Re: [openssl.org #3544] Remove MWERKS support
Hi Rich, On 25.09.2014 00:09, Rich Salz via RT wrote: All sorts of pre-OSx mac support has been removed. commit 92c78463720f71e47c251ffa58493e32cd793e13 Author: Rich Salz rs...@openssl.org Date: Wed Sep 24 12:18:19 2014 -0400 RT3544: Remove MWERKS support The following #ifdef tests were all removed: __MWERKS__ MAC_OS_pre_X MAC_OS_GUSI_SOURCE MAC_OS_pre_X OPENSSL_SYS_MACINTOSH_CLASSIC OPENSSL_SYS_MACOSX_RHAPSODY Reviewed-by: Andy Polyakov ap...@openssl.org Rich Salz, OpenSSL dev team; rs...@openssl.org as already mentioned on the list the Metrowerks CodeWarrior for NetWare compiler also sets the __MWERKS__ macro - therefore please revert the changes to /crypto/rand/rand_nw.c of commit 92c78463720f71e47c251ffa58493e32cd793e13 because this is a NetWare-only file and has nothing to do with your intention to remove old MAC_OS support. Thanks! __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3569] AutoReply: [PATCH] fix NetWare compilation with branch 1.0.1 / 1.0.2
Hi, it would be cool to get the patch below applied before another round of new releases or betas goes out ... On 17.10.2014 21:17, The default queue via RT wrote: - Attached patch adds: - a recursive ssl include since NetWare CodeWarrior compiler doesnt properly lookup includes when in same directory as the C file which includes it. --- util/pl/netware.pl.orig Tue Jul 22 21:41:23 2014 +++ util/pl/netware.plFri Aug 08 13:52:43 2014 @@ -212,7 +212,7 @@ #Turned off the possible warnings ( -w nopossible ). Metrowerks #complained a lot about various stuff. May want to turn back #on for further development. - $cflags.= -nostdinc -ir crypto -ir engines -ir apps -I$include_path \\ + $cflags.= -nostdinc -ir crypto -ir ssl -ir engines -ir apps -I$include_path \\ -msgstyle gcc -align 4 -processor pentium -char unsigned \\ -w on -w nolargeargs -w nopossible -w nounusedarg -w nounusedexpr \\ -w noimplicitconv -relax_pointers -nosyspath -maxerrors 20; please apply to OpenSSL 1.0.1 and 1.0.2 branch. Thanks! and of course also HEAD. Thanks, Guenter. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #3569] [PATCH] fix NetWare compilation with branch 1.0.1 / 1.0.2
Attached patch adds: - a recursive ssl include since NetWare CodeWarrior compiler doesnt properly lookup includes when in same directory as the C file which includes it. --- util/pl/netware.pl.orig Tue Jul 22 21:41:23 2014 +++ util/pl/netware.pl Fri Aug 08 13:52:43 2014 @@ -212,7 +212,7 @@ #Turned off the possible warnings ( -w nopossible ). Metrowerks #complained a lot about various stuff. May want to turn back #on for further development. - $cflags.= -nostdinc -ir crypto -ir engines -ir apps -I$include_path \\ + $cflags.= -nostdinc -ir crypto -ir ssl -ir engines -ir apps -I$include_path \\ -msgstyle gcc -align 4 -processor pentium -char unsigned \\ -w on -w nolargeargs -w nopossible -w nounusedarg -w nounusedexpr \\ -w noimplicitconv -relax_pointers -nosyspath -maxerrors 20; please apply to OpenSSL 1.0.1 and 1.0.2 branch. Thanks! --- util/pl/netware.pl.orig Tue Jul 22 21:41:23 2014 +++ util/pl/netware.pl Fri Aug 08 13:52:43 2014 @@ -212,7 +212,7 @@ #Turned off the possible warnings ( -w nopossible ). Metrowerks #complained a lot about various stuff. May want to turn back #on for further development. - $cflags.= -nostdinc -ir crypto -ir engines -ir apps -I$include_path \\ + $cflags.= -nostdinc -ir crypto -ir ssl -ir engines -ir apps -I$include_path \\ -msgstyle gcc -align 4 -processor pentium -char unsigned \\ -w on -w nolargeargs -w nopossible -w nounusedarg -w nounusedexpr \\ -w noimplicitconv -relax_pointers -nosyspath -maxerrors 20;
Re: [openssl.org #2444] Failure in build of the test programs (1.0.0c on MinGW)
Am 03.02.2011 16:39, schrieb via RT: Hello, I failed to build 1.0.0c on MinGW with the default config settings. The make command stopped at the test program build phase, because of empty source files: md2test.c, rc5test.c, and jpaketest.c. To work around this problem, the config arguments enable-md2 enable-rc5 experimental-jpake were required. duplicate - see #2377: http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=2377 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2426] [PATCH] fix Borland C++ 5.5 compilation
Borland C++ 5.5 does not use underscored _ftime and _timeb, therefore code in ./crypto/bio/bss_dgram.c and ./ssl/d1_lib.c breaks. The quick hack to fix this would be to add defines in e_os.h in the __BORLANDC__ block: --- e_os.h.orig Mon May 31 14:18:08 2010 +++ e_os.h Tue Jan 11 12:41:04 2011 @@ -348,6 +348,8 @@ #define _O_BINARY O_BINARY #define _int64 __int64 #define _kbhit kbhit +#define _ftime ftime +#define _timeb timeb # endif # define EXIT(n) exit(n) but I'd suggest to go another route and clean up the code in ./crypto/bio/bss_dgram.c and ./ssl/d1_lib.c a bit: --- e_os.h.orig Mon May 31 14:18:08 2010 +++ e_os.h Tue Jan 11 12:51:05 2011 @@ -345,12 +345,15 @@ # if defined (__BORLANDC__) #define _setmode setmode #define _O_TEXT O_TEXT #define _O_BINARY O_BINARY #define _int64 __int64 #define _kbhit kbhit +# else +#define ftime _ftime +#define timeb _timeb # endif # define EXIT(n) exit(n) # define LIST_SEPARATOR_CHAR ';' # ifndef X_OK #define X_OK 0 # --- crypto/bio/bss_dgram.c.orig Thu Jan 07 11:44:21 2010 +++ crypto/bio/bss_dgram.c Tue Jan 11 12:54:43 2011 @@ -814,12 +814,7 @@ static void get_current_time(struct timeval *t) { -#ifdef OPENSSL_SYS_WIN32 - struct _timeb tb; - _ftime(tb); - t-tv_sec = (long)tb.time; - t-tv_usec = (long)tb.millitm * 1000; -#elif defined(OPENSSL_SYS_VMS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) struct timeb tb; ftime(tb); t-tv_sec = (long)tb.time; # --- ssl/d1_lib.c.orig Tue Apr 06 13:29:21 2010 +++ ssl/d1_lib.cTue Jan 11 12:56:21 2011 @@ -364,12 +364,7 @@ static void get_current_time(struct timeval *t) { -#ifdef OPENSSL_SYS_WIN32 - struct _timeb tb; - _ftime(tb); - t-tv_sec = (long)tb.time; - t-tv_usec = (long)tb.millitm * 1000; -#elif defined(OPENSSL_SYS_VMS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) struct timeb tb; ftime(tb); t-tv_sec = (long)tb.time; attached patch is against OpenSSL 1.0.0c. --- e_os.h.orig Mon May 31 14:18:08 2010 +++ e_os.h Tue Jan 11 12:51:05 2011 @@ -345,12 +345,15 @@ # if defined (__BORLANDC__) #define _setmode setmode #define _O_TEXT O_TEXT #define _O_BINARY O_BINARY #define _int64 __int64 #define _kbhit kbhit +# else +#define ftime _ftime +#define timeb _timeb # endif # define EXIT(n) exit(n) # define LIST_SEPARATOR_CHAR ';' # ifndef X_OK #define X_OK 0 # --- crypto/bio/bss_dgram.c.orig Thu Jan 07 11:44:21 2010 +++ crypto/bio/bss_dgram.c Tue Jan 11 12:54:43 2011 @@ -814,12 +814,7 @@ static void get_current_time(struct timeval *t) { -#ifdef OPENSSL_SYS_WIN32 - struct _timeb tb; - _ftime(tb); - t-tv_sec = (long)tb.time; - t-tv_usec = (long)tb.millitm * 1000; -#elif defined(OPENSSL_SYS_VMS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) struct timeb tb; ftime(tb); t-tv_sec = (long)tb.time; # --- ssl/d1_lib.c.orig Tue Apr 06 13:29:21 2010 +++ ssl/d1_lib.cTue Jan 11 12:56:21 2011 @@ -364,12 +364,7 @@ static void get_current_time(struct timeval *t) { -#ifdef OPENSSL_SYS_WIN32 - struct _timeb tb; - _ftime(tb); - t-tv_sec = (long)tb.time; - t-tv_usec = (long)tb.millitm * 1000; -#elif defined(OPENSSL_SYS_VMS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) struct timeb tb; ftime(tb); t-tv_sec = (long)tb.time;
