Wed Aug 5 18:38:22 2009 UTC ()
resolve conflicts
(christos)
diff -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/apps/ca.c
diff -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/crypto/dso/dso_dlfcn.c
diff -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/crypto/engine/eng_cryptodev.c
diff -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/crypto/lhash/lhash.h
diff -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c
--- src/crypto/external/bsd/openssl/dist/apps/ca.c 2009/07/19 23:30:38 1.2
+++ src/crypto/external/bsd/openssl/dist/apps/ca.c 2009/08/05 18:38:21 1.3
@@ -883,9 +883,9 @@
if (db == NULL) goto err;
/* Lets check some fields */
- for (i=0; i<sk_PSTRING_num(db->db->data); i++)
+ for (i=0; i<sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
- pp=sk_PSTRING_value(db->db->data,i);
+ pp=sk_OPENSSL_PSTRING_value(db->db->data,i);
if ((pp[DB_type][0] != DB_TYPE_REV) &&
(pp[DB_rev_date][0] != '\0'))
{
@@ -938,7 +938,7 @@
#endif
TXT_DB_write(out,db->db);
BIO_printf(bio_err,"%d entries loaded from the database\n",
- sk_PSTRING_num(db->db->data));
+ sk_OPENSSL_PSTRING_num(db->db->data));
BIO_printf(bio_err,"generating index\n");
}
@@ -1408,9 +1408,9 @@
ASN1_TIME_free(tmptm);
- for (i=0; i<sk_PSTRING_num(db->db->data); i++)
+ for (i=0; i<sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
- pp=sk_PSTRING_value(db->db->data,i);
+ pp=sk_OPENSSL_PSTRING_value(db->db->data,i);
if (pp[DB_type][0] == DB_TYPE_REV)
{
if ((r=X509_REVOKED_new()) == NULL) goto err;
@@ -1685,9 +1685,9 @@
int ok= -1,i,j,last,nid;
const char *p;
CONF_VALUE *cv;
- STRING row[DB_NUMBER];
- STRING *irow=NULL;
- STRING *rrow=NULL;
+ OPENSSL_STRING row[DB_NUMBER];
+ OPENSSL_STRING *irow=NULL;
+ OPENSSL_STRING *rrow=NULL;
char buf[25];
tmptm=ASN1_UTCTIME_new();
@@ -1929,7 +1929,7 @@
if (db->attributes.unique_subject)
{
- STRING *crow=row;
+ OPENSSL_STRING *crow=row;
rrow=TXT_DB_get_by_index(db->db,DB_name,crow);
if (rrow != NULL)
@@ -2632,9 +2632,9 @@
else
a_y2k = 0;
- for (i = 0; i < sk_PSTRING_num(db->db->data); i++)
+ for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
- rrow = sk_PSTRING_value(db->db->data, i);
+ rrow = sk_OPENSSL_PSTRING_value(db->db->data, i);
if (rrow[DB_type][0] == 'V')
{
--- src/crypto/external/bsd/openssl/dist/crypto/dso/dso_dlfcn.c 2009/07/19 23:30:39 1.2
+++ src/crypto/external/bsd/openssl/dist/crypto/dso/dso_dlfcn.c 2009/08/05 18:38:21 1.3
@@ -351,6 +351,15 @@
return(merged);
}
+#ifdef OPENSSL_SYS_MACOSX
+#define DSO_ext ".dylib"
+#define DSO_extlen 6
+#else
+#define DSO_ext ".so"
+#define DSO_extlen 3
+#endif
+
+
static char *dlfcn_name_converter(DSO *dso, const char *filename)
{
char *translated;
@@ -361,8 +370,8 @@
transform = (strstr(filename, "/") == NULL);
if(transform)
{
- /* We will convert this to "%s.so" or "lib%s.so" */
- rsize += 3; /* The length of ".so" */
+ /* We will convert this to "%s.so" or "lib%s.so" etc */
+ rsize += DSO_extlen; /* The length of ".so" */
if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
rsize += 3; /* The length of "lib" */
}
@@ -376,9 +385,9 @@
if(transform)
{
if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
- snprintf(translated, rsize, "lib%s.so", filename);
+ snprintf(translated, rsize, "lib%s" DSO_ext, filename);
else
- snprintf(translated, rsize, "%s.so", filename);
+ snprintf(translated, rsize, "%s" DSO_ext, filename);
}
else
snprintf(translated, rsize, "%s", filename);
--- src/crypto/external/bsd/openssl/dist/crypto/engine/Attic/eng_cryptodev.c 2009/07/19 23:30:39 1.2
+++ src/crypto/external/bsd/openssl/dist/crypto/engine/Attic/eng_cryptodev.c 2009/08/05 18:38:21 1.3
@@ -33,7 +33,7 @@
#include <openssl/bn.h>
#if (defined(__unix__) || defined(unix)) && !defined(USG) && \
- (defined(OpenBSD) || defined(__FreeBSD_version))
+ (defined(OpenBSD) || defined(__FreeBSD__))
#include <sys/param.h>
# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041) || defined(__NetBSD__)
# define HAVE_CRYPTODEV
@@ -86,7 +86,7 @@
static int open_dev_crypto(void);
static int get_dev_crypto(void);
static int get_cryptodev_ciphers(const int **cnids);
-static int get_cryptodev_digests(const int **cnids);
+/*static int get_cryptodev_digests(const int **cnids);*/
static int cryptodev_usable_ciphers(const int **nids);
static int cryptodev_usable_digests(const int **nids);
static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
@@ -124,7 +124,7 @@
static int cryptodev_dh_compute_key(unsigned char *key,
const BIGNUM *pub_key, DH *dh);
static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
- void (*f)());
+ void (*f)(void));
void ENGINE_load_cryptodev(void);
static const ENGINE_CMD_DEFN cryptodev_defns[] = {
@@ -149,6 +149,7 @@
{ 0, NID_undef, 0, 0, },
};
+#if 0 /* not (yet?) used */
static struct {
int id;
int nid;
@@ -163,6 +164,7 @@
{ CRYPTO_SHA1, NID_sha1, 20},
{ 0, NID_undef, 0},
};
+#endif /* 0 */
/*
* Return a fd if /dev/crypto seems usable, 0 otherwise.
