| List: | Internals | « Previous MessageNext Message » | |
| From: | svoj | Date: | April 28 2005 3:23pm |
| Subject: | bk commit into 5.0 tree (svoj:1.1847) | ||
| View as plain text | |||
Below is the list of changes that have just been committed into a local 5.0 repository of svoj. When svoj does a push these changes will be propagated to the main repository and, within 24 hours after the push, to the public repository. For information on how to access the public repository see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html ChangeSet 1.1847 05/04/28 18:23:27 svoj@stripped +104 -0 WL#2286 Compile MySQL w/YASSL support yaSSL-0.9.7 library bundled. extra/yassl/yassl.dsw 1.1 05/04/28 18:23:22 svoj@stripped +137 -0 extra/yassl/yassl.dsp 1.1 05/04/28 18:23:22 svoj@stripped +192 -0 extra/yassl/taocrypt/taocrypt.dsw 1.1 05/04/28 18:23:22 svoj@stripped +44 -0 extra/yassl/yassl.dsw 1.0 05/04/28 18:23:22 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/yassl.dsw extra/yassl/yassl.dsp 1.0 05/04/28 18:23:22 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/yassl.dsp extra/yassl/taocrypt/taocrypt.dsw 1.0 05/04/28 18:23:22 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/taocrypt.dsw extra/yassl/taocrypt/taocrypt.dsp 1.1 05/04/28 18:23:21 svoj@stripped +260 -0 extra/yassl/taocrypt/src/sha.cpp 1.1 05/04/28 18:23:21 svoj@stripped +144 -0 extra/yassl/taocrypt/src/rsa.cpp 1.1 05/04/28 18:23:21 svoj@stripped +215 -0 extra/yassl/taocrypt/src/ripemd.cpp 1.1 05/04/28 18:23:21 svoj@stripped +289 -0 extra/yassl/taocrypt/src/random.cpp 1.1 05/04/28 18:23:21 svoj@stripped +131 -0 extra/yassl/taocrypt/taocrypt.dsp 1.0 05/04/28 18:23:21 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/taocrypt.dsp extra/yassl/taocrypt/src/sha.cpp 1.0 05/04/28 18:23:21 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/sha.cpp extra/yassl/taocrypt/src/rsa.cpp 1.0 05/04/28 18:23:21 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/rsa.cpp extra/yassl/taocrypt/src/ripemd.cpp 1.0 05/04/28 18:23:21 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/ripemd.cpp extra/yassl/taocrypt/src/random.cpp 1.0 05/04/28 18:23:21 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/random.cpp extra/yassl/taocrypt/src/misc.cpp 1.1 05/04/28 18:23:20 svoj@stripped +132 -0 extra/yassl/taocrypt/src/md5.cpp 1.1 05/04/28 18:23:20 svoj@stripped +169 -0 extra/yassl/taocrypt/src/md2.cpp 1.1 05/04/28 18:23:20 svoj@stripped +128 -0 extra/yassl/taocrypt/src/integer.cpp 1.1 05/04/28 18:23:20 svoj@stripped +4174 -0 extra/yassl/taocrypt/src/misc.cpp 1.0 05/04/28 18:23:20 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/misc.cpp extra/yassl/taocrypt/src/md5.cpp 1.0 05/04/28 18:23:20 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/md5.cpp extra/yassl/taocrypt/src/md2.cpp 1.0 05/04/28 18:23:20 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/md2.cpp extra/yassl/taocrypt/src/integer.cpp 1.0 05/04/28 18:23:20 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/integer.cpp extra/yassl/taocrypt/src/hash.cpp 1.1 05/04/28 18:23:19 svoj@stripped +88 -0 extra/yassl/taocrypt/src/file.cpp 1.1 05/04/28 18:23:19 svoj@stripped +118 -0 extra/yassl/taocrypt/src/dsa.cpp 1.1 05/04/28 18:23:19 svoj@stripped +277 -0 extra/yassl/taocrypt/src/dh.cpp 1.1 05/04/28 18:23:19 svoj@stripped +85 -0 extra/yassl/taocrypt/src/des.cpp 1.1 05/04/28 18:23:19 svoj@stripped +435 -0 extra/yassl/taocrypt/src/hash.cpp 1.0 05/04/28 18:23:19 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/hash.cpp extra/yassl/taocrypt/src/file.cpp 1.0 05/04/28 18:23:19 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/file.cpp extra/yassl/taocrypt/src/dsa.cpp 1.0 05/04/28 18:23:19 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/dsa.cpp extra/yassl/taocrypt/src/dh.cpp 1.0 05/04/28 18:23:19 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/dh.cpp extra/yassl/taocrypt/src/des.cpp 1.0 05/04/28 18:23:19 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/des.cpp extra/yassl/taocrypt/src/coding.cpp 1.1 05/04/28 18:23:18 svoj@stripped +250 -0 extra/yassl/taocrypt/src/asn.cpp 1.1 05/04/28 18:23:18 svoj@stripped +1051 -0 extra/yassl/taocrypt/src/arc4.cpp 1.1 05/04/28 18:23:18 svoj@stripped +93 -0 extra/yassl/taocrypt/src/algebra.cpp 1.1 05/04/28 18:23:18 svoj@stripped +354 -0 extra/yassl/taocrypt/src/coding.cpp 1.0 05/04/28 18:23:18 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/coding.cpp extra/yassl/taocrypt/src/asn.cpp 1.0 05/04/28 18:23:18 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/asn.cpp extra/yassl/taocrypt/src/arc4.cpp 1.0 05/04/28 18:23:18 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/arc4.cpp extra/yassl/taocrypt/src/algebra.cpp 1.0 05/04/28 18:23:18 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/algebra.cpp extra/yassl/taocrypt/src/aestables.cpp 1.1 05/04/28 18:23:17 svoj@stripped +724 -0 extra/yassl/taocrypt/src/aes.cpp 1.1 05/04/28 18:23:17 svoj@stripped +401 -0 extra/yassl/taocrypt/src/Makefile.am 1.1 05/04/28 18:23:17 svoj@stripped +8 -0 extra/yassl/taocrypt/include/sha.hpp 1.1 05/04/28 18:23:17 svoj@stripped +65 -0 extra/yassl/taocrypt/include/runtime.hpp 1.1 05/04/28 18:23:17 svoj@stripped +91 -0 extra/yassl/taocrypt/src/aestables.cpp 1.0 05/04/28 18:23:17 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/aestables.cpp extra/yassl/taocrypt/src/aes.cpp 1.0 05/04/28 18:23:17 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/aes.cpp extra/yassl/taocrypt/src/Makefile.am 1.0 05/04/28 18:23:17 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/src/Makefile.am extra/yassl/taocrypt/include/sha.hpp 1.0 05/04/28 18:23:17 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/sha.hpp extra/yassl/taocrypt/include/runtime.hpp 1.0 05/04/28 18:23:17 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/runtime.hpp extra/yassl/taocrypt/include/rsa.hpp 1.1 05/04/28 18:23:16 svoj@stripped +253 -0 extra/yassl/taocrypt/include/ripemd.hpp 1.1 05/04/28 18:23:16 svoj@stripped +63 -0 extra/yassl/taocrypt/include/random.hpp 1.1 05/04/28 18:23:16 svoj@stripped +87 -0 extra/yassl/taocrypt/include/modes.hpp 1.1 05/04/28 18:23:16 svoj@stripped +133 -0 extra/yassl/taocrypt/include/rsa.hpp 1.0 05/04/28 18:23:16 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/rsa.hpp extra/yassl/taocrypt/include/ripemd.hpp 1.0 05/04/28 18:23:16 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/ripemd.hpp extra/yassl/taocrypt/include/random.hpp 1.0 05/04/28 18:23:16 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/random.hpp extra/yassl/taocrypt/include/modes.hpp 1.0 05/04/28 18:23:16 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/modes.hpp extra/yassl/taocrypt/include/modarith.hpp 1.1 05/04/28 18:23:15 svoj@stripped +169 -0 extra/yassl/taocrypt/include/misc.hpp 1.1 05/04/28 18:23:15 svoj@stripped +776 -0 extra/yassl/taocrypt/include/md5.hpp 1.1 05/04/28 18:23:15 svoj@stripped +63 -0 extra/yassl/taocrypt/include/md2.hpp 1.1 05/04/28 18:23:15 svoj@stripped +67 -0 extra/yassl/taocrypt/include/integer.hpp 1.1 05/04/28 18:23:15 svoj@stripped +320 -0 extra/yassl/taocrypt/include/modarith.hpp 1.0 05/04/28 18:23:15 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/modarith.hpp extra/yassl/taocrypt/include/misc.hpp 1.0 05/04/28 18:23:15 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/misc.hpp extra/yassl/taocrypt/include/md5.hpp 1.0 05/04/28 18:23:15 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/md5.hpp extra/yassl/taocrypt/include/md2.hpp 1.0 05/04/28 18:23:15 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/md2.hpp extra/yassl/taocrypt/include/integer.hpp 1.0 05/04/28 18:23:15 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/integer.hpp extra/yassl/taocrypt/include/hmac.hpp 1.1 05/04/28 18:23:14 svoj@stripped +128 -0 extra/yassl/taocrypt/include/hash.hpp 1.1 05/04/28 18:23:14 svoj@stripped +73 -0 extra/yassl/taocrypt/include/file.hpp 1.1 05/04/28 18:23:14 svoj@stripped +124 -0 extra/yassl/taocrypt/include/error.hpp 1.1 05/04/28 18:23:14 svoj@stripped +86 -0 extra/yassl/taocrypt/include/dsa.hpp 1.1 05/04/28 18:23:14 svoj@stripped +129 -0 extra/yassl/taocrypt/include/hmac.hpp 1.0 05/04/28 18:23:14 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/hmac.hpp extra/yassl/taocrypt/include/hash.hpp 1.0 05/04/28 18:23:14 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/hash.hpp extra/yassl/taocrypt/include/file.hpp 1.0 05/04/28 18:23:14 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/file.hpp extra/yassl/taocrypt/include/error.hpp 1.0 05/04/28 18:23:14 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/error.hpp extra/yassl/taocrypt/include/dsa.hpp 1.0 05/04/28 18:23:14 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/dsa.hpp extra/yassl/taocrypt/include/dh.hpp 1.1 05/04/28 18:23:13 svoj@stripped +89 -0 extra/yassl/taocrypt/include/des.hpp 1.1 05/04/28 18:23:13 svoj@stripped +121 -0 extra/yassl/taocrypt/include/coding.hpp 1.1 05/04/28 18:23:13 svoj@stripped +94 -0 extra/yassl/taocrypt/include/block.hpp 1.1 05/04/28 18:23:13 svoj@stripped +211 -0 extra/yassl/taocrypt/include/dh.hpp 1.0 05/04/28 18:23:13 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/dh.hpp extra/yassl/taocrypt/include/des.hpp 1.0 05/04/28 18:23:13 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/des.hpp extra/yassl/taocrypt/include/coding.hpp 1.0 05/04/28 18:23:13 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/coding.hpp extra/yassl/taocrypt/include/block.hpp 1.0 05/04/28 18:23:13 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/block.hpp extra/yassl/taocrypt/include/asn.hpp 1.1 05/04/28 18:23:12 svoj@stripped +327 -0 extra/yassl/taocrypt/include/arc4.hpp 1.1 05/04/28 18:23:12 svoj@stripped +59 -0 extra/yassl/taocrypt/include/algebra.hpp 1.1 05/04/28 18:23:12 svoj@stripped +316 -0 extra/yassl/taocrypt/include/aes.hpp 1.1 05/04/28 18:23:12 svoj@stripped +89 -0 extra/yassl/taocrypt/Makefile.am 1.1 05/04/28 18:23:12 svoj@stripped +2 -0 extra/yassl/taocrypt/include/asn.hpp 1.0 05/04/28 18:23:12 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/asn.hpp extra/yassl/taocrypt/include/arc4.hpp 1.0 05/04/28 18:23:12 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/arc4.hpp extra/yassl/taocrypt/include/algebra.hpp 1.0 05/04/28 18:23:12 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/algebra.hpp extra/yassl/taocrypt/include/aes.hpp 1.0 05/04/28 18:23:12 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/include/aes.hpp extra/yassl/taocrypt/Makefile.am 1.0 05/04/28 18:23:12 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/taocrypt/Makefile.am extra/yassl/src/yassl_int.cpp 1.1 05/04/28 18:23:11 svoj@stripped +1971 -0 extra/yassl/src/yassl_imp.cpp 1.1 05/04/28 18:23:11 svoj@stripped +2093 -0 extra/yassl/src/yassl_error.cpp 1.1 05/04/28 18:23:11 svoj@stripped +53 -0 extra/yassl/src/timer.cpp 1.1 05/04/28 18:23:11 svoj@stripped +82 -0 extra/yassl/src/yassl_int.cpp 1.0 05/04/28 18:23:11 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/yassl_int.cpp extra/yassl/src/yassl_imp.cpp 1.0 05/04/28 18:23:11 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/yassl_imp.cpp extra/yassl/src/yassl_error.cpp 1.0 05/04/28 18:23:11 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/yassl_error.cpp extra/yassl/src/timer.cpp 1.0 05/04/28 18:23:11 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/timer.cpp extra/yassl/src/ssl.cpp 1.1 05/04/28 18:23:10 svoj@stripped +1039 -0 extra/yassl/src/socket_wrapper.cpp 1.1 05/04/28 18:23:10 svoj@stripped +168 -0 extra/yassl/src/log.cpp 1.1 05/04/28 18:23:10 svoj@stripped +148 -0 extra/yassl/src/lock.cpp 1.1 05/04/28 18:23:10 svoj@stripped +90 -0 extra/yassl/src/handshake.cpp 1.1 05/04/28 18:23:10 svoj@stripped +1011 -0 extra/yassl/src/ssl.cpp 1.0 05/04/28 18:23:10 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/ssl.cpp extra/yassl/src/socket_wrapper.cpp 1.0 05/04/28 18:23:10 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/socket_wrapper.cpp extra/yassl/src/log.cpp 1.0 05/04/28 18:23:10 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/log.cpp extra/yassl/src/lock.cpp 1.0 05/04/28 18:23:10 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/lock.cpp extra/yassl/src/handshake.cpp 1.0 05/04/28 18:23:10 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/handshake.cpp extra/yassl/src/crypto_wrapper.cpp 1.1 05/04/28 18:23:09 svoj@stripped +970 -0 extra/yassl/src/cert_wrapper.cpp 1.1 05/04/28 18:23:09 svoj@stripped +318 -0 extra/yassl/src/buffer.cpp 1.1 05/04/28 18:23:09 svoj@stripped +280 -0 extra/yassl/src/Makefile.am 1.1 05/04/28 18:23:09 svoj@stripped +8 -0 extra/yassl/src/crypto_wrapper.cpp 1.0 05/04/28 18:23:09 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/crypto_wrapper.cpp extra/yassl/src/cert_wrapper.cpp 1.0 05/04/28 18:23:09 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/cert_wrapper.cpp extra/yassl/src/buffer.cpp 1.0 05/04/28 18:23:09 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/buffer.cpp extra/yassl/src/Makefile.am 1.0 05/04/28 18:23:09 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/src/Makefile.am extra/yassl/mySTL/vector.hpp 1.1 05/04/28 18:23:08 svoj@stripped +154 -0 extra/yassl/mySTL/stdexcept.hpp 1.1 05/04/28 18:23:08 svoj@stripped +72 -0 extra/yassl/mySTL/pair.hpp 1.1 05/04/28 18:23:08 svoj@stripped +61 -0 extra/yassl/mySTL/memory.hpp 1.1 05/04/28 18:23:08 svoj@stripped +127 -0 extra/yassl/mySTL/list.hpp 1.1 05/04/28 18:23:08 svoj@stripped +374 -0 extra/yassl/mySTL/vector.hpp 1.0 05/04/28 18:23:08 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/mySTL/vector.hpp extra/yassl/mySTL/stdexcept.hpp 1.0 05/04/28 18:23:08 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/mySTL/stdexcept.hpp extra/yassl/mySTL/pair.hpp 1.0 05/04/28 18:23:08 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/mySTL/pair.hpp extra/yassl/mySTL/memory.hpp 1.0 05/04/28 18:23:08 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/mySTL/memory.hpp extra/yassl/mySTL/list.hpp 1.0 05/04/28 18:23:08 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/mySTL/list.hpp extra/yassl/mySTL/helpers.hpp 1.1 05/04/28 18:23:07 svoj@stripped +94 -0 extra/yassl/mySTL/algorithm.hpp 1.1 05/04/28 18:23:07 svoj@stripped +111 -0 extra/yassl/include/yassl_types.hpp 1.1 05/04/28 18:23:07 svoj@stripped +415 -0 extra/yassl/include/yassl_int.hpp 1.1 05/04/28 18:23:07 svoj@stripped +538 -0 extra/yassl/include/yassl_imp.hpp 1.1 05/04/28 18:23:07 svoj@stripped +742 -0 extra/yassl/mySTL/helpers.hpp 1.0 05/04/28 18:23:07 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/mySTL/helpers.hpp extra/yassl/mySTL/algorithm.hpp 1.0 05/04/28 18:23:07 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/mySTL/algorithm.hpp extra/yassl/include/yassl_types.hpp 1.0 05/04/28 18:23:07 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/yassl_types.hpp extra/yassl/include/yassl_int.hpp 1.0 05/04/28 18:23:07 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/yassl_int.hpp extra/yassl/include/yassl_imp.hpp 1.0 05/04/28 18:23:07 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/yassl_imp.hpp extra/yassl/include/yassl_error.hpp 1.1 05/04/28 18:23:06 svoj@stripped +78 -0 extra/yassl/include/timer.hpp 1.1 05/04/28 18:23:06 svoj@stripped +43 -0 extra/yassl/include/socket_wrapper.hpp 1.1 05/04/28 18:23:06 svoj@stripped +95 -0 extra/yassl/include/openssl/ssl.h 1.1 05/04/28 18:23:06 svoj@stripped +400 -0 extra/yassl/include/yassl_error.hpp 1.0 05/04/28 18:23:06 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/yassl_error.hpp extra/yassl/include/timer.hpp 1.0 05/04/28 18:23:06 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/timer.hpp extra/yassl/include/socket_wrapper.hpp 1.0 05/04/28 18:23:06 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/socket_wrapper.hpp extra/yassl/include/openssl/ssl.h 1.0 05/04/28 18:23:06 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/openssl/ssl.h extra/yassl/include/openssl/rsa.h 1.1 05/04/28 18:23:05 svoj@stripped +10 -0 extra/yassl/include/openssl/rand.h 1.1 05/04/28 18:23:05 svoj@stripped +2 -0 extra/yassl/include/openssl/opensslv.h 1.1 05/04/28 18:23:05 svoj@stripped +12 -0 extra/yassl/include/openssl/md5.h 1.1 05/04/28 18:23:05 svoj@stripped +1 -0 extra/yassl/include/openssl/lhash.h 1.1 05/04/28 18:23:05 svoj@stripped +2 -0 extra/yassl/include/openssl/rsa.h 1.0 05/04/28 18:23:05 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/openssl/rsa.h extra/yassl/include/openssl/rand.h 1.0 05/04/28 18:23:05 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/openssl/rand.h extra/yassl/include/openssl/opensslv.h 1.0 05/04/28 18:23:05 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/openssl/opensslv.h extra/yassl/include/openssl/md5.h 1.0 05/04/28 18:23:05 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/openssl/md5.h extra/yassl/include/openssl/lhash.h 1.0 05/04/28 18:23:05 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/openssl/lhash.h extra/yassl/include/openssl/err.h 1.1 05/04/28 18:23:04 svoj@stripped +8 -0 extra/yassl/include/openssl/des.h 1.1 05/04/28 18:23:04 svoj@stripped +1 -0 extra/yassl/include/openssl/crypto.h 1.1 05/04/28 18:23:04 svoj@stripped +13 -0 extra/yassl/include/log.hpp 1.1 05/04/28 18:23:04 svoj@stripped +58 -0 extra/yassl/include/openssl/err.h 1.0 05/04/28 18:23:04 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/openssl/err.h extra/yassl/include/openssl/des.h 1.0 05/04/28 18:23:04 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/openssl/des.h extra/yassl/include/openssl/crypto.h 1.0 05/04/28 18:23:04 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/openssl/crypto.h extra/yassl/include/log.hpp 1.0 05/04/28 18:23:04 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/log.hpp extra/yassl/include/lock.hpp 1.1 05/04/28 18:23:03 svoj@stripped +90 -0 extra/yassl/include/handshake.hpp 1.1 05/04/28 18:23:03 svoj@stripped +72 -0 extra/yassl/include/factory.hpp 1.1 05/04/28 18:23:03 svoj@stripped +106 -0 extra/yassl/include/crypto_wrapper.hpp 1.1 05/04/28 18:23:03 svoj@stripped +418 -0 extra/yassl/include/cert_wrapper.hpp 1.1 05/04/28 18:23:03 svoj@stripped +124 -0 extra/yassl/include/lock.hpp 1.0 05/04/28 18:23:03 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/lock.hpp extra/yassl/include/handshake.hpp 1.0 05/04/28 18:23:03 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/handshake.hpp extra/yassl/include/factory.hpp 1.0 05/04/28 18:23:03 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/factory.hpp extra/yassl/include/crypto_wrapper.hpp 1.0 05/04/28 18:23:03 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/crypto_wrapper.hpp extra/yassl/include/cert_wrapper.hpp 1.0 05/04/28 18:23:03 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/cert_wrapper.hpp extra/yassl/include/buffer.hpp 1.1 05/04/28 18:23:02 svoj@stripped +207 -0 extra/yassl/README 1.1 05/04/28 18:23:02 svoj@stripped +263 -0 extra/yassl/NEWS 1.1 05/04/28 18:23:02 svoj@stripped +0 -0 extra/yassl/Makefile.am 1.1 05/04/28 18:23:02 svoj@stripped +2 -0 extra/yassl/INSTALL 1.1 05/04/28 18:23:02 svoj@stripped +229 -0 extra/yassl/include/buffer.hpp 1.0 05/04/28 18:23:02 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/include/buffer.hpp extra/yassl/README 1.0 05/04/28 18:23:02 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/README extra/yassl/NEWS 1.0 05/04/28 18:23:02 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/NEWS extra/yassl/Makefile.am 1.0 05/04/28 18:23:02 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/Makefile.am extra/yassl/INSTALL 1.0 05/04/28 18:23:02 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/INSTALL extra/yassl/ChangeLog 1.1 05/04/28 18:23:01 svoj@stripped +0 -0 extra/yassl/AUTHORS 1.1 05/04/28 18:23:01 svoj@stripped +0 -0 config/ac-macros/yassl.m4 1.1 05/04/28 18:23:01 svoj@stripped +33 -0 BUILD/compile-pentium-debug-yassl 1.1 05/04/28 18:23:01 svoj@stripped +13 -0 include/violite.h 1.42 05/04/28 18:23:01 svoj@stripped +1 -0 YASSL_MYSQL_COMPATIBLE macro must be defined to make yassl headers compatible. extra/yassl/ChangeLog 1.0 05/04/28 18:23:01 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/ChangeLog extra/yassl/AUTHORS 1.0 05/04/28 18:23:01 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/extra/yassl/AUTHORS extra/Makefile.am 1.24 05/04/28 18:23:01 svoj@stripped +1 -0 yaSSL added to distribution. config/ac-macros/yassl.m4 1.0 05/04/28 18:23:01 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/config/ac-macros/yassl.m4 BUILD/compile-pentium-debug-yassl 1.0 05/04/28 18:23:01 svoj@stripped +0 -0 BitKeeper file /home/svoj/devel/mysql/yassl-mysql-5.0/BUILD/compile-pentium-debug-yassl configure.in 1.278 05/04/28 18:23:00 svoj@stripped +2 -0 yaSSL CHECK-function call. Makefile.am 1.67 05/04/28 18:23:00 svoj@stripped +1 -1 Added yassl_dir to SUBDIRS. It contains path to yassl distribution if --with-yassl specified. It is empty otherwise. BUILD/Makefile.am 1.6 05/04/28 18:23:00 svoj@stripped +1 -0 compile-pentium-debug-yassl added to distribution. # This is a BitKeeper patch. What follows are the unified diffs for the # set of deltas contained in the patch. The rest of the patch, the part # that BitKeeper cares about, is below these diffs. # User: svoj # Host: svoj.pils.ru # Root: /home/svoj/devel/mysql/yassl-mysql-5.0 --- 1.66/Makefile.am 2005-03-17 04:22:48 +04:00 +++ 1.67/Makefile.am 2005-04-28 18:23:00 +05:00 @@ -20,7 +20,7 @@ # These are built from source in the Docs directory EXTRA_DIST = INSTALL-SOURCE README COPYING EXCEPTIONS-CLIENT -SUBDIRS = . include @docs_dirs@ @zlib_dir@ \ +SUBDIRS = . include @docs_dirs@ @zlib_dir@ @yassl_dir@ \ @readline_topdir@ sql-common \ @thread_dirs@ pstack \ @sql_union_dirs@ scripts man tests \ --- 1.277/configure.in 2005-03-30 00:06:19 +05:00 +++ 1.278/configure.in 2005-04-28 18:23:00 +05:00 @@ -48,6 +48,7 @@ sinclude(config/ac-macros/misc.m4) sinclude(config/ac-macros/openssl.m4) sinclude(config/ac-macros/readline.m4) +sinclude(config/ac-macros/yassl.m4) sinclude(config/ac-macros/zlib.m4) # Remember to add a directory sql/share/LANGUAGE @@ -2226,6 +2227,7 @@ #MYSQL_CHECK_CPU MYSQL_CHECK_VIO MYSQL_CHECK_OPENSSL +MYSQL_CHECK_YASSL libmysqld_dirs= if test "$with_embedded_server" = "yes" --- 1.23/extra/Makefile.am 2005-03-17 04:22:48 +04:00 +++ 1.24/extra/Makefile.am 2005-04-28 18:23:01 +05:00 @@ -24,6 +24,7 @@ $(top_builddir)/include/mysqld_ername.h pkginclude_HEADERS= $(BUILT_SOURCES) CLEANFILES = $(BUILT_SOURCES) +DIST_SUBDIRS= yassl # This will build mysqld_error.h and sql_state.h $(top_builddir)/include/mysqld_error.h: comp_err --- 1.41/include/violite.h 2005-03-30 17:51:38 +05:00 +++ 1.42/include/violite.h 2005-04-28 18:23:01 +05:00 @@ -99,6 +99,7 @@ #endif #define HEADER_DES_LOCL_H dummy_something +#define YASSL_MYSQL_COMPATIBLE #include <openssl/ssl.h> #include <openssl/err.h> --- 1.5/BUILD/Makefile.am 2004-07-24 11:02:55 +05:00 +++ 1.6/BUILD/Makefile.am 2005-04-28 18:23:00 +05:00 @@ -29,6 +29,7 @@ compile-pentium-debug-max \ compile-pentium-debug-no-bdb \ compile-pentium-debug-openssl \ + compile-pentium-debug-yassl \ compile-pentium-gcov \ compile-pentium-gprof \ compile-pentium-max \ --- New file --- +++ BUILD/compile-pentium-debug-yassl 05/04/28 18:23:01 #! /bin/sh path=`dirname $0` . "$path/SETUP.sh" extra_flags="$pentium_cflags $debug_cflags" c_warnings="$c_warnings $debug_extra_warnings" cxx_warnings="$cxx_warnings $debug_extra_warnings" extra_configs="$pentium_configs $debug_configs" extra_configs="$extra_configs --with-debug=full --with-yassl" . "$path/FINISH.sh" --- New file --- +++ config/ac-macros/yassl.m4 05/04/28 18:23:01 AC_CONFIG_FILES(extra/yassl/Makefile dnl extra/yassl/taocrypt/Makefile dnl extra/yassl/taocrypt/src/Makefile dnl extra/yassl/src/Makefile) AC_DEFUN([MYSQL_CHECK_YASSL], [ AC_MSG_CHECKING(for yaSSL) AC_ARG_WITH([yassl], [ --with-yassl Include the yaSSL support], [yassl=yes], [yassl=no]) if test "$yassl" = "yes" then if test "$openssl" != "no" then AC_MSG_ERROR([Cannot configure MySQL to use yaSSL and OpenSSL simultaneously.]) fi AC_MSG_RESULT([using bundled yaSSL]) yassl_dir="extra/yassl" openssl_libs="\ \$(top_builddir)/extra/yassl/src/libyassl.a\ \$(top_builddir)/extra/yassl/taocrypt/src/libtaocrypt.a" openssl_includes="-I\$(top_srcdir)/extra/yassl/include" AC_DEFINE([HAVE_OPENSSL], [1], [Defined by configure. Using yaSSL for OpenSSL emulation.]) else yassl_dir="" AC_MSG_RESULT(no) fi AC_SUBST(openssl_libs) AC_SUBST(openssl_includes) AC_SUBST(yassl_dir) ]) --- New file --- +++ extra/yassl/AUTHORS 05/04/28 18:23:01 --- New file --- +++ extra/yassl/ChangeLog 05/04/28 18:23:01 --- New file --- +++ extra/yassl/INSTALL 05/04/28 18:23:02 Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002 Free Software Foundation, Inc. This file is free documentation; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. Basic Installation ================== These are generic installation instructions. The `configure' shell script attempts to guess correct values for various system-dependent variables used during compilation. It uses those values to create a `Makefile' in each directory of the package. It may also create one or more `.h' files containing system-dependent definitions. Finally, it creates a shell script `config.status' that you can run in the future to recreate the current configuration, and a file `config.log' containing compiler output (useful mainly for debugging `configure'). It can also use an optional file (typically called `config.cache' and enabled with `--cache-file=config.cache' or simply `-C') that saves the results of its tests to speed up reconfiguring. (Caching is disabled by default to prevent problems with accidental use of stale cache files.) If you need to do unusual things to compile the package, please try to figure out how `configure' could check whether to do them, and mail diffs or instructions to the address given in the `README' so they can be considered for the next release. If you are using the cache, and at some point `config.cache' contains results you don't want to keep, you may remove or edit it. The file `configure.ac' (or `configure.in') is used to create `configure' by a program called `autoconf'. You only need `configure.ac' if you want to change it or regenerate `configure' using a newer version of `autoconf'. The simplest way to compile this package is: 1. `cd' to the directory containing the package's source code and type `./configure' to configure the package for your system. If you're using `csh' on an old version of System V, you might need to type `sh ./configure' instead to prevent `csh' from trying to execute `configure' itself. Running `configure' takes awhile. While running, it prints some messages telling which features it is checking for. 2. Type `make' to compile the package. 