Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
f9e55034
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
11 个月 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
f9e55034
编写于
3月 21, 2016
作者:
M
Matt Caswell
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fix no-sock
Misc fixes for no-sock Reviewed-by:
N
Richard Levitte
<
levitte@openssl.org
>
上级
168c3b73
变更
20
隐藏空白更改
内联
并排
Showing
20 changed file
with
89 addition
and
15 deletion
+89
-15
apps/apps.c
apps/apps.c
+3
-3
apps/ocsp.c
apps/ocsp.c
+11
-1
apps/s_cb.c
apps/s_cb.c
+4
-0
apps/s_client.c
apps/s_client.c
+4
-0
apps/s_server.c
apps/s_server.c
+4
-0
apps/s_socket.c
apps/s_socket.c
+1
-0
apps/s_time.c
apps/s_time.c
+5
-0
crypto/init.c
crypto/init.c
+2
-0
include/openssl/ssl.h
include/openssl/ssl.h
+2
-0
ssl/d1_lib.c
ssl/d1_lib.c
+2
-1
test/dtlsv1listentest.c
test/dtlsv1listentest.c
+11
-4
test/recipes/70-test_sslcertstatus.t
test/recipes/70-test_sslcertstatus.t
+3
-0
test/recipes/70-test_sslextension.t
test/recipes/70-test_sslextension.t
+3
-0
test/recipes/70-test_sslsessiontick.t
test/recipes/70-test_sslsessiontick.t
+3
-0
test/recipes/70-test_sslskewith0p.t
test/recipes/70-test_sslskewith0p.t
+3
-0
test/recipes/70-test_sslvertol.t
test/recipes/70-test_sslvertol.t
+3
-0
test/recipes/70-test_tlsextms.t
test/recipes/70-test_tlsextms.t
+3
-0
test/recipes/80-test_ssl.t
test/recipes/80-test_ssl.t
+2
-2
test/recipes/90-test_networking.t
test/recipes/90-test_networking.t
+3
-0
test/ssltest.c
test/ssltest.c
+17
-4
未找到文件。
apps/apps.c
浏览文件 @
f9e55034
...
...
@@ -640,7 +640,7 @@ static int load_pkcs12(BIO *in, const char *desc,
return
ret
;
}
#if
ndef OPENSSL_NO_OCSP
#if
!defined(OPENSSL_NO_OCSP) && !defined(OPENSSL_NO_SOCK)
static
int
load_cert_crl_http
(
const
char
*
url
,
X509
**
pcert
,
X509_CRL
**
pcrl
)
{
char
*
host
=
NULL
,
*
port
=
NULL
,
*
path
=
NULL
;
...
...
@@ -695,7 +695,7 @@ X509 *load_cert(const char *file, int format, const char *cert_descrip)
BIO
*
cert
;
if
(
format
==
FORMAT_HTTP
)
{
#if
ndef OPENSSL_NO_OCSP
#if
!defined(OPENSSL_NO_OCSP) && !defined(OPENSSL_NO_SOCK)
load_cert_crl_http
(
file
,
&
x
,
NULL
);
#endif
return
x
;
...
...
@@ -736,7 +736,7 @@ X509_CRL *load_crl(const char *infile, int format)
BIO
*
in
=
NULL
;
if
(
format
==
FORMAT_HTTP
)
{
#if
ndef OPENSSL_NO_OCSP
#if
!defined(OPENSSL_NO_OCSP) && !defined(OPENSSL_NO_SOCK)
load_cert_crl_http
(
infile
,
NULL
,
&
x
);
#endif
return
x
;
...
...
apps/ocsp.c
浏览文件 @
f9e55034
...
...
@@ -117,10 +117,13 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser);
static
BIO
*
init_responder
(
const
char
*
port
);
static
int
do_responder
(
OCSP_REQUEST
**
preq
,
BIO
**
pcbio
,
BIO
*
acbio
);
static
int
send_ocsp_response
(
BIO
*
cbio
,
OCSP_RESPONSE
*
resp
);
# ifndef OPENSSL_NO_SOCK
static
OCSP_RESPONSE
*
query_responder
(
BIO
*
cbio
,
const
char
*
host
,
const
char
*
path
,
const
STACK_OF
(
CONF_VALUE
)
*
headers
,
OCSP_REQUEST
*
req
,
int
req_timeout
);
# endif
typedef
enum
OPTION_choice
{
OPT_ERR
=
-
1
,
OPT_EOF
=
0
,
OPT_HELP
,
...
