Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
f415fa32
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
f415fa32
编写于
3月 06, 1999
作者:
B
Ben Laurie
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fix export ciphersuites, again.
上级
dfca822f
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
39 addition
and
17 deletion
+39
-17
CHANGES
CHANGES
+4
-0
ssl/s3_lib.c
ssl/s3_lib.c
+14
-3
ssl/s3_srvr.c
ssl/s3_srvr.c
+1
-1
ssl/ssl_lib.c
ssl/ssl_lib.c
+15
-12
ssl/ssl_locl.h
ssl/ssl_locl.h
+5
-1
未找到文件。
CHANGES
浏览文件 @
f415fa32
...
...
@@ -5,6 +5,10 @@
Changes between 0.9.1c and 0.9.2
*) Remarkably, export ciphers were totally broken and no-one had noticed!
Fixed.
[Ben Laurie]
*) Cleaned up the LICENSE document: The official contact for any license
questions now is the OpenSSL core team under openssl-core@openssl.org.
And add a paragraph about the dual-license situation to make sure people
...
...
ssl/s3_lib.c
浏览文件 @
f415fa32
...
...
@@ -845,11 +845,20 @@ STACK *have,*pref;
sk_set_cmp_func
(
pref
,
ssl_cipher_ptr_id_cmp
);
#ifdef CIPHER_DEBUG
printf
(
"Have:
\n
"
);
for
(
i
=
0
;
i
<
sk_num
(
pref
)
;
++
i
)
{
c
=
(
SSL_CIPHER
*
)
sk_value
(
pref
,
i
);
printf
(
"%p:%s
\n
"
,
c
,
c
->
name
);
}
#endif
for
(
i
=
0
;
i
<
sk_num
(
have
);
i
++
)
{
c
=
(
SSL_CIPHER
*
)
sk_value
(
have
,
i
);
ssl_set_cert_masks
(
cert
,
c
);
ssl_set_cert_masks
(
cert
,
s
->
ctx
->
default_cert
,
c
);
mask
=
cert
->
mask
;
emask
=
cert
->
export_mask
;
...
...
@@ -858,14 +867,16 @@ STACK *have,*pref;
{
ok
=
((
alg
&
emask
)
==
alg
)
?
1
:
0
;
#ifdef CIPHER_DEBUG
printf
(
"%d:[%08lX:%08lX]%s (export)
\n
"
,
ok
,
alg
,
mask
,
c
->
name
);
printf
(
"%d:[%08lX:%08lX]%p:%s (export)
\n
"
,
ok
,
alg
,
emask
,
c
,
c
->
name
);
#endif
}
else
{
ok
=
((
alg
&
mask
)
==
alg
)
?
1
:
0
;
#ifdef CIPHER_DEBUG
printf
(
"%d:[%08lX:%08lX]%s
\n
"
,
ok
,
alg
,
mask
,
c
->
name
);
printf
(
"%d:[%08lX:%08lX]%p:%s
\n
"
,
ok
,
alg
,
mask
,
c
,
c
->
name
);
#endif
}
...
...
ssl/s3_srvr.c
浏览文件 @
f415fa32
...
...
@@ -945,7 +945,7 @@ SSL *s;
if
((
rsa
==
NULL
)
&&
(
s
->
ctx
->
default_cert
->
rsa_tmp_cb
!=
NULL
))
{
rsa
=
s
->
ctx
->
default_cert
->
rsa_tmp_cb
(
s
,
!
SSL_C_IS_EXPORT
(
s
->
s3
->
tmp
.
new_cipher
),
SSL_C_IS_EXPORT
(
s
->
s3
->
tmp
.
new_cipher
),
SSL_C_EXPORT_PKEYLENGTH
(
s
->
s3
->
tmp
.
new_cipher
));
CRYPTO_add
(
&
rsa
->
references
,
1
,
CRYPTO_LOCK_RSA
);
cert
->
rsa_tmp
=
rsa
;
...
...
ssl/ssl_lib.c
浏览文件 @
f415fa32
...
...
@@ -181,7 +181,7 @@ SSL *SSL_new(SSL_CTX *ctx)
if
(
ctx
->
default_cert
!=
NULL
)
{
CRYPTO_add
(
&
ctx
->
default_cert
->
references
,
1
,
CRYPTO_LOCK_SSL_CERT
);
CRYPTO_LOCK_SSL_CERT
);
s
->
cert
=
ctx
->
default_cert
;
}
else
...
...
@@ -1042,7 +1042,10 @@ void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
X509_STORE_set_verify_cb_func
(
ctx
->
cert_store
,
cb
);
}
void
ssl_set_cert_masks
(
CERT
*
c
,
SSL_CIPHER
*
cipher
)
/* Need default_cert to check for callbacks, for now (see comment in CERT
strucure)
*/
void
ssl_set_cert_masks
(
CERT
*
c
,
CERT
*
default_cert
,
SSL_CIPHER
*
cipher
)
{
CERT_PKEY
*
cpk
;
int
rsa_enc
,
rsa_tmp
,
rsa_sign
,
dh_tmp
,
dh_rsa
,
dh_dsa
,
dsa_sign
;
...
...
