2008]
+
+ *) Fix NULL pointer dereference if a DTLS server received
+ ChangeCipherSpec as first record (CVE-2009-1386).
+ [PR #1679]
+
+ *) Fix a state transitition in s3_srvr.c and d1_srvr.c
+ (was using SSL3_ST_CW_CLNT_HELLO_B, should be ..._ST_SW_SRVR_...).
+ [Nagendra Modadugu]
+
+ *) The fix in 0.9.8c that supposedly got rid of unsafe
+ double-checked locking was incomplete for RSA blinding,
+ addressing just one layer of what turns out to have been
+ doubly unsafe triple-checked locking.
+
+ So now fix this for real by retiring the MONT_HELPER macro
+ in crypto/rsa/rsa_eay.c.
+
+ [Bodo Moeller; problem pointed out by Marius Schilder]
+
+ *) Various precautionary measures:
+
+ - Avoid size_t integer overflow in HASH_UPDATE (md32_common.h).
+
+ - Avoid a buffer overflow in d2i_SSL_SESSION() (ssl_asn1.c).
+ (NB: This would require knowledge of the secret session ticket key
+ to exploit, in which case you'd be SOL either way.)
+
+ - Change bn_nist.c so that it will properly handle input BIGNUMs
+ outside the expected range.
+
+ - Enforce the 'num' check in BN_div() (bn_div.c) for non-BN_DEBUG
+ builds.
+
+ [Neel Mehta, Bodo Moeller]
+
+ *) Allow engines to be "soft loaded" - i.e. optionally don't die if
+ the load fails. Useful for distros.
+ [Ben Laurie and the FreeBSD team]
+
+ *) Add support for Local Machine Keyset attribute in PKCS#12 files.
+ [Steve Henson]
+
+ *) Fix BN_GF2m_mod_arr() top-bit cleanup code.
+ [Huang Ying]
+
+ *) Expand ENGINE to support engine supplied SSL client certificate functions.
+
+ This work was sponsored by Logica.
+ [Steve Henson]
+
+ *) Add CryptoAPI ENGINE to support use of RSA and DSA keys held in Windows
+ keystores. Support for SSL/TLS client authentication too.
+ Not compiled unless enable-capieng specified to Configure.
+
+ This work was sponsored by Logica.
+ [Steve Henson]
+
+ *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using
+ ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain
+ attribute creation routines such as certifcate requests and PKCS#12
+ files.
+ [Steve Henson]
+
+ Changes between 0.9.8g and 0.9.8h [28 May 2008]
+
+ *) Fix flaw if 'Server Key exchange message' is omitted from a TLS
+ handshake which could lead to a cilent crash as found using the
+ Codenomicon TLS test suite (CVE-2008-1672)
+ [Steve Henson, Mark Cox]
+
+ *) Fix double free in TLS server name extensions which could lead to
+ a remote crash found by Codenomicon TLS test suite (CVE-2008-0891)
+ [Joe Orton]
+
+ *) Clear error queue in SSL_CTX_use_certificate_chain_file()
+
+ Clear the error queue to ensure that error entries left from
+ older function calls do not interfere with the correct operation.
+ [Lutz Jaenicke, Erik de Castro Lopo]
+
+ *) Remove root CA certificates of commercial CAs:
+
+ The OpenSSL project does not recommend any specific CA and does not
+ have any policy with respect to including or excluding any CA.
+ Therefore it does not make any sense to ship an arbitrary selection
+ of root CA certificates with the OpenSSL software.
+ [Lutz Jaenicke]
+
+ *) RSA OAEP patches to fix two separate invalid memory reads.
+ The first one involves inputs when 'lzero' is greater than
+ 'SHA_DIGEST_LENGTH' (it would read about SHA_DIGEST_LENGTH bytes
+ before the beginning of from). The second one involves inputs where
+ the 'db' section contains nothing but zeroes (there is a one-byte
+ invalid read after the end of 'db').
