Menu
▾
▴
[Dcplusplus-commit] SF.net SVN: dcplusplus: [623] dcplusplus/trunk
|
From: <arn...@us...> - 2006-07-02 16:56:33
|
Revision: 623 Author: arnetheduck Date: 2006-07-02 09:52:24 -0700 (Sun, 02 Jul 2006) ViewCVS: http://svn.sourceforge.net/dcplusplus/?rev=623&view=rev Log Message: ----------- Patches, new yassl, some small fixes Modified Paths: -------------- dcplusplus/trunk/changelog.txt dcplusplus/trunk/client/AdcHub.cpp dcplusplus/trunk/client/BufferedSocket.cpp dcplusplus/trunk/client/Client.cpp dcplusplus/trunk/client/Client.h dcplusplus/trunk/client/ClientManager.cpp dcplusplus/trunk/client/DCPlusPlus.h dcplusplus/trunk/client/HashManager.cpp dcplusplus/trunk/client/NmdcHub.cpp dcplusplus/trunk/client/SettingsManager.cpp dcplusplus/trunk/client/SettingsManager.h dcplusplus/trunk/client/StringDefs.h dcplusplus/trunk/yassl/README dcplusplus/trunk/yassl/include/handshake.hpp dcplusplus/trunk/yassl/include/openssl/crypto.h dcplusplus/trunk/yassl/include/openssl/err.h dcplusplus/trunk/yassl/include/openssl/md5.h dcplusplus/trunk/yassl/include/openssl/rsa.h dcplusplus/trunk/yassl/include/openssl/ssl.h dcplusplus/trunk/yassl/include/socket_wrapper.hpp dcplusplus/trunk/yassl/include/yassl_error.hpp dcplusplus/trunk/yassl/include/yassl_int.hpp dcplusplus/trunk/yassl/include/yassl_types.hpp dcplusplus/trunk/yassl/mySTL/helpers.hpp dcplusplus/trunk/yassl/mySTL/list.hpp dcplusplus/trunk/yassl/mySTL/vector.hpp dcplusplus/trunk/yassl/src/cert_wrapper.cpp dcplusplus/trunk/yassl/src/handshake.cpp dcplusplus/trunk/yassl/src/socket_wrapper.cpp dcplusplus/trunk/yassl/src/ssl.cpp dcplusplus/trunk/yassl/src/template_instnt.cpp dcplusplus/trunk/yassl/src/timer.cpp dcplusplus/trunk/yassl/src/yassl.cpp dcplusplus/trunk/yassl/src/yassl_error.cpp dcplusplus/trunk/yassl/src/yassl_imp.cpp dcplusplus/trunk/yassl/src/yassl_int.cpp dcplusplus/trunk/yassl/taocrypt/include/asn.hpp dcplusplus/trunk/yassl/taocrypt/include/block.hpp dcplusplus/trunk/yassl/taocrypt/include/integer.hpp dcplusplus/trunk/yassl/taocrypt/include/misc.hpp dcplusplus/trunk/yassl/taocrypt/include/runtime.hpp dcplusplus/trunk/yassl/taocrypt/include/types.hpp dcplusplus/trunk/yassl/taocrypt/src/algebra.cpp dcplusplus/trunk/yassl/taocrypt/src/asn.cpp dcplusplus/trunk/yassl/taocrypt/src/integer.cpp dcplusplus/trunk/yassl/taocrypt/src/misc.cpp dcplusplus/trunk/yassl/taocrypt/src/random.cpp dcplusplus/trunk/yassl/taocrypt/src/template_instnt.cpp Added Paths: ----------- dcplusplus/trunk/yassl/include/openssl/engine.h dcplusplus/trunk/yassl/include/openssl/md4.h dcplusplus/trunk/yassl/include/openssl/pem.h dcplusplus/trunk/yassl/include/openssl/pkcs12.h dcplusplus/trunk/yassl/include/openssl/x509.h dcplusplus/trunk/yassl/include/openssl/x509v3.h dcplusplus/trunk/yassl/taocrypt/include/md4.hpp dcplusplus/trunk/yassl/taocrypt/src/md4.cpp Modified: dcplusplus/trunk/changelog.txt =================================================================== --- dcplusplus/trunk/changelog.txt 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/changelog.txt 2006-07-02 16:52:24 UTC (rev 623) @@ -26,8 +26,11 @@ * Added warning when someone tries to spam hublist.org or dcpp.net with your client * [bug 968] Fixed unix compile issue (thanks pothead) * [bug 975] Fixed silly warning (thanks pothead) +* [bug 978] Fixed 64-bit compiler issue (thanks steven sheehy) +* [bug 988] Only unique nicks diplayed in title bar +* Added protection from hubs/clients sending junk data resulting in high memory usage / crash +* Updated to yaSSL 1.3.7 - -- 0.691 2006-06-03 -- * Links to bugzilla in html changelog * [bug 122] Added userlist filter (thanks trem) Modified: dcplusplus/trunk/client/AdcHub.cpp =================================================================== --- dcplusplus/trunk/client/AdcHub.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/client/AdcHub.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -540,7 +540,6 @@ void AdcHub::on(Failed, const string& aLine) throw() { clearUsers(); socket->removeListener(this); - state = STATE_PROTOCOL; fire(ClientListener::Failed(), this, aLine); } @@ -555,7 +554,7 @@ } void AdcHub::on(Second, u_int32_t aTick) throw() { - if(getAutoReconnect() && state == STATE_PROTOCOL && (getLastActivity() + getReconnDelay() * 1000) < aTick) { + if(getAutoReconnect() && state == STATE_PROTOCOL && (getReconnecting() || ((getLastActivity() + getReconnDelay() * 1000) < aTick)) ) { // Try to reconnect... connect(); } Modified: dcplusplus/trunk/client/BufferedSocket.cpp =================================================================== --- dcplusplus/trunk/client/BufferedSocket.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/client/BufferedSocket.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -254,6 +254,10 @@ break; } } + + if(mode == MODE_LINE && line.size() > SETTING(MAX_COMMAND_LENGTH)) { + throw SocketException(STRING(COMMAND_TOO_LONG)); + } } void BufferedSocket::threadSendFile(InputStream* file) throw(Exception) { Modified: dcplusplus/trunk/client/Client.cpp =================================================================== --- dcplusplus/trunk/client/Client.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/client/Client.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -30,7 +30,7 @@ Client::Client(const string& hubURL, char separator_, bool secure_) : myIdentity(ClientManager::getInstance()->getMe(), 0), - reconnDelay(120), lastActivity(GET_TICK()), registered(false), autoReconnect(true), socket(0), + reconnDelay(120), lastActivity(GET_TICK()), registered(false), autoReconnect(true), reconnecting(false), socket(0), hubUrl(hubURL), port(0), separator(separator_), secure(secure_), countType(COUNT_UNCOUNTED) { @@ -49,7 +49,7 @@ void Client::reconnect() { disconnect(true); setAutoReconnect(true); - resetActivtiy(); + setReconnecting(true); } void Client::shutdown() { @@ -86,6 +86,7 @@ BufferedSocket::putSocket(socket); setAutoReconnect(true); + setReconnecting(false); setReconnDelay(120 + Util::rand(0, 60)); reloadSettings(true); setRegistered(false); Modified: dcplusplus/trunk/client/Client.h =================================================================== --- dcplusplus/trunk/client/Client.h 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/client/Client.h 2006-07-02 16:52:24 UTC (rev 623) @@ -127,7 +127,6 @@ } void reconnect(); - void shutdown(); void send(const string& aMessage) { send(aMessage.c_str(), aMessage.length()); } @@ -155,6 +154,7 @@ GETSET(u_int32_t, lastActivity, LastActivity); GETSET(bool, registered, Registered); GETSET(bool, autoReconnect, AutoReconnect); + GETSET(bool, reconnecting, Reconnecting); GETSET(string, currentNick, CurrentNick); GETSET(string, currentDescription, CurrentDescription); @@ -177,7 +177,6 @@ void updateCounts(bool aRemove); void updateActivity() { lastActivity = GET_TICK(); } - void resetActivtiy() { lastActivity = 0; } /** Reload details from favmanager or settings */ void reloadSettings(bool updateNick); Modified: dcplusplus/trunk/client/ClientManager.cpp =================================================================== --- dcplusplus/trunk/client/ClientManager.