Re: [openssl.org #2426] [PATCH] fix Borland C++ 5.5 compilation
Am 11.01.2011 14:40, schrieb Guenter via RT: Borland C++ 5.5 does not use underscored _ftime and _timeb, therefore code in ./crypto/bio/bss_dgram.c and ./ssl/d1_lib.c breaks. The quick hack to fix this would be to add defines in e_os.h in the __BORLANDC__ block: --- e_os.h.orig Mon May 31 14:18:08 2010 +++ e_os.h Tue Jan 11 12:41:04 2011 @@ -348,6 +348,8 @@ #define _O_BINARY O_BINARY #define _int64 __int64 #define _kbhit kbhit +#define _ftime ftime +#define _timeb timeb # endif # define EXIT(n) exit(n) but I'd suggest to go another route and clean up the code in ./crypto/bio/bss_dgram.c and ./ssl/d1_lib.c a bit: --- e_os.h.orig Mon May 31 14:18:08 2010 +++ e_os.hTue Jan 11 12:51:05 2011 @@ -345,12 +345,15 @@ # if defined (__BORLANDC__) #define _setmode setmode #define _O_TEXT O_TEXT #define _O_BINARY O_BINARY #define _int64 __int64 #define _kbhit kbhit +# else +#define ftime _ftime +#define timeb _timeb # endif # define EXIT(n) exit(n) # define LIST_SEPARATOR_CHAR ';' # ifndef X_OK #define X_OK 0 # --- crypto/bio/bss_dgram.c.orig Thu Jan 07 11:44:21 2010 +++ crypto/bio/bss_dgram.cTue Jan 11 12:54:43 2011 @@ -814,12 +814,7 @@ static void get_current_time(struct timeval *t) { -#ifdef OPENSSL_SYS_WIN32 - struct _timeb tb; - _ftime(tb); - t-tv_sec = (long)tb.time; - t-tv_usec = (long)tb.millitm * 1000; -#elif defined(OPENSSL_SYS_VMS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) struct timeb tb; ftime(tb); t-tv_sec = (long)tb.time; # --- ssl/d1_lib.c.orig Tue Apr 06 13:29:21 2010 +++ ssl/d1_lib.c Tue Jan 11 12:56:21 2011 @@ -364,12 +364,7 @@ static void get_current_time(struct timeval *t) { -#ifdef OPENSSL_SYS_WIN32 - struct _timeb tb; - _ftime(tb); - t-tv_sec = (long)tb.time; - t-tv_usec = (long)tb.millitm * 1000; -#elif defined(OPENSSL_SYS_VMS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) struct timeb tb; ftime(tb); t-tv_sec = (long)tb.time; attached patch is against OpenSSL 1.0.0c. the same fix should be applied to OpenSSL 0.9.8 branch as well. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2428] [PATCH] fix Borland C++ 5.5 compilation /2
Borland C++ 5.5 does not use underscored symbols for stat friends: --- crypto/rand/randfile.c.orig Sat Jun 12 14:18:55 2010 +++ crypto/rand/randfile.c Tue Jan 11 15:48:11 2011 @@ -81,7 +81,7 @@ # include sys/stat.h #endif -#ifdef _WIN32 +#if defined(_WIN32) !defined(__BORLANDC__) #define stat _stat #define chmod _chmod #define open _open --- crypto/x509/by_dir.c.orig Fri Feb 19 19:25:39 2010 +++ crypto/x509/by_dir.cTue Jan 11 16:10:40 2011 @@ -74,7 +74,7 @@ #include openssl/lhash.h #include openssl/x509.h -#ifdef _WIN32 +#if defined(_WIN32) !defined(__BORLANDC__) #define stat _stat #endif same goes for getpid on 1.0.0: --- engines/e_aep.c.origThu Nov 18 23:59:42 2010 +++ engines/e_aep.c Tue Jan 11 13:22:47 2011 @@ -68,7 +68,7 @@ #if defined(OPENSSL_SYS_NETWARE) defined(NETWARE_CLIB) #define getpid GetThreadID extern int GetThreadID(void); -#elif defined(_WIN32) !defined(__WATCOMC__) +#elif defined(_WIN32) !defined(__WATCOMC__) !defined(__BORLANDC__) #define getpid _getpid #endif and for 0.9.8 we should also backport #2375: --- engines/e_aep.c.origTue Dec 30 14:30:57 2008 +++ engines/e_aep.c Tue Jan 11 16:15:45 2011 @@ -68,6 +68,8 @@ #if defined(OPENSSL_SYS_NETWARE) defined(NETWARE_CLIB) #define getpid GetThreadID extern int GetThreadID(void); +#elif defined(_WIN32) !defined(__WATCOMC__) !defined(__BORLANDC__) +#define getpid _getpid #endif #include openssl/crypto.h @@ -867,13 +869,7 @@ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); -#ifdef NETWARE_CLIB - curr_pid = GetThreadID(); -#elif defined(_WIN32) - curr_pid = _getpid(); -#else curr_pid = getpid(); -#endif /*Check if this is the first time this is being called from the current process*/ --- engines/e_aep.c.origThu Nov 18 23:59:42 2010 +++ engines/e_aep.c Tue Jan 11 13:22:47 2011 @@ -68,7 +68,7 @@ #if defined(OPENSSL_SYS_NETWARE) defined(NETWARE_CLIB) #define getpid GetThreadID extern int GetThreadID(void); -#elif defined(_WIN32) !defined(__WATCOMC__) +#elif defined(_WIN32) !defined(__WATCOMC__) !defined(__BORLANDC__) #define getpid _getpid #endif --- engines/e_aep.c.origTue Dec 30 14:30:57 2008 +++ engines/e_aep.c Tue Jan 11 16:15:45 2011 @@ -68,6 +68,8 @@ #if defined(OPENSSL_SYS_NETWARE) defined(NETWARE_CLIB) #define getpid GetThreadID extern int GetThreadID(void); +#elif defined(_WIN32) !defined(__WATCOMC__) !defined(__BORLANDC__) +#define getpid _getpid #endif #include openssl/crypto.h @@ -867,13 +869,7 @@ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); -#ifdef NETWARE_CLIB - curr_pid = GetThreadID(); -#elif defined(_WIN32) - curr_pid = _getpid(); -#else curr_pid = getpid(); -#endif /*Check if this is the first time this is being called from the current process*/
[openssl.org #2429] [PATCH] fix Borland C++ 5.5 compilation /3
Attached patches add: - a compiler switch to suppress warnings about missing return values which are wrong since the functions do return but inside switch cases which bcc32 doesnt seem to detect correctly. - assembler detection (nasm vs. nasmw) and for 1.0.0 branch: - add crypt32.lib needed for evp_test linking .\crypto\evp\evp_test.c: ilink32 -ap -Tpe -x -Gn tmp32\evp_test.obj c0x32.obj, out32\evp_test.exe,, out32\ssleay32.lib out32\libeay32.lib cw32mt.lib import32.lib Turbo Incremental Link 5.00 Copyright (c) 1997, 2000 Borland Error: Unresolved external 'CertGetCertificateContextProperty' referenced from D:\PROJECTS\BCC\OPENSSL-1.0.0C\OUT32\LIBEAY32.LIB|e_capi Error: Unresolved external 'CertOpenStore' referenced from D:\PROJECTS\BCC\OPENSSL-1.0.0C\OUT32\LIBEAY32.LIB|e_capi Error: Unresolved external 'CertFindCertificateInStore' referenced from D:\PROJECTS\BCC\OPENSSL-1.0.0C\OUT32\LIBEAY32.LIB|e_capi Error: Unresolved external 'CertEnumCertificatesInStore' referenced from D:\PROJECTS\BCC\OPENSSL-1.0.0C\OUT32\LIBEAY32.LIB|e_capi Error: Unresolved external 'CertDuplicateCertificateContext' referenced from D:\PROJECTS\BCC\OPENSSL-1.0.0C\OUT32\LIBEAY32.LIB|e_capi Error: Unresolved external 'CertFreeCertificateContext' referenced from D:\PROJECTS\BCC\OPENSSL-1.0.0C\OUT32\LIBEAY32.LIB|e_capi Error: Unresolved external 'CertCloseStore' referenced from D:\PROJECTS\BCC\OPENSSL-1.0.0C\OUT32\LIBEAY32.LIB|e_capi --- util/pl/BC-32.pl.orig Thu Apr 17 11:19:16 2008 +++ util/pl/BC-32.plTue Jan 11 16:53:58 2011 @@ -18,7 +18,7 @@ $tmp_def=tmp32; $inc_def=inc32; #enable max error messages, disable most common warnings -$cflags=-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp ; +$cflags=-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl -w-rvl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp ; if ($debug) { $cflags.=-Od -y -v -vi- -D_DEBUG; @@ -38,7 +38,7 @@ $exep='.exe'; if ($no_sock) { $ex_libs=; } -else { $ex_libs=cw32mt.lib import32.lib; } +else { $ex_libs=cw32mt.lib import32.lib crypt32.lib; } # static library stuff $mklib='tlib /P64'; @@ -51,7 +51,8 @@ $shlib_ex_obj=; $app_ex_obj=c0x32.obj; -$asm='nasmw -f obj -d__omf__'; +$asm=(`nasm -v 2NUL` gt `nasmw -v 2NUL`?nasm:nasmw); +$asm.=' -f obj -d__omf__'; $asm.= /Zi if $debug; $afile='-o'; --- util/pl/BC-32.pl.orig Tue Sep 20 08:09:29 2005 +++ util/pl/BC-32.plTue Jan 11 16:53:28 2011 @@ -18,7 +18,7 @@ $tmp_def=tmp32; $inc_def=inc32; #enable max error messages, disable most common warnings -$cflags=-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp ; +$cflags=-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl -w-rvl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp ; if ($debug) { $cflags.=-Od -y -v -vi- -D_DEBUG; @@ -51,7 +51,8 @@ $shlib_ex_obj=; $app_ex_obj=c0x32.obj; -$asm='nasmw -f obj -d__omf__'; +$asm=(`nasm -v 2NUL` gt `nasmw -v 2NUL`?nasm:nasmw); +$asm.=' -f obj -d__omf__'; $asm.= /Zi if $debug; $afile='-o';
