From 86aa61c0b6a80d71733fd30aa32413db9b27e438 Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Tue, 26 Dec 2017 22:59:32 +0800 Subject: [PATCH] minor changes --- apps/passwd.c | 1 - apps/pkey.c | 3 ++- crypto/sm2/sm2_kmeth.c | 1 - include/openssl/crypto.h | 2 +- ssl/methods.c | 4 ++++ ssl/record/ssl3_record.c | 50 +++++++++++++++++++++++++++++++++++++++- test/bad_dtls_test.c | 6 +++++ 7 files changed, 62 insertions(+), 5 deletions(-) diff --git a/apps/passwd.c b/apps/passwd.c index 8bc52643..7cfd5b0b 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -12,7 +12,6 @@ # define NO_MD5CRYPT_1 #endif - # include # include "apps.h" diff --git a/apps/pkey.c b/apps/pkey.c index 33cf2371..694ef903 100644 --- a/apps/pkey.c +++ b/apps/pkey.c @@ -126,7 +126,8 @@ int pkey_main(int argc, char **argv) if (argc != 0) goto opthelp; - //BIO_printf(bio_err, "Using configuration from %s\n", configfile); + if (e) + BIO_printf(bio_err, "Using configuration from %s\n", configfile); if ((conf = app_load_config(configfile)) == NULL) goto end; diff --git a/crypto/sm2/sm2_kmeth.c b/crypto/sm2/sm2_kmeth.c index e40a48fb..84f2e64f 100644 --- a/crypto/sm2/sm2_kmeth.c +++ b/crypto/sm2/sm2_kmeth.c @@ -48,7 +48,6 @@ #include #include -#include #include #include #include diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index 60ac4911..cca9e706 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -215,7 +215,7 @@ void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx); * On the other hand, the locking callbacks are no longer used. Consequently, * the callback management functions can be safely replaced with no-op macros. */ -# define CRYPTO_num_locks() (1) +# define CRYPTO_num_locks() 1 # define CRYPTO_set_locking_callback(func) # define CRYPTO_get_locking_callback() (NULL) # define CRYPTO_set_add_lock_callback(func) diff --git a/ssl/methods.c b/ssl/methods.c index 6d02b00f..3c7bf406 100644 --- a/ssl/methods.c +++ b/ssl/methods.c @@ -212,6 +212,7 @@ IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, 0, 0, /*- * GMTLS methods */ +#ifndef OPENSSL_NO_GMTLS #ifndef OPENSSL_NO_GMTLS_METHOD IMPLEMENT_gmtls_meth_func(0, SSL_OP_NO_GMTLS, gmtls_method, @@ -228,6 +229,7 @@ IMPLEMENT_gmtls_meth_func(0, SSL_OP_NO_GMTLS, ssl_undefined_function, ossl_statem_connect, GMTLS_enc_data) #endif +#endif #if OPENSSL_API_COMPAT < 0x10100000L # ifndef OPENSSL_NO_TLS1_2_METHOD @@ -332,6 +334,7 @@ const SSL_METHOD *DTLSv1_client_method(void) } # endif +# ifndef OPENSSL_NO_GMTLS # ifndef OPENSSL_NO_GMTLS_METHOD const SSL_METHOD *GMTLS_method(void) { @@ -348,5 +351,6 @@ const SSL_METHOD *GMTLS_client_method(void) return gmtls_client_method(); } # endif +# endif #endif diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 200c57c7..5bf3ede2 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -1,3 +1,51 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ /* * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * @@ -228,7 +276,7 @@ int ssl3_get_record(SSL *s) goto f_err; } -#ifndef OPENSSL_NO_GMTLS_METHOD +#ifndef OPENSSL_NO_GMTLS if (version == GMTLS_VERSION) { /* do nothing */ } else diff --git a/test/bad_dtls_test.c b/test/bad_dtls_test.c index 1408a135..47956dda 100644 --- a/test/bad_dtls_test.c +++ b/test/bad_dtls_test.c @@ -70,7 +70,13 @@ static int do_PRF(const void *seed1, int seed1_len, /* No error handling. If it all screws up, the test will fail anyway */ EVP_PKEY_derive_init(pctx); +#if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_SHA1) EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_md5_sha1()); +#elif !defined(OPENSSL_NO_SM3) + EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sm3()); +#else +# error "no avaiable digest" +#endif EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, master_secret, sizeof(master_secret)); EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed1, seed1_len); EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed2, seed2_len);