+ [Ivan Nestlerode <inestlerode at us.ibm.com>]
+
+ *) Partial backport from 0.9.9-dev:
+
+ Introduce bn_mul_mont (dedicated Montgomery multiplication
+ procedure) as a candidate for BIGNUM assembler implementation.
+ While 0.9.9-dev uses assembler for various architectures, only
+ x86_64 is available by default here in the 0.9.8 branch, and
+ 32-bit x86 is available through a compile-time setting.
+
+ To try the 32-bit x86 assembler implementation, use Configure
+ option "enable-montasm" (which exists only for this backport).
+
+ As "enable-montasm" for 32-bit x86 disclaims code stability
+ anyway, in this constellation we activate additional code
+ backported from 0.9.9-dev for further performance improvements,
+ namely BN_from_montgomery_word. (To enable this otherwise,
+ e.g. x86_64, try "-DMONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD".)
+
+ [Andy Polyakov (backport partially by Bodo Moeller)]
+
+ *) Add TLS session ticket callback. This allows an application to set
+ TLS ticket cipher and HMAC keys rather than relying on hardcoded fixed
+ values. This is useful for key rollover for example where several key
+ sets may exist with different names.
+ [Steve Henson]
+
+ *) Reverse ENGINE-internal logic for caching default ENGINE handles.
+ This was broken until now in 0.9.8 releases, such that the only way
+ a registered ENGINE could be used (assuming it initialises
+ successfully on the host) was to explicitly set it as the default
+ for the relevant algorithms. This is in contradiction with 0.9.7
+ behaviour and the documentation. With this fix, when an ENGINE is
+ registered into a given algorithm's table of implementations, the
+ 'uptodate' flag is reset so that auto-discovery will be used next
+ time a new context for that algorithm attempts to select an
+ implementation.
+ [Ian Lister (tweaked by Geoff Thorpe)]
+
+ *) Backport of CMS code to OpenSSL 0.9.8. This differs from the 0.9.9
+ implemention in the following ways:
+
+ Lack of EVP_PKEY_ASN1_METHOD means algorithm parameters have to be
+ hard coded.
+
+ Lack of BER streaming support means one pass streaming processing is
+ only supported if data is detached: setting the streaming flag is
+ ignored for embedded content.
+
+ CMS support is disabled by default and must be explicitly enabled
+ with the enable-cms configuration option.
+ [Steve Henson]
+
+ *) Update the GMP engine glue to do direct copies between BIGNUM and
+ mpz_t when openssl and GMP use the same limb size. Otherwise the
+ existing "conversion via a text string export" trick is still used.
+ [Paul Sheer <paulsheer at gmail.com>]
+
+ *) Zlib compression BIO. This is a filter BIO which compressed and
+ uncompresses any data passed through it.
+ [Steve Henson]
+
+ *) Add AES_wrap_key() and AES_unwrap_key() functions to implement
+ RFC3394 compatible AES key wrapping.
+ [Steve Henson]
+
+ *) Add utility functions to handle ASN1 structures. ASN1_STRING_set0():
+ sets string data without copying. X509_ALGOR_set0() and
+ X509_ALGOR_get0(): set and retrieve X509_ALGOR (AlgorithmIdentifier)
+ data. Attribute function X509at_get0_data_by_OBJ(): retrieves data
+ from an X509_ATTRIBUTE structure optionally checking it occurs only
+ once. ASN1_TYPE_set1(): set and ASN1_TYPE structure copying supplied
+ data.
+ [Steve Henson]
+
+ *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set()
+ to get the expected BN_FLG_CONSTTIME behavior.