[openssl.org #2427] [PATCH] fix Borland C++ 5.5 redefine
Borland C++ 5.5 warns about: .\crypto\rand\randfile.c: Warning W8017 d:\prg\Bcc55\include\sys/stat.h 34: Redefinition of 'S_IFMT' is not identical Warning W8017 d:\prg\Bcc55\include\sys/stat.h 35: Redefinition of 'S_IFDIR' is not identical and: .\crypto\x509\by_dir.c: Warning W8017 d:\prg\Bcc55\include\sys/stat.h 34: Redefinition of 'S_IFMT' is not identical Warning W8017 d:\prg\Bcc55\include\sys/stat.h 35: Redefinition of 'S_IFDIR' is not identical in e_os.h we have: # ifndef S_IFDIR #define S_IFDIR _S_IFDIR # endif # ifndef S_IFMT #define S_IFMT _S_IFMT # endif now the prob is that randfile.c as well as by_dir.c both include e_os.h (by_dir.c via cryptlib.h) *before* including sys/stat.h - therefore the test in e_os.h for these defines is useless. One option would be to include sys/stat.h in e_os.h before testing these defines, but I've no idea if all platforms which process this block really have a sys/stat.h (maybe _WIN32_WCE has not?); else the warnings are cured with surrounding these defines with '#ifndef __BORLANDC__': --- e_os.h.org Tue Jan 11 15:08:35 2011 +++ e_os.h Tue Jan 11 15:37:55 2011 @@ -236,12 +236,14 @@ #define DEVRANDOM /dev/urandom\x24 # endif /* __DJGPP__ */ -# ifndef S_IFDIR -#define S_IFDIR_S_IFDIR -# endif +# if !defined (__BORLANDC__) +#ifndef S_IFDIR +# define S_IFDIR _S_IFDIR +#endif -# ifndef S_IFMT -#define S_IFMT _S_IFMT +#ifndef S_IFMT +# define S_IFMT _S_IFMT +#endif # endif # if !defined(WINNT) !defined(__DJGPP__) This prob exists with OpenSSL 0.9.8q as well as with 1.0.0c. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2377] MingW32 test compilation breaks (1.0.0b)
Am 23.11.2010 23:58, schrieb Andy Polyakov via RT: My MSYS is older... What I can tell about it is that 'ln -s' works by *copying* the file to target location. Or should I say pretends working. Your tar might do the same, i.e. defer symlink resolution till the end of tar-file and copy the files. Can you confirm this? It should be noted that Vista and onward implements symbolic links, and it's not impossible to imagine that new enough MSYS would take advantage of it:-) also did just some tests on Linux, and it seems that -h does only work for archiving, but not extracting: tar xfz openssl-1.0.0b.tar.gz tar cf openssl-1.0.0b.tar openssl-1.0.0b/ tar chf openssl-1.0.0b-h.tar openssl-1.0.0b/ ll *.tar -rw-r--r-- 1 root root 21575680 Nov 20 03:15 openssl-1.0.0b-h.tar -rw-r--r-- 1 root root 19793920 Nov 20 03:15 openssl-1.0.0b.tar Right, this was exactly suggestion in #2273. I.e. re-pack resolving symbolic links. Either way, shall we settle for http://cvs.openssl.org/chngview?cn=20071. Cheers. A. yes, that's ok - lets close this bug then. Günter. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2323] bug in openssl commandline tool with md5 fingerprint output
Hi, Am 28.08.2010 00:19, schrieb Guenter via RT: I've meanwhile checked apps/x509.c, and patching it to send output to file is trivial (attached); but looking at the other output options around these lines makes me a bit unsure if these options are intended to go to STDOUT rather than to honor a file option? However if the later then I'm asking me why? Almost all options print their output to STDOUT and ignore a file option - except for the text option ... no comments on this? Is this behaviour now intended? Then lets close the RT with a comment stating this; or just an oversight, and can we then fix this (see my patches)? Günter. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2377] MingW32 test compilation breaks (1.0.0b)
Andy, Am 19.11.2010 22:38, schrieb Andy Polyakov via RT: yes - that's same issue; I did delete my source tree, and extracted from MSYS with: tar xfhz openssl-1.0.0b.tar.gz Is it correctly understood that in this context 'h' option simply omits symbolic links? I get a bunch of Cannot create symlink to with corresponding consequences. Configure then recreates them by copying files symlinks should point to. Can you confirm this? A. nope. See: http://linux.die.net/man/1/tar -h, --dereference don't dump symlinks; dump the files they point to I dont see what you describe; but some more tests on MSYS show that it works also correctly even when I extract the release archive with standard command: tar xfz openssl-1.0.0b.tar.gz so I guess with 1st trial I did extract with 7-Zip (stupid habbit on Windoze) which caused the symlinks stripped. MSYS tar seems clever enough to dump the files when it sees symlinks ... also did just some tests on Linux, and it seems that -h does only work for archiving, but not extracting: tar xfz openssl-1.0.0b.tar.gz tar cf openssl-1.0.0b.tar openssl-1.0.0b/ tar chf openssl-1.0.0b-h.tar openssl-1.0.0b/ ll *.tar -rw-r--r-- 1 root root 21575680 Nov 20 03:15 openssl-1.0.0b-h.tar -rw-r--r-- 1 root root 19793920 Nov 20 03:15 openssl-1.0.0b.tar when I extract with -h I can still see symlinks in ./test folder ... apologies for not fully testing at 1st time. New patch below: --- INSTALL.W32.orig2010-07-09 14:31:41 + +++ INSTALL.W32 2010-11-20 02:51:07 + @@ -184,6 +184,10 @@ MinGW and MSYS are available from http://www.mingw.org/, both are required. Run the installers and do whatever magic they say it takes to start MSYS bash shell with GNU tools on its PATH. + Since the release tarballs contain symlinks which Windows cant deal + with you must use MSYS tar in order to dereference the symlinks: + $ tar xfz openssl-x.y.zr.tar.gz + Dont use a GUI tool like 7-Zip or WinZip for extracting! * Compile OpenSSL: BTW. I tested with a relatively new MSYS version - msysinfo: MSYS 1.0.15(0.47/3/2) 2010-07-06 22:04 i686 unknown; targ=MINGW32 and: gcc version 4.5.0 (GCC) Günter. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2374] [PATCH] mingw32 cant compile e_capi.c (1.0.0b)
