提交 06d5b162 编写于 作者: R Ralf S. Engelschall

First cut of a cleanup for apps/. First the `ssleay' program is now named

`openssl' and second, the shortcut symlinks for the `openssl <command>' are no
longer created. This way we have a single and consistent command line
interface `openssl <command>', similar to `cvs <command>'.

Notice, the openssl.cnf, openssl.c and progs.pl files were changed after a
repository copy, i.e. they still contain the complete file history.
上级 0491b709
...@@ -5,6 +5,12 @@ ...@@ -5,6 +5,12 @@
Changes between 0.9.1c and 0.9.2 Changes between 0.9.1c and 0.9.2
*) First cut of a cleanup for apps/. First the `ssleay' program is now named
`openssl' and second, the shortcut symlinks for the `openssl <command>'
are no longer created. This way we have a single and consistent command
line interface `openssl <command>', similar to `cvs <command>'.
[Ralf S. Engelschall]
*) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey *) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey
BIT STRING wrapper always have zero unused bits. BIT STRING wrapper always have zero unused bits.
[Steve Henson] [Steve Henson]
......
# #
# SSLeay/apps/Makefile.ssl # apps/Makefile.ssl
# #
DIR= apps DIR= apps
...@@ -25,18 +25,18 @@ DLIBSSL=../libssl.a ...@@ -25,18 +25,18 @@ DLIBSSL=../libssl.a
LIBCRYPTO=-L.. -lcrypto LIBCRYPTO=-L.. -lcrypto
LIBSSL=-L.. -lssl LIBSSL=-L.. -lssl
SSLEAY= ssleay PROGRAM= openssl
SCRIPTS=CA.sh der_chop CA.pl SCRIPTS=CA.sh CA.pl der_chop
EXE= $(SSLEAY) EXE= $(PROGRAM)
E_EXE= verify asn1pars req dgst dh enc gendh errstr ca crl \ E_EXE= verify asn1pars req dgst dh enc gendh errstr ca crl \
rsa dsa dsaparam \ rsa dsa dsaparam \
x509 genrsa s_server s_client speed \ x509 genrsa s_server s_client speed \
s_time version pkcs7 crl2pkcs7 sess_id ciphers s_time version pkcs7 crl2pkcs7 sess_id ciphers
PROGS= $(SSLEAY).c PROGS= $(PROGRAM).c
A_OBJ=apps.o A_OBJ=apps.o
A_SRC=apps.c A_SRC=apps.c
...@@ -86,18 +86,15 @@ sreq.o: req.c ...@@ -86,18 +86,15 @@ sreq.o: req.c
files: files:
perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
install: mklinks install:
@for i in $(EXE) $(SCRIPTS) mklinks; \ @for i in $(EXE) $(SCRIPTS); \
do \ do \
(echo installing $$i; \ (echo installing $$i; \
cp $$i $(INSTALLTOP)/bin/$$i; \ cp $$i $(INSTALLTOP)/bin/$$i; \
chmod 755 $(INSTALLTOP)/bin/$$i ); \ chmod 755 $(INSTALLTOP)/bin/$$i ); \
done; \ done; \
cp ssleay.cnf $(INSTALLTOP)/lib cp openssl.cnf $(INSTALLTOP)/lib; \
chmod 644 $(INSTALLTOP)/lib/ssleay.cnf chmod 644 $(INSTALLTOP)/lib/openssl.cnf
cd $(INSTALLTOP)/bin; \
/bin/sh ./mklinks; \
/bin/rm -f ./mklinks
tags: tags:
ctags $(SRC) ctags $(SRC)
...@@ -130,15 +127,12 @@ $(DLIBSSL): ...@@ -130,15 +127,12 @@ $(DLIBSSL):
$(DLIBCRYPTO): $(DLIBCRYPTO):
(cd ../crypto; $(MAKE)) (cd ../crypto; $(MAKE))
$(SSLEAY): progs.h $(E_OBJ) $(SSLEAY).o $(DLIBCRYPTO) $(DLIBSSL) $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
$(RM) $(SSLEAY) $(RM) $(PROGRAM)
$(CC) -o $(SSLEAY) $(CFLAGS) $(SSLEAY).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS) $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS)
progs.h: progs.h:
perl ./g_ssleay.pl $(E_EXE) >progs.h perl ./progs.pl $(E_EXE) >progs.h
$(RM) $(SSLEAY).o $(RM) $(PROGRAM).o
mklinks:
perl ./g_ssleay.pl $(E_EXE) >progs.h
# DO NOT DELETE THIS LINE -- make depend depends on it. # DO NOT DELETE THIS LINE -- make depend depends on it.
2.99999.3 SET.ex3 SET x509v3 extension 3
#!/usr/local/bin/perl
$mkprog='mklinks';
$rmprog='rmlinks';
print "#ifndef NOPROTO\n";
grep(s/^asn1pars$/asn1parse/,@ARGV);
foreach (@ARGV)
{ printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
print "#else\n";
foreach (@ARGV)
{ printf "extern int %s_main();\n",$_; }
print "#endif\n";
print <<'EOF';
#ifdef SSLEAY_SRC
#define FUNC_TYPE_GENERAL 1
#define FUNC_TYPE_MD 2
#define FUNC_TYPE_CIPHER 3
typedef struct {
int type;
char *name;
int (*func)();
} FUNCTION;
FUNCTION functions[] = {
EOF
foreach (@ARGV)
{
push(@files,$_);
$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
{ print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))\n${str}#endif\n"; }
elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) ||
($_ =~ /^req$/) || ($_ =~ /^ca$/) || ($_ =~ /^x509$/))
{ print "#ifndef NO_RSA\n${str}#endif\n"; }
elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
{ print "#ifndef NO_DSA\n${str}#endif\n"; }
elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/))
{ print "#ifndef NO_DH\n${str}#endif\n"; }
else
{ print $str; }
}
foreach ("md2","md5","sha","sha1","mdc2","rmd160")
{
push(@files,$_);
printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_;
}
foreach (
"base64",
"des", "des3", "desx", "idea", "rc4", "rc2","bf","cast","rc5",
"des-ecb", "des-ede", "des-ede3",
"des-cbc", "des-ede-cbc","des-ede3-cbc",
"des-cfb", "des-ede-cfb","des-ede3-cfb",
"des-ofb", "des-ede-ofb","des-ede3-ofb",
"idea-cbc","idea-ecb", "idea-cfb", "idea-ofb",
"rc2-cbc", "rc2-ecb", "rc2-cfb", "rc2-ofb",
"bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb",
"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
"cast-cbc", "rc5-cbc", "rc5-ecb", "rc5-cfb", "rc5-ofb")
{
push(@files,$_);
$t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
if ($_ =~ /des/) { $t="#ifndef NO_DES\n${t}#endif\n"; }
elsif ($_ =~ /idea/) { $t="#ifndef NO_IDEA\n${t}#endif\n"; }
elsif ($_ =~ /rc4/) { $t="#ifndef NO_RC4\n${t}#endif\n"; }
elsif ($_ =~ /rc2/) { $t="#ifndef NO_RC2\n${t}#endif\n"; }
elsif ($_ =~ /bf/) { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
elsif ($_ =~ /cast/) { $t="#ifndef NO_CAST\n${t}#endif\n"; }
elsif ($_ =~ /rc5/) { $t="#ifndef NO_RC5\n${t}#endif\n"; }
print $t;
}
print "\t{0,NULL,NULL}\n\t};\n";
print "#endif\n\n";
open(OUT,">$mkprog") || die "unable to open '$prog':$!\n";
print OUT "#!/bin/sh\nfor i in ";
foreach (@files)
{ print OUT $_." "; }
print OUT <<'EOF';
do
echo making symlink for $i
/bin/rm -f $i
ln -s ssleay $i
done
EOF
close(OUT);
chmod(0755,$mkprog);
open(OUT,">$rmprog") || die "unable to open '$prog':$!\n";
print OUT "#!/bin/sh\nfor i in ";
foreach (@files)
{ print OUT $_." "; }
print OUT <<'EOF';
do
echo removing $i
/bin/rm -f $i
done
EOF
close(OUT);
chmod(0755,$rmprog);
#!/bin/sh
for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 rmd160 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb
do
echo making symlink for $i
/bin/rm -f $i
ln -s ssleay $i
done
/* apps/ssleay.c */ /* apps/openssl.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved. * All rights reserved.
