Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
90d9e49a
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
90d9e49a
编写于
11月 05, 2015
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Use uint32_t and int32_t for SSL_CIPHER structure.
Reviewed-by:
N
Andy Polyakov
<
appro@openssl.org
>
上级
d99b0691
变更
7
隐藏空白更改
内联
并排
Showing
7 changed file
with
79 addition
and
86 deletion
+79
-86
include/openssl/ssl.h
include/openssl/ssl.h
+2
-2
ssl/s3_lib.c
ssl/s3_lib.c
+3
-3
ssl/ssl_ciph.c
ssl/ssl_ciph.c
+42
-45
ssl/ssl_lib.c
ssl/ssl_lib.c
+10
-14
ssl/ssl_locl.h
ssl/ssl_locl.h
+19
-19
ssl/t1_lib.c
ssl/t1_lib.c
+1
-1
test/ssltest.c
test/ssltest.c
+2
-2
未找到文件。
include/openssl/ssl.h
浏览文件 @
90d9e49a
...
...
@@ -1380,10 +1380,10 @@ __owur int SSL_clear(SSL *s);
void
SSL_CTX_flush_sessions
(
SSL_CTX
*
ctx
,
long
tm
);
__owur
const
SSL_CIPHER
*
SSL_get_current_cipher
(
const
SSL
*
s
);
__owur
int
SSL_CIPHER_get_bits
(
const
SSL_CIPHER
*
c
,
in
t
*
alg_bits
);
__owur
int
32_t
SSL_CIPHER_get_bits
(
const
SSL_CIPHER
*
c
,
uint32_
t
*
alg_bits
);
__owur
char
*
SSL_CIPHER_get_version
(
const
SSL_CIPHER
*
c
);
__owur
const
char
*
SSL_CIPHER_get_name
(
const
SSL_CIPHER
*
c
);
__owur
u
nsigned
long
SSL_CIPHER_get_id
(
const
SSL_CIPHER
*
c
);
__owur
u
int32_t
SSL_CIPHER_get_id
(
const
SSL_CIPHER
*
c
);
__owur
int
SSL_get_fd
(
const
SSL
*
s
);
__owur
int
SSL_get_rfd
(
const
SSL
*
s
);
...
...
ssl/s3_lib.c
浏览文件 @
90d9e49a
...
...
@@ -4763,9 +4763,9 @@ const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
{
SSL_CIPHER
c
;
const
SSL_CIPHER
*
cp
;
u
nsigned
long
id
;
u
int32_t
id
;
id
=
0x03000000
L
|
((
unsigned
long
)
p
[
0
]
<<
8L
)
|
(
unsigned
long
)
p
[
1
];
id
=
0x03000000
|
((
uint32_t
)
p
[
0
]
<<
8L
)
|
(
uint32_t
)
p
[
1
];
c
.
id
=
id
;
cp
=
OBJ_bsearch_ssl_cipher_id
(
&
c
,
ssl3_ciphers
,
SSL3_NUM_CIPHERS
);
#ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
...
...
@@ -4915,7 +4915,7 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
{
int
ret
=
0
;
int
nostrict
=
1
;
u
nsigned
long
alg_k
,
alg_a
=
0
;
u
int32_t
alg_k
,
alg_a
=
0
;
/* If we have custom certificate types set, use them */
if
(
s
->
cert
->
ctypes
)
{
...
...
ssl/ssl_ciph.c
浏览文件 @
90d9e49a
...
...
@@ -173,7 +173,7 @@
/* NB: make sure indices in these tables match values above */
typedef
struct
{
u
nsigned
long
mask
;
u
int32_t
mask
;
int
nid
;
}
ssl_cipher_table
;
...
...
@@ -239,7 +239,7 @@ static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
/* Utility function for table lookup */
static
int
ssl_cipher_info_find
(
const
ssl_cipher_table
*
table
,
size_t
table_cnt
,
u
nsigned
long
mask
)
size_t
table_cnt
,
u
int32_t
mask
)
{
size_t
i
;
for
(
i
=
0
;
i
<
table_cnt
;
i
++
,
table
++
)
{
...