Hi, it seems that all native MingW32 versions (tested with MingW32 4.50) lack of stuff to compile e_capi.c: gcc -I../include -DOPENSSL_THREADS -D_MT -DDSO_WIN32 -mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -c -o e_capi.o e_capi.c e_capi.c: In function 'capi_get_pkey': e_capi.c:671:3: error: 'DSSPUBKEY' undeclared (first use in this function) e_capi.c:671:3: note: each undeclared identifier is reported only once for each function it appears in e_capi.c:671:14: error: 'dp' undeclared (first use in this function) e_capi.c:674:20: error: expected expression before ')' token e_capi.c:718:3: warning: format '%lx' expects type 'long unsigned int', but argument 4 has type 'ALG_ID' e_capi.c: In function 'capi_rsa_sign': e_capi.c:818:3: warning: format '%lx' expects type 'long unsigned int', but argument 4 has type 'int' e_capi.c: In function 'capi_rsa_priv_dec': e_capi.c:912:2: warning: passing argument 6 of 'CryptDecrypt' from incompatible pointer type d:\mingw\bin\../lib/gcc/mingw32/4.5.0/../../../../include/wincrypt.h:1209:23: note: expected 'PDWORD' but argument is of type 'int *' e_capi.c: In function 'capi_get_provname': e_capi.c:1090:2: warning: implicit declaration of function 'CryptEnumProvidersA' e_capi.c: In function 'capi_list_providers': e_capi.c:1129:3: warning: format '%d' expects type 'int', but argument 3 has type 'DWORD' e_capi.c:1129:3: warning: format '%d' expects type 'int', but argument 5 has type 'DWORD' e_capi.c: In function 'capi_list_containers': e_capi.c:1173:3: warning: pointer targets in passing argument 3 of 'CryptGetProvParam' differ in signedness d:\mingw\bin\../lib/gcc/mingw32/4.5.0/../../../../include/wincrypt.h:1203:23: note: expected 'PBYTE' but argument is of type 'LPSTR' e_capi.c:1188:3: warning: format '%d' expects type 'int', but argument 3 has type 'DWORD' e_capi.c: In function 'capi_dump_prov_info': e_capi.c:1239:2: warning: format '%d' expects type 'int', but argument 4 has type 'DWORD' e_capi.c:1240:2: warning: format '%d' expects type 'int', but argument 4 has type 'DWORD' e_capi.c: In function 'capi_dump_cert': e_capi.c:1290:2: warning: passing argument 2 of 'd2i_X509' from incompatible pointer type ../include/openssl/x509.h:834:1: note: expected 'const unsigned char **' but argument is of type 'unsigned char **' e_capi.c: In function 'capi_open_store': e_capi.c:1328:25: error: 'CERT_STORE_PROV_SYSTEM_A' undeclared (first use in this function) e_capi.c: In function 'capi_list_certs': e_capi.c:1369:11: warning: unused variable 'fname' e_capi.c: In function 'capi_ctx_new': e_capi.c:1529:5: error: 'CERT_STORE_READONLY_FLAG' undeclared (first use in this function) e_capi.c: In function 'capi_load_ssl_client_cert': e_capi.c:1632:5: warning: pointer targets in assignment differ in signedness e_capi.c:1633:3: warning: passing argument 2 of 'd2i_X509' from incompatible pointer type ../include/openssl/x509.h:834:1: note: expected 'const unsigned char **' but argument is of type 'const char **' make[1]: *** [e_capi.o] Error 1 make[1]: Leaving directory `/d/openssl-1.0.0b/engines' Therefore I've added some more define tests to OpenSSL 1.0.0b e_capi.c to furher check what we have (or not) in wincrypt.h: --- e_capi.c.orig Mon Mar 15 23:29:20 2010 +++ e_capi.cThu Nov 18 17:43:19 2010 @@ -76,10 +76,16 @@ * CertGetCertificateContextProperty. CERT_KEY_PROV_INFO_PROP_ID is * one of possible values you can pass to function in question. By * checking if it's defined we can see if wincrypt.h and accompanying - * crypt32.lib are in shape. Yes, it's rather weak test and if - * compilation fails, then re-configure with -DOPENSSL_NO_CAPIENG. + * crypt32.lib are in shape. The native MingW32 headers up to and + * including __W32API_VERSION 3.14 lack of struct DSSPUBKEY and the + * defines CERT_STORE_PROV_SYSTEM_A and CERT_STORE_READONLY_FLAG, + * so we check for these too and avoid compiling. + * Yes, it's rather weak test and if compilation fails, + * then re-configure with -DOPENSSL_NO_CAPIENG. */ -#ifdef CERT_KEY_PROV_INFO_PROP_ID +#if defined(CERT_KEY_PROV_INFO_PROP_ID) \ +defined(CERT_STORE_PROV_SYSTEM_A) \ +defined(CERT_STORE_READONLY_FLAG) # define __COMPILE_CAPIENG #endif /* CERT_KEY_PROV_INFO_PROP_ID */ #endif /* OPENSSL_NO_CAPIENG */ patch also attached. --- e_capi.c.orig Mon Mar 15 23:29:20 2010 +++ e_capi.cThu Nov 18 17:43:19 2010 @@ -76,10 +76,16 @@ * CertGetCertificateContextProperty. CERT_KEY_PROV_INFO_PROP_ID is * one of possible values you can pass to function in question. By * checking if it's defined we can see if wincrypt.h and accompanying - * crypt32.lib are in shape. Yes, it's rather weak test and if - * compilation fails, then re-configure with -DOPENSSL_NO_CAPIENG. + * crypt32.lib are in
[openssl.org #2375] [PATCH] cleanup / fix e_aep.c for OpenWatcom (1.0.0b)
Hi, the patch below against OpenSSL 1.0.0b cleans up getpid() usage in e_aep.c and fixes win32 target compilation with OpenWatcom: --- e_aep.c.origMon Dec 22 14:54:12 2008 +++ e_aep.c Thu Nov 18 02:11:37 2010 @@ -68,6 +68,8 @@ #if defined(OPENSSL_SYS_NETWARE) defined(NETWARE_CLIB) #define getpid GetThreadID extern int GetThreadID(void); +#elif defined(_WIN32) !defined(__WATCOMC__) +#define getpid _getpid #endif #include openssl/crypto.h @@ -867,13 +869,7 @@ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); -#ifdef NETWARE_CLIB - curr_pid = GetThreadID(); -#elif defined(_WIN32) - curr_pid = _getpid(); -#else curr_pid = getpid(); -#endif /*Check if this is the first time this is being called from the current process*/ patch also attached. --- e_aep.c.origMon Dec 22 14:54:12 2008 +++ e_aep.c Thu Nov 18 02:11:37 2010 @@ -68,6 +68,8 @@ #if defined(OPENSSL_SYS_NETWARE) defined(NETWARE_CLIB) #define getpid GetThreadID extern int GetThreadID(void); +#elif defined(_WIN32) !defined(__WATCOMC__) +#define getpid _getpid #endif #include openssl/crypto.h @@ -867,13 +869,7 @@ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); -#ifdef NETWARE_CLIB - curr_pid = GetThreadID(); -#elif defined(_WIN32) - curr_pid = _getpid(); -#else curr_pid = getpid(); -#endif /*Check if this is the first time this is being called from the current process*/
[openssl.org #2376] [PATCH] cleanup / fix cryptlib.c for OpenWatcom (1.0.0b)
Hi, the patch below against OpenSSL 1.0.0b cleans up alloca() usage in cryptlib.c and fixes win32 target compilation with OpenWatcom: --- cryptlib.c.orig Sat Apr 10 15:13:12 2010 +++ cryptlib.c Thu Nov 18 18:11:02 2010 @@ -743,6 +743,16 @@ #if defined(_WIN32) !defined(__CYGWIN__) #include tchar.h #include signal.h +#ifdef __WATCOMC__ +#if defined(_UNICODE) || defined(__UNICODE__) +#define _vsntprintf _vsnwprintf +#else +#define _vsntprintf _vsnprintf +#endif +#endif +#ifdef _MSC_VER +#define alloca _alloca +#endif #if defined(_WIN32_WINNT) _WIN32_WINNT=0x0333 int OPENSSL_isservice(void) @@ -773,11 +783,7 @@ if (len512) return -1; /* paranoia */ len++,len=~1;/* paranoia */ -#ifdef _MSC_VER -name=(WCHAR *)_alloca(len+sizeof(WCHAR)); -#else name=(WCHAR *)alloca(len+sizeof(WCHAR)); -#endif if (!GetUserObjectInformationW (h,UOI_NAME,name,len,len)) return -1; @@ -822,11 +828,7 @@ size_t len_0=strlen(fmta)+1,i; WCHAR *fmtw; -#ifdef _MSC_VER - fmtw = (WCHAR *)_alloca (len_0*sizeof(WCHAR)); -#else - fmtw = (WCHAR *)alloca (len_0*sizeof(WCHAR)); -#endif + fmtw = (WCHAR *)alloca(len_0*sizeof(WCHAR)); if (fmtw == NULL) { fmt=(const TCHAR *)Lno stack?; break; } #ifndef OPENSSL_NO_MULTIBYTE patch also