3. Optionally, type `make check' to run any self-tests that come with the package. 4. Type `make install' to install the programs and any data files and documentation. 5. You can remove the program binaries and object files from the source code directory by typing `make clean'. To also remove the files that `configure' created (so you can compile the package for a different kind of computer), type `make distclean'. There is also a `make maintainer-clean' target, but that is intended mainly for the package's developers. If you use it, you may have to get all sorts of other programs in order to regenerate files that came with the distribution. Compilers and Options ===================== Some systems require unusual options for compilation or linking that the `configure' script does not know about. Run `./configure --help' for details on some of the pertinent environment variables. You can give `configure' initial values for configuration parameters by setting variables in the command line or in the environment. Here is an example: ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix *Note Defining Variables::, for more details. Compiling For Multiple Architectures ==================================== You can compile the package for more than one kind of computer at the same time, by placing the object files for each architecture in their own directory. To do this, you must use a version of `make' that supports the `VPATH' variable, such as GNU `make'. `cd' to the directory where you want the object files and executables to go and run the `configure' script. `configure' automatically checks for the source code in the directory that `configure' is in and in `..'. If you have to use a `make' that does not support the `VPATH' variable, you have to compile the package for one architecture at a time in the source code directory. After you have installed the package for one architecture, use `make distclean' before reconfiguring for another architecture. Installation Names ================== By default, `make install' will install the package's files in `/usr/local/bin', `/usr/local/man', etc. You can specify an installation prefix other than `/usr/local' by giving `configure' the option `--prefix=PATH'. You can specify separate installation prefixes for architecture-specific files and architecture-independent files. If you give `configure' the option `--exec-prefix=PATH', the package will use PATH as the prefix for installing programs and libraries. Documentation and other data files will still use the regular prefix. In addition, if you use an unusual directory layout you can give options like `--bindir=PATH' to specify different values for particular kinds of files. Run `configure --help' for a list of the directories you can set and what kinds of files go in them. If the package supports it, you can cause programs to be installed with an extra prefix or suffix on their names by giving `configure' the option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. Optional Features ================= Some packages pay attention to `--enable-FEATURE' options to `configure', where FEATURE indicates an optional part of the package. They may also pay attention to `--with-PACKAGE' options, where PACKAGE is something like `gnu-as' or `x' (for the X Window System). The `README' should mention any `--enable-' and `--with-' options that the package recognizes. For packages that use the X Window System, `configure' can usually find the X include and library files automatically, but if it doesn't, you can use the `configure' options `--x-includes=DIR' and `--x-libraries=DIR' to specify their locations. Specifying the System Type ========================== There may be some features `configure' cannot figure out automatically, but needs to determine by the type of machine the package will run on. Usually, assuming the package is built to be run on the _same_ architectures, `configure' can figure that out, but if it prints a message saying it cannot guess the machine type, give it the `--build=TYPE' option. TYPE can either be a short name for the system type, such as `sun4', or a canonical name which has the form: CPU-COMPANY-SYSTEM where SYSTEM can have one of these forms: OS KERNEL-OS See the file `config.sub' for the possible values of each field. If `config.sub' isn't included in this package, then this package doesn't need to know the machine type. If you are _building_ compiler tools for cross-compiling, you should use the `--target=TYPE' option to select the type of system they will produce code for. If you want to _use_ a cross compiler, that generates code for a platform different from the build platform, you should specify the "host" platform (i.e., that on which the generated programs will eventually be run) with `--host=TYPE'. Sharing Defaults ================ If you want to set default values for `configure' scripts to share, you can create a site shell script called `config.site' that gives default values for variables like `CC', `cache_file', and `prefix'. `configure' looks for `PREFIX/share/config.site' if it exists, then `PREFIX/etc/config.site' if it exists. Or, you can set the `CONFIG_SITE' environment variable to the location of the site script. A warning: not all `configure' scripts look for a site script. Defining Variables ================== Variables not defined in a site shell script can be set in the environment passed to `configure'. However, some packages may run configure again during the build, and the customized values of these variables may be lost. In order to avoid this problem, you should set them in the `configure' command line, using `VAR=value'. For example: ./configure CC=/usr/local2/bin/gcc will cause the specified gcc to be used as the C compiler (unless it is overridden in the site shell script). `configure' Invocation ====================== `configure' recognizes the following options to control how it operates. `--help' `-h' Print a summary of the options to `configure', and exit. `--version' `-V' Print the version of Autoconf used to generate the `configure' script, and exit. `--cache-file=FILE' Enable the cache: use and save the results of the tests in FILE, traditionally `config.cache'. FILE defaults to `/dev/null' to disable caching. `--config-cache' `-C' Alias for `--cache-file=config.cache'. `--quiet' `--silent' `-q' Do not print messages saying which checks are being made. To suppress all normal output, redirect it to `/dev/null' (any error messages will still be shown). `--srcdir=DIR' Look for the package's source code in directory DIR. Usually `configure' can determine that directory automatically. `configure' also accepts some other, not widely useful, options. Run `configure --help' for more details. --- New file --- +++ extra/yassl/Makefile.am 05/04/28 18:23:02 SUBDIRS = taocrypt src EXTRA_DIST = yassl.dsp yassl.dsw mySTL/*.hpp --- New file --- +++ extra/yassl/NEWS 05/04/28 18:23:02 --- New file --- +++ extra/yassl/README 05/04/28 18:23:02 yaSSL Release notes, version 0.9.6 This release of yaSSL contains minor bug fixes, removal of STL support, and removal of exceptions and rtti so that the library can be linked without the std c++ library. --To build on Linux, Solaris, FreeBSD, Mac OS X, or Cygwin ./configure make run testsuite from yaSSL-Home/testsuite to test the build --To build on Win32 Choose (Re)Build All from the project workspace run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build ******************yaSSL Release notes, version 0.9.2 This release of yaSSL contains minor bug fixes, expanded certificate verification and chaining, and improved documentation. Please see build instructions in release notes 0.3.0. ******************yaSSL Release notes, version 0.9.0 This release of yaSSL contains minor bug fixes, client verification handling, hex and base64 encoing/decoding, and an improved test suite. Please see build instructions in release notes 0.3.0. ******************yaSSL Release notes, version 0.8.0 This release of yaSSL contains minor bug fixes, and initial porting effort to 64bit, BigEndian, and more UNIX systems. Please see build instructions in release notes 0.3.0. ******************yaSSL Release notes, version 0.6.0 This release of yaSSL contains minor bug fixes, source cleanup, and binary beta (1) of the yaSSL libraries. Please see build instructions in release notes 0.3.0. ******************yaSSL Release notes, version 0.5.0 This release of yaSSL contains minor bug fixes, full session resumption support, and initial testing suite support. Please see build instructions in release notes 0.3.0. ******************yaSSL Release notes, version 0.4.0 This release of yaSSL contains minor bug fixes, an optional memory tracker, an echo client and server with input/output redirection for load testing, and initial session caching support. Please see build instructions in release notes 0.3.0. ******************yaSSL Release notes, version 0.3.5 This release of yaSSL contains minor bug fixes and extensions to the crypto library including a full test suite. *******************yaSSL Release notes, version 0.3.0 This release of yaSSL contains minor bug fixes and extensions to the crypto library including AES and an improved random number generator. GNU autoconf and automake are now used to simplify the build process on Linux. *** Linux Build process ./configure make *** Windows Build process open the yassl workspace and build the project *******************yaSSL Release notes, version 0.2.9 This release of yaSSL contains minor bug fixes and extensions to the crypto library. See the notes at the bottom of this page for build instructions. *******************yaSSL Release notes, version 0.2.5 This release of yaSSL contains minor bug fixes and a beta binary of the yaSSL libraries for win32 and linux. See the notes at the bottom of this page for build instructions. *******************yaSSL Release notes, version 0.2.0 This release of yaSSL contains minor bug fixes and initial alternate crypto functionality. *** Complete Build *** See the notes in Readme.txt for build instructions. *** Update Build *** If you have already done a complete build of yaSSL as described in the release 0.0.1 - 0.1.0 notes and downloaded the update to 0.2.0, place the update file yassl-update-0.2.0.tar.gz in the yaSSL home directory and issue the command: gzip -cd yassl-update-0.2.0.tar.gz | tar xvf - to update the previous release. Then issue the make command on linux or rebuild the yaSSL project on Windows. *******************yaSSL Release notes, version 0.1.0 This release of yaSSL contains minor bug fixes, full client and server TLSv1 support including full ephemeral Diffie-Hellman support, SSL type RSA and DSS signing and verification, and initial stunnel 4.05 build support. *********************yaSSL Release notes, version 0.0.3 The third release of yaSSL contains minor bug fixes, client certificate enhancements, and initial ephemeral Diffie-Hellman integration: ********************* yaSSL Release notes, version 0.0.2 The second release of yaSSL contains minor bug fixes, client certificate enhancements, session resumption, and improved TLS support including: - HMAC for MD5 and SHA-1 - PRF (pseudo random function) - Master Secret and Key derivation routines - Record Authentication codes - Finish verify data check Once ephemeral RSA and DH are added yaSSL will be fully complaint with TLS. ********************** yassl Release notes, version 0.0.1 The first release of yassl supports normal RSA mode SSLv3 connections with support for SHA-1 and MD5 digests. Ciphers include DES, 3DES, and RC4. yassl uses the CryptoPP library for cryptography, the source is available at www.cryptopp.com . yassl uses CML (the Certificate Management Library) for x509 support. More features will be in future versions. The CML source is available for download from www.digitalnet.com/knowledge/cml_home.htm . The next release of yassl will support the 3 lesser-used SSL connection modes; HandShake resumption, Ephemeral RSA (or DH), and Client Authentication as well as full support for TLS. Backwards support for SSLv2 is not planned at this time. ********************** Building yassl on linux: use the ./buildall script to build everything. buildall will configure and build CML, CryptoPP, and yassl. Testing was preformed with gcc version 3.3.2 on kernel 2.4.22. ********************** Building yassl on Windows: Testing was preformed on Windows 2000 with Visual C++ 6 sp5. 1) decompress esnacc_r16.tgz in place, see buildall for syntax if unsure 2) decompress smp_r23.tgz in place 3) unzip cryptopp51/crypto51.zip in place 4) Build SNACC (part of CML) using snacc_builds.dsw in the SNACC directory 5) Build SMP (part of CMP) using smp.dsw in the smp directory 6) Build yassl using yassl.dsw ********************** examples, server and client: Please see the server and client examples in both versions to see how to link to yassl and the support libraries. On linux do 'make server' and 'make client' to build them. On Windows you will find the example projects in the main workspace, yassl.dsw. The example server and client are compatible with openssl. ********************** Building yassl into mysql on linux: Testing was done using mysql version 4.0.17. alter openssl_libs in the configure file, line 21056. Change '-lssl -lcrypto' to '-lyassl -lcryptopp -lcmapi -lcmlasn -lctil -lc++asn1'. see build/config_command for the configure command used to configure mysql please change /home/touska/ to the relevant directory of course. add yassl/lib to the LD_LIBRARY_PATH because libmysql/conf_to_src does not use the ssl lib directory though it does use the ssl libraries. make make install ********************* License: yassl is currently under the GPL, please see license information in the source and include files. ********************* Contact: please send comments or questions to Todd A Ouska at todd@stripped and/or Larry Stefonic at larry@stripped or 425-741-6858. --- New file --- +++ extra/yassl/include/buffer.hpp 05/04/28 18:23:02 /* buffer.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* yaSSL buffer header defines input and output buffers to simulate streaming * with SSL types and sockets */ #ifndef yaSSL_BUFFER_HPP #define yaSSL_BUFFER_HPP #include <cassert> // assert #include "yassl_error.hpp" // Error #include "memory.hpp" // mySTL::auto_ptr #include "algorithm.hpp" // mySTL::swap #ifdef _MSC_VER // disable truncated debug symbols #pragma warning(disable:4786) #endif namespace yaSSL { typedef unsigned char byte; typedef unsigned int uint; const uint AUTO = 0xFEEDBEEF; // Checking Policy should implement a check function that tests whether the // index is within the size limit of the array struct Check { void check(uint i, uint limit); }; struct NoCheck { void check(uint, uint); }; /* input_buffer operates like a smart c style array with a checking option, * meant to be read from through [] with AUTO index or read(). * Should only write to at/near construction with assign() or raw (e.g., recv) * followed by add_size with the number of elements added by raw write. * * Not using vector because need checked []access, offset, and the ability to * write to the buffer bulk wise and have the correct size */ class input_buffer : public Check { uint size_; // number of elements in buffer uint current_; // current offset position in buffer byte* buffer_; // storage for buffer byte* end_; // end of storage marker public: input_buffer(); explicit input_buffer(uint s); // with assign input_buffer(uint s, const byte* t, uint len); ~input_buffer(); // users can pass defualt zero length buffer and then allocate void allocate(uint s); // for passing to raw writing functions at beginning, then use add_size byte* get_buffer() const; // after a raw write user can set new size // if you know the size before the write use assign() void add_size(uint i); uint get_capacity() const; uint get_current() const; uint get_size() const; uint get_remaining() const; void set_current(uint i); // read only access through [], advance current // user passes in AUTO index for ease of use const byte& operator[](uint i); // end of input test bool eof(); // peek ahead byte peek() const; // write function, should use at/near construction void assign(const byte* t, uint s); // use read to query input, adjusts current void read(byte* dst, uint length); private: input_buffer(const input_buffer&); // hide copy input_buffer& operator=(const input_buffer&); // and assign }; /* output_buffer operates like a smart c style array with a checking option. * Meant to be written to through [] with AUTO index or write(). * Size (current) counter increases when written to. Can be constructed with * zero length buffer but be sure to allocate before first use. * Don't use add write for a couple bytes, use [] instead, way less overhead. * * Not using vector because need checked []access and the ability to * write to the buffer bulk wise and retain correct size */ class output_buffer : public Check { uint current_; // current offset and elements in buffer byte* buffer_; // storage for buffer byte* end_; // end of storage marker public: // default output_buffer(); // with allocate explicit output_buffer(uint s); // with assign output_buffer(uint s, const byte* t, uint len); ~output_buffer(); uint get_size() const; uint get_capacity() const; void set_current(uint c); // users can pass defualt zero length buffer and then allocate void allocate(uint s); // for passing to reading functions when finished const byte* get_buffer() const; // allow write access through [], update current // user passes in AUTO as index for ease of use byte& operator[](uint i); // end of output test bool eof(); void write(const byte* t, uint s); private: output_buffer(const output_buffer&); // hide copy output_buffer& operator=(const output_buffer&); // and assign }; // turn delete an incomplete type into comipler error instead of warning template <typename T> inline void checked_delete(T* p) { typedef char complete_type[sizeof(T) ? 1 : -1]; (void)sizeof(complete_type); delete p; } // checked delete functor increases effeciency, no indirection on function call // sets pointer to zero so safe for std conatiners struct del_ptr_zero { template <typename T> void operator()(T*& p) const { T* tmp = 0; mySTL::swap(tmp, p); checked_delete(tmp); } }; } // naemspace #endif // yaSSL_BUUFER_HPP --- New file --- +++ extra/yassl/include/cert_wrapper.hpp 05/04/28 18:23:03 /* cert_wrapper.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* The certificate wrapper header defines certificate management functions * */ #ifndef yaSSL_CERT_WRAPPER_HPP #define yaSSL_CERT_WRAPPER_HPP #ifdef _MSC_VER // disable truncated debug symbols #pragma warning(disable:4786) #endif #include "yassl_types.hpp" // SignatureAlgorithm #include "buffer.hpp" // input_buffer #include "asn.hpp" // SignerList #include "list.hpp" // mySTL::list #include "algorithm.hpp" // mySTL::for_each namespace yaSSL { typedef unsigned char opaque; class X509; // forward openSSL type using TaoCrypt::SignerList; // an x509 version 3 certificate class x509 { uint length_; opaque* buffer_; public: explicit x509(uint sz); ~x509(); uint get_length() const; const opaque* get_buffer() const; opaque* use_buffer(); x509(const x509&); x509& operator=(const x509&); private: void Swap(x509&); }; // Certificate Manager keeps a list of the cert chain and public key class CertManager { typedef mySTL::list<x509*> CertList; CertList list_; // self input_buffer privateKey_; CertList peerList_; // peer input_buffer peerPublicKey_; X509* peerX509_; // peer's openSSL X509 SignatureAlgorithm keyType_; // self key type SignatureAlgorithm peerKeyType_; // peer's key type SignerList signers_; // decoded CA keys and names // plus verified chained certs bool verifyPeer_; bool failNoCert_; bool sendVerify_; public: CertManager(); ~CertManager(); void AddPeerCert(x509* x); // take ownership void CopySelfCert(const x509* x); int CopyCaCert(const x509* x); int Validate(); int SetPrivateKey(const x509&); const x509* get_cert() const; const opaque* get_peerKey() const; const opaque* get_privateKey() const; X509* get_peerX509() const; SignatureAlgorithm get_keyType() const; SignatureAlgorithm get_peerKeyType() const; uint get_peerKeyLength() const; uint get_privateKeyLength() const; bool verifyPeer() const; bool failNoCert() const; bool sendVerify() const; void setVerifyPeer(); void setFailNoCert(); void setSendVerify(); private: CertManager(const CertManager&); // hide copy CertManager& operator=(const CertManager&); // and assign }; } // naemspace #endif // yaSSL_CERT_WRAPPER_HPP --- New file --- +++ extra/yassl/include/crypto_wrapper.hpp 05/04/28 18:23:03 /* crypto_wrapper.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* The crypto wrapper header is used to define policies for the cipher * components used by SSL. There are 3 policies to consider: * * 1) MAC, the Message Authentication Code used for each Message * 2) Bulk Cipher, the Cipher used to encrypt/decrypt each Message * 3) Atuhentication, the Digitial Signing/Verifiaction scheme used * * This header doesn't rely on a specific crypto libraries internals, * only the implementation should. */ #ifndef yaSSL_CRYPTO_WRAPPER_HPP #define yaSSL_CRYPTO_WRAPPER_HPP #include "yassl_types.hpp" namespace yaSSL { // Digest policy should implement a get_digest, update, and get sizes for pad and // digest struct Digest { virtual void get_digest(byte*) = 0; virtual void get_digest(byte*, const byte*, unsigned int) = 0; virtual void update(const byte*, unsigned int) = 0; virtual uint get_digestSize() const = 0; virtual uint get_padSize() const = 0; virtual ~Digest() {} }; // For use with NULL Digests struct NO_MAC : public Digest { void get_digest(byte*); void get_digest(byte*, const byte*, unsigned int); void update(const byte*, unsigned int); uint get_digestSize() const; uint get_padSize() const; }; // MD5 Digest class MD5 : public Digest { public: void get_digest(byte*); void get_digest(byte*, const byte*, unsigned int); void update(const byte*, unsigned int); uint get_digestSize() const; uint get_padSize() const; MD5(); ~MD5(); MD5(const MD5&); MD5& operator=(const MD5&); private: struct MD5Impl; MD5Impl* pimpl_; }; // SHA-1 Digest class SHA : public Digest { public: void get_digest(byte*); void get_digest(byte*, const byte*, unsigned int); void update(const byte*, unsigned int); uint get_digestSize() const; uint get_padSize() const; SHA(); ~SHA(); SHA(const SHA&); SHA& operator=(const SHA&); private: struct SHAImpl; SHAImpl* pimpl_; }; // RIPEMD-160 Digest class RMD : public Digest { public: void get_digest(byte*); void get_digest(byte*, const byte*, unsigned int); void update(const byte*, unsigned int); uint get_digestSize() const; uint get_padSize() const; RMD(); ~RMD(); RMD(const RMD&); RMD& operator=(const RMD&); private: struct RMDImpl; RMDImpl* pimpl_; }; // HMAC_MD5 class HMAC_MD5 : public Digest { public: void get_digest(byte*); void get_digest(byte*, const byte*, unsigned int); void update(const byte*, unsigned int); uint get_digestSize() const; uint get_padSize() const; HMAC_MD5(const byte*, unsigned int); ~HMAC_MD5(); private: struct HMAC_MD5Impl; HMAC_MD5Impl* pimpl_; HMAC_MD5(const HMAC_MD5&); HMAC_MD5& operator=(const HMAC_MD5&); }; // HMAC_SHA-1 class HMAC_SHA : public Digest { public: void get_digest(byte*); void get_digest(byte*, const byte*, unsigned int); void update(const byte*, unsigned int); uint get_digestSize() const; uint get_padSize() const; HMAC_SHA(const byte*, unsigned int); ~HMAC_SHA(); private: struct HMAC_SHAImpl; HMAC_SHAImpl* pimpl_; HMAC_SHA(const HMAC_SHA&); HMAC_SHA& operator=(const HMAC_SHA&); }; // HMAC_RMD class HMAC_RMD : public Digest { public: void get_digest(byte*); void get_digest(byte*, const byte*, unsigned int); void update(const byte*, unsigned int); uint get_digestSize() const; uint get_padSize() const; HMAC_RMD(const byte*, unsigned int); ~HMAC_RMD(); private: struct HMAC_RMDImpl; HMAC_RMDImpl* pimpl_; HMAC_RMD(const HMAC_RMD&); HMAC_RMD& operator=(const HMAC_RMD&); }; // BulkCipher policy should implement encrypt, decrypt, get block size, // and set keys for encrypt and decrypt struct BulkCipher { virtual void encrypt(byte*, const byte*, unsigned int) = 0; virtual void decrypt(byte*, const byte*, unsigned int) = 0; virtual void set_encryptKey(const byte*, const byte* = 0) = 0; virtual void set_decryptKey(const byte*, const byte* = 0) = 0; virtual uint get_blockSize() const = 0; virtual int get_keySize() const = 0; virtual int get_ivSize() const = 0; virtual ~BulkCipher() {} }; // For use with NULL Ciphers struct NO_Cipher : public BulkCipher { void encrypt(byte*, const byte*, unsigned int) {} void decrypt(byte*, const byte*, unsigned int) {} void set_encryptKey(const byte*, const byte*) {} void set_decryptKey(const byte*, const byte*) {} uint get_blockSize() const { return 0; } int get_keySize() const { return 0; } int get_ivSize() const { return 0; } }; // SSLv3 and TLSv1 always use DES in CBC mode so IV is required class DES : public BulkCipher { public: void encrypt(byte*, const byte*, unsigned int); void decrypt(byte*, const byte*, unsigned int); void set_encryptKey(const byte*, const byte*); void set_decryptKey(const byte*, const byte*); uint get_blockSize() const { return DES_BLOCK; } int get_keySize() const { return DES_KEY_SZ; } int get_ivSize() const { return DES_IV_SZ; } DES(); ~DES(); private: struct DESImpl; DESImpl* pimpl_; DES(const DES&); // hide copy DES& operator=(const DES&); // & assign }; // 3DES Encrypt-Decrypt-Encrypt in CBC mode class DES_EDE : public BulkCipher { public: void encrypt(byte*, const byte*, unsigned int); void decrypt(byte*, const byte*, unsigned int); void set_encryptKey(const byte*, const byte*); void set_decryptKey(const byte*, const byte*); uint get_blockSize() const { return DES_BLOCK; } int get_keySize() const { return