Loading CHANGES +6 −0 Original line number Diff line number Diff line Loading @@ -726,6 +726,12 @@ Changes between 0.9.8i and 0.9.8j [xx XXX xxxx] *) Update Configure code and WIN32 build scripts to support experimental code. This is surrounded by OPENSSL_EXPERIMENTAL_FOO and not compiled in by default. Using the configuration option "enable-experimental-foo" enables it. Use this option for JPAKE. [Steve Henson] *) Add JPAKE support, including demo authentication in s_client and s_server. [Ben Laurie] Loading Configure +11 −1 Original line number Diff line number Diff line Loading @@ -604,6 +604,7 @@ my $no_threads=0; my $threads=0; my $no_shared=0; # but "no-shared" is default my $zlib=1; # but "no-zlib" is default my $jpake=1; # but "no-jpake" is default my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used my $no_rfc3779=1; # but "no-rfc3779" is default my $no_asm=0; Loading Loading @@ -640,6 +641,7 @@ my $perl; my %disabled = ( # "what" => "comment" "gmp" => "default", "experimental-jpake" => "default", "mdc2" => "default", "rc5" => "default", "rfc3779" => "default", Loading Loading @@ -920,6 +922,8 @@ foreach (sort (keys %disabled)) { $no_threads = 1; } elsif (/^shared$/) { $no_shared = 1; } elsif (/^experimental-jpake$/) { $jpake = 0; push @skip, "jpake"} elsif (/^zlib$/) { $zlib = 0; } elsif (/^static-engine$/) Loading Loading @@ -1161,6 +1165,11 @@ if ($threads) $openssl_thread_defines .= $thread_defines; } if ($jpake) { $openssl_other_defines = "#define OPENSSL_EXPERIMENTAL_JPAKE\n"; } if ($zlib) { $cflags = "-DZLIB $cflags"; Loading Loading @@ -1367,7 +1376,8 @@ while (<IN>) if ($sdirs) { my $dir; foreach $dir (@skip) { s/([ ])$dir /\1/; s/(\s)$dir /$1/; s/\s$dir$//; } } $sdirs = 0 unless /\\$/; Loading apps/apps.c +6 −0 Original line number Diff line number Diff line Loading @@ -137,7 +137,9 @@ #include <openssl/rsa.h> #endif #include <openssl/bn.h> #ifdef OPENSSL_EXPERIMENTAL_JPAKE #include <openssl/jpake.h> #endif #define NON_MAIN #include "apps.h" Loading Loading @@ -2379,6 +2381,8 @@ void policies_print(BIO *out, X509_STORE_CTX *ctx) BIO_free(out); } #ifdef OPENSSL_EXPERIMENTAL_JPAKE static JPAKE_CTX *jpake_init(const char *us, const char *them, const char *secret) { Loading Loading @@ -2591,6 +2595,8 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret) BIO_free(bconn); } #endif /* * Platform-specific sections */ Loading apps/apps.h +2 −0 Original line number Diff line number Diff line Loading @@ -308,8 +308,10 @@ int bio_to_mem(unsigned char **out, int maxlen, BIO *in); int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value); int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx, const char *algname, ENGINE *e, int do_param); #ifdef OPENSSL_EXPERIMENTAL_JPAKE void jpake_client_auth(BIO *out, BIO *conn, const char *secret); void jpake_server_auth(BIO *out, BIO *conn, const char *secret); #endif #define FORMAT_UNDEF 0 #define FORMAT_ASN1 1 Loading apps/s_client.c +6 −1 Original line number Diff line number Diff line Loading @@ -429,7 +429,9 @@ int MAIN(int argc, char **argv) int peerlen = sizeof(peer); int enable_timeouts = 0 ; long socket_mtu = 0; #ifdef OPENSSL_EXPERIMENTAL_JPAKE char *jpake_secret = NULL; #endif #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) meth=SSLv23_client_method(); Loading Loading @@ -699,11 +701,13 @@ int MAIN(int argc, char **argv) /* meth=TLSv1_client_method(); */ } #endif #ifdef OPENSSL_EXPERIMENTAL_JPAKE else if (strcmp(*argv,"-jpake") == 0) { if (--argc < 1) goto bad; jpake_secret = *++argv; } #endif else { BIO_printf(bio_err,"unknown option %s\n",*argv); Loading Loading @@ -1022,9 +1026,10 @@ SSL_set_tlsext_status_ids(con, ids); #endif } #endif #ifdef OPENSSL_EXPERIMENTAL_JPAKE if (jpake_secret) jpake_client_auth(bio_c_out, sbio, jpake_secret); #endif SSL_set_bio(con,sbio,sbio); SSL_set_connect_state(con); Loading Loading