attached. --- cryptlib.c.orig Sat Apr 10 15:13:12 2010 +++ cryptlib.c Thu Nov 18 18:11:02 2010 @@ -743,6 +743,16 @@ #if defined(_WIN32) !defined(__CYGWIN__) #include tchar.h #include signal.h +#ifdef __WATCOMC__ +#if defined(_UNICODE) || defined(__UNICODE__) +#define _vsntprintf _vsnwprintf +#else +#define _vsntprintf _vsnprintf +#endif +#endif +#ifdef _MSC_VER +#define alloca _alloca +#endif #if defined(_WIN32_WINNT) _WIN32_WINNT=0x0333 int OPENSSL_isservice(void) @@ -773,11 +783,7 @@ if (len512) return -1;/* paranoia */ len++,len=~1; /* paranoia */ -#ifdef _MSC_VER -name=(WCHAR *)_alloca(len+sizeof(WCHAR)); -#else name=(WCHAR *)alloca(len+sizeof(WCHAR)); -#endif if (!GetUserObjectInformationW (h,UOI_NAME,name,len,len)) return -1; @@ -822,11 +828,7 @@ size_t len_0=strlen(fmta)+1,i; WCHAR *fmtw; -#ifdef _MSC_VER - fmtw = (WCHAR *)_alloca (len_0*sizeof(WCHAR)); -#else - fmtw = (WCHAR *)alloca (len_0*sizeof(WCHAR)); -#endif + fmtw = (WCHAR *)alloca(len_0*sizeof(WCHAR)); if (fmtw == NULL) { fmt=(const TCHAR *)Lno stack?; break; } #ifndef OPENSSL_NO_MULTIBYTE
[openssl.org #2377] MingW32 test compilation breaks (1.0.0b)
Hi, OpenSSL 1.0.0b standard test compilation breaks with MingW32 / MSYS: make[2]: Entering directory `/d/openssl-1.0.0b/test' ( :; LIBDEPS=${LIBDEPS:--L.. -lssl -L.. -lcrypto -lws2_32 -lgdi32 -lcrypt32}; LDCMD=${LDCMD:-gcc}; LDFLAGS=${LDFLAGS:--DOPENSSL_THREADS -D_MT -DDSO_WIN32 -mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM}; LIBPATH=`for x in $LIBDEPS; do echo $x; done | sed -e 's/^ *-L//;t' -e d | uniq`; LIBPATH=`echo $LIBPATH | sed -e 's/ /:/g'`; LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${LDCMD} ${LDFLAGS} -o ${APPNAME:=md2test.exe} md2test.o ${LIBDEPS} ) d:/mingw/bin/../lib/gcc/mingw32/4.5.0/../../../libmingw32.a(main.o):main.c:(.text+0xd2): undefined reference to `winm...@16' collect2: ld returned 1 exit status make[2]: *** [link_app.] Error 1 make[2]: Leaving directory `/d/openssl-1.0.0b/test' make[1]: *** [md2test.exe] Error 2 seems this happens because md2, rc5, jpake are disabled by default, Makefile has: OPTIONS= no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-shared no-store no-zlib no-zlib-dynamic static-engine and the files md2test.c, jpaketest.c, rc5test.c are of zero bytes: 16.11.2010 14:41 0 rc5test.c 16.11.2010 14:41 0 jpaketest.c 16.11.2010 14:41 0 md2test.c which then cause the compiler break; when I enable these features the test files are ok, and compilation finishes, but since jpake is classified as 'experimental' this is not what everyone wants ... Günter. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2377] MingW32 test compilation breaks (1.0.0b)
Hi Andy, Am 18.11.2010 23:58, schrieb Andy Polyakov via RT: Could you examine ticket #2273. Can you confirm that it's same issue discussed at the very end? A. argh! Now remember we discussed this issue already with last release ... will asap repack the release archive on Linux and check if that does any better ... thanks, Günter. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2323] bug in openssl commandline tool with md5 fingerprint output
Hi, Am 20.08.2010 11:33, schrieb Guenter via RT: while hacking on a script where I use the openssl commandline tool for processing PEM certs I found that suprisingly the md5 fingerprint output always goes to stdout instead of using the -out stream, f.e. when using: openssl x509 -md5 -fingerprint -text -inform PEM -in tmpin.crt -out tmpout.crt the md5 fingerprint output goes to stdout while the whole rest of output goes into tmpout.crt as expected ... is this now intended behaviour, or just an oversight? If the latter I would look into the sources for fixing it ... tested versions: OpenSSL 0.9.8o 01 Jun 2010 OpenSSL 1.0.0a 1 Jun 2010 I've meanwhile checked apps/x509.c, and patching it to send output to file is trivial (attached); but looking at the other output options around these lines makes me a bit unsure if these options are intended to go to STDOUT rather than to honor a file option? However if the later then I'm asking me why? Almost all options print their output to STDOUT and ignore a file option - except for the text option ... thanks, Gün. --- x509.c.orig Fri Jun 26 13:34:21 2009 +++ x509.c Fri Aug 27 23:32:32 2010 @@ -898,11 +898,11 @@ BIO_printf(bio_err,out of memory\n); goto end; } - BIO_printf(STDout,%s Fingerprint=, + BIO_printf(out,%s Fingerprint=, OBJ_nid2sn(EVP_MD_type(digest))); for (j=0; j(int)n; j++) { - BIO_printf(STDout,%02X%c,md[j], + BIO_printf(out,%02X%c,md[j], (j+1 == (int)n) ?'\n':':'); } --- x509.c.orig Tue Jan 12 19:27:09 2010 +++ x509.c Fri Aug 27 23:38:23 2010 @@ -932,11 +932,11 @@ BIO_printf(bio_err,out of memory\n); goto end; } - BIO_printf(STDout,%s Fingerprint=, + BIO_printf(out,%s Fingerprint=, OBJ_nid2sn(EVP_MD_type(fdig))); for (j=0; j(int)n; j++) { - BIO_printf(STDout,%02X%c,md[j], + BIO_printf(out,%02X%c,md[j], (j+1 == (int)n) ?'\n':':'); }
[openssl.org #2323] bug in openssl commandline tool with md5 fingerprint output
Hi, while hacking on a script where I use the openssl commandline tool for processing PEM certs I found that suprisingly the md5 fingerprint output always goes to stdout instead of using the -out stream, f.e. when using: openssl x509 -md5 -fingerprint -text -inform PEM -in tmpin.crt -out tmpout.crt the md5 fingerprint output goes to stdout while the whole rest of output goes into tmpout.crt as expected ... is this now intended behaviour, or just an oversight? If the latter I would look into the sources for fixing it ... tested versions: OpenSSL 0.9.8o 01 Jun 2010 OpenSSL 1.0.0a 1 Jun 2010 regards, Günter. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2077] openssl 1.0.0 stable does not print all digests with help
Hi, I checked with a recent snapshot 1.0.0-stable, and found that although the openssl commandline supports now sha224, sha256, sha384, and sha512 message digests, it still only prints these: Message Digest commands (see the `dgst' command for more details) md4 md5 mdc2 rmd160 sha sha1 but 'openssl dgst x' gives: -gost-mac to use the gost-mac message digest algorithm -md_gost94 to use the md_gost94 message digest algorithm -md4to use the md4 message digest algorithm -md5to use the md5 message digest algorithm -mdc2 to use the mdc2 message digest algorithm -ripemd160 to use the ripemd160 message digest algorithm -shato use the sha message digest algorithm -sha1 to use the sha1 message digest algorithm -sha224 to use the sha224 message digest algorithm -sha256 to use the sha256 message digest algorithm -sha384 to use the sha384 message digest algorithm -sha512 to use the sha512 message digest algorithm -whirlpool to use the whirlpool message digest algorithm so seems there are a couple of digests missing ... BTW. is there a right way to get help from openssl commandline instead of just producing an error? thanks, Günter. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2066] [FEATURE-REQUEST] add -r option to checksum outputs
