openssl-1.0.0 upgrade
external/openssl
Updated version to 1.0.0
openssl.version
Updated small records patch for 1.0.0. This is probably the most significant change.
patches/small_records.patch
Removed bad_version.patch since fix is included in 0.9.8n and beyond
patches/README
patches/bad_version.patch
openssl.config
Changed import_openssl.sh to generate armv4 asm with the 1.0.0
scripts, not our backported 0.9.9-dev backported version in
patches/arm-asm.patch.
import_openssl.sh
openssl.config
patches/README
patches/arm-asm.patch
Added -DOPENSSL_NO_STORE to match ./Configure output
Added -DOPENSSL_NO_WHIRLPOOL (no-whrlpool) to skip new optional cipher
android-config.mk
openssl.config
Fixed import to remove include directory during import like other
imported directories (apps, ssl, crypto)
import_openssl.sh
Updated UNNEEDED_SOURCES. Pruned Makefiles which we don't use.
openssl.config
Updated to build newly required files
patches/apps_Android.mk
patches/crypto_Android.mk
Disable some new openssl tools
patches/progs.patch
Updated upgrade testing notes to include running BigInteger tests
README.android
Automatically imported
android.testssl/
apps/
crypto/
e_os.h
e_os2.h
include/
ssl/
dalvik
Change makeCipherList to skip SSLv2 ciphers that 1.0.0 now returns
so there are not duplicate ciphersuite names in getEnabledCipherSuites.
libcore/x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp
Updated OpenSSLSocketImpl_cipherauthenticationmethod for new
SSL_CIPHER algorithms -> algorithm_auth (and const-ness)
libcore/x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp
Update to const SSL_CIPHER in OpenSSLSessionImpl_getCipherSuite (and cipherauthenticationmethod)
libcore/x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp
test_EnabledCipherSuites on both SSLSocketTest and
SSLServerSocketTest caught the makeCipherList problem. However the
asserts where a bit out of sync and didn't give good messages
because they didn't actually show what was going on. As part of
debugging the issue they found, I tried to make align the asserts
and improve their output for the future.
libcore/x-net/src/test/java/tests/api/javax/net/ssl/SSLServerSocketTest.java
libcore/x-net/src/test/java/tests/api/javax/net/ssl/SSLSocketTest.java
vendor/google
Add const to X509V3_EXT_METHOD* for 1.0.0 compatibility
libraries/libjingle/talk/base/openssladapter.cc
Change-Id: I608dbb2ecf4b7a15e13b3f3dcea7c0443ff01e32
diff --git a/crypto/ui/Makefile b/crypto/ui/Makefile
deleted file mode 100644
index 4755e20..0000000
--- a/crypto/ui/Makefile
+++ /dev/null
@@ -1,111 +0,0 @@
-#
-# OpenSSL/crypto/ui/Makefile
-#
-
-DIR= ui
-TOP= ../..
-CC= cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-MAKEFILE= Makefile
-AR= ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-#TEST= uitest.c
-TEST=
-APPS=
-
-COMPATSRC= ui_compat.c
-COMPATOBJ= ui_compat.o
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= ui_err.c ui_lib.c ui_openssl.c ui_util.c $(COMPATSRC)
-LIBOBJ= ui_err.o ui_lib.o ui_openssl.o ui_util.o $(COMPATOBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= ui.h ui_compat.h
-HEADER= $(EXHEADER) ui_locl.h
-
-ALL= $(GENERAL) $(SRC) $(HEADER)
-
-top:
- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all: lib
-
-lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
- $(RANLIB) $(LIB) || echo Never mind.
