diff options
author | Arne Schwabe <arne@rfc2549.org> | 2014-04-23 09:56:37 +0200 |
---|---|---|
committer | Arne Schwabe <arne@rfc2549.org> | 2014-04-23 09:56:37 +0200 |
commit | e436c963f0976b885a7db04681344779e26dd3b5 (patch) | |
tree | 240663106f32e02e1c34080656f4ef21a2e1776e /main/openssl/patches | |
parent | 6a99715a9b072fa249e79c98cd9f03991f0f1219 (diff) |
Update OpenSSL to 1.0.1g and statically link OpenVPN with it
Diffstat (limited to 'main/openssl/patches')
-rw-r--r-- | main/openssl/patches/README | 52 | ||||
-rw-r--r-- | main/openssl/patches/apps_Android.mk | 87 | ||||
-rw-r--r-- | main/openssl/patches/crypto_Android.mk | 559 | ||||
-rw-r--r-- | main/openssl/patches/handshake_cutthrough.patch | 210 | ||||
-rw-r--r-- | main/openssl/patches/jsse.patch | 32 | ||||
-rw-r--r-- | main/openssl/patches/npn.patch | 1293 | ||||
-rw-r--r-- | main/openssl/patches/progs.patch | 4 | ||||
-rw-r--r-- | main/openssl/patches/sha1_armv4_large.patch | 21 | ||||
-rw-r--r-- | main/openssl/patches/small_records.patch | 337 | ||||
-rw-r--r-- | main/openssl/patches/ssl_Android.mk | 98 | ||||
-rw-r--r-- | main/openssl/patches/sslv3_uninit_padding.patch | 14 |
11 files changed, 173 insertions, 2534 deletions
diff --git a/main/openssl/patches/README b/main/openssl/patches/README index 54b6e068..5348e425 100644 --- a/main/openssl/patches/README +++ b/main/openssl/patches/README @@ -3,18 +3,6 @@ progs.patch: Fixup sources under the apps/ directory that are not built under the android environment. -small_records.patch: - -Reduce OpenSSL memory consumption. -SSL records may be as large as 16K, but are typically < 2K. In -addition, a historic bug in Windows allowed records to be as large -32K. OpenSSL statically allocates read and write buffers (34K and -18K respectively) used for processing records. -With this patch, OpenSSL statically allocates 4K + 4K buffers, with -the option of dynamically growing buffers to 34K + 4K, which is a -saving of 44K per connection for the typical case. - - handshake_cutthrough.patch Enables SSL3+ clients to send application data immediately following the @@ -26,14 +14,42 @@ jsse.patch Support for JSSE implementation based on OpenSSL. -npn.patch +channelid.patch + +Implements TLS Channel ID support as both a client and a server. +See http://tools.ietf.org/html/draft-balfanz-tls-channelid-00. + +eng_dyn_dirs.patch + +Fixes the case of having multiple DIR_ADD commands sent to eng_dyn + +fix_clang_build.patch + +Fixes the Clang based build. + +tls12_digests.patch + +Fixes a bug with handling TLS 1.2 and digest functions for DSA and ECDSA +keys. + +alpn.patch + +This change adds support for ALPN in OpenSSL. ALPN is the IETF +blessed version of NPN and we'll be supporting both ALPN and NPN for +some time yet. + +cbc_record_splitting.patch -Transport Layer Security (TLS) Next Protocol Negotiation Extension +BEAST attack client-side mitigation. Removes 0/n record splitting, adds 1/n-1 +record splitting. Record splitting is disabled by default. -sslv3_uninit_padding.patch +paddingext.patch -This patch sets the padding for SSLv3 block ciphers to zero. +ClientHello padding extension which is added, when needed, to work around bugs +in F5 terminators. -sha1_armv4_large.patch +dsa_nonce.patch -This patch eliminates memory stores to addresses below SP. +Adds an option to mix in hash of message and private key into (EC)DSA nonces to +make (EC)DSA more resilient to weaknesses in RNGs used for nonces. The feature +is disabled by default. diff --git a/main/openssl/patches/apps_Android.mk b/main/openssl/patches/apps_Android.mk deleted file mode 100644 index 20cc5a9d..00000000 --- a/main/openssl/patches/apps_Android.mk +++ /dev/null @@ -1,87 +0,0 @@ -# Copyright 2006 The Android Open Source Project - -LOCAL_PATH:= $(call my-dir) - -local_src_files:= \ - app_rand.c \ - apps.c \ - asn1pars.c \ - ca.c \ - ciphers.c \ - crl.c \ - crl2p7.c \ - dgst.c \ - dh.c \ - dhparam.c \ - dsa.c \ - dsaparam.c \ - ecparam.c \ - ec.c \ - enc.c \ - engine.c \ - errstr.c \ - gendh.c \ - gendsa.c \ - genpkey.c \ - genrsa.c \ - nseq.c \ - ocsp.c \ - openssl.c \ - passwd.c \ - pkcs12.c \ - pkcs7.c \ - pkcs8.c \ - pkey.c \ - pkeyparam.c \ - pkeyutl.c \ - prime.c \ - rand.c \ - req.c \ - rsa.c \ - rsautl.c \ - s_cb.c \ - s_client.c \ - s_server.c \ - s_socket.c \ - s_time.c \ - sess_id.c \ - smime.c \ - speed.c \ - spkac.c \ - verify.c \ - version.c \ - x509.c - -local_shared_libraries := \ - libssl \ - libcrypto - -local_c_includes := \ - external/openssl \ - external/openssl/include - -local_cflags := -DMONOLITH - -# These flags omit whole features from the commandline "openssl". -# However, portions of these features are actually turned on. -local_cflags += -DOPENSSL_NO_DTLS1 - -include $(CLEAR_VARS) -LOCAL_MODULE:= openssl -LOCAL_MODULE_TAGS := optional -LOCAL_SRC_FILES := $(local_src_files) -LOCAL_SHARED_LIBRARIES := $(local_shared_libraries) -LOCAL_C_INCLUDES := $(local_c_includes) -LOCAL_CFLAGS := $(local_cflags) -include $(LOCAL_PATH)/../android-config.mk -include $(BUILD_EXECUTABLE) - -include $(CLEAR_VARS) -LOCAL_MODULE:= openssl -LOCAL_MODULE_TAGS := optional -LOCAL_SRC_FILES := $(local_src_files) -LOCAL_SHARED_LIBRARIES := $(local_shared_libraries) -LOCAL_C_INCLUDES := $(local_c_includes) -LOCAL_CFLAGS := $(local_cflags) -include $(LOCAL_PATH)/../android-config.mk -include $(BUILD_HOST_EXECUTABLE) diff --git a/main/openssl/patches/crypto_Android.mk b/main/openssl/patches/crypto_Android.mk deleted file mode 100644 index 6f09fa53..00000000 --- a/main/openssl/patches/crypto_Android.mk +++ /dev/null @@ -1,559 +0,0 @@ -LOCAL_PATH:= $(call my-dir) - -arm_cflags := -DOPENSSL_BN_ASM_MONT -DAES_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -arm_src_files := \ - aes/asm/aes-armv4.s \ - bn/asm/armv4-mont.s \ - sha/asm/sha1-armv4-large.s \ - sha/asm/sha256-armv4.s \ - sha/asm/sha512-armv4.s -non_arm_src_files := aes/aes_core.c - -local_src_files := \ - cryptlib.c \ - mem.c \ - mem_clr.c \ - mem_dbg.c \ - cversion.c \ - ex_data.c \ - cpt_err.c \ - ebcdic.c \ - uid.c \ - o_time.c \ - o_str.c \ - o_dir.c \ - aes/aes_cbc.c \ - aes/aes_cfb.c \ - aes/aes_ctr.c \ - aes/aes_ecb.c \ - aes/aes_misc.c \ - aes/aes_ofb.c \ - aes/aes_wrap.c \ - asn1/a_bitstr.c \ - asn1/a_bool.c \ - asn1/a_bytes.c \ - asn1/a_d2i_fp.c \ - asn1/a_digest.c \ - asn1/a_dup.c \ - asn1/a_enum.c \ - asn1/a_gentm.c \ - asn1/a_i2d_fp.c \ - asn1/a_int.c \ - asn1/a_mbstr.c \ - asn1/a_object.c \ - asn1/a_octet.c \ - asn1/a_print.c \ - asn1/a_set.c \ - asn1/a_sign.c \ - asn1/a_strex.c \ - asn1/a_strnid.c \ - asn1/a_time.c \ - asn1/a_type.c \ - asn1/a_utctm.c \ - asn1/a_utf8.c \ - asn1/a_verify.c \ - asn1/ameth_lib.c \ - asn1/asn1_err.c \ - asn1/asn1_gen.c \ - asn1/asn1_lib.c \ - asn1/asn1_par.c \ - asn1/asn_mime.c \ - asn1/asn_moid.c \ - asn1/asn_pack.c \ - asn1/bio_asn1.c \ - asn1/bio_ndef.c \ - asn1/d2i_pr.c \ - asn1/d2i_pu.c \ - asn1/evp_asn1.c \ - asn1/f_enum.c \ - asn1/f_int.c \ - asn1/f_string.c \ - asn1/i2d_pr.c \ - asn1/i2d_pu.c \ - asn1/n_pkey.c \ - asn1/nsseq.c \ - asn1/p5_pbe.c \ - asn1/p5_pbev2.c \ - asn1/p8_pkey.c \ - asn1/t_bitst.c \ - asn1/t_crl.c \ - asn1/t_pkey.c \ - asn1/t_req.c \ - asn1/t_spki.c \ - asn1/t_x509.c \ - asn1/t_x509a.c \ - asn1/tasn_dec.c \ - asn1/tasn_enc.c \ - asn1/tasn_fre.c \ - asn1/tasn_new.c \ - asn1/tasn_prn.c \ - asn1/tasn_typ.c \ - asn1/tasn_utl.c \ - asn1/x_algor.c \ - asn1/x_attrib.c \ - asn1/x_bignum.c \ - asn1/x_crl.c \ - asn1/x_exten.c \ - asn1/x_info.c \ - asn1/x_long.c \ - asn1/x_name.c \ - asn1/x_nx509.c \ - asn1/x_pkey.c \ - asn1/x_pubkey.c \ - asn1/x_req.c \ - asn1/x_sig.c \ - asn1/x_spki.c \ - asn1/x_val.c \ - asn1/x_x509.c \ - asn1/x_x509a.c \ - bf/bf_cfb64.c \ - bf/bf_ecb.c \ - bf/bf_enc.c \ - bf/bf_ofb64.c \ - bf/bf_skey.c \ - bio/b_dump.c \ - bio/b_print.c \ - bio/b_sock.c \ - bio/bf_buff.c \ - bio/bf_nbio.c \ - bio/bf_null.c \ - bio/bio_cb.c \ - bio/bio_err.c \ - bio/bio_lib.c \ - bio/bss_acpt.c \ - bio/bss_bio.c \ - bio/bss_conn.c \ - bio/bss_dgram.c \ - bio/bss_fd.c \ - bio/bss_file.c \ - bio/bss_log.c \ - bio/bss_mem.c \ - bio/bss_null.c \ - bio/bss_sock.c \ - bn/bn_add.c \ - bn/bn_asm.c \ - bn/bn_blind.c \ - bn/bn_const.c \ - bn/bn_ctx.c \ - bn/bn_div.c \ - bn/bn_err.c \ - bn/bn_exp.c \ - bn/bn_exp2.c \ - bn/bn_gcd.c \ - bn/bn_gf2m.c \ - bn/bn_kron.c \ - bn/bn_lib.c \ - bn/bn_mod.c \ - bn/bn_mont.c \ - bn/bn_mpi.c \ - bn/bn_mul.c \ - bn/bn_nist.c \ - bn/bn_prime.c \ - bn/bn_print.c \ - bn/bn_rand.c \ - bn/bn_recp.c \ - bn/bn_shift.c \ - bn/bn_sqr.c \ - bn/bn_sqrt.c \ - bn/bn_word.c \ - buffer/buf_err.c \ - buffer/buffer.c \ - comp/c_rle.c \ - comp/c_zlib.c \ - comp/comp_err.c \ - comp/comp_lib.c \ - conf/conf_api.c \ - conf/conf_def.c \ - conf/conf_err.c \ - conf/conf_lib.c \ - conf/conf_mall.c \ - conf/conf_mod.c \ - conf/conf_sap.c \ - des/cbc_cksm.c \ - des/cbc_enc.c \ - des/cfb64ede.c \ - des/cfb64enc.c \ - des/cfb_enc.c \ - des/des_enc.c \ - des/des_old.c \ - des/des_old2.c \ - des/ecb3_enc.c \ - des/ecb_enc.c \ - des/ede_cbcm_enc.c \ - des/enc_read.c \ - des/enc_writ.c \ - des/fcrypt.c \ - des/fcrypt_b.c \ - des/ofb64ede.c \ - des/ofb64enc.c \ - des/ofb_enc.c \ - des/pcbc_enc.c \ - des/qud_cksm.c \ - des/rand_key.c \ - des/read2pwd.c \ - des/rpc_enc.c \ - des/set_key.c \ - des/str2key.c \ - des/xcbc_enc.c \ - dh/dh_ameth.c \ - dh/dh_asn1.c \ - dh/dh_check.c \ - dh/dh_depr.c \ - dh/dh_err.c \ - dh/dh_gen.c \ - dh/dh_key.c \ - dh/dh_lib.c \ - dh/dh_pmeth.c \ - dsa/dsa_ameth.c \ - dsa/dsa_asn1.c \ - dsa/dsa_depr.c \ - dsa/dsa_err.c \ - dsa/dsa_gen.c \ - dsa/dsa_key.c \ - dsa/dsa_lib.c \ - dsa/dsa_ossl.c \ - dsa/dsa_pmeth.c \ - dsa/dsa_prn.c \ - dsa/dsa_sign.c \ - dsa/dsa_vrf.c \ - dso/dso_dl.c \ - dso/dso_dlfcn.c \ - dso/dso_err.c \ - dso/dso_lib.c \ - dso/dso_null.c \ - dso/dso_openssl.c \ - ec/ec2_mult.c \ - ec/ec2_smpl.c \ - ec/ec_ameth.c \ - ec/ec_asn1.c \ - ec/ec_check.c \ - ec/ec_curve.c \ - ec/ec_cvt.c \ - ec/ec_err.c \ - ec/ec_key.c \ - ec/ec_lib.c \ - ec/ec_mult.c \ - ec/ec_pmeth.c \ - ec/ec_print.c \ - ec/eck_prn.c \ - ec/ecp_mont.c \ - ec/ecp_nist.c \ - ec/ecp_smpl.c \ - ecdh/ech_err.c \ - ecdh/ech_key.c \ - ecdh/ech_lib.c \ - ecdh/ech_ossl.c \ - ecdsa/ecs_asn1.c \ - ecdsa/ecs_err.c \ - ecdsa/ecs_lib.c \ - ecdsa/ecs_ossl.c \ - ecdsa/ecs_sign.c \ - ecdsa/ecs_vrf.c \ - err/err.c \ - err/err_all.c \ - err/err_prn.c \ - evp/bio_b64.c \ - evp/bio_enc.c \ - evp/bio_md.c \ - evp/bio_ok.c \ - evp/c_all.c \ - evp/c_allc.c \ - evp/c_alld.c \ - evp/digest.c \ - evp/e_aes.c \ - evp/e_bf.c \ - evp/e_des.c \ - evp/e_des3.c \ - evp/e_null.c \ - evp/e_old.c \ - evp/e_rc2.c \ - evp/e_rc4.c \ - evp/e_rc5.c \ - evp/e_xcbc_d.c \ - evp/encode.c \ - evp/evp_acnf.c \ - evp/evp_enc.c \ - evp/evp_err.c \ - evp/evp_key.c \ - evp/evp_lib.c \ - evp/evp_pbe.c \ - evp/evp_pkey.c \ - evp/m_dss.c \ - evp/m_dss1.c \ - evp/m_ecdsa.c \ - evp/m_md4.c \ - evp/m_md5.c \ - evp/m_mdc2.c \ - evp/m_null.c \ - evp/m_ripemd.c \ - evp/m_sha1.c \ - evp/m_sigver.c \ - evp/m_wp.c \ - evp/names.c \ - evp/p5_crpt.c \ - evp/p5_crpt2.c \ - evp/p_dec.c \ - evp/p_enc.c \ - evp/p_lib.c \ - evp/p_open.c \ - evp/p_seal.c \ - evp/p_sign.c \ - evp/p_verify.c \ - evp/pmeth_fn.c \ - evp/pmeth_gn.c \ - evp/pmeth_lib.c \ - hmac/hm_ameth.c \ - hmac/hm_pmeth.c \ - hmac/hmac.c \ - krb5/krb5_asn.c \ - lhash/lh_stats.c \ - lhash/lhash.c \ - md4/md4_dgst.c \ - md4/md4_one.c \ - md5/md5_dgst.c \ - md5/md5_one.c \ - modes/cbc128.c \ - modes/cfb128.c \ - modes/ctr128.c \ - modes/ofb128.c \ - objects/o_names.c \ - objects/obj_dat.c \ - objects/obj_err.c \ - objects/obj_lib.c \ - objects/obj_xref.c \ - ocsp/ocsp_asn.c \ - ocsp/ocsp_cl.c \ - ocsp/ocsp_err.c \ - ocsp/ocsp_ext.c \ - ocsp/ocsp_ht.c \ - ocsp/ocsp_lib.c \ - ocsp/ocsp_prn.c \ - ocsp/ocsp_srv.c \ - ocsp/ocsp_vfy.c \ - pem/pem_all.c \ - pem/pem_err.c \ - pem/pem_info.c \ - pem/pem_lib.c \ - pem/pem_oth.c \ - pem/pem_pk8.c \ - pem/pem_pkey.c \ - pem/pem_seal.c \ - pem/pem_sign.c \ - pem/pem_x509.c \ - pem/pem_xaux.c \ - pem/pvkfmt.c \ - pkcs12/p12_add.c \ - pkcs12/p12_asn.c \ - pkcs12/p12_attr.c \ - pkcs12/p12_crpt.c \ - pkcs12/p12_crt.c \ - pkcs12/p12_decr.c \ - pkcs12/p12_init.c \ - pkcs12/p12_key.c \ - pkcs12/p12_kiss.c \ - pkcs12/p12_mutl.c \ - pkcs12/p12_npas.c \ - pkcs12/p12_p8d.c \ - pkcs12/p12_p8e.c \ - pkcs12/p12_utl.c \ - pkcs12/pk12err.c \ - pkcs7/pk7_asn1.c \ - pkcs7/pk7_attr.c \ - pkcs7/pk7_doit.c \ - pkcs7/pk7_lib.c \ - pkcs7/pk7_mime.c \ - pkcs7/pk7_smime.c \ - pkcs7/pkcs7err.c \ - rand/md_rand.c \ - rand/rand_egd.c \ - rand/rand_err.c \ - rand/rand_lib.c \ - rand/rand_unix.c \ - rand/randfile.c \ - rc2/rc2_cbc.c \ - rc2/rc2_ecb.c \ - rc2/rc2_skey.c \ - rc2/rc2cfb64.c \ - rc2/rc2ofb64.c \ - rc4/rc4_enc.c \ - rc4/rc4_skey.c \ - ripemd/rmd_dgst.c \ - ripemd/rmd_one.c \ - rsa/rsa_ameth.c \ - rsa/rsa_asn1.c \ - rsa/rsa_chk.c \ - rsa/rsa_eay.c \ - rsa/rsa_err.c \ - rsa/rsa_gen.c \ - rsa/rsa_lib.c \ - rsa/rsa_none.c \ - rsa/rsa_null.c \ - rsa/rsa_oaep.c \ - rsa/rsa_pk1.c \ - rsa/rsa_pmeth.c \ - rsa/rsa_prn.c \ - rsa/rsa_pss.c \ - rsa/rsa_saos.c \ - rsa/rsa_sign.c \ - rsa/rsa_ssl.c \ - rsa/rsa_x931.c \ - sha/sha1_one.c \ - sha/sha1dgst.c \ - sha/sha256.c \ - sha/sha512.c \ - sha/sha_dgst.c \ - stack/stack.c \ - ts/ts_err.c \ - txt_db/txt_db.c \ - ui/ui_compat.c \ - ui/ui_err.c \ - ui/ui_lib.c \ - ui/ui_openssl.c \ - ui/ui_util.c \ - x509/by_dir.c \ - x509/by_file.c \ - x509/x509_att.c \ - x509/x509_cmp.c \ - x509/x509_d2.c \ - x509/x509_def.c \ - x509/x509_err.c \ - x509/x509_ext.c \ - x509/x509_lu.c \ - x509/x509_obj.c \ - x509/x509_r2x.c \ - x509/x509_req.c \ - x509/x509_set.c \ - x509/x509_trs.c \ - x509/x509_txt.c \ - x509/x509_v3.c \ - x509/x509_vfy.c \ - x509/x509_vpm.c \ - x509/x509cset.c \ - x509/x509name.c \ - x509/x509rset.c \ - x509/x509spki.c \ - x509/x509type.c \ - x509/x_all.c \ - x509v3/pcy_cache.c \ - x509v3/pcy_data.c \ - x509v3/pcy_lib.c \ - x509v3/pcy_map.c \ - x509v3/pcy_node.c \ - x509v3/pcy_tree.c \ - x509v3/v3_akey.c \ - x509v3/v3_akeya.c \ - x509v3/v3_alt.c \ - x509v3/v3_bcons.c \ - x509v3/v3_bitst.c \ - x509v3/v3_conf.c \ - x509v3/v3_cpols.c \ - x509v3/v3_crld.c \ - x509v3/v3_enum.c \ - x509v3/v3_extku.c \ - x509v3/v3_genn.c \ - x509v3/v3_ia5.c \ - x509v3/v3_info.c \ - x509v3/v3_int.c \ - x509v3/v3_lib.c \ - x509v3/v3_ncons.c \ - x509v3/v3_ocsp.c \ - x509v3/v3_pci.c \ - x509v3/v3_pcia.c \ - x509v3/v3_pcons.c \ - x509v3/v3_pku.c \ - x509v3/v3_pmaps.c \ - x509v3/v3_prn.c \ - x509v3/v3_purp.c \ - x509v3/v3_skey.c \ - x509v3/v3_sxnet.c \ - x509v3/v3_utl.c \ - x509v3/v3err.c - -local_c_includes := \ - external/openssl \ - external/openssl/crypto/asn1 \ - external/openssl/crypto/evp \ - external/openssl/include \ - external/openssl/include/openssl \ - external/zlib - -local_c_flags := -DNO_WINDOWS_BRAINDEATH - -####################################### -# target static library -include $(CLEAR_VARS) -include $(LOCAL_PATH)/../android-config.mk - -ifneq ($(TARGET_ARCH),x86) -LOCAL_NDK_VERSION := 5 -LOCAL_SDK_VERSION := 9 -endif - -LOCAL_SRC_FILES += $(local_src_files) -LOCAL_CFLAGS += $(local_c_flags) -LOCAL_C_INCLUDES += $(local_c_includes) -ifeq ($(TARGET_ARCH),arm) - LOCAL_SRC_FILES += $(arm_src_files) - LOCAL_CFLAGS += $(arm_cflags) -else - LOCAL_SRC_FILES += $(non_arm_src_files) -endif -LOCAL_MODULE_TAGS := optional -LOCAL_MODULE:= libcrypto_static -include $(BUILD_STATIC_LIBRARY) - -####################################### -# target shared library -include $(CLEAR_VARS) -include $(LOCAL_PATH)/../android-config.mk - -ifneq ($(TARGET_ARCH),x86) -LOCAL_NDK_VERSION := 5 -LOCAL_SDK_VERSION := 9 -# Use the NDK prebuilt libz and libdl. -LOCAL_LDFLAGS += -lz -ldl -else -LOCAL_SHARED_LIBRARIES += libz libdl -endif - -LOCAL_SRC_FILES += $(local_src_files) -LOCAL_CFLAGS += $(local_c_flags) -LOCAL_C_INCLUDES += $(local_c_includes) -ifeq ($(TARGET_ARCH),arm) - LOCAL_SRC_FILES += $(arm_src_files) - LOCAL_CFLAGS += $(arm_cflags) -else - LOCAL_SRC_FILES += $(non_arm_src_files) -endif -LOCAL_MODULE_TAGS := optional -LOCAL_MODULE:= libcrypto -include $(BUILD_SHARED_LIBRARY) - -####################################### -# host shared library -include $(CLEAR_VARS) -include $(LOCAL_PATH)/../android-config.mk -LOCAL_SRC_FILES += $(local_src_files) -LOCAL_CFLAGS += $(local_c_flags) -DPURIFY -LOCAL_C_INCLUDES += $(local_c_includes) -LOCAL_SRC_FILES += $(non_arm_src_files) -LOCAL_STATIC_LIBRARIES += libz -LOCAL_LDLIBS += -ldl -LOCAL_MODULE_TAGS := optional -LOCAL_MODULE:= libcrypto -include $(BUILD_HOST_SHARED_LIBRARY) - -######################################## -# host static library, which is used by some SDK tools. - -include $(CLEAR_VARS) -include $(LOCAL_PATH)/../android-config.mk -LOCAL_SRC_FILES += $(local_src_files) -LOCAL_CFLAGS += $(local_c_flags) -DPURIFY -LOCAL_C_INCLUDES += $(local_c_includes) -LOCAL_SRC_FILES += $(non_arm_src_files) -LOCAL_STATIC_LIBRARIES += libz -LOCAL_LDLIBS += -ldl -LOCAL_MODULE_TAGS := optional -LOCAL_MODULE:= libcrypto_static -include $(BUILD_HOST_STATIC_LIBRARY) diff --git a/main/openssl/patches/handshake_cutthrough.patch b/main/openssl/patches/handshake_cutthrough.patch index 4f298399..f05a10fd 100644 --- a/main/openssl/patches/handshake_cutthrough.patch +++ b/main/openssl/patches/handshake_cutthrough.patch @@ -1,15 +1,36 @@ -diff -uarp openssl-1.0.0.orig/apps/s_client.c openssl-1.0.0/apps/s_client.c ---- openssl-1.0.0.orig/apps/s_client.c 2009-12-16 15:28:28.000000000 -0500 -+++ openssl-1.0.0/apps/s_client.c 2010-04-21 14:39:49.000000000 -0400 -@@ -248,6 +248,7 @@ static void sc_usage(void) - BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); - BIO_printf(bio_err," -status - request certificate status from server\n"); - BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); -+ BIO_printf(bio_err," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n"); +From d0e735d01271055f09bc4a1be034253e6e3c2dee Mon Sep 17 00:00:00 2001 +From: Adam Langley <agl@chromium.org> +Date: Thu, 24 Jan 2013 16:22:07 -0500 +Subject: [PATCH] handshake_cutthrough + +Enables SSL3+ clients to send application data immediately following the +Finished message even when negotiating full-handshakes. With this +patch, clients can negotiate SSL connections in 1-RTT even when +performing full-handshakes. +--- + apps/s_client.c | 13 +++++++++++++ + ssl/s3_clnt.c | 53 +++++++++++++++++++++++++++++++++++++++++++++++------ + ssl/s3_lib.c | 15 ++++++++++++++- + ssl/ssl.h | 8 +++++++- + ssl/ssl3.h | 1 + + ssl/ssl_lib.c | 13 +++++++++++++ + ssl/ssltest.c | 12 ++++++++++++ + test/testssl | 3 +++ + 8 files changed, 110 insertions(+), 8 deletions(-) + +diff --git a/apps/s_client.c b/apps/s_client.c +index 3ba6605..791e277 100644 +--- a/apps/s_client.c ++++ b/apps/s_client.c +@@ -361,6 +361,7 @@ static void sc_usage(void) + BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); + # endif #endif - } - -@@ -304,6 +305,7 @@ int MAIN(int argc, char **argv) ++ BIO_printf(bio_err," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n"); + BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); + #ifndef OPENSSL_NO_SRTP + BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); +@@ -577,6 +578,7 @@ int MAIN(int argc, char **argv) EVP_PKEY *key = NULL; char *CApath=NULL,*CAfile=NULL,*cipher=NULL; int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0; @@ -17,18 +38,18 @@ diff -uarp openssl-1.0.0.orig/apps/s_client.c openssl-1.0.0/apps/s_client.c int crlf=0; int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending; SSL_CTX *ctx=NULL; -@@ -533,6 +535,8 @@ int MAIN(int argc, char **argv) - else if (strcmp(*argv,"-no_ticket") == 0) - { off|=SSL_OP_NO_TICKET; } +@@ -883,6 +885,8 @@ int MAIN(int argc, char **argv) + } + # endif #endif + else if (strcmp(*argv,"-cutthrough") == 0) + cutthrough=1; else if (strcmp(*argv,"-serverpref") == 0) off|=SSL_OP_CIPHER_SERVER_PREFERENCE; - else if (strcmp(*argv,"-cipher") == 0) -@@ -714,6 +718,15 @@ bad: - */ - if (sock_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); + else if (strcmp(*argv,"-legacy_renegotiation") == 0) +@@ -1158,6 +1162,15 @@ bad: + SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); + #endif + /* Enable handshake cutthrough for client connections using + * strong ciphers. */ @@ -42,29 +63,36 @@ diff -uarp openssl-1.0.0.orig/apps/s_client.c openssl-1.0.0/apps/s_client.c if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); if (cipher != NULL) if(!SSL_CTX_set_cipher_list(ctx,cipher)) { -diff -uarp openssl-1.0.0.orig/ssl/s3_clnt.c openssl-1.0.0/ssl/s3_clnt.c ---- openssl-1.0.0.orig/ssl/s3_clnt.c 2010-02-27 19:24:24.000000000 -0500 -+++ openssl-1.0.0/ssl/s3_clnt.c 2010-04-21 14:39:49.000000000 -0400 -@@ -186,6 +186,18 @@ int ssl3_connect(SSL *s) - - s->in_handshake++; - if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); -+#if 0 /* Send app data in separate packet, otherwise, some particular site -+ * (only one site so far) closes the socket. -+ * Note: there is a very small chance that two TCP packets -+ * could be arriving at server combined into a single TCP packet, -+ * then trigger that site to break. We haven't encounter that though. -+ */ +diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c +index 344e2eb..c3bf18a 100644 +--- a/ssl/s3_clnt.c ++++ b/ssl/s3_clnt.c +@@ -215,6 +215,24 @@ int ssl3_connect(SSL *s) + } + #endif + ++// BEGIN android-added ++#if 0 ++/* Send app data in separate packet, otherwise, some particular site ++ * (only one site so far) closes the socket. http://b/2511073 ++ * Note: there is a very small chance that two TCP packets ++ * could be arriving at server combined into a single TCP packet, ++ * then trigger that site to break. We haven't encounter that though. ++ */ ++// END android-added + if (SSL_get_mode(s) & SSL_MODE_HANDSHAKE_CUTTHROUGH) + { + /* Send app data along with CCS/Finished */ + s->s3->flags |= SSL3_FLAGS_DELAY_CLIENT_FINISHED; + } ++ ++// BEGIN android-added +#endif - ++// END android-added for (;;) { -@@ -454,14 +468,31 @@ int ssl3_connect(SSL *s) + state=s->state; +@@ -526,14 +532,31 @@ int ssl3_connect(SSL *s) } else { @@ -102,7 +130,7 @@ diff -uarp openssl-1.0.0.orig/ssl/s3_clnt.c openssl-1.0.0/ssl/s3_clnt.c } s->init_num=0; break; -@@ -512,6 +541,24 @@ int ssl3_connect(SSL *s) +@@ -581,6 +604,24 @@ int ssl3_connect(SSL *s) s->state=s->s3->tmp.next_state; break; @@ -127,10 +155,11 @@ diff -uarp openssl-1.0.0.orig/ssl/s3_clnt.c openssl-1.0.0/ssl/s3_clnt.c case SSL_ST_OK: /* clean a few things up */ ssl3_cleanup_key_block(s); -diff -uarp openssl-1.0.0.orig/ssl/s3_lib.c openssl-1.0.0/ssl/s3_lib.c --- openssl-1.0.0.orig/ssl/s3_lib.c 2009-10-16 11:24:19.000000000 -0400 -+++ openssl-1.0.0/ssl/s3_lib.c 2010-04-21 14:39:49.000000000 -0400 -@@ -2551,9 +2551,22 @@ int ssl3_write(SSL *s, const void *buf, +diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c +index e7c5dcb..0d77c40 100644 +--- a/ssl/s3_lib.c ++++ b/ssl/s3_lib.c +@@ -4199,9 +4199,22 @@ int ssl3_write(SSL *s, const void *buf, int len) static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) { @@ -154,27 +183,28 @@ diff -uarp openssl-1.0.0.orig/ssl/s3_lib.c openssl-1.0.0/ssl/s3_lib.c if (s->s3->renegotiate) ssl3_renegotiate_check(s); s->s3->in_read_app_data=1; ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); -diff -uarp openssl-1.0.0.orig/ssl/ssl.h openssl-1.0.0/ssl/ssl.h ---- openssl-1.0.0.orig/ssl/ssl.h 2010-01-06 12:37:38.000000000 -0500 -+++ openssl-1.0.0/ssl/ssl.h 2010-04-21 16:57:49.000000000 -0400 -@@ -605,6 +605,10 @@ typedef struct ssl_session_st - /* Use small read and write buffers: (a) lazy allocate read buffers for - * large incoming records, and (b) limit the size of outgoing records. */ - #define SSL_MODE_SMALL_BUFFERS 0x00000020L +diff --git a/ssl/ssl.h b/ssl/ssl.h +index f9c9049..f2af98c 100644 +--- a/ssl/ssl.h ++++ b/ssl/ssl.h +@@ -649,6 +649,10 @@ struct ssl_session_st + */ + #define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L + #define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L +/* When set, clients may send application data before receipt of CCS + * and Finished. This mode enables full-handshakes to 'complete' in + * one RTT. */ -+#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000040L - ++#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000080L + /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, * they cannot be used to clear bits. */ -@@ -1097,10 +1101,12 @@ extern "C" { +@@ -1415,10 +1419,12 @@ extern "C" { /* Is the SSL_connection established? */ #define SSL_get_state(a) SSL_state(a) #define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK) -#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT) +#define SSL_in_init(a) ((SSL_state(a)&SSL_ST_INIT) && \ -+ !SSL_cutthrough_complete(a)) ++ !SSL_cutthrough_complete(a)) #define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE) #define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT) #define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT) @@ -182,25 +212,26 @@ diff -uarp openssl-1.0.0.orig/ssl/ssl.h openssl-1.0.0/ssl/ssl.h /* The following 2 states are kept in ssl->rstate when reads fail, * you should not need these */ -Only in openssl-1.0.0/ssl: ssl.h.orig -diff -uarp openssl-1.0.0.orig/ssl/ssl3.h openssl-1.0.0/ssl/ssl3.h --- openssl-1.0.0.orig/ssl/ssl3.h 2010-01-06 12:37:38.000000000 -0500 -+++ openssl-1.0.0/ssl/ssl3.h 2010-04-21 14:39:49.000000000 -0400 -@@ -456,6 +456,7 @@ typedef struct ssl3_state_st +diff --git a/ssl/ssl3.h b/ssl/ssl3.h +index 247e88c..bd0d764 100644 +--- a/ssl/ssl3.h ++++ b/ssl/ssl3.h +@@ -547,6 +547,7 @@ typedef struct ssl3_state_st /*client */ /* extra state */ #define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT) +#define SSL3_ST_CUTTHROUGH_COMPLETE (0x101|SSL_ST_CONNECT) - /* write to server */ - #define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT) - #define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT) -diff -uarp openssl-1.0.0.orig/ssl/ssl_lib.c openssl-1.0.0/ssl/ssl_lib.c ---- openssl-1.0.0.orig/ssl/ssl_lib.c 2010-02-17 14:43:46.000000000 -0500 -+++ openssl-1.0.0/ssl/ssl_lib.c 2010-04-21 17:02:45.000000000 -0400 -@@ -3031,6 +3031,19 @@ void SSL_set_msg_callback(SSL *ssl, void + #ifndef OPENSSL_NO_SCTP + #define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT) + #define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT) +diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c +index 14d143d..a56e6ef 100644 +--- a/ssl/ssl_lib.c ++++ b/ssl/ssl_lib.c +@@ -3225,6 +3225,19 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int con SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb); } - + +int SSL_cutthrough_complete(const SSL *s) + { + return (!s->server && /* cutthrough only applies to clients */ @@ -217,28 +248,29 @@ diff -uarp openssl-1.0.0.orig/ssl/ssl_lib.c openssl-1.0.0/ssl/ssl_lib.c /* Allocates new EVP_MD_CTX and sets pointer to it into given pointer * vairable, freeing EVP_MD_CTX previously stored in that variable, if * any. If EVP_MD pointer is passed, initializes ctx with this md -diff -uarp openssl-1.0.0.orig/ssl/ssltest.c openssl-1.0.0/ssl/ssltest.c ---- openssl-1.0.0.orig/ssl/ssltest.c 2010-01-24 11:57:38.000000000 -0500 -+++ openssl-1.0.0/ssl/ssltest.c 2010-04-21 17:06:35.000000000 -0400 -@@ -279,6 +279,7 @@ static void sv_usage(void) +diff --git a/ssl/ssltest.c b/ssl/ssltest.c +index 316bbb0..91169bb 100644 +--- a/ssl/ssltest.c ++++ b/ssl/ssltest.c +@@ -369,6 +369,7 @@ static void sv_usage(void) + " (default is sect163r2).\n"); + #endif fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n"); - fprintf(stderr," -c_small_records - enable client side use of small SSL record buffers\n"); - fprintf(stderr," -s_small_records - enable server side use of small SSL record buffers\n"); + fprintf(stderr," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n"); } static void print_details(SSL *c_ssl, const char *prefix) -@@ -436,6 +437,7 @@ int main(int argc, char *argv[]) - int ssl_mode = 0; - int c_small_records=0; - int s_small_records=0; +@@ -549,6 +550,7 @@ int main(int argc, char *argv[]) + #ifdef OPENSSL_FIPS + int fips_mode=0; + #endif + int cutthrough = 0; verbose = 0; debug = 0; -@@ -632,6 +634,10 @@ int main(int argc, char *argv[]) +@@ -765,6 +767,10 @@ int main(int argc, char *argv[]) { - s_small_records = 1; + test_cipherlist = 1; } + else if (strcmp(*argv, "-cutthrough") == 0) + { @@ -247,29 +279,33 @@ diff -uarp openssl-1.0.0.orig/ssl/ssltest.c openssl-1.0.0/ssl/ssltest.c else { fprintf(stderr,"unknown option %s\n",*argv); -@@ -782,6 +788,13 @@ bad: - ssl_mode |= SSL_MODE_SMALL_BUFFERS; - SSL_CTX_set_mode(s_ctx, ssl_mode); +@@ -900,6 +906,12 @@ bad: + SSL_CTX_set_cipher_list(c_ctx,cipher); + SSL_CTX_set_cipher_list(s_ctx,cipher); } -+ ssl_mode = 0; + if (cutthrough) + { -+ ssl_mode = SSL_CTX_get_mode(c_ctx); -+ ssl_mode = SSL_MODE_HANDSHAKE_CUTTHROUGH; ++ int ssl_mode = SSL_CTX_get_mode(c_ctx); ++ ssl_mode |= SSL_MODE_HANDSHAKE_CUTTHROUGH; + SSL_CTX_set_mode(c_ctx, ssl_mode); + } #ifndef OPENSSL_NO_DH if (!no_dhe) -diff -uarp openssl-1.0.0.orig/test/testssl openssl-1.0.0/test/testssl ---- openssl-1.0.0.orig/test/testssl 2006-03-10 18:06:27.000000000 -0500 -+++ openssl-1.0.0/test/testssl 2010-04-21 16:50:13.000000000 -0400 -@@ -79,6 +79,8 @@ $ssltest -server_auth -client_auth -s_sm - echo test sslv2/sslv3 with both client and server authentication and small client and server buffers - $ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1 +diff --git a/test/testssl b/test/testssl +index 4e8542b..b5f90ba 100644 +--- a/test/testssl ++++ b/test/testssl +@@ -70,6 +70,9 @@ $ssltest -client_auth $CA $extra || exit 1 + echo test sslv2/sslv3 with both client and server authentication + $ssltest -server_auth -client_auth $CA $extra || exit 1 +echo test sslv2/sslv3 with both client and server authentication and handshake cutthrough +$ssltest -server_auth -client_auth -cutthrough $CA $extra || exit 1 - ++ echo test sslv2 via BIO pair $ssltest -bio_pair -ssl2 $extra || exit 1 + +-- +1.8.2.1 + diff --git a/main/openssl/patches/jsse.patch b/main/openssl/patches/jsse.patch index 249fb5b2..795a2bbb 100644 --- a/main/openssl/patches/jsse.patch +++ b/main/openssl/patches/jsse.patch @@ -10,14 +10,6 @@ /* Default generate session ID callback. */ GEN_SESSION_CB generate_session_id; -@@ -1546,6 +1549,7 @@ const SSL_CIPHER *SSL_get_current_cipher - int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits); - char * SSL_CIPHER_get_version(const SSL_CIPHER *c); - const char * SSL_CIPHER_get_name(const SSL_CIPHER *c); -+const char * SSL_CIPHER_authentication_method(const SSL_CIPHER *c); - - int SSL_get_fd(const SSL *s); - int SSL_get_rfd(const SSL *s); @@ -1554,6 +1558,7 @@ const char * SSL_get_cipher_list(const char * SSL_get_shared_ciphers(const SSL *s, char *buf, int len); int SSL_get_read_ahead(const SSL * s); @@ -48,9 +40,9 @@ const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len); +const char * SSL_SESSION_get_version(const SSL_SESSION *s); + unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s); #ifndef OPENSSL_NO_FP_API int SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses); - #endif @@ -1624,6 +1633,7 @@ int SSL_SESSION_print(BIO *fp,const SSL_ void SSL_SESSION_free(SSL_SESSION *ses); int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp); @@ -296,15 +288,21 @@ /* works well for SSLv2, not so good for SSLv3 */ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len) { -@@ -2551,18 +2578,45 @@ SSL_METHOD *ssl_bad_method(int ver) +@@ -2551,22 +2578,45 @@ SSL_METHOD *ssl_bad_method(int ver) return(NULL); } -const char *SSL_get_version(const SSL *s) +static const char *ssl_get_version(int version) { -- if (s->version == TLS1_VERSION) -+ if (version == TLS1_VERSION) +- if (s->version == TLS1_2_VERSION) ++ if (version == TLS1_2_VERSION) + return("TLSv1.2"); +- else if (s->version == TLS1_1_VERSION) ++ else if (version == TLS1_1_VERSION) + return("TLSv1.1"); +- else if (s->version == TLS1_VERSION) ++ else if (version == TLS1_VERSION) return("TLSv1"); - else if (s->version == SSL3_VERSION) + else if (version == SSL3_VERSION) @@ -334,12 +332,8 @@ + { + case SSL2_VERSION: + return SSL_TXT_RSA; -+ case SSL3_VERSION: -+ case TLS1_VERSION: -+ case DTLS1_VERSION: -+ return SSL_CIPHER_authentication_method(ssl->s3->tmp.new_cipher); + default: -+ return "UNKNOWN"; ++ return SSL_CIPHER_authentication_method(ssl->s3->tmp.new_cipher); + } + } + @@ -358,7 +352,7 @@ --- openssl-1.0.0b.orig/ssl/ssl_rsa.c 2009-09-12 23:09:26.000000000 +0000 +++ openssl-1.0.0b/ssl/ssl_rsa.c 2010-11-30 00:03:47.000000000 +0000 -@@ -697,6 +697,42 @@ int SSL_CTX_use_PrivateKey_ASN1(int type +@@ -697,6 +697,44 @@ int SSL_CTX_use_PrivateKey_ASN1(int type } @@ -379,6 +373,8 @@ + SSLerr(SSL_F_SSL_USE_CERTIFICATE_CHAIN,SSL_R_NO_CERTIFICATE_ASSIGNED); + return(0); + } ++ if (ssl->cert->key->cert_chain != NULL) ++ sk_X509_pop_free(ssl->cert->key->cert_chain, X509_free); + ssl->cert->key->cert_chain = cert_chain; + return(1); + } diff --git a/main/openssl/patches/npn.patch b/main/openssl/patches/npn.patch deleted file mode 100644 index 46b7a7df..00000000 --- a/main/openssl/patches/npn.patch +++ /dev/null @@ -1,1293 +0,0 @@ ---- openssl-1.0.0b.orig/apps/apps.c 2010-11-11 14:42:19.000000000 +0000 -+++ openssl-1.0.0b/apps/apps.c 2010-11-29 19:56:04.902465346 +0000 -@@ -3012,3 +3012,46 @@ int raw_write_stdout(const void *buf,int - int raw_write_stdout(const void *buf,int siz) - { return write(fileno(stdout),buf,siz); } - #endif -+ -+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) -+/* next_protos_parse parses a comma separated list of strings into a string -+ * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. -+ * outlen: (output) set to the length of the resulting buffer on success. -+ * in: a NUL termianted string like "abc,def,ghi" -+ * -+ * returns: a malloced buffer or NULL on failure. -+ */ -+unsigned char *next_protos_parse(unsigned short *outlen, const char *in) -+ { -+ size_t len; -+ unsigned char *out; -+ size_t i, start = 0; -+ -+ len = strlen(in); -+ if (len >= 65535) -+ return NULL; -+ -+ out = OPENSSL_malloc(strlen(in) + 1); -+ if (!out) -+ return NULL; -+ -+ for (i = 0; i <= len; ++i) -+ { -+ if (i == len || in[i] == ',') -+ { -+ if (i - start > 255) -+ { -+ OPENSSL_free(out); -+ return NULL; -+ } -+ out[start] = i - start; -+ start = i + 1; -+ } -+ else -+ out[i+1] = in[i]; -+ } -+ -+ *outlen = len + 1; -+ return out; -+ } -+#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */ ---- openssl-1.0.0b.orig/apps/apps.h 2009-10-31 13:34:19.000000000 +0000 -+++ openssl-1.0.0b/apps/apps.h 2010-11-29 19:56:04.902465346 +0000 -@@ -358,3 +358,7 @@ int raw_write_stdout(const void *,int); - #define TM_STOP 1 - double app_tminterval (int stop,int usertime); - #endif -+ -+#ifndef OPENSSL_NO_NEXTPROTONEG -+unsigned char *next_protos_parse(unsigned short *outlen, const char *in); -+#endif ---- openssl-1.0.0b.orig/apps/s_client.c 2010-11-29 19:56:04.832465351 +0000 -+++ openssl-1.0.0b/apps/s_client.c 2010-11-29 19:56:04.902465346 +0000 -@@ -342,6 +342,9 @@ static void sc_usage(void) - BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); - BIO_printf(bio_err," -status - request certificate status from server\n"); - BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); -+# endif - BIO_printf(bio_err," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n"); - #endif - BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); -@@ -367,6 +370,40 @@ static int MS_CALLBACK ssl_servername_cb - - return SSL_TLSEXT_ERR_OK; - } -+ -+# ifndef OPENSSL_NO_NEXTPROTONEG -+/* This the context that we pass to next_proto_cb */ -+typedef struct tlsextnextprotoctx_st { -+ unsigned char *data; -+ unsigned short len; -+ int status; -+} tlsextnextprotoctx; -+ -+static tlsextnextprotoctx next_proto; -+ -+static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg) -+ { -+ tlsextnextprotoctx *ctx = arg; -+ -+ if (!c_quiet) -+ { -+ /* We can assume that |in| is syntactically valid. */ -+ unsigned i; -+ BIO_printf(bio_c_out, "Protocols advertised by server: "); -+ for (i = 0; i < inlen; ) -+ { -+ if (i) -+ BIO_write(bio_c_out, ", ", 2); -+ BIO_write(bio_c_out, &in[i + 1], in[i]); -+ i += in[i] + 1; -+ } -+ BIO_write(bio_c_out, "\n", 1); -+ } -+ -+ ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len); -+ return SSL_TLSEXT_ERR_OK; -+ } -+# endif /* ndef OPENSSL_NO_NEXTPROTONEG */ - #endif - - enum -@@ -431,6 +468,9 @@ int MAIN(int argc, char **argv) - char *servername = NULL; - tlsextctx tlsextcbp = - {NULL,0}; -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ const char *next_proto_neg_in = NULL; -+# endif - #endif - char *sess_in = NULL; - char *sess_out = NULL; -@@ -658,6 +698,13 @@ int MAIN(int argc, char **argv) - #ifndef OPENSSL_NO_TLSEXT - else if (strcmp(*argv,"-no_ticket") == 0) - { off|=SSL_OP_NO_TICKET; } -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ else if (strcmp(*argv,"-nextprotoneg") == 0) -+ { -+ if (--argc < 1) goto bad; -+ next_proto_neg_in = *(++argv); -+ } -+# endif - #endif - else if (strcmp(*argv,"-cutthrough") == 0) - cutthrough=1; -@@ -766,6 +813,21 @@ bad: - OpenSSL_add_ssl_algorithms(); - SSL_load_error_strings(); - -+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) -+ next_proto.status = -1; -+ if (next_proto_neg_in) -+ { -+ next_proto.data = next_protos_parse(&next_proto.len, next_proto_neg_in); -+ if (next_proto.data == NULL) -+ { -+ BIO_printf(bio_err, "Error parsing -nextprotoneg argument\n"); -+ goto end; -+ } -+ } -+ else -+ next_proto.data = NULL; -+#endif -+ - #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine_id, 1); - if (ssl_client_engine_id) -@@ -896,6 +958,11 @@ bad: - SSL_CTX_set_mode(ctx, ssl_mode); - } - -+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) -+ if (next_proto.data) -+ SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); -+#endif -+ - if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); - if (cipher != NULL) - if(!SSL_CTX_set_cipher_list(ctx,cipher)) { -@@ -1755,6 +1822,18 @@ static void print_stuff(BIO *bio, SSL *s - BIO_printf(bio,"Expansion: %s\n", - expansion ? SSL_COMP_get_name(expansion) : "NONE"); - #endif -+ -+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) -+ if (next_proto.status != -1) { -+ const unsigned char *proto; -+ unsigned int proto_len; -+ SSL_get0_next_proto_negotiated(s, &proto, &proto_len); -+ BIO_printf(bio, "Next protocol: (%d) ", next_proto.status); -+ BIO_write(bio, proto, proto_len); -+ BIO_write(bio, "\n", 1); -+ } -+#endif -+ - SSL_SESSION_print(bio,SSL_get_session(s)); - BIO_printf(bio,"---\n"); - if (peer != NULL) ---- openssl-1.0.0b.orig/apps/s_server.c 2010-06-15 17:25:02.000000000 +0000 -+++ openssl-1.0.0b/apps/s_server.c 2010-11-29 19:56:04.902465346 +0000 -@@ -492,6 +492,9 @@ static void sv_usage(void) - BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); - BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); - BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); -+# endif - #endif - } - -@@ -826,6 +829,24 @@ BIO_printf(err, "cert_status: received % - ret = SSL_TLSEXT_ERR_ALERT_FATAL; - goto done; - } -+ -+# ifndef OPENSSL_NO_NEXTPROTONEG -+/* This is the context that we pass to next_proto_cb */ -+typedef struct tlsextnextprotoctx_st { -+ unsigned char *data; -+ unsigned int len; -+} tlsextnextprotoctx; -+ -+static int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, void *arg) -+ { -+ tlsextnextprotoctx *next_proto = arg; -+ -+ *data = next_proto->data; -+ *len = next_proto->len; -+ -+ return SSL_TLSEXT_ERR_OK; -+ } -+# endif /* ndef OPENSSL_NO_NPN */ - #endif - - int MAIN(int, char **); -@@ -867,6 +888,10 @@ int MAIN(int argc, char *argv[]) - #endif - #ifndef OPENSSL_NO_TLSEXT - tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ const char *next_proto_neg_in = NULL; -+ tlsextnextprotoctx next_proto; -+# endif - #endif - #ifndef OPENSSL_NO_PSK - /* by default do not send a PSK identity hint */ -@@ -1191,7 +1216,13 @@ int MAIN(int argc, char *argv[]) - if (--argc < 1) goto bad; - s_key_file2= *(++argv); - } -- -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ else if (strcmp(*argv,"-nextprotoneg") == 0) -+ { -+ if (--argc < 1) goto bad; -+ next_proto_neg_in = *(++argv); -+ } -+# endif - #endif - #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) - else if (strcmp(*argv,"-jpake") == 0) -@@ -1476,6 +1507,11 @@ bad: - if (vpm) - SSL_CTX_set1_param(ctx2, vpm); - } -+ -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ if (next_proto.data) -+ SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto); -+# endif - #endif - - #ifndef OPENSSL_NO_DH -@@ -1617,6 +1653,21 @@ bad: - goto end; - } - } -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ if (next_proto_neg_in) -+ { -+ unsigned short len; -+ next_proto.data = next_protos_parse(&len, -+ next_proto_neg_in); -+ if (next_proto.data == NULL) -+ goto end; -+ next_proto.len = len; -+ } -+ else -+ { -+ next_proto.data = NULL; -+ } -+# endif - #endif - RSA_free(rsa); - BIO_printf(bio_s_out,"\n"); -@@ -2159,6 +2210,10 @@ static int init_ssl_connection(SSL *con) - X509 *peer; - long verify_error; - MS_STATIC char buf[BUFSIZ]; -+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) -+ const unsigned char *next_proto_neg; -+ unsigned next_proto_neg_len; -+#endif - - if ((i=SSL_accept(con)) <= 0) - { -@@ -2198,6 +2253,15 @@ static int init_ssl_connection(SSL *con) - BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); - str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); - BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); -+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) -+ SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); -+ if (next_proto_neg) -+ { -+ BIO_printf(bio_s_out,"NEXTPROTO is "); -+ BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len); -+ BIO_printf(bio_s_out, "\n"); -+ } -+#endif - if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n"); - if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) & - TLS1_FLAGS_TLS_PADDING_BUG) ---- openssl-1.0.0b.orig/include/openssl/ssl.h 2010-11-29 19:56:04.846517045 +0000 -+++ openssl-1.0.0b/include/openssl/ssl.h 2010-11-29 19:56:04.965928855 +0000 -@@ -857,6 +857,25 @@ struct ssl_ctx_st - /* draft-rescorla-tls-opaque-prf-input-00.txt information */ - int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg); - void *tlsext_opaque_prf_input_callback_arg; -+ -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ /* Next protocol negotiation information */ -+ /* (for experimental NPN extension). */ -+ -+ /* For a server, this contains a callback function by which the set of -+ * advertised protocols can be provided. */ -+ int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf, -+ unsigned int *len, void *arg); -+ void *next_protos_advertised_cb_arg; -+ /* For a client, this contains a callback function that selects the -+ * next protocol from the list provided by the server. */ -+ int (*next_proto_select_cb)(SSL *s, unsigned char **out, -+ unsigned char *outlen, -+ const unsigned char *in, -+ unsigned int inlen, -+ void *arg); -+ void *next_proto_select_cb_arg; -+# endif - #endif - - #ifndef OPENSSL_NO_PSK -@@ -928,6 +947,30 @@ int SSL_CTX_set_client_cert_engine(SSL_C - #endif - void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)); - void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)); -+#ifndef OPENSSL_NO_NEXTPROTONEG -+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, -+ int (*cb) (SSL *ssl, -+ const unsigned char **out, -+ unsigned int *outlen, -+ void *arg), void *arg); -+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s, -+ int (*cb) (SSL *ssl, unsigned char **out, -+ unsigned char *outlen, -+ const unsigned char *in, -+ unsigned int inlen, void *arg), -+ void *arg); -+ -+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, -+ const unsigned char *in, unsigned int inlen, -+ const unsigned char *client, unsigned int client_len); -+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, -+ unsigned *len); -+ -+#define OPENSSL_NPN_UNSUPPORTED 0 -+#define OPENSSL_NPN_NEGOTIATED 1 -+#define OPENSSL_NPN_NO_OVERLAP 2 -+ -+#endif - - #ifndef OPENSSL_NO_PSK - /* the maximum length of the buffer given to callbacks containing the -@@ -1187,6 +1230,19 @@ struct ssl_st - void *tls_session_secret_cb_arg; - - SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ -+ -+#ifndef OPENSSL_NO_NEXTPROTONEG -+ /* Next protocol negotiation. For the client, this is the protocol that -+ * we sent in NextProtocol and is set when handling ServerHello -+ * extensions. -+ * -+ * For a server, this is the client's selected_protocol from -+ * NextProtocol and is set when handling the NextProtocol message, -+ * before the Finished message. */ -+ unsigned char *next_proto_negotiated; -+ unsigned char next_proto_negotiated_len; -+#endif -+ - #define session_ctx initial_ctx - #else - #define session_ctx ctx -@@ -1919,6 +1975,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_SSL3_GET_KEY_EXCHANGE 141 - #define SSL_F_SSL3_GET_MESSAGE 142 - #define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283 -+#define SSL_F_SSL3_GET_NEXT_PROTO 304 - #define SSL_F_SSL3_GET_RECORD 143 - #define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144 - #define SSL_F_SSL3_GET_SERVER_DONE 145 -@@ -2117,6 +2174,8 @@ void ERR_load_SSL_strings(void); - #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 - #define SSL_R_EXTRA_DATA_IN_MESSAGE 153 - #define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 -+#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 346 -+#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 347 - #define SSL_R_HTTPS_PROXY_REQUEST 155 - #define SSL_R_HTTP_REQUEST 156 - #define SSL_R_ILLEGAL_PADDING 283 ---- openssl-1.0.0b.orig/include/openssl/ssl3.h 2010-11-29 19:56:04.832465351 +0000 -+++ openssl-1.0.0b/include/openssl/ssl3.h 2010-11-29 19:56:04.965928855 +0000 -@@ -465,6 +465,12 @@ typedef struct ssl3_state_st - void *server_opaque_prf_input; - size_t server_opaque_prf_input_len; - -+#ifndef OPENSSL_NO_NEXTPROTONEG -+ /* Set if we saw the Next Protocol Negotiation extension from -+ our peer. */ -+ int next_proto_neg_seen; -+#endif -+ - struct { - /* actually only needs to be 16+20 */ - unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2]; -@@ -557,6 +563,10 @@ typedef struct ssl3_state_st - #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) - #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) - #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) -+#ifndef OPENSSL_NO_NEXTPROTONEG -+#define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT) -+#define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT) -+#endif - #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) - #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) - /* read from server */ -@@ -602,6 +612,10 @@ typedef struct ssl3_state_st - #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) - #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) - #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) -+#ifndef OPENSSL_NO_NEXTPROTONEG -+#define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) -+#define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) -+#endif - #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) - #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) - /* write to client */ -@@ -626,6 +640,9 @@ typedef struct ssl3_state_st - #define SSL3_MT_CLIENT_KEY_EXCHANGE 16 - #define SSL3_MT_FINISHED 20 - #define SSL3_MT_CERTIFICATE_STATUS 22 -+#ifndef OPENSSL_NO_NEXTPROTONEG -+#define SSL3_MT_NEXT_PROTO 67 -+#endif - #define DTLS1_MT_HELLO_VERIFY_REQUEST 3 - - ---- openssl-1.0.0b.orig/include/openssl/tls1.h 2009-11-11 14:51:29.000000000 +0000 -+++ openssl-1.0.0b/include/openssl/tls1.h 2010-11-29 19:56:04.965928855 +0000 -@@ -204,6 +204,11 @@ extern "C" { - /* Temporary extension type */ - #define TLSEXT_TYPE_renegotiate 0xff01 - -+#ifndef OPENSSL_NO_NEXTPROTONEG -+/* This is not an IANA defined extension number */ -+#define TLSEXT_TYPE_next_proto_neg 13172 -+#endif -+ - /* NameType value from RFC 3546 */ - #define TLSEXT_NAMETYPE_host_name 0 - /* status request value from RFC 3546 */ ---- openssl-1.0.0b.orig/ssl/s3_both.c 2010-11-29 19:56:04.846517045 +0000 -+++ openssl-1.0.0b/ssl/s3_both.c 2010-11-29 19:56:04.965928855 +0000 -@@ -202,15 +202,40 @@ int ssl3_send_finished(SSL *s, int a, in - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); - } - -+#ifndef OPENSSL_NO_NEXTPROTONEG -+/* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen to far. */ -+static void ssl3_take_mac(SSL *s) -+ { -+ const char *sender; -+ int slen; -+ -+ if (s->state & SSL_ST_CONNECT) -+ { -+ sender=s->method->ssl3_enc->server_finished_label; -+ slen=s->method->ssl3_enc->server_finished_label_len; -+ } -+ else -+ { -+ sender=s->method->ssl3_enc->client_finished_label; -+ slen=s->method->ssl3_enc->client_finished_label_len; -+ } -+ -+ s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s, -+ sender,slen,s->s3->tmp.peer_finish_md); -+ } -+#endif -+ - int ssl3_get_finished(SSL *s, int a, int b) - { - int al,i,ok; - long n; - unsigned char *p; - -+#ifdef OPENSSL_NO_NEXTPROTONEG - /* the mac has already been generated when we received the - * change cipher spec message and is in s->s3->tmp.peer_finish_md - */ -+#endif - - n=s->method->ssl_get_message(s, - a, -@@ -521,6 +546,15 @@ long ssl3_get_message(SSL *s, int st1, i - s->init_num += i; - n -= i; - } -+ -+#ifndef OPENSSL_NO_NEXTPROTONEG -+ /* If receiving Finished, record MAC of prior handshake messages for -+ * Finished verification. */ -+ if (*s->init_buf->data == SSL3_MT_FINISHED) -+ ssl3_take_mac(s); -+#endif -+ -+ /* Feed this message into MAC computation. */ - ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4); - if (s->msg_callback) - s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, (size_t)s->init_num + 4, s, s->msg_callback_arg); ---- openssl-1.0.0b.orig/ssl/s3_clnt.c 2010-11-29 19:56:04.846517045 +0000 -+++ openssl-1.0.0b/ssl/s3_clnt.c 2010-11-29 19:56:04.965928855 +0000 -@@ -435,7 +435,16 @@ int ssl3_connect(SSL *s) - ret=ssl3_send_change_cipher_spec(s, - SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B); - if (ret <= 0) goto end; -+ -+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) - s->state=SSL3_ST_CW_FINISHED_A; -+#else -+ if (s->next_proto_negotiated) -+ s->state=SSL3_ST_CW_NEXT_PROTO_A; -+ else -+ s->state=SSL3_ST_CW_FINISHED_A; -+#endif -+ - s->init_num=0; - - s->session->cipher=s->s3->tmp.new_cipher; -@@ -463,6 +472,15 @@ int ssl3_connect(SSL *s) - - break; - -+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) -+ case SSL3_ST_CW_NEXT_PROTO_A: -+ case SSL3_ST_CW_NEXT_PROTO_B: -+ ret=ssl3_send_next_proto(s); -+ if (ret <= 0) goto end; -+ s->state=SSL3_ST_CW_FINISHED_A; -+ break; -+#endif -+ - case SSL3_ST_CW_FINISHED_A: - case SSL3_ST_CW_FINISHED_B: - ret=ssl3_send_finished(s, -@@ -3060,6 +3078,32 @@ err: - */ - - #ifndef OPENSSL_NO_TLSEXT -+# ifndef OPENSSL_NO_NEXTPROTONEG -+int ssl3_send_next_proto(SSL *s) -+ { -+ unsigned int len, padding_len; -+ unsigned char *d; -+ -+ if (s->state == SSL3_ST_CW_NEXT_PROTO_A) -+ { -+ len = s->next_proto_negotiated_len; -+ padding_len = 32 - ((len + 2) % 32); -+ d = (unsigned char *)s->init_buf->data; -+ d[4] = len; -+ memcpy(d + 5, s->next_proto_negotiated, len); -+ d[5 + len] = padding_len; -+ memset(d + 6 + len, 0, padding_len); -+ *(d++)=SSL3_MT_NEXT_PROTO; -+ l2n3(2 + len + padding_len, d); -+ s->state = SSL3_ST_CW_NEXT_PROTO_B; -+ s->init_num = 4 + 2 + len + padding_len; -+ s->init_off = 0; -+ } -+ -+ return ssl3_do_write(s, SSL3_RT_HANDSHAKE); -+ } -+# endif -+ - int ssl3_check_finished(SSL *s) - { - int ok; ---- openssl-1.0.0b.orig/ssl/s3_lib.c 2010-11-29 19:56:04.832465351 +0000 -+++ openssl-1.0.0b/ssl/s3_lib.c 2010-11-29 19:56:04.965928855 +0000 -@@ -2230,6 +2230,15 @@ void ssl3_clear(SSL *s) - s->s3->num_renegotiations=0; - s->s3->in_read_app_data=0; - s->version=SSL3_VERSION; -+ -+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) -+ if (s->next_proto_negotiated) -+ { -+ OPENSSL_free(s->next_proto_negotiated); -+ s->next_proto_negotiated = NULL; -+ s->next_proto_negotiated_len = 0; -+ } -+#endif - } - - long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) ---- openssl-1.0.0b.orig/ssl/s3_pkt.c 2010-11-29 19:56:04.832465351 +0000 -+++ openssl-1.0.0b/ssl/s3_pkt.c 2010-11-29 19:56:04.965928855 +0000 -@@ -1394,8 +1394,10 @@ err: - int ssl3_do_change_cipher_spec(SSL *s) - { - int i; -+#ifdef OPENSSL_NO_NEXTPROTONEG - const char *sender; - int slen; -+#endif - - if (s->state & SSL_ST_ACCEPT) - i=SSL3_CHANGE_CIPHER_SERVER_READ; -@@ -1418,6 +1420,7 @@ int ssl3_do_change_cipher_spec(SSL *s) - if (!s->method->ssl3_enc->change_cipher_state(s,i)) - return(0); - -+#ifdef OPENSSL_NO_NEXTPROTONEG - /* we have to record the message digest at - * this point so we can get it before we read - * the finished message */ -@@ -1434,6 +1437,7 @@ int ssl3_do_change_cipher_spec(SSL *s) - - s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s, - sender,slen,s->s3->tmp.peer_finish_md); -+#endif - - return(1); - } ---- openssl-1.0.0b.orig/ssl/s3_srvr.c 2010-11-29 19:56:04.846517045 +0000 -+++ openssl-1.0.0b/ssl/s3_srvr.c 2010-11-29 19:56:04.965928855 +0000 -@@ -538,7 +538,14 @@ int ssl3_accept(SSL *s) - * the client uses its key from the certificate - * for key exchange. - */ -+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) - s->state=SSL3_ST_SR_FINISHED_A; -+#else -+ if (s->s3->next_proto_neg_seen) -+ s->state=SSL3_ST_SR_NEXT_PROTO_A; -+ else -+ s->state=SSL3_ST_SR_FINISHED_A; -+#endif - s->init_num = 0; - } - else -@@ -581,10 +588,27 @@ int ssl3_accept(SSL *s) - ret=ssl3_get_cert_verify(s); - if (ret <= 0) goto end; - -+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) - s->state=SSL3_ST_SR_FINISHED_A; -+#else -+ if (s->s3->next_proto_neg_seen) -+ s->state=SSL3_ST_SR_NEXT_PROTO_A; -+ else -+ s->state=SSL3_ST_SR_FINISHED_A; -+#endif - s->init_num=0; - break; - -+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) -+ case SSL3_ST_SR_NEXT_PROTO_A: -+ case SSL3_ST_SR_NEXT_PROTO_B: -+ ret=ssl3_get_next_proto(s); -+ if (ret <= 0) goto end; -+ s->init_num = 0; -+ s->state=SSL3_ST_SR_FINISHED_A; -+ break; -+#endif -+ - case SSL3_ST_SR_FINISHED_A: - case SSL3_ST_SR_FINISHED_B: - ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A, -@@ -655,7 +679,16 @@ int ssl3_accept(SSL *s) - if (ret <= 0) goto end; - s->state=SSL3_ST_SW_FLUSH; - if (s->hit) -+ { -+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) - s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A; -+#else -+ if (s->s3->next_proto_neg_seen) -+ s->s3->tmp.next_state=SSL3_ST_SR_NEXT_PROTO_A; -+ else -+ s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A; -+#endif -+ } - else - s->s3->tmp.next_state=SSL_ST_OK; - s->init_num=0; -@@ -3196,4 +3229,72 @@ int ssl3_send_cert_status(SSL *s) - /* SSL3_ST_SW_CERT_STATUS_B */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); - } -+ -+# ifndef OPENSSL_NO_NPN -+/* ssl3_get_next_proto reads a Next Protocol Negotiation handshake message. It -+ * sets the next_proto member in s if found */ -+int ssl3_get_next_proto(SSL *s) -+ { -+ int ok; -+ unsigned proto_len, padding_len; -+ long n; -+ const unsigned char *p; -+ -+ /* Clients cannot send a NextProtocol message if we didn't see the -+ * extension in their ClientHello */ -+ if (!s->s3->next_proto_neg_seen) -+ { -+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION); -+ return -1; -+ } -+ -+ n=s->method->ssl_get_message(s, -+ SSL3_ST_SR_NEXT_PROTO_A, -+ SSL3_ST_SR_NEXT_PROTO_B, -+ SSL3_MT_NEXT_PROTO, -+ 514, /* See the payload format below */ -+ &ok); -+ -+ if (!ok) -+ return((int)n); -+ -+ /* s->state doesn't reflect whether ChangeCipherSpec has been received -+ * in this handshake, but s->s3->change_cipher_spec does (will be reset -+ * by ssl3_get_finished). */ -+ if (!s->s3->change_cipher_spec) -+ { -+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS); -+ return -1; -+ } -+ -+ if (n < 2) -+ return 0; /* The body must be > 1 bytes long */ -+ -+ p=(unsigned char *)s->init_msg; -+ -+ /* The payload looks like: -+ * uint8 proto_len; -+ * uint8 proto[proto_len]; -+ * uint8 padding_len; -+ * uint8 padding[padding_len]; -+ */ -+ proto_len = p[0]; -+ if (proto_len + 2 > s->init_num) -+ return 0; -+ padding_len = p[proto_len + 1]; -+ if (proto_len + padding_len + 2 != s->init_num) -+ return 0; -+ -+ s->next_proto_negotiated = OPENSSL_malloc(proto_len); -+ if (!s->next_proto_negotiated) -+ { -+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ memcpy(s->next_proto_negotiated, p + 1, proto_len); -+ s->next_proto_negotiated_len = proto_len; -+ -+ return 1; -+ } -+# endif - #endif ---- openssl-1.0.0b.orig/ssl/ssl.h 2010-11-29 19:56:04.846517045 +0000 -+++ openssl-1.0.0b/ssl/ssl.h 2010-11-29 19:56:04.965928855 +0000 -@@ -857,6 +857,25 @@ struct ssl_ctx_st - /* draft-rescorla-tls-opaque-prf-input-00.txt information */ - int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg); - void *tlsext_opaque_prf_input_callback_arg; -+ -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ /* Next protocol negotiation information */ -+ /* (for experimental NPN extension). */ -+ -+ /* For a server, this contains a callback function by which the set of -+ * advertised protocols can be provided. */ -+ int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf, -+ unsigned int *len, void *arg); -+ void *next_protos_advertised_cb_arg; -+ /* For a client, this contains a callback function that selects the -+ * next protocol from the list provided by the server. */ -+ int (*next_proto_select_cb)(SSL *s, unsigned char **out, -+ unsigned char *outlen, -+ const unsigned char *in, -+ unsigned int inlen, -+ void *arg); -+ void *next_proto_select_cb_arg; -+# endif - #endif - - #ifndef OPENSSL_NO_PSK -@@ -928,6 +947,30 @@ int SSL_CTX_set_client_cert_engine(SSL_C - #endif - void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)); - void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)); -+#ifndef OPENSSL_NO_NEXTPROTONEG -+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, -+ int (*cb) (SSL *ssl, -+ const unsigned char **out, -+ unsigned int *outlen, -+ void *arg), void *arg); -+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s, -+ int (*cb) (SSL *ssl, unsigned char **out, -+ unsigned char *outlen, -+ const unsigned char *in, -+ unsigned int inlen, void *arg), -+ void *arg); -+ -+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, -+ const unsigned char *in, unsigned int inlen, -+ const unsigned char *client, unsigned int client_len); -+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, -+ unsigned *len); -+ -+#define OPENSSL_NPN_UNSUPPORTED 0 -+#define OPENSSL_NPN_NEGOTIATED 1 -+#define OPENSSL_NPN_NO_OVERLAP 2 -+ -+#endif - - #ifndef OPENSSL_NO_PSK - /* the maximum length of the buffer given to callbacks containing the -@@ -1187,6 +1230,19 @@ struct ssl_st - void *tls_session_secret_cb_arg; - - SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ -+ -+#ifndef OPENSSL_NO_NEXTPROTONEG -+ /* Next protocol negotiation. For the client, this is the protocol that -+ * we sent in NextProtocol and is set when handling ServerHello -+ * extensions. -+ * -+ * For a server, this is the client's selected_protocol from -+ * NextProtocol and is set when handling the NextProtocol message, -+ * before the Finished message. */ -+ unsigned char *next_proto_negotiated; -+ unsigned char next_proto_negotiated_len; -+#endif -+ - #define session_ctx initial_ctx - #else - #define session_ctx ctx -@@ -1919,6 +1975,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_SSL3_GET_KEY_EXCHANGE 141 - #define SSL_F_SSL3_GET_MESSAGE 142 - #define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283 -+#define SSL_F_SSL3_GET_NEXT_PROTO 304 - #define SSL_F_SSL3_GET_RECORD 143 - #define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144 - #define SSL_F_SSL3_GET_SERVER_DONE 145 -@@ -2117,6 +2174,8 @@ void ERR_load_SSL_strings(void); - #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 - #define SSL_R_EXTRA_DATA_IN_MESSAGE 153 - #define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 -+#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 346 -+#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 347 - #define SSL_R_HTTPS_PROXY_REQUEST 155 - #define SSL_R_HTTP_REQUEST 156 - #define SSL_R_ILLEGAL_PADDING 283 ---- openssl-1.0.0b.orig/ssl/ssl3.h 2010-11-29 19:56:04.832465351 +0000 -+++ openssl-1.0.0b/ssl/ssl3.h 2010-11-29 19:56:04.965928855 +0000 -@@ -465,6 +465,12 @@ typedef struct ssl3_state_st - void *server_opaque_prf_input; - size_t server_opaque_prf_input_len; - -+#ifndef OPENSSL_NO_NEXTPROTONEG -+ /* Set if we saw the Next Protocol Negotiation extension from -+ our peer. */ -+ int next_proto_neg_seen; -+#endif -+ - struct { - /* actually only needs to be 16+20 */ - unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2]; -@@ -557,6 +563,10 @@ typedef struct ssl3_state_st - #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) - #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) - #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) -+#ifndef OPENSSL_NO_NEXTPROTONEG -+#define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT) -+#define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT) -+#endif - #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) - #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) - /* read from server */ -@@ -602,6 +612,10 @@ typedef struct ssl3_state_st - #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) - #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) - #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) -+#ifndef OPENSSL_NO_NEXTPROTONEG -+#define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) -+#define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) -+#endif - #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) - #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) - /* write to client */ -@@ -626,6 +640,9 @@ typedef struct ssl3_state_st - #define SSL3_MT_CLIENT_KEY_EXCHANGE 16 - #define SSL3_MT_FINISHED 20 - #define SSL3_MT_CERTIFICATE_STATUS 22 -+#ifndef OPENSSL_NO_NEXTPROTONEG -+#define SSL3_MT_NEXT_PROTO 67 -+#endif - #define DTLS1_MT_HELLO_VERIFY_REQUEST 3 - - ---- openssl-1.0.0b.orig/ssl/ssl_err.c 2010-11-29 19:56:04.846517045 +0000 -+++ openssl-1.0.0b/ssl/ssl_err.c 2010-11-29 19:56:04.965928855 +0000 -@@ -155,6 +155,7 @@ static ERR_STRING_DATA SSL_str_functs[]= - {ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE), "SSL3_GET_KEY_EXCHANGE"}, - {ERR_FUNC(SSL_F_SSL3_GET_MESSAGE), "SSL3_GET_MESSAGE"}, - {ERR_FUNC(SSL_F_SSL3_GET_NEW_SESSION_TICKET), "SSL3_GET_NEW_SESSION_TICKET"}, -+{ERR_FUNC(SSL_F_SSL3_GET_NEXT_PROTO), "SSL3_GET_NEXT_PROTO"}, - {ERR_FUNC(SSL_F_SSL3_GET_RECORD), "SSL3_GET_RECORD"}, - {ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE), "SSL3_GET_SERVER_CERTIFICATE"}, - {ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE), "SSL3_GET_SERVER_DONE"}, -@@ -355,6 +356,8 @@ static ERR_STRING_DATA SSL_str_reasons[] - {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE),"excessive message size"}, - {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE) ,"extra data in message"}, - {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS),"got a fin before a ccs"}, -+{ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS),"got next proto before a ccs"}, -+{ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION),"got next proto without seeing extension"}, - {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) ,"https proxy request"}, - {ERR_REASON(SSL_R_HTTP_REQUEST) ,"http request"}, - {ERR_REASON(SSL_R_ILLEGAL_PADDING) ,"illegal padding"}, ---- openssl-1.0.0b.orig/ssl/ssl_lib.c 2010-11-29 19:56:04.846517045 +0000 -+++ openssl-1.0.0b/ssl/ssl_lib.c 2010-11-29 19:56:04.965928855 +0000 -@@ -354,6 +354,9 @@ SSL *SSL_new(SSL_CTX *ctx) - s->tlsext_ocsp_resplen = -1; - CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX); - s->initial_ctx=ctx; -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ s->next_proto_negotiated = NULL; -+# endif - #endif - - s->verify_result=X509_V_OK; -@@ -587,6 +590,11 @@ void SSL_free(SSL *s) - kssl_ctx_free(s->kssl_ctx); - #endif /* OPENSSL_NO_KRB5 */ - -+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) -+ if (s->next_proto_negotiated) -+ OPENSSL_free(s->next_proto_negotiated); -+#endif -+ - OPENSSL_free(s); - } - -@@ -1503,6 +1511,124 @@ int SSL_get_servername_type(const SSL *s - return TLSEXT_NAMETYPE_host_name; - return -1; - } -+ -+# ifndef OPENSSL_NO_NEXTPROTONEG -+/* SSL_select_next_proto implements the standard protocol selection. It is -+ * expected that this function is called from the callback set by -+ * SSL_CTX_set_next_proto_select_cb. -+ * -+ * The protocol data is assumed to be a vector of 8-bit, length prefixed byte -+ * strings. The length byte itself is not included in the length. A byte -+ * string of length 0 is invalid. No byte string may be truncated. -+ * -+ * The current, but experimental algorithm for selecting the protocol is: -+ * -+ * 1) If the server doesn't support NPN then this is indicated to the -+ * callback. In this case, the client application has to abort the connection -+ * or have a default application level protocol. -+ * -+ * 2) If the server supports NPN, but advertises an empty list then the -+ * client selects the first protcol in its list, but indicates via the -+ * API that this fallback case was enacted. -+ * -+ * 3) Otherwise, the client finds the first protocol in the server's list -+ * that it supports and selects this protocol. This is because it's -+ * assumed that the server has better information about which protocol -+ * a client should use. -+ * -+ * 4) If the client doesn't support any of the server's advertised -+ * protocols, then this is treated the same as case 2. -+ * -+ * It returns either -+ * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or -+ * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached. -+ */ -+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsigned char *server, unsigned int server_len, const unsigned char *client, unsigned int client_len) -+ { -+ unsigned int i, j; -+ const unsigned char *result; -+ int status = OPENSSL_NPN_UNSUPPORTED; -+ -+ /* For each protocol in server preference order, see if we support it. */ -+ for (i = 0; i < server_len; ) -+ { -+ for (j = 0; j < client_len; ) -+ { -+ if (server[i] == client[j] && -+ memcmp(&server[i+1], &client[j+1], server[i]) == 0) -+ { -+ /* We found a match */ -+ result = &server[i]; -+ status = OPENSSL_NPN_NEGOTIATED; -+ goto found; -+ } -+ j += client[j]; -+ j++; -+ } -+ i += server[i]; -+ i++; -+ } -+ -+ /* There's no overlap between our protocols and the server's list. */ -+ result = client; -+ status = OPENSSL_NPN_NO_OVERLAP; -+ -+ found: -+ *out = (unsigned char *) result + 1; -+ *outlen = result[0]; -+ return status; -+ } -+ -+/* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's -+ * requested protocol for this connection and returns 0. If the client didn't -+ * request any protocol, then *data is set to NULL. -+ * -+ * Note that the client can request any protocol it chooses. The value returned -+ * from this function need not be a member of the list of supported protocols -+ * provided by the callback. -+ */ -+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, unsigned *len) -+ { -+ *data = s->next_proto_negotiated; -+ if (!