CHANGES +6 −0 Original line number Diff line number Diff line Loading @@ -726,6 +726,12 @@ Changes between 0.9.8i and 0.9.8j [xx XXX xxxx] *) Update Configure code and WIN32 build scripts to support experimental code. This is surrounded by OPENSSL_EXPERIMENTAL_FOO and not compiled in by default. Using the configuration option "enable-experimental-foo" enables it. Use this option for JPAKE. [Steve Henson] *) Add JPAKE support, including demo authentication in s_client and s_server. [Ben Laurie] Loading
Configure +11 −1 Original line number Diff line number Diff line Loading @@ -604,6 +604,7 @@ my $no_threads=0; my $threads=0; my $no_shared=0; # but "no-shared" is default my $zlib=1; # but "no-zlib" is default my $jpake=1; # but "no-jpake" is default my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used my $no_rfc3779=1; # but "no-rfc3779" is default my $no_asm=0; Loading Loading @@ -640,6 +641,7 @@ my $perl; my %disabled = ( # "what" => "comment" "gmp" => "default", "experimental-jpake" => "default", "mdc2" => "default", "rc5" => "default", "rfc3779" => "default", Loading Loading @@ -920,6 +922,8 @@ foreach (sort (keys %disabled)) { $no_threads = 1; } elsif (/^shared$/) { $no_shared = 1; } elsif (/^experimental-jpake$/) { $jpake = 0; push @skip, "jpake"} elsif (/^zlib$/) { $zlib = 0; } elsif (/^static-engine$/) Loading Loading @@ -1161,6 +1165,11 @@ if ($threads) $openssl_thread_defines .= $thread_defines; } if ($jpake) { $openssl_other_defines = "#define OPENSSL_EXPERIMENTAL_JPAKE\n"; } if ($zlib) { $cflags = "-DZLIB $cflags"; Loading Loading @@ -1367,7 +1376,8 @@ while (<IN>) if ($sdirs) { my $dir; foreach $dir (@skip) { s/([ ])$dir /\1/; s/(\s)$dir /$1/; s/\s$dir$//; } } $sdirs = 0 unless /\\$/; Loading
apps/apps.c +6 −0 Original line number Diff line number Diff line Loading @@ -137,7 +137,9 @@ #include <openssl/rsa.h> #endif #include <openssl/bn.h> #ifdef OPENSSL_EXPERIMENTAL_JPAKE #include <openssl/jpake.h> #endif #define NON_MAIN #include "apps.h" Loading Loading @@ -2379,6 +2381,8 @@ void policies_print(BIO *out, X509_STORE_CTX *ctx) BIO_free(out); } #ifdef OPENSSL_EXPERIMENTAL_JPAKE static JPAKE_CTX *jpake_init(const char *us, const char *them, const char *secret) { Loading Loading @@ -2591,6 +2595,8 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret) BIO_free(bconn); } #endif /* * Platform-specific sections */ Loading
apps/apps.h +2 −0 Original line number Diff line number Diff line Loading @@ -308,8 +308,10 @@ int bio_to_mem(unsigned char **out, int maxlen, BIO *in); int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value); int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx, const char *algname, ENGINE *e, int do_param); #ifdef OPENSSL_EXPERIMENTAL_JPAKE void jpake_client_auth(BIO *out, BIO *conn, const char *secret); void jpake_server_auth(BIO *out, BIO *conn, const char *secret); #endif #define FORMAT_UNDEF 0 #define FORMAT_ASN1 1 Loading
apps/s_client.c +6 −1 Original line number Diff line number Diff line Loading @@ -429,7 +429,9 @@ int MAIN(int argc, char **argv) int peerlen = sizeof(peer); int enable_timeouts = 0 ; long socket_mtu = 0; #ifdef OPENSSL_EXPERIMENTAL_JPAKE char *jpake_secret = NULL; #endif #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) meth=SSLv23_client_method(); Loading Loading @@ -699,11 +701,13 @@ int MAIN(int argc, char **argv) /* meth=TLSv1_client_method(); */ } #endif #ifdef OPENSSL_EXPERIMENTAL_JPAKE else if (strcmp(*argv,"-jpake") == 0) { if (--argc < 1) goto bad; jpake_secret = *++argv; } #endif else { BIO_printf(bio_err,"unknown option %s\n",*argv); Loading Loading @@ -1022,9 +1026,10 @@ SSL_set_tlsext_status_ids(con, ids); #endif } #endif #ifdef OPENSSL_EXPERIMENTAL_JPAKE if (jpake_secret) jpake_client_auth(bio_c_out, sbio, jpake_secret); #endif SSL_set_bio(con,sbio,sbio); SSL_set_connect_state(con); Loading