...
@@ -244,7 +247,10 @@ int ocsp_main(int argc, char **argv)
int
noCAfile
=
0
,
noCApath
=
0
;
int
accept_count
=
-
1
,
add_nonce
=
1
,
noverify
=
0
,
use_ssl
=
-
1
;
int
vpmtouched
=
0
,
badsig
=
0
,
i
,
ignore_err
=
0
,
nmin
=
0
,
ndays
=
-
1
;
int
req_text
=
0
,
resp_text
=
0
,
req_timeout
=
-
1
,
ret
=
1
;
int
req_text
=
0
,
resp_text
=
0
,
ret
=
1
;
#ifndef OPENSSL_NO_SOCK
int
req_timeout
=
-
1
;
#endif
long
nsec
=
MAX_VALIDITY_PERIOD
,
maxage
=
-
1
;
unsigned
long
sign_flags
=
0
,
verify_flags
=
0
,
rflags
=
0
;
OPTION_CHOICE
o
;
...
...
@@ -275,7 +281,9 @@ int ocsp_main(int argc, char **argv)
outfile
=
opt_arg
();
break
;
case
OPT_TIMEOUT
:
#ifndef OPENSSL_NO_SOCK
req_timeout
=
atoi
(
opt_arg
());
#endif
break
;
case
OPT_URL
:
OPENSSL_free
(
thost
);
...
...
@@ -1170,6 +1178,7 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
return
1
;
}
# ifndef OPENSSL_NO_SOCK
static
OCSP_RESPONSE
*
query_responder
(
BIO
*
cbio
,
const
char
*
host
,
const
char
*
path
,
const
STACK_OF
(
CONF_VALUE
)
*
headers
,
...
...
@@ -1300,5 +1309,6 @@ OCSP_RESPONSE *process_responder(OCSP_REQUEST *req,
SSL_CTX_free
(
ctx
);
return
resp
;
}
# endif
#endif
apps/s_cb.c
浏览文件 @
f9e55034
...
...
@@ -131,8 +131,10 @@ int verify_depth = 0;
int
verify_quiet
=
0
;
int
verify_error
=
X509_V_OK
;
int
verify_return_error
=
0
;
#ifndef OPENSSL_NO_SOCK
static
unsigned
char
cookie_secret
[
COOKIE_SECRET_LENGTH
];
static
int
cookie_initialized
=
0
;
#endif
static
const
char
*
lookup
(
int
val
,
const
STRINT_PAIR
*
list
,
const
char
*
def
)
{
...
...
@@ -741,6 +743,7 @@ void tlsext_cb(SSL *s, int client_server, int type,
(
void
)
BIO_flush
(
bio
);
}
#ifndef OPENSSL_NO_SOCK
int
generate_cookie_callback
(
SSL
*
ssl
,
unsigned
char
*
cookie
,
unsigned
int
*
cookie_len
)
{
...
...
@@ -803,6 +806,7 @@ int verify_cookie_callback(SSL *ssl, const unsigned char *cookie,
return
0
;
}
#endif
/*
* Example of extended certificate handling. Where the standard support of
...
...
apps/s_client.c
浏览文件 @
f9e55034
...
...
@@ -141,6 +141,8 @@
#include <errno.h>
#include <openssl/e_os2.h>
#ifndef OPENSSL_NO_SOCK
/*
* With IPv6, it looks like Digital has mixed up the proper order of
* recursive header file inclusion, resulting in the compiler complaining
...
...
@@ -2757,3 +2759,5 @@ static int ocsp_resp_cb(SSL *s, void *arg)
OCSP_RESPONSE_free
(
rsp
);
return
1
;
}
#endif
apps/s_server.c
浏览文件 @
f9e55034
...
...
@@ -147,6 +147,8 @@
#include <openssl/e_os2.h>
#ifndef OPENSSL_NO_SOCK
/*
* With IPv6, it looks like Digital has mixed up the proper order of
* recursive header file inclusion, resulting in the compiler complaining
...
...