...
@@ -463,10 +463,10 @@ static int get_optional_pkey_id(const char *pkey_name)
#endif
/* masks of disabled algorithms */
static
u
nsigned
long
disabled_enc_mask
;
static
u
nsigned
long
disabled_mac_mask
;
static
u
nsigned
long
disabled_mkey_mask
;
static
u
nsigned
long
disabled_auth_mask
;
static
u
int32_t
disabled_enc_mask
;
static
u
int32_t
disabled_mac_mask
;
static
u
int32_t
disabled_mkey_mask
;
static
u
int32_t
disabled_auth_mask
;
void
ssl_load_ciphers
(
void
)
{
...
...
@@ -745,11 +745,11 @@ static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
static
void
ssl_cipher_collect_ciphers
(
const
SSL_METHOD
*
ssl_method
,
int
num_of_ciphers
,
u
nsigned
long
disabled_mkey
,
u
nsigned
long
disabled_auth
,
u
nsigned
long
disabled_enc
,
u
nsigned
long
disabled_mac
,
u
nsigned
long
disabled_ssl
,
u
int32_t
disabled_mkey
,
u
int32_t
disabled_auth
,
u
int32_t
disabled_enc
,
u
int32_t
disabled_mac
,
u
int32_t
disabled_ssl
,
CIPHER_ORDER
*
co_list
,
CIPHER_ORDER
**
head_p
,
CIPHER_ORDER
**
tail_p
)
...
...
@@ -813,21 +813,21 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
static
void
ssl_cipher_collect_aliases
(
const
SSL_CIPHER
**
ca_list
,
int
num_of_group_aliases
,
u
nsigned
long
disabled_mkey
,
u
nsigned
long
disabled_auth
,
u
nsigned
long
disabled_enc
,
u
nsigned
long
disabled_mac
,
u
nsigned
long
disabled_ssl
,
u
int32_t
disabled_mkey
,
u
int32_t
disabled_auth
,
u
int32_t
disabled_enc
,
u
int32_t
disabled_mac
,
u
int32_t
disabled_ssl
,
CIPHER_ORDER
*
head
)
{
CIPHER_ORDER
*
ciph_curr
;
const
SSL_CIPHER
**
ca_curr
;
int
i
;
u
nsigned
long
mask_mkey
=
~
disabled_mkey
;
u
nsigned
long
mask_auth
=
~
disabled_auth
;
u
nsigned
long
mask_enc
=
~
disabled_enc
;
u
nsigned
long
mask_mac
=
~
disabled_mac
;
u
nsigned
long
mask_ssl
=
~
disabled_ssl
;
u
int32_t
mask_mkey
=
~
disabled_mkey
;
u
int32_t
mask_auth
=
~
disabled_auth
;
u
int32_t
mask_enc
=
~
disabled_enc
;
u
int32_t
mask_mac
=
~
disabled_mac
;
u
int32_t
mask_ssl
=
~
disabled_ssl
;
/*
* First, add the real ciphers as already collected
...
...
@@ -847,11 +847,11 @@ static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list,
* or represent a cipher strength value (will be added in any case because algorithms=0).
*/
for
(
i
=
0
;
i
<
num_of_group_aliases
;
i
++
)
{
u
nsigned
long
algorithm_mkey
=
cipher_aliases
[
i
].
algorithm_mkey
;
u
nsigned
long
algorithm_auth
=
cipher_aliases
[
i
].
algorithm_auth
;
u
nsigned
long
algorithm_enc
=
cipher_aliases
[
i
].
algorithm_enc
;
u
nsigned
long
algorithm_mac
=
cipher_aliases
[
i
].
algorithm_mac
;
u
nsigned
long
algorithm_ssl
=
cipher_aliases
[
i
].
algorithm_ssl
;
u
int32_t
algorithm_mkey
=
cipher_aliases
[
i
].
algorithm_mkey
;
u
int32_t
algorithm_auth
=
cipher_aliases
[
i
].
algorithm_auth
;
u
int32_t
algorithm_enc
=
cipher_aliases
[
i
].
algorithm_enc
;
u
int32_t
algorithm_mac
=
cipher_aliases
[
i
].
algorithm_mac
;
u
int32_t
algorithm_ssl
=
cipher_aliases
[
i
].
algorithm_ssl
;
if
(
algorithm_mkey
)
if
((
algorithm_mkey
&
mask_mkey
)
==
0
)
...