DES_EDE_KEY_SZ; } int get_ivSize() const { return DES_IV_SZ; } DES_EDE(); ~DES_EDE(); private: struct DES_EDEImpl; DES_EDEImpl* pimpl_; DES_EDE(const DES_EDE&); // hide copy DES_EDE& operator=(const DES_EDE&); // & assign }; // Alledged RC4 class RC4 : public BulkCipher { public: void encrypt(byte*, const byte*, unsigned int); void decrypt(byte*, const byte*, unsigned int); void set_encryptKey(const byte*, const byte*); void set_decryptKey(const byte*, const byte*); uint get_blockSize() const { return 0; } int get_keySize() const { return RC4_KEY_SZ; } int get_ivSize() const { return 0; } RC4(); ~RC4(); private: struct RC4Impl; RC4Impl* pimpl_; RC4(const RC4&); // hide copy RC4& operator=(const RC4&); // & assign }; // AES class AES : public BulkCipher { public: void encrypt(byte*, const byte*, unsigned int); void decrypt(byte*, const byte*, unsigned int); void set_encryptKey(const byte*, const byte*); void set_decryptKey(const byte*, const byte*); uint get_blockSize() const { return AES_BLOCK_SZ; } int get_keySize() const; int get_ivSize() const { return AES_IV_SZ; } explicit AES(unsigned int = AES_128_KEY_SZ); ~AES(); private: struct AESImpl; AESImpl* pimpl_; AES(const AES&); // hide copy AES& operator=(const AES&); // & assign }; // Random number generator class RandomPool { public: void Fill(opaque* dst, uint sz) const; RandomPool(); ~RandomPool(); int GetError() const; friend class RSA; friend class DSS; friend class DiffieHellman; private: struct RandomImpl; RandomImpl* pimpl_; RandomPool(const RandomPool&); // hide copy RandomPool& operator=(const RandomPool&); // & assign }; // Authentication policy should implement sign, and verify struct Auth { virtual void sign(byte*, const byte*, unsigned int, const RandomPool&) = 0; virtual bool verify(const byte*, unsigned int, const byte*, unsigned int) = 0; virtual uint get_signatureLength() const = 0; virtual ~Auth() {} }; // For use with NULL Authentication schemes struct NO_Auth : public Auth { void sign(byte*, const byte*, unsigned int, const RandomPool&) {} bool verify(const byte*, unsigned int, const byte*, unsigned int) { return true; } }; // Digitial Signature Standard scheme class DSS : public Auth { public: void sign(byte*, const byte*, unsigned int, const RandomPool&); bool verify(const byte*, unsigned int, const byte*, unsigned int); uint get_signatureLength() const; DSS(const byte*, unsigned int, bool publicKey = true); ~DSS(); private: struct DSSImpl; DSSImpl* pimpl_; DSS(const DSS&); DSS& operator=(const DSS&); }; // RSA Authentication and exchange class RSA : public Auth { public: void sign(byte*, const byte*, unsigned int, const RandomPool&); bool verify(const byte*, unsigned int, const byte*, unsigned int); void encrypt(byte*, const byte*, unsigned int, const RandomPool&); void decrypt(byte*, const byte*, unsigned int, const RandomPool&); uint get_signatureLength() const; uint get_cipherLength() const; RSA(const byte*, unsigned int, bool publicKey = true); ~RSA(); private: struct RSAImpl; RSAImpl* pimpl_; RSA(const RSA&); // hide copy RSA& operator=(const RSA&); // & assing }; class Integer; // Diffie-Hellman agreement // hide for now TODO: figure out a way to give access to C clients p and g args class DiffieHellman { public: DiffieHellman(const byte*, unsigned int, const byte*, unsigned int, const byte*, unsigned int, const RandomPool& random); //DiffieHellman(const char*, const RandomPool&); DiffieHellman(const Integer&, const Integer&, const RandomPool&); ~DiffieHellman(); DiffieHellman(const DiffieHellman&); DiffieHellman& operator=(const DiffieHellman&); uint get_agreedKeyLength() const; const byte* get_agreedKey() const; const byte* get_publicKey() const; void makeAgreement(const byte*); void set_sizes(int&, int&, int&) const; void get_parms(byte*, byte*, byte*) const; private: struct DHImpl; DHImpl* pimpl_; }; // Lagrge Integer class Integer { public: Integer(); ~Integer(); Integer(const Integer&); Integer& operator=(const Integer&); void assign(const byte*, unsigned int); friend class DiffieHellman; private: struct IntegerImpl; IntegerImpl* pimpl_; }; class x509; x509* PemToDer(const char*, CertType); } // naemspace #endif // yaSSL_CRYPTO_WRAPPER_HPP --- New file --- +++ extra/yassl/include/factory.hpp 05/04/28 18:23:03 /* factory.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* The factory header defines an Object Factory, used by SSL message and * handshake types. * * See Desgin Pattern in GoF and Alexandrescu's chapter in Modern C++ Design, * page 208 */ #ifndef yaSSL_FACTORY_HPP #define yaSSL_FACTORY_HPP #include "vector.hpp" #include "pair.hpp" #include "yassl_error.hpp" // VC60 workaround: it doesn't allow typename in some places #if defined(_MSC_VER) && (_MSC_VER < 1300) #define CPP_TYPENAME #else #define CPP_TYPENAME typename #endif namespace yaSSL { // Factory uses its callback map to create objects by id, // returning an abstract base pointer template<class AbstractProduct, typename IdentifierType = int, typename ProductCreator = AbstractProduct* (*)() > class Factory { typedef mySTL::pair<IdentifierType, ProductCreator> CallBack; typedef mySTL::vector<CallBack> CallBackVector; CallBackVector callbacks_; public: // pass function pointer to register all callbacks upon creation explicit Factory(void (*init)(Factory<AbstractProduct, IdentifierType, ProductCreator>&)) { init(*this); } // reservce place in vector before registering, used by init funcion void Reserve(size_t sz) { callbacks_.reserve(sz); } // register callback void Register(const IdentifierType& id, ProductCreator pc) { callbacks_.push_back(mySTL::make_pair(id, pc)); } // THE Creator, returns a new object of the proper type or 0 AbstractProduct* CreateObject(const IdentifierType& id) const { const CallBack* first = callbacks_.begin(); const CallBack* last = callbacks_.end(); while (first != last) { if (first->first == id) break; ++first; } if (first == callbacks_.end()) return 0; return (first->second)(); } private: Factory(const Factory&); // hide copy Factory& operator=(const Factory&); // and assign }; } // naemspace #endif // yaSSL_FACTORY_HPP --- New file --- +++ extra/yassl/include/handshake.hpp 05/04/28 18:23:03 /* handshake.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* The handshake header declares function prototypes for creating and reading * the various handshake messages. */ #ifndef yaSSL_HANDSHAKE_HPP #define yaSSL_HANDSHAKE_HPP #include "yassl_types.hpp" namespace yaSSL { // forward decls class SSL; class Finished; class Data; class Alert; struct Hashes; enum BufferOutput { buffered, unbuffered }; void sendClientHello(SSL&); void sendServerHello(SSL&, BufferOutput = buffered); void sendServerHelloDone(SSL&, BufferOutput = buffered); void sendClientKeyExchange(SSL&, BufferOutput = buffered); void sendServerKeyExchange(SSL&, BufferOutput = buffered); void sendChangeCipher(SSL&, BufferOutput = buffered); void sendFinished(SSL&, ConnectionEnd, BufferOutput = buffered); void sendCertificate(SSL&, BufferOutput = buffered); void sendCertificateRequest(SSL&, BufferOutput = buffered); void sendCertificateVerify(SSL&, BufferOutput = buffered); int sendData(SSL&, const void*, int); int sendAlert(SSL& ssl, const Alert& alert); int receiveData(SSL&, Data&); void processReply(SSL&); void buildFinished(SSL&, Finished&, const opaque*); void build_certHashes(SSL&, Hashes&); void hmac(SSL&, byte*, const byte*, uint, ContentType, bool verify = false); void TLS_hmac(SSL&, byte*, const byte*, uint, ContentType, bool verify = false); void PRF(byte* digest, uint digLen, const byte* secret, uint secLen, const byte* label, uint labLen, const byte* seed, uint seedLen); } // naemspace #endif // yaSSL_HANDSHAKE_HPP --- New file --- +++ extra/yassl/include/lock.hpp 05/04/28 18:23:03 /* lock.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* lock.hpp provides an os specific Lock, locks mutex on entry and unlocks * automatically upon exit, no-ops provided for Single Threaded */ #ifndef yaSSL_LOCK_HPP #define yaSSL_LOCK_HPP namespace yaSSL { #ifdef MULTI_THREADED #ifdef WIN32 #include <windows.h> class Mutex { CRITICAL_SECTION cs_; public: Mutex(); ~Mutex(); class Lock; friend class Lock; class Lock { Mutex& mutex_; public: explicit Lock(Mutex& lm); ~Lock(); }; }; #else // WIN32 #include <pthread.h> class Mutex { pthread_mutex_t mutex_; public: Mutex(); ~Mutex(); class Lock; friend class Lock; class Lock { Mutex& mutex_; public: explicit Lock(Mutex& lm); ~Lock(); }; }; #endif // WIN32 #else // MULTI_THREADED (WE'RE SINGLE) class Mutex { public: class Lock { public: explicit Lock(Mutex&) {} }; }; #endif // MULTI_THREADED } // namespace #endif // yaSSL_LOCK_HPP --- New file --- +++ extra/yassl/include/log.hpp 05/04/28 18:23:04 /* log.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* yaSSL log interface * */ #ifndef yaSSL_LOG_HPP #define yaSSL_LOG_HPP #include "socket_wrapper.hpp" #ifdef YASSL_LOG #include <cstdio> #endif namespace yaSSL { typedef unsigned int uint; // Debug logger class Log { #ifdef YASSL_LOG FILE* log_; #endif public: explicit Log(const char* str = "yaSSL.log"); ~Log(); void Trace(const char*); void ShowTCP(socket_t, bool ended = false); void ShowData(uint, bool sent = false); }; } // naemspace #endif // yaSSL_LOG_HPP --- New file --- +++ extra/yassl/include/openssl/crypto.h 05/04/28 18:23:04 /* crypto.h for openSSL */ #ifndef ysSSL_crypto_h__ #define yaSSL_crypto_h__ const char* SSLeay_version(int type); #define SSLEAY_VERSION 0x0900L #define SSLEAY_VERSION_NUMBER SSLEAY_VERSION #endif /* yaSSL_crypto_h__ */ --- New file --- +++ extra/yassl/include/openssl/des.h 05/04/28 18:23:04 /* des.h for openssl */ --- New file --- +++ extra/yassl/include/openssl/err.h 05/04/28 18:23:04 /* err.h for openssl */ #ifndef ysSSL_err_h__ #define yaSSL_err_h__ #endif /* yaSSL_err_h__ */ --- New file --- +++ extra/yassl/include/openssl/lhash.h 05/04/28 18:23:05 /* lhash.h for openSSL */ --- New file --- +++ extra/yassl/include/openssl/md5.h 05/04/28 18:23:05 /* md5.h for openssl */ --- New file --- +++ extra/yassl/include/openssl/opensslv.h 05/04/28 18:23:05 /* opensslv.h compatibility */ #ifndef yaSSL_opensslv_h__ #define yaSSL_opensslv_h__ /* api version compatibility */ #define OPENSSL_VERSION_NUMBER 0x0090700f #endif /* yaSSLopensslv_h__ */ --- New file --- +++ extra/yassl/include/openssl/rand.h 05/04/28 18:23:05 /* rand.h for openSSL */ --- New file --- +++ extra/yassl/include/openssl/rsa.h 05/04/28 18:23:05 /* rsa.h for openSSL */ #ifndef ysSSL_rsa_h__ #define yaSSL_rsa_h__ enum { RSA_F4 = 1 }; #endif /* yaSSL_rsa_h__ */ --- New file --- +++ extra/yassl/include/openssl/ssl.h 05/04/28 18:23:06 /* ssl.h * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* ssl.h defines openssl compatibility layer * */ #ifndef ysSSL_openssl_h__ #define yaSSL_openssl_h__ #include <stdio.h> /* ERR_print fp */ #include "rsa.h" #if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE) namespace yaSSL { extern "C" { #endif #if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE) class SSL; class SSL_SESSION; class SSL_METHOD; class SSL_CTX; class SSL_CIPHER; class RSA; class X509; class X509_NAME; #else typedef struct SSL SSL; typedef struct SSL_SESION SSL_SESSION; typedef struct SSL_METHOD SSL_METHOD; typedef struct SSL_CTX SSL_CTX; typedef struct SSL_CIPHER SSL_CIPHER; typedef struct RSA RSA; typedef struct X509 X509; typedef struct X509_NAME X509_NAME; #endif /* Big Number stuff, different file? */ typedef struct BIGNUM BIGNUM; BIGNUM *BN_bin2bn(const unsigned char*, int, BIGNUM*); /* Diffie-Hellman stuff, different file? */ /* mySQL deferences to set group parameters */ typedef struct DH { BIGNUM* p; BIGNUM* g; } DH; DH* DH_new(void); void DH_free(DH*); /* RSA stuff */ void RSA_free(RSA*); RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*); /* X509 stuff, different file? */ typedef struct X509_STORE X509_STORE; typedef struct X509_LOOKUP X509_LOOKUP; typedef struct X509_OBJECT { char c; } X509_OBJECT; typedef struct X509_CRL X509_CRL; typedef struct X509_REVOKED X509_REVOKED; typedef struct X509_LOOKUP_METHOD X509_LOOKUP_METHOD; void X509_free(X509*); /* bio stuff */ typedef struct BIO BIO; /* ASN stuff */ typedef struct ASN1_TIME ASN1_TIME; /* because mySQL dereferences to use error and current_cert, even after calling * get functions for local references */ typedef struct X509_STORE_CTX { int error; int error_depth; X509* current_cert; } X509_STORE_CTX; X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*); int X509_STORE_CTX_get_error(X509_STORE_CTX*); int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*); char* X509_NAME_oneline(X509_NAME*, char*, int); X509_NAME* X509_get_issuer_name(X509*); X509_NAME* X509_get_subject_name(X509*); const char* X509_verify_cert_error_string(long); int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long); int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long); X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void); X509_LOOKUP_METHOD* X509_LOOKUP_file(void); X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*); X509_STORE* X509_STORE_new(void); int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*, X509_OBJECT*); enum { /* X509 Constants */ X509_V_OK = 0, X509_V_ERR_CERT_CHAIN_TOO_LONG = 1, X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 2, X509_V_ERR_CERT_NOT_YET_VALID = 3, X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 4, X509_V_ERR_CERT_HAS_EXPIRED = 5, X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 6, X509_FILETYPE_PEM = 7, X509_LU_X509 = 8, X509_LU_CRL = 9, X509_V_ERR_CRL_SIGNATURE_FAILURE = 10, X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 11, X509_V_ERR_CRL_HAS_EXPIRED = 12, X509_V_ERR_CERT_REVOKED = 13, }; /* Error stuff, could move to yassl_error */ unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *); void ERR_print_errors_fp(FILE*); char* ERR_error_string(unsigned long,char*); void ERR_remove_state(unsigned long); unsigned long ERR_get_error(void); unsigned long ERR_peek_error(void); int ERR_GET_REASON(int); enum { /* ERR Constants */ ERR_TXT_STRING = 1, EVP_R_BAD_DECRYPT = 2, }; SSL_CTX* SSL_CTX_new(SSL_METHOD*); SSL* SSL_new(SSL_CTX*); int SSL_set_fd (SSL*, int); int SSL_connect(SSL*); int SSL_write(SSL*, const void*, int); int SSL_read(SSL*, void*, int); int SSL_accept(SSL*); void SSL_CTX_free(SSL_CTX*); void SSL_free(SSL*); int SSL_clear(SSL*); int SSL_shutdown(SSL*); void SSL_set_connect_state(SSL*); void SSL_set_accept_state(SSL*); int SSL_do_handshake(SSL*); const char* SSL_get_cipher(SSL*); const char* SSL_get_cipher_name(SSL*); /* uses SSL_get_cipher */ char* SSL_get_shared_ciphers(SSL*, char*, int); const char* SSL_get_cipher_list(SSL*, int); const char* SSL_get_version(SSL*); const char* SSLeay_version(int); int SSL_get_error(SSL*, int); void SSL_load_error_strings(void); int SSL_set_session(SSL *ssl, SSL_SESSION *session); SSL_SESSION* SSL_get_session(SSL* ssl); long SSL_SESSION_set_timeout(SSL_SESSION*, long); X509* SSL_get_peer_certificate(SSL*); long SSL_get_verify_result(SSL*); typedef int (*VerifyCallback)(int, X509_STORE_CTX*); typedef int (*pem_password_cb)(char*, int, int, void*); void SSL_CTX_set_verify(SSL_CTX*, int, VerifyCallback verify_callback); int SSL_CTX_load_verify_locations(SSL_CTX*, const char*, const char*); int SSL_CTX_set_default_verify_paths(SSL_CTX*); int SSL_CTX_check_private_key(SSL_CTX*); int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*, unsigned int); void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int)); long SSL_CTX_set_options(SSL_CTX*, long); long SSL_CTX_set_session_cache_mode(SSL_CTX*, long); long SSL_CTX_set_timeout(SSL_CTX*, long); int SSL_CTX_use_certificate_chain_file(SSL_CTX*, const char*); void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb); int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int); void SSL_CTX_set_info_callback(SSL_CTX*, void (*)()); long SSL_CTX_sess_accept(SSL_CTX*); long SSL_CTX_sess_connect(SSL_CTX*); long SSL_CTX_sess_accept_good(SSL_CTX*); long SSL_CTX_sess_connect_good(SSL_CTX*); long SSL_CTX_sess_accept_renegotiate(SSL_CTX*); long SSL_CTX_sess_connect_renegotiate(SSL_CTX*); long SSL_CTX_sess_hits(SSL_CTX*); long SSL_CTX_sess_cb_hits(SSL_CTX*); long SSL_CTX_sess_cache_full(SSL_CTX*); long SSL_CTX_sess_misses(SSL_CTX*); long SSL_CTX_sess_timeouts(SSL_CTX*); long SSL_CTX_sess_number(SSL_CTX*); long SSL_CTX_sess_get_cache_size(SSL_CTX*); int SSL_CTX_get_verify_mode(SSL_CTX*); int SSL_get_verify_mode(SSL*); int SSL_CTX_get_verify_depth(SSL_CTX*); int SSL_get_verify_depth(SSL*); long SSL_get_default_timeout(SSL*); long SSL_CTX_get_session_cache_mode(SSL_CTX*); int SSL_session_reused(SSL*); int SSL_set_rfd(SSL*, int); int SSL_set_wfd(SSL*, int); void SSL_set_shutdown(SSL*, int); int SSL_want_read(SSL*); int SSL_want_write(SSL*); int SSL_pending(SSL*); enum { /* ssl Constants */ SSL_BAD_FILETYPE = -5, SSL_BAD_FILE = -4, SSL_NOT_IMPLEMENTED = -3, SSL_UNKNOWN = -2, SSL_FATAL_ERROR = -1, SSL_NORMAL_SHUTDOWN = 0, SSL_ERROR_NONE = 0, // for most functions SSL_FAILURE = 0, // for some functions SSL_SUCCESS = 1, SSL_FILETYPE_ASN1 = 10, SSL_FILETYPE_PEM = 11, SSL_FILETYPE_DEFAULT = 10, /* ASN1 */ SSL_VERIFY_NONE = 0, SSL_VERIFY_PEER = 1, SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, SSL_VERIFY_CLIENT_ONCE = 4, SSL_SESS_CACHE_OFF = 30, SSL_SESS_CACHE_CLIENT = 31, SSL_SESS_CACHE_SERVER = 32, SSL_SESS_CACHE_BOTH = 33, SSL_SESS_CACHE_NO_AUTO_CLEAR = 34, SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35, SSL_OP_MICROSOFT_SESS_ID_BUG = 50, SSL_OP_NETSCAPE_CHALLENGE_BUG = 51, SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 52, SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 53, SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 54, SSL_OP_MSIE_SSLV2_RSA_PADDING = 55, SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 56, SSL_OP_TLS_D5_BUG = 57, SSL_OP_TLS_BLOCK_PADDING_BUG = 58, SSL_OP_TLS_ROLLBACK_BUG = 59, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 60, SSL_OP_ALL = 61, SSL_OP_SINGLE_DH_USE = 62, SSL_OP_EPHEMERAL_RSA = 63, SSL_OP_NO_SSLv2 = 64, SSL_OP_NO_SSLv3 = 65, SSL_OP_NO_TLSv1 = 66, SSL_OP_PKCS1_CHECK_1 = 67, SSL_OP_PKCS1_CHECK_2 = 68, SSL_OP_NETSCAPE_CA_DN_BUG = 69, SSL_OP_NON_EXPORT_FIRST = 70, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 71, SSL_ERROR_WANT_READ = 80, SSL_ERROR_WANT_WRITE = 81, SSL_ERROR_SYSCALL = 82, SSL_ERROR_WANT_X509_LOOKUP = 83, SSL_ERROR_ZERO_RETURN = 84, SSL_ERROR_SSL = 85, SSL_SENT_SHUTDOWN = 90, SSL_RECEIVED_SHUTDOWN = 91, SSL_CB_LOOP = 92, SSL_ST_CONNECT = 93, SSL_ST_ACCEPT = 94, SSL_CB_ALERT = 95, SSL_CB_READ = 96, SSL_CB_HANDSHAKE_DONE = 97, }; SSL_METHOD *SSLv3_method(void); SSL_METHOD *SSLv3_server_method(void); SSL_METHOD *SSLv3_client_method(void); SSL_METHOD *TLSv1_server_method(void); SSL_METHOD *TLSv1_client_method(void); SSL_METHOD *SSLv23_server_method(void); int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int); int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int); int SSL_CTX_set_cipher_list(SSL_CTX*, const char*); long SSL_CTX_sess_set_cache_size(SSL_CTX*, long); long SSL_CTX_set_tmp_dh(SSL_CTX*, DH*); void OpenSSL_add_all_algorithms(void); void SSLeay_add_ssl_algorithms(void); SSL_CIPHER* SSL_get_current_cipher(SSL*); char* SSL_CIPHER_description(SSL_CIPHER*, char*, int); char* SSL_alert_type_string_long(int); char* SSL_alert_desc_string_long(int); char* SSL_state_string_long(SSL*); /* EVP stuff, des and md5, different file? */ typedef struct Digest Digest; typedef Digest EVP_MD; typedef struct BulkCipher BulkCipher; typedef BulkCipher EVP_CIPHER; typedef struct EVP_PKEY EVP_PKEY; typedef unsigned char DES_cblock[8]; typedef const DES_cblock const_DES_cblock; typedef DES_cblock DES_key_schedule; const EVP_MD* EVP_md5(void); const EVP_CIPHER* EVP_des_ede3_cbc(void); typedef unsigned char opaque; int EVP_BytesToKey(const EVP_CIPHER*, const EVP_MD*, const opaque*, const opaque*, int, int, opaque*, opaque*); void DES_set_key_unchecked(const_DES_cblock*, DES_key_schedule*); void DES_ede3_cbc_encrypt(const opaque*, opaque*, long, DES_key_schedule*, DES_key_schedule*, DES_key_schedule*, DES_cblock*, int); /* RAND stuff */ void RAND_screen(void); const char* RAND_file_name(char*, size_t); int RAND_write_file(const char*); int RAND_load_file(const char*, long); #define SSL_DEFAULT_CIPHER_LIST "" /* default all */ #if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE) } /* namespace */ } /* extern "C" */ #endif #endif /* yaSSL_openssl_h__ */ --- New file --- +++ extra/yassl/include/socket_wrapper.hpp 05/04/28 18:23:06 /* socket_wrapper.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* The socket wrapper header defines a Socket class that hides the differences * between Berkely style sockets and Windows sockets, allowing transparent TCP * access. */ #ifndef yaSSL_SOCKET_WRAPPER_HPP #define yaSSL_SOCKET_WRAPPER_HPP #include <cassert> #ifdef WIN32 #include <winsock2.h> #else #include <sys/time.h> #include <sys/types.h> #include <sys/socket.h> #include <unistd.h> #include <netinet/in.h> #include <arpa/inet.h> #endif namespace yaSSL { typedef unsigned int uint; #ifdef WIN32 typedef SOCKET socket_t; #else typedef int socket_t; const socket_t INVALID_SOCKET = -1; const int SD_RECEIVE = 0; const int SD_SEND = 1; const int SD_BOTH = 2; const int SOCKET_ERROR = -1; #endif typedef unsigned char byte; // Wraps Windows Sockets and BSD Sockets class Socket { socket_t socket_; // underlying socket descriptor public: explicit Socket(socket_t s = INVALID_SOCKET); virtual ~Socket(); void set_fd(socket_t s); uint get_ready() const; socket_t get_fd() const; uint send(const byte* buf, unsigned int len, int flags = 0) const; uint receive(byte* buf, unsigned int len, int flags = 0) const; void wait() const; void closeSocket(); void shutDown(int how = SD_SEND); static int get_lastError(); static void set_lastError(int error); private: Socket(const Socket&); // hide copy Socket& operator= (const Socket&); // and assign }; } // naemspace #endif // yaSSL_SOCKET_WRAPPER_HPP --- New file --- +++ extra/yassl/include/timer.hpp 05/04/28 18:23:06 /* timer.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* timer.hpp provides a high res and low res timers * */ #ifndef yaSSL_TIMER_HPP #define yaSSL_TIMER_HPP namespace yaSSL { typedef double timer_d; typedef unsigned int uint; timer_d timer(); uint lowResTimer(); } // namespace #endif // yaSSL_TIMER_HPP --- New file --- +++ extra/yassl/include/yassl_error.hpp 05/04/28 18:23:06 /* yassl_error.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* yaSSL error header defines error codes and an exception class */ #ifndef yaSSL_ERROR_HPP #define yaSSL_ERROR_HPP #include "stdexcept.hpp" namespace yaSSL { enum YasslError { no_error = 0, // 10 - 47 from AlertDescription, 0 also close_notify range_error = 101, realloc_error = 102, factory_error = 103, unknown_cipher = 104, prefix_error = 105, record_layer = 106, handshake_layer = 107, out_of_order = 108, bad_input = 109, match_error = 110, no_key_file = 111, verify_error = 112, send_error = 113, receive_error = 114, certificate_error = 115, // 1000+ from TaoCrypt error.hpp }; enum Library { yaSSL_Lib = 0, CryptoLib, SocketLib }; // Base class for all yaSSL exceptions class Error : public mySTL::runtime_error { YasslError error_; Library lib_; public: explicit Error(const char* s = "", YasslError e = no_error, Library l = yaSSL_Lib); YasslError get_number() const; Library get_lib() const; }; } // naemspace #endif // yaSSL_ERROR_HPP --- New file --- +++ extra/yassl/include/yassl_imp.hpp 05/04/28 18:23:07 /* yassl_imp.