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/client/ClientManager.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -94,21 +94,21 @@ StringList ClientManager::getNicks(const CID& cid) { Lock l(cs); - StringList lst; + StringSet nicks; OnlinePair op = onlineUsers.equal_range(cid); for(OnlineIter i = op.first; i != op.second; ++i) { - lst.push_back(i->second->getIdentity().getNick()); + nicks.insert(i->second->getIdentity().getNick()); } - if(lst.empty()) { + if(nicks.empty()) { // Offline perhaps? UserIter i = users.find(cid); if(i != users.end() && !i->second->getFirstNick().empty()) { - lst.push_back(i->second->getFirstNick()); + nicks.insert(i->second->getFirstNick()); } else { - lst.push_back('{' + cid.toBase32() + '}'); + nicks.insert('{' + cid.toBase32() + '}'); } } - return lst; + return StringList(nicks.begin(), nicks.end()); } string ClientManager::getConnection(const CID& cid) { Modified: dcplusplus/trunk/client/DCPlusPlus.h =================================================================== --- dcplusplus/trunk/client/DCPlusPlus.h 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/client/DCPlusPlus.h 2006-07-02 16:52:24 UTC (rev 623) @@ -85,6 +85,9 @@ typedef HASH_MAP<string, string> StringMap; typedef StringMap::iterator StringMapIter; +typedef HASH_SET<string> StringSet; +typedef StringSet::iterator StringSetIter; + typedef vector<wstring> WStringList; typedef WStringList::iterator WStringIter; typedef WStringList::const_iterator WStringIterC; Modified: dcplusplus/trunk/client/HashManager.cpp =================================================================== --- dcplusplus/trunk/client/HashManager.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/client/HashManager.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -409,7 +409,7 @@ HashManager::HashStore::HashStore() : dirty(false) { - if(File::getSize(getDataFile()) <= sizeof(int64_t)) { + if(File::getSize(getDataFile()) <= static_cast<int64_t>(sizeof(int64_t))) { try { createDataFile(getDataFile()); } catch(const FileException&) { Modified: dcplusplus/trunk/client/NmdcHub.cpp =================================================================== --- dcplusplus/trunk/client/NmdcHub.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/client/NmdcHub.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -848,7 +848,7 @@ // Try to send something for the fun of it... dcdebug("Testing writing...\n"); send("|", 1); - } else if(getAutoReconnect() && state == STATE_CONNECT && (getLastActivity() + getReconnDelay() * 1000) < aTick) { + } else if(getAutoReconnect() && state == STATE_CONNECT && (getReconnecting() || ((getLastActivity() + getReconnDelay() * 1000) < aTick))) { // Try to reconnect... connect(); } @@ -871,11 +871,7 @@ // BufferedSocketListener void NmdcHub::on(BufferedSocketListener::Failed, const string& aLine) throw() { clearUsers(); - socket->removeListener(this); - - if(state == STATE_CONNECTED) - state = STATE_CONNECT; - - fire(ClientListener::Failed(), this, aLine); + state = STATE_CONNECT; + fire(ClientListener::Failed(), this, aLine); } Modified: dcplusplus/trunk/client/SettingsManager.cpp =================================================================== --- dcplusplus/trunk/client/SettingsManager.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/client/SettingsManager.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -74,7 +74,7 @@ "BoldHub", "BoldPm", "BoldSearch", "SocketInBuffer", "SocketOutBuffer", "OnlyDlTthFiles", "OpenWaitingUsers", "BoldWaitingUsers", "OpenSystemLog", "BoldSystemLog", "AutoRefreshTime", "UseSsl", "AutoSearchLimit", "AltSortOrder", "AutoKickNoFavs", "PromptPassword", "SpyFrameIgnoreTthSearches", - "DontDlAlreadyQueued", + "DontDlAlreadyQueued", "MaxCommandLength", "SENTRY", // Int64 "TotalUpload", "TotalDownload", @@ -260,6 +260,7 @@ setDefault(PROMPT_PASSWORD, false); setDefault(SPY_FRAME_IGNORE_TTH_SEARCHES, false); setDefault(DONT_DL_ALREADY_QUEUED, false); + setDefault(MAX_COMMAND_LENGTH, 16*1024*1024); #ifdef _WIN32 setDefault(MAIN_WINDOW_STATE, SW_SHOWNORMAL); Modified: dcplusplus/trunk/client/SettingsManager.h =================================================================== --- dcplusplus/trunk/client/SettingsManager.h 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/client/SettingsManager.h 2006-07-02 16:52:24 UTC (rev 623) @@ -90,7 +90,7 @@ BOLD_HUB, BOLD_PM, BOLD_SEARCH, SOCKET_IN_BUFFER, SOCKET_OUT_BUFFER, ONLY_DL_TTH_FILES, OPEN_WAITING_USERS, BOLD_WAITING_USERS, OPEN_SYSTEM_LOG, BOLD_SYSTEM_LOG, AUTO_REFRESH_TIME, USE_SSL, AUTO_SEARCH_LIMIT, ALT_SORT_ORDER, AUTO_KICK_NO_FAVS, PROMPT_PASSWORD, SPY_FRAME_IGNORE_TTH_SEARCHES, - DONT_DL_ALREADY_QUEUED, + DONT_DL_ALREADY_QUEUED, MAX_COMMAND_LENGTH, INT_LAST }; enum Int64Setting { INT64_FIRST = INT_LAST + 1, Modified: dcplusplus/trunk/client/StringDefs.h =================================================================== --- dcplusplus/trunk/client/StringDefs.h 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/client/StringDefs.h 2006-07-02 16:52:24 UTC (rev 623) @@ -51,6 +51,7 @@ CLOSING_CONNECTION, // "Closing connection..." COMPRESSED, // "Compressed" COMPRESSION_ERROR, // "Error during compression" + COMMAND_TOO_LONG, // "Maximum command length exceeded" CONFIGURE, // "&Configure" CONNECT, // "&Connect" CONNECT_FAVUSER_HUB, // "Connect to hub" Modified: dcplusplus/trunk/yassl/README =================================================================== --- dcplusplus/trunk/yassl/README 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/README 2006-07-02 16:52:24 UTC (rev 623) @@ -1,13 +1,66 @@ -yaSSL Release notes, version 1.2.2 (03/27/06) +yaSSL Release notes, version 1.3.7 (06/26/06) + This release of yaSSL contains bug fixes, portability enhancements, + and libcurl 7.15.4 support (any newer versions may not build). + +See normal build instructions below under 1.0.6. +See libcurl build instructions below under 1.3.0. + + +********************yaSSL Release notes, version 1.3.5 (06/01/06) + + + This release of yaSSL contains bug fixes, portability enhancements, + better libcurl support, and improved non-blocking I/O. + +See normal build instructions below under 1.0.6. +See libcurl build instructions below under 1.3.0. + + +********************yaSSL Release notes, version 1.3.0 (04/26/06) + + + This release of yaSSL contains minor bug fixes, portability enhancements, + and libcurl support. + +See normal build instructions below under 1.0.6. + + +--To build for libcurl on Linux, Solaris, *BSD, Mac OS X, or Cygwin: + + To build for libcurl the library needs to be built without C++ globals since + the linker will be called in a C context, also libcurl configure will expect + OpenSSL library names so some symbolic links are created. + + ./configure --enable-pure-c + make + make openssl-links + + (then go to your libcurl home and tell libcurl about yaSSL build dir) + ./configure --with-ssl=/yaSSL-BuildDir LDFLAGS=-lm + make + + +--To build for libcurl on Win32: + + Simply add the yaSSL project as a dependency to libcurl, add + yaSSL-Home\include and yaSSL-Home\include\openssl to the include list, and + define USE_SSLEAY and USE_OPENSSL + + please email to...