+ [Bodo Moeller (Google)]
+
+ *) Netware support:
+
+ - fixed wrong usage of ioctlsocket() when build for LIBC BSD sockets
+ - fixed do_tests.pl to run the test suite with CLIB builds too (CLIB_OPT)
+ - added some more tests to do_tests.pl
+ - fixed RunningProcess usage so that it works with newer LIBC NDKs too
+ - removed usage of BN_LLONG for CLIB builds to avoid runtime dependency
+ - added new Configure targets netware-clib-bsdsock, netware-clib-gcc,
+ netware-clib-bsdsock-gcc, netware-libc-bsdsock-gcc
+ - various changes to netware.pl to enable gcc-cross builds on Win32
+ platform
+ - changed crypto/bio/b_sock.c to work with macro functions (CLIB BSD)
+ - various changes to fix missing prototype warnings
+ - fixed x86nasm.pl to create correct asm files for NASM COFF output
+ - added AES, WHIRLPOOL and CPUID assembler code to build files
+ - added missing AES assembler make rules to mk1mf.pl
+ - fixed order of includes in apps/ocsp.c so that e_os.h settings apply
+ [Guenter Knauf <eflash at gmx.net>]
+
+ *) Implement certificate status request TLS extension defined in RFC3546.
+ A client can set the appropriate parameters and receive the encoded
+ OCSP response via a callback. A server can query the supplied parameters
+ and set the encoded OCSP response in the callback. Add simplified examples
+ to s_client and s_server.
+ [Steve Henson]
+
+ Changes between 0.9.8f and 0.9.8g [19 Oct 2007]
+
+ *) Fix various bugs:
+ + Binary incompatibility of ssl_ctx_st structure
+ + DTLS interoperation with non-compliant servers
+ + Don't call get_session_cb() without proposed session
+ + Fix ia64 assembler code
+ [Andy Polyakov, Steve Henson]
+
+ Changes between 0.9.8e and 0.9.8f [11 Oct 2007]
+
+ *) DTLS Handshake overhaul. There were longstanding issues with
+ OpenSSL DTLS implementation, which were making it impossible for
+ RFC 4347 compliant client to communicate with OpenSSL server.
+ Unfortunately just fixing these incompatibilities would "cut off"
+ pre-0.9.8f clients. To allow for hassle free upgrade post-0.9.8e
+ server keeps tolerating non RFC compliant syntax. The opposite is
+ not true, 0.9.8f client can not communicate with earlier server.
+ This update even addresses CVE-2007-4995.
+ [Andy Polyakov]
+
+ *) Changes to avoid need for function casts in OpenSSL: some compilers
+ (gcc 4.2 and later) reject their use.
+ [Kurt Roeckx <kurt at roeckx.be>, Peter Hartley <pdh at utter.chaos.org.uk>,
+ Steve Henson]
+
+ *) Add RFC4507 support to OpenSSL. This includes the corrections in
+ RFC4507bis. The encrypted ticket format is an encrypted encoded
+ SSL_SESSION structure, that way new session features are automatically
+ supported.
+
+ If a client application caches session in an SSL_SESSION structure
+ support is transparent because tickets are now stored in the encoded
+ SSL_SESSION.
+
+ The SSL_CTX structure automatically generates keys for ticket
+ protection in servers so again support should be possible
+ with no application modification.
+
+ If a client or server wishes to disable RFC4507 support then the option
+ SSL_OP_NO_TICKET can be set.
+
+ Add a TLS extension debugging callback to allow the contents of any client
+ or server extensions to be examined.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Add initial support for TLS extensions, specifically for the server_name
+ extension so far. The SSL_SESSION, SSL_CTX, and SSL data structures now
+ have new members for a host name. The SSL data structure has an
+ additional member SSL_CTX *initial_ctx so that new sessions can be
+ stored in that context to allow for session resumption, even after the
+ SSL has been switched to a new SSL_CTX in reaction to a client's
+ server_name extension.
+
+ New functions (subject to change):
+
+ SSL_get_servername()
+ SSL_get_servername_type()
+ SSL_set_SSL_CTX()
+
+ New CTRL codes and macros (subject to change):
+
+ SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
+ - SSL_CTX_set_tlsext_servername_callback()
+ SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
+ - SSL_CTX_set_tlsext_servername_arg()
+ SSL_CTRL_SET_TLSEXT_HOSTNAME - SSL_set_tlsext_host_name()
+
+ openssl s_client has a new '-servername ...' option.