Hi, I did recently some research on available checksum tools on various platforms, and found its really a mess with all those different checksum outputs since there is no RFC which describes a standard format. Anyway, I think the most commonly used tools might be md5sum / sha1sum from GNU core utilities, and they are also user-friendly because they provide to validate directly from a checksum file without need for hacks with external tools (-c option). See also here where I have summarized what I've found so far: http://www.gknw.net/phpbb/viewtopic.php?t=570 as you can see there I describe how the format of openssl's output only slightly differs from the md5 / sha1 tools (two blanks are missing). In addition I have already knocked at the door from coreutils, and got a positive reply that they are willing to support openssl's format too in order to make md5sum / sha1sum even more user-friendly - however before I proceed to look into that direction I thought I ask here first if there's willingness to fix the format of openssl (add the 2 blanks) and / or add an option -r (like the *BSD md5 / sha1 have) to output the checksum in the same format as md5sum / sha1sum use; this would make it *easily* possible to automatically verify openssl-generated checksums with md5sum / sha1sum. Please do not reply here with cool sed hacks - read my summarize and you see that I'm aware of such; think more of the users who are often not able to hack around with sed, pipes, whatever. I believe that even changing the existing format to be 100% identical with md5 / sha1 (which in turn md5sum / sha1sum can deal with) is not an issue of backward compatibility since openssl has no option to verify from checksum files AFAIK; and those who use sed hacks are certainly also able to skip the two additional blanks in future. current 'openssl md5' output: MD5(dummy.gz)= 085fb517d4e442564672c6dda5490ab7 md5 output (which can be used by md5sum): MD5 (dummy.gz) = 085fb517d4e442564672c6dda5490ab7 thanks, Günter. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2066] [FEATURE-REQUEST] add -r option to checksum outputs
Hi, find below (also attached) a very simple patch which adds a -r option to the openssl 1.0 branch; the output is like this: # ./openssl md5 openssl MD5(openssl)= 4d184b33151ecde62657079a8b4c3e15 # ./openssl md5 -r openssl 4d184b33151ecde62657079a8b4c3e15 *openssl # ./openssl sha1 openssl SHA1(openssl)= f385aa365dcb11d6beef54eaef1f717c90b40a90 # ./openssl sha1 -r openssl f385aa365dcb11d6beef54eaef1f717c90b40a90 *openssl # ./openssl sha256 -r openssl a2b3d8af6fc052626f13f740cad7aaadb2700ac6a331a876da2ecbcdeacc18d7 *openssl and the check with coreutils tools succeeds: # ./openssl md5 -r openssl | md5sum -c - openssl: OK # ./openssl sha1 -r openssl | sha1sum -c - openssl: OK # ./openssl sha256 -r openssl | sha256sum -c - openssl: OK --- dgst.c.orig 2009-04-26 14:16:12.0 +0200 +++ dgst.c 2009-09-29 01:19:39.0 +0200 @@ -155,6 +155,8 @@ if ((*argv)[0] != '-') break; if (strcmp(*argv,-c) == 0) separator=1; + if (strcmp(*argv,-r) == 0) + separator=2; else if (strcmp(*argv,-rand) == 0) { if (--argc 1) break; @@ -262,6 +264,7 @@ BIO_printf(bio_err,unknown option '%s'\n,*argv); BIO_printf(bio_err,options are\n); BIO_printf(bio_err,-c to output the digest with separating colons\n); + BIO_printf(bio_err,-r to output the digest in coreutils format\n); BIO_printf(bio_err,-d to output debug info\n); BIO_printf(bio_err,-hexoutput as hex dump\n); BIO_printf(bio_err,-binary output in binary form\n); @@ -602,6 +605,12 @@ } if(binout) BIO_write(out, buf, len); + else if (sep == 2) + { + for (i=0; i(int)len; i++) + BIO_printf(out, %02x,buf[i]); + BIO_printf(out, *%s\n, file); + } else { if (sig_name) as you see I have just re-used the separator / sep variables which avoids adding another parameter to do_fp(); however if we do it that way then we should probably rename it to something like optoutput / optout ... Günter. --- dgst.c.orig 2009-04-26 14:16:12.0 +0200 +++ dgst.c 2009-09-29 01:19:39.0 +0200 @@ -155,6 +155,8 @@ if ((*argv)[0] != '-') break; if (strcmp(*argv,-c) == 0) separator=1; + if (strcmp(*argv,-r) == 0) + separator=2; else if (strcmp(*argv,-rand) == 0) { if (--argc 1) break; @@ -262,6 +264,7 @@ BIO_printf(bio_err,unknown option '%s'\n,*argv); BIO_printf(bio_err,options are\n); BIO_printf(bio_err,-c to output the digest with separating colons\n); + BIO_printf(bio_err,-r to output the digest in coreutils format\n); BIO_printf(bio_err,-d to output debug info\n); BIO_printf(bio_err,-hexoutput as hex dump\n); BIO_printf(bio_err,-binary output in binary form\n); @@ -602,6 +605,12 @@ } if(binout) BIO_write(out, buf, len); + else if (sep == 2) + { + for (i=0; i(int)len; i++) + BIO_printf(out, %02x,buf[i]); + BIO_printf(out, *%s\n, file); + } else { if (sig_name)
[openssl.org #2005] Re: OpenSSL 1.0.0 beta3 release
Hi Steve, Dr. Stephen Henson schrieb: Does adding Netware to the OPENSSL_SYS_BEOS_BONE part which #undefs AF_INET6 in b_sock.c work or do you need additional cases? yes, this works at first glance (cant tell more since I have finally a linkage prob so cant test ATM); with below patch compilation finishes: --- crypto/bio/b_sock.c.origMon Apr 27 21:30:36 2009 +++ crypto/bio/b_sock.c Wed Jul 22 16:37:44 2009 @@ -88,8 +88,8 @@ static int wsa_init_done=0; #endif -#if defined(OPENSSL_SYS_BEOS_BONE) -/* BONE's IP6 support is incomplete */ +#if defined(OPENSSL_SYS_BEOS_BONE) || defined(NETWARE_CLIB) +/* BONE's and NetWare's CLIB IP6 support is incomplete */ #undef AF_INET6 #endif Instead of changing every single case we could instead have an #ifdef OPENSSL_USE_IPV6 and set that in an appropriate way in a header file. yes, that would be fine - which header do you suggest? It must then be a header which is always included after the system headers, or else AF_INET6 would get defined again through the system headers, or? So I think its more save to change all '#ifdef AF_INET6' to '#if OPENSSL_USE_IPV6', and then in one header something like: #if defined(OPENSSL_SYS_BEOS_BONE) || defined(NETWARE_CLIB) /* BONE's and NetWare's CLIB IP6 support is incomplete */ #define OPENSSL_USE_IPV6 0 #endif #if !defined(OPENSSL_USE_IPV6) defined(AF_INET6) #define OPENSSL_USE_IPV6 1 #endif Günter. --- crypto/bio/b_sock.c.orig Mon Apr 27 21:30:36 2009 +++ crypto/bio/b_sock.c Wed Jul 22 16:37:44 2009 @@ -88,8 +88,8 @@ static int wsa_init_done=0; #endif -#if defined(OPENSSL_SYS_BEOS_BONE) -/* BONE's IP6 support is incomplete */ +#if defined(OPENSSL_SYS_BEOS_BONE) || defined(NETWARE_CLIB) +/* BONE's and NetWare's CLIB IP6 support is incomplete */ #undef AF_INET6 #endif
Re: [openssl.org #1946] Resolved: [PATCH] NetWare fix compilr break in
Hi Steve, Stephen Henson via RT schrieb: According to our records, your request has been resolved. If you have any further questions or concerns, please respond to this message. sorry to bother again, but seems you have only applied to HEAD and 1.0.0-stable, but not yet to 0.9.8-stable [18268],[18269]: http://cvs.openssl.org/rlog?f=openssl/ssl/dtls1.h thanks, Gün. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1954] [PATCH] NetWare fix for compilation break with nonexisting include