* *
...@@ -152,12 +152,14 @@ char *Argv[]; ...@@ -152,12 +152,14 @@ char *Argv[];
ERR_load_crypto_strings(); ERR_load_crypto_strings();
/* Lets load up our environment a little */ /* Lets load up our environment a little */
p=getenv("SSLEAY_CONF"); p=getenv("OPENSSL_CONF");
if (p == NULL)
p=getenv("SSLEAY_CONF");
if (p == NULL) if (p == NULL)
{ {
strcpy(config_name,X509_get_default_cert_area()); strcpy(config_name,X509_get_default_cert_area());
strcat(config_name,"/lib/"); strcat(config_name,"/lib/");
strcat(config_name,SSLEAY_CONF); strcat(config_name,OPENSSL_CONF);
p=config_name; p=config_name;
} }
...@@ -191,7 +193,7 @@ char *Argv[]; ...@@ -191,7 +193,7 @@ char *Argv[];
goto end; goto end;
} }
/* ok, lets enter the old 'SSLeay>' mode */ /* ok, lets enter the old 'OpenSSL>' mode */
for (;;) for (;;)
{ {
...@@ -204,7 +206,7 @@ char *Argv[]; ...@@ -204,7 +206,7 @@ char *Argv[];
p[0]='\0'; p[0]='\0';
if (i++) if (i++)
prompt=">"; prompt=">";
else prompt="SSLeay>"; else prompt="OpenSSL> ";
fputs(prompt,stdout); fputs(prompt,stdout);
fflush(stdout); fflush(stdout);
fgets(p,n,stdin); fgets(p,n,stdin);
...@@ -278,10 +280,10 @@ char *argv[]; ...@@ -278,10 +280,10 @@ char *argv[];
} }
else else
{ {
BIO_printf(bio_err,"'%s' is a bad command, valid commands are", BIO_printf(bio_err,"openssl:Error: '%s' is an invalid command.\n",
argv[0]); argv[0]);
BIO_printf(bio_err, "\nStandard commands");
i=0; i=0;
fp=functions;
tp=0; tp=0;
for (fp=functions; fp->name != NULL; fp++) for (fp=functions; fp->name != NULL; fp++)
{ {
...@@ -299,17 +301,17 @@ char *argv[]; ...@@ -299,17 +301,17 @@ char *argv[];
{ {
i=1; i=1;
BIO_printf(bio_err, BIO_printf(bio_err,
"Message Digest commands - see the dgst command for more details\n"); "\nMessage Digest commands (see the `dgst' command for more details)\n");
} }
else if (tp == FUNC_TYPE_CIPHER) else if (tp == FUNC_TYPE_CIPHER)
{ {
i=1; i=1;
BIO_printf(bio_err,"Cipher commands - see the enc command for more details\n"); BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
} }
} }
BIO_printf(bio_err,"%-15s",fp->name); BIO_printf(bio_err,"%-15s",fp->name);
} }
BIO_printf(bio_err,"\nquit\n"); BIO_printf(bio_err,"\n\n");
ret=0; ret=0;
} }
end: end:
......
# #
# SSLeay example configuration file. # OpenSSL example configuration file.
# This is mostly being used for generation of certificate requests. # This is mostly being used for generation of certificate requests.