+
+ openssl s_server has new options '-servername_host ...', '-cert2 ...',
+ '-key2 ...', '-servername_fatal' (subject to change). This allows
+ testing the HostName extension for a specific single host name ('-cert'
+ and '-key' remain fallbacks for handshakes without HostName
+ negotiation). If the unrecogninzed_name alert has to be sent, this by
+ default is a warning; it becomes fatal with the '-servername_fatal'
+ option.
+
+ [Peter Sylvester, Remy Allais, Christophe Renou, Steve Henson]
+
+ *) Add AES and SSE2 assembly language support to VC++ build.
+ [Steve Henson]
+
+ *) Mitigate attack on final subtraction in Montgomery reduction.
+ [Andy Polyakov]
+
+ *) Fix crypto/ec/ec_mult.c to work properly with scalars of value 0
+ (which previously caused an internal error).
+ [Bodo Moeller]
+
+ *) Squeeze another 10% out of IGE mode when in != out.
+ [Ben Laurie]
+
+ *) AES IGE mode speedup.
+ [Dean Gaudet (Google)]
+
+ *) Add the Korean symmetric 128-bit cipher SEED (see
+ http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and
+ add SEED ciphersuites from RFC 4162:
+
+ TLS_RSA_WITH_SEED_CBC_SHA = "SEED-SHA"
+ TLS_DHE_DSS_WITH_SEED_CBC_SHA = "DHE-DSS-SEED-SHA"
+ TLS_DHE_RSA_WITH_SEED_CBC_SHA = "DHE-RSA-SEED-SHA"
+ TLS_DH_anon_WITH_SEED_CBC_SHA = "ADH-SEED-SHA"
+
+ To minimize changes between patchlevels in the OpenSSL 0.9.8
+ series, SEED remains excluded from compilation unless OpenSSL
+ is configured with 'enable-seed'.
+ [KISA, Bodo Moeller]
+
+ *) Mitigate branch prediction attacks, which can be practical if a
+ single processor is shared, allowing a spy process to extract
+ information. For detailed background information, see
+ http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron,
+ J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL
+ and Necessary Software Countermeasures"). The core of the change
+ are new versions BN_div_no_branch() and
+ BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
+ respectively, which are slower, but avoid the security-relevant
+ conditional branches. These are automatically called by BN_div()
+ and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one
+ of the input BIGNUMs. Also, BN_is_bit_set() has been changed to
+ remove a conditional branch.
+
+ BN_FLG_CONSTTIME is the new name for the previous
+ BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
+ modular exponentiation. (Since OpenSSL 0.9.7h, setting this flag
+ in the exponent causes BN_mod_exp_mont() to use the alternative
+ implementation in BN_mod_exp_mont_consttime().) The old name
+ remains as a deprecated alias.
+
+ Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general
+ RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses
+ constant-time implementations for more than just exponentiation.
+ Here too the old name is kept as a deprecated alias.
+
+ BN_BLINDING_new() will now use BN_dup() for the modulus so that
+ the BN_BLINDING structure gets an independent copy of the
+ modulus. This means that the previous "BIGNUM *m" argument to
+ BN_BLINDING_new() and to BN_BLINDING_create_param() now
+ essentially becomes "const BIGNUM *m", although we can't actually
+ change this in the header file before 0.9.9. It allows
+ RSA_setup_blinding() to use BN_with_flags() on the modulus to
+ enable BN_FLG_CONSTTIME.
+
+ [Matthew D Wood (Intel Corp)]
+
+ *) In the SSL/TLS server implementation, be strict about session ID
+ context matching (which matters if an application uses a single
+ external cache for different purposes). Previously,
+ out-of-context reuse was forbidden only if SSL_VERIFY_PEER was
+ set. This did ensure strict client verification, but meant that,
+ with applications using a single external cache for quite
+ different requirements, clients could circumvent ciphersuite
+ restrictions for a given session ID context by starting a session
+ in a different context.