@@ -3363,3 +3365,5 @@ static void free_sessions(void)
}
first
=
NULL
;
}
#endif
apps/s_socket.c
浏览文件 @
f9e55034
...
...
@@ -109,6 +109,7 @@
#include <string.h>
#include <errno.h>
#include <signal.h>
#include <openssl/opensslconf.h>
/*
* With IPv6, it looks like Digital has mixed up the proper order of
...
...
apps/s_time.c
浏览文件 @
f9e55034
...
...
@@ -66,6 +66,10 @@
#include <stdlib.h>
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_SOCK
#define USE_SOCKETS
#include "apps.h"
#include <openssl/x509.h>
...
...
@@ -474,3 +478,4 @@ static SSL *doConnection(SSL *scon, const char *host, SSL_CTX *ctx)
return
serverCon
;
}
#endif
/* OPENSSL_NO_SOCK */
crypto/init.c
浏览文件 @
f9e55034
...
...
@@ -490,7 +490,9 @@ void OPENSSL_cleanup(void)
ENGINE_cleanup
();
#endif
CRYPTO_cleanup_all_ex_data
();
#ifndef OPENSSL_NO_SOCK
BIO_sock_cleanup
();
#endif
EVP_cleanup
();
OBJ_cleanup
();
base_inited
=
0
;
...
...
include/openssl/ssl.h
浏览文件 @
f9e55034
...
...
@@ -1892,7 +1892,9 @@ void SSL_trace(int write_p, int version, int content_type,
__owur
const
char
*
SSL_CIPHER_standard_name
(
const
SSL_CIPHER
*
c
);
# endif
# ifndef OPENSSL_NO_SOCK
int
DTLSv1_listen
(
SSL
*
s
,
BIO_ADDR
*
client
);
# endif
# ifndef OPENSSL_NO_CT
...
...
ssl/d1_lib.c
浏览文件 @
f9e55034
...
...
@@ -458,7 +458,7 @@ static void get_current_time(struct timeval *t)
#define LISTEN_SUCCESS 2
#define LISTEN_SEND_VERIFY_REQUEST 1
#ifndef OPENSSL_NO_SOCK
int
DTLSv1_listen
(
SSL
*
s
,
BIO_ADDR
*
client
)
{
int
next
,
n
,
ret
=
0
,
clearpkt
=
0
;
...
...
@@ -866,6 +866,7 @@ end:
}
return
ret
;
}
#endif
static
int
dtls1_set_handshake_header
(
SSL
*
s
,
int
htype
,
unsigned
long
len
)
{
...
...
test/dtlsv1listentest.c
浏览文件 @
f9e55034
...
...
@@ -65,6 +65,8 @@
#endif
#include "e_os.h"
#ifndef OPENSSL_NO_SOCK
/* Just a ClientHello without a cookie */
static
const
unsigned
char
clienthello_nocookie
[]
=
{
0x16
,
/* Handshake */
...
...
@@ -339,7 +341,7 @@ static struct {
}
};
#define COOKIE_LEN 20
#
define COOKIE_LEN 20
static
int
cookie_gen
(
SSL
*
ssl
,
unsigned
char
*
cookie
,
unsigned
int
*
cookie_len
)
{
...
...
@@ -368,9 +370,11 @@ static int cookie_verify(SSL *ssl, const unsigned char *cookie,
return
1
;
}
#endif
int
main
(
void
)
{
#ifndef OPENSSL_NO_SOCK
SSL_CTX
*
ctx
=
NULL
;
SSL
*
ssl
=
NULL
;
BIO
*
outbio
=
NULL
;
...
...
@@ -459,9 +463,12 @@ int main(void)
SSL_CTX_free
(
ctx
);
BIO_free
(
inbio
);
OPENSSL_free
(
peer
);
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
#
ifndef OPENSSL_NO_CRYPTO_MDEBUG
CRYPTO_mem_leaks_fp
(
stderr
);
#endif
#
endif
return
success
?
0
:
1
;
#else
printf
(
"DTLSv1_listen() is not supported by this build - skipping
\n
"
);
return
0
;
#endif
}
test/recipes/70-test_sslcertstatus.t
浏览文件 @
f9e55034
...
...