# #
...@@ -80,7 +80,7 @@ localityName = Locality Name (eg, city) ...@@ -80,7 +80,7 @@ localityName = Locality Name (eg, city)
# we can do this but it is not needed normally :-) # we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company) #1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = CryptSoft Pty Ltd #1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section) organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default = #organizationalUnitName_default =
...@@ -102,7 +102,7 @@ unstructuredName = An optional company name ...@@ -102,7 +102,7 @@ unstructuredName = An optional company name
[ x509v3_extensions ] [ x509v3_extensions ]
nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
nsComment = "This is a comment" nsComment = "This is a comment"
# under ASN.1, the 0 bit would be encoded as 80 # under ASN.1, the 0 bit would be encoded as 80
......
#!/usr/local/bin/perl #!/usr/local/bin/perl
$mkprog='mklinks';
$rmprog='rmlinks';
print "#ifndef NOPROTO\n"; print "#ifndef NOPROTO\n";
grep(s/^asn1pars$/asn1parse/,@ARGV); grep(s/^asn1pars$/asn1parse/,@ARGV);
...@@ -38,8 +35,7 @@ foreach (@ARGV) ...@@ -38,8 +35,7 @@ foreach (@ARGV)
$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n"; $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/)) if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
{ print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))\n${str}#endif\n"; } { print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))\n${str}#endif\n"; }
elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) || elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) )
($_ =~ /^req$/) || ($_ =~ /^ca$/) || ($_ =~ /^x509$/))
{ print "#ifndef NO_RSA\n${str}#endif\n"; } { print "#ifndef NO_RSA\n${str}#endif\n"; }
elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/)) elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
{ print "#ifndef NO_DSA\n${str}#endif\n"; } { print "#ifndef NO_DSA\n${str}#endif\n"; }
...@@ -84,31 +80,3 @@ foreach ( ...@@ -84,31 +80,3 @@ foreach (
print "\t{0,NULL,NULL}\n\t};\n"; print "\t{0,NULL,NULL}\n\t};\n";
print "#endif\n\n"; print "#endif\n\n";
open(OUT,">$mkprog") || die "unable to open '$prog':$!\n";
print OUT "#!/bin/sh\nfor i in ";
foreach (@files)
{ print OUT $_." "; }
print OUT <<'EOF';
do
echo making symlink for $i
/bin/rm -f $i
ln -s ssleay $i
done
EOF
close(OUT);
chmod(0755,$mkprog);
open(OUT,">$rmprog") || die "unable to open '$prog':$!\n";
print OUT "#!/bin/sh\nfor i in ";
foreach (@files)
{ print OUT $_." "; }
print OUT <<'EOF';
do
echo removing $i
/bin/rm -f $i
done
EOF
close(OUT);
chmod(0755,$rmprog);
...@@ -357,12 +357,14 @@ bad: ...@@ -357,12 +357,14 @@ bad:
#ifndef MONOLITH #ifndef MONOLITH
/* Lets load up our environment a little */ /* Lets load up our environment a little */
p=getenv("SSLEAY_CONF"); p=getenv("OPENSSL_CONF");
if (p == NULL)
p=getenv("SSLEAY_CONF");
if (p == NULL) if (p == NULL)
{ {
strcpy(config_name,X509_get_default_cert_area()); strcpy(config_name,X509_get_default_cert_area());
strcat(config_name,"/lib/"); strcat(config_name,"/lib/");
strcat(config_name,SSLEAY_CONF); strcat(config_name,OPENSSL_CONF);
p=config_name; p=config_name;
} }
default_config_file=p; default_config_file=p;
......