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* yaSSL implementation header defines all strucutres from the SSL.v3 * specification "draft-freier-ssl-version3-02.txt" * all page citations refer to this document unless otherwise noted. */ #ifndef yaSSL_IMP_HPP #define yaSSL_IMP_HPP #ifdef _MSC_VER // disable truncated debug symbols #pragma warning(disable:4786) #endif #include "yassl_types.hpp" #include "factory.hpp" #include "list.hpp" // mySTL::list namespace yaSSL { class SSL; // forward decls class input_buffer; class output_buffer; struct ProtocolVersion { uint8 major_; uint8 minor_; // major and minor SSL/TLS version numbers ProtocolVersion(uint8 maj = 3, uint8 min = 0); }; // Record Layer Header for PlainText, Compressed, and CipherText struct RecordLayerHeader { ContentType type_; ProtocolVersion version_; uint16 length_; // should not exceed 2^14 }; // base for all messages struct Message { virtual input_buffer& set(input_buffer&) =0; virtual output_buffer& get(output_buffer&) const =0; virtual void Process(input_buffer&, SSL&) =0; virtual ContentType get_type() const =0; virtual uint16 get_length() const =0; virtual ~Message() {} }; class ChangeCipherSpec : public Message { CipherChoice type_; public: ChangeCipherSpec(); friend input_buffer& operator>>(input_buffer&, ChangeCipherSpec&); friend output_buffer& operator<<(output_buffer&, const ChangeCipherSpec&); input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; ContentType get_type() const; uint16 get_length() const; void Process(input_buffer&, SSL&); private: ChangeCipherSpec(const ChangeCipherSpec&); // hide copy ChangeCipherSpec& operator=(const ChangeCipherSpec&); // and assign }; class Alert : public Message { AlertLevel level_; AlertDescription description_; public: Alert() {} Alert(AlertLevel al, AlertDescription ad); ContentType get_type() const; uint16 get_length() const; void Process(input_buffer&, SSL&); friend input_buffer& operator>>(input_buffer&, Alert&); friend output_buffer& operator<<(output_buffer&, const Alert&); input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; private: Alert(const Alert&); // hide copy Alert& operator=(const Alert&); // and assign }; class Data : public Message { uint16 length_; opaque* buffer_; // read buffer used by fillData input const opaque* write_buffer_; // write buffer used by output operator public: Data(); Data(uint16 len, opaque* b); Data(uint16 len, const opaque* w); friend output_buffer& operator<<(output_buffer&, const Data&); input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; ContentType get_type() const; uint16 get_length() const; const opaque* get_buffer() const; void set_length(uint16 l); opaque* set_buffer(); void Process(input_buffer&, SSL&); private: Data(const Data&); // hide copy Data& operator=(const Data&); // and assign }; uint32 c24to32(const uint24); // forward form internal header void c32to24(uint32, uint24&); // HandShake header, same for each message type from page 20/21 class HandShakeHeader : public Message { HandShakeType type_; uint24 length_; // length of message public: HandShakeHeader() {} ContentType get_type() const; uint16 get_length() const; HandShakeType get_handshakeType() const; void Process(input_buffer&, SSL&); void set_type(HandShakeType hst); void set_length(uint32 u32); friend input_buffer& operator>>(input_buffer&, HandShakeHeader&); friend output_buffer& operator<<(output_buffer&, const HandShakeHeader&); input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; private: HandShakeHeader(const HandShakeHeader&); // hide copy HandShakeHeader& operator=(const HandShakeHeader&); // and assign }; // Base Class for all handshake messages class HandShakeBase { int length_; public: int get_length() const; void set_length(int); // for building buffer's type field virtual HandShakeType get_type() const =0; // handles dispactch of proper >> virtual input_buffer& set(input_buffer& in) =0; virtual output_buffer& get(output_buffer& out) const =0; virtual void Process(input_buffer&, SSL&) =0; virtual ~HandShakeBase() {} }; struct HelloRequest : public HandShakeBase { input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; void Process(input_buffer&, SSL&); HandShakeType get_type() const; }; // The Client's Hello Message from page 23 class ClientHello : public HandShakeBase { ProtocolVersion client_version_; Random random_; uint8 id_len_; // session id length opaque session_id_[ID_LEN]; uint16 suite_len_; // cipher suite length opaque cipher_suites_[MAX_SUITE_SZ]; uint8 comp_len_; // compression length CompressionMethod compression_methods_; public: friend input_buffer& operator>>(input_buffer&, ClientHello&); friend output_buffer& operator<<(output_buffer&, const ClientHello&); input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; HandShakeType get_type() const; void Process(input_buffer&, SSL&); const opaque* get_random() const; friend void buildClientHello(SSL&, ClientHello&, CompressionMethod); friend void ProcessOldClientHello(input_buffer& input, SSL& ssl); ClientHello(); explicit ClientHello(ProtocolVersion pv); private: ClientHello(const ClientHello&); // hide copy ClientHello& operator=(const ClientHello&); // and assign }; // The Server's Hello Message from page 24 class ServerHello : public HandShakeBase { ProtocolVersion server_version_; Random random_; uint8 id_len_; // session id length opaque session_id_[ID_LEN]; opaque cipher_suite_[SUITE_LEN]; CompressionMethod compression_method_; public: explicit ServerHello(ProtocolVersion pv); ServerHello(); friend input_buffer& operator>>(input_buffer&, ServerHello&); friend output_buffer& operator<<(output_buffer&, const ServerHello&); input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; HandShakeType get_type() const; void Process(input_buffer&, SSL&); const opaque* get_random() const; friend void buildServerHello(SSL&, ServerHello&); private: ServerHello(const ServerHello&); // hide copy ServerHello& operator=(const ServerHello&); // and assign }; class x509; // Certificate could be a chain class Certificate : public HandShakeBase { const x509* cert_; public: Certificate(); explicit Certificate(const x509* cert); friend output_buffer& operator<<(output_buffer&, const Certificate&); const opaque* get_buffer() const; // Process handles input, needs SSL input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; HandShakeType get_type() const; void Process(input_buffer&, SSL&); private: Certificate(const Certificate&); // hide copy Certificate& operator=(const Certificate&); // and assign }; // RSA Public Key struct ServerRSAParams { opaque* rsa_modulus_; opaque* rsa_exponent_; }; // Ephemeral Diffie-Hellman Parameters class ServerDHParams { int pSz_; int gSz_; int pubSz_; opaque* p_; opaque* g_; opaque* Ys_; public: ServerDHParams(); ~ServerDHParams(); int get_pSize() const; int get_gSize() const; int get_pubSize() const; const opaque* get_p() const; const opaque* get_g() const; const opaque* get_pub() const; opaque* alloc_p(int sz); opaque* alloc_g(int sz); opaque* alloc_pub(int sz); private: ServerDHParams(const ServerDHParams&); // hide copy ServerDHParams& operator=(const ServerDHParams&); // and assign }; struct ServerKeyBase { virtual ~ServerKeyBase() {} virtual void build(SSL&) {} virtual void read(SSL&, input_buffer&) {} virtual int get_length() const; virtual opaque* get_serverKey() const; }; // Server random number for FORTEZZA KEA struct Fortezza_Server : public ServerKeyBase { opaque r_s_[FORTEZZA_MAX]; }; struct SignatureBase { virtual ~SignatureBase() {} }; struct anonymous_sa : public SignatureBase {}; struct Hashes { uint8 md5_[MD5_LEN]; uint8 sha_[SHA_LEN]; }; struct rsa_sa : public SignatureBase { Hashes hashes_; }; struct dsa_sa : public SignatureBase { uint8 sha_[SHA_LEN]; }; // Server's Diffie-Hellman exchange class DH_Server : public ServerKeyBase { ServerDHParams parms_; opaque* signature_; int length_; // total length of message opaque* keyMessage_; // total exchange message public: DH_Server(); ~DH_Server(); void build(SSL&); void read(SSL&, input_buffer&); int get_length() const; opaque* get_serverKey() const; private: DH_Server(const DH_Server&); // hide copy DH_Server& operator=(const DH_Server&); // and assign }; // Server's RSA exchange struct RSA_Server : public ServerKeyBase { ServerRSAParams params_; opaque* signature_; // signed rsa_sa hashes }; class ServerKeyExchange : public HandShakeBase { ServerKeyBase* server_key_; public: explicit ServerKeyExchange(SSL&); ServerKeyExchange(); ~ServerKeyExchange(); void createKey(SSL&); void build(SSL& ssl); const opaque* getKey() const; int getKeyLength() const; input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; friend output_buffer& operator<<(output_buffer&, const ServerKeyExchange&); void Process(input_buffer&, SSL&); HandShakeType get_type() const; private: ServerKeyExchange(const ServerKeyExchange&); // hide copy ServerKeyExchange& operator=(const ServerKeyExchange&); // and assign }; class CertificateRequest : public HandShakeBase { ClientCertificateType certificate_types_[CERT_TYPES]; int typeTotal_; mySTL::list<DistinguishedName> certificate_authorities_; public: CertificateRequest(); ~CertificateRequest(); input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; friend input_buffer& operator>>(input_buffer&, CertificateRequest&); friend output_buffer& operator<<(output_buffer&, const CertificateRequest&); void Process(input_buffer&, SSL&); HandShakeType get_type() const; void Build(); private: CertificateRequest(const CertificateRequest&); // hide copy CertificateRequest& operator=(const CertificateRequest&); // and assign }; struct ServerHelloDone : public HandShakeBase { ServerHelloDone(); input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; void Process(input_buffer& input, SSL& ssl); HandShakeType get_type() const; }; struct PreMasterSecret { opaque random_[SECRET_LEN]; // first two bytes Protocol Version }; struct ClientKeyBase { virtual ~ClientKeyBase() {} virtual void build(SSL&) {} virtual void read(SSL&, input_buffer&) {} virtual int get_length() const; virtual opaque* get_clientKey() const; }; class EncryptedPreMasterSecret : public ClientKeyBase { opaque* secret_; int length_; public: EncryptedPreMasterSecret(); ~EncryptedPreMasterSecret(); void build(SSL&); void read(SSL&, input_buffer&); int get_length() const; opaque* get_clientKey() const; void alloc(int sz); private: // hide copy and assign EncryptedPreMasterSecret(const EncryptedPreMasterSecret&); EncryptedPreMasterSecret& operator=(const EncryptedPreMasterSecret&); }; // Fortezza Key Parameters from page 29 // hard code lengths cause only used here struct FortezzaKeys : public ClientKeyBase { opaque y_c_ [128]; // client's Yc, public value opaque r_c_ [128]; // client's Rc opaque y_signature_ [40]; // DSS signed public key opaque wrapped_client_write_key_ [12]; // wrapped by the TEK opaque wrapped_server_write_key_ [12]; // wrapped by the TEK opaque client_write_iv_ [24]; opaque server_write_iv_ [24]; opaque master_secret_iv_ [24]; // IV used to encrypt preMaster opaque encrypted_preMasterSecret_[48]; // random & crypted by the TEK }; // Diffie-Hellman public key from page 40/41 class ClientDiffieHellmanPublic : public ClientKeyBase { PublicValueEncoding public_value_encoding_; int length_; // includes two byte length for message opaque* Yc_; // length + Yc_ // dh_Yc only if explicit, otherwise sent in certificate enum { KEY_OFFSET = 2 }; public: ClientDiffieHellmanPublic(); ~ClientDiffieHellmanPublic(); void build(SSL&); void read(SSL&, input_buffer&); int get_length() const; opaque* get_clientKey() const; void alloc(int sz, bool offset = false); private: // hide copy and assign ClientDiffieHellmanPublic(const ClientDiffieHellmanPublic&); ClientDiffieHellmanPublic& operator=(const ClientDiffieHellmanPublic&); }; class ClientKeyExchange : public HandShakeBase { ClientKeyBase* client_key_; public: explicit ClientKeyExchange(SSL& ssl); ClientKeyExchange(); ~ClientKeyExchange(); void createKey(SSL&); void build(SSL& ssl); const opaque* getKey() const; int getKeyLength() const; friend output_buffer& operator<<(output_buffer&, const ClientKeyExchange&); input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; HandShakeType get_type() const; void Process(input_buffer&, SSL&); private: ClientKeyExchange(const ClientKeyExchange&); // hide copy ClientKeyExchange& operator=(const ClientKeyExchange&); // and assign }; class CertificateVerify : public HandShakeBase { Hashes hashes_; byte* signature_; // owns public: CertificateVerify(); ~CertificateVerify(); input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; friend input_buffer& operator>>(input_buffer&, CertificateVerify&); friend output_buffer& operator<<(output_buffer&, const CertificateVerify&); void Process(input_buffer&, SSL&); HandShakeType get_type() const; void Build(SSL&); private: CertificateVerify(const CertificateVerify&); // hide copy CertificateVerify& operator=(const CertificateVerify&); // and assign }; class Finished : public HandShakeBase { Hashes hashes_; public: Finished(); uint8* set_md5(); uint8* set_sha(); friend input_buffer& operator>>(input_buffer&, Finished&); friend output_buffer& operator<<(output_buffer&, const Finished&); input_buffer& set(input_buffer& in); output_buffer& get(output_buffer& out) const; void Process(input_buffer&, SSL&); HandShakeType get_type() const; private: Finished(const Finished&); // hide copy Finished& operator=(const Finished&); // and assign }; class RandomPool; // forward for connection // SSL Connection defined on page 11 struct Connection { opaque *pre_master_secret_; opaque master_secret_[SECRET_LEN]; opaque client_random_[RAN_LEN]; opaque server_random_[RAN_LEN]; opaque sessionID_[ID_LEN]; opaque client_write_MAC_secret_[SHA_LEN]; // sha is max size opaque server_write_MAC_secret_[SHA_LEN]; opaque client_write_key_[AES_256_KEY_SZ]; // aes 256bit is max sz opaque server_write_key_[AES_256_KEY_SZ]; opaque client_write_IV_[AES_IV_SZ]; // aes is max size opaque server_write_IV_[AES_IV_SZ]; uint32 sequence_number_; uint32 peer_sequence_number_; uint32 pre_secret_len_; // pre master length bool send_server_key_; // server key exchange? bool master_clean_; // master secret clean? bool TLS_; // TLSv1 or greater ProtocolVersion version_; RandomPool& random_; Connection(ProtocolVersion v, RandomPool& ran); ~Connection(); void AllocPreSecret(uint sz); void CleanPreMaster(); void CleanMaster(); void TurnOffTLS(); private: Connection(const Connection&); // hide copy Connection& operator=(const Connection&); // and assign }; struct Ciphers; // forward // TLSv1 Security Spec, defined on page 56 of RFC 2246 struct Parameters { ConnectionEnd entity_; BulkCipherAlgorithm bulk_cipher_algorithm_; CipherType cipher_type_; uint8 key_size_; uint8 iv_size_; IsExportable is_exportable_; MACAlgorithm mac_algorithm_; uint8 hash_size_; CompressionMethod compression_algorithm_; KeyExchangeAlgorithm kea_; // yassl additions SignatureAlgorithm sig_algo_; // signature auth type SignatureAlgorithm verify_algo_; // cert verify auth type bool pending_; bool resumable_; // new conns by session uint16 encrypt_size_; // current msg encrypt sz Cipher suite_[SUITE_LEN]; // choosen suite uint8 suites_size_; Cipher suites_[MAX_SUITE_SZ]; char cipher_name_[MAX_SUITE_NAME]; char cipher_list_[MAX_CIPHER_LIST]; Parameters(ConnectionEnd, const Ciphers&, ProtocolVersion); void SetSuites(ProtocolVersion pv); void SetCipherNames(); private: Parameters(const Parameters&); // hide copy Parameters& operator=(const Parameters&); // and assing }; input_buffer& operator>>(input_buffer&, RecordLayerHeader&); output_buffer& operator<<(output_buffer&, const RecordLayerHeader&); input_buffer& operator>>(input_buffer&, Message&); output_buffer& operator<<(output_buffer&, const Message&); input_buffer& operator>>(input_buffer&, HandShakeBase&); output_buffer& operator<<(output_buffer&, const HandShakeBase&); // Message Factory definition // uses the ContentType enumeration for unique id typedef Factory<Message> MessageFactory; void InitMessageFactory(MessageFactory&); // registers derived classes // HandShake Factory definition // uses the HandShakeType enumeration for unique id typedef Factory<HandShakeBase> HandShakeFactory; void InitHandShakeFactory(HandShakeFactory&); // registers derived classes // ServerKey Factory definition // uses KeyExchangeAlgorithm enumeration for unique id typedef Factory<ServerKeyBase> ServerKeyFactory; void InitServerKeyFactory(ServerKeyFactory&); // ClientKey Factory definition // uses KeyExchangeAlgorithm enumeration for unique id typedef Factory<ClientKeyBase> ClientKeyFactory; void InitClientKeyFactory(ClientKeyFactory&); // Message Creators Message* CreateHandShake(); Message* CreateCipherSpec(); Message* CreateAlert(); Message* CreateData(); // HandShake Creators HandShakeBase* CreateCertificate(); HandShakeBase* CreateHelloRequest(); HandShakeBase* CreateClientHello(); HandShakeBase* CreateServerHello(); HandShakeBase* CreateServerKeyExchange(); HandShakeBase* CreateCertificateRequest(); HandShakeBase* CreateServerHelloDone(); HandShakeBase* CreateClientKeyExchange(); HandShakeBase* CreateCertificateVerify(); HandShakeBase* CreateFinished(); // ServerKey Exchange Creators ServerKeyBase* CreateRSAServerKEA(); ServerKeyBase* CreateDHServerKEA(); ServerKeyBase* CreateFortezzaServerKEA(); // ClientKey Exchange Creators ClientKeyBase* CreateRSAClient(); ClientKeyBase* CreateDHClient(); ClientKeyBase* CreateFortezzaClient(); } // naemspace #endif // yaSSL_IMP_HPP --- New file --- +++ extra/yassl/include/yassl_int.hpp 05/04/28 18:23:07 /* yassl_int.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* yaSSL internal header defines SSL supporting types not specified in the * draft along with type conversion functions and openssl compatibility */ #ifndef yaSSL_INT_HPP #define yaSSL_INT_HPP #include "yassl_imp.hpp" #include "crypto_wrapper.hpp" #include "cert_wrapper.hpp" #include "lock.hpp" #include "log.hpp" namespace yaSSL { // State Machine for Record Layer Protocol enum RecordLayerState { recordNotReady = 0, // fatal error, no more processing recordReady }; // State Machine for HandShake Protocol enum HandShakeState { handShakeNotReady = 0, // fatal error, no more processing preHandshake, // initial state inHandshake, // handshake started handShakeReady // handshake done }; // client input HandShake state, use if HandShakeState == inHandShake enum ClientState { serverNull = 0, serverHelloComplete, serverCertComplete, serverKeyExchangeComplete, serverHelloDoneComplete, serverFinishedComplete }; // server input HandShake state, use if HandShakeState == inHandShake enum ServerState { clientNull = 0, clientHelloComplete, clientKeyExchangeComplete, clientFinishedComplete }; // combines all states class States { enum {MAX_ERROR_SZ = 80 }; RecordLayerState recordLayer_; HandShakeState handshakeLayer_; ClientState clientState_; ServerState serverState_; char errorString_[MAX_ERROR_SZ]; YasslError what_; public: States(); const RecordLayerState& getRecord() const; const HandShakeState& getHandShake() const; const ClientState& getClient() const; const ServerState& getServer() const; const char* getString() const; YasslError What() const; RecordLayerState& useRecord(); HandShakeState& useHandShake(); ClientState& useClient(); ServerState& useServer(); char* useString(); void SetError(YasslError); private: States(const States&); // hide copy States& operator=(const States&); // and assign }; // holds all factories class sslFactory { MessageFactory messageFactory_; // creates new messages by type HandShakeFactory handShakeFactory_; // creates new handshake types ServerKeyFactory serverKeyFactory_; // creates new server key types ClientKeyFactory clientKeyFactory_; // creates new client key types sslFactory(); // only GetSSL_Factory creates public: const MessageFactory& getMessage() const; const HandShakeFactory& getHandShake() const; const ServerKeyFactory& getServerKey() const; const ClientKeyFactory& getClientKey() const; friend sslFactory& GetSSL_Factory(); // singleton creator private: sslFactory(const sslFactory&); // hide copy sslFactory& operator=(const sslFactory&); // and assign }; // openSSL X509 names class X509_NAME { char* name_; public: X509_NAME(const char*, size_t sz); ~X509_NAME(); char* GetName(); private: X509_NAME(const X509_NAME&); // hide copy X509_NAME& operator=(const X509_NAME&); // and assign }; // openSSL X509 class X509 { X509_NAME issuer_; X509_NAME subject_; public: X509(const char* i, size_t, const char* s, size_t); ~X509() {} X509_NAME* GetIssuer(); X509_NAME* GetSubject(); private: X509(const X509&); // hide copy X509& operator=(const X509&); // and assign }; // openSSL bignum struct BIGNUM { Integer int_; void assign(const byte* b, uint s) { int_.assign(b,s); } }; // openSSL session class SSL_SESSION { opaque sessionID_[ID_LEN]; opaque master_secret_[SECRET_LEN]; Cipher suite_[SUITE_LEN]; uint bornOn_; // create time in seconds uint timeout_; // timeout in seconds RandomPool& random_; // will clean master secret public: explicit SSL_SESSION(RandomPool&); SSL_SESSION(const SSL&, RandomPool&); ~SSL_SESSION(); const opaque* GetID() const; const opaque* GetSecret() const; const Cipher* GetSuite() const; uint GetBornOn() const; uint GetTimeOut() const; void SetTimeOut(uint); SSL_SESSION& operator=(const SSL_SESSION&); // allow assign for resumption private: SSL_SESSION(const SSL_SESSION&); // hide copy }; // holds all sessions class Sessions { mySTL::list<SSL_SESSION*> list_; RandomPool random_; // for session cleaning Mutex mutex_; // no-op for single threaded Sessions() {} // only GetSessions can create public: SSL_SESSION* lookup(const opaque*, SSL_SESSION* copy = 0); void add(const SSL&); void remove(const opaque*); ~Sessions(); friend Sessions& GetSessions(); // singleton creator private: Sessions(const Sessions&); // hide copy Sessions& operator=(const Sessions&); // and assign }; Sessions& GetSessions(); // forward singletons sslFactory& GetSSL_Factory(); // openSSL method and context types class SSL_METHOD { ProtocolVersion version_; ConnectionEnd side_; bool verifyPeer_; bool failNoCert_; public: explicit SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv); ProtocolVersion getVersion() const; ConnectionEnd getSide() const; void setVerifyPeer(); void setFailNoCert(); bool verifyPeer() const; bool failNoCert() const; private: SSL_METHOD(const SSL_METHOD&); // hide copy SSL_METHOD& operator=(const SSL_METHOD&); // and assign }; struct Ciphers { bool setSuites_; // user set suites from default byte suites_[MAX_SUITE_SZ]; // new suites int suiteSz_; // suite length in bytes Ciphers() : setSuites_(false), suiteSz_(0) {} }; struct DH; // forward // save for SSL construction struct DH_Parms { Integer p_; Integer g_; bool set_; // if set by user DH_Parms() : set_(false) {} }; enum StatsField { Accept, Connect, AcceptGood, ConnectGood, AcceptRenegotiate, ConnectRenegotiate, Hits, CbHits, CacheFull, Misses, Timeouts, Number, GetCacheSize, VerifyMode, VerifyDepth }; // SSL stats struct Stats { long accept_; long connect_; long acceptGood_; long connectGood_; long acceptRenegotiate_; long connectRenegotiate_; long hits_; long cbHits_; long cacheFull_; long misses_; long timeouts_; long number_; long getCacheSize_; int verifyMode_; int verifyDepth_; public: Stats() : accept_(0), connect_(0), acceptGood_(0), connectGood_(0), acceptRenegotiate_(0), connectRenegotiate_(0), hits_(0), cbHits_(0), cacheFull_(0), misses_(0), timeouts_(0), number_(0), getCacheSize_(0), verifyMode_(0), verifyDepth_(0) {} private: Stats(const Stats&); // hide copy Stats& operator=(const Stats&); // and assign }; // the SSL context class SSL_CTX { public: typedef mySTL::list<x509*> CertList; private: SSL_METHOD* method_; x509* certificate_; x509* privateKey_; CertList caList_; Ciphers ciphers_; DH_Parms dhParms_; Stats stats_; Mutex mutex_; // for Stats public: explicit SSL_CTX(SSL_METHOD* meth); ~SSL_CTX(); const x509* getCert() const; const x509* getKey() const; const SSL_METHOD* getMethod() const; const Ciphers& GetCiphers() const; const DH_Parms& GetDH_Parms() const; const Stats& GetStats() const; void setVerifyPeer(); void setFailNoCert(); bool SetCipherList(const char*); bool SetDH(const DH&); void IncrementStats(StatsField); void AddCA(x509* ca); const CertList& GetCA_List() const; friend int read_file(SSL_CTX*, const char*, int, CertType); private: SSL_CTX(const SSL_CTX&); // hide copy SSL_CTX& operator=(const SSL_CTX&); // and assign }; // holds all cryptographic types class Crypto { Digest* digest_; // agreed upon digest BulkCipher* cipher_; // agreed upon cipher DiffieHellman* dh_; // dh parms RandomPool random_; // random number generator CertManager cert_; // manages certificates public: explicit Crypto(); ~Crypto(); const Digest& get_digest() const; const BulkCipher& get_cipher() const; const DiffieHellman& get_dh() const; const RandomPool& get_random() const; const CertManager& get_certManager() const; Digest& use_digest(); BulkCipher& use_cipher(); DiffieHellman& use_dh(); RandomPool& use_random(); CertManager& use_certManager(); void SetDH(DiffieHellman*); void SetDH(const DH_Parms&); void setDigest(Digest*); void setCipher(BulkCipher*); bool DhSet(); private: Crypto(const Crypto&); // hide copy Crypto& operator=(const Crypto&); // and assign }; // holds all handshake and verify hashes class sslHashes { MD5 md5HandShake_; // md5 handshake hash SHA shaHandShake_; // sha handshake hash Finished verify_; // peer's verify hash Hashes certVerify_; // peer's cert verify hash public: sslHashes() {} const MD5& get_MD5() const; const SHA& get_SHA() const; const Finished& get_verify() const; const Hashes& get_certVerify() const; MD5& use_MD5(); SHA& use_SHA(); Finished& use_verify(); Hashes& use_certVerify(); private: sslHashes(const sslHashes&); // hide copy sslHashes& operator=(const sslHashes&); // and assign }; // holds input and output buffers class Buffers { typedef mySTL::list<input_buffer*> inputList; typedef mySTL::list<output_buffer*> outputList; inputList dataList_; // list of users app data / handshake outputList handShakeList_; // buffered handshake msgs public: Buffers() {} ~Buffers(); const inputList& getData() const; const outputList& getHandShake() const; inputList& useData(); outputList& useHandShake(); private: Buffers(const Buffers&); // hide copy Buffers& operator=(const Buffers&); // and assign }; // wraps security parameters class Security { Connection conn_; // connection information Parameters parms_; // may be pending SSL_SESSION resumeSession_; // if resuming SSL_CTX* ctx_; // context used to init bool resuming_; // trying to resume public: Security(ProtocolVersion, RandomPool&, ConnectionEnd, const Ciphers&, SSL_CTX*); const SSL_CTX* GetContext() const; const Connection& get_connection() const; const Parameters& get_parms() const; const SSL_SESSION& get_resume() const; bool get_resuming() const; Connection& use_connection(); Parameters& use_parms(); SSL_SESSION& use_resume(); void set_resuming(bool b); private: Security(const Security&); // hide copy Security& operator=(const Security&); // and assign }; // THE SSL type class SSL { Crypto crypto_; // agreed crypto agents Security secure_; // Connection and Session parms States states_; // Record and HandShake states sslHashes hashes_; // handshake, finished hashes Socket socket_; // socket wrapper Buffers buffers_; // buffered handshakes and data Log log_; // logger public: SSL(SSL_CTX* ctx); // gets and uses const Crypto& getCrypto() const; const Security& getSecurity() const; const States& getStates() const; const sslHashes& getHashes() const; const sslFactory& getFactory() const; const Socket& getSocket() const; YasslError GetError() const; Crypto& useCrypto(); Security& useSecurity(); States& useStates(); sslHashes& useHashes(); Socket& useSocket(); Log& useLog(); // sets void set_pending(Cipher suite); void set_random(const opaque*, ConnectionEnd); void set_sessionID(const opaque*); void set_session(SSL_SESSION*); void set_preMaster(const opaque*, uint); void set_masterSecret(const opaque*); void SetError(YasslError); // helpers bool isTLS() const; void order_error(); void makeMasterSecret(); void makeTLSMasterSecret(); void addData(input_buffer* data); void fillData(Data&); void addBuffer(output_buffer* b); void flushBuffer(); void verifyState(const RecordLayerHeader&); void verifyState(const HandShakeHeader&); void verifyState(ClientState); void verifyState(ServerState); void verfiyHandShakeComplete(); void matchSuite(const opaque*, uint length); void deriveKeys(); void deriveTLSKeys(); void Send(const byte*, uint); uint bufferedData(); uint get_SEQIncrement(bool); const byte* get_macSecret(bool); private: void storeKeys(const opaque*); void setKeys(); void verifyClientState(HandShakeType); void verifyServerState(HandShakeType); SSL(const SSL&); // hide copy const SSL& operator=(const SSL&); // and assign }; // conversion functions void c32to24(uint32, uint24&); void c24to32(const uint24, uint32&); uint32 c24to32(const uint24); void ato16(const opaque*, uint16&); void ato24(const opaque*, uint24&); void c16toa(uint16, opaque*); void c24toa(const uint24, opaque*); void c32toa(uint32 u32, opaque*); } // naemspace #endif // yaSSL_INT_HPP --- New file --- +++ extra/yassl/include/yassl_types.hpp 05/04/28 18:23:07 /* yassl_types.