the NetWare CLIB platform has no strings.h header, and therefore compilation breaks in apps/apps.c (CVS HEAD): --- apps/apps.c.origWed May 13 13:32:45 2009 +++ apps/apps.c Fri Jun 12 15:05:42 2009 @@ -118,7 +118,7 @@ #include stdio.h #include stdlib.h #include string.h -#ifndef OPENSSL_SYSNAME_WIN32 +#if !defined(OPENSSL_SYSNAME_WIN32) !defined(NETWARE_CLIB) #include strings.h #endif #include sys/types.h Since this is not the first time that this problem occurs (see #1945), and most likely not the last time, it would probably make sense that we use something like: #ifdef HAVE_STRINGS_H #include strings.h #endif and define HAVE_STRINGS_H platform-dependent in e_os.h, and make sure that e_os.h is always first included. Just a thought. Günter, --- apps/apps.c.orig Wed May 13 13:32:45 2009 +++ apps/apps.c Fri Jun 12 15:05:42 2009 @@ -118,7 +118,7 @@ #include stdio.h #include stdlib.h #include string.h -#ifndef OPENSSL_SYSNAME_WIN32 +#if !defined(OPENSSL_SYSNAME_WIN32) !defined(NETWARE_CLIB) #include strings.h #endif #include sys/types.h
Re: [openssl.org #1943] [PROPOSAL] rename uni2asc asc2uni because of naming conflict
Hi Steve, Guenter schrieb: Sure, we can do the renaming of the functions #ifdef'd for OPENSSL_SYS_NETWARE, no prob. find attached a new patch for 0.9.8-stable which renames conditionally for NetWare only. diff -ur openssl-0_9_8/apps/pkcs12.c openssl-0_9_8-patched/apps/pkcs12.c --- openssl-0_9_8/apps/pkcs12.c Wed Nov 05 19:36:35 2008 +++ openssl-0_9_8-patched/apps/pkcs12.c Mon Jun 15 01:42:13 2009 @@ -68,6 +68,12 @@ #include openssl/pem.h #include openssl/pkcs12.h +#ifdef OPENSSL_SYS_NETWARE +/* Rename these functions to avoid name clashes on NetWare OS */ +#define uni2asc OPENSSL_uni2asc +#define asc2uni OPENSSL_asc2uni +#endif + #define PROG pkcs12_main const EVP_CIPHER *enc; diff -ur openssl-0_9_8/crypto/pkcs12/p12_attr.c openssl-0_9_8-patched/crypto/pkcs12/p12_attr.c --- openssl-0_9_8/crypto/pkcs12/p12_attr.c Wed Nov 05 19:36:46 2008 +++ openssl-0_9_8-patched/crypto/pkcs12/p12_attr.c Mon Jun 15 01:44:07 2009 @@ -60,6 +60,12 @@ #include cryptlib.h #include openssl/pkcs12.h +#ifdef OPENSSL_SYS_NETWARE +/* Rename these functions to avoid name clashes on NetWare OS */ +#define uni2asc OPENSSL_uni2asc +#define asc2uni OPENSSL_asc2uni +#endif + /* Add a local keyid to a safebag */ int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, diff -ur openssl-0_9_8/crypto/pkcs12/p12_key.c openssl-0_9_8-patched/crypto/pkcs12/p12_key.c --- openssl-0_9_8/crypto/pkcs12/p12_key.c Wed Nov 05 19:36:46 2008 +++ openssl-0_9_8-patched/crypto/pkcs12/p12_key.c Mon Jun 15 01:45:14 2009 @@ -69,6 +69,12 @@ void h__dump (unsigned char *p, int len); #endif +#ifdef OPENSSL_SYS_NETWARE +/* Rename these functions to avoid name clashes on NetWare OS */ +#define uni2asc OPENSSL_uni2asc +#define asc2uni OPENSSL_asc2uni +#endif + /* PKCS12 compatible key/IV generation */ #ifndef min #define min(a,b) ((a) (b) ? (a) : (b)) diff -ur openssl-0_9_8/crypto/pkcs12/p12_utl.c openssl-0_9_8-patched/crypto/pkcs12/p12_utl.c --- openssl-0_9_8/crypto/pkcs12/p12_utl.c Wed Nov 05 19:36:47 2008 +++ openssl-0_9_8-patched/crypto/pkcs12/p12_utl.c Mon Jun 15 01:46:07 2009 @@ -60,6 +60,12 @@ #include cryptlib.h #include openssl/pkcs12.h +#ifdef OPENSSL_SYS_NETWARE +/* Rename these functions to avoid name clashes on NetWare OS */ +#define uni2asc OPENSSL_uni2asc +#define asc2uni OPENSSL_asc2uni +#endif + /* Cheap and nasty Unicode stuff */ unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen) diff -ur openssl-0_9_8/crypto/pkcs12/pkcs12.h openssl-0_9_8-patched/crypto/pkcs12/pkcs12.h --- openssl-0_9_8/crypto/pkcs12/pkcs12.h Wed Nov 05 19:36:47 2008 +++ openssl-0_9_8-patched/crypto/pkcs12/pkcs12.h Mon Jun 15 02:22:56 2009 @@ -232,9 +232,14 @@ const EVP_MD *md_type); int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, const EVP_MD *md_type); +#if defined(NETWARE) || defined(OPENSSL_SYS_NETWARE) +/* Rename these functions to avoid name clashes on NetWare OS */ +unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen); +char *OPENSSL_uni2asc(unsigned char *uni, int unilen); +#else unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen); char *uni2asc(unsigned char *uni, int unilen); - +#endif DECLARE_ASN1_FUNCTIONS(PKCS12) DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA) DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
Re: [openssl.org #1946] Resolved: [PATCH] NetWare fix compilr break in
Hi Steve, Stephen Henson via RT schrieb: According to our records, your request has been resolved. If you have any further questions or concerns, please respond to this message. I admit that I probably didnt test carefully enough; the NetWare CLIB builds get now with older SDK a redefine due to the fact that dtls1.h is used by some other C files which include the winsock header before dtls1.h and thus get the timeval struct defined via winsock2.h; so at the moment I see no other way than to check too for _WINSOCK2API_ : diff -ur openssl-0_9_8\ssl\dtls1.h openssl-0_9_8-patched\ssl\dtls1.h --- openssl-0_9_8\ssl\dtls1.h Fri Jun 05 17:05:10 2009 +++ openssl-0_9_8-patched\ssl\dtls1.h Mon Jun 15 01:34:57 2009 @@ -65,7 +65,7 @@ #ifdef OPENSSL_SYS_WIN32 /* Needed for struct timeval */ #include winsock.h -#elif defined(OPENSSL_SYS_NETWARE) +#elif (defined(OPENSSL_SYS_NETWARE) !defined(_WINSOCK2API_)) #include sys/timeval.h #endif this seems to work fine with all our 4 build flavours. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #1943] [PROPOSAL] rename uni2asc asc2uni because of naming conflict
Hi Steve, Stephen Henson via RT schrieb: Renaming global functions on a stable branch isn't something we normally do due to binary compatibility issues. Could this stuff be conditional for Netware at least in 0.9.8? sure, though I thought since the tests are anyway called by openssl-own scripts this wouldnt be an issue ... Also no idea yet how to do it conditional? Some hacking in the generated makefiles you have in mind? Günter. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #1943] [PROPOSAL] rename uni2asc asc2uni because of naming conflict
Hi Steve, Guenter schrieb: sure, though I thought since the tests are anyway called by openssl-own scripts this wouldnt be an issue ... Also no idea yet how to do it conditional? Some hacking in the generated makefiles you have in mind? sorry, I had just the other bug in mind which Norm posted about renaming the tests. Sure, we can do the renaming of the functions #ifdef'd for OPENSSL_SYS_NETWARE, no prob. Günter. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1946] [PATCH] NetWare fix compilr break in
Hi, NetWare compile of openssl-0.9.8-stable breaks in ssl/s2_meth.c with: outinc_nw_libc\openssl\dtls1.h:217: illegal use of incomplete struct/union/ outinc_nw_libc\openssl\dtls1.h:217: class 'struct timeval' find below / attached the patch against openssl-0.9.8-stable-SNAP-20090601 which fixes this issue: --- ssl/dtls1.h.origFri May 29 15:04:04 2009 +++ ssl/dtls1.h Mon Jun 01 18:37:20 2009 @@ -65,6 +65,8 @@ #ifdef OPENSSL_SYS_WIN32 /* Needed for struct timeval */ #include winsock.h +#elif defined(OPENSSL_SYS_NETWARE) +#include sys/timeval.h #endif #ifdef __cplusplus --- ssl/dtls1.h.orig Fri May 29 15:04:04 2009 +++ ssl/dtls1.h Mon Jun 01 18:37:20 2009 @@ -65,6 +65,8 @@ #ifdef OPENSSL_SYS_WIN32 /* Needed for struct timeval */ #include winsock.h +#elif defined(OPENSSL_SYS_NETWARE) +#include sys/timeval.h #endif #ifdef __cplusplus