#!/bin/sh
for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 rmd160 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb
do
echo removing $i
/bin/rm -f $i
done
/* apps/ssleay.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#ifndef DEBUG
#undef DEBUG
#endif
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "bio.h"
#include "crypto.h"
#include "lhash.h"
#include "conf.h"
#include "x509.h"
#include "pem.h"
#include "ssl.h"
#define SSLEAY /* turn off a few special case MONOLITH macros */
#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
#define SSLEAY_SRC
#include "apps.h"
#include "s_apps.h"
#include "err.h"
/*
#ifdef WINDOWS
#include "bss_file.c"
#endif
*/
#ifndef NOPROTO
static unsigned long MS_CALLBACK hash(FUNCTION *a);
static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
static LHASH *prog_init(void );
static int do_cmd(LHASH *prog,int argc,char *argv[]);
#else
static unsigned long MS_CALLBACK hash();
static int MS_CALLBACK cmp();
static LHASH *prog_init();
static int do_cmd();
#endif
LHASH *config=NULL;
char *default_config_file=NULL;
#ifdef DEBUG
static void sig_stop(i)
int i;
{
char *a=NULL;
*a='\0';
}
#endif
/* Make sure there is only one when MONOLITH is defined */
#ifdef MONOLITH
BIO *bio_err=NULL;
#endif
int main(Argc,Argv)
int Argc;
char *Argv[];
{
ARGS arg;
#define PROG_NAME_SIZE 16
char pname[PROG_NAME_SIZE];
FUNCTION f,*fp;
MS_STATIC char *prompt,buf[1024],config_name[256];
int n,i,ret=0;
int argc;
char **argv,*p;
LHASH *prog=NULL;
long errline;
arg.data=NULL;
arg.count=0;
/* SSLeay_add_ssl_algorithms(); is called in apps_startup() */
apps_startup();
#if defined(DEBUG) && !defined(WINDOWS) && !defined(MSDOS)
#ifdef SIGBUS
signal(SIGBUS,sig_stop);
#endif
#ifdef SIGSEGV
signal(SIGSEGV,sig_stop);
#endif
#endif
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
/* Lets load up our environment a little */
p=getenv("SSLEAY_CONF");
if (p == NULL)
{
strcpy(config_name,X509_get_default_cert_area());
strcat(config_name,"/lib/");
strcat(config_name,SSLEAY_CONF);
p=config_name;
}
default_config_file=p;
config=CONF_load(config,p,&errline);
if (config == NULL) ERR_clear_error();
prog=prog_init();
/* first check the program name */
program_name(Argv[0],pname,PROG_NAME_SIZE);
f.name=pname;
fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
if (fp != NULL)
{
Argv[0]=pname;
ret=fp->func(Argc,Argv);
goto end;
}
/* ok, now check that there are not arguments, if there are,
* run with them, shifting the ssleay off the front */
if (Argc != 1)
{
Argc--;
Argv++;
ret=do_cmd(prog,Argc,Argv);
if (ret < 0) ret=0;
goto end;
}
/* ok, lets enter the old 'SSLeay>' mode */
for (;;)
{
ret=0;
p=buf;
n=1024;
i=0;
for (;;)
{
p[0]='\0';
if (i++)
prompt=">";
else prompt="SSLeay>";
fputs(prompt,stdout);
fflush(stdout);
fgets(p,n,stdin);
if (p[0] == '\0') goto end;
i=strlen(p);
if (i <= 1) break;
if (p[i-2] != '\\') break;
i-=2;
p+=i;
n-=i;
}
if (!chopup_args(&arg,buf,&argc,&argv)) break;
ret=do_cmd(prog,argc,argv);
if (ret < 0)
{
ret=0;
goto end;
}
if (ret != 0)
BIO_printf(bio_err,"error in %s\n",argv[0]);
BIO_flush(bio_err);
}
BIO_printf(bio_err,"bad exit\n");
ret=1;
end:
if (config != NULL)
{
CONF_free(config);
config=NULL;
}
if (prog != NULL) lh_free(prog);
if (arg.data != NULL) Free(arg.data);
ERR_remove_state(0);
EVP_cleanup();
ERR_free_strings();
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
{
BIO_free(bio_err);
bio_err=NULL;
}
EXIT(ret);
}
static int do_cmd(prog,argc,argv)
LHASH *prog;
int argc;
char *argv[];
{
FUNCTION f,*fp;
int i,ret=1,tp,nl;
if ((argc <= 0) || (argv[0] == NULL))
{ ret=0; goto end; }
f.name=argv[0];
fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
if (fp != NULL)