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* yaSSL types header defines all constants, enums, and typedefs * from the SSL.v3 specification "draft-freier-ssl-version3-02.txt" */ #ifndef yaSSL_TYPES_HPP #define yaSSL_TYPES_HPP #include<cstddef> namespace yaSSL { // library allocation struct new_t {}; // yaSSL New type extern new_t ys; // pass in parameter } // namespace yaSSL void* operator new (size_t, yaSSL::new_t); void* operator new[](size_t, yaSSL::new_t); namespace yaSSL { typedef unsigned char uint8; typedef unsigned short uint16; typedef unsigned int uint32; typedef uint8 uint24[3]; typedef uint32 uint64[2]; typedef uint8 opaque; typedef opaque byte; typedef unsigned int uint; // all length constants in bytes const int ID_LEN = 32; // session id length const int SUITE_LEN = 2; // cipher suite length const int SECRET_LEN = 48; // pre RSA and all master secret length const int MASTER_ROUNDS = 3; // master secret derivation rounds const int RAN_LEN = 32; // client and server random length const int MAC_BLOCK_SZ = 64; // MAC block size, & padding const int MD5_LEN = 16; // MD5 digest length const int SHA_LEN = 20; // SHA digest length const int RMD_LEN = 20; // RIPEMD-160 digest length const int PREFIX = 3; // up to 3 prefix letters for secret rounds const int KEY_PREFIX = 7; // up to 7 prefix letters for key rounds const int FORTEZZA_MAX = 128; // Maximum Fortezza Key length const int MAX_SUITE_SZ = 64; // 32 max suites * sizeof(suite) const int MAX_SUITE_NAME = 48; // max length of suite name const int MAX_CIPHER_LIST = 512; // max length of cipher list names const int SIZEOF_ENUM = 1; // SSL considers an enum 1 byte, not 4 const int SIZEOF_SENDER = 4; // Sender constant, for finished generation const int PAD_MD5 = 48; // pad length 1 and 2 for md5 finished const int PAD_SHA = 40; // should be 44, specd wrong by netscape const int PAD_RMD = 44; // pad length for RIPEMD-160, some use 40?? const int CERT_HEADER = 3; // always use 3 bytes for certificate const int CERT_TYPES = 7; // certificate request types const int REQUEST_HEADER = 2; // request uses 2 bytes const int VERIFY_HEADER = 2; // verify length field const int MIN_CERT_TYPES = 1; // minimum certificate request types const int MIN_DIS_NAMES = 3; // minimum distinguished names const int MIN_DIS_SIZE = 1; // minimum distinguished name size const int RECORD_HEADER = 5; // type + version + length(2) const int HANDSHAKE_HEADER = 4; // type + length(3) const int FINISHED_SZ = MD5_LEN + SHA_LEN; // sizeof finished data const int TLS_FINISHED_SZ = 12; // TLS verify data size const int SEQ_SZ = 8; // 64 bit sequence number const int LENGTH_SZ = 2; // length field for HMAC, data only const int VERSION_SZ = SIZEOF_ENUM * 2; // SSL/TLS length of version const int DES_KEY_SZ = 8; // DES Key length const int DES_EDE_KEY_SZ = 24; // DES EDE Key length const int DES_BLOCK = 8; // DES is always fixed block size 8 const int DES_IV_SZ = DES_BLOCK; // Init Vector length for DES const int RC4_KEY_SZ = 16; // RC4 Key length const int AES_128_KEY_SZ = 16; // AES 128bit Key length const int AES_256_KEY_SZ = 32; // AES 256bit Key length const int AES_BLOCK_SZ = 16; // AES 128bit block size, rfc 3268 const int AES_IV_SZ = AES_BLOCK_SZ; // AES Init Vector length const int DSS_SIG_SZ = 40; // two 20 byte high byte first Integers const int DSS_ENCODED_EXTRA = 6; // seqID + len(1) + (intID + len(1)) * 2 const int EVP_SALT_SZ = 8; const int MASTER_LABEL_SZ = 13; // TLS master secret label size const int KEY_LABEL_SZ = 13; // TLS key block expansion size const int FINISHED_LABEL_SZ = 15; // TLS finished lable length const int SEED_LEN = RAN_LEN * 2; // TLS seed, client + server random const int DEFAULT_TIMEOUT = 500; // Default Session timeout in seconds const int MAX_RECORD_SIZE = 16384; // 2^14, max size by standard typedef uint8 Cipher; // first byte is always 0x00 for SSLv3 & TLS typedef opaque Random[RAN_LEN]; typedef opaque* DistinguishedName; typedef bool IsExportable; enum CompressionMethod { no_compression = 0 }; enum CipherType { stream, block }; enum CipherChoice { change_cipher_spec_choice = 1 }; enum PublicValueEncoding { implicit_encoding, explicit_encoding }; enum ConnectionEnd { server_end, client_end }; enum AlertLevel { warning = 1, fatal = 2, }; // Record Layer Header identifier from page 12 enum ContentType { no_type = 0, change_cipher_spec = 20, alert = 21, handshake = 22, application_data = 23 }; // HandShake Layer Header identifier from page 20 enum HandShakeType { no_shake = -1, hello_request = 0, client_hello = 1, server_hello = 2, certificate = 11, server_key_exchange = 12, certificate_request = 13, server_hello_done = 14, certificate_verify = 15, client_key_exchange = 16, finished = 20 }; // Valid Alert types from page 16/17 enum AlertDescription { close_notify = 0, unexpected_message = 10, bad_record_mac = 20, decompression_failure = 30, handshake_failure = 40, no_certificate = 41, bad_certificate = 42, unsupported_certificate = 43, certificate_revoked = 44, certificate_expired = 45, certificate_unknown = 46, illegal_parameter = 47 }; // Supported Key Exchange Protocols enum KeyExchangeAlgorithm { no_kea = 0, rsa_kea, diffie_hellman_kea, fortezza_kea }; // Supported Authentication Schemes enum SignatureAlgorithm { anonymous_sa_algo = 0, rsa_sa_algo, dsa_sa_algo }; // Valid client certificate request types from page 27 enum ClientCertificateType { rsa_sign = 1, dss_sign = 2, rsa_fixed_dh = 3, dss_fixed_dh = 4, rsa_ephemeral_dh = 5, dss_ephemeral_dh = 6, fortezza_kea_cert = 20 }; // Supported Ciphers from page 43 enum BulkCipherAlgorithm { cipher_null, rc4, rc2, des, triple_des, // leading 3 (3des) not valid identifier des40, idea, aes }; // Supported Message Authentication Codes from page 43 enum MACAlgorithm { no_mac, md5, sha, rmd }; // Certificate file Type enum CertType { Cert = 0, PrivateKey, CA }; // all Cipher Suites from pages 41/42 const Cipher SSL_NULL_WITH_NULL_NULL = 0; // { 0x00, 0x00 } const Cipher SSL_RSA_WITH_NULL_MD5 = 1; // { 0x00, 0x01 } const Cipher SSL_RSA_WITH_NULL_SHA = 2; // { 0x00, 0x02 } const Cipher SSL_RSA_EXPORT_WITH_RC4_40_MD5 = 3; // { 0x00, 0x03 } const Cipher SSL_RSA_WITH_RC4_128_MD5 = 4; // { 0x00, 0x04 } const Cipher SSL_RSA_WITH_RC4_128_SHA = 5; // { 0x00, 0x05 } const Cipher SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 6; // { 0x00, 0x06 } const Cipher SSL_RSA_WITH_IDEA_CBC_SHA = 7; // { 0x00, 0x07 } const Cipher SSL_RSA_EXPORT_WITH_DES40_CBC_SHA = 8; // { 0x00, 0x08 } const Cipher SSL_RSA_WITH_DES_CBC_SHA = 9; // { 0x00, 0x09 } const Cipher SSL_RSA_WITH_3DES_EDE_CBC_SHA = 10; // { 0x00, 0x0A } const Cipher SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 11; // { 0x00, 0x0B } const Cipher SSL_DH_DSS_WITH_DES_CBC_SHA = 12; // { 0x00, 0x0C } const Cipher SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA = 13; // { 0x00, 0x0D } const Cipher SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 14; // { 0x00, 0x0E } const Cipher SSL_DH_RSA_WITH_DES_CBC_SHA = 15; // { 0x00, 0x0F } const Cipher SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA = 16; // { 0x00, 0x10 } const Cipher SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 17; // { 0x00, 0x11 } const Cipher SSL_DHE_DSS_WITH_DES_CBC_SHA = 18; // { 0x00, 0x12 } const Cipher SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 19; // { 0x00, 0x13 } const Cipher SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 20; // { 0x00, 0x14 } const Cipher SSL_DHE_RSA_WITH_DES_CBC_SHA = 21; // { 0x00, 0x15 } const Cipher SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 22; // { 0x00, 0x16 } const Cipher SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 = 23; // { 0x00, 0x17 } const Cipher SSL_DH_anon_WITH_RC4_128_MD5 = 24; // { 0x00, 0x18 } const Cipher SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 25; // { 0x00, 0x19 } const Cipher SSL_DH_anon_WITH_DES_CBC_SHA = 26; // { 0x00, 0x1A } const Cipher SSL_DH_anon_WITH_3DES_EDE_CBC_SHA = 27; // { 0x00, 0x1B } const Cipher SSL_FORTEZZA_KEA_WITH_NULL_SHA = 28; // { 0x00, 0x1C } const Cipher SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 29; // { 0x00, 0x1D } const Cipher SSL_FORTEZZA_KEA_WITH_RC4_128_SHA = 30; // { 0x00, 0x1E } // .. to 0x2B uses Kerberos Authentication // TLS AES extensions const Cipher TLS_RSA_WITH_AES_128_CBC_SHA = 47; // { 0x00, 0x2F } const Cipher TLS_DH_DSS_WITH_AES_128_CBC_SHA = 48; // { 0x00, 0x30 } const Cipher TLS_DH_RSA_WITH_AES_128_CBC_SHA = 49; // { 0x00, 0x31 } const Cipher TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 50; // { 0x00, 0x32 } const Cipher TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 51; // { 0x00, 0x33 } const Cipher TLS_DH_anon_WITH_AES_128_CBC_SHA = 52; // { 0x00, 0x34 } const Cipher TLS_RSA_WITH_AES_256_CBC_SHA = 53; // { 0x00, 0x35 } const Cipher TLS_DH_DSS_WITH_AES_256_CBC_SHA = 54; // { 0x00, 0x36 } const Cipher TLS_DH_RSA_WITH_AES_256_CBC_SHA = 55; // { 0x00, 0x37 } const Cipher TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 56; // { 0x00, 0x38 } const Cipher TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 57; // { 0x00, 0x39 } const Cipher TLS_DH_anon_WITH_AES_256_CBC_SHA = 58; // { 0x00, 0x3A } // OpenPGP extensions const Cipher TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160 = 114; // { 0x00, 0x72 }; const Cipher TLS_DHE_DSS_WITH_AES_128_CBC_RMD160 = 115; // { 0x00, 0x73 }; const Cipher TLS_DHE_DSS_WITH_AES_256_CBC_RMD160 = 116; // { 0x00, 0x74 }; const Cipher TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160 = 119; // { 0x00, 0x77 }; const Cipher TLS_DHE_RSA_WITH_AES_128_CBC_RMD160 = 120; // { 0x00, 0x78 }; const Cipher TLS_DHE_RSA_WITH_AES_256_CBC_RMD160 = 121; // { 0x00, 0x79 }; const Cipher TLS_RSA_WITH_3DES_EDE_CBC_RMD160 = 124; // { 0x00, 0x7C }; const Cipher TLS_RSA_WITH_AES_128_CBC_RMD160 = 125; // { 0x00, 0x7D }; const Cipher TLS_RSA_WITH_AES_256_CBC_RMD160 = 126; // { 0x00, 0x7E }; const char* const null_str = ""; const char* const cipher_names[128] = { null_str, // SSL_NULL_WITH_NULL_NULL = 0 null_str, // SSL_RSA_WITH_NULL_MD5 = 1 null_str, // SSL_RSA_WITH_NULL_SHA = 2 null_str, // SSL_RSA_EXPORT_WITH_RC4_40_MD5 = 3 "RC4-MD5", // SSL_RSA_WITH_RC4_128_MD5 = 4 "RC4-SHA", // SSL_RSA_WITH_RC4_128_SHA = 5 null_str, // SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 6 null_str, // SSL_RSA_WITH_IDEA_CBC_SHA = 7 null_str, // SSL_RSA_EXPORT_WITH_DES40_CBC_SHA = 8 "DES-CBC-SHA", // SSL_RSA_WITH_DES_CBC_SHA = 9 "DES-CBC3-SHA", // SSL_RSA_WITH_3DES_EDE_CBC_SHA = 10 null_str, // SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 11 null_str, // SSL_DH_DSS_WITH_DES_CBC_SHA = 12 null_str, // SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA = 13 null_str, // SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 14 null_str, // SSL_DH_RSA_WITH_DES_CBC_SHA = 15 null_str, // SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA = 16 null_str, // SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 17 "EDH-DSS-DES-CBC-SHA", // SSL_DHE_DSS_WITH_DES_CBC_SHA = 18 "EDH-DSS-DES-CBC3-SHA", // SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 19 null_str, // SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 20 "EDH-RSA-DES-CBC-SHA", // SSL_DHE_RSA_WITH_DES_CBC_SHA = 21 "EDH-RSA-DES-CBC3-SHA", // SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 22 null_str, // SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 = 23 null_str, // SSL_DH_anon_WITH_RC4_128_MD5 = 24 null_str, // SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 25 null_str, // SSL_DH_anon_WITH_DES_CBC_SHA = 26 null_str, // SSL_DH_anon_WITH_3DES_EDE_CBC_SHA = 27 null_str, // SSL_FORTEZZA_KEA_WITH_NULL_SHA = 28 null_str, // SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 29 null_str, // SSL_FORTEZZA_KEA_WITH_RC4_128_SHA = 30 null_str, null_str, null_str, null_str, null_str, // 31 - 35 null_str, null_str, null_str, null_str, null_str, // 36 - 40 null_str, null_str, null_str, null_str, null_str, // 41 - 45 null_str, // 46 // TLS AES extensions "AES128-SHA", // TLS_RSA_WITH_AES_128_CBC_SHA = 47 null_str, // TLS_DH_DSS_WITH_AES_128_CBC_SHA = 48 null_str, // TLS_DH_RSA_WITH_AES_128_CBC_SHA = 49 "DHE-DSS-AES128-SHA", // TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 50 "DHE-RSA-AES128-SHA", // TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 51 null_str, // TLS_DH_anon_WITH_AES_128_CBC_SHA = 52 "AES256-SHA", // TLS_RSA_WITH_AES_256_CBC_SHA = 53 null_str, // TLS_DH_DSS_WITH_AES_256_CBC_SHA = 54 null_str, // TLS_DH_RSA_WITH_AES_256_CBC_SHA = 55 "DHE-DSS-AES256-SHA", // TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 56 "DHE-RSA-AES256-SHA", // TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 57 null_str, // TLS_DH_anon_WITH_AES_256_CBC_SHA = 58 null_str, // 59 null_str, // 60 null_str, null_str, null_str, null_str, null_str, // 61 - 65 null_str, null_str, null_str, null_str, null_str, // 66 - 70 null_str, null_str, null_str, null_str, null_str, // 71 - 75 null_str, null_str, null_str, null_str, null_str, // 76 - 80 null_str, null_str, null_str, null_str, null_str, // 81 - 85 null_str, null_str, null_str, null_str, null_str, // 86 - 90 null_str, null_str, null_str, null_str, null_str, // 91 - 95 null_str, null_str, null_str, null_str, null_str, // 96 - 100 null_str, null_str, null_str, null_str, null_str, // 101 - 105 null_str, null_str, null_str, null_str, null_str, // 106 - 110 null_str, null_str, null_str, // 111 - 113 "DHE-DSS-DES-CBC3-RMD", // TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160 = 114 "DHE-DSS-AES128-RMD", // TLS_DHE_DSS_WITH_AES_128_CBC_RMD160 = 115 "DHE-DSS-AES256-RMD", // TLS_DHE_DSS_WITH_AES_256_CBC_RMD160 = 116 null_str, // 117 null_str, // 118 "DHE-RSA-DES-CBC3-RMD", // TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160 = 119 "DHE-RSA-AES128-RMD", // TLS_DHE_RSA_WITH_AES_128_CBC_RMD160 = 120 "DHE-RSA-AES256-RMD", // TLS_DHE_RSA_WITH_AES_256_CBC_RMD160 = 121 null_str, // 122 null_str, // 123 "DES-CBC3-RMD", // TLS_RSA_WITH_3DES_EDE_CBC_RMD160 = 124 "AES128-RMD", // TLS_RSA_WITH_AES_128_CBC_RMD160 = 125 "AES256-RMD", // TLS_RSA_WITH_AES_256_CBC_RMD160 = 126 null_str, // 127 }; // fill with MD5 pad size since biggest required const opaque PAD1[PAD_MD5] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 }; const opaque PAD2[PAD_MD5] = { 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c }; const opaque client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 }; const opaque server[SIZEOF_SENDER] = { 0x53, 0x52, 0x56, 0x52 }; const opaque tls_client[FINISHED_LABEL_SZ + 1] = "client finished"; const opaque tls_server[FINISHED_LABEL_SZ + 1] = "server finished"; const opaque master_label[MASTER_LABEL_SZ + 1] = "master secret"; const opaque key_label [KEY_LABEL_SZ + 1] = "key expansion"; } // naemspace #endif // yaSSL_TYPES_HPP --- New file --- +++ extra/yassl/mySTL/algorithm.hpp 05/04/28 18:23:07 /* mySTL algorithm.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* mySTL algorithm implements max, min, for_each, swap, find_if, copy, * copy_backward, fill */ #ifndef mySTL_ALGORITHM_HPP #define mySTL_ALGORITHM_HPP namespace mySTL { template<typename T> inline const T& max(const T& a, const T&b) { return a < b ? b : a; } template<typename T> inline const T& min(const T& a, const T&b) { return b < a ? b : a; } template<typename InIter, typename Func> Func for_each(InIter first, InIter last, Func op) { while (first != last) { op(*first); ++first; } return op; } template<typename T> inline void swap(T& a, T& b) { T tmp = a; a = b; b = tmp; } template<typename InIter, typename Pred> InIter find_if(InIter first, InIter last, Pred pred) { while (first != last && !pred(*first)) ++first; return first; } template<typename InputIter, typename OutputIter> inline OutputIter copy(InputIter first, InputIter last, OutputIter place) { while (first != last) { *place = *first; ++first; ++place; } return place; } template<typename InputIter, typename OutputIter> inline OutputIter copy_backward(InputIter first, InputIter last, OutputIter place) { while (first != last) *--place = *--last; return place; } template<typename InputIter, typename T> void fill(InputIter first, InputIter last, const T& v) { while (first != last) { *first = v; ++first; } } } // namespace mySTL #endif // mySTL_ALGORITHM_HPP --- New file --- +++ extra/yassl/mySTL/helpers.hpp 05/04/28 18:23:07 /* mySTL helpers.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* mySTL helpers implements misc constructs for vector and list * */ #ifndef mySTL_HELPERS_HPP #define mySTL_HELPERS_HPP #include <cstdlib> namespace mySTL { template <typename T, typename T2> inline void construct(T* p, const T2& value) { new (static_cast<void*>(p)) T(value); } template <typename T> inline void construct(T* p) { new (static_cast<void*>(p)) T(); } template <typename T> inline void destroy(T* p) { p->~T(); } template <typename Iter> void destroy(Iter first, Iter last) { while (first != last) { destroy(&*first); ++first; } } template <typename Iter, typename PlaceIter> PlaceIter uninit_copy(Iter first, Iter last, PlaceIter place) { while (first != last) { construct(&*place, *first); ++first; ++place; } return place; } template <typename PlaceIter, typename Size, typename T> PlaceIter uninit_fill_n(PlaceIter place, Size n, const T& value) { while (n) { construct(&*place, value); --n; ++place; } return place; } } // namespace mySTL #endif // mySTL_HELPERS_HPP --- New file --- +++ extra/yassl/mySTL/list.hpp 05/04/28 18:23:08 /* mySTL list.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* mySTL list implements a simple list * */ #ifndef mySTL_LIST_HPP #define mySTL_LIST_HPP #include "helpers.hpp" #include <new> // ::operator new and delete, placement too namespace mySTL { template<typename T> class list { struct node { node(T t) : prev_(0), next_(0), value_(t) {} node* prev_; node* next_; T value_; }; public: list() : head_(0), tail_(0), sz_(0) {} ~list(); void push_front(T); void pop_front(); T front() const; void push_back(T); void pop_back(); T back() const; bool remove(T); size_t size() const { return sz_; } bool empty() const { return sz_ == 0; } class iterator { node* current_; public: iterator() : current_(0) {} explicit iterator(node* p) : current_(p) {} T& operator*() const { return current_->value_; } T* operator->() const { return &(operator*()); } iterator& operator++() { current_ = current_->next_; return *this; } iterator& operator--() { current_ = current_->prev_; return *this; } iterator& operator++(int) { iterator tmp = *this; current_ = current_->next_; return tmp; } iterator& operator--(int) { iterator tmp = *this; current_ = current_->prev_; return tmp; } bool operator==(const iterator& other) const { return current_ == other.current_; } bool operator!=(const iterator& other) const { return current_ != other.current_; } friend class list<T>; }; bool erase(iterator); iterator begin() const { return iterator(head_); } iterator rbegin() const { return iterator(tail_); } iterator end() const { return iterator(); } typedef iterator const_iterator; // for now class underflow {}; class overflow {}; private: node* head_; node* tail_; size_t sz_; node* look_up(T); list(const list&); // hide copy list& operator=(const list&); // and assign }; template<typename T> list<T>::~list() { node* start = head_; node* next_; for (; start; start = next_) { next_ = start->next_; destroy(start); ::operator delete(start); } } template<typename T> void list<T>::push_front(T t) { void* mem = ::operator new(sizeof(node)); if (!mem) abort(); node* add = new (mem) node(t); if (head_) { add->next_ = head_; head_->prev_ = add; } else tail_ = add; head_ = add; ++sz_; } template<typename T> void list<T>::pop_front() { node* front = head_; if (head_ == 0) return; else if (head_ == tail_) head_ = tail_ = 0; else { head_ = head_->next_; head_->prev_ = 0; } destroy(front); ::operator delete(front); --sz_; } template<typename T> T list<T>::front() const { if (head_ == 0) return 0; return head_->value_; } template<typename T> void list<T>::push_back(T t) { void* mem = ::operator new(sizeof(node)); if (!mem) abort(); node* add = new (mem) node(t); if (tail_) { tail_->next_ = add; add->prev_ = tail_; } else head_ = add; tail_ = add; ++sz_; } template<typename T> void list<T>::pop_back() { node* rear = tail_; if (tail_ == 0) return; else if (tail_ == head_) tail_ = head_ = 0; else { tail_ = tail_->prev_; tail_->next_ = 0; } destroy(rear); ::operator delete(rear); --sz_; } template<typename T> T list<T>::back() const { if (back == 0) return 0; return back->value_; } template<typename T> typename list<T>::node* list<T>::look_up(T t) { node* list = head_; if (list == 0) return 0; for (; list; list = list->next_) if (list->value_ == t) return list; return 0; } template<typename T> bool list<T>::remove(T t) { node* del = look_up(t); if (del == 0) return false; else if (del == head_) pop_front(); else if (del == tail_) pop_back(); else { del->prev_->next_ = del->next_; del->next_->prev_ = del->prev_; destroy(del); ::operator delete(del); --sz_; } return true; } template<typename T> bool list<T>::erase(iterator iter) { node* del = iter.current_; if (del == 0) return false; else if (del == head_) pop_front(); else if (del == tail_) pop_back(); else { del->prev_->next_ = del->next_; del->next_->prev_ = del->prev_; destroy(del); ::operator delete(del); --sz_; } return true; } /* MSVC can't handle ?? template<typename T> T& list<T>::iterator::operator*() const { return current_->value_; } template<typename T> T* list<T>::iterator::operator->() const { return &(operator*()); } template<typename T> typename list<T>::iterator& list<T>::iterator::operator++() { current_ = current_->next_; return *this; } template<typename T> typename list<T>::iterator& list<T>::iterator::operator--() { current_ = current_->prev_; return *this; } template<typename T> typename list<T>::iterator& list<T>::iterator::operator++(int) { iterator tmp = *this; current_ = current_->next_; return tmp; } template<typename T> typename list<T>::iterator& list<T>::iterator::operator--(int) { iterator tmp = *this; current_ = current_->prev_; return tmp; } template<typename T> bool list<T>::iterator::operator==(const iterator& other) const { return current_ == other.current_; } template<typename T> bool list<T>::iterator::operator!=(const iterator& other) const { return current_ != other.current_; } */ // end MSVC 6 can't handle } // namespace mySTL #endif // mySTL_LIST_HPP --- New file --- +++ extra/yassl/mySTL/memory.hpp 05/04/28 18:23:08 /* mySTL memory.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* mySTL memory implements auto_ptr * */ #ifndef mySTL_MEMORY_HPP #define mySTL_MEMORY_HPP #ifdef _MSC_VER // disable operator-> warning for builtins #pragma warning(disable:4284) #endif namespace mySTL { template<typename T> struct auto_ptr_ref { T* ptr_; explicit auto_ptr_ref(T* p) : ptr_(p) {} }; template<typename T> class auto_ptr { T* ptr_; public: explicit auto_ptr(T* p = 0) : ptr_(p) {} ~auto_ptr() { delete ptr_; } auto_ptr(auto_ptr& other) : ptr_(other.release()) {} auto_ptr& operator=(auto_ptr& that) { if (this != &that) { delete ptr_; ptr_ = that.release(); } return *this; } T* operator->() const { return ptr_; } T& operator*() const { return *ptr_; } T* get() const { return ptr_; } T* release() { T* tmp = ptr_; ptr_ = 0; return tmp; } void reset(T* p = 0) { if (ptr_ != p) { delete ptr_; ptr_ = p; } } // auto_ptr_ref conversions auto_ptr(auto_ptr_ref<T> ref) : ptr_(ref.ptr_) {} auto_ptr& operator=(auto_ptr_ref<T> ref) { if (this->ptr_ != ref.ptr_) { delete ptr_; ptr_ = ref.ptr_; } return *this; } template<typename T2> operator auto_ptr<T2>() { return auto_ptr<T2>(this->release()); } template<typename T2> operator auto_ptr_ref<T2>() { return auto_ptr_ref<T2>(this->release()); } }; } // namespace mySTL #endif // mySTL_MEMORY_HPP --- New file --- +++ extra/yassl/mySTL/pair.hpp 05/04/28 18:23:08 /* mySTL pair.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* mySTL pair implements pair * */ #ifndef mySTL_PAIR_HPP #define mySTL_PAIR_HPP namespace mySTL { template<typename T1, typename T2> struct pair { typedef T1 first_type; typedef T2 second_type; first_type first; second_type second; pair() {} pair(const T1& t1, const T2& t2) : first(t1), second(t2) {} template<typename U1, typename U2> pair(const pair<U1, U2>& p) : first(p.first), second(p.second) {} }; template<typename T1, typename T2> inline pair<T1, T2> make_pair(const T1& a, const T2& b) { return pair<T1, T2>(a, b); } } // namespace mySTL #endif // mySTL_PAIR_HPP --- New file --- +++ extra/yassl/mySTL/stdexcept.hpp 05/04/28 18:23:08 /* mySTL stdexcept.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* mySTL memory implements exception, runtime_error * */ #ifndef mySTL_STDEXCEPT_HPP #define mySTL_STDEXCEPT_HPP #include <cstring> // strncpy namespace mySTL { class exception { public: exception() {} virtual ~exception() {} virtual const char* what() const { return ""; } }; class named_exception : public exception { public: enum { NAME_SIZE = 80 }; explicit named_exception(const char* str) { strncpy(name_, str, NAME_SIZE); name_[NAME_SIZE - 1] = 0; } virtual const char* what() const { return name_; } private: char name_[NAME_SIZE]; }; class runtime_error : public named_exception { public: explicit runtime_error(const char* str) : named_exception(str) {} }; } // namespace mySTL #endif // mySTL_STDEXCEPT_HPP --- New file --- +++ extra/yassl/mySTL/vector.hpp 05/04/28 18:23:08 /* mySTL vector.