@ya... if you have any questions. + + +*******************yaSSL Release notes, version 1.2.2 (03/27/06) + + This release of yaSSL contains minor bug fixes and portability enhancements. See build instructions below under 1.0.6: -*****************yaSSL Release notes, version 1.2.0 +*******************yaSSL Release notes, version 1.2.0 This release of yaSSL contains minor bug fixes, portability enhancements, Modified: dcplusplus/trunk/yassl/include/handshake.hpp =================================================================== --- dcplusplus/trunk/yassl/include/handshake.hpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/include/handshake.hpp 2006-07-02 16:52:24 UTC (rev 623) @@ -55,7 +55,7 @@ int sendData(SSL&, const void*, int); int sendAlert(SSL& ssl, const Alert& alert); -int receiveData(SSL&, Data&); +int receiveData(SSL&, Data&, bool peek = false); void processReply(SSL&); void buildFinished(SSL&, Finished&, const opaque*); Modified: dcplusplus/trunk/yassl/include/openssl/crypto.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/crypto.h 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/include/openssl/crypto.h 2006-07-02 16:52:24 UTC (rev 623) @@ -3,6 +3,10 @@ #ifndef ysSSL_crypto_h__ #define yaSSL_crypto_h__ +#ifdef YASSL_PREFIX +#include "prefix_crypto.h" +#endif + const char* SSLeay_version(int type); #define SSLEAY_VERSION 0x0900L Added: dcplusplus/trunk/yassl/include/openssl/engine.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/engine.h (rev 0) +++ dcplusplus/trunk/yassl/include/openssl/engine.h 2006-07-02 16:52:24 UTC (rev 623) @@ -0,0 +1,5 @@ +/* engine.h for libcurl */ + +#undef HAVE_OPENSSL_ENGINE_H + + Modified: dcplusplus/trunk/yassl/include/openssl/err.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/err.h 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/include/openssl/err.h 2006-07-02 16:52:24 UTC (rev 623) @@ -1,6 +1,6 @@ /* err.h for openssl */ -#ifndef ysSSL_err_h__ +#ifndef yaSSL_err_h__ #define yaSSL_err_h__ Added: dcplusplus/trunk/yassl/include/openssl/md4.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/md4.h (rev 0) +++ dcplusplus/trunk/yassl/include/openssl/md4.h 2006-07-02 16:52:24 UTC (rev 623) @@ -0,0 +1 @@ +/* md4.h for libcurl */ Modified: dcplusplus/trunk/yassl/include/openssl/md5.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/md5.h 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/include/openssl/md5.h 2006-07-02 16:52:24 UTC (rev 623) @@ -1 +1,4 @@ /* md5.h for openssl */ + +#include "ssl.h" /* in there for now */ + Added: dcplusplus/trunk/yassl/include/openssl/pem.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/pem.h (rev 0) +++ dcplusplus/trunk/yassl/include/openssl/pem.h 2006-07-02 16:52:24 UTC (rev 623) @@ -0,0 +1 @@ +/* pem.h for libcurl */ Added: dcplusplus/trunk/yassl/include/openssl/pkcs12.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/pkcs12.h (rev 0) +++ dcplusplus/trunk/yassl/include/openssl/pkcs12.h 2006-07-02 16:52:24 UTC (rev 623) @@ -0,0 +1,5 @@ +/* pkcs12.h for libcurl */ + + +#undef HAVE_OPENSSL_PKCS12_H + Modified: dcplusplus/trunk/yassl/include/openssl/rsa.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/rsa.h 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/include/openssl/rsa.h 2006-07-02 16:52:24 UTC (rev 623) @@ -1,7 +1,7 @@ /* rsa.h for openSSL */ -#ifndef ysSSL_rsa_h__ +#ifndef yaSSL_rsa_h__ #define yaSSL_rsa_h__ enum { RSA_F4 = 1 }; Modified: dcplusplus/trunk/yassl/include/openssl/ssl.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/ssl.h 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/include/openssl/ssl.h 2006-07-02 16:52:24 UTC (rev 623) @@ -25,12 +25,30 @@ -#ifndef ysSSL_openssl_h__ +#ifndef yaSSL_openssl_h__ #define yaSSL_openssl_h__ -#include <stdio.h> /* ERR_print fp */ +#ifdef YASSL_PREFIX +#include "prefix_ssl.h" +#endif + +#include <stdio.h> /* ERR_print fp */ +#include "opensslv.h" /* for version number */ #include "rsa.h" +#if defined(__cplusplus) +extern "C" { +#endif + + void yaSSL_CleanUp(); /* call once at end of application use to + free static singleton memory holders, + not a leak per se, but helpful when + looking for them */ + +#if defined(__cplusplus) +} // extern +#endif + #if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE) namespace yaSSL { extern "C" { @@ -102,7 +120,6 @@ typedef struct BIO BIO; /* ASN stuff */ -typedef struct ASN1_TIME ASN1_TIME; @@ -260,6 +277,7 @@ enum { /* ssl Constants */ + SSL_WOULD_BLOCK = -8, SSL_BAD_STAT = -7, SSL_BAD_PATH = -6, SSL_BAD_FILETYPE = -5, @@ -345,7 +363,8 @@ long SSL_CTX_set_tmp_dh(SSL_CTX*, DH*); void OpenSSL_add_all_algorithms(void); -void SSLeay_add_ssl_algorithms(void); +int SSL_library_init(); +int SSLeay_add_ssl_algorithms(void); SSL_CIPHER* SSL_get_current_cipher(SSL*); @@ -358,11 +377,9 @@ /* EVP stuff, des and md5, different file? */ -typedef struct Digest Digest; -typedef Digest EVP_MD; +typedef char EVP_MD; -typedef struct BulkCipher BulkCipher; -typedef BulkCipher EVP_CIPHER; +typedef char EVP_CIPHER; typedef struct EVP_PKEY EVP_PKEY; @@ -370,6 +387,10 @@ typedef const DES_cblock const_DES_cblock; typedef DES_cblock DES_key_schedule; +enum { + DES_ENCRYPT = 1, + DES_DECRYPT = 0 +}; const EVP_MD* EVP_md5(void); const EVP_CIPHER* EVP_des_ede3_cbc(void); @@ -391,6 +412,112 @@ int RAND_load_file(const char*, long); +/* for libcurl */ +int RAND_status(void); +int RAND_bytes(unsigned char* buf, int num); + +int DES_set_key(const_DES_cblock*, DES_key_schedule*); +void DES_set_odd_parity(DES_cblock*); +void DES_ecb_encrypt(DES_cblock*, DES_cblock*, DES_key_schedule*, int); + +void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata); +void SSL_SESSION_free(SSL_SESSION* session); +int SSL_peek(SSL* ssl, void* buf, int num); + +X509* SSL_get_certificate(SSL* ssl); +EVP_PKEY* SSL_get_privatekey(SSL* ssl); +EVP_PKEY* X509_get_pubkey(X509* x); + +int EVP_PKEY_copy_parameters(EVP_PKEY* to, const EVP_PKEY* from); +void EVP_PKEY_free(EVP_PKEY* pkey); +void ERR_error_string_n(unsigned long e, char *buf, size_t len); +void ERR_free_strings(void); +void EVP_cleanup(void); + +void* X509_get_ext_d2i(X509* x, int