+ [Bodo Moeller]
*) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
a ciphersuite string such as "DEFAULT:RSA" cannot enable
authentication-only ciphersuites.
[Bodo Moeller]
+ *) Update the SSL_get_shared_ciphers() fix CVE-2006-3738 which was
+ not complete and could lead to a possible single byte overflow
+ (CVE-2007-5135) [Ben Laurie]
+
+ Changes between 0.9.8d and 0.9.8e [23 Feb 2007]
+
*) Since AES128 and AES256 (and similarly Camellia128 and
Camellia256) share a single mask bit in the logic of
ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
@@ -1047,7 +1723,7 @@
differing sizes.
[Richard Levitte]
- Changes between 0.9.7l and 0.9.7m [xx XXX xxxx]
+ Changes between 0.9.7l and 0.9.7m [23 Feb 2007]
*) Cleanse PEM buffers before freeing them since they may contain
sensitive data.
@@ -1063,6 +1739,20 @@
kludge to work properly if AES128 is available and AES256 isn't.
[Victor Duchovni]
+ *) Expand security boundary to match 1.1.1 module.
+ [Steve Henson]
+
+ *) Remove redundant features: hash file source, editing of test vectors
+ modify fipsld to use external fips_premain.c signature.
+ [Steve Henson]
+
+ *) New perl script mkfipsscr.pl to create shell scripts or batch files to
+ run algorithm test programs.
+ [Steve Henson]
+
+ *) Make algorithm test programs more tolerant of whitespace.
+ [Steve Henson]
+
*) Have SSL/TLS server implementation tolerate "mismatched" record
protocol version while receiving ClientHello even if the
ClientHello is fragmented. (The server can't insist on the
Modified: stable/7/crypto/openssl/Configure
==============================================================================
--- stable/7/crypto/openssl/Configure Sun Nov 28 13:01:10 2010 (r215996)
+++ stable/7/crypto/openssl/Configure Sun Nov 28 13:45:51 2010 (r215997)
@@ -6,11 +6,13 @@ eval 'exec perl -S $0 ${1+"$@"}'
##
require 5.000;
-use strict;
+eval 'use strict;';
+
+print STDERR "Warning: perl module strict not found.\n" if ($@);
# see INSTALL for instructions.
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [enable-montasm] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
# Options:
#
@@ -54,6 +56,8 @@ my $usage="Usage: Configure [no-<cipher>
# [no-]zlib [don't] compile support for zlib compression.
# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
# library and will be loaded in run-time by the OpenSSL library.
+# enable-montasm 0.9.8 branch only: enable Montgomery x86 assembler backport
+# from 0.9.9
# 386 generate 80386 code
# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
@@ -97,6 +101,13 @@ my $usage="Usage: Configure [no-<cipher>
# SHA512_ASM sha512_block is implemented in assembler
# AES_ASM ASE_[en|de]crypt is implemented in assembler
+# Minimum warning options... any contributions to OpenSSL should at least get
+# past these.