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* mySTL vector implements simple vector, w/ swap * */ #ifndef mySTL_VECTOR_HPP #define mySTL_VECTOR_HPP #include "helpers.hpp" // construct, destory, fill, etc. #include "algorithm.hpp" // swap #include <new> // ::operator new and delete, placement too #include <cassert> // assert namespace mySTL { template <typename T> struct vector_base { T* start_; T* finish_; T* end_of_storage_; vector_base() : start_(0), finish_(0), end_of_storage_(0) {} vector_base(size_t n) { start_ = static_cast<T*>(::operator new(n * sizeof(T))); if (!start_) abort(); finish_ = start_; end_of_storage_ = start_ + n; } ~vector_base() { ::operator delete(start_); } void Swap(vector_base& that) { swap(start_, that.start_); swap(finish_, that.finish_); swap(end_of_storage_, that.end_of_storage_); } }; template <typename T> class vector { public: vector() {} explicit vector(size_t n) : vec_(n) { vec_.finish_ = uninit_fill_n(vec_.start_, n, T()); } ~vector() { destroy(vec_.start_, vec_.finish_); } vector(const vector& other) : vec_(other.size()) { vec_.finish_ = uninit_copy(other.vec_.start_, other.vec_.finish_, vec_.start_); } size_t capacity() const { return vec_.end_of_storage_ - vec_.start_; } size_t size() const { return vec_.finish_ - vec_.start_; } T& operator[](size_t idx) { return *(vec_.start_ + idx); } const T& operator[](size_t idx) const { return *(vec_.start_ + idx); } const T* begin() const { return vec_.start_; } const T* end() const { return vec_.finish_; } void push_back(const T& v) { if (vec_.finish_ != vec_.end_of_storage_) { construct(vec_.finish_, v); ++vec_.finish_; } else { vector tmp(size() * 2 + 1, *this); construct(tmp.vec_.finish_, v); ++tmp.vec_.finish_; Swap(tmp); } } void resize(size_t n, const T& v) { if (n == size()) return; if (n < size()) { T* first = vec_.start_ + n; destroy(first, vec_.finish_); vec_.finish_ -= vec_.finish_ - first; } else { vector tmp(n, *this); tmp.vec_.finish_ = uninit_fill_n(tmp.vec_.finish_, n - size(), v); Swap(tmp); } } void reserve(size_t n) { if (capacity() < n) { vector tmp(n, *this); Swap(tmp); } } void Swap(vector& that) { vec_.Swap(that.vec_); } private: vector_base<T> vec_; vector& operator=(const vector&); // hide assign // for growing, n must be bigger than other size vector(size_t n, const vector& other) : vec_(n) { assert(n > other.size()); vec_.finish_ = uninit_copy(other.vec_.start_, other.vec_.finish_, vec_.start_); } }; } // namespace mySTL #endif // mySTL_VECTOR_HPP --- New file --- +++ extra/yassl/src/Makefile.am 05/04/28 18:23:09 INCLUDES = -I../include -I../taocrypt/include -I../mySTL noinst_LIBRARIES = libyassl.a libyassl_a_SOURCES = buffer.cpp cert_wrapper.cpp crypto_wrapper.cpp \ handshake.cpp lock.cpp log.cpp socket_wrapper.cpp ssl.cpp \ timer.cpp yassl_imp.cpp yassl_error.cpp yassl_int.cpp EXTRA_DIST = ../include/*.hpp ../include/openssl/*.h CXXFLAGS=`echo "@CXXFLAGS@" | sed 's/-fno-implicit-templates//'` --- New file --- +++ extra/yassl/src/buffer.cpp 05/04/28 18:23:09 /* buffer.cpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* yaSSL buffer header implements input/output buffers to simulate streaming * with SSL types and sockets */ #include "runtime.hpp" #include "buffer.hpp" #include "yassl_types.hpp" namespace yaSSL { // Checking Policy should implement a check function that tests whether the // index is within the size limit of the array void Check::check(uint i, uint limit) { assert(i < limit); } void NoCheck::check(uint, uint) { } /* input_buffer operates like a smart c style array with a checking option, * meant to be read from through [] with AUTO index or read(). * Should only write to at/near construction with assign() or raw (e.g., recv) * followed by add_size with the number of elements added by raw write. * * Not using vector because need checked []access, offset, and the ability to * write to the buffer bulk wise and have the correct size */ input_buffer::input_buffer() : size_(0), current_(0), buffer_(0), end_(0) {} input_buffer::input_buffer(uint s) : size_(0), current_(0), buffer_(new (ys) byte[s]), end_(buffer_ + s) {} // with assign input_buffer::input_buffer(uint s, const byte* t, uint len) : size_(0), current_(0), buffer_(new (ys) byte[s]), end_(buffer_ + s) { assign(t, len); } input_buffer::~input_buffer() { delete [] buffer_; } // users can pass defualt zero length buffer and then allocate void input_buffer::allocate(uint s) { assert(!buffer_); // find realloc error buffer_ = new (ys) byte[s]; end_ = buffer_ + s; } // for passing to raw writing functions at beginning, then use add_size byte* input_buffer::get_buffer() const { return buffer_; } // after a raw write user can set new size // if you know the size before the write use assign() void input_buffer::add_size(uint i) { check(size_ + i-1, get_capacity()); size_ += i; } uint input_buffer::get_capacity() const { return end_ - buffer_; } uint input_buffer::get_current() const { return current_; } uint input_buffer::get_size() const { return size_; } uint input_buffer::get_remaining() const { return size_ - current_; } void input_buffer::set_current(uint i) { if (i) check(i - 1, size_); current_ = i; } // read only access through [], advance current // user passes in AUTO index for ease of use const byte& input_buffer::operator[](uint i) { assert (i == AUTO); check(current_, size_); return buffer_[current_++]; } // end of input test bool input_buffer::eof() { return current_ >= size_; } // peek ahead byte input_buffer::peek() const { return buffer_[current_]; } // write function, should use at/near construction void input_buffer::assign(const byte* t, uint s) { check(current_, get_capacity()); add_size(s); memcpy(&buffer_[current_], t, s); } // use read to query input, adjusts current void input_buffer::read(byte* dst, uint length) { check(current_ + length - 1, size_); memcpy(dst, &buffer_[current_], length); current_ += length; } /* output_buffer operates like a smart c style array with a checking option. * Meant to be written to through [] with AUTO index or write(). * Size (current) counter increases when written to. Can be constructed with * zero length buffer but be sure to allocate before first use. * Don't use add write for a couple bytes, use [] instead, way less overhead. * * Not using vector because need checked []access and the ability to * write to the buffer bulk wise and retain correct size */ output_buffer::output_buffer() : current_(0), buffer_(0), end_(0) {} // with allocate output_buffer::output_buffer(uint s) : current_(0), buffer_(new (ys) byte[s]), end_(buffer_ + s) {} // with assign output_buffer::output_buffer(uint s, const byte* t, uint len) : current_(0), buffer_(new (ys) byte[s]), end_(buffer_+ s) { write(t, len); } output_buffer::~output_buffer() { delete [] buffer_; } uint output_buffer::get_size() const { return current_; } uint output_buffer::get_capacity() const { return end_ - buffer_; } void output_buffer::set_current(uint c) { check(c, get_capacity()); current_ = c; } // users can pass defualt zero length buffer and then allocate void output_buffer::allocate(uint s) { assert(!buffer_); // find realloc error buffer_ = new (ys) byte[s]; end_ = buffer_ + s; } // for passing to reading functions when finished const byte* output_buffer::get_buffer() const { return buffer_; } // allow write access through [], update current // user passes in AUTO as index for ease of use byte& output_buffer::operator[](uint i) { assert(i == AUTO); check(current_, get_capacity()); return buffer_[current_++]; } // end of output test bool output_buffer::eof() { return current_ >= get_capacity(); } void output_buffer::write(const byte* t, uint s) { check(current_ + s - 1, get_capacity()); memcpy(&buffer_[current_], t, s); current_ += s; } } // naemspace --- New file --- +++ extra/yassl/src/cert_wrapper.cpp 05/04/28 18:23:09 /* cert_wrapper.cpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* The certificate wrapper source implements certificate management functions * */ #include "runtime.hpp" #include "cert_wrapper.hpp" #include "yassl_int.hpp" #if defined(USE_CML_LIB) #include "cmapi_cpp.h" #else #include "asn.hpp" #include "file.hpp" #endif // USE_CML_LIB namespace yaSSL { x509::x509(uint sz) : length_(sz), buffer_(new (ys) opaque[sz]) { } x509::~x509() { delete [] buffer_; } x509::x509(const x509& that) : length_(that.length_), buffer_(new (ys) opaque[length_]) { memcpy(buffer_, that.buffer_, length_); } void x509::Swap(x509& that) { mySTL::swap(length_, that.length_); mySTL::swap(buffer_, that.buffer_); } x509& x509::operator=(const x509& that) { x509 temp(that); Swap(temp); return *this; } uint x509::get_length() const { return length_; } const opaque* x509::get_buffer() const { return buffer_; } opaque* x509::use_buffer() { return buffer_; } //CertManager CertManager::CertManager() : peerX509_(0), verifyPeer_(false), failNoCert_(false), sendVerify_(false) {} CertManager::~CertManager() { delete peerX509_; mySTL::for_each(signers_.begin(), signers_.end(), del_ptr_zero()) ; mySTL::for_each(peerList_.begin(), peerList_.end(), del_ptr_zero()) ; mySTL::for_each(list_.begin(), list_.end(), del_ptr_zero()) ; } bool CertManager::verifyPeer() const { return verifyPeer_; } bool CertManager::failNoCert() const { return failNoCert_; } bool CertManager::sendVerify() const { return sendVerify_; } void CertManager::setVerifyPeer() { verifyPeer_ = true; } void CertManager::setFailNoCert() { failNoCert_ = true; } void CertManager::setSendVerify() { sendVerify_ = true; } void CertManager::AddPeerCert(x509* x) { peerList_.push_back(x); // take ownership } void CertManager::CopySelfCert(const x509* x) { if (x) list_.push_back(new (ys) x509(*x)); } // add to signers int CertManager::CopyCaCert(const x509* x) { TaoCrypt::Source source(x->get_buffer(), x->get_length()); TaoCrypt::CertDecoder cert(source, true, &signers_); if (!cert.GetError().What()) { const TaoCrypt::PublicKey& key = cert.GetPublicKey(); signers_.push_back(new (ys) TaoCrypt::Signer(key.GetKey(), key.size(), cert.GetCommonName(), cert.GetHash())); } return cert.GetError().What(); } const x509* CertManager::get_cert() const { return list_.front(); } const opaque* CertManager::get_peerKey() const { return peerPublicKey_.get_buffer(); } X509* CertManager::get_peerX509() const { return peerX509_; } SignatureAlgorithm CertManager::get_peerKeyType() const { return peerKeyType_; } SignatureAlgorithm CertManager::get_keyType() const { return keyType_; } uint CertManager::get_peerKeyLength() const { return peerPublicKey_.get_size(); } const opaque* CertManager::get_privateKey() const { return privateKey_.get_buffer(); } uint CertManager::get_privateKeyLength() const { return privateKey_.get_size(); } // Validate the peer's certificate list, from root to peer (last to first) int CertManager::Validate() { CertList::iterator last = peerList_.rbegin(); // fix this int count = peerList_.size(); while ( count > 1 ) { TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length()); TaoCrypt::CertDecoder cert(source, true, &signers_); if (int err = cert.GetError().What()) return err; const TaoCrypt::PublicKey& key = cert.GetPublicKey(); signers_.push_back(new (ys) TaoCrypt::Signer(key.GetKey(), key.size(), cert.GetCommonName(), cert.GetHash())); --last; --count; } if (count) { // peer's is at the front TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length()); TaoCrypt::CertDecoder cert(source, true, &signers_); if (int err = cert.GetError().What()) return err; uint sz = cert.GetPublicKey().size(); peerPublicKey_.allocate(sz); peerPublicKey_.assign(cert.GetPublicKey().GetKey(), sz); if (cert.GetKeyType() == TaoCrypt::RSAk) peerKeyType_ = rsa_sa_algo; else peerKeyType_ = dsa_sa_algo; int iSz = cert.GetIssuer() ? strlen(cert.GetIssuer()) + 1 : 0; int sSz = cert.GetCommonName() ? strlen(cert.GetCommonName()) + 1 : 0; peerX509_ = new (ys) X509(cert.GetIssuer(), iSz, cert.GetCommonName(), sSz); } return 0; } // Set the private key int CertManager::SetPrivateKey(const x509& key) { privateKey_.allocate(key.get_length()); privateKey_.assign(key.get_buffer(), key.get_length()); // set key type if (x509* cert = list_.front()) { TaoCrypt::Source source(cert->get_buffer(), cert->get_length()); TaoCrypt::CertDecoder cert(source, false); cert.DecodeToKey(); if (int err = cert.GetError().What()) return err; if (cert.GetKeyType() == TaoCrypt::RSAk) keyType_ = rsa_sa_algo; else keyType_ = dsa_sa_algo; } return 0; } #if defined(USE_CML_LIB) // Get the peer's certificate, extract and save public key void CertManager::SetPeerKey() { // first cert is the peer's x509* main = peerList_.front(); Bytes_struct cert; cert.num = main->get_length(); cert.data = main->set_buffer(); CML::Certificate cm(cert); const CML::ASN::Cert& raw = cm.base(); CTIL::CSM_Buffer key = raw.pubKeyInfo.key; uint sz; opaque* key_buffer = reinterpret_cast<opaque*>(key.Get(sz)); peerPublicKey_.allocate(sz); peerPublicKey_.assign(key_buffer, sz); } #endif // USE_CML_LIB } // namespace --- New file --- +++ extra/yassl/src/crypto_wrapper.cpp 05/04/28 18:23:09 /* crypto_wrapper.cpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* The crypto wrapper source implements the policies for the cipher * components used by SSL. * * The implementation relies on a specfic library, taoCrypt. */ #if !defined(USE_CRYPTOPP_LIB) #include "runtime.hpp" #include "crypto_wrapper.hpp" #include "cert_wrapper.hpp" #include "md5.hpp" #include "sha.hpp" #include "ripemd.hpp" #include "hmac.hpp" #include "modes.hpp" #include "des.hpp" #include "arc4.hpp" #include "aes.hpp" #include "rsa.hpp" #include "dsa.hpp" #include "dh.hpp" #include "random.hpp" #include "file.hpp" #include "coding.hpp" namespace yaSSL { // MD5 Implementation struct MD5::MD5Impl { TaoCrypt::MD5 md5_; MD5Impl() {} explicit MD5Impl(const TaoCrypt::MD5& md5) : md5_(md5) {} }; MD5::MD5() : pimpl_(new (ys) MD5Impl) {} MD5::~MD5() { delete pimpl_; } MD5::MD5(const MD5& that) : Digest(), pimpl_(new (ys) MD5Impl(that.pimpl_->md5_)) {} MD5& MD5::operator=(const MD5& that) { pimpl_->md5_ = that.pimpl_->md5_; return *this; } uint MD5::get_digestSize() const { return MD5_LEN; } uint MD5::get_padSize() const { return PAD_MD5; } // Fill out with MD5 digest from in that is sz bytes, out must be >= digest sz void MD5::get_digest(byte* out, const byte* in, unsigned int sz) { pimpl_->md5_.Update(in, sz); pimpl_->md5_.Final(out); } // Fill out with MD5 digest from previous updates void MD5::get_digest(byte* out) { pimpl_->md5_.Final(out); } // Update the current digest void MD5::update(const byte* in, unsigned int sz) { pimpl_->md5_.Update(in, sz); } // SHA Implementation struct SHA::SHAImpl { TaoCrypt::SHA sha_; SHAImpl() {} explicit SHAImpl(const TaoCrypt::SHA& sha) : sha_(sha) {} }; SHA::SHA() : pimpl_(new (ys) SHAImpl) {} SHA::~SHA() { delete pimpl_; } SHA::SHA(const SHA& that) : Digest(), pimpl_(new (ys) SHAImpl(that.pimpl_->sha_)) {} SHA& SHA::operator=(const SHA& that) { pimpl_->sha_ = that.pimpl_->sha_; return *this; } uint SHA::get_digestSize() const { return SHA_LEN; } uint SHA::get_padSize() const { return PAD_SHA; } // Fill out with SHA digest from in that is sz bytes, out must be >= digest sz void SHA::get_digest(byte* out, const byte* in, unsigned int sz) { pimpl_->sha_.Update(in, sz); pimpl_->sha_.Final(out); } // Fill out with SHA digest from previous updates void SHA::get_digest(byte* out) { pimpl_->sha_.Final(out); } // Update the current digest void SHA::update(const byte* in, unsigned int sz) { pimpl_->sha_.Update(in, sz); } // RMD-160 Implementation struct RMD::RMDImpl { TaoCrypt::RIPEMD160 rmd_; RMDImpl() {} explicit RMDImpl(const TaoCrypt::RIPEMD160& rmd) : rmd_(rmd) {} }; RMD::RMD() : pimpl_(new (ys) RMDImpl) {} RMD::~RMD() { delete pimpl_; } RMD::RMD(const RMD& that) : Digest(), pimpl_(new (ys) RMDImpl(that.pimpl_->rmd_)) {} RMD& RMD::operator=(const RMD& that) { pimpl_->rmd_ = that.pimpl_->rmd_; return *this; } uint RMD::get_digestSize() const { return RMD_LEN; } uint RMD::get_padSize() const { return PAD_RMD; } // Fill out with RMD digest from in that is sz bytes, out must be >= digest sz void RMD::get_digest(byte* out, const byte* in, unsigned int sz) { pimpl_->rmd_.Update(in, sz); pimpl_->rmd_.Final(out); } // Fill out with RMD digest from previous updates void RMD::get_digest(byte* out) { pimpl_->rmd_.Final(out); } // Update the current digest void RMD::update(const byte* in, unsigned int sz) { pimpl_->rmd_.Update(in, sz); } // HMAC_MD5 Implementation struct HMAC_MD5::HMAC_MD5Impl { TaoCrypt::HMAC<TaoCrypt::MD5> mac_; HMAC_MD5Impl() {} }; HMAC_MD5::HMAC_MD5(const byte* secret, unsigned int len) : pimpl_(new (ys) HMAC_MD5Impl) { pimpl_->mac_.SetKey(secret, len); } HMAC_MD5::~HMAC_MD5() { delete pimpl_; } uint HMAC_MD5::get_digestSize() const { return MD5_LEN; } uint HMAC_MD5::get_padSize() const { return PAD_MD5; } // Fill out with MD5 digest from in that is sz bytes, out must be >= digest sz void HMAC_MD5::get_digest(byte* out, const byte* in, unsigned int sz) { pimpl_->mac_.Update(in, sz); pimpl_->mac_.Final(out); } // Fill out with MD5 digest from previous updates void HMAC_MD5::get_digest(byte* out) { pimpl_->mac_.Final(out); } // Update the current digest void HMAC_MD5::update(const byte* in, unsigned int sz) { pimpl_->mac_.Update(in, sz); } // HMAC_SHA Implementation struct HMAC_SHA::HMAC_SHAImpl { TaoCrypt::HMAC<TaoCrypt::SHA> mac_; HMAC_SHAImpl() {} }; HMAC_SHA::HMAC_SHA(const byte* secret, unsigned int len) : pimpl_(new (ys) HMAC_SHAImpl) { pimpl_->mac_.SetKey(secret, len); } HMAC_SHA::~HMAC_SHA() { delete pimpl_; } uint HMAC_SHA::get_digestSize() const { return SHA_LEN; } uint HMAC_SHA::get_padSize() const { return PAD_SHA; } // Fill out with SHA digest from in that is sz bytes, out must be >= digest sz void HMAC_SHA::get_digest(byte* out, const byte* in, unsigned int sz) { pimpl_->mac_.Update(in, sz); pimpl_->mac_.Final(out); } // Fill out with SHA digest from previous updates void HMAC_SHA::get_digest(byte* out) { pimpl_->mac_.Final(out); } // Update the current digest void HMAC_SHA::update(const byte* in, unsigned int sz) { pimpl_->mac_.Update(in, sz); } // HMAC_RMD Implementation struct HMAC_RMD::HMAC_RMDImpl { TaoCrypt::HMAC<TaoCrypt::RIPEMD160> mac_; HMAC_RMDImpl() {} }; HMAC_RMD::HMAC_RMD(const byte* secret, unsigned int len) : pimpl_(new (ys) HMAC_RMDImpl) { pimpl_->mac_.SetKey(secret, len); } HMAC_RMD::~HMAC_RMD() { delete pimpl_; } uint HMAC_RMD::get_digestSize() const { return RMD_LEN; } uint HMAC_RMD::get_padSize() const { return PAD_RMD; } // Fill out with RMD digest from in that is sz bytes, out must be >= digest sz void HMAC_RMD::get_digest(byte* out, const byte* in, unsigned int sz) { pimpl_->mac_.Update(in, sz); pimpl_->mac_.Final(out); } // Fill out with RMD digest from previous updates void HMAC_RMD::get_digest(byte* out) { pimpl_->mac_.Final(out); } // Update the current digest void HMAC_RMD::update(const byte* in, unsigned int sz) { pimpl_->mac_.Update(in, sz); } struct DES::DESImpl { TaoCrypt::DES_CBC_Encryption encryption; TaoCrypt::DES_CBC_Decryption decryption; }; DES::DES() : pimpl_(new (ys) DESImpl) {} DES::~DES() { delete pimpl_; } void DES::set_encryptKey(const byte* k, const byte* iv) { pimpl_->encryption.SetKey(k, DES_KEY_SZ, iv); } void DES::set_decryptKey(const byte* k, const byte* iv) { pimpl_->decryption.SetKey(k, DES_KEY_SZ, iv); } // DES encrypt plain of length sz into cipher void DES::encrypt(byte* cipher, const byte* plain, unsigned int sz) { pimpl_->encryption.Process(cipher, plain, sz); } // DES decrypt cipher of length sz into plain void DES::decrypt(byte* plain, const byte* cipher, unsigned int sz) { pimpl_->decryption.Process(plain, cipher, sz); } struct DES_EDE::DES_EDEImpl { TaoCrypt::DES_EDE3_CBC_Encryption encryption; TaoCrypt::DES_EDE3_CBC_Decryption decryption; }; DES_EDE::DES_EDE() : pimpl_(new (ys) DES_EDEImpl) {} DES_EDE::~DES_EDE() { delete pimpl_; } void DES_EDE::set_encryptKey(const byte* k, const byte* iv) { pimpl_->encryption.SetKey(k, DES_EDE_KEY_SZ, iv); } void DES_EDE::set_decryptKey(const byte* k, const byte* iv) { pimpl_->decryption.SetKey(k, DES_EDE_KEY_SZ, iv); } // 3DES encrypt plain of length sz into cipher void DES_EDE::encrypt(byte* cipher, const byte* plain, unsigned int sz) { pimpl_->encryption.Process(cipher, plain, sz); } // 3DES decrypt cipher of length sz into plain void DES_EDE::decrypt(byte* plain, const byte* cipher, unsigned int sz) { pimpl_->decryption.Process(plain, cipher, sz); } // Implementation of alledged RC4 struct RC4::RC4Impl { TaoCrypt::ARC4::Encryption encryption; TaoCrypt::ARC4::Decryption decryption; }; RC4::RC4() : pimpl_(new (ys) RC4Impl) {} RC4::~RC4() { delete pimpl_; } void RC4::set_encryptKey(const byte* k, const byte*) { pimpl_->encryption.SetKey(k, RC4_KEY_SZ); } void RC4::set_decryptKey(const byte* k, const byte*) { pimpl_->decryption.SetKey(k, RC4_KEY_SZ); } // RC4 encrypt plain of length sz into cipher void RC4::encrypt(byte* cipher, const byte* plain, unsigned int sz) { pimpl_->encryption.Process(cipher, plain, sz); } // RC4 decrypt cipher of length sz into plain void RC4::decrypt(byte* plain, const byte* cipher, unsigned int sz) { pimpl_->decryption.Process(plain, cipher, sz); } // Implementation of AES struct AES::AESImpl { TaoCrypt::AES_CBC_Encryption encryption; TaoCrypt::AES_CBC_Decryption decryption; unsigned int keySz_; AESImpl(unsigned int ks) : keySz_(ks) {} }; AES::AES(unsigned int ks) : pimpl_(new (ys) AESImpl(ks)) {} AES::~AES() { delete pimpl_; } int AES::get_keySize() const { return pimpl_->keySz_; } void AES::set_encryptKey(const byte* k, const byte* iv) { pimpl_->encryption.SetKey(k, pimpl_->keySz_, iv); } void AES::set_decryptKey(const byte* k, const byte* iv) { pimpl_->decryption.SetKey(k, pimpl_->keySz_, iv); } // AES encrypt plain of length sz into cipher void AES::encrypt(byte* cipher, const byte* plain, unsigned int sz) { pimpl_->encryption.Process(cipher, plain, sz); } // AES decrypt cipher of length sz into plain void AES::decrypt(byte* plain, const byte* cipher, unsigned int sz) { pimpl_->decryption.Process(plain, cipher, sz); } struct RandomPool::RandomImpl { TaoCrypt::RandomNumberGenerator RNG_; }; RandomPool::RandomPool() : pimpl_(new (ys) RandomImpl) {} RandomPool::~RandomPool() { delete pimpl_; } int RandomPool::GetError() const { return pimpl_->RNG_.GetError(); } void RandomPool::Fill(opaque* dst, uint sz) const { pimpl_->RNG_.GenerateBlock(dst, sz); } // Implementation of DSS Authentication struct DSS::DSSImpl { void SetPublic (const byte*, unsigned int); void SetPrivate(const byte*, unsigned int); TaoCrypt::DSA_PublicKey publicKey_; TaoCrypt::DSA_PrivateKey privateKey_; }; // Decode and store the public key void DSS::DSSImpl::SetPublic(const byte* key, unsigned int sz) { TaoCrypt::Source source(key, sz); publicKey_.Initialize(source); } // Decode and store the public key void DSS::DSSImpl::SetPrivate(const byte* key, unsigned int sz) { TaoCrypt::Source source(key, sz); privateKey_.Initialize(source); publicKey_ = TaoCrypt::DSA_PublicKey(privateKey_); } // Set public or private key DSS::DSS(const byte* key, unsigned int sz, bool publicKey) : pimpl_(new (ys) DSSImpl) { if (publicKey) pimpl_->SetPublic(key, sz); else pimpl_->SetPrivate(key, sz); } DSS::~DSS() { delete pimpl_; } uint DSS::get_signatureLength() const { return pimpl_->publicKey_.SignatureLength(); } // DSS Sign message of length sz into sig void DSS::sign(byte* sig, const byte* sha_digest, unsigned int /* shaSz */, const RandomPool& random) { using namespace TaoCrypt; DSA_Signer signer(pimpl_->privateKey_); signer.Sign(sha_digest, sig, random.pimpl_->RNG_); } // DSS Verify message of length sz against sig, is it correct? bool DSS::verify(const byte* sha_digest, unsigned int /* shaSz */, const byte* sig, unsigned int /* sigSz */) { using namespace TaoCrypt; DSA_Verifier ver(pimpl_->publicKey_); return ver.Verify(sha_digest, sig); } // Implementation of RSA key interface struct RSA::RSAImpl { void SetPublic (const byte*, unsigned int); void SetPrivate(const byte*, unsigned int); TaoCrypt::RSA_PublicKey publicKey_; TaoCrypt::RSA_PrivateKey privateKey_; }; // Decode and store the public key void RSA::RSAImpl::SetPublic(const byte* key, unsigned int sz) { TaoCrypt::Source source(key, sz); publicKey_.Initialize(source); } // Decode and store the private key void RSA::RSAImpl::SetPrivate(const byte* key, unsigned int sz) { TaoCrypt::Source source(key, sz); privateKey_.Initialize(source); publicKey_ = TaoCrypt::RSA_PublicKey(privateKey_); } // Set public or private key RSA::RSA(const byte* key, unsigned int sz, bool publicKey) : pimpl_(new (ys) RSAImpl) { if (publicKey) pimpl_->SetPublic(key, sz); else pimpl_->SetPrivate(key, sz); } RSA::~RSA() { delete pimpl_; } // get cipher text length, varies on key size unsigned int RSA::get_cipherLength() const { return pimpl_->publicKey_.FixedCiphertextLength(); } // get signautre length, varies on key size unsigned int RSA::get_signatureLength() const { return get_cipherLength(); } // RSA Sign message of length sz into sig void RSA::sign(byte* sig, const byte* message, unsigned int sz, const RandomPool& random) { TaoCrypt::RSAES_Decryptor dec(pimpl_->privateKey_); dec.SSL_Sign(message, sz, sig, random.pimpl_->RNG_); } // RSA Verify message of length sz against sig bool RSA::verify(const byte* message, unsigned int sz, const byte* sig, unsigned int) { TaoCrypt::RSAES_Encryptor enc(pimpl_->publicKey_); return enc.SSL_Verify(message, sz, sig); } // RSA public encrypt plain of length sz into cipher void RSA::encrypt(byte* cipher, const byte* plain, unsigned int sz, const RandomPool& random) { TaoCrypt::RSAES_Encryptor enc(pimpl_->publicKey_); enc.Encrypt(plain, sz, cipher, random.pimpl_->RNG_); } // RSA private decrypt cipher of length sz into plain void RSA::decrypt(byte* plain, const byte* cipher, unsigned int sz, const RandomPool& random) { TaoCrypt::RSAES_Decryptor dec(pimpl_->privateKey_); dec.Decrypt(cipher, sz, plain, random.pimpl_->RNG_); } struct Integer::IntegerImpl { TaoCrypt::Integer int_; IntegerImpl() {} explicit IntegerImpl(const TaoCrypt::Integer& i) : int_(i) {} }; Integer::Integer() : pimpl_(new (ys) IntegerImpl) {} Integer::~Integer() { delete pimpl_; } Integer::Integer(const Integer& other) : pimpl_(new (ys) IntegerImpl(other.pimpl_->int_)) {} Integer& Integer::operator=(const Integer& that) { pimpl_->int_ = that.pimpl_->int_; return *this; } void Integer::assign(const byte* num, unsigned int sz) { pimpl_->int_ = TaoCrypt::Integer(num, sz); } struct DiffieHellman::DHImpl { TaoCrypt::DH