nid, int* crit, int* idx); + +#define GEN_IPADD 7 +#define NID_subject_alt_name 85 +#define STACK_OF(x) x + + +/* defined here because libcurl dereferences */ +typedef struct ASN1_STRING { + int type; + int length; + unsigned char* data; +} ASN1_STRING; + + +typedef struct GENERAL_NAME { + int type; + union { + ASN1_STRING* ia5; + } d; +} GENERAL_NAME; + +void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *x); + +int sk_GENERAL_NAME_num(STACK_OF(GENERAL_NAME) *x); +GENERAL_NAME* sk_GENERAL_NAME_value(STACK_OF(GENERAL_NAME) *x, int i); + + +unsigned char* ASN1_STRING_data(ASN1_STRING* x); +int ASN1_STRING_length(ASN1_STRING* x); +int ASN1_STRING_type(ASN1_STRING *x); + +typedef ASN1_STRING X509_NAME_ENTRY; + +int X509_NAME_get_index_by_NID(X509_NAME* name,int nid, int lastpos); + +ASN1_STRING* X509_NAME_ENTRY_get_data(X509_NAME_ENTRY* ne); +X509_NAME_ENTRY* X509_NAME_get_entry(X509_NAME* name, int loc); + +#define OPENSSL_malloc(x) malloc(x) +#define OPENSSL_free(x) free(x) + +int ASN1_STRING_to_UTF8(unsigned char** out, ASN1_STRING* in); + +SSL_METHOD* SSLv23_client_method(void); /* doesn't actually roll back */ +SSL_METHOD* SSLv2_client_method(void); /* will never work, no v 2 */ + + +SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */ + + +#define CRYPTO_free(x) free(x) +#define ASN1_TIME ASN1_STRING + +ASN1_TIME* X509_get_notBefore(X509* x); +ASN1_TIME* X509_get_notAfter(X509* x); + + +#define ASN1_UTCTIME ASN1_STRING +#define NID_commonName 13 +#define V_ASN1_UTF8STRING 12 +#define GEN_DNS 2 + + +typedef struct MD4_CTX { + int buffer[32]; /* big enough to hold, check size in Init */ +} MD4_CTX; + +void MD4_Init(MD4_CTX*); +void MD4_Update(MD4_CTX*, const void*, unsigned long); +void MD4_Final(unsigned char*, MD4_CTX*); + + +typedef struct MD5_CTX { + int buffer[32]; /* big enough to hold, check size in Init */ +} MD5_CTX; + +void MD5_Init(MD5_CTX*); +void MD5_Update(MD5_CTX*, const void*, unsigned long); +void MD5_Final(unsigned char*, MD5_CTX*); + +#define MD5_DIGEST_LENGTH 16 + + #define SSL_DEFAULT_CIPHER_LIST "" /* default all */ Added: dcplusplus/trunk/yassl/include/openssl/x509.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/x509.h (rev 0) +++ dcplusplus/trunk/yassl/include/openssl/x509.h 2006-07-02 16:52:24 UTC (rev 623) @@ -0,0 +1 @@ +/* x509.h for libcurl */ Added: dcplusplus/trunk/yassl/include/openssl/x509v3.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/x509v3.h (rev 0) +++ dcplusplus/trunk/yassl/include/openssl/x509v3.h 2006-07-02 16:52:24 UTC (rev 623) @@ -0,0 +1 @@ +/* x509v3.h for libcurl */ Modified: dcplusplus/trunk/yassl/include/socket_wrapper.hpp =================================================================== --- dcplusplus/trunk/yassl/include/socket_wrapper.hpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/include/socket_wrapper.hpp 2006-07-02 16:52:24 UTC (rev 623) @@ -66,6 +66,7 @@ // Wraps Windows Sockets and BSD Sockets class Socket { socket_t socket_; // underlying socket descriptor + bool wouldBlock_; // for non-blocking data public: explicit Socket(socket_t s = INVALID_SOCKET); ~Socket(); @@ -75,9 +76,10 @@ socket_t get_fd() const; uint send(const byte* buf, unsigned int len, int flags = 0) const; - uint receive(byte* buf, unsigned int len, int flags = 0) const; + uint receive(byte* buf, unsigned int len, int flags = 0); - bool wait() const; + bool wait(); + bool WouldBlock() const; void closeSocket(); void shutDown(int how = SD_SEND); Modified: dcplusplus/trunk/yassl/include/yassl_error.hpp =================================================================== --- dcplusplus/trunk/yassl/include/yassl_error.hpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/include/yassl_error.hpp 2006-07-02 16:52:24 UTC (rev 623) @@ -26,7 +26,6 @@ #ifndef yaSSL_ERROR_HPP #define yaSSL_ERROR_HPP -#include "stdexcept.hpp" namespace yaSSL { @@ -63,7 +62,7 @@ void SetErrorString(YasslError, char*); - +/* remove for now, if go back to exceptions use this wrapper // Base class for all yaSSL exceptions class Error : public mySTL::runtime_error { YasslError error_; @@ -75,6 +74,7 @@ YasslError get_number() const; Library get_lib() const; }; +*/ } // naemspace Modified: dcplusplus/trunk/yassl/include/yassl_int.hpp =================================================================== --- dcplusplus/trunk/yassl/include/yassl_int.hpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/include/yassl_int.hpp 2006-07-02 16:52:24 UTC (rev 623) @@ -34,6 +34,7 @@ #include "cert_wrapper.hpp" #include "log.hpp" #include "lock.hpp" +#include "openssl/ssl.h" // ASN1_STRING and DH namespace yaSSL { @@ -121,8 +122,6 @@ friend sslFactory& GetSSL_Factory(); // singleton creator private: - static sslFactory instance_; - sslFactory(const sslFactory&); // hide copy sslFactory& operator=(const sslFactory&); // and assign }; @@ -132,28 +131,47 @@ // openSSL X509 names class X509_NAME { - char* name_; + char* name_; + size_t sz_; + ASN1_STRING entry_; public: X509_NAME(const char*, size_t sz); ~X509_NAME(); - char* GetName(); + char* GetName(); + ASN1_STRING* GetEntry(int i); private: X509_NAME(const X509_NAME&); // hide copy X509_NAME& operator=(const X509_NAME&); // and assign }; +class StringHolder { + ASN1_STRING asnString_; +public: + StringHolder(const char* str, int sz); + ~StringHolder(); + + ASN1_STRING* GetString(); +}; + + // openSSL X509 class X509 { X509_NAME issuer_; X509_NAME subject_; + StringHolder beforeDate_; // not valid before + StringHolder afterDate_; // not valid after public: - X509(const char* i, size_t, const char* s, size_t); + X509(const char* i, size_t, const char* s, size_t, + const char* b, int, const char* a, int); ~X509() {} X509_NAME* GetIssuer(); X509_NAME* GetSubject(); + + ASN1_STRING* GetBefore(); + ASN1_STRING* GetAfter(); private: X509(const X509&); // hide copy X509& operator=(const X509&); // and assign @@ -214,8 +232,6 @@ friend Sessions& GetSessions(); // singleton creator private: - static Sessions instance_; - Sessions(const Sessions&); // hide copy Sessions& operator=(const Sessions&); // and assign }; @@ -505,6 +521,7 @@ void makeTLSMasterSecret(); void addData(input_buffer* data); void fillData(Data&); + void PeekData(Data&); void addBuffer(output_buffer* b); void flushBuffer(); void verifyState(const RecordLayerHeader&); Modified: dcplusplus/trunk/yassl/include/yassl_types.hpp =================================================================== --- dcplusplus/trunk/yassl/include/yassl_types.hpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/include/yassl_types.hpp 2006-07-02 16:52:24 UTC (rev 623) @@ -34,6 +34,7 @@ namespace yaSSL { + #ifdef YASSL_PURE_C // library allocation Modified: dcplusplus/trunk/yassl/mySTL/helpers.hpp =================================================================== --- dcplusplus/trunk/yassl/mySTL/helpers.hpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/mySTL/helpers.hpp 