...
@@ -880,14 +880,11 @@ static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list,
*
ca_curr
=
NULL
;
/* end of list */
}
static
void
ssl_cipher_apply_rule
(
unsigned
long
cipher_id
,
unsigned
long
alg_mkey
,
unsigned
long
alg_auth
,
unsigned
long
alg_enc
,
unsigned
long
alg_mac
,
unsigned
long
alg_ssl
,
unsigned
long
algo_strength
,
int
rule
,
int
strength_bits
,
CIPHER_ORDER
**
head_p
,
static
void
ssl_cipher_apply_rule
(
uint32_t
cipher_id
,
uint32_t
alg_mkey
,
uint32_t
alg_auth
,
uint32_t
alg_enc
,
uint32_t
alg_mac
,
uint32_t
alg_ssl
,
uint32_t
algo_strength
,
int
rule
,
int32_t
strength_bits
,
CIPHER_ORDER
**
head_p
,
CIPHER_ORDER
**
tail_p
)
{
CIPHER_ORDER
*
head
,
*
tail
,
*
curr
,
*
next
,
*
last
;
...
...
@@ -1024,7 +1021,8 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id,
static
int
ssl_cipher_strength_sort
(
CIPHER_ORDER
**
head_p
,
CIPHER_ORDER
**
tail_p
)
{
int
max_strength_bits
,
i
,
*
number_uses
;
int32_t
max_strength_bits
;
int
i
,
*
number_uses
;
CIPHER_ORDER
*
curr
;
/*
...
...
@@ -1073,11 +1071,10 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
CIPHER_ORDER
**
tail_p
,
const
SSL_CIPHER
**
ca_list
,
CERT
*
c
)
{
unsigned
long
alg_mkey
,
alg_auth
,
alg_enc
,
alg_mac
,
alg_ssl
,
algo_strength
;
uint32_t
alg_mkey
,
alg_auth
,
alg_enc
,
alg_mac
,
alg_ssl
,
algo_strength
;
const
char
*
l
,
*
buf
;
int
j
,
multi
,
found
,
rule
,
retval
,
ok
,
buflen
;
u
nsigned
long
cipher_id
=
0
;
u
int32_t
cipher_id
=
0
;
char
ch
;
retval
=
1
;
...
...
@@ -1409,7 +1406,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK
const
char
*
rule_str
,
CERT
*
c
)
{
int
ok
,
num_of_ciphers
,
num_of_alias_max
,
num_of_group_aliases
;
u
nsigned
long
disabled_mkey
,
disabled_auth
,
disabled_enc
,
disabled_mac
,
u
int32_t
disabled_mkey
,
disabled_auth
,
disabled_enc
,
disabled_mac
,
disabled_ssl
;
STACK_OF
(
SSL_CIPHER
)
*
cipherstack
,
*
tmp_cipher_list
;
const
char
*
rule_p
;
...
...
@@ -1607,7 +1604,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
int
is_export
,
pkl
,
kl
;
const
char
*
ver
,
*
exp_str
;
const
char
*
kx
,
*
au
,
*
enc
,
*
mac
;
u
nsigned
long
alg_mkey
,
alg_auth
,
alg_enc
,
alg_mac
,
alg_ssl
;
u
int32_t
alg_mkey
,
alg_auth
,
alg_enc
,
alg_mac
,
alg_ssl
;
static
const
char
*
format
=
"%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s
\n
"
;
...
...
