提交 9d22666e 编写于 作者: F FdaSilvaYY 提交者: Rich Salz
上级 cbddeebe
...@@ -17,7 +17,7 @@ ...@@ -17,7 +17,7 @@
/* /*
* Limit to ensure we don't overflow: much greater than * Limit to ensure we don't overflow: much greater than
* anything enountered in practice. * anything encountered in practice.
*/ */
#define NAME_ONELINE_MAX (1024 * 1024) #define NAME_ONELINE_MAX (1024 * 1024)
......
...@@ -686,7 +686,7 @@ int X509v3_addr_is_canonical(IPAddrBlocks *addr) ...@@ -686,7 +686,7 @@ int X509v3_addr_is_canonical(IPAddrBlocks *addr)
int i, j, k; int i, j, k;
/* /*
* Empty extension is cannonical. * Empty extension is canonical.
*/ */
if (addr == NULL) if (addr == NULL)
return 1; return 1;
......
...@@ -19,7 +19,7 @@ Deprecated: ...@@ -19,7 +19,7 @@ Deprecated:
=head1 DESCRIPTION =head1 DESCRIPTION
The functions described here were used to free the error queue The functions described here were used to free the error queue
associated with the current or specificed thread. associated with the current or specified thread.
They are now deprecated and do nothing, as the OpenSSL libraries now They are now deprecated and do nothing, as the OpenSSL libraries now
normally do all thread initialisation and deinitialisation normally do all thread initialisation and deinitialisation
......
...@@ -196,7 +196,7 @@ EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and ...@@ -196,7 +196,7 @@ EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and
EVP_DecryptFinal_ex(). EVP_DecryptFinal_ex().
EVP_CIPHER_meth_set_cleanup() sets the function for B<cipher> to do EVP_CIPHER_meth_set_cleanup() sets the function for B<cipher> to do
extra cleanup before the method's privata data structure is cleaned extra cleanup before the method's private data structure is cleaned
out and freed. out and freed.
Note that the cleanup function is passed a B<EVP_CIPHER_CTX *>, the Note that the cleanup function is passed a B<EVP_CIPHER_CTX *>, the
private data structure is then available with private data structure is then available with
......
...@@ -131,7 +131,7 @@ This copy function is called by EVP_MD_CTX_copy() and ...@@ -131,7 +131,7 @@ This copy function is called by EVP_MD_CTX_copy() and
EVP_MD_CTX_copy_ex(). EVP_MD_CTX_copy_ex().
EVP_MD_meth_set_cleanup() sets the function for B<md> to do extra EVP_MD_meth_set_cleanup() sets the function for B<md> to do extra
cleanup before the method's privata data structure is cleaned out and cleanup before the method's private data structure is cleaned out and
freed. freed.
Note that the cleanup function is passed a B<EVP_MD_CTX *>, the Note that the cleanup function is passed a B<EVP_MD_CTX *>, the
private data structure is then available with EVP_MD_CTX_md_data(). private data structure is then available with EVP_MD_CTX_md_data().
......
...@@ -78,7 +78,8 @@ to PKCS#1 when signing and this structure is expected (and stripped off) when ...@@ -78,7 +78,8 @@ to PKCS#1 when signing and this structure is expected (and stripped off) when
verifying. If this control is not used with RSA and PKCS#1 padding then the verifying. If this control is not used with RSA and PKCS#1 padding then the
supplied data is used directly and not encapsulated. In the case of X9.31 supplied data is used directly and not encapsulated. In the case of X9.31
padding for RSA the algorithm identifier byte is added or checked and removed padding for RSA the algorithm identifier byte is added or checked and removed
if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte. if this control is called. If it is not called then the first byte of the plaintext
buffer is expected to be the algorithm identifier byte.
The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to
B<len> as its name implies it is only supported for PSS padding. Two special B<len> as its name implies it is only supported for PSS padding. Two special
......