Re: [openssl.org #1946] [PATCH] NetWare fix compile break in ssl/s2_meth.c
find below / attached the patch against openssl-0.9.8-stable-SNAP-20090601 which fixes this issue: --- ssl/dtls1.h.orig Fri May 29 15:04:04 2009 +++ ssl/dtls1.h Mon Jun 01 18:37:20 2009 @@ -65,6 +65,8 @@ #ifdef OPENSSL_SYS_WIN32 /* Needed for struct timeval */ #include winsock.h +#elif defined(OPENSSL_SYS_NETWARE) +#include sys/timeval.h #endif #ifdef __cplusplus same patch applies cleanly to openssl-1.0.0-stable-SNAP-20090601 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1943] [PROPOSAL] rename uni2asc asc2uni because of naming conflict
in NetWare we have the uni2asc() and asc2uni() functions provided by the OS. This problem was already brought to this lists attention by Verdon Walker from Novell (original NetWare port author) mid of 2002: http://www.mail-archive.com/openssl-dev@openssl.org/msg12289.html unfortunately this was not changed up to now. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1944] [PATCH] mingw32 fix compiler warning
Hi, find below a simple patch against openssl-0.9.8k which kills a gcc compiler warning about missing braces ... --- openssl-0.9.8k.orig/crypto/dso/dso_win32.c 2006-01-15 18:28:35.0 +0100 +++ openssl-0.9.8k/crypto/dso/dso_win32.c 2009-05-24 01:51:09.0 +0200 @@ -327,8 +327,8 @@ memset(result, 0, sizeof(struct file_st)); position = IN_DEVICE; - if(filename[0] == '\\' filename[1] == '\\' - || filename[0] == '/' filename[1] == '/') + if((filename[0] == '\\' filename[1] == '\\') + || (filename[0] == '/' filename[1] == '/')) { position = IN_NODE; filename += 2; __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1945] [PATCH] NetWare fix for compilation break with nonexisting include
the NetWare CLIB platform has no strings.h header, and therefore compilation breaks in crypto/o_str.c: --- crypto/o_str.c.orig Sat Mar 29 15:22:50 2008 +++ crypto/o_str.c Mon May 18 20:52:04 2009 @@ -60,7 +60,9 @@ #include e_os.h #include o_str.h -#if !defined(OPENSSL_IMPLEMENTS_strncasecmp) !defined(OPENSSL_SYSNAME_WIN32) +#if !defined(OPENSSL_IMPLEMENTS_strncasecmp) \ +!defined(OPENSSL_SYSNAME_WIN32) \ +!defined(NETWARE_CLIB) # include strings.h #endif __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #1943] [PROPOSAL] rename uni2asc asc2uni because of naming conflict
Added attached patches against 0.9.8-stable and 1.0.0-stable. diff -ur openssl-0.9.8-stable-SNAP-20090531.orig/apps/pkcs12.c openssl-0.9.8-stable-SNAP-20090531/apps/pkcs12.c --- openssl-0.9.8-stable-SNAP-20090531.orig/apps/pkcs12.c 2008-11-06 06:01:11.0 +1100 +++ openssl-0.9.8-stable-SNAP-20090531/apps/pkcs12.c 2009-06-01 10:49:47.859375000 +1000 @@ -929,7 +929,7 @@ av = sk_ASN1_TYPE_value(attr-value.set, 0); switch(av-type) { case V_ASN1_BMPSTRING: - value = uni2asc(av-value.bmpstring-data, + value = OPENSSL_uni2asc(av-value.bmpstring-data, av-value.bmpstring-length); BIO_printf(out, %s\n, value); OPENSSL_free(value); diff -ur openssl-0.9.8-stable-SNAP-20090531.orig/crypto/pkcs12/p12_attr.c openssl-0.9.8-stable-SNAP-20090531/crypto/pkcs12/p12_attr.c --- openssl-0.9.8-stable-SNAP-20090531.orig/crypto/pkcs12/p12_attr.c 2008-11-06 06:01:21.0 +1100 +++ openssl-0.9.8-stable-SNAP-20090531/crypto/pkcs12/p12_attr.c 2009-06-01 10:49:44.796875000 +1000 @@ -139,7 +139,7 @@ ASN1_TYPE *atype; if (!(atype = PKCS12_get_attr(bag, NID_friendlyName))) return NULL; if (atype-type != V_ASN1_BMPSTRING) return NULL; - return uni2asc(atype-value.bmpstring-data, + return OPENSSL_uni2asc(atype-value.bmpstring-data, atype-value.bmpstring-length); } diff -ur openssl-0.9.8-stable-SNAP-20090531.orig/crypto/pkcs12/p12_key.c openssl-0.9.8-stable-SNAP-20090531/crypto/pkcs12/p12_key.c --- openssl-0.9.8-stable-SNAP-20090531.orig/crypto/pkcs12/p12_key.c 2008-11-06 06:01:21.0 +1100 +++ openssl-0.9.8-stable-SNAP-20090531/crypto/pkcs12/p12_key.c 2009-06-01 10:44:00.109375000 +1000 @@ -84,7 +84,7 @@ if(!pass) { unipass = NULL; uniplen = 0; - } else if (!asc2uni(pass, passlen, unipass, uniplen)) { + } else if (!OPENSSL_asc2uni(pass, passlen, unipass, uniplen)) { PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE); return 0; } diff -ur openssl-0.9.8-stable-SNAP-20090531.orig/crypto/pkcs12/p12_utl.c openssl-0.9.8-stable-SNAP-20090531/crypto/pkcs12/p12_utl.c --- openssl-0.9.8-stable-SNAP-20090531.orig/crypto/pkcs12/p12_utl.c 2008-11-06 06:01:21.0 +1100 +++ openssl-0.9.8-stable-SNAP-20090531/crypto/pkcs12/p12_utl.c 2009-06-01 10:49:41.484375000 +1000 @@ -62,7 +62,7 @@ /* Cheap and nasty Unicode stuff */ -unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen) +unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen) { int ulen, i; unsigned char *unitmp; @@ -81,7 +81,7 @@ return unitmp; } -char *uni2asc(unsigned char *uni, int unilen) +char *OPENSSL_uni2asc(unsigned char *uni, int unilen) { int asclen, i; char *asctmp; diff -ur openssl-0.9.8-stable-SNAP-20090531.orig/crypto/pkcs12/pkcs12.h openssl-0.9.8-stable-SNAP-20090531/crypto/pkcs12/pkcs12.h --- openssl-0.9.8-stable-SNAP-20090531.orig/crypto/pkcs12/pkcs12.h 2008-11-06 06:01:21.0 +1100 +++ openssl-0.9.8-stable-SNAP-20090531/crypto/pkcs12/pkcs12.h 2009-06-01 10:49:38.765625000 +1000 @@ -232,8 +232,8 @@ const EVP_MD *md_type); int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, const EVP_MD *md_type); -unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen); -char *uni2asc(unsigned char *uni, int unilen); +unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen); +char *OPENSSL_uni2asc(unsigned char *uni, int unilen); DECLARE_ASN1_FUNCTIONS(PKCS12) DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA) diff -ur openssl-1.0.0-stable-SNAP-20090531.orig/apps/pkcs12.c openssl-1.0.0-stable-SNAP-20090531/apps/pkcs12.c --- openssl-1.0.0-stable-SNAP-20090531.orig/apps/pkcs12.c 2008-11-06 05:38:51.0 +1100 +++ openssl-1.0.0-stable-SNAP-20090531/apps/pkcs12.c 2009-06-01 11:08:55.09375 +1000 @@ -923,7 +923,7 @@ av = sk_ASN1_TYPE_value(attr-value.set, 0); switch(av-type) { case V_ASN1_BMPSTRING: - value = uni2asc(av-value.bmpstring-data, + value = OPENSSL_uni2asc(av-value.bmpstring-data, av-value.bmpstring-length); BIO_printf(out, %s\n, value); OPENSSL_free(value); diff -ur openssl-1.0.0-stable-SNAP-20090531.orig/crypto/pkcs12/p12_attr.c openssl-1.0.0-stable-SNAP-20090531/crypto/pkcs12/p12_attr.c --- openssl-1.0.0-stable-SNAP-20090531.orig/crypto/pkcs12/p12_attr.c 2008-11-06 05:39:00.0 +1100 +++ openssl-1.0.0-stable-SNAP-20090531/crypto/pkcs12/p12_attr.c 2009-06-01 11:08:43.62500 +1000 @@ -139,7 +139,7 @@ ASN1_TYPE *atype; if (!(atype = PKCS12_get_attr(bag, NID_friendlyName))) return NULL; if (atype-type != V_ASN1_BMPSTRING) return NULL; - return uni2asc(atype-value.bmpstring-data, + return OPENSSL_uni2asc(atype-value.bmpstring-data, atype-value.bmpstring-length); } diff -ur openssl-1.0.0-stable-SNAP-20090531.orig/crypto/pkcs12/p12_key.c