Loading CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -423,6 +423,9 @@ Changes between 0.9.8d and 0.9.8e [XX xxx XXXX] *) Add RFC 3779 support. [Rob Austein for ARIN, Ben Laurie] Changes between 0.9.8c and 0.9.8d [28 Sep 2006] *) Introduce limits to prevent malicious keys being able to Loading Configure +9 −0 Original line number Diff line number Diff line Loading @@ -579,6 +579,7 @@ my $threads=0; my $no_shared=0; # but "no-shared" is default my $zlib=1; # but "no-zlib" is default my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used my $rfc3779=1; # but "no-rfc3779" is default my $no_asm=0; my $no_dso=0; my $no_gmp=0; Loading Loading @@ -614,6 +615,7 @@ my %disabled = ( # "what" => "comment" "gmp" => "default", "mdc2" => "default", "rc5" => "default", "rfc3779" => "default", "shared" => "default", "zlib" => "default", "zlib-dynamic" => "default" Loading Loading @@ -901,6 +903,8 @@ foreach (sort (keys %disabled)) { $symlink = 0; } elsif (/^sse2$/) { $no_sse2 = 1; } elsif (/^rfc3779$/) { $rfc3779 = 0; } else { my ($ALGO, $algo); Loading Loading @@ -1137,6 +1141,11 @@ if ($zlib) } } if ($rfc3779) { $openssl_other_defines.="#define OPENSSL_RFC3779\n"; } # You will find shlib_mark1 and shlib_mark2 explained in Makefile.org my $shared_mark = ""; if ($shared_target eq "") Loading apps/ca.c +1 −0 Original line number Diff line number Diff line Loading @@ -1525,6 +1525,7 @@ err: if (x509) X509_free(x509); X509_CRL_free(crl); NCONF_free(conf); NCONF_free(extconf); OBJ_cleanup(); apps_shutdown(); OPENSSL_EXIT(ret); Loading crypto/asn1/x_x509.c +8 −0 Original line number Diff line number Diff line Loading @@ -95,6 +95,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, ret->ex_pathlen = -1; ret->skid = NULL; ret->akid = NULL; #ifdef OPENSSL_RFC3779 ret->rfc3779_addr = NULL; ret->rfc3779_asid = NULL; #endif ret->aux = NULL; ret->crldp = NULL; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); Loading @@ -112,6 +116,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, AUTHORITY_KEYID_free(ret->akid); CRL_DIST_POINTS_free(ret->crldp); policy_cache_free(ret->policy_cache); #ifdef OPENSSL_RFC3779 sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free); ASIdentifiers_free(ret->rfc3779_asid); #endif if (ret->name != NULL) OPENSSL_free(ret->name); break; Loading crypto/stack/safestack.h +70 −0 Original line number Diff line number Diff line Loading @@ -297,6 +297,30 @@ STACK_OF(type) \ #define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st)) #define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st)) #ifdef OPENSSL_RFC3779 #define sk_ASIdOrRange_new(st) SKM_sk_new(ASIdOrRange, (st)) #define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange) #define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st)) #define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st)) #define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i)) #define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val)) #define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st)) #define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val)) #define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val)) #define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val)) #define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val)) #define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i)) #define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr)) #define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i)) #define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp)) #define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st) #define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func)) #define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st)) #define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st)) #define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st)) #define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st)) #endif /* def OPENSSL_RFC3779 */ #define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING) #define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st)) Loading Loading @@ -781,6 +805,52 @@ STACK_OF(type) \ #define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st)) #define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st)) #ifdef OPENSSL_RFC3779 #define sk_IPAddressFamily_new(st) SKM_sk_new(IPAddressFamily, (st)) #define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily) #define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st)) #define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st)) #define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i)) #define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val)) #define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st)) #define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val)) #define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val)) #define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val)) #define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val)) #define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i)) #define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr)) #define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i)) #define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp)) #define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st) #define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func)) #define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st)) #define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st)) #define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st)) #define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st)) #define sk_IPAddressOrRange_new(st) SKM_sk_new(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange) #define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i)) #define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val)) #define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val)) #define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val)) #define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val)) #define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val)) #define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i)) #define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr)) #define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i)) #define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp)) #define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st) #define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func)) #define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st)) #endif /* def OPENSSL_RFC3779 */ #define sk_KRB5_APREQBODY_new(st) SKM_sk_new(KRB5_APREQBODY, (st)) #define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY) #define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st)) Loading Loading
CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -423,6 +423,9 @@ Changes between 0.9.8d and 0.9.8e [XX xxx XXXX] *) Add RFC 3779 support. [Rob Austein for ARIN, Ben Laurie] Changes between 0.9.8c and 0.9.8d [28 Sep 2006] *) Introduce limits to prevent malicious keys being able to Loading
Configure +9 −0 Original line number Diff line number Diff line Loading @@ -579,6 +579,7 @@ my $threads=0; my $no_shared=0; # but "no-shared" is default my $zlib=1; # but "no-zlib" is default my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used my $rfc3779=1; # but "no-rfc3779" is default my $no_asm=0; my $no_dso=0; my $no_gmp=0; Loading Loading @@ -614,6 +615,7 @@ my %disabled = ( # "what" => "comment" "gmp" => "default", "mdc2" => "default", "rc5" => "default", "rfc3779" => "default", "shared" => "default", "zlib" => "default", "zlib-dynamic" => "default" Loading Loading @@ -901,6 +903,8 @@ foreach (sort (keys %disabled)) { $symlink = 0; } elsif (/^sse2$/) { $no_sse2 = 1; } elsif (/^rfc3779$/) { $rfc3779 = 0; } else { my ($ALGO, $algo); Loading Loading @@ -1137,6 +1141,11 @@ if ($zlib) } } if ($rfc3779) { $openssl_other_defines.="#define OPENSSL_RFC3779\n"; } # You will find shlib_mark1 and shlib_mark2 explained in Makefile.org my $shared_mark = ""; if ($shared_target eq "") Loading
apps/ca.c +1 −0 Original line number Diff line number Diff line Loading @@ -1525,6 +1525,7 @@ err: if (x509) X509_free(x509); X509_CRL_free(crl); NCONF_free(conf); NCONF_free(extconf); OBJ_cleanup(); apps_shutdown(); OPENSSL_EXIT(ret); Loading
crypto/asn1/x_x509.c +8 −0 Original line number Diff line number Diff line Loading @@ -95,6 +95,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, ret->ex_pathlen = -1; ret->skid = NULL; ret->akid = NULL; #ifdef OPENSSL_RFC3779 ret->rfc3779_addr = NULL; ret->rfc3779_asid = NULL; #endif ret->aux = NULL; ret->crldp = NULL; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); Loading @@ -112,6 +116,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, AUTHORITY_KEYID_free(ret->akid); CRL_DIST_POINTS_free(ret->crldp); policy_cache_free(ret->policy_cache); #ifdef OPENSSL_RFC3779 sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free); ASIdentifiers_free(ret->rfc3779_asid); #endif if (ret->name != NULL) OPENSSL_free(ret->name); break; Loading
crypto/stack/safestack.h +70 −0 Original line number Diff line number Diff line Loading @@ -297,6 +297,30 @@ STACK_OF(type) \ #define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st)) #define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st)) #ifdef OPENSSL_RFC3779 #define sk_ASIdOrRange_new(st) SKM_sk_new(ASIdOrRange, (st)) #define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange) #define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st)) #define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st)) #define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i)) #define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val)) #define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st)) #define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val)) #define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val)) #define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val)) #define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val)) #define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i)) #define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr)) #define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i)) #define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp)) #define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st) #define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func)) #define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st)) #define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st)) #define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st)) #define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st)) #endif /* def OPENSSL_RFC3779 */ #define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING) #define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st)) Loading Loading @@ -781,6 +805,52 @@ STACK_OF(type) \ #define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st)) #define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st)) #ifdef OPENSSL_RFC3779 #define sk_IPAddressFamily_new(st) SKM_sk_new(IPAddressFamily, (st)) #define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily) #define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st)) #define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st)) #define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i)) #define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val)) #define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st)) #define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val)) #define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val)) #define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val)) #define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val)) #define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i)) #define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr)) #define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i)) #define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp)) #define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st) #define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func)) #define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st)) #define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st)) #define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st)) #define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st)) #define sk_IPAddressOrRange_new(st) SKM_sk_new(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange) #define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i)) #define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val)) #define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val)) #define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val)) #define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val)) #define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val)) #define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i)) #define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr)) #define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i)) #define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp)) #define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st) #define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func)) #define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st)) #endif /* def OPENSSL_RFC3779 */ #define sk_KRB5_APREQBODY_new(st) SKM_sk_new(KRB5_APREQBODY, (st)) #define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY) #define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st)) Loading