+
+my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
+
+my $strict_warnings = 0;
+
my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
# MD2_CHAR slags pentium pros
@@ -114,12 +125,12 @@ my $tlib="-lnsl -lsocket";
my $bits1="THIRTY_TWO_BIT ";
my $bits2="SIXTY_FOUR_BIT ";
-my $x86_elf_asm="x86cpuid-elf.o:bn86-elf.o co86-elf.o:dx86-elf.o yx86-elf.o:ax86-elf.o:bx86-elf.o:mx86-elf.o:sx86-elf.o s512sse2-elf.o:cx86-elf.o:rx86-elf.o:rm86-elf.o:r586-elf.o";
-my $x86_coff_asm="x86cpuid-cof.o:bn86-cof.o co86-cof.o:dx86-cof.o yx86-cof.o:ax86-cof.o:bx86-cof.o:mx86-cof.o:sx86-cof.o s512sse2-cof.o:cx86-cof.o:rx86-cof.o:rm86-cof.o:r586-cof.o";
-my $x86_out_asm="x86cpuid-out.o:bn86-out.o co86-out.o:dx86-out.o yx86-out.o:ax86-out.o:bx86-out.o:mx86-out.o:sx86-out.o s512sse2-out.o:cx86-out.o:rx86-out.o:rm86-out.o:r586-out.o";
+my $x86_elf_asm="x86cpuid-elf.o:bn86-elf.o co86-elf.o MAYBE-MO86-elf.o:dx86-elf.o yx86-elf.o:ax86-elf.o:bx86-elf.o:mx86-elf.o:sx86-elf.o s512sse2-elf.o:cx86-elf.o:rx86-elf.o rc4_skey.o:rm86-elf.o:r586-elf.o";
+my $x86_coff_asm="x86cpuid-cof.o:bn86-cof.o co86-cof.o MAYBE-MO86-cof.o:dx86-cof.o yx86-cof.o:ax86-cof.o:bx86-cof.o:mx86-cof.o:sx86-cof.o s512sse2-cof.o:cx86-cof.o:rx86-cof.o rc4_skey.o:rm86-cof.o:r586-cof.o";
+my $x86_out_asm="x86cpuid-out.o:bn86-out.o co86-out.o MAYBE-MO86-out.o:dx86-out.o yx86-out.o:ax86-out.o:bx86-out.o:mx86-out.o:sx86-out.o s512sse2-out.o:cx86-out.o:rx86-out.o rc4_skey.o:rm86-out.o:r586-out.o";
-my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o::::md5-x86_64.o:::rc4-x86_64.o::";
-my $ia64_asm=":bn-ia64.o::aes_core.o aes_cbc.o aes-ia64.o:::sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o::";
+my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o::";
+my $ia64_asm=":bn-ia64.o::aes_core.o aes_cbc.o aes-ia64.o:::sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o::";
my $no_asm="::::::::::";
@@ -150,12 +161,16 @@ my %table=(
"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::bn86-elf.o co86-elf.o",
"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
-"debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::::",
+"debug-ben-debug", "gcc:$gcc_devteam_warn -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -ggdb3 -O2 -pipe::(unknown)::::::",
+"debug-ben-debug-noopt", "gcc:$gcc_devteam_warn -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -ggdb3 -pipe::(unknown)::::::",
"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
-"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -march=i486 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared",
+"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -m32 -g -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared",
"debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT:${no_asm}:dlfcn:linux-shared",
"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -166,6 +181,9 @@ my %table=(
"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"dist", "cc:-O::(unknown)::::::",
# Basic configs that should work on any (32 and less bit) box
@@ -191,21 +209,21 @@ my %table=(
# actually recommend to consider using gcc shared build even with vendor
# compiler:-)
# <appro at fy.chalmers.se>
-"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### Solaris x86 with Sun C setups
"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SPARC Solaris with GNU C setups
"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
-"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
####
"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SPARC Solaris with Sun C setups
# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
@@ -213,11 +231,11 @@ my %table=(
# SC5.0 note: Compiler common patch 107357-01 or later is required!
"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
+"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
####
"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8.o::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o::::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SunOS configs, assuming sparc for the gcc one.
#"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
@@ -231,10 +249,10 @@ my %table=(
# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
# './Configure irix-cc -o32' manually.
"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT::bn-mips3.o::::::::::dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT::bn-mips3.o::::::::::dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT::bn-mips3.o::::::::::dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# N64 ABI builds.
"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::bn-mips3.o::::::::::dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::bn-mips3.o::::::::::dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::bn-mips3.o::::::::::dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### Unified HP-UX ANSI C configs.
# Special notes:
@@ -321,21 +339,20 @@ my %table=(
"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
####
"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# -bpowerpc64-linux is transient option, -m64 should be the one to use...
