Loading CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ Changes between 0.9.5 and 0.9.5a [XX XXX 2000] *) Update test suite so that 'make test' succeeds in 'no-rsa' configuration. [Bodo Moeller] *) For SSL_[CTX_]set_tmp_dh, don't create a DH key if SSL_OP_SINGLE_DH_USE is set; it will be thrown away anyway because each handshake creates its own key. Loading crypto/asn1/t_req.c +4 −3 Original line number Diff line number Diff line Loading @@ -119,7 +119,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) pkey=X509_REQ_get_pubkey(x); #ifndef NO_RSA if (pkey->type == EVP_PKEY_RSA) if (pkey != NULL && pkey->type == EVP_PKEY_RSA) { BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", BN_num_bits(pkey->pkey.rsa->n)); Loading @@ -128,7 +128,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) else #endif #ifndef NO_DSA if (pkey->type == EVP_PKEY_DSA) if (pkey != NULL && pkey->type == EVP_PKEY_DSA) { BIO_printf(bp,"%12sDSA Public Key:\n",""); DSA_print(bp,pkey->pkey.dsa,16); Loading @@ -137,6 +137,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) #endif BIO_printf(bp,"%12sUnknown Public Key:\n",""); if (pkey != NULL) EVP_PKEY_free(pkey); /* may not be */ Loading ssl/ssltest.c +22 −3 Original line number Diff line number Diff line Loading @@ -140,6 +140,7 @@ static void sv_usage(void) fprintf(stderr," -CApath arg - PEM format directory of CA's\n"); fprintf(stderr," -CAfile arg - PEM format file of CA's\n"); fprintf(stderr," -cert arg - Certificate file\n"); fprintf(stderr," -key arg - Key file\n"); fprintf(stderr," -s_cert arg - Just the server certificate file\n"); fprintf(stderr," -c_cert arg - Just the client certificate file\n"); fprintf(stderr," -cipher arg - The cipher list\n"); Loading Loading @@ -202,7 +203,9 @@ int main(int argc, char *argv[]) int client_auth=0; int server_auth=0,i; char *server_cert=TEST_SERVER_CERT; char *server_key=NULL; char *client_cert=TEST_CLIENT_CERT; char *client_key=NULL; SSL_CTX *s_ctx=NULL; SSL_CTX *c_ctx=NULL; SSL_METHOD *meth=NULL; Loading Loading @@ -282,11 +285,26 @@ int main(int argc, char *argv[]) if (--argc < 1) goto bad; server_cert= *(++argv); } else if (strcmp(*argv,"-key") == 0) { if (--argc < 1) goto bad; server_key= *(++argv); } else if (strcmp(*argv,"-s_key") == 0) { if (--argc < 1) goto bad; server_key= *(++argv); } else if (strcmp(*argv,"-c_cert") == 0) { if (--argc < 1) goto bad; client_cert= *(++argv); } else if (strcmp(*argv,"-c_key") == 0) { if (--argc < 1) goto bad; client_key= *(++argv); } else if (strcmp(*argv,"-cipher") == 0) { if (--argc < 1) goto bad; Loading Loading @@ -416,8 +434,8 @@ bad: { ERR_print_errors(bio_err); } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,server_cert, SSL_FILETYPE_PEM)) else if (!SSL_CTX_use_PrivateKey_file(s_ctx, (server_key?server_key:server_cert), SSL_FILETYPE_PEM)) { ERR_print_errors(bio_err); goto end; Loading @@ -427,7 +445,8 @@ bad: { SSL_CTX_use_certificate_file(c_ctx,client_cert, SSL_FILETYPE_PEM); SSL_CTX_use_PrivateKey_file(c_ctx,client_cert, SSL_CTX_use_PrivateKey_file(c_ctx, (client_key?client_key:client_cert), SSL_FILETYPE_PEM); } Loading test/Makefile.ssl +9 −5 Original line number Diff line number Diff line Loading @@ -206,17 +206,21 @@ test_gen: @echo "Generate and verify a certificate request" @sh ./testgen test_ss: test_ss keyU.ss certU.ss certCA.ss: @echo "Generate and certify a test certificate" @sh ./testss test_ssl: test_ssl: keyU.ss certU.ss certCA.ss @echo "test SSL protocol" @sh ./testssl @sh ./testssl keyU.ss certU.ss certCA.ss test_ca: @echo "Generate and certify a test certificate via the 'ca' program" @sh ./testca @if ../apps/openssl list-standard-commands | grep '^rsa$$' >/dev/null; then \ echo "Generate and certify a test certificate via the 'ca' program"; \ sh ./testca; \ else \ echo "skipping CA.sh test -- requires RSA"; \ fi lint: lint -DLINT $(INCLUDES) $(SRC)>fluff Loading test/testgen +11 −5 Original line number Diff line number Diff line Loading @@ -11,13 +11,19 @@ export PATH echo "generating certificate request" echo "string to make the random number generator think it has entropy" >> ./.rnd if ../apps/openssl list-standard-commands | grep '^rsa$' >/dev/null; then req_new='-new' echo "There should be a 2 sequences of .'s and some +'s." echo "There should not be more that at most 80 per line" echo "This could take some time." else req_new='-newkey dsa:../apps/dsa512.pem' fi echo "string to make the random number generator think it has entropy" >> ./.rnd echo "This could take some time." ../apps/openssl req -config test.cnf -new -out testreq.pem ../apps/openssl req -config test.cnf $req_new -out testreq.pem if [ $? != 0 ]; then echo problems creating request exit 1 Loading Loading
CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ Changes between 0.9.5 and 0.9.5a [XX XXX 2000] *) Update test suite so that 'make test' succeeds in 'no-rsa' configuration. [Bodo Moeller] *) For SSL_[CTX_]set_tmp_dh, don't create a DH key if SSL_OP_SINGLE_DH_USE is set; it will be thrown away anyway because each handshake creates its own key. Loading
crypto/asn1/t_req.c +4 −3 Original line number Diff line number Diff line Loading @@ -119,7 +119,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) pkey=X509_REQ_get_pubkey(x); #ifndef NO_RSA if (pkey->type == EVP_PKEY_RSA) if (pkey != NULL && pkey->type == EVP_PKEY_RSA) { BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", BN_num_bits(pkey->pkey.rsa->n)); Loading @@ -128,7 +128,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) else #endif #ifndef NO_DSA if (pkey->type == EVP_PKEY_DSA) if (pkey != NULL && pkey->type == EVP_PKEY_DSA) { BIO_printf(bp,"%12sDSA Public Key:\n",""); DSA_print(bp,pkey->pkey.dsa,16); Loading @@ -137,6 +137,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) #endif BIO_printf(bp,"%12sUnknown Public Key:\n",""); if (pkey != NULL) EVP_PKEY_free(pkey); /* may not be */ Loading
ssl/ssltest.c +22 −3 Original line number Diff line number Diff line Loading @@ -140,6 +140,7 @@ static void sv_usage(void) fprintf(stderr," -CApath arg - PEM format directory of CA's\n"); fprintf(stderr," -CAfile arg - PEM format file of CA's\n"); fprintf(stderr," -cert arg - Certificate file\n"); fprintf(stderr," -key arg - Key file\n"); fprintf(stderr," -s_cert arg - Just the server certificate file\n"); fprintf(stderr," -c_cert arg - Just the client certificate file\n"); fprintf(stderr," -cipher arg - The cipher list\n"); Loading Loading @@ -202,7 +203,9 @@ int main(int argc, char *argv[]) int client_auth=0; int server_auth=0,i; char *server_cert=TEST_SERVER_CERT; char *server_key=NULL; char *client_cert=TEST_CLIENT_CERT; char *client_key=NULL; SSL_CTX *s_ctx=NULL; SSL_CTX *c_ctx=NULL; SSL_METHOD *meth=NULL; Loading Loading @@ -282,11 +285,26 @@ int main(int argc, char *argv[]) if (--argc < 1) goto bad; server_cert= *(++argv); } else if (strcmp(*argv,"-key") == 0) { if (--argc < 1) goto bad; server_key= *(++argv); } else if (strcmp(*argv,"-s_key") == 0) { if (--argc < 1) goto bad; server_key= *(++argv); } else if (strcmp(*argv,"-c_cert") == 0) { if (--argc < 1) goto bad; client_cert= *(++argv); } else if (strcmp(*argv,"-c_key") == 0) { if (--argc < 1) goto bad; client_key= *(++argv); } else if (strcmp(*argv,"-cipher") == 0) { if (--argc < 1) goto bad; Loading Loading @@ -416,8 +434,8 @@ bad: { ERR_print_errors(bio_err); } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,server_cert, SSL_FILETYPE_PEM)) else if (!SSL_CTX_use_PrivateKey_file(s_ctx, (server_key?server_key:server_cert), SSL_FILETYPE_PEM)) { ERR_print_errors(bio_err); goto end; Loading @@ -427,7 +445,8 @@ bad: { SSL_CTX_use_certificate_file(c_ctx,client_cert, SSL_FILETYPE_PEM); SSL_CTX_use_PrivateKey_file(c_ctx,client_cert, SSL_CTX_use_PrivateKey_file(c_ctx, (client_key?client_key:client_cert), SSL_FILETYPE_PEM); } Loading
test/Makefile.ssl +9 −5 Original line number Diff line number Diff line Loading @@ -206,17 +206,21 @@ test_gen: @echo "Generate and verify a certificate request" @sh ./testgen test_ss: test_ss keyU.ss certU.ss certCA.ss: @echo "Generate and certify a test certificate" @sh ./testss test_ssl: test_ssl: keyU.ss certU.ss certCA.ss @echo "test SSL protocol" @sh ./testssl @sh ./testssl keyU.ss certU.ss certCA.ss test_ca: @echo "Generate and certify a test certificate via the 'ca' program" @sh ./testca @if ../apps/openssl list-standard-commands | grep '^rsa$$' >/dev/null; then \ echo "Generate and certify a test certificate via the 'ca' program"; \ sh ./testca; \ else \ echo "skipping CA.sh test -- requires RSA"; \ fi lint: lint -DLINT $(INCLUDES) $(SRC)>fluff Loading
test/testgen +11 −5 Original line number Diff line number Diff line Loading @@ -11,13 +11,19 @@ export PATH echo "generating certificate request" echo "string to make the random number generator think it has entropy" >> ./.rnd if ../apps/openssl list-standard-commands | grep '^rsa$' >/dev/null; then req_new='-new' echo "There should be a 2 sequences of .'s and some +'s." echo "There should not be more that at most 80 per line" echo "This could take some time." else req_new='-newkey dsa:../apps/dsa512.pem' fi echo "string to make the random number generator think it has entropy" >> ./.rnd echo "This could take some time." ../apps/openssl req -config test.cnf -new -out testreq.pem ../apps/openssl req -config test.cnf $req_new -out testreq.pem if [ $? != 0 ]; then echo problems creating request exit 1 Loading