@@ -66,6 +66,9 @@ plan skip_all => "TLSProxy isn't usable on $^O"
plan
skip_all
=>
"
$test_name
needs the dynamic engine feature enabled
"
if
disabled
("
engine
")
||
disabled
("
dynamic-engine
");
plan
skip_all
=>
"
$test_name
needs the sock feature enabled
"
if
disabled
("
sock
");
$ENV
{
OPENSSL_ia32cap
}
=
'
~0x200000200000000
';
my
$proxy
=
TLSProxy::
Proxy
->
new
(
\
&certstatus_filter
,
...
...
test/recipes/70-test_sslextension.t
浏览文件 @
f9e55034
...
...
@@ -66,6 +66,9 @@ plan skip_all => "TLSProxy isn't usable on $^O"
plan
skip_all
=>
"
$test_name
needs the dynamic engine feature enabled
"
if
disabled
("
engine
")
||
disabled
("
dynamic-engine
");
plan
skip_all
=>
"
$test_name
needs the sock feature enabled
"
if
disabled
("
sock
");
$ENV
{
OPENSSL_ia32cap
}
=
'
~0x200000200000000
';
my
$proxy
=
TLSProxy::
Proxy
->
new
(
\
&extension_filter
,
...
...
test/recipes/70-test_sslsessiontick.t
浏览文件 @
f9e55034
...
...
@@ -67,6 +67,9 @@ plan skip_all => "TLSProxy isn't usable on $^O"
plan
skip_all
=>
"
$test_name
needs the dynamic engine feature enabled
"
if
disabled
("
engine
")
||
disabled
("
dynamic-engine
");
plan
skip_all
=>
"
$test_name
needs the sock feature enabled
"
if
disabled
("
sock
");
$ENV
{
OPENSSL_ia32cap
}
=
'
~0x200000200000000
';
sub
checkmessages
($$$$$$);
...
...
test/recipes/70-test_sslskewith0p.t
浏览文件 @
f9e55034
...
...
@@ -69,6 +69,9 @@ plan skip_all => "$test_name needs the dynamic engine feature enabled"
plan
skip_all
=>
"
dh is not supported by this OpenSSL build
"
if
disabled
("
dh
");
plan
skip_all
=>
"
$test_name
needs the sock feature enabled
"
if
disabled
("
sock
");
$ENV
{
OPENSSL_ia32cap
}
=
'
~0x200000200000000
';
my
$proxy
=
TLSProxy::
Proxy
->
new
(
\
&ske_0_p_filter
,
...
...
test/recipes/70-test_sslvertol.t
浏览文件 @
f9e55034
...
...
@@ -66,6 +66,9 @@ plan skip_all => "TLSProxy isn't usable on $^O"
plan
skip_all
=>
"
$test_name
needs the dynamic engine feature enabled
"
if
disabled
("
engine
")
||
disabled
("
dynamic-engine
");
plan
skip_all
=>
"
$test_name
needs the sock feature enabled
"
if
disabled
("
sock
");
$ENV
{
OPENSSL_ia32cap
}
=
'
~0x200000200000000
';
my
$proxy
=
TLSProxy::
Proxy
->
new
(
\
&vers_tolerance_filter
,
...
...
test/recipes/70-test_tlsextms.t
浏览文件 @
f9e55034
...
...
@@ -67,6 +67,9 @@ plan skip_all => "TLSProxy isn't usable on $^O"
plan
skip_all
=>
"
$test_name
needs the dynamic engine feature enabled
"
if
disabled
("
engine
")
||
disabled
("
dynamic-engine
");
plan
skip_all
=>
"
$test_name
needs the sock feature enabled
"
if
disabled
("
sock
");
$ENV
{
OPENSSL_ia32cap
}
=
'
~0x200000200000000
';
sub
checkmessages
($$$$$);
...
...
test/recipes/80-test_ssl.t
浏览文件 @
f9e55034
...
...
@@ -435,14 +435,14 @@ sub testssl {
SKIP:
{
skip
"
No IPv4 available on this machine
",
1
unless
have_IPv4
();
unless
!
disabled
("
sock
")
&&
have_IPv4
();
ok
(
run
(
test
([
@ssltest
,
"
-ipv4
",
@extra
])),
'
test TLS via IPv4
');
}
SKIP:
{
skip
"
No IPv6 available on this machine
",
1
unless
have_IPv6
();
unless
!
disabled
("
sock
")
&&
have_IPv6
();
ok
(
run
(
test
([
@ssltest
,
"
-ipv6
",
@extra
])),
'
test TLS via IPv6
');
}
...