*data) { -+ *len = 0; -+ } else { -+ *len = s->next_proto_negotiated_len; -+ } -+} -+ -+/* SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a -+ * TLS server needs a list of supported protocols for Next Protocol -+ * Negotiation. The returned list must be in wire format. The list is returned -+ * by setting |out| to point to it and |outlen| to its length. This memory will -+ * not be modified, but one should assume that the SSL* keeps a reference to -+ * it. -+ * -+ * The callback should return SSL_TLSEXT_ERR_OK if it wishes to advertise. Otherwise, no -+ * such extension will be included in the ServerHello. */ -+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg), void *arg) -+ { -+ ctx->next_protos_advertised_cb = cb; -+ ctx->next_protos_advertised_cb_arg = arg; -+ } -+ -+/* SSL_CTX_set_next_proto_select_cb sets a callback that is called when a -+ * client needs to select a protocol from the server's provided list. |out| -+ * must be set to point to the selected protocol (which may be within |in|). -+ * The length of the protocol name must be written into |outlen|. The server's -+ * advertised protocols are provided in |in| and |inlen|. The callback can -+ * assume that |in| is syntactically valid. -+ * -+ * The client must select a protocol. It is fatal to the connection if this -+ * callback returns a value other than SSL_TLSEXT_ERR_OK. -+ */ -+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg), void *arg) -+ { -+ ctx->next_proto_select_cb = cb; -+ ctx->next_proto_select_cb_arg = arg; -+ } -+ -+# endif - #endif - - static unsigned long ssl_session_hash(const SSL_SESSION *a) -@@ -1667,6 +1793,10 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m - ret->tlsext_status_cb = 0; - ret->tlsext_status_arg = NULL; - -+# ifndef OPENSSL_NO_NEXTPROTONEG -+ ret->next_protos_advertised_cb = 0; -+ ret->next_proto_select_cb = 0; -+# endif - #endif - #ifndef OPENSSL_NO_PSK - ret->psk_identity_hint=NULL; ---- openssl-1.0.0b.orig/ssl/ssl_locl.h 2010-11-29 19:56:04.846517045 +0000 -+++ openssl-1.0.0b/ssl/ssl_locl.h 2010-11-29 19:56:04.965928855 +0000 -@@ -968,6 +968,9 @@ int ssl3_get_server_certificate(SSL *s); - int ssl3_check_cert_and_algorithm(SSL *s); - #ifndef OPENSSL_NO_TLSEXT - int ssl3_check_finished(SSL *s); -+# ifndef OPENSSL_NO_NEXTPROTONEG -+int ssl3_send_next_proto(SSL *s); -+# endif - #endif - - int dtls1_client_hello(SSL *s); -@@ -986,6 +989,9 @@ int ssl3_check_client_hello(SSL *s); - int ssl3_get_client_certificate(SSL *s); - int ssl3_get_client_key_exchange(SSL *s); - int ssl3_get_cert_verify(SSL *s); -+#ifndef OPENSSL_NO_NEXTPROTONEG -+int ssl3_get_next_proto(SSL *s); -+#endif - - int dtls1_send_hello_request(SSL *s); - int dtls1_send_server_hello(SSL *s); ---- openssl-1.0.0b.orig/ssl/t1_lib.c 2010-11-16 13:26:24.000000000 +0000 -+++ openssl-1.0.0b/ssl/t1_lib.c 2010-11-29 19:56:04.965928855 +0000 -@@ -494,6 +494,18 @@ unsigned char *ssl_add_clienthello_tlsex - i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret); - } - -+#ifndef OPENSSL_NO_NEXTPROTONEG -+ if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len) -+ { -+ /* The client advertises an emtpy extension to indicate its -+ * support for Next Protocol Negotiation */ -+ if (limit - ret - 4 < 0) -+ return NULL; -+ s2n(TLSEXT_TYPE_next_proto_neg,ret); -+ s2n(0,ret); -+ } -+#endif -+ - if ((extdatalen = ret-p-2)== 0) - return p; - -@@ -505,6 +517,9 @@ unsigned char *ssl_add_serverhello_tlsex - { - int extdatalen=0; - unsigned char *ret = p; -+#ifndef OPENSSL_NO_NEXTPROTONEG -+ int next_proto_neg_seen; -+#endif - - /* don't add extensions for SSLv3, unless doing secure renegotiation */ - if (s->version == SSL3_VERSION && !s->s3->send_connection_binding) -@@ -618,6 +633,28 @@ unsigned char *ssl_add_serverhello_tlsex - - } - -+#ifndef OPENSSL_NO_NEXTPROTONEG -+ next_proto_neg_seen = s->s3->next_proto_neg_seen; -+ s->s3->next_proto_neg_seen = 0; -+ if (next_proto_neg_seen && s->ctx->next_protos_advertised_cb) -+ { -+ const unsigned char *npa; -+ unsigned int npalen; -+ int r; -+ -+ r = s->ctx->next_protos_advertised_cb(s, &npa, &npalen, s->ctx->next_protos_advertised_cb_arg); -+ if (r == SSL_TLSEXT_ERR_OK) -+ { -+ if ((long)(limit - ret - 4 - npalen) < 0) return NULL; -+ s2n(TLSEXT_TYPE_next_proto_neg,ret); -+ s2n(npalen,ret); -+ memcpy(ret, npa, npalen); -+ ret += npalen; -+ s->s3->next_proto_neg_seen = 1; -+ } -+ } -+#endif -+ - if ((extdatalen = ret-p-2)== 0) - return p; - -@@ -982,6 +1019,28 @@ int ssl_parse_clienthello_tlsext(SSL *s, - else - s->tlsext_status_type = -1; - } -+#ifndef OPENSSL_NO_NEXTPROTONEG -+ else if (type == TLSEXT_TYPE_next_proto_neg && -+ s->s3->tmp.finish_md_len == 0) -+ { -+ /* We shouldn't accept this extension on a -+ * renegotiation. -+ * -+ * s->new_session will be set on renegotiation, but we -+ * probably shouldn't rely that it couldn't be set on -+ * the initial renegotation too in certain cases (when -+ * there's some other reason to disallow resuming an -+ * earlier session -- the current code won't be doing -+ * anything like that, but this might change). -+ -+ * A valid sign that there's been a previous handshake -+ * in this connection is if s->s3->tmp.finish_md_len > -+ * 0. (We are talking about a check that will happen -+ * in the Hello protocol round, well before a new -+ * Finished message could have been computed.) */ -+ s->s3->next_proto_neg_seen = 1; -+ } -+#endif - - /* session ticket processed earlier */ - data+=size; -@@ -1005,6 +1064,26 @@ int ssl_parse_clienthello_tlsext(SSL *s, - return 1; - } - -+#ifndef OPENSSL_NO_NEXTPROTONEG -+/* ssl_next_proto_validate validates a Next Protocol Negotiation block. No -+ * elements of zero length are allowed and the set of elements must exactly fill -+ * the length of the block. */ -+static int ssl_next_proto_validate(unsigned char *d, unsigned len) -+ { -+ unsigned int off = 0; -+ -+ while (off < len) -+ { -+ if (d[off] == 0) -+ return 0; -+ off += d[off]; -+ off++; -+ } -+ -+ return off == len; -+ } -+#endif -+ - int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al) - { - unsigned short length; -@@ -1139,6 +1218,39 @@ int ssl_parse_serverhello_tlsext(SSL *s, - /* Set flag to expect CertificateStatus message */ - s->tlsext_status_expected = 1; - } -+#ifndef OPENSSL_NO_NEXTPROTONEG -+ else if (type == TLSEXT_TYPE_next_proto_neg) -+ { -+ unsigned char *selected; -+ unsigned char selected_len; -+ -+ /* We must have requested it. */ -+ if ((s->ctx->next_proto_select_cb == NULL)) -+ { -+ *al = TLS1_AD_UNSUPPORTED_EXTENSION; -+ return 0; -+ } -+ /* The data must be valid */ -+ if (!ssl_next_proto_validate(data, size)) -+ { -+ *al = TLS1_AD_DECODE_ERROR; -+ return 0; -+ } -+ if (s->ctx->next_proto_select_cb(s, &selected, &selected_len, data, size, s->ctx->next_proto_select_cb_arg) != SSL_TLSEXT_ERR_OK) -+ { -+ *al = TLS1_AD_INTERNAL_ERROR; -+ return 0; -+ } -+ s->next_proto_negotiated = OPENSSL_malloc(selected_len); -+ if (!s->next_proto_negotiated) -+ { -+ *al = TLS1_AD_INTERNAL_ERROR; -+ return 0; -+ } -+ memcpy(s->next_proto_negotiated, selected, selected_len); -+ s->next_proto_negotiated_len = selected_len; -+ } -+#endif - else if (type == TLSEXT_TYPE_renegotiate) - { - if(!ssl_parse_serverhello_renegotiate_ext(s, data, size, al)) ---- openssl-1.0.0b.orig/ssl/tls1.h 2009-11-11 14:51:29.000000000 +0000 -+++ openssl-1.0.0b/ssl/tls1.h 2010-11-29 19:56:04.965928855 +0000 -@@ -204,6 +204,11 @@ extern "C" { - /* Temporary extension type */ - #define TLSEXT_TYPE_renegotiate 0xff01 - -+#ifndef OPENSSL_NO_NEXTPROTONEG -+/* This is not an IANA defined extension number */ -+#define TLSEXT_TYPE_next_proto_neg 13172 -+#endif -+ - /* NameType value from RFC 3546 */ - #define TLSEXT_NAMETYPE_host_name 0 - /* status request value from RFC 3546 */ diff --git a/main/openssl/patches/progs.patch b/main/openssl/patches/progs.patch index 16fd9b0b..f0879ae7 100644 --- a/main/openssl/patches/progs.patch +++ b/main/openssl/patches/progs.patch @@ -20,8 +20,8 @@ +#if 0 /* ANDROID */ {FUNC_TYPE_GENERAL,"ts",ts_main}, +#endif - #ifndef OPENSSL_NO_MD2 - {FUNC_TYPE_MD,"md2",dgst_main}, + #ifndef OPENSSL_NO_SRP + {FUNC_TYPE_GENERAL,"srp",srp_main}, #endif --- openssl-1.0.0.orig/apps/speed.c 2010-03-03 11:56:17.000000000 -0800 +++ openssl-1.0.0/apps/speed.c 2010-05-18 14:05:57.000000000 -0700 diff --git a/main/openssl/patches/sha1_armv4_large.patch b/main/openssl/patches/sha1_armv4_large.patch deleted file mode 100644 index 359ff94a..00000000 --- a/main/openssl/patches/sha1_armv4_large.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff --git a/crypto/sha/asm/sha1-armv4-large.pl b/crypto/sha/asm/sha1-armv4-large.pl -index 6e65fe3..79e3f61 100644 ---- a/crypto/sha/asm/sha1-armv4-large.pl -+++ b/crypto/sha/asm/sha1-armv4-large.pl -@@ -161,6 +161,7 @@ for($i=0;$i<5;$i++) { - $code.=<<___; - teq $Xi,sp - bne .L_00_15 @ [((11+4)*5+2)*3] -+ sub sp,sp,#5*4 - ___ - &BODY_00_15(@V); unshift(@V,pop(@V)); - &BODY_16_19(@V); unshift(@V,pop(@V)); -@@ -170,7 +171,7 @@ ___ - $code.=<<___; - - ldr $K,.LK_20_39 @ [+15+16*4] -- sub sp,sp,#25*4 -+ sub sp,sp,#20*4 - cmn sp,#0 @ [+3], clear carry to denote 20_39 - .L_20_39_or_60_79: - ___ diff --git a/main/openssl/patches/small_records.patch b/main/openssl/patches/small_records.patch deleted file mode 100644 index a2ea51ca..00000000 --- a/main/openssl/patches/small_records.patch +++ /dev/null @@ -1,337 +0,0 @@ ---- openssl-1.0.0a.orig/ssl/d1_pkt.c 2010-04-14 00:09:55.000000000 +0000 -+++ openssl-1.0.0a/ssl/d1_pkt.c 2010-08-25 21:12:39.000000000 +0000 -@@ -608,6 +608,24 @@ again: - goto again; - } - -+ /* If we receive a valid record larger than the current buffer size, -+ * allocate some memory for it. -+ */ -+ if (rr->length > s->s3->rbuf.len - DTLS1_RT_HEADER_LENGTH) -+ { -+ unsigned char *pp; -+ unsigned int newlen = rr->length + DTLS1_RT_HEADER_LENGTH; -+ if ((pp=OPENSSL_realloc(s->s3->rbuf.buf, newlen))==NULL) -+ { -+ SSLerr(SSL_F_DTLS1_GET_RECORD,ERR_R_MALLOC_FAILURE); -+ return(-1); -+ } -+ p = pp + (p - s->s3->rbuf.buf); -+ s->s3->rbuf.buf=pp; -+ s->s3->rbuf.len=newlen; -+ s->packet= &(s->s3->rbuf.buf[0]); -+ } -+ - /* now s->rstate == SSL_ST_READ_BODY */ - } - -@@ -1342,6 +1360,7 @@ int do_dtls1_write(SSL *s, int type, con - SSL3_BUFFER *wb; - SSL_SESSION *sess; - int bs; -+ unsigned int len_with_overhead = len + SSL3_RT_DEFAULT_WRITE_OVERHEAD; - - /* first check if there is a SSL3_BUFFER still being written - * out. This will happen with non blocking IO */ -@@ -1351,6 +1370,16 @@ int do_dtls1_write(SSL *s, int type, con - return(ssl3_write_pending(s,type,buf,len)); - } - -+ if (s->s3->wbuf.len < len_with_overhead) -+ { -+ if ((p=OPENSSL_realloc(s->s3->wbuf.buf, len_with_overhead)) == NULL) { -+ SSLerr(SSL_F_DO_DTLS1_WRITE,ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ s->s3->wbuf.buf = p; -+ s->s3->wbuf.len = len_with_overhead; -+ } -+ - /* If we have an alert to send, lets send it */ - if (s->s3->alert_dispatch) - { ---- openssl-1.0.0a.orig/ssl/s23_srvr.c 2010-02-16 14:20:40.000000000 +0000 -+++ openssl-1.0.0a/ssl/s23_srvr.c 2010-08-25 21:12:39.000000000 +0000 -@@ -403,8 +403,13 @@ int ssl23_get_client_hello(SSL *s) - v[0] = p[3]; /* == SSL3_VERSION_MAJOR */ - v[1] = p[4]; - -+/* The SSL2 protocol allows n to be larger, just pick -+ * a reasonable buffer size. */ -+#if SSL3_RT_DEFAULT_PACKET_SIZE < 1024*4 - SSL3_RT_DEFAULT_WRITE_OVERHEAD -+#error "SSL3_RT_DEFAULT_PACKET_SIZE is too small." -+#endif - n=((p[0]&0x7f)<<8)|p[1]; -- if (n > (1024*4)) -+ if (n > SSL3_RT_DEFAULT_PACKET_SIZE - 2) - { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); - goto err; ---- openssl-1.0.0a.orig/ssl/s3_both.c 2010-03-24 23:16:49.000000000 +0000 -+++ openssl-1.0.0a/ssl/s3_both.c 2010-08-25 21:12:39.000000000 +0000 -@@ -715,13 +722,20 @@ int ssl3_setup_read_buffer(SSL *s) - - if (s->s3->rbuf.buf == NULL) - { -- len = SSL3_RT_MAX_PLAIN_LENGTH -- + SSL3_RT_MAX_ENCRYPTED_OVERHEAD -- + headerlen + align; -- if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) -+ if (SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS) - { -- s->s3->init_extra = 1; -- len += SSL3_RT_MAX_EXTRA; -+ len = SSL3_RT_DEFAULT_PACKET_SIZE; -+ } -+ else -+ { -+ len = SSL3_RT_MAX_PLAIN_LENGTH -+ + SSL3_RT_MAX_ENCRYPTED_OVERHEAD -+ + headerlen + align; -+ if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) -+ { -+ s->s3->init_extra = 1; -+ len += SSL3_RT_MAX_EXTRA; -+ } - } - #ifndef OPENSSL_NO_COMP - if (!