...@@ -2,7 +2,8 @@ ...@@ -2,7 +2,8 @@
=head1 NAME =head1 NAME
EVP_PKEY_copy_parameters, EVP_PKEY_missing_parameters, EVP_PKEY_cmp_parameters, EVP_PKEY_cmp - public key parameter and comparison functions EVP_PKEY_copy_parameters, EVP_PKEY_missing_parameters, EVP_PKEY_cmp_parameters,
EVP_PKEY_cmp - public key parameter and comparison functions
=head1 SYNOPSIS =head1 SYNOPSIS
......
...@@ -69,7 +69,7 @@ executed on SSE2 capable CPU, but under control of OS that does not ...@@ -69,7 +69,7 @@ executed on SSE2 capable CPU, but under control of OS that does not
enable XMM registers. Historically address of the capability vector copy enable XMM registers. Historically address of the capability vector copy
was exposed to application through OPENSSL_ia32cap_loc(), but not was exposed to application through OPENSSL_ia32cap_loc(), but not
anymore. Now the only way to affect the capability detection is to set anymore. Now the only way to affect the capability detection is to set
OPENSSL_ia32cap envrionment variable prior target application start. To OPENSSL_ia32cap environment variable prior target application start. To
give a specific example, on Intel P4 processor 'env give a specific example, on Intel P4 processor 'env
OPENSSL_ia32cap=0x16980010 apps/openssl', or better yet 'env OPENSSL_ia32cap=0x16980010 apps/openssl', or better yet 'env
OPENSSL_ia32cap=~0x1000000 apps/openssl' would achieve the desired OPENSSL_ia32cap=~0x1000000 apps/openssl' would achieve the desired
......
...@@ -103,13 +103,13 @@ OPENSSL_cleanse() fills B<ptr> of size B<len> with a string of 0's. ...@@ -103,13 +103,13 @@ OPENSSL_cleanse() fills B<ptr> of size B<len> with a string of 0's.
Use OPENSSL_cleanse() with care if the memory is a mapping of a file. Use OPENSSL_cleanse() with care if the memory is a mapping of a file.
If the storage controller uses write compression, then its possible If the storage controller uses write compression, then its possible
that sensitive tail bytes will survive zeroization because the block of that sensitive tail bytes will survive zeroization because the block of
zeros will be compressed. If the storage controller uses wear leveling, zeros will be compressed. If the storage controller uses wear levelling,
then the old sensitive data will not be overwritten; rather, a block of then the old sensitive data will not be overwritten; rather, a block of
0's will be written at a new physical location. 0's will be written at a new physical location.
OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the
equivalent C functions, except that memory is allocated by calling the equivalent C functions, except that memory is allocated by calling the
OPENSSL_malloc() and should be releaed by calling OPENSSL_free(). OPENSSL_malloc() and should be released by calling OPENSSL_free().
OPENSSL_strlcpy(), OPENSSL_strlcpy(),
OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C
......
...@@ -57,7 +57,7 @@ for examples. ...@@ -57,7 +57,7 @@ for examples.
PEM_read() reads from the file B<fp>, while PEM_read_bio() reads PEM_read() reads from the file B<fp>, while PEM_read_bio() reads
from the BIO B<bp>. from the BIO B<bp>.
Both skip any non-PEM data that precedes the start of the next PEM object. Both skip any non-PEM data that precedes the start of the next PEM object.
When an object is successfuly retrieved, the type name from the "----BEGIN When an object is successfully retrieved, the type name from the "----BEGIN
<type>-----" is returned via the B<name> argument, any encapsulation headers <type>-----" is returned via the B<name> argument, any encapsulation headers
are returned in B<header> and the base64-decoded content and its length are are returned in B<header> and the base64-decoded content and its length are
returned via B<data> and B<len> respectively. returned via B<data> and B<len> respectively.
...@@ -69,7 +69,7 @@ PEM_read() or PEM_read_bio() is encrypted and to retrieve the associated cipher ...@@ -69,7 +69,7 @@ PEM_read() or PEM_read_bio() is encrypted and to retrieve the associated cipher
and IV. and IV.