2006-07-02 16:52:24 UTC (rev 623) @@ -28,14 +28,14 @@ #define mySTL_HELPERS_HPP #include <stdlib.h> -#include <new> // placement new +#ifdef _MSC_VER + #include <new> +#endif - - -#ifdef __IBMCPP__ /* Workaround for the lack of operator new(size_t, void*) in IBM VA C++ 6.0 + Also used as a workaround to avoid including <new> */ struct Dummy {}; @@ -44,12 +44,13 @@ return static_cast<void*>(d); } + // for compilers that want matching delete + inline void operator delete(void* ptr, Dummy* d) + { + } + typedef Dummy* yassl_pointer; -#else - typedef void* yassl_pointer; -#endif - namespace mySTL { Modified: dcplusplus/trunk/yassl/mySTL/list.hpp =================================================================== --- dcplusplus/trunk/yassl/mySTL/list.hpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/mySTL/list.hpp 2006-07-02 16:52:24 UTC (rev 623) @@ -164,7 +164,7 @@ { void* mem = malloc(sizeof(node)); if (!mem) abort(); - node* add = new (mem) node(t); + node* add = new (reinterpret_cast<yassl_pointer>(mem)) node(t); if (head_) { add->next_ = head_; @@ -210,7 +210,7 @@ { void* mem = malloc(sizeof(node)); if (!mem) abort(); - node* add = new (mem) node(t); + node* add = new (reinterpret_cast<yassl_pointer>(mem)) node(t); if (tail_) { tail_->next_ = add; Modified: dcplusplus/trunk/yassl/mySTL/vector.hpp =================================================================== --- dcplusplus/trunk/yassl/mySTL/vector.hpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/mySTL/vector.hpp 2006-07-02 16:52:24 UTC (rev 623) @@ -45,7 +45,8 @@ vector_base() : start_(0), finish_(0), end_of_storage_(0) {} vector_base(size_t n) { - start_ = static_cast<T*>(malloc(n * sizeof(T))); + // Don't allow malloc(0), if n is 0 use 1 + start_ = static_cast<T*>(malloc((n ? n : 1) * sizeof(T))); if (!start_) abort(); finish_ = start_; end_of_storage_ = start_ + n; Modified: dcplusplus/trunk/yassl/src/cert_wrapper.cpp =================================================================== --- dcplusplus/trunk/yassl/src/cert_wrapper.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/src/cert_wrapper.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -271,10 +271,13 @@ else peerKeyType_ = dsa_sa_algo; - int iSz = cert.GetIssuer() ? strlen(cert.GetIssuer()) + 1 : 0; - int sSz = cert.GetCommonName() ? strlen(cert.GetCommonName()) + 1 : 0; + int iSz = strlen(cert.GetIssuer()) + 1; + int sSz = strlen(cert.GetCommonName()) + 1; + int bSz = strlen(cert.GetBeforeDate()) + 1; + int aSz = strlen(cert.GetAfterDate()) + 1; peerX509_ = NEW_YS X509(cert.GetIssuer(), iSz, cert.GetCommonName(), - sSz); + sSz, cert.GetBeforeDate(), bSz, + cert.GetAfterDate(), aSz); } return 0; } Modified: dcplusplus/trunk/yassl/src/handshake.cpp =================================================================== --- dcplusplus/trunk/yassl/src/handshake.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/src/handshake.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -458,6 +458,11 @@ uint16 sz = ((b0 & 0x7f) << 8) | b1; + if (sz > input.get_remaining()) { + ssl.SetError(bad_input); + return; + } + // hashHandShake manually const opaque* buffer = input.get_buffer() + input.get_current(); ssl.useHashes().use_MD5().update(buffer, sz); @@ -650,16 +655,16 @@ } -mySTL::auto_ptr<input_buffer> null_buffer(ysDelete); // do process input requests mySTL::auto_ptr<input_buffer> DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered) { // wait for input if blocking - if (!ssl.getSocket().wait()) { + if (!ssl.useSocket().wait()) { ssl.SetError(receive_error); - return buffered = null_buffer; + buffered.reset(0); + return buffered; } uint ready = ssl.getSocket().get_ready(); if (!ready) return buffered; @@ -669,11 +674,11 @@ input_buffer buffer(buffSz + ready); if (buffSz) { buffer.assign(buffered.get()->get_buffer(), buffSz); - buffered = null_buffer; + buffered.reset(0); } - // add NEW_YS data - uint read = ssl.getSocket().receive(buffer.get_buffer() + buffSz, ready); + // add new data + uint read = ssl.useSocket().receive(buffer.get_buffer() + buffSz, ready); buffer.add_size(read); uint offset = 0; const MessageFactory& mf = ssl.getFactory().getMessage(); @@ -681,39 +686,56 @@ // old style sslv2 client hello? if (ssl.getSecurity().get_parms().entity_ == server_end && ssl.getStates().getServer() == clientNull) - if (buffer.peek() != handshake) + if (buffer.peek() != handshake) { ProcessOldClientHello(buffer, ssl); + if (ssl.GetError()) { + buffered.reset(0); + return buffered; + } + } while(!buffer.eof()) { // each record RecordLayerHeader hdr; - buffer >> hdr; - ssl.verifyState(hdr); + bool needHdr = false; + if (static_cast<uint>(RECORD_HEADER) > buffer.get_remaining()) + needHdr = true; + else { + buffer >> hdr; + ssl.verifyState(hdr); + } + // make sure we have enough input in buffer to process this record - if (hdr.length_ > buffer.get_remaining()) { - uint sz = buffer.get_remaining() + RECORD_HEADER; + if (needHdr || hdr.length_ > buffer.get_remaining()) { + // put header in front for next time processing + uint extra = needHdr ? 0 : RECORD_HEADER; + uint sz = buffer.get_remaining() + extra; buffered.reset(NEW_YS input_buffer(sz, buffer.get_buffer() + - buffer.get_current() - RECORD_HEADER, sz)); + buffer.get_current() - extra, sz)); break; } while (buffer.get_current() < hdr.length_ + RECORD_HEADER + offset) { - // each message in record + // each message in record, can be more than 1 if not encrypted if (ssl.getSecurity().get_parms().pending_ == false) // cipher on decrypt_message(ssl, buffer, hdr.length_); mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_), ysDelete); if (!msg.get()) { ssl.SetError(factory_error); - return buffered = null_buffer; + buffered.reset(0); + return buffered; } buffer >> *msg; msg->Process(buffer, ssl); - if (ssl.GetError()) return buffered = null_buffer; + if (ssl.GetError()) { + buffered.reset(0); + return buffered; + } } offset += hdr.length_ + RECORD_HEADER; } - return buffered; // done, don't call again + return buffered; } @@ -854,8 +876,11 @@ // send data int sendData(SSL& ssl, const void* buffer, int sz) { + if (ssl.GetError() == YasslError(SSL_ERROR_WANT_READ)) + ssl.SetError(no_error); + ssl.verfiyHandShakeComplete(); - if (ssl.GetError()) return 0; + if (ssl.GetError()) return -1; int sent = 0; for (;;) { @@ -866,7 +891,7 @@ buildMessage(ssl, out, data); ssl.Send(out.get_buffer(), out.get_size()); - if (ssl.GetError()) return 0; + if (ssl.GetError()) return -1; sent += len; if (sent == sz) break; } @@ -887,17 +912,29 @@ // process input data -int receiveData(SSL& ssl, Data& data) +int receiveData(SSL& ssl, Data& data, bool peek) { + if (ssl.GetError() == YasslError(SSL_ERROR_WANT_READ)) + ssl.SetError(no_error); + ssl.verfiyHandShakeComplete(); - if (ssl.GetError()) return 0; + if (ssl.GetError()) return -1; if (!ssl.bufferedData()) processReply(ssl); - ssl.fillData(data); + + if (peek) + ssl.PeekData(data); + else + ssl.fillData(data); + ssl.useLog().ShowData(data.get_length()); + if (ssl.GetError()) return -1; - if (ssl.GetError()) return 0; + if (data.get_length() == 0 && ssl.getSocket().WouldBlock()) { + ssl.SetError(YasslError(SSL_ERROR_WANT_READ)); + return SSL_WOULD_BLOCK; + } return data.get_length(); } Modified: dcplusplus/trunk/yassl/src/socket_wrapper.cpp =================================================================== --- dcplusplus/trunk/yassl/src/socket_wrapper.