-"linux-ppc64", "gcc:-bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-bpowerpc64-linux:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc64", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SPARC Linux setups
# Ray Miller <ray.miller at computing-services.oxford.ac.uk> has patiently
# assisted with debugging of following two configs.
"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# it's a real mess with -mcpu=ultrasparc option under Linux, but
# -Wa,-Av8plus should do the trick no matter what.
-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# GCC 3.1 is a requirement
-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### Alpha Linux with GNU C and Compaq C setups
# Special notes:
# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
@@ -365,7 +382,7 @@ my %table=(
# -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
# simply *happens* to work around a compiler bug in gcc 3.3.3,
# triggered by RIPEMD160 code.
-"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-ia64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-x86_64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -379,7 +396,8 @@ my %table=(
# QNX
"qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:",
-"qnx6", "cc:-DL_ENDIAN -DTERMIOS::(unknown)::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:",
+"QNX6", "gcc:-DTERMIOS::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"QNX6-i386", "gcc:-DL_ENDIAN -DTERMIOS -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SCO/Caldera targets.
#
@@ -403,12 +421,12 @@ my %table=(
#### IBM's AIX.
"aix3-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
-"aix-gcc", "gcc:-O -DB_ENDIAN::-D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:",
-"aix64-gcc","gcc:-O -DB_ENDIAN::-D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn::::::-X64",
+"aix-gcc", "gcc:-O -DB_ENDIAN::-pthread:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
+"aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
# Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
# at build time. $OBJECT_MODE is respected at ./config stage!
-"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384::-qthreaded:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-q32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
-"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
+"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
+"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
#
# Cray T90 and similar (SDSC)
@@ -479,15 +497,20 @@ my %table=(
"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_coff_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
-# NetWare from David Ward (dsward at novell.com) - requires MetroWerks NLM development tools
+# NetWare from David Ward (dsward at novell.com)
+# requires either MetroWerks NLM development tools, or gcc / nlmconv
+# NetWare defaults socket bio to WinSock sockets. However,
+# the builds can be configured to use BSD sockets instead.
# netware-clib => legacy CLib c-runtime support
-"netware-clib", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
+"netware-clib", "mwccnlm::::::${x86_gcc_opts}::",
+"netware-clib-bsdsock", "mwccnlm::::::${x86_gcc_opts}::",
+"netware-clib-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -I/ndk/ws295sdk/include -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
+"netware-clib-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -DNETWARE_BSDSOCK -DNETDB_USE_INTERNET -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
# netware-libc => LibC/NKS support
-# NetWare defaults socket bio to WinSock sockets. However, the LibC build can be
-# configured to use BSD sockets instead.
"netware-libc", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
"netware-libc-bsdsock", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
"netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
+"netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
# DJGPP
"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:",
@@ -500,8 +523,11 @@ my %table=(
##### MacOS X (a.k.a. Rhapsody or Darwin) setup
"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
-"darwin-ppc-cc","cc:-O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc64.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -fomit-frame-pointer -DL_ENDIAN -DMD32_REG_T=int -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
##### A/UX
@@ -530,7 +556,9 @@ my %table=(
my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
VC-NT VC-CE VC-WIN32
- BC-32 OS2-EMX netware-clib netware-libc netware-libc-bsdsock);
+ BC-32 OS2-EMX
+ netware-clib netware-clib-bsdsock
+ netware-libc netware-libc-bsdsock);
my $idx = 0;
my $idx_cc = $idx++;
@@ -560,15 +588,23 @@ my $idx_ranlib = $idx++;
my $idx_arflags = $idx++;
my $prefix="";
+my $libdir="";
my $openssldir="";
my $exe_ext="";
-my $install_prefix="";
+my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
+my $cross_compile_prefix="";
+my $fipslibdir="/usr/local/ssl/fips-1.0/lib/";
+my $nofipscanistercheck=0;
+my $fipsdso=0;
+my $fipscanisterinternal="n";
+my $baseaddr="0xFB00000";
my $no_threads=0;
my $threads=0;
my $no_shared=0; # but "no-shared" is default
my $zlib=1; # but "no-zlib" is default
my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
my $no_rfc3779=1; # but "no-rfc3779" is default
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-all
mailing list