dh_; TaoCrypt::RandomNumberGenerator& ranPool_; byte* publicKey_; byte* privateKey_; byte* agreedKey_; DHImpl(TaoCrypt::RandomNumberGenerator& r) : ranPool_(r), publicKey_(0), privateKey_(0), agreedKey_(0) {} ~DHImpl() {delete[] agreedKey_; delete[] privateKey_; delete[] publicKey_;} DHImpl(const DHImpl& that) : dh_(that.dh_), ranPool_(that.ranPool_), publicKey_(0), privateKey_(0), agreedKey_(0) { uint length = dh_.GetByteLength(); AllocKeys(length, length, length); } void AllocKeys(unsigned int pubSz, unsigned int privSz, unsigned int agrSz) { publicKey_ = new (ys) byte[pubSz]; privateKey_ = new (ys) byte[privSz]; agreedKey_ = new (ys) byte[agrSz]; } }; /* // server Side DH, server's view DiffieHellman::DiffieHellman(const char* file, const RandomPool& random) : pimpl_(new (ys) DHImpl(random.pimpl_->RNG_)) { using namespace TaoCrypt; Source source; FileSource(file, source); if (source.size() == 0) return; // TODO add error state, and force check HexDecoder hd(source); pimpl_->dh_.Initialize(source); uint length = pimpl_->dh_.GetByteLength(); pimpl_->AllocKeys(length, length, length); pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_, pimpl_->publicKey_); } */ // server Side DH, client's view DiffieHellman::DiffieHellman(const byte* p, unsigned int pSz, const byte* g, unsigned int gSz, const byte* pub, unsigned int pubSz, const RandomPool& random) : pimpl_(new (ys) DHImpl(random.pimpl_->RNG_)) { using TaoCrypt::Integer; pimpl_->dh_.Initialize(Integer(p, pSz).Ref(), Integer(g, gSz).Ref()); pimpl_->publicKey_ = new (ys) opaque[pubSz]; memcpy(pimpl_->publicKey_, pub, pubSz); } // Server Side DH, server's view DiffieHellman::DiffieHellman(const Integer& p, const Integer& g, const RandomPool& random) : pimpl_(new (ys) DHImpl(random.pimpl_->RNG_)) { using TaoCrypt::Integer; pimpl_->dh_.Initialize(p.pimpl_->int_, g.pimpl_->int_); uint length = pimpl_->dh_.GetByteLength(); pimpl_->AllocKeys(length, length, length); pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_, pimpl_->publicKey_); } DiffieHellman::~DiffieHellman() { delete pimpl_; } // Client side and view, use server that for p and g DiffieHellman::DiffieHellman(const DiffieHellman& that) : pimpl_(new (ys) DHImpl(*that.pimpl_)) { pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_, pimpl_->publicKey_); } DiffieHellman& DiffieHellman::operator=(const DiffieHellman& that) { pimpl_->dh_ = that.pimpl_->dh_; pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_, pimpl_->publicKey_); return *this; } void DiffieHellman::makeAgreement(const byte* other) { pimpl_->dh_.Agree(pimpl_->agreedKey_, pimpl_->privateKey_, other); } uint DiffieHellman::get_agreedKeyLength() const { return pimpl_->dh_.GetByteLength(); } const byte* DiffieHellman::get_agreedKey() const { return pimpl_->agreedKey_; } const byte* DiffieHellman::get_publicKey() const { return pimpl_->publicKey_; } void DiffieHellman::set_sizes(int& pSz, int& gSz, int& pubSz) const { using TaoCrypt::Integer; Integer p = pimpl_->dh_.GetP(); Integer g = pimpl_->dh_.GetG(); pSz = p.ByteCount(); gSz = g.ByteCount(); pubSz = pimpl_->dh_.GetByteLength(); } void DiffieHellman::get_parms(byte* bp, byte* bg, byte* bpub) const { using TaoCrypt::Integer; Integer p = pimpl_->dh_.GetP(); Integer g = pimpl_->dh_.GetG(); p.Encode(bp, p.ByteCount()); g.Encode(bg, g.ByteCount()); memcpy(bpub, pimpl_->publicKey_, pimpl_->dh_.GetByteLength()); } // convert PEM file to DER x509 type x509* PemToDer(const char* fname, CertType type) { using namespace TaoCrypt; char header[80]; char footer[80]; if (type == Cert) { strncpy(header, "-----BEGIN CERTIFICATE-----", sizeof(header)); strncpy(footer, "-----END CERTIFICATE-----", sizeof(footer)); } else { strncpy(header, "-----BEGIN RSA PRIVATE KEY-----", sizeof(header)); strncpy(footer, "-----END RSA PRIVATE KEY-----", sizeof(header)); } FILE* file = fopen(fname, "rb"); if (!file) return 0; long begin = -1; long end = 0; bool foundEnd = false; char line[80]; while(fgets(line, sizeof(line), file)) if (strncmp(header, line, strlen(header)) == 0) { begin = ftell(file); break; } while(fgets(line, sizeof(line), file)) if (strncmp(footer, line, strlen(footer)) == 0) { foundEnd = true; break; } else end = ftell(file); if (begin == -1 || !foundEnd) { fclose(file); return 0; } input_buffer tmp(end - begin); fseek(file, begin, SEEK_SET); size_t bytes = fread(tmp.get_buffer(), end - begin, 1, file); if (bytes != 1) { fclose(file); return 0; } Source der(tmp.get_buffer(), end - begin); Base64Decoder b64Dec(der); uint sz = der.size(); mySTL::auto_ptr<x509> x(new (ys) x509(sz)); memcpy(x->use_buffer(), der.get_buffer(), sz); fclose(file); return x.release(); } } // namespace #endif // !USE_CRYPTOPP_LIB --- New file --- +++ extra/yassl/src/handshake.cpp 05/04/28 18:23:10 /* handshake.cpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* The handshake source implements functions for creating and reading * the various handshake messages. */ #include "runtime.hpp" #include "handshake.hpp" #include "yassl_int.hpp" namespace yaSSL { using mySTL::min; // Build a client hello message from cipher suites and compression method void buildClientHello(SSL& ssl, ClientHello& hello, CompressionMethod compression = no_compression) { ssl.getCrypto().get_random().Fill(hello.random_, RAN_LEN); if (ssl.getSecurity().get_resuming()) { hello.id_len_ = ID_LEN; memcpy(hello.session_id_, ssl.getSecurity().get_resume().GetID(), ID_LEN); } else hello.id_len_ = 0; hello.suite_len_ = ssl.getSecurity().get_parms().suites_size_; memcpy(hello.cipher_suites_, ssl.getSecurity().get_parms().suites_, hello.suite_len_); hello.comp_len_ = 1; hello.compression_methods_ = compression; hello.set_length(sizeof(ProtocolVersion) + RAN_LEN + hello.id_len_ + sizeof(hello.id_len_) + hello.suite_len_ + sizeof(hello.suite_len_) + hello.comp_len_ + sizeof(hello.comp_len_)); } // Build a server hello message void buildServerHello(SSL& ssl, ServerHello& hello) { if (ssl.getSecurity().get_resuming()) { memcpy(hello.random_,ssl.getSecurity().get_connection().server_random_, RAN_LEN); memcpy(hello.session_id_, ssl.getSecurity().get_resume().GetID(), ID_LEN); } else { ssl.getCrypto().get_random().Fill(hello.random_, RAN_LEN); ssl.getCrypto().get_random().Fill(hello.session_id_, ID_LEN); } hello.id_len_ = ID_LEN; ssl.set_sessionID(hello.session_id_); hello.cipher_suite_[0] = ssl.getSecurity().get_parms().suite_[0]; hello.cipher_suite_[1] = ssl.getSecurity().get_parms().suite_[1]; hello.compression_method_ = no_compression; hello.set_length(sizeof(ProtocolVersion) + RAN_LEN + ID_LEN + sizeof(hello.id_len_) + SUITE_LEN + SIZEOF_ENUM); } // add handshake from buffer into md5 and sha hashes, use handshake header void hashHandShake(SSL& ssl, const input_buffer& input, uint sz) { const opaque* buffer = input.get_buffer() + input.get_current() - HANDSHAKE_HEADER; sz += HANDSHAKE_HEADER; ssl.useHashes().use_MD5().update(buffer, sz); ssl.useHashes().use_SHA().update(buffer, sz); } // locals namespace { // Write a plaintext record to buffer void buildOutput(output_buffer& buffer, const RecordLayerHeader& rlHdr, const Message& msg) { buffer.allocate(RECORD_HEADER + rlHdr.length_); buffer << rlHdr << msg; } // Write a plaintext record to buffer void buildOutput(output_buffer& buffer, const RecordLayerHeader& rlHdr, const HandShakeHeader& hsHdr, const HandShakeBase& shake) { buffer.allocate(RECORD_HEADER + rlHdr.length_); buffer << rlHdr << hsHdr << shake; } // Build Record Layer header for Message without handshake header void buildHeader(SSL& ssl, RecordLayerHeader& rlHeader, const Message& msg) { ProtocolVersion pv = ssl.getSecurity().get_connection().version_; rlHeader.type_ = msg.get_type(); rlHeader.version_.major_ = pv.major_; rlHeader.version_.minor_ = pv.minor_; rlHeader.length_ = msg.get_length(); } // Build HandShake and RecordLayer Headers for handshake output void buildHeaders(SSL& ssl, HandShakeHeader& hsHeader, RecordLayerHeader& rlHeader, const HandShakeBase& shake) { int sz = shake.get_length(); hsHeader.set_type(shake.get_type()); hsHeader.set_length(sz); ProtocolVersion pv = ssl.getSecurity().get_connection().version_; rlHeader.type_ = handshake; rlHeader.version_.major_ = pv.major_; rlHeader.version_.minor_ = pv.minor_; rlHeader.length_ = sz + HANDSHAKE_HEADER; } // add handshake from buffer into md5 and sha hashes, exclude record header void hashHandShake(SSL& ssl, const output_buffer& output) { uint sz = output.get_size() - RECORD_HEADER; const opaque* buffer = output.get_buffer() + RECORD_HEADER; ssl.useHashes().use_MD5().update(buffer, sz); ssl.useHashes().use_SHA().update(buffer, sz); } // calculate MD5 hash for finished void buildMD5(SSL& ssl, Finished& fin, const opaque* sender) { opaque md5_result[MD5_LEN]; opaque md5_inner[SIZEOF_SENDER + SECRET_LEN + PAD_MD5]; opaque md5_outer[SECRET_LEN + PAD_MD5 + MD5_LEN]; const opaque* master_secret = ssl.getSecurity().get_connection().master_secret_; // make md5 inner memcpy(md5_inner, sender, SIZEOF_SENDER); memcpy(&md5_inner[SIZEOF_SENDER], master_secret, SECRET_LEN); memcpy(&md5_inner[SIZEOF_SENDER + SECRET_LEN], PAD1, PAD_MD5); ssl.useHashes().use_MD5().get_digest(md5_result, md5_inner, sizeof(md5_inner)); // make md5 outer memcpy(md5_outer, master_secret, SECRET_LEN); memcpy(&md5_outer[SECRET_LEN], PAD2, PAD_MD5); memcpy(&md5_outer[SECRET_LEN + PAD_MD5], md5_result, MD5_LEN); ssl.useHashes().use_MD5().get_digest(fin.set_md5(), md5_outer, sizeof(md5_outer)); } // calculate SHA hash for finished void buildSHA(SSL& ssl, Finished& fin, const opaque* sender) { opaque sha_result[SHA_LEN]; opaque sha_inner[SIZEOF_SENDER + SECRET_LEN + PAD_SHA]; opaque sha_outer[SECRET_LEN + PAD_SHA + SHA_LEN]; const opaque* master_secret = ssl.getSecurity().get_connection().master_secret_; // make sha inner memcpy(sha_inner, sender, SIZEOF_SENDER); memcpy(&sha_inner[SIZEOF_SENDER], master_secret, SECRET_LEN); memcpy(&sha_inner[SIZEOF_SENDER + SECRET_LEN], PAD1, PAD_SHA); ssl.useHashes().use_SHA().get_digest(sha_result, sha_inner, sizeof(sha_inner)); // make sha outer memcpy(sha_outer, master_secret, SECRET_LEN); memcpy(&sha_outer[SECRET_LEN], PAD2, PAD_SHA); memcpy(&sha_outer[SECRET_LEN + PAD_SHA], sha_result, SHA_LEN); ssl.useHashes().use_SHA().get_digest(fin.set_sha(), sha_outer, sizeof(sha_outer)); } // decrypt input message in place, store size in case needed later void decrypt_message(SSL& ssl, input_buffer& input, uint sz) { input_buffer plain(sz); opaque* cipher = input.get_buffer() + input.get_current(); ssl.useCrypto().use_cipher().decrypt(plain.get_buffer(), cipher, sz); memcpy(cipher, plain.get_buffer(), sz); ssl.useSecurity().use_parms().encrypt_size_ = sz; } // write headers, handshake hash, mac, pad, and encrypt void cipherFinished(SSL& ssl, Finished& fin, output_buffer& output) { uint digestSz = ssl.getCrypto().get_digest().get_digestSize(); uint finishedSz = ssl.isTLS() ? TLS_FINISHED_SZ : FINISHED_SZ; uint sz = RECORD_HEADER + HANDSHAKE_HEADER + finishedSz + digestSz; uint pad = 0; if (ssl.getSecurity().get_parms().cipher_type_ == block) { sz += 1; // pad byte uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); pad = (sz - RECORD_HEADER) % blockSz; pad = blockSz - pad; sz += pad; } RecordLayerHeader rlHeader; HandShakeHeader hsHeader; buildHeaders(ssl, hsHeader, rlHeader, fin); rlHeader.length_ = sz - RECORD_HEADER; // record header includes mac // and pad, hanshake doesn't output.allocate(sz); output << rlHeader << hsHeader << fin; hashHandShake(ssl, output); opaque digest[SHA_LEN]; // max size if (ssl.isTLS()) TLS_hmac(ssl, digest, output.get_buffer() + RECORD_HEADER, output.get_size() - RECORD_HEADER, handshake); else hmac(ssl, digest, output.get_buffer() + RECORD_HEADER, output.get_size() - RECORD_HEADER, handshake); output.write(digest, digestSz); if (ssl.getSecurity().get_parms().cipher_type_ == block) for (uint i = 0; i <= pad; i++) output[AUTO] = pad; // pad byte gets // pad value too input_buffer cipher(rlHeader.length_); ssl.useCrypto().use_cipher().encrypt(cipher.get_buffer(), output.get_buffer() + RECORD_HEADER, output.get_size() - RECORD_HEADER); output.set_current(RECORD_HEADER); output.write(cipher.get_buffer(), cipher.get_capacity()); } // build an encrypted data or alert message for output void buildMessage(SSL& ssl, output_buffer& output, const Message& msg) { uint digestSz = ssl.getCrypto().get_digest().get_digestSize(); uint sz = RECORD_HEADER + msg.get_length() + digestSz; uint pad = 0; if (ssl.getSecurity().get_parms().cipher_type_ == block) { sz += 1; // pad byte uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); pad = (sz - RECORD_HEADER) % blockSz; pad = blockSz - pad; sz += pad; } RecordLayerHeader rlHeader; buildHeader(ssl, rlHeader, msg); rlHeader.length_ = sz - RECORD_HEADER; // record header includes mac // and pad, hanshake doesn't output.allocate(sz); output << rlHeader << msg; opaque digest[SHA_LEN]; // max size if (ssl.isTLS()) TLS_hmac(ssl, digest, output.get_buffer() + RECORD_HEADER, output.get_size() - RECORD_HEADER, msg.get_type()); else hmac(ssl, digest, output.get_buffer() + RECORD_HEADER, output.get_size() - RECORD_HEADER, msg.get_type()); output.write(digest, digestSz); if (ssl.getSecurity().get_parms().cipher_type_ == block) for (uint i = 0; i <= pad; i++) output[AUTO] = pad; // pad byte gets // pad value too input_buffer cipher(rlHeader.length_); ssl.useCrypto().use_cipher().encrypt(cipher.get_buffer(), output.get_buffer() + RECORD_HEADER, output.get_size() - RECORD_HEADER); output.set_current(RECORD_HEADER); output.write(cipher.get_buffer(), cipher.get_capacity()); } // build alert message void buildAlert(SSL& ssl, output_buffer& output, const Alert& alert) { if (ssl.getSecurity().get_parms().pending_ == false) // encrypted buildMessage(ssl, output, alert); else { RecordLayerHeader rlHeader; buildHeader(ssl, rlHeader, alert); buildOutput(output, rlHeader, alert); } } // build TLS finished message void buildFinishedTLS(SSL& ssl, Finished& fin, const opaque* sender) { opaque handshake_hash[FINISHED_SZ]; ssl.useHashes().use_MD5().get_digest(handshake_hash); ssl.useHashes().use_SHA().get_digest(&handshake_hash[MD5_LEN]); const opaque* side; if ( strncmp((const char*)sender, (const char*)client, SIZEOF_SENDER) == 0) side = tls_client; else side = tls_server; PRF(fin.set_md5(), TLS_FINISHED_SZ, ssl.getSecurity().get_connection().master_secret_, SECRET_LEN, side, FINISHED_LABEL_SZ, handshake_hash, FINISHED_SZ); fin.set_length(TLS_FINISHED_SZ); // shorter length for TLS } // compute p_hash for MD5 or SHA-1 for TLSv1 PRF void p_hash(output_buffer& result, const output_buffer& secret, const output_buffer& seed, MACAlgorithm hash) { uint len = hash == md5 ? MD5_LEN : SHA_LEN; uint times = result.get_capacity() / len; uint lastLen = result.get_capacity() % len; opaque previous[SHA_LEN]; // max size opaque current[SHA_LEN]; // max size mySTL::auto_ptr<Digest> hmac; if (lastLen) times += 1; if (hash == md5) hmac.reset(new (ys) HMAC_MD5(secret.get_buffer(), secret.get_size())); else hmac.reset(new (ys) HMAC_SHA(secret.get_buffer(), secret.get_size())); // A0 = seed hmac->get_digest(previous, seed.get_buffer(), seed.get_size());// A1 uint lastTime = times - 1; for (uint i = 0; i < times; i++) { hmac->update(previous, len); hmac->get_digest(current, seed.get_buffer(), seed.get_size()); if (lastLen && (i == lastTime)) result.write(current, lastLen); else { result.write(current, len); //memcpy(previous, current, len); hmac->get_digest(previous, previous, len); } } } // calculate XOR for TLSv1 PRF void get_xor(byte *digest, uint digLen, output_buffer& md5, output_buffer& sha) { for (uint i = 0; i < digLen; i++) digest[i] = md5[AUTO] ^ sha[AUTO]; } // build MD5 part of certificate verify void buildMD5_CertVerify(SSL& ssl, byte* digest) { opaque md5_result[MD5_LEN]; opaque md5_inner[SECRET_LEN + PAD_MD5]; opaque md5_outer[SECRET_LEN + PAD_MD5 + MD5_LEN]; const opaque* master_secret = ssl.getSecurity().get_connection().master_secret_; // make md5 inner memcpy(md5_inner, master_secret, SECRET_LEN); memcpy(&md5_inner[SECRET_LEN], PAD1, PAD_MD5); ssl.useHashes().use_MD5().get_digest(md5_result, md5_inner, sizeof(md5_inner)); // make md5 outer memcpy(md5_outer, master_secret, SECRET_LEN); memcpy(&md5_outer[SECRET_LEN], PAD2, PAD_MD5); memcpy(&md5_outer[SECRET_LEN + PAD_MD5], md5_result, MD5_LEN); ssl.useHashes().use_MD5().get_digest(digest, md5_outer, sizeof(md5_outer)); } // build SHA part of certificate verify void buildSHA_CertVerify(SSL& ssl, byte* digest) { opaque sha_result[SHA_LEN]; opaque sha_inner[SECRET_LEN + PAD_SHA]; opaque sha_outer[SECRET_LEN + PAD_SHA + SHA_LEN]; const opaque* master_secret = ssl.getSecurity().get_connection().master_secret_; // make sha inner memcpy(sha_inner, master_secret, SECRET_LEN); memcpy(&sha_inner[SECRET_LEN], PAD1, PAD_SHA); ssl.useHashes().use_SHA().get_digest(sha_result, sha_inner, sizeof(sha_inner)); // make sha outer memcpy(sha_outer, master_secret, SECRET_LEN); memcpy(&sha_outer[SECRET_LEN], PAD2, PAD_SHA); memcpy(&sha_outer[SECRET_LEN + PAD_SHA], sha_result, SHA_LEN); ssl.useHashes().use_SHA().get_digest(digest, sha_outer, sizeof(sha_outer)); } } // namespace for locals // some clients still send sslv2 client hello void ProcessOldClientHello(input_buffer& input, SSL& ssl) { byte b0 = input[AUTO]; byte b1 = input[AUTO]; uint16 sz = ((b0 & 0x7f) << 8) | b1; // hashHandShake manually const opaque* buffer = input.get_buffer() + input.get_current(); ssl.useHashes().use_MD5().update(buffer, sz); ssl.useHashes().use_SHA().update(buffer, sz); b1 = input[AUTO]; // does this value mean client_hello? ClientHello ch; ch.client_version_.major_ = input[AUTO]; ch.client_version_.minor_ = input[AUTO]; byte len[2]; input.read(len, sizeof(len)); ato16(len, ch.suite_len_); input.read(len, sizeof(len)); uint16 sessionLen; ato16(len, sessionLen); ch.id_len_ = sessionLen; input.read(len, sizeof(len)); uint16 randomLen; ato16(len, randomLen); int j = 0; for (uint16 i = 0; i < ch.suite_len_; i += 3) { byte first = input[AUTO]; if (first) // sslv2 type input.read(len, SUITE_LEN); // skip else { input.read(&ch.cipher_suites_[j], SUITE_LEN); j += SUITE_LEN; } } ch.suite_len_ = j; if (ch.id_len_) input.read(ch.session_id_, ch.id_len_); if (randomLen < RAN_LEN) memset(ch.random_, 0, RAN_LEN - randomLen); input.read(&ch.random_[RAN_LEN - randomLen], randomLen); ch.Process(input, ssl); } // Build a finished message, see 7.6.9 void buildFinished(SSL& ssl, Finished& fin, const opaque* sender) { // store current states, building requires get_digest which resets state MD5 md5(ssl.getHashes().get_MD5()); SHA sha(ssl.getHashes().get_SHA()); if (ssl.isTLS()) buildFinishedTLS(ssl, fin, sender); else { buildMD5(ssl, fin, sender); buildSHA(ssl, fin, sender); } // restore ssl.useHashes().use_MD5() = md5; ssl.useHashes().use_SHA() = sha; } /* compute SSLv3 HMAC into digest see * buffer is of sz size and includes HandShake Header but not a Record Header * verify means to check peers hmac */ void hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz, ContentType content, bool verify) { Digest& mac = ssl.useCrypto().use_digest(); opaque inner[SHA_LEN + PAD_MD5 + SEQ_SZ + SIZEOF_ENUM + LENGTH_SZ]; opaque outer[SHA_LEN + PAD_MD5 + SHA_LEN]; opaque result[SHA_LEN]; // max possible sizes uint digestSz = mac.get_digestSize(); // actual sizes uint padSz = mac.get_padSize(); uint innerSz = digestSz + padSz + SEQ_SZ + SIZEOF_ENUM + LENGTH_SZ; uint outerSz = digestSz + padSz + digestSz; // data const opaque* mac_secret = ssl.get_macSecret(verify); opaque seq[SEQ_SZ] = { 0x00, 0x00, 0x00, 0x00 }; opaque length[LENGTH_SZ]; c16toa(sz, length); c32toa(ssl.get_SEQIncrement(verify), &seq[sizeof(uint32)]); // make inner memcpy(inner, mac_secret, digestSz); memcpy(&inner[digestSz], PAD1, padSz); memcpy(&inner[digestSz + padSz], seq, SEQ_SZ); inner[digestSz + padSz + SEQ_SZ] = content; memcpy(&inner[digestSz + padSz + SEQ_SZ + SIZEOF_ENUM], length, LENGTH_SZ); mac.update(inner, innerSz); mac.get_digest(result, buffer, sz); // append content buffer // make outer memcpy(outer, mac_secret, digestSz); memcpy(&outer[digestSz], PAD2, padSz); memcpy(&outer[digestSz + padSz], result, digestSz); mac.get_digest(digest, outer, outerSz); } // TLS type HAMC void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz, ContentType content, bool verify) { mySTL::auto_ptr<Digest> hmac; opaque seq[SEQ_SZ] = { 0x00, 0x00, 0x00, 0x00 }; opaque length[LENGTH_SZ]; opaque inner[SIZEOF_ENUM + VERSION_SZ + LENGTH_SZ]; // type + version + len c16toa(sz, length); c32toa(ssl.get_SEQIncrement(verify), &seq[sizeof(uint32)]); MACAlgorithm algo = ssl.getSecurity().get_parms().mac_algorithm_; if (algo == sha) hmac.reset(new (ys) HMAC_SHA(ssl.get_macSecret(verify), SHA_LEN)); else if (algo == rmd) hmac.reset(new (ys) HMAC_RMD(ssl.get_macSecret(verify), RMD_LEN)); else hmac.reset(new (ys) HMAC_MD5(ssl.get_macSecret(verify), MD5_LEN)); hmac->update(seq, SEQ_SZ); // seq_num inner[0] = content; // type inner[SIZEOF_ENUM] = ssl.getSecurity().get_connection().version_.major_; inner[SIZEOF_ENUM + SIZEOF_ENUM] = ssl.getSecurity().get_connection().version_.minor_; // version memcpy(&inner[SIZEOF_ENUM + VERSION_SZ], length, LENGTH_SZ); // length hmac->update(inner, sizeof(inner)); hmac->get_digest(digest, buffer, sz); // content } // compute TLSv1 PRF (pseudo random function using HMAC) void PRF(byte* digest, uint digLen, const byte* secret, uint secLen, const byte* label, uint labLen, const byte* seed, uint seedLen) { uint half = secLen / 2 + secLen % 2; output_buffer md5_half(half); output_buffer sha_half(half); output_buffer labelSeed(labLen + seedLen); md5_half.write(secret, half); sha_half.write(secret + half - secLen % 2, half); labelSeed.write(label, labLen); labelSeed.write(seed, seedLen); output_buffer md5_result(digLen); output_buffer sha_result(digLen); p_hash(md5_result, md5_half, labelSeed, md5); p_hash(sha_result, sha_half, labelSeed, sha); md5_result.set_current(0); sha_result.set_current(0); get_xor(digest, digLen, md5_result, sha_result); } // build certificate hashes void build_certHashes(SSL& ssl, Hashes& hashes) { // store current states, building requires get_digest which resets state MD5 md5(ssl.getHashes().get_MD5()); SHA sha(ssl.getHashes().get_SHA()); if (ssl.isTLS()) { ssl.useHashes().use_MD5().get_digest(hashes.md5_); ssl.useHashes().use_SHA().get_digest(hashes.sha_); } else { buildMD5_CertVerify(ssl, hashes.md5_); buildSHA_CertVerify(ssl, hashes.sha_); } // restore ssl.useHashes().use_MD5() = md5; ssl.useHashes().use_SHA() = sha; } mySTL::auto_ptr<input_buffer> null_buffer; // do process input requests mySTL::auto_ptr<input_buffer> DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered) { ssl.getSocket().wait(); // wait for input if blocking uint ready = ssl.getSocket().get_ready(); if (!ready) return buffered; // add buffered data if its there uint buffSz = buffered.get() ? buffered.get()->get_size() : 0; input_buffer buffer(buffSz + ready); if (buffSz) { buffer.assign(buffered.get()->get_buffer(), buffSz); buffered = null_buffer; } // add new data uint read = ssl.getSocket().receive(buffer.get_buffer() + buffSz, ready); buffer.add_size(read); uint offset = 0; const MessageFactory& mf = ssl.getFactory().getMessage(); // old style sslv2 client hello? if (ssl.getSecurity().get_parms().entity_ == server_end && ssl.getStates().getServer() == clientNull) if (buffer.peek() != handshake) ProcessOldClientHello(buffer, ssl); while(!buffer.eof()) { // each record RecordLayerHeader hdr; buffer >> hdr; ssl.verifyState(hdr); // make sure we have enough input in buffer to process this record if (hdr.length_ > buffer.get_remaining()) { uint sz = buffer.get_remaining() + RECORD_HEADER; buffered.reset(new (ys) input_buffer(sz, buffer.get_buffer() + buffer.get_current() - RECORD_HEADER, sz)); break; } while (buffer.get_current() < hdr.length_ + RECORD_HEADER + offset) { // each message in record if (ssl.getSecurity().get_parms().pending_ == false) // cipher on decrypt_message(ssl, buffer, hdr.length_); mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_)); if (!msg.get()) { ssl.SetError(factory_error); return buffered = null_buffer; } buffer >> *msg; msg->Process(buffer, ssl); if (ssl.GetError()) return buffered = null_buffer; } offset += hdr.length_ + RECORD_HEADER; } return buffered; // done, don't call again } // process input requests void processReply(SSL& ssl) { if (ssl.GetError()) return; mySTL::auto_ptr<input_buffer> buffered; for (;;) { mySTL::auto_ptr<input_buffer> tmp = DoProcessReply(ssl, buffered); if (tmp.get()) // had only part of a record's data, call again buffered = tmp; else break; } } // send client_hello, no buffering void sendClientHello(SSL& ssl) { ssl.verifyState(serverNull); if (ssl.GetError()) return; ClientHello ch(ssl.getSecurity().get_connection().version_); RecordLayerHeader rlHeader; HandShakeHeader hsHeader; output_buffer out; buildClientHello(ssl, ch); ssl.set_random(ch.get_random(), client_end); buildHeaders(ssl, hsHeader, rlHeader, ch); buildOutput(out, rlHeader, hsHeader, ch); hashHandShake(ssl, out); ssl.Send(out.get_buffer(), out.get_size()); } // send client key exchange void sendClientKeyExchange(SSL& ssl, BufferOutput buffer) { ssl.verifyState(serverHelloDoneComplete); if (ssl.GetError()) return; ClientKeyExchange ck(ssl); ck.build(ssl); ssl.makeMasterSecret(); RecordLayerHeader rlHeader; HandShakeHeader hsHeader; mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer); buildHeaders(ssl, hsHeader, rlHeader, ck); buildOutput(*out.get(), rlHeader, hsHeader, ck); hashHandShake(ssl, *out.get()); if (buffer == buffered) ssl.addBuffer(out.release()); else ssl.Send(out->get_buffer(), out->get_size()); } // send server key exchange void sendServerKeyExchange(SSL& ssl, BufferOutput buffer) { if (ssl.GetError()) return; ServerKeyExchange sk(ssl); sk.build(ssl); RecordLayerHeader rlHeader; HandShakeHeader hsHeader; mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer); buildHeaders(ssl, hsHeader, rlHeader, sk); buildOutput(*out.get(), rlHeader, hsHeader, sk); hashHandShake(ssl, *out.get()); if (buffer == buffered) ssl.addBuffer(out.release()); else ssl.Send(out->get_buffer(), out->get_size()); } // send change cipher void sendChangeCipher(SSL& ssl, BufferOutput buffer) { if (ssl.getSecurity().get_parms().entity_ == server_end) if (ssl.getSecurity().get_resuming()) ssl.verifyState(clientKeyExchangeComplete); else