@@ -1829,19 +1826,19 @@ const char *SSL_CIPHER_get_name(const SSL_CIPHER *c)
}
/* number of bits for symmetric cipher */
int
SSL_CIPHER_get_bits
(
const
SSL_CIPHER
*
c
,
in
t
*
alg_bits
)
int
32_t
SSL_CIPHER_get_bits
(
const
SSL_CIPHER
*
c
,
uint32_
t
*
alg_bits
)
{
int
ret
=
0
;
int
32_t
ret
=
0
;
if
(
c
!=
NULL
)
{
if
(
alg_bits
!=
NULL
)
*
alg_bits
=
c
->
alg_bits
;
ret
=
c
->
strength_bits
;
}
return
(
ret
)
;
return
ret
;
}
u
nsigned
long
SSL_CIPHER_get_id
(
const
SSL_CIPHER
*
c
)
u
int32_t
SSL_CIPHER_get_id
(
const
SSL_CIPHER
*
c
)
{
return
c
->
id
;
}
...
...
@@ -1970,7 +1967,7 @@ const char *SSL_COMP_get_name(const COMP_METHOD *comp)
/* For a cipher return the index corresponding to the certificate type */
int
ssl_cipher_get_cert_index
(
const
SSL_CIPHER
*
c
)
{
u
nsigned
long
alg_k
,
alg_a
;
u
int32_t
alg_k
,
alg_a
;
alg_k
=
c
->
algorithm_mkey
;
alg_a
=
c
->
algorithm_auth
;
...
...
ssl/ssl_lib.c
浏览文件 @
90d9e49a
...
...
@@ -1224,25 +1224,21 @@ long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
int
ssl_cipher_id_cmp
(
const
SSL_CIPHER
*
a
,
const
SSL_CIPHER
*
b
)
{
long
l
;
l
=
a
->
id
-
b
->
id
;
if
(
l
==
0L
)
return
(
0
);
else
return
((
l
>
0
)
?
1
:
-
1
);
if
(
a
->
id
>
b
->
id
)
return
1
;
if
(
a
->
id
<
b
->
id
)
return
-
1
;
return
0
;
}
int
ssl_cipher_ptr_id_cmp
(
const
SSL_CIPHER
*
const
*
ap
,
const
SSL_CIPHER
*
const
*
bp
)
{
long
l
;
l
=
(
*
ap
)
->
id
-
(
*
bp
)
->
id
;
if
(
l
==
0L
)
return
(
0
);
else
return
((
l
>
0
)
?
1
:
-
1
);
if
((
*
ap
)
->
id
>
(
*
bp
)
->
id
)
return
1
;
if
((
*
ap
)
->
id
<
(
*
bp
)
->
id
)
return
-
1
;
return
0
;
}
/** return a STACK of the ciphers available for the SSL and in order of
...
...
ssl/ssl_locl.h
浏览文件 @
90d9e49a
...
...
@@ -537,22 +537,22 @@
#define TLS_CIPHER_LEN 2
/* used to hold info on the particular ciphers used */
struct
ssl_cipher_st
{
in
t
valid
;
const
char
*
name
;
/* text name */
u
nsigned
long
id
;
/* id, 4 bytes, first is version */
uint32_
t
valid
;
const
char
*
name
;
/* text name */
u
int32_t
id
;
/* id, 4 bytes, first is version */
/*
* changed in
0.9.9
: these four used to be portions of a single value
* changed in
1.0.0
: these four used to be portions of a single value
* 'algorithms'
*/
u
nsigned
long
algorithm_mkey
;
/* key exchange algorithm */
u
nsigned
long
algorithm_auth
;
/* server authentication */
u
nsigned
long
algorithm_enc
;
/* symmetric encryption */
u
nsigned
long
algorithm_mac
;
/* symmetric authentication */
u
nsigned
long
algorithm_ssl
;
/* (major) protocol version */
u
nsigned
long
algo_strength
;
/* strength and export flags */
u
nsigned
long
algorithm2
;
/* Extra flags */
int
strength_bits
;
/* Number of bits really used */
int
alg_bits
;
/* Number of bits for algorithm */
u
int32_t
algorithm_mkey
;
/* key exchange algorithm */
u
int32_t
algorithm_auth
;
/* server authentication */
u
int32_t
algorithm_enc
;
/* symmetric encryption */
u
int32_t
algorithm_mac
;
/* symmetric authentication */
u
int32_t
algorithm_ssl
;
/* (major) protocol version */
u
int32_t
algo_strength
;
/* strength and export flags */
u
int32_t
algorithm2
;
/* Extra flags */
int
32_t
strength_bits
;
/* Number of bits really used */
uint32_t
alg_bits
;
/* Number of bits for algorithm */
};
/* Used to hold SSL/TLS functions */
...