(s->options & SSL_OP_NO_COMPRESSION)) -@@ -757,7 +771,15 @@ int ssl3_setup_write_buffer(SSL *s) - - if (s->s3->wbuf.buf == NULL) - { -- len = s->max_send_fragment -+ if (SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS) -+ { -+ len = SSL3_RT_DEFAULT_PACKET_SIZE; -+ } -+ else -+ { -+ len = s->max_send_fragment; -+ } -+ len += 0 - + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD - + headerlen + align; - #ifndef OPENSSL_NO_COMP -@@ -767,7 +789,6 @@ int ssl3_setup_write_buffer(SSL *s) - if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) - len += headerlen + align - + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD; -- - if ((p=freelist_extract(s->ctx, 0, len)) == NULL) - goto err; - s->s3->wbuf.buf = p; -@@ -810,4 +831,3 @@ int ssl3_release_read_buffer(SSL *s) - } - return 1; - } -- ---- openssl-1.0.0a.orig/ssl/s3_pkt.c 2010-03-25 11:22:42.000000000 +0000 -+++ openssl-1.0.0a/ssl/s3_pkt.c 2010-08-25 21:12:39.000000000 +0000 -@@ -293,6 +293,11 @@ static int ssl3_get_record(SSL *s) - size_t extra; - int decryption_failed_or_bad_record_mac = 0; - unsigned char *mac = NULL; -+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 -+ long align=SSL3_ALIGN_PAYLOAD; -+#else -+ long align=0; -+#endif - - rr= &(s->s3->rrec); - sess=s->session; -@@ -301,7 +306,8 @@ static int ssl3_get_record(SSL *s) - extra=SSL3_RT_MAX_EXTRA; - else - extra=0; -- if (extra && !s->s3->init_extra) -+ if (!(SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS) && -+ extra && !s->s3->init_extra) - { - /* An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER - * set after ssl3_setup_buffers() was done */ -@@ -350,6 +356,21 @@ fprintf(stderr, "Record type=%d, Length= - goto err; - } - -+ /* If we receive a valid record larger than the current buffer size, -+ * allocate some memory for it. -+ */ -+ if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH - align) -+ { -+ if ((p=OPENSSL_realloc(s->s3->rbuf.buf, rr->length + SSL3_RT_HEADER_LENGTH + align))==NULL) -+ { -+ SSLerr(SSL_F_SSL3_GET_RECORD,ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ s->s3->rbuf.buf=p; -+ s->s3->rbuf.len=rr->length + SSL3_RT_HEADER_LENGTH + align; -+ s->packet= &(s->s3->rbuf.buf[0]); -+ } -+ - if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH) - { - al=SSL_AD_RECORD_OVERFLOW; -@@ -576,6 +597,7 @@ int ssl3_write_bytes(SSL *s, int type, c - const unsigned char *buf=buf_; - unsigned int tot,n,nw; - int i; -+ unsigned int max_plain_length; - - s->rwstate=SSL_NOTHING; - tot=s->s3->wnum; -@@ -595,8 +617,13 @@ int ssl3_write_bytes(SSL *s, int type, c - n=(len-tot); - for (;;) - { -- if (n > s->max_send_fragment) -- nw=s->max_send_fragment; -+ if (type == SSL3_RT_APPLICATION_DATA && (SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS)) -+ max_plain_length = SSL3_RT_DEFAULT_PLAIN_LENGTH; -+ else -+ max_plain_length = s->max_send_fragment; -+ -+ if (n > max_plain_length) -+ nw = max_plain_length; - else - nw=n; - -@@ -727,6 +727,18 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, - s->s3->empty_fragment_done = 1; - } - -+ /* resize if necessary to hold the data. */ -+ if (len + SSL3_RT_DEFAULT_WRITE_OVERHEAD > wb->len) -+ { -+ if ((p=OPENSSL_realloc(wb->buf, len + SSL3_RT_DEFAULT_WRITE_OVERHEAD))==NULL) -+ { -+ SSLerr(SSL_F_DO_SSL3_WRITE,ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ wb->buf = p; -+ wb->len = len + SSL3_RT_DEFAULT_WRITE_OVERHEAD; -+ } -+ - if (create_empty_fragment) - { - #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 ---- openssl-1.0.0a.orig/ssl/ssl.h 2010-01-06 17:37:38.000000000 +0000 -+++ openssl-1.0.0a/ssl/ssl.h 2010-08-25 21:12:39.000000000 +0000 -@@ -602,6 +602,9 @@ typedef struct ssl_session_st - * TLS only.) "Released" buffers are put onto a free-list in the context - * or just freed (depending on the context's setting for freelist_max_len). */ - #define SSL_MODE_RELEASE_BUFFERS 0x00000010L -+/* Use small read and write buffers: (a) lazy allocate read buffers for -+ * large incoming records, and (b) limit the size of outgoing records. */ -+#define SSL_MODE_SMALL_BUFFERS 0x00000020L - - /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, - * they cannot be used to clear bits. */ ---- openssl-1.0.0a.orig/ssl/ssl3.h 2010-01-06 17:37:38.000000000 +0000 -+++ openssl-1.0.0a/ssl/ssl3.h 2010-08-25 21:12:39.000000000 +0000 -@@ -280,6 +280,9 @@ extern "C" { - - #define SSL3_RT_MAX_EXTRA (16384) - -+/* Default buffer length used for writen records. Thus a generated record -+ * will contain plaintext no larger than this value. */ -+#define SSL3_RT_DEFAULT_PLAIN_LENGTH 2048 - /* Maximum plaintext length: defined by SSL/TLS standards */ - #define SSL3_RT_MAX_PLAIN_LENGTH 16384 - /* Maximum compression overhead: defined by SSL/TLS standards */ -@@ -311,6 +314,13 @@ extern "C" { - #define SSL3_RT_MAX_PACKET_SIZE \ - (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) - -+/* Extra space for empty fragment, headers, MAC, and padding. */ -+#define SSL3_RT_DEFAULT_WRITE_OVERHEAD 256 -+#define SSL3_RT_DEFAULT_PACKET_SIZE 4096 - SSL3_RT_DEFAULT_WRITE_OVERHEAD -+#if SSL3_RT_DEFAULT_PLAIN_LENGTH + SSL3_RT_DEFAULT_WRITE_OVERHEAD > SSL3_RT_DEFAULT_PACKET_SIZE -+#error "Insufficient space allocated for write buffers." -+#endif -+ - #define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54" - #define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52" - -@@ -634,4 +645,3 @@ typedef struct ssl3_state_st - } - #endif - #endif -- ---- openssl-1.0.0a.orig/ssl/ssltest.c 2010-01-24 16:57:38.000000000 +0000 -+++ openssl-1.0.0a/ssl/ssltest.c 2010-08-25 21:12:39.000000000 +0000 -@@ -316,6 +316,8 @@ static void sv_usage(void) - " (default is sect163r2).\n"); - #endif - fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n"); -+ fprintf(stderr," -c_small_records - enable client side use of small SSL record buffers\n"); -+ fprintf(stderr," -s_small_records - enable server side use of small SSL record buffers\n"); - } - - static void print_details(SSL *c_ssl, const char *prefix) -@@ -444,6 +447,9 @@ int opaque_prf_input_cb(SSL *ssl, void * - return arg->ret; - } - #endif -+ int ssl_mode = 0; -+ int c_small_records=0; -+ int s_small_records=0; - - int main(int argc, char *argv[]) - { -@@ -680,6 +687,14 @@ int main(int argc, char *argv[]) - { - test_cipherlist = 1; - } -+ else if (strcmp(*argv, "-c_small_records") == 0) -+ { -+ c_small_records = 1; -+ } -+ else if (strcmp(*argv, "-s_small_records") == 0) -+ { -+ s_small_records = 1; -+ } - else - { - fprintf(stderr,"unknown option %s\n",*argv); -@@ -802,6 +821,21 @@ bad: - SSL_CTX_set_cipher_list(s_ctx,cipher); - } - -+ ssl_mode = 0; -+ if (c_small_records) -+ { -+ ssl_mode = SSL_CTX_get_mode(c_ctx); -+ ssl_mode |= SSL_MODE_SMALL_BUFFERS; -+ SSL_CTX_set_mode(c_ctx, ssl_mode); -+ } -+ ssl_mode = 0; -+ if (s_small_records) -+ { -+ ssl_mode = SSL_CTX_get_mode(s_ctx); -+ ssl_mode |= SSL_MODE_SMALL_BUFFERS; -+ SSL_CTX_set_mode(s_ctx, ssl_mode); -+ } -+ - #ifndef OPENSSL_NO_DH - if (!no_dhe) - { ---- openssl-1.0.0.orig/test/testssl 2006-03-10 15:06:27.000000000 -0800 -+++ openssl-1.0.0/test/testssl 2010-04-26 10:24:55.000000000 -0700 -@@ -70,6 +70,16 @@ $ssltest -client_auth $CA $extra || exit - echo test sslv2/sslv3 with both client and server authentication - $ssltest -server_auth -client_auth $CA $extra || exit 1 - -+echo test sslv2/sslv3 with both client and server authentication and small client buffers -+$ssltest -server_auth -client_auth -c_small_records $CA $extra || exit 1 -+ -+echo test sslv2/sslv3 with both client and server authentication and small server buffers -+$ssltest -server_auth -client_auth -s_small_records $CA $extra || exit 1 -+ -+echo test sslv2/sslv3 with both client and server authentication and small client and server buffers -+$ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1 -+ -+ - echo test sslv2 via BIO pair - $ssltest -bio_pair -ssl2 $extra || exit 1 - diff --git a/main/openssl/patches/ssl_Android.mk b/main/openssl/patches/ssl_Android.mk deleted file mode 100644 index 487aabbc..00000000 --- a/main/openssl/patches/ssl_Android.mk +++ /dev/null @@ -1,98 +0,0 @@ -LOCAL_PATH:= $(call my-dir) - -local_c_includes := \ - external/openssl \ - external/openssl/include \ - external/openssl/crypto - -local_src_files:= \ - s2_meth.c \ - s2_srvr.c \ - s2_clnt.c \ - s2_lib.c \ - s2_enc.c \ - s2_pkt.c \ - s3_meth.c \ - s3_srvr.c \ - s3_clnt.c \ - s3_lib.c \ - s3_enc.c \ - s3_pkt.c \ - s3_both.c \ - s23_meth.c \ - s23_srvr.c \ - s23_clnt.c \ - s23_lib.c \ - s23_pkt.c \ - t1_meth.c \ - t1_srvr.c \ - t1_clnt.c \ - t1_lib.c \ - t1_enc.c \ - t1_reneg.c \ - ssl_lib.c \ - ssl_err2.c \ - ssl_cert.c \ - ssl_sess.c \ - ssl_ciph.c \ - ssl_stat.c \ - ssl_rsa.c \ - ssl_asn1.c \ - ssl_txt.c \ - ssl_algs.c \ - bio_ssl.c \ - ssl_err.c \ - kssl.c - -####################################### -# target static library -include $(CLEAR_VARS) -include $(LOCAL_PATH)/../android-config.mk - -ifneq ($(TARGET_ARCH),x86) -LOCAL_NDK_VERSION := 5 -LOCAL_SDK_VERSION := 9 -endif -LOCAL_SRC_FILES += $(local_src_files) -LOCAL_C_INCLUDES += $(local_c_includes) -LOCAL_MODULE_TAGS := optional -LOCAL_MODULE:= libssl_static -include $(BUILD_STATIC_LIBRARY) - -####################################### -# target shared library -include $(CLEAR_VARS) -include $(LOCAL_PATH)/../android-config.mk - -ifneq ($(TARGET_ARCH),x86) -LOCAL_NDK_VERSION := 5 -LOCAL_SDK_VERSION := 9 -endif -LOCAL_SRC_FILES += $(local_src_files) -LOCAL_C_INCLUDES += $(local_c_includes) -LOCAL_SHARED_LIBRARIES += libcrypto -LOCAL_MODULE_TAGS := optional -LOCAL_MODULE:= libssl -include $(BUILD_SHARED_LIBRARY) - -####################################### -# host shared library -include $(CLEAR_VARS) -include $(LOCAL_PATH)/../android-config.mk -LOCAL_SRC_FILES += $(local_src_files) -LOCAL_C_INCLUDES += $(local_c_includes) -LOCAL_SHARED_LIBRARIES += libcrypto -LOCAL_MODULE_TAGS := optional -LOCAL_MODULE:= libssl -include $(BUILD_HOST_SHARED_LIBRARY) - -####################################### -# ssltest -include $(CLEAR_VARS) -include $(LOCAL_PATH)/../android-config.mk -LOCAL_SRC_FILES:= ssltest.c -LOCAL_C_INCLUDES += $(local_c_includes) -LOCAL_SHARED_LIBRARIES := libssl libcrypto -LOCAL_MODULE:= ssltest -LOCAL_MODULE_TAGS := optional -include $(BUILD_EXECUTABLE) diff --git a/main/openssl/patches/sslv3_uninit_padding.patch b/main/openssl/patches/sslv3_uninit_padding.patch deleted file mode 100644 index 89fff7b5..00000000 --- a/main/openssl/patches/sslv3_uninit_padding.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/ssl/s3_enc.c b/google3/third_party/openssl/openssl/ssl/s3_enc.c -index 58386e1..b145970 100644 ---- a/ssl/s3_enc.c -+++ b/ssl/s3_enc.c -@@ -511,6 +511,9 @@ int ssl3_enc(SSL *s, int send) - - /* we need to add 'i-1' padding bytes */ - l+=i; -+ /* the last of these zero bytes will be overwritten -+ * with the padding length. */ -+ memset(&rec->input[rec->length], 0, i); - rec->length+=i; - rec->input[l-1]=(i-1); - } |