The caller passes a pointer to structure of type B<EVP_CIPHER_INFO> via the The caller passes a pointer to structure of type B<EVP_CIPHER_INFO> via the
B<cinfo> argument and the B<header> returned via PEM_read() or PEM_read_bio(). B<cinfo> argument and the B<header> returned via PEM_read() or PEM_read_bio().
If the call is succesful 1 is retured and the cipher and IV are stored at the If the call is successful 1 is returned and the cipher and IV are stored at the
address pointed to by B<cinfo>. address pointed to by B<cinfo>.
When the header is malformed, or not supported or when the cipher is unknown When the header is malformed, or not supported or when the cipher is unknown
or some internal error happens 0 is returned. or some internal error happens 0 is returned.
......
...@@ -89,7 +89,7 @@ exist. ...@@ -89,7 +89,7 @@ exist.
B<X509V3_ADD_APPEND> appends a new extension, ignoring whether the extension B<X509V3_ADD_APPEND> appends a new extension, ignoring whether the extension
already exists. already exists.
B<X509V3_ADD_REPLACE> replaces an extension if it exists otherwise apppends B<X509V3_ADD_REPLACE> replaces an extension if it exists otherwise appends
a new extension. a new extension.
B<X509V3_ADD_REPLACE_EXISTING> replaces an existing extension if it exists B<X509V3_ADD_REPLACE_EXISTING> replaces an existing extension if it exists
...@@ -99,7 +99,7 @@ B<X509V3_ADD_KEEP_EXISTING> appends a new extension only if the extension does ...@@ -99,7 +99,7 @@ B<X509V3_ADD_KEEP_EXISTING> appends a new extension only if the extension does
not already exist. An error B<is not> returned if the extension does already not already exist. An error B<is not> returned if the extension does already
exist. exist.
B<X509V3_ADD_DELETE> extension B<nid> is deleted: no new extenion is added. B<X509V3_ADD_DELETE> extension B<nid> is deleted: no new extension is added.
If B<X509V3_ADD_SILENT> is ored with B<flags>: any error returned will not If B<X509V3_ADD_SILENT> is ored with B<flags>: any error returned will not
be added to the error queue. be added to the error queue.
......
...@@ -22,7 +22,7 @@ extern "C" { ...@@ -22,7 +22,7 @@ extern "C" {
#endif #endif
# ifdef OPENSSL_SYS_WIN32 # ifdef OPENSSL_SYS_WIN32
/* Under Win32 thes are defined in wincrypt.h */ /* Under Win32 these are defined in wincrypt.h */
# undef PKCS7_ISSUER_AND_SERIAL # undef PKCS7_ISSUER_AND_SERIAL
# undef PKCS7_SIGNER_INFO # undef PKCS7_SIGNER_INFO
# endif # endif
......
...@@ -3604,7 +3604,7 @@ static int sig_cb(const char *elem, int len, void *arg) ...@@ -3604,7 +3604,7 @@ static int sig_cb(const char *elem, int len, void *arg)
} }
/* /*
* Set suppored signature algorithms based on a colon separated list of the * Set supported signature algorithms based on a colon separated list of the
* form sig+hash e.g. RSA+SHA512:DSA+SHA512 * form sig+hash e.g. RSA+SHA512:DSA+SHA512
*/ */
int tls1_set_sigalgs_list(CERT *c, const char *str, int client) int tls1_set_sigalgs_list(CERT *c, const char *str, int client)
......
...@@ -202,7 +202,7 @@ int main(int argc, char **argv) ...@@ -202,7 +202,7 @@ int main(int argc, char **argv)
/* Test excessively big number. Should fail */ /* Test excessively big number. Should fail */
if (BIO_snprintf(buf, sizeof(buf), "%f\n", 2 * (double)ULONG_MAX) != -1) { if (BIO_snprintf(buf, sizeof(buf), "%f\n", 2 * (double)ULONG_MAX) != -1) {
printf("Test %d failed. Unexecpted success return from " printf("Test %d failed. Unexpected success return from "
"BIO_snprintf()\n", test); "BIO_snprintf()\n", test);
fail = 1; fail = 1;
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册