{
ret=fp->func(argc,argv);
}
else if ((strcmp(argv[0],"quit") == 0) ||
(strcmp(argv[0],"q") == 0) ||
(strcmp(argv[0],"exit") == 0) ||
(strcmp(argv[0],"bye") == 0))
{
ret= -1;
goto end;
}
else
{
BIO_printf(bio_err,"'%s' is a bad command, valid commands are",
argv[0]);
i=0;
fp=functions;
tp=0;
for (fp=functions; fp->name != NULL; fp++)
{
nl=0;
if (((i++) % 5) == 0)
{
BIO_printf(bio_err,"\n");
nl=1;
}
if (fp->type != tp)
{
tp=fp->type;
if (!nl) BIO_printf(bio_err,"\n");
if (tp == FUNC_TYPE_MD)
{
i=1;
BIO_printf(bio_err,
"Message Digest commands - see the dgst command for more details\n");
}
else if (tp == FUNC_TYPE_CIPHER)
{
i=1;
BIO_printf(bio_err,"Cipher commands - see the enc command for more details\n");
}
}
BIO_printf(bio_err,"%-15s",fp->name);
}
BIO_printf(bio_err,"\nquit\n");
ret=0;
}
end:
return(ret);
}
static LHASH *prog_init()
{
LHASH *ret;
FUNCTION *f;
if ((ret=lh_new(hash,cmp)) == NULL) return(NULL);
for (f=functions; f->name != NULL; f++)
lh_insert(ret,(char *)f);
return(ret);
}
static int MS_CALLBACK cmp(a,b)
FUNCTION *a,*b;
{
return(strncmp(a->name,b->name,8));
}
static unsigned long MS_CALLBACK hash(a)
FUNCTION *a;
{
return(lh_strhash(a->name));
}
#undef SSLEAY
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = $ENV::HOME/.rnd
oid_file = $ENV::HOME/.oid
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = x509v3_extensions # The extentions to add to the cert
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = md5 # which md to use.
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = 1024
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Some-State
localityName = Locality Name (eg, city)
0.organizationName = Organization Name (eg, company)
0.organizationName_default = Internet Widgits Pty Ltd
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = CryptSoft Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default =
commonName = Common Name (eg, YOUR name)
commonName_max = 64
emailAddress = Email Address
emailAddress_max = 40
SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
unstructuredName = An optional company name
[ x509v3_extensions ]
nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem
nsComment = "This is a comment"
# under ASN.1, the 0 bit would be encoded as 80
nsCertType = 0x40
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
#nsCertSequence
#nsCertExt
#nsDataType
...@@ -61,12 +61,12 @@ ...@@ -61,12 +61,12 @@
* perl obj_dat.pl < objects.h > obj_dat.h * perl obj_dat.pl < objects.h > obj_dat.h
*/ */
#define NUM_NID 126 #define NUM_NID 127
#define NUM_SN 97 #define NUM_SN 98
#define NUM_LN 124 #define NUM_LN 125
#define NUM_OBJ 98 #define NUM_OBJ 99
static unsigned char lvalues[611]={ static unsigned char lvalues[614]={
0x00, /* [ 0] OBJ_undef */ 0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
...@@ -165,6 +165,7 @@ static unsigned char lvalues[611]={ ...@@ -165,6 +165,7 @@ static unsigned char lvalues[611]={
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [592] OBJ_rc5_cbc */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [592] OBJ_rc5_cbc */
0x29,0x01,0x01,0x85,0x1A, /* [600] OBJ_rle_compression */ 0x29,0x01,0x01,0x85,0x1A, /* [600] OBJ_rle_compression */
0x29,0x01,0x01,0x85,0x1A, /* [605] OBJ_zlib_compression */ 0x29,0x01,0x01,0x85,0x1A, /* [605] OBJ_zlib_compression */
0x55,0x1D,0x25, /* [610] OBJ_ext_key_usage */
}; };
static ASN1_OBJECT nid_objs[NUM_NID]={ static ASN1_OBJECT nid_objs[NUM_NID]={
...@@ -336,6 +337,8 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ ...@@ -336,6 +337,8 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL}, {"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL},