@@ -241,6 +243,7 @@
* returning them here is harmless, as long as we return NULL
* when asked for a handler in the cryptodev_engine_digests routine
*/
+#if 0 /* not (yet?) used */
static int
get_cryptodev_digests(const int **cnids)
{
@@ -271,6 +274,7 @@
*cnids = NULL;
return (count);
}
+#endif /* 0 */
/*
* Find the useable ciphers|digests from dev/crypto - this is the first
@@ -329,7 +333,7 @@
struct crypt_op cryp;
struct dev_crypto_state *state = ctx->cipher_data;
struct session_op *sess = &state->d_sess;
- void *iiv;
+ const void *iiv;
unsigned char save_iv[EVP_MAX_IV_LENGTH];
if (state->d_fd < 0)
@@ -353,7 +357,7 @@
if (ctx->cipher->iv_len) {
cryp.iv = (void *) ctx->iv;
if (!ctx->encrypt) {
- iiv = (char *) in + inl - ctx->cipher->iv_len;
+ iiv = in + inl - ctx->cipher->iv_len;
memcpy(save_iv, iiv, ctx->cipher->iv_len);
}
} else
@@ -368,7 +372,7 @@
if (ctx->cipher->iv_len) {
if (ctx->encrypt)
- iiv = (char *) out + inl - ctx->cipher->iv_len;
+ iiv = out + inl - ctx->cipher->iv_len;
else
iiv = save_iv;
memcpy(ctx->iv, iiv, ctx->cipher->iv_len);
@@ -382,7 +386,7 @@
{
struct dev_crypto_state *state = ctx->cipher_data;
struct session_op *sess = &state->d_sess;
- int cipher, i;
+ int cipher = -1, i;
for (i = 0; ciphers[i].id; i++)
if (ctx->cipher->nid == ciphers[i].nid &&
@@ -1261,7 +1265,7 @@
* but I expect we'll want some options soon.
*/
static int
-cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
+cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
{
#ifdef HAVE_SYSLOG_R
struct syslog_data sd = SYSLOG_DATA_INIT;
--- src/crypto/external/bsd/openssl/dist/crypto/lhash/Attic/lhash.h 2009/07/19 23:30:40 1.2
+++ src/crypto/external/bsd/openssl/dist/crypto/lhash/Attic/lhash.h 2009/08/05 18:38:21 1.3
@@ -230,8 +230,8 @@
lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
#define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
-DECLARE_LHASH_OF(STRING);
-DECLARE_LHASH_OF(CSTRING);
+DECLARE_LHASH_OF(OPENSSL_STRING);
+DECLARE_LHASH_OF(OPENSSL_CSTRING);
#ifdef __cplusplus
}
--- src/crypto/external/bsd/openssl/dist/ssl/Attic/s3_pkt.c 2009/07/19 23:30:42 1.2
+++ src/crypto/external/bsd/openssl/dist/ssl/Attic/s3_pkt.c 2009/08/05 18:38:22 1.3
@@ -160,7 +160,7 @@
if (pkt[0] == SSL3_RT_APPLICATION_DATA
&& (pkt[3]<<8|pkt[4]) >= 128)
{
- /* Note that even if packet is corrupted
+ /* Note that even if packet is corrupted
* and its length field is insane, we can
* only be led to wrong decision about
* whether memmove will occur or not.
@@ -176,11 +176,12 @@
/* ... now we can act as if 'extend' was set */
}
- /* extend reads should not span multiple packets for DTLS */
- if ( (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
- && extend)
+ /* For DTLS/UDP reads should not span multiple packets
+ * because the read operation returns the whole packet
+ * at once (as long as it fits into the buffer). */
+ if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
{
- if ( left > 0 && n > left)
+ if (left > 0 && n > left)
n = left;
}
@@ -207,15 +208,22 @@
rb->offset = len + align;
}
- max = rb->len - rb->offset;
- if (n > max) /* does not happen */
+ if (n > (int)(rb->len - rb->offset)) /* does not happen */
{
SSLerr(SSL_F_SSL3_READ_N,ERR_R_INTERNAL_ERROR);
return -1;
}
if (!s->read_ahead)
- max=n;
+ /* ignore max parameter */
+ max = n;
+ else
+ {
+ if (max < n)
+ max = n;
+ if (max > (int)(rb->len - rb->offset))
+ max = rb->len - rb->offset;
+ }
while (left < n)
{
@@ -244,6 +252,14 @@
return(i);
}
left+=i;
+ /* reads should *never* span multiple packets for DTLS because
+ * the underlying transport protocol is message oriented as opposed
+ * to byte oriented as in the TLS case. */
+ if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+ {
+ if (n > left)
+ n = left; /* makes the while condition false */
+ }
}
/* done reading, now the book-keeping */