@@ -1050,20 +1053,20 @@ void ssl_set_cert_masks(CERT *c,SSL_CIPHER *cipher)
int
rsa_tmp_export
,
dh_tmp_export
,
kl
;
unsigned
long
mask
,
emask
;
if
(
(
c
==
NULL
)
||
(
c
->
valid
)
)
return
;
if
(
c
==
NULL
)
return
;
kl
=
SSL_C_EXPORT_PKEYLENGTH
(
cipher
);
#ifndef NO_RSA
rsa_tmp
=
(
c
->
rsa_tmp
!=
NULL
||
c
->
rsa_tmp_cb
!=
NULL
);
rsa_tmp_export
=
(
c
->
rsa_tmp_cb
!=
NULL
||
rsa_tmp
=
(
c
->
rsa_tmp
!=
NULL
||
default_cert
->
rsa_tmp_cb
!=
NULL
);
rsa_tmp_export
=
(
default_cert
->
rsa_tmp_cb
!=
NULL
||
(
rsa_tmp
&&
RSA_size
(
c
->
rsa_tmp
)
*
8
<=
kl
));
#else
rsa_tmp
=
rsa_tmp_export
=
0
;
#endif
#ifndef NO_DH
dh_tmp
=
(
c
->
dh_tmp
!=
NULL
||
c
->
dh_tmp_cb
!=
NULL
);
dh_tmp_export
=
(
c
->
dh_tmp_cb
!=
NULL
||
dh_tmp
=
(
c
->
dh_tmp
!=
NULL
||
default_cert
->
dh_tmp_cb
!=
NULL
);
dh_tmp_export
=
(
default_cert
->
dh_tmp_cb
!=
NULL
||
(
dh_tmp
&&
DH_size
(
c
->
dh_tmp
)
*
8
<=
kl
));
#else
dh_tmp
=
dh_tmp_export
=
0
;
...
...
@@ -1088,14 +1091,14 @@ void ssl_set_cert_masks(CERT *c,SSL_CIPHER *cipher)
emask
=
0
;
#ifdef CIPHER_DEBUG
printf
(
"rt=%d
dht=%d r
e=%d rs=%d ds=%d dhr=%d dhd=%d
\n
"
,
rsa_tmp
,
dh_tmp
,
rsa_enc
,
rsa_sign
,
dsa_sign
,
dh_rsa
,
dh_dsa
);
printf
(
"rt=%d
rte=%d dht=%d re=%d re
e=%d rs=%d ds=%d dhr=%d dhd=%d
\n
"
,
rsa_tmp
,
rsa_tmp_export
,
dh_tmp
,
rsa_enc
,
rsa_
enc_export
,
rsa_
sign
,
dsa_sign
,
dh_rsa
,
dh_dsa
);
#endif
if
(
rsa_enc
||
(
rsa_tmp
&&
rsa_sign
))
mask
|=
SSL_kRSA
;
if
(
rsa_enc_export
||
(
rsa_tmp_export
&&
rsa_sign
))
if
(
rsa_enc_export
||
(
rsa_tmp_export
&&
(
rsa_sign
||
rsa_enc
)
))
emask
|=
SSL_kRSA
;
#if 0
...
...
@@ -1150,7 +1153,7 @@ X509 *ssl_get_server_send_cert(SSL *s)
int
i
,
export
;
c
=
s
->
cert
;
ssl_set_cert_masks
(
c
,
s
->
s3
->
tmp
.
new_cipher
);
ssl_set_cert_masks
(
c
,
s
->
ctx
->
default_cert
,
s
->
s3
->
tmp
.
new_cipher
);
alg
=
s
->
s3
->
tmp
.
new_cipher
->
algorithms
;
export
=
SSL_IS_EXPORT
(
alg
);
mask
=
export
?
c
->
export_mask
:
c
->
mask
;
...
...
ssl/ssl_locl.h
浏览文件 @
f415fa32
...
...
@@ -275,6 +275,10 @@ typedef struct cert_st
RSA
*
rsa_tmp
;
DH
*
dh_tmp
;
/* FIXME: Although rsa_tmp and dh_tmp are properties of the cert,
callbacks probably aren't, and besides only the context default
cert's callbacks are actually used. Too close to a release to fix
this now - Ben 6 Mar 1999 */
RSA
*
(
*
rsa_tmp_cb
)(
SSL
*
ssl
,
int
export
,
int
keysize
);
DH
*
(
*
dh_tmp_cb
)(
SSL
*
ssl
,
int
export
,
int
keysize
);
CERT_PKEY
pkeys
[
SSL_PKEY_NUM
];
...
...
@@ -367,7 +371,7 @@ int ssl_undefined_function(SSL *s);
X509
*
ssl_get_server_send_cert
(
SSL
*
);
EVP_PKEY
*
ssl_get_sign_pkey
(
SSL
*
,
SSL_CIPHER
*
);
int
ssl_cert_type
(
X509
*
x
,
EVP_PKEY
*
pkey
);
void
ssl_set_cert_masks
(
CERT
*
c
,
SSL_CIPHER
*
cipher
);
void
ssl_set_cert_masks
(
CERT
*
c
,
CERT
*
default_cert
,
SSL_CIPHER
*
cipher
);
STACK
*
ssl_get_ciphers_by_id
(
SSL
*
s
);
int
ssl_verify_alarm_type
(
long
type
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录