ssl.verifyState(clientFinishedComplete); if (ssl.GetError()) return; ChangeCipherSpec ccs; RecordLayerHeader rlHeader; buildHeader(ssl, rlHeader, ccs); mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer); buildOutput(*out.get(), rlHeader, ccs); if (buffer == buffered) ssl.addBuffer(out.release()); else ssl.Send(out->get_buffer(), out->get_size()); } // send finished void sendFinished(SSL& ssl, ConnectionEnd side, BufferOutput buffer) { if (ssl.GetError()) return; Finished fin; buildFinished(ssl, fin, side == client_end ? client : server); mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer); cipherFinished(ssl, fin, *out.get()); // hashes handshake if (ssl.getSecurity().get_resuming()) { if (side == server_end) buildFinished(ssl, ssl.useHashes().use_verify(), client); // client } else { GetSessions().add(ssl); // store session if (side == client_end) buildFinished(ssl, ssl.useHashes().use_verify(), server); // server } ssl.useSecurity().use_connection().CleanMaster(); if (buffer == buffered) ssl.addBuffer(out.release()); else ssl.Send(out->get_buffer(), out->get_size()); } // send data int sendData(SSL& ssl, const void* buffer, int sz) { ssl.verfiyHandShakeComplete(); if (ssl.GetError()) return 0; int sent = 0; for (;;) { int len = min(sz - sent, MAX_RECORD_SIZE); output_buffer out; const Data data(len, static_cast<const opaque*>(buffer) + sent); buildMessage(ssl, out, data); ssl.Send(out.get_buffer(), out.get_size()); if (ssl.GetError()) return 0; sent += len; if (sent == sz) break; } ssl.useLog().ShowData(sent, true); return sent; } // send alert int sendAlert(SSL& ssl, const Alert& alert) { output_buffer out; buildAlert(ssl, out, alert); ssl.Send(out.get_buffer(), out.get_size()); return alert.get_length(); } // process input data int receiveData(SSL& ssl, Data& data) { ssl.verfiyHandShakeComplete(); if (ssl.GetError()) return 0; if (!ssl.bufferedData()) processReply(ssl); ssl.fillData(data); ssl.useLog().ShowData(data.get_length()); if (ssl.GetError()) return 0; return data.get_length(); } // send server hello void sendServerHello(SSL& ssl, BufferOutput buffer) { if (ssl.getSecurity().get_resuming()) ssl.verifyState(clientKeyExchangeComplete); else ssl.verifyState(clientHelloComplete); if (ssl.GetError()) return; ServerHello sh(ssl.getSecurity().get_connection().version_); RecordLayerHeader rlHeader; HandShakeHeader hsHeader; mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer); buildServerHello(ssl, sh); ssl.set_random(sh.get_random(), server_end); buildHeaders(ssl, hsHeader, rlHeader, sh); buildOutput(*out.get(), rlHeader, hsHeader, sh); hashHandShake(ssl, *out.get()); if (buffer == buffered) ssl.addBuffer(out.release()); else ssl.Send(out->get_buffer(), out->get_size()); } // send server hello done void sendServerHelloDone(SSL& ssl, BufferOutput buffer) { if (ssl.GetError()) return; ServerHelloDone shd; RecordLayerHeader rlHeader; HandShakeHeader hsHeader; mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer); buildHeaders(ssl, hsHeader, rlHeader, shd); buildOutput(*out.get(), rlHeader, hsHeader, shd); hashHandShake(ssl, *out.get()); if (buffer == buffered) ssl.addBuffer(out.release()); else ssl.Send(out->get_buffer(), out->get_size()); } // send certificate void sendCertificate(SSL& ssl, BufferOutput buffer) { if (ssl.GetError()) return; Certificate cert(ssl.getCrypto().get_certManager().get_cert()); RecordLayerHeader rlHeader; HandShakeHeader hsHeader; mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer); buildHeaders(ssl, hsHeader, rlHeader, cert); buildOutput(*out.get(), rlHeader, hsHeader, cert); hashHandShake(ssl, *out.get()); if (buffer == buffered) ssl.addBuffer(out.release()); else ssl.Send(out->get_buffer(), out->get_size()); } // send certificate request void sendCertificateRequest(SSL& ssl, BufferOutput buffer) { if (ssl.GetError()) return; CertificateRequest request; request.Build(); RecordLayerHeader rlHeader; HandShakeHeader hsHeader; mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer); buildHeaders(ssl, hsHeader, rlHeader, request); buildOutput(*out.get(), rlHeader, hsHeader, request); hashHandShake(ssl, *out.get()); if (buffer == buffered) ssl.addBuffer(out.release()); else ssl.Send(out->get_buffer(), out->get_size()); } // send certificate verify void sendCertificateVerify(SSL& ssl, BufferOutput buffer) { if (ssl.GetError()) return; CertificateVerify verify; verify.Build(ssl); RecordLayerHeader rlHeader; HandShakeHeader hsHeader; mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer); buildHeaders(ssl, hsHeader, rlHeader, verify); buildOutput(*out.get(), rlHeader, hsHeader, verify); hashHandShake(ssl, *out.get()); if (buffer == buffered) ssl.addBuffer(out.release()); else ssl.Send(out->get_buffer(), out->get_size()); } } // namespace --- New file --- +++ extra/yassl/src/lock.cpp 05/04/28 18:23:10 /* lock.cpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* Locking functions */ #include "runtime.hpp" #include "lock.hpp" namespace yaSSL { #ifdef MULTI_THREADED #ifdef WIN32 Mutex::Mutex() { InitializeCriticalSection(&cs_); } Mutex::~Mutex() { DeleteCriticalSection(&cs_); } Mutex::Lock::Lock(Mutex& lm) : mutex_(lm) { EnterCriticalSection(&mutex_.cs_); } Mutex::Lock::~Lock() { LeaveCriticalSection(&mutex_.cs_); } #else // WIN32 Mutex::Mutex() { pthread_mutex_init(&mutex_, 0); } Mutex::~Mutex() { pthread_mutex_destroy(&mutex_); } Mutex::Lock::Lock(Mutex& lm) : mutex_(lm) { pthread_mutex_lock(&mutex_.mutex_); } Mutex::Lock::~Lock() { pthread_mutex_unlock(&mutex_.mutex_); } #endif // WIN32 #endif // MULTI_THREADED } // namespace yaSSL --- New file --- +++ extra/yassl/src/log.cpp 05/04/28 18:23:10 /* log.cpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* Debug logging functions */ #include "runtime.hpp" #include "log.hpp" #ifdef YASSL_LOG #include <ctime> #include <cstdio> #include <cstring> #endif namespace yaSSL { #ifdef YASSL_LOG enum { MAX_MSG = 81 }; Log::Log(const char* str) { log_ = fopen(str, "w"); Trace("********** Logger Attached **********"); } Log::~Log() { Trace("********** Logger Detached **********"); fclose(log_); } // Trace a message void Log::Trace(const char* str) { if (!log_) return; time_t clicks = time(0); char timeStr[32]; // get rid of newline strncpy(timeStr, ctime(&clicks), sizeof(timeStr)); unsigned int len = strlen(timeStr); timeStr[len - 1] = 0; char msg[MAX_MSG]; strncpy(msg, timeStr, sizeof(timeStr)); strncat(msg, ":", 1); strncat(msg, str, MAX_MSG - sizeof(timeStr) - 2); strncat(msg, "\n", 1); msg[MAX_MSG - 1] = 0; fputs(msg, log_); } #if defined(WIN32) || defined(__MACH__) || defined(__hpux__) typedef int socklen_t; #endif // write tcp address void Log::ShowTCP(socket_t fd, bool ended) { sockaddr_in peeraddr; socklen_t len = sizeof(peeraddr); if (getpeername(fd, (sockaddr*)&peeraddr, &len) != 0) return; const char* p = reinterpret_cast<const char*>(&peeraddr.sin_addr); char msg[MAX_MSG]; char number[16]; if (ended) strncpy(msg, "yaSSL conn DONE w/ peer ", 26); else strncpy(msg, "yaSSL conn BEGUN w/ peer ", 26); for (int i = 0; i < 4; ++i) { sprintf(number, "%u", static_cast<unsigned short>(p[i])); strncat(msg, number, 8); if (i < 3) strncat(msg, ".", 1); } strncat(msg, " port ", 8); sprintf(number, "%d", htons(peeraddr.sin_port)); strncat(msg, number, 8); msg[MAX_MSG - 1] = 0; Trace(msg); } // log processed data void Log::ShowData(uint bytes, bool sent) { char msg[MAX_MSG]; char number[16]; if (sent) strncpy(msg, "Sent ", 10); else strncpy(msg, "Received ", 10); sprintf(number, "%u", bytes); strncat(msg, number, 8); strncat(msg, " bytes of application data", 27); msg[MAX_MSG - 1] = 0; Trace(msg); } #else // no YASSL_LOG Log::Log(const char*) {} Log::~Log() {} void Log::Trace(const char*) {} void Log::ShowTCP(socket_t, bool) {} void Log::ShowData(uint, bool) {} #endif // YASSL_LOG } // namespace --- New file --- +++ extra/yassl/src/socket_wrapper.cpp 05/04/28 18:23:10 /* socket_wrapper.cpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* The socket wrapper source implements a Socket class that hides the * differences between Berkely style sockets and Windows sockets, allowing * transparent TCP access. */ #include "runtime.hpp" #include "socket_wrapper.hpp" #include "yassl_error.hpp" #ifndef WIN32 #include <errno.h> #include <netdb.h> #include <unistd.h> #include <arpa/inet.h> #include <netinet/in.h> #include <sys/ioctl.h> #include <string.h> #endif // WIN32 #ifdef __sun #include <sys/filio.h> #endif #ifdef WIN32 const int SOCKET_EINVAL = WSAEINVAL; const int SOCKET_EWOULDBLOCK = WSAEWOULDBLOCK; #else const int SOCKET_EINVAL = EINVAL; const int SOCKET_EWOULDBLOCK = EWOULDBLOCK; #endif // WIN32 namespace yaSSL { Socket::Socket(socket_t s) : socket_(s) {} void Socket::set_fd(socket_t s) { socket_ = s; } socket_t Socket::get_fd() const { return socket_; } Socket::~Socket() { closeSocket(); } void Socket::closeSocket() { if (socket_ != INVALID_SOCKET) { #ifdef WIN32 closesocket(socket_); #else close(socket_); #endif socket_ = INVALID_SOCKET; } } uint Socket::get_ready() const { unsigned long ready = 0; #ifdef WIN32 ioctlsocket(socket_, FIONREAD, &ready); #else ioctl(socket_, FIONREAD, &ready); #endif return ready; } uint Socket::send(const byte* buf, unsigned int sz, int flags) const { assert(socket_ != INVALID_SOCKET); int sent = ::send(socket_, reinterpret_cast<const char *>(buf), sz, flags); if (sent == -1) return 0; return sent; } uint Socket::receive(byte* buf, unsigned int sz, int flags) const { assert(socket_ != INVALID_SOCKET); int recvd = ::recv(socket_, reinterpret_cast<char *>(buf), sz, flags); if (recvd == -1) return 0; return recvd; } // wait if blocking for input, or error void Socket::wait() const { byte b; receive(&b, 1, MSG_PEEK); } void Socket::shutDown(int how) { assert(socket_ != INVALID_SOCKET); shutdown(socket_, how); } int Socket::get_lastError() { #ifdef WIN32 return WSAGetLastError(); #else return errno; #endif } void Socket::set_lastError(int errorCode) { #ifdef WIN32 WSASetLastError(errorCode); #else errno = errorCode; #endif } } // namespace --- New file --- +++ extra/yassl/src/ssl.cpp 05/04/28 18:23:10 /* ssl.cpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* SSL source implements all openssl compatibility API functions * * TODO: notes are mostly api additions to allow compilation with mysql * they don't affect normal modes but should be provided for completeness * stunnel functions at end of file */ /* see man pages for function descriptions */ #include "runtime.hpp" #include "openssl/ssl.h" #include "handshake.hpp" #include "yassl_int.hpp" #include <cstdio> namespace yaSSL { using mySTL::min; SSL_METHOD* SSLv3_method() { return SSLv3_client_method(); } SSL_METHOD* SSLv3_server_method() { return new SSL_METHOD(server_end, ProtocolVersion(3,0)); } SSL_METHOD* SSLv3_client_method() { return new SSL_METHOD(client_end, ProtocolVersion(3,0)); } SSL_METHOD* TLSv1_server_method() { return new SSL_METHOD(server_end, ProtocolVersion(3,1)); } SSL_METHOD* TLSv1_client_method() { return new SSL_METHOD(client_end, ProtocolVersion(3,1)); } SSL_METHOD* SSLv23_server_method() { // compatibility only, no version 2 support return SSLv3_server_method(); } SSL_CTX* SSL_CTX_new(SSL_METHOD* method) { return new SSL_CTX(method); } void SSL_CTX_free(SSL_CTX* ctx) { delete ctx; } SSL* SSL_new(SSL_CTX* ctx) { return new SSL(ctx); } void SSL_free(SSL* ssl) { delete ssl; } int SSL_set_fd(SSL* ssl, int fd) { ssl->useSocket().set_fd(fd); return SSL_SUCCESS; } int SSL_connect(SSL* ssl) { sendClientHello(*ssl); processReply(*ssl); if(ssl->getCrypto().get_certManager().sendVerify()) sendCertificate(*ssl); if (!ssl->getSecurity().get_resuming()) sendClientKeyExchange(*ssl); if(ssl->getCrypto().get_certManager().sendVerify()) sendCertificateVerify(*ssl); sendChangeCipher(*ssl); sendFinished(*ssl, client_end); ssl->flushBuffer(); if (!ssl->getSecurity().get_resuming()) processReply(*ssl); ssl->verifyState(serverFinishedComplete); ssl->useLog().ShowTCP(ssl->getSocket().get_fd()); if (ssl->GetError()) return SSL_FATAL_ERROR; return SSL_SUCCESS; } int SSL_write(SSL* ssl, const void* buffer, int sz) { return sendData(*ssl, buffer, sz); } int SSL_read(SSL* ssl, void* buffer, int sz) { Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer)); return receiveData(*ssl, data); } int SSL_accept(SSL* ssl) { processReply(*ssl); sendServerHello(*ssl); if (!ssl->getSecurity().get_resuming()) { sendCertificate(*ssl); if (ssl->getSecurity().get_connection().send_server_key_) sendServerKeyExchange(*ssl); if(ssl->getCrypto().get_certManager().verifyPeer()) sendCertificateRequest(*ssl); sendServerHelloDone(*ssl); ssl->flushBuffer(); processReply(*ssl); } sendChangeCipher(*ssl); sendFinished(*ssl, server_end); ssl->flushBuffer(); if (ssl->getSecurity().get_resuming()) processReply(*ssl); ssl->useLog().ShowTCP(ssl->getSocket().get_fd()); if (ssl->GetError()) return SSL_FATAL_ERROR; return SSL_SUCCESS; } int SSL_do_handshake(SSL* ssl) { if (ssl->getSecurity().get_parms().entity_ == client_end) return SSL_connect(ssl); else return SSL_accept(ssl); } int SSL_clear(SSL* ssl) { ssl->useSocket().closeSocket(); return SSL_SUCCESS; } int SSL_shutdown(SSL* ssl) { Alert alert(warning, close_notify); sendAlert(*ssl, alert); ssl->useLog().ShowTCP(ssl->getSocket().get_fd(), true); ssl->useSocket().closeSocket(); return SSL_SUCCESS; } SSL_SESSION* SSL_get_session(SSL* ssl) { return GetSessions().lookup( ssl->getSecurity().get_connection().sessionID_); } int SSL_set_session(SSL* ssl, SSL_SESSION* session) { ssl->set_session(session); return SSL_SUCCESS; } int SSL_session_reused(SSL* ssl) { return ssl->getSecurity().get_resuming(); } long SSL_SESSION_set_timeout(SSL_SESSION* sess, long t) { if (!sess) return SSL_ERROR_NONE; sess->SetTimeOut(t); return SSL_SUCCESS; } long SSL_get_default_timeout(SSL* /*ssl*/) { return DEFAULT_TIMEOUT; } const char* SSL_get_cipher_name(SSL* ssl) { return SSL_get_cipher(ssl); } const char* SSL_get_cipher(SSL* ssl) { return ssl->getSecurity().get_parms().cipher_name_; } // SSLv2 only, not implemented char* SSL_get_shared_ciphers(SSL* /*ssl*/, char* buf, int len) { return strncpy(buf, "Not Implemented, SSLv2 only", len); } const char* SSL_get_cipher_list(SSL* ssl, int /*priority */) { return ssl->getSecurity().get_parms().cipher_list_; } int SSL_CTX_set_cipher_list(SSL_CTX* ctx, const char* list) { if (ctx->SetCipherList(list)) return SSL_SUCCESS; else return SSL_FAILURE; } const char* SSL_get_version(SSL* ssl) { static const char* version3 = "SSLv3"; static const char* version31 = "TLSv1"; return ssl->isTLS() ? version31 : version3; } const char* SSLeay_version(int) { static const char* version = "SSLeay yaSSL compatibility"; return version; } int SSL_get_error(SSL* ssl, int /*previous*/) { return ssl->getStates().What(); } X509* SSL_get_peer_certificate(SSL* ssl) { return ssl->getCrypto().get_certManager().get_peerX509(); } void X509_free(X509* /*x*/) { // peer cert set for deletion during destruction // no need to delete now } X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX* ctx) { return ctx->current_cert; } int X509_STORE_CTX_get_error(X509_STORE_CTX* ctx) { return ctx->error; } int X509_STORE_CTX_get_error_depth(X509_STORE_CTX* ctx) { return ctx->error_depth; } // copy name into buffer, at most sz bytes, if buffer is null // will malloc buffer, caller responsible for freeing char* X509_NAME_oneline(X509_NAME* name, char* buffer, int sz) { if (!name->GetName()) return buffer; int len = strlen(name->GetName()) + 1; int copySz = min(len, sz); if (!buffer) { buffer = (char*)malloc(len); if (!buffer) return buffer; copySz = len; } if (copySz == 0) return buffer; memcpy(buffer, name->GetName(), copySz - 1); buffer[copySz - 1] = 0; return buffer; } X509_NAME* X509_get_issuer_name(X509* x) { return x->GetIssuer(); } X509_NAME* X509_get_subject_name(X509* x) { return x->GetSubject(); } void SSL_load_error_strings() // compatibility only {} void SSL_set_connect_state(SSL*) { // already a client by default } void SSL_set_accept_state(SSL* ssl) { ssl->useSecurity().use_parms().entity_ = server_end; } long SSL_get_verify_result(SSL*) { // won't get here if not OK return X509_V_OK; } long SSL_CTX_sess_set_cache_size(SSL_CTX* /*ctx*/, long /*sz*/) { // unlimited size, can't set for now return 0; } long SSL_CTX_get_session_cache_mode(SSL_CTX*) { // always 0, unlimited size for now return 0; } long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH* dh) { if (ctx->SetDH(*dh)) return SSL_SUCCESS; else return SSL_FAILURE; } int read_file(SSL_CTX* ctx, const char* file, int format, CertType type) { if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM) return SSL_BAD_FILETYPE; FILE* input = fopen(file, "rb"); if (!input) return SSL_BAD_FILE; if (type == CA) { x509* ptr = PemToDer(file, Cert); if (!ptr) { fclose(input); return SSL_BAD_FILE; } ctx->AddCA(ptr); // takes ownership } else { x509*& x = (type == Cert) ? ctx->certificate_ : ctx->privateKey_; if (format == SSL_FILETYPE_ASN1) { fseek(input, 0, SEEK_END); long sz = ftell(input); rewind(input); x = new (ys) x509(sz); // takes ownership size_t bytes = fread(x->use_buffer(), sz, 1, input); if (bytes != 1) { fclose(input); return SSL_BAD_FILE; } } else { x = PemToDer(file, type); if (!x) { fclose(input); return SSL_BAD_FILE; } } } fclose(input); return SSL_SUCCESS; } int SSL_CTX_use_certificate_file(SSL_CTX* ctx, const char* file, int format) { return read_file(ctx, file, format, Cert); } int SSL_CTX_use_PrivateKey_file(SSL_CTX* ctx, const char* file, int format) { return read_file(ctx, file, format, PrivateKey); } void SSL_CTX_set_verify(SSL_CTX* ctx, int mode, VerifyCallback /*vc*/) { if (mode & SSL_VERIFY_PEER) ctx->setVerifyPeer(); if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) ctx->setFailNoCert(); } int SSL_CTX_load_verify_locations(SSL_CTX* ctx, const char* file, const char* /*path*/) { // just files for now return read_file(ctx, file, SSL_FILETYPE_PEM, CA); } int SSL_CTX_set_default_verify_paths(SSL_CTX* /*ctx*/) { // TODO: figure out way to set/store default path, then call load_verify return SSL_NOT_IMPLEMENTED; } int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*, unsigned int) { // No application specific context needed for yaSSL return SSL_SUCCESS; } int SSL_CTX_check_private_key(SSL_CTX* /*ctx*/) { // TODO: check private against public for RSA match return SSL_NOT_IMPLEMENTED; } // TODO: all session stats long SSL_CTX_sess_accept(SSL_CTX* ctx) { return ctx->GetStats().accept_; } long SSL_CTX_sess_connect(SSL_CTX* ctx) { return ctx->GetStats().connect_; } long SSL_CTX_sess_accept_good(SSL_CTX* ctx) { return ctx->GetStats().acceptGood_; } long SSL_CTX_sess_connect_good(SSL_CTX* ctx) { return ctx->GetStats().connectGood_; } long SSL_CTX_sess_accept_renegotiate(SSL_CTX* ctx) { return ctx->GetStats().acceptRenegotiate_; } long SSL_CTX_sess_connect_renegotiate(SSL_CTX* ctx) { return ctx->GetStats().connectRenegotiate_; } long SSL_CTX_sess_hits(SSL_CTX* ctx) { return ctx->GetStats().hits_; } long SSL_CTX_sess_cb_hits(SSL_CTX* ctx) { return ctx->GetStats().cbHits_; } long SSL_CTX_sess_cache_full(SSL_CTX* ctx) { return ctx->GetStats().cacheFull_; } long SSL_CTX_sess_misses(SSL_CTX* ctx) { return ctx->GetStats().misses_; } long SSL_CTX_sess_timeouts(SSL_CTX* ctx) { return ctx->GetStats().timeouts_; } long SSL_CTX_sess_number(SSL_CTX* ctx) { return ctx->GetStats().number_; } long SSL_CTX_sess_get_cache_size(SSL_CTX* ctx) { return ctx->GetStats().getCacheSize_; } // end session stats TODO: int SSL_CTX_get_verify_mode(SSL_CTX* ctx) { return ctx->GetStats().verifyMode_; } int SSL_get_verify_mode(SSL* ssl) { return ssl->getSecurity().GetContext()->GetStats().verifyMode_; } int SSL_CTX_get_verify_depth(SSL_CTX* ctx) { return ctx->GetStats().verifyDepth_; } int SSL_get_verify_depth(SSL* ssl) { return ssl->getSecurity().GetContext()->GetStats().verifyDepth_; } long SSL_CTX_set_options(SSL_CTX*, long) { // TDOD: return SSL_SUCCESS; } void SSL_CTX_set_info_callback(SSL_CTX*, void (*)()) { // TDOD: } void OpenSSL_add_all_algorithms() // compatibility only {} DH* DH_new(void) { DH* dh = new DH; if (dh) dh->p = dh->g = 0; return dh; } void DH_free(DH* dh) { delete dh->g; delete dh->p; delete dh; } // convert positive big-endian num of length sz into retVal, which may need to // be created BIGNUM* BN_bin2bn(const unsigned char* num, int sz, BIGNUM* retVal) { using mySTL::auto_ptr; bool created = false; auto_ptr<BIGNUM> bn; if (!retVal) { created = true; bn.reset(new (ys) BIGNUM); retVal = bn.get(); } retVal->assign(num, sz); if (created) return bn.release(); else return retVal; } unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *) { //return SSL_NOT_IMPLEMENTED; return 0; } void ERR_print_errors_fp(FILE* /*fp*/) { // need ssl access to implement TODO: //fprintf(fp, "%s", ssl.get_states().errorString_.c_str()); } char* ERR_error_string(unsigned long /*err*/, char* buffer) { // TODO: static char* msg = "Not Implemented"; if (buffer) return strncpy(buffer, msg, strlen(msg)); return msg; } const char* X509_verify_cert_error_string(long /* error */) { // TODO: static const char* msg = "Not Implemented"; return msg; } const EVP_MD* EVP_md5(void) { // TODO: FIX add to some list for destruction return new MD5; } const EVP_CIPHER* EVP_des_ede3_cbc(void) { // TODO: FIX add to some list for destruction return new DES_EDE; } int EVP_BytesToKey(const EVP_CIPHER* type, const EVP_MD* md, const byte* salt, const byte* data, int sz, int count, byte* key, byte* iv) { EVP_MD* myMD = const_cast<EVP_MD*>(md); uint digestSz = myMD->get_digestSize(); byte digest[SHA_LEN]; // max size int keyLen = type->get_keySize(); int ivLen = type->get_ivSize(); int keyLeft = keyLen; int ivLeft = ivLen; int keyOutput = 0; while (keyOutput < (keyLen + ivLen)) { int digestLeft = digestSz; // D_(i - 1) if (keyOutput) // first time D_0 is empty myMD->update(digest, digestSz); // data myMD->update(data, sz); // salt if (salt) myMD->update(salt, EVP_SALT_SZ); myMD->get_digest(digest); // count for (int j = 1; j < count; j++) { myMD->update(digest, digestSz); myMD->get_digest(digest); } if (keyLeft) { int store = min(keyLeft, static_cast<int>(digestSz)); memcpy(&key[keyLen - keyLeft], digest, store); keyOutput += store; keyLeft -= store; digestLeft -= store; } if (ivLeft && digestLeft) { int store = min(ivLeft, digestLeft); memcpy(&iv[ivLen - ivLeft], digest, store); keyOutput += store; ivLeft -= store; } } assert(keyOutput == (keyLen + ivLen)); return keyOutput; } void DES_set_key_unchecked(const_DES_cblock* key, DES_key_schedule* schedule) { memcpy(schedule, key, sizeof(const_DES_cblock)); } void DES_ede3_cbc_encrypt(const byte* input, byte* output, long sz, DES_key_schedule* ks1, DES_key_schedule* ks2, DES_key_schedule* ks3, DES_cblock* ivec, int enc) { DES_EDE des; byte key[DES_EDE_KEY_SZ]; memcpy(key, *ks1, DES_BLOCK); memcpy(&key[DES_BLOCK], *ks2, DES_BLOCK); memcpy(&key[DES_BLOCK * 2], *ks3, DES_BLOCK); if (enc) { des.set_encryptKey(key, *ivec); des.encrypt(output, input, sz); } else { des.set_decryptKey(key, *ivec); des.decrypt(output, input, sz); } } // functions for stunnel void RAND_screen() { // TODO: } const char* RAND_file_name(char*, size_t) { // TODO: return 0; } int RAND_write_file(const char*) { // TODO: return 0; } int RAND_load_file(const char*, long) { // TODO: return 0; } void RSA_free(RSA*) { // TODO: } RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*) { // TODO: return 0; } int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long) { // TODO: return SSL_SUCCESS; } int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long) { // TODO: return SSL_SUCCESS; } X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void) { // TODO: return 0; } X509_LOOKUP_METHOD* X509_LOOKUP_file(void) { // TODO: return 0; } X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*) { // TODO: return 0; } int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*, X509_OBJECT*) { // TODO: return SSL_SUCCESS; } X509_STORE* X509_STORE_new(void) { // TODO: return 0; } char* SSL_alert_type_string_long(int) { // TODO: return 0; } char* SSL_alert_desc_string_long(int) { // TODO: return 0; } char* SSL_state_string_long(SSL*) { // TODO: return 0; } void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int)) { // TDOD: } long SSL_CTX_set_session_cache_mode(SSL_CTX*, long) { // TDOD: return SSL_SUCCESS; } long SSL_CTX_set_timeout(SSL_CTX*, long) { // TDOD: return SSL_SUCCESS; } int SSL_CTX_use_certificate_chain_file(SSL_CTX*, const char*) { // TDOD: return SSL_SUCCESS; } void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb) { // TDOD: } int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int) { // TDOD: return SSL_SUCCESS; } int SSL_set_rfd(SSL*, int) { return SSL_SUCCESS; // TODO: } int SSL_set_wfd(SSL*, int) { return SSL_SUCCESS; // TODO: } int SSL_pending(SSL*) { return SSL_SUCCESS; // TODO: } int SSL_want_read(SSL*) { return 0; // TODO: } int SSL_want_write(SSL*) { return 0; // TODO: } void SSL_set_shutdown(SSL*, int) { // TODO: } SSL_CIPHER* SSL_get_current_cipher(SSL*) { // TODO: return 0; } char* SSL_CIPHER_description(SSL_CIPHER*, char*, int) { // TODO: return 0; } void SSLeay_add_ssl_algorithms() // compatibility only {} void ERR_remove_state(unsigned long) { // TODO: } int ERR_GET_REASON(int l) { return l & 0xfff; } unsigned long ERR_peek_error() { return 0; // TODO: } unsigned long ERR_get_error() { return ERR_peek_error(); } // end stunnel needs } // namespace --- New file --- +++ extra/yassl/src/timer.cpp 05/04/28 18:23:11 /* timer.cpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* timer.cpp implements a high res and low res timer * */ #include "runtime.hpp" #include "timer.hpp" namespace yaSSL { #ifdef WIN32 #define WIN32_LEAN_AND_MEAN #include <windows.h> timer_d timer() { static bool init(false); static LARGE_INTEGER freq; if (!init) { QueryPerformanceFrequency(&freq); init = true; } LARGE_INTEGER count; QueryPerformanceCounter(&count); return static_cast<double>(count.QuadPart) / freq.QuadPart; } uint lowResTimer() { return static_cast<uint>(timer()); } #else // WIN32
| Thread | ||
|---|---|---|
| • bk commit into 5.0 tree (svoj:1.1847) | svoj | 28 Apr |
© 1995-2008 MySQL AB, 2008-2009 Sun Microsystems, Inc.
Page generated in 1.954 sec. using MySQL 5.1.14-beta-log