...
@@ -1308,12 +1308,12 @@ typedef struct ssl3_state_st {
* that are supported by the certs below. For clients they are masks of
* *disabled* algorithms based on the current session.
*/
u
nsigned
long
mask_k
;
u
nsigned
long
mask_a
;
u
nsigned
long
export_mask_k
;
u
nsigned
long
export_mask_a
;
u
int32_t
mask_k
;
u
int32_t
mask_a
;
u
int32_t
export_mask_k
;
u
int32_t
export_mask_a
;
/* Client only */
u
nsigned
long
mask_ssl
;
u
int32_t
mask_ssl
;
}
tmp
;
/* Connection binding to prevent renegotiation attacks */
...
...
@@ -2062,7 +2062,7 @@ __owur int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
const
EVP_MD
*
md
);
__owur
int
tls12_get_sigid
(
const
EVP_PKEY
*
pk
);
__owur
const
EVP_MD
*
tls12_get_hash
(
unsigned
char
hash_alg
);
void
ssl_set_sig_mask
(
u
nsigned
long
*
pmask_a
,
SSL
*
s
,
int
op
);
void
ssl_set_sig_mask
(
u
int32_t
*
pmask_a
,
SSL
*
s
,
int
op
);
__owur
int
tls1_set_sigalgs_list
(
CERT
*
c
,
const
char
*
str
,
int
client
);
__owur
int
tls1_set_sigalgs
(
CERT
*
c
,
const
int
*
salg
,
size_t
salglen
,
int
client
);
...
...
ssl/t1_lib.c
浏览文件 @
90d9e49a
...
...
@@ -3310,7 +3310,7 @@ static int tls12_sigalg_allowed(SSL *s, int op, const unsigned char *ptmp)
* disabled.
*/
void
ssl_set_sig_mask
(
u
nsigned
long
*
pmask_a
,
SSL
*
s
,
int
op
)
void
ssl_set_sig_mask
(
u
int32_t
*
pmask_a
,
SSL
*
s
,
int
op
)
{
const
unsigned
char
*
sigalgs
;
size_t
i
,
sigalgslen
;
...
...
test/ssltest.c
浏览文件 @
90d9e49a
...
...
@@ -3082,7 +3082,7 @@ static int do_test_cipherlist(void)
if
(
tci
!=
NULL
)
if
(
ci
->
id
>=
tci
->
id
)
{
fprintf
(
stderr
,
"testing SSLv3 cipher list order: "
);
fprintf
(
stderr
,
"failed %
lx vs. %l
x
\n
"
,
ci
->
id
,
tci
->
id
);
fprintf
(
stderr
,
"failed %
x vs. %
x
\n
"
,
ci
->
id
,
tci
->
id
);
return
0
;
}
tci
=
ci
;
...
...
@@ -3094,7 +3094,7 @@ static int do_test_cipherlist(void)
if
(
tci
!=
NULL
)
if
(
ci
->
id
>=
tci
->
id
)
{
fprintf
(
stderr
,
"testing TLSv1 cipher list order: "
);
fprintf
(
stderr
,
"failed %
lx vs. %l
x
\n
"
,
ci
->
id
,
tci
->
id
);
fprintf
(
stderr
,
"failed %
x vs. %
x
\n
"
,
ci
->
id
,
tci
->
id
);
return
0
;
}
tci
=
ci
;
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录