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/src/socket_wrapper.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -39,7 +39,7 @@ #include <string.h> #endif // _WIN32 -#ifdef __sun +#if defined(__sun) || defined(__SCO_VERSION__) #include <sys/filio.h> #endif @@ -58,7 +58,7 @@ Socket::Socket(socket_t s) - : socket_(s) + : socket_(s), wouldBlock_(false) {} @@ -95,11 +95,15 @@ uint Socket::get_ready() const { +#ifdef _WIN32 unsigned long ready = 0; - -#ifdef _WIN32 ioctlsocket(socket_, FIONREAD, &ready); #else + /* + 64-bit Solaris requires the variable passed to + FIONREAD be a 32-bit value. + */ + unsigned int ready = 0; ioctl(socket_, FIONREAD, &ready); #endif @@ -109,26 +113,39 @@ uint Socket::send(const byte* buf, unsigned int sz, int flags) const { + const byte* pos = buf; + const byte* end = pos + sz; + assert(socket_ != INVALID_SOCKET); - int sent = ::send(socket_, reinterpret_cast<const char *>(buf), sz, flags); - if (sent == -1) - return 0; + while (pos != end) { + int sent = ::send(socket_, reinterpret_cast<const char *>(pos), + static_cast<int>(end - pos), flags); - return sent; + if (sent == -1) + return 0; + + pos += sent; + } + + return sz; } -uint Socket::receive(byte* buf, unsigned int sz, int flags) const +uint Socket::receive(byte* buf, unsigned int sz, int flags) { assert(socket_ != INVALID_SOCKET); + wouldBlock_ = false; + int recvd = ::recv(socket_, reinterpret_cast<char *>(buf), sz, flags); // idea to seperate error from would block by arn...@gm... if (recvd == -1) { if (get_lastError() == SOCKET_EWOULDBLOCK || - get_lastError() == SOCKET_EAGAIN) + get_lastError() == SOCKET_EAGAIN) { + wouldBlock_ = true; return 0; + } } else if (recvd == 0) return static_cast<uint>(-1); @@ -138,7 +155,7 @@ // wait if blocking for input, return false for error -bool Socket::wait() const +bool Socket::wait() { byte b; return receive(&b, 1, MSG_PEEK) != static_cast<uint>(-1); @@ -162,6 +179,12 @@ } +bool Socket::WouldBlock() const +{ + return wouldBlock_; +} + + void Socket::set_lastError(int errorCode) { #ifdef _WIN32 Modified: dcplusplus/trunk/yassl/src/ssl.cpp =================================================================== --- dcplusplus/trunk/yassl/src/ssl.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/src/ssl.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -1,4 +1,4 @@ -/* ssl.cpp + /* ssl.cpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * @@ -35,6 +35,8 @@ #include "openssl/ssl.h" #include "handshake.hpp" #include "yassl_int.hpp" +#include "md5.hpp" // for TaoCrypt MD5 size assert +#include "md4.hpp" // for TaoCrypt MD4 size assert #include <stdio.h> #ifdef _WIN32 @@ -51,6 +53,53 @@ using mySTL::min; +int read_file(SSL_CTX* ctx, const char* file, int format, CertType type) +{ + if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM) + return SSL_BAD_FILETYPE; + + FILE* input = fopen(file, "rb"); + if (!input) + return SSL_BAD_FILE; + + if (type == CA) { + x509* ptr = PemToDer(file, Cert); + if (!ptr) { + fclose(input); + return SSL_BAD_FILE; + } + ctx->AddCA(ptr); // takes ownership + } + else { + x509*& x = (type == Cert) ? ctx->certificate_ : ctx->privateKey_; + + if (format == SSL_FILETYPE_ASN1) { + fseek(input, 0, SEEK_END); + long sz = ftell(input); + rewind(input); + x = NEW_YS x509(sz); // takes ownership + size_t bytes = fread(x->use_buffer(), sz, 1, input); + if (bytes != 1) { + fclose(input); + return SSL_BAD_FILE; + } + } + else { + x = PemToDer(file, type); + if (!x) { + fclose(input); + return SSL_BAD_FILE; + } + } + } + fclose(input); + return SSL_SUCCESS; +} + + +extern "C" { + + SSL_METHOD* SSLv3_method() { return SSLv3_client_method(); @@ -447,50 +496,6 @@ } -int read_file(SSL_CTX* ctx, const char* file, int format, CertType type) -{ - if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM) - return SSL_BAD_FILETYPE; - - FILE* input = fopen(file, "rb"); - if (!input) - return SSL_BAD_FILE; - - if (type == CA) { - x509* ptr = PemToDer(file, Cert); - if (!ptr) { - fclose(input); - return SSL_BAD_FILE; - } - ctx->AddCA(ptr); // takes ownership - } - else { - x509*& x = (type == Cert) ? ctx->certificate_ : ctx->privateKey_; - - if (format == SSL_FILETYPE_ASN1) { - fseek(input, 0, SEEK_END); - long sz = ftell(input); - rewind(input); - x = NEW_YS x509(sz); // takes ownership - size_t bytes = fread(x->use_buffer(), sz, 1, input); - if (bytes != 1) { - fclose(input); - return SSL_BAD_FILE; - } - } - else { - x = PemToDer(file, type); - if (!x) { - fclose(input); - return SSL_BAD_FILE; - } - } - } - fclose(input); - return SSL_SUCCESS; -} - - int SSL_CTX_use_certificate_file(SSL_CTX* ctx, const char* file, int format) { return read_file(ctx, file, format, Cert); @@ -722,6 +727,12 @@ {} +int SSL_library_init() // compatiblity only +{ + return 1; +} + + DH* DH_new(void) { DH* dh = NEW_YS DH; @@ -799,27 +810,34 @@ const EVP_MD* EVP_md5(void) { - // TODO: FIX add to some list for destruction - return NEW_YS MD5; + static const char* type = "MD5"; + return type; } const EVP_CIPHER* EVP_des_ede3_cbc(void) { - // TODO: FIX add to some list for destruction - return NEW_YS DES_EDE; + static const char* type = "DES_EDE3_CBC"; + return type; } int EVP_BytesToKey(const EVP_CIPHER* type, const EVP_MD* md, const byte* salt, const byte* data, int sz, int count, byte* key, byte* iv) { - EVP_MD* myMD = const_cast<EVP_MD*>(md); - uint digestSz = myMD->get_digestSize(); + // only support MD5 for now + if (strncmp(md, "MD5", 3)) return 0; + + // only support DES_EDE3_CBC for now + if (strncmp(type, "DES_EDE3_CBC", 12)) return 0; + + yaSSL::MD5 myMD; + uint digestSz = myMD.get_digestSize(); byte digest[SHA_LEN]; // max size - int keyLen = type->get_keySize(); - int ivLen = type->get_ivSize(); + yaSSL::DES_EDE cipher; + int keyLen = cipher.get_keySize(); + int ivLen = cipher.get_ivSize(); int keyLeft = keyLen; int ivLeft = ivLen; int keyOutput = 0; @@ -828,17 +846,17 @@ int digestLeft = digestSz; // D_(i - 1) if (keyOutput) // first time D_0 is empty - myMD->update(digest, digestSz); + myMD.update(digest, digestSz); // data - myMD->update(data, sz); + myMD.update(data, sz); // salt if (salt) - myMD->update(salt, EVP_SALT_SZ); - myMD->get_digest(digest); + myMD.update(salt, EVP_SALT_SZ); + myMD.get_digest(digest); // count for (int j = 1; j < count; j++) { - myMD->update(digest, digestSz); - myMD->get_digest(digest); + myMD.update(digest, digestSz); + myMD.get_digest(digest); } if (keyLeft) { @@ -892,6 +910,303 @@ } +// functions for libcurl +int RAND_status() +{ + return 1; /* TaoCrypt provides enough seed */ +} + + +int DES_set_key(const_DES_cblock* key, DES_key_schedule* schedule) +{ + memcpy(schedule, key, sizeof(const_DES_cblock)); + return 1; +} + + +void DES_set_odd_parity(DES_cblock* key) +{ + // not needed now for TaoCrypt +} + + +void DES_ecb_encrypt(DES_cblock* input, DES_cblock* output, + DES_key_schedule* key, int enc) +{ + DES des; + + if (enc) { + des.set_encryptKey(*key, 0); + des.encrypt(*output, *input, DES_BLOCK); + } + else { + des.set_decryptKey(*key, 0); + des.decrypt(*output, *input, DES_BLOCK); + } +} + + +void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata) +{ + // yaSSL doesn't support yet, unencrypt your PEM file with userdata + // before handing off to yaSSL +} + + +X509* SSL_get_certificate(SSL* ssl) +{ + // only used to pass to get_privatekey which isn't used + return 0; +} + + +EVP_PKEY* SSL_get_privatekey(SSL* ssl) +{ + // only called, not used + return 0; +} + + +void SSL_SESSION_free(SSL_SESSION* session) +{ + // managed by singleton +} + + + +EVP_PKEY* X509_get_pubkey(X509* x) +{ + // called, not used though + return 0; +} + + +int EVP_PKEY_copy_parameters(EVP_PKEY* to, const EVP_PKEY* from) +{ + // called, not used though + return 0; +} + + +void EVP_PKEY_free(EVP_PKEY* pkey) +{ + // never allocated from above +} + + +void ERR_error_string_n(unsigned long e, char *buf, size_t len) +{ + if (len) ERR_error_string(e, buf); +} + + +void ERR_free_strings(void) +{ + // handled internally +} + + +void EVP_cleanup(void) +{ + // nothing to do yet +} + + +ASN1_TIME* X509_get_notBefore(X509* x) +{ + if (x) return x->GetBefore(); + return 0; +} + + +ASN1_TIME* X509_get_notAfter(X509* x) +{ + if (x) return x->GetAfter(); + return 0; +} + + +SSL_METHOD* SSLv23_client_method(void) /* doesn't actually roll back */ +{ + return SSLv3_client_method(); +} + + +SSL_METHOD* SSLv2_client_method(void) /* will never work, no v 2 */ +{ + return 0; +} + + +SSL_SESSION* SSL_get1_session(SSL* ssl) /* what's ref count */ +{ + return SSL_get_session(ssl); +} + + +void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *x) +{ + // no extension names supported yet +} + + +int sk_GENERAL_NAME_num(STACK_OF(GENERAL_NAME) *x) +{ + // no extension names supported yet + return 0; +} + + +GENERAL_NAME* sk_GENERAL_NAME_value(STACK_OF(GENERAL_NAME) *x, int i) +{ + // no extension names supported yet + return 0; +} + + +unsigned char* ASN1_STRING_data(ASN1_STRING* x) +{ + if (x) return x->data; + return 0; +} + + +int ASN1_STRING_length(ASN1_STRING* x) +{ + if (x) return x->length; + return 0; +} + + +int ASN1_STRING_type(ASN1_STRING *x) +{ + if (x) return x->type; + return 0; +} + + +int X509_NAME_get_index_by_NID(X509_NAME* name,int nid, int lastpos) +{ + int idx = -1; // not found + const char* start = &name->GetName()[lastpos + 1]; + + switch (nid) { + case NID_commonName: + const char* found = strstr(start, "/CN="); + if (found) { + found += 4; // advance to str + idx = found - start + lastpos + 1; + } + break; + } + + return idx; +} + + +ASN1_STRING* X509_NAME_ENTRY_get_data(X509_NAME_ENTRY* ne) +{ + // the same in yaSSL + return ne; +} + + +X509_NAME_ENTRY* X509_NAME_get_entry(X509_NAME* name, int loc) +{ + return name->GetEntry(loc); +} + + +// already formatted, caller responsible for freeing *out +int ASN1_STRING_to_UTF8(unsigned char** out, ASN1_STRING* in) +{ + if (!in) return 0; + + *out = (unsigned char*)malloc(in->length + 1); + if (*out) { + memcpy(*out, in->data, in->length); + (*out)[in->length] = 0; + } + return in->length; +} + + +void* X509_get_ext_d2i(X509* x, int nid, int* crit, int* idx) +{ + // no extensions supported yet + return 0; +} + + +void MD4_Init(MD4_CTX* md4) +{ + // make sure we have a big enough buffer + typedef char ok[sizeof(md4->buffer) >= sizeof(TaoCrypt::MD4) ? 1 : -1]; + (void) sizeof(ok); + + // using TaoCrypt since no dynamic memory allocated + // and no destructor will be called + new (reinterpret_cast<yassl_pointer>(md4->buffer)) TaoCrypt::MD4(); +} + + +void MD4_Update(MD4_CTX* md4, const void* data, unsigned long sz) +{ + reinterpret_cast<TaoCrypt::MD4*>(md4->buffer)->Update( + static_cast<const byte*>(data), static_cast<unsigned int>(sz)); +} + + +void MD4_Final(unsigned char* hash, MD4_CTX* md4) +{ + reinterpret_cast<TaoCrypt::MD4*>(md4->buffer)->Final(hash); +} + + +void MD5_Init(MD5_CTX* md5) +{ + // make sure we have a big enough buffer + typedef char ok[sizeof(md5->buffer) >= sizeof(TaoCrypt::MD5) ? 1 : -1]; + (void) sizeof(ok); + + // using TaoCrypt since no dynamic memory allocated + // and no destructor will be called + new (reinterpret_cast<yassl_pointer>(md5->buffer)) TaoCrypt::MD5(); +} + + +void MD5_Update(MD5_CTX* md5, const void* data, unsigned long sz) +{ + reinterpret_cast<TaoCrypt::MD5*>(md5->buffer)->Update( + static_cast<const byte*>(data), static_cast<unsigned int>(sz)); +} + + +void MD5_Final(unsigned char* hash, MD5_CTX* md5) +{ + reinterpret_cast<TaoCrypt::MD5*>(md5->buffer)->Final(hash); +} + + +int RAND_bytes(unsigned char* buf, int num) +{ + RandomPool ran; + + if (ran.GetError()) return 0; + + ran.Fill(buf, num); + return 1; +} + + +int SSL_peek(SSL* ssl, void* buffer, int sz) +{ + Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer)); + return receiveData(*ssl, data, true); +} + + + // functions for stunnel void RAND_screen() @@ -1093,8 +1408,10 @@ } - void SSLeay_add_ssl_algorithms() // compatibility only - {} + int SSLeay_add_ssl_algorithms() // compatibility only + { + return 1; + } void ERR_remove_state(unsigned long) @@ -1124,4 +1441,5 @@ // end stunnel needs +} // extern "C" } // namespace Modified: dcplusplus/trunk/yassl/src/template_instnt.cpp =================================================================== --- dcplusplus/trunk/yassl/src/template_instnt.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/src/template_instnt.