- @touch lib
-
-files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-
-links:
- @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
- @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
- @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
-
-tags:
- ctags $(SRC)
-
-tests:
-
-lint:
- lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
- @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
- $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
- $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
- mv -f Makefile.new $(MAKEFILE)
-
-clean:
- rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-ui_compat.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-ui_compat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/ui.h
-ui_compat.o: ../../include/openssl/ui_compat.h ui_compat.c
-ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ui_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ui_err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_err.c
-ui_lib.o: ../../e_os.h ../../include/openssl/bio.h
-ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ui_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ui_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ui_lib.o: ../cryptlib.h ui_lib.c ui_locl.h
-ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h
-ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ui_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ui_openssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ui_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ui_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ui_openssl.o: ../cryptlib.h ui_locl.h ui_openssl.c
-ui_util.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ui_util.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ui_util.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-ui_util.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ui_util.o: ../../include/openssl/ui.h ui_locl.h ui_util.c
diff --git a/crypto/ui/ui.h b/crypto/ui/ui.h
index 0182964..2b1cfa2 100644
--- a/crypto/ui/ui.h
+++ b/crypto/ui/ui.h
@@ -287,8 +287,8 @@
/* The UI_STRING type is the data structure that contains all the needed info
about a string or a prompt, including test data for a verification prompt.
*/
-DECLARE_STACK_OF(UI_STRING)
typedef struct ui_string_st UI_STRING;
+DECLARE_STACK_OF(UI_STRING)
/* The different types of strings that are currently supported.
This is only needed by method authors. */
@@ -310,11 +310,13 @@
int UI_method_set_flusher(UI_METHOD *method, int (*flusher)(UI *ui));
int UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis));
int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui));
+int UI_method_set_prompt_constructor(UI_METHOD *method, char *(*prompt_constructor)(UI* ui, const char* object_desc, const char* object_name));
int (*UI_method_get_opener(UI_METHOD *method))(UI*);
int (*UI_method_get_writer(UI_METHOD *method))(UI*,UI_STRING*);
int (*UI_method_get_flusher(UI_METHOD *method))(UI*);
int (*UI_method_get_reader(UI_METHOD *method))(UI*,UI_STRING*);
int (*UI_method_get_closer(UI_METHOD *method))(UI*);
+char* (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*);
/* The following functions are helpers for method writers to access relevant
data from a UI_STRING. */
diff --git a/crypto/ui/ui_err.c b/crypto/ui/ui_err.c
index 786bd0d..a6b9629 100644
--- a/crypto/ui/ui_err.c
+++ b/crypto/ui/ui_err.c
@@ -1,6 +1,6 @@
/* crypto/ui/ui_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index ac01008..a8abc27 100644
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -693,6 +693,17 @@
return -1;
}
+int UI_method_set_prompt_constructor(UI_METHOD *method, char *(*prompt_constructor)(UI* ui, const char* object_desc, const char* object_name))
+ {
+ if (method)
+ {
+ method->ui_construct_prompt = prompt_constructor;
+ return 0;
+ }
+ else
+ return -1;
+ }
+
int (*UI_method_get_opener(UI_METHOD *method))(UI*)
{
if (method)
@@ -733,6 +744,14 @@
return NULL;
}
+char* (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*)
+ {
+ if (method)
+ return method->ui_construct_prompt;
+ else
+ return NULL;
+ }
+
enum UI_string_types UI_get_string_type(UI_STRING *uis)
{
if (!uis)
diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
index 06270f0..1bc25f4 100644
--- a/crypto/ui/ui_openssl.c
+++ b/crypto/ui/ui_openssl.c
@@ -122,7 +122,9 @@
* sigaction and fileno included. -pedantic would be more appropriate for
* the intended purposes, but we can't prevent users from adding -ansi.
*/
-#define _POSIX_C_SOURCE 1
+#ifndef _POSIX_C_SOURCE
+#define _POSIX_C_SOURCE 2
+#endif
#include <signal.h>
#include <stdio.h>
#include <string.h>
@@ -476,7 +478,7 @@
CRYPTO_w_lock(CRYPTO_LOCK_UI);
is_a_tty = 1;
-#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)
+#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS)
tty_in=stdin;
tty_out=stderr;
#else