{"RLE","run length compression",NID_rle_compression,5,&(lvalues[600]),0}, {"RLE","run length compression",NID_rle_compression,5,&(lvalues[600]),0},
{"ZLIB","zlib compression",NID_zlib_compression,5,&(lvalues[605]),0}, {"ZLIB","zlib compression",NID_zlib_compression,5,&(lvalues[605]),0},
{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
&(lvalues[610]),0},
}; };
static ASN1_OBJECT *sn_objs[NUM_SN]={ static ASN1_OBJECT *sn_objs[NUM_SN]={
...@@ -419,6 +422,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ ...@@ -419,6 +422,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[89]),/* "certificatePolicies" */ &(nid_objs[89]),/* "certificatePolicies" */
&(nid_objs[103]),/* "crlDistributionPoints" */ &(nid_objs[103]),/* "crlDistributionPoints" */
&(nid_objs[88]),/* "crlNumber" */ &(nid_objs[88]),/* "crlNumber" */
&(nid_objs[126]),/* "extendedKeyUsage" */
&(nid_objs[86]),/* "issuerAltName" */ &(nid_objs[86]),/* "issuerAltName" */
&(nid_objs[83]),/* "keyUsage" */ &(nid_objs[83]),/* "keyUsage" */
&(nid_objs[81]),/* "ld-ce" */ &(nid_objs[81]),/* "ld-ce" */
...@@ -458,6 +462,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ ...@@ -458,6 +462,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */ &(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
&(nid_objs[88]),/* "X509v3 CRL Number" */ &(nid_objs[88]),/* "X509v3 CRL Number" */
&(nid_objs[89]),/* "X509v3 Certificate Policies" */ &(nid_objs[89]),/* "X509v3 Certificate Policies" */
&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */ &(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
&(nid_objs[83]),/* "X509v3 Key Usage" */ &(nid_objs[83]),/* "X509v3 Key Usage" */
&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */ &(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
...@@ -593,11 +598,12 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ ...@@ -593,11 +598,12 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */ &(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */ &(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */ &(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */
&(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */
&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */ &(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */ &(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */ &(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666.1 */
&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666.2 */ &(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666.2 */
&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666.1 */
&(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */ &(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */
&(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */ &(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */
&(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */ &(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */
......
...@@ -172,7 +172,8 @@ extern "C" { ...@@ -172,7 +172,8 @@ extern "C" {
#ifndef R_OK #ifndef R_OK
# define R_OK 4 # define R_OK 4
#endif #endif
# define SSLEAY_CONF "ssleay.cnf" # define OPENSSL_CONF "openssl.cnf"
# define SSLEAY_CONF OPENSSL_CONF
# define NUL_DEV "nul" # define NUL_DEV "nul"
# define RFILE ".rnd" # define RFILE ".rnd"
...@@ -184,7 +185,8 @@ extern "C" { ...@@ -184,7 +185,8 @@ extern "C" {
# include <unistd.h> # include <unistd.h>
# endif # endif
# define SSLEAY_CONF "ssleay.cnf" # define OPENSSL_CONF "openssl.cnf"
# define SSLEAY_CONF OPENSSL_CONF
# define RFILE ".rnd" # define RFILE ".rnd"
# define LIST_SEPARATOR_CHAR ':' # define LIST_SEPARATOR_CHAR ':'
# ifndef MONOLITH # ifndef MONOLITH
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册