...
test/recipes/90-test_networking.t
浏览文件 @
f9e55034
...
...
@@ -66,6 +66,9 @@ plan skip_all => "TLSProxy isn't usable on $^O"
plan
skip_all
=>
"
$test_name
needs the dynamic engine feature enabled
"
if
disabled
("
engine
")
||
disabled
("
dynamic-engine
");
plan
skip_all
=>
"
$test_name
needs the sock feature enabled
"
if
disabled
("
sock
");
$ENV
{
OPENSSL_ia32cap
}
=
'
~0x200000200000000
';
my
$proxy
=
TLSProxy::
Proxy
->
new
(
...
...
test/ssltest.c
浏览文件 @
f9e55034
...
...
@@ -1234,11 +1234,15 @@ int main(int argc, char *argv[])
CAfile
=
*
(
++
argv
);
}
else
if
(
strcmp
(
*
argv
,
"-bio_pair"
)
==
0
)
{
bio_type
=
BIO_PAIR
;
}
else
if
(
strcmp
(
*
argv
,
"-ipv4"
)
==
0
)
{
}
#ifndef OPENSSL_NO_SOCK
else
if
(
strcmp
(
*
argv
,
"-ipv4"
)
==
0
)
{
bio_type
=
BIO_IPV4
;
}
else
if
(
strcmp
(
*
argv
,
"-ipv6"
)
==
0
)
{
bio_type
=
BIO_IPV6
;
}
else
if
(
strcmp
(
*
argv
,
"-f"
)
==
0
)
{
}
#endif
else
if
(
strcmp
(
*
argv
,
"-f"
)
==
0
)
{
force
=
1
;
}
else
if
(
strcmp
(
*
argv
,
"-time"
)
==
0
)
{
print_time
=
1
;
...
...
@@ -1857,6 +1861,7 @@ int main(int argc, char *argv[])
case
BIO_PAIR
:
ret
=
doit_biopair
(
s_ssl
,
c_ssl
,
bytes
,
&
s_time
,
&
c_time
);
break
;
#ifndef OPENSSL_NO_SOCK
case
BIO_IPV4
:
ret
=
doit_localhost
(
s_ssl
,
c_ssl
,
BIO_FAMILY_IPV4
,
bytes
,
&
s_time
,
&
c_time
);
...
...
@@ -1865,6 +1870,12 @@ int main(int argc, char *argv[])
ret
=
doit_localhost
(
s_ssl
,
c_ssl
,
BIO_FAMILY_IPV6
,
bytes
,
&
s_time
,
&
c_time
);
break
;
#else
case
BIO_IPV4
:
case
BIO_IPV6
:
ret
=
1
;
goto
err
;
#endif
}
if
(
ret
)
break
;
}
...
...
@@ -1931,6 +1942,7 @@ int main(int argc, char *argv[])
EXIT
(
ret
);
}
#ifndef OPENSSL_NO_SOCK
int
doit_localhost
(
SSL
*
s_ssl
,
SSL
*
c_ssl
,
int
family
,
long
count
,
clock_t
*
s_time
,
clock_t
*
c_time
)
{
...
...
@@ -2170,12 +2182,12 @@ int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count,
if
(
verbose
)
print_details
(
c_ssl
,
"DONE via TCP connect: "
);
#ifndef OPENSSL_NO_NEXTPROTONEG
#
ifndef OPENSSL_NO_NEXTPROTONEG
if
(
verify_npn
(
c_ssl
,
s_ssl
)
<
0
)
{
ret
=
1
;
goto
end
;
}
#endif
#
endif
if
(
verify_serverinfo
()
<
0
)
{
fprintf
(
stderr
,
"Server info verify error
\n
"
);
ret
=
1
;
...
...
@@ -2215,6 +2227,7 @@ int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count,
return
ret
;
}
#endif
int
doit_biopair
(
SSL
*
s_ssl
,
SSL
*
c_ssl
,
long
count
,
clock_t
*
s_time
,
clock_t
*
c_time
)
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录