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -35,13 +35,6 @@ #include "openssl/ssl.h" #ifdef HAVE_EXPLICIT_TEMPLATE_INSTANTIATION -#if !defined(USE_CRYPTOPP_LIB) -namespace TaoCrypt { -template class HMAC<MD5>; -template class HMAC<SHA>; -template class HMAC<RIPEMD160>; -} -#endif // USE_CRYPTOPP_LIB namespace mySTL { template class list<unsigned char*>; @@ -58,12 +51,16 @@ template class list<yaSSL::input_buffer*>; template class list<yaSSL::output_buffer*>; template class list<yaSSL::x509*>; +template class list<yaSSL::Digest*>; +template class list<yaSSL::BulkCipher*>; template void destroy<mySTL::pair<int, yaSSL::ClientKeyBase* (*)()>*>(mySTL::pair<int, yaSSL::ClientKeyBase* (*)()>*, mySTL::pair<int, yaSSL::ClientKeyBase* (*)()>*); template yaSSL::del_ptr_zero for_each<mySTL::list<TaoCrypt::Signer*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<TaoCrypt::Signer*>::iterator, mySTL::list<TaoCrypt::Signer*>::iterator, yaSSL::del_ptr_zero); template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::SSL_SESSION*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::SSL_SESSION*>::iterator, mySTL::list<yaSSL::SSL_SESSION*>::iterator, yaSSL::del_ptr_zero); template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::input_buffer*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::input_buffer*>::iterator, mySTL::list<yaSSL::input_buffer*>::iterator, yaSSL::del_ptr_zero); template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::output_buffer*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::output_buffer*>::iterator, mySTL::list<yaSSL::output_buffer*>::iterator, yaSSL::del_ptr_zero); template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::x509*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::x509*>::iterator, mySTL::list<yaSSL::x509*>::iterator, yaSSL::del_ptr_zero); +template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::Digest*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::Digest*>::iterator, mySTL::list<yaSSL::Digest*>::iterator, yaSSL::del_ptr_zero); +template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::BulkCipher*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::BulkCipher*>::iterator, mySTL::list<yaSSL::BulkCipher*>::iterator, yaSSL::del_ptr_zero); } namespace yaSSL { @@ -87,6 +84,8 @@ template void ysDelete<Digest>(Digest*); template void ysDelete<X509>(X509*); template void ysDelete<Message>(Message*); +template void ysDelete<sslFactory>(sslFactory*); +template void ysDelete<Sessions>(Sessions*); template void ysArrayDelete<unsigned char>(unsigned char*); template void ysArrayDelete<char>(char*); } Modified: dcplusplus/trunk/yassl/src/timer.cpp =================================================================== --- dcplusplus/trunk/yassl/src/timer.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/src/timer.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -26,13 +26,17 @@ #include "runtime.hpp" #include "timer.hpp" +#ifdef _WIN32 +#define WIN32_LEAN_AND_MEAN +#include <windows.h> +#else +#include <sys/time.h> +#endif + namespace yaSSL { #ifdef _WIN32 - #define WIN32_LEAN_AND_MEAN - #include <windows.h> - timer_d timer() { static bool init(false); @@ -57,8 +61,6 @@ #else // _WIN32 - #include <sys/time.h> - timer_d timer() { struct timeval tv; Modified: dcplusplus/trunk/yassl/src/yassl.cpp =================================================================== --- dcplusplus/trunk/yassl/src/yassl.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/src/yassl.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -31,7 +31,7 @@ #include "openssl/ssl.h" // get rid of this -/* + // yaSSL overloads hide these void* operator new[](size_t sz) { @@ -43,7 +43,7 @@ ::operator delete(ptr); } -*/ + namespace yaSSL { using mySTL::min; Modified: dcplusplus/trunk/yassl/src/yassl_error.cpp =================================================================== --- dcplusplus/trunk/yassl/src/yassl_error.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/src/yassl_error.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -26,10 +26,13 @@ #include "runtime.hpp" #include "yassl_error.hpp" #include "error.hpp" // TaoCrypt error numbers +#include "openssl/ssl.h" // SSL_ERROR_WANT_READ +#include <string.h> // strncpy namespace yaSSL { +/* may bring back in future Error::Error(const char* s, YasslError e, Library l) : mySTL::runtime_error(s), error_(e), lib_(l) { @@ -47,6 +50,7 @@ return lib_; } +*/ void SetErrorString(YasslError error, char* buffer) @@ -115,7 +119,12 @@ case certificate_error : strncpy(buffer, "unable to proccess cerificate", max); - break; + break; + + // openssl errors + case SSL_ERROR_WANT_READ : + strncpy(buffer, "the read operation would block", max); + break; // TaoCrypt errors case NO_ERROR : Modified: dcplusplus/trunk/yassl/src/yassl_imp.cpp =================================================================== --- dcplusplus/trunk/yassl/src/yassl_imp.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/src/yassl_imp.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -1329,7 +1329,8 @@ // Compression hello.comp_len_ = input[AUTO]; - hello.compression_methods_ = CompressionMethod(input[AUTO]); + while (hello.comp_len_--) // ignore for now + hello.compression_methods_ = CompressionMethod(input[AUTO]); return input; } @@ -1974,7 +1975,9 @@ : pre_master_secret_(0), sequence_number_(0), peer_sequence_number_(0), pre_secret_len_(0), send_server_key_(false), master_clean_(false), TLS_(v.major_ >= 3 && v.minor_ >= 1), version_(v), random_(ran) -{} +{ + memset(sessionID_, 0, sizeof(sessionID_)); +} Connection::~Connection() Modified: dcplusplus/trunk/yassl/src/yassl_int.cpp =================================================================== --- dcplusplus/trunk/yassl/src/yassl_int.cpp 2006-06-19 19:16:49 UTC (rev 622) +++ dcplusplus/trunk/yassl/src/yassl_int.cpp 2006-07-02 16:52:24 UTC (rev 623) @@ -28,7 +28,6 @@ #include "yassl_int.hpp" #include "handshake.hpp" #include "timer.hpp" -#include "openssl/ssl.h" // for DH #ifdef YASSL_PURE_C @@ -987,6 +986,36 @@ } +// like Fill but keep data in buffer +void SSL::PeekData(Data& data) +{ + if (GetError()) return; + uint dataSz = data.get_length(); // input, data size to fill + uint elements = buffers_.getData().size(); + + data.set_length(0); // output, actual data filled + dataSz = min(dataSz, bufferedData()); + + Buffers::inputList::iterator front = buffers_.getData().begin(); + + while (elements) { + uint frontSz = (*front)->get_remaining(); + uint readSz = min(dataSz - data.get_length(), frontSz); + uint before = (*front)->get_current(); + + (*front)->read(data.set_buffer() + data.get_length(), readSz); + data.set_length(data.get_length() + readSz); + (*front)->set_current(before); + + if (data.get_length() == dataSz) + break; + + elements--; + front++; + } +} + + // flush output buffer void SSL::flushBuffer() { @@ -1363,22 +1392,27 @@ } -Sessions Sessions::instance_; // simple singleton +static Sessions* sessionsInstance = 0; Sessions& GetSessions() { - return Sessions::instance_; + if (!sessionsInstance) + sessionsInstance = NEW_YS Sessions; + return *sessionsInstance; } -sslFactory sslFactory::instance_; // simple singleton +static sslFactory* sslFactoryInstance = 0; sslFactory& GetSSL_Factory() -{ - return sslFactory::instance_; +{ + if (!sslFactoryInstance) + sslFactoryInstance = NEW_YS sslFactory; + retur... [truncated message content] |
