Update from 1.0.0-stable.
diff --git a/Configure b/Configure
index c3ebcda..89142eb 100755
--- a/Configure
+++ b/Configure
@@ -484,11 +484,11 @@
# Visual C targets
#
# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
-"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32",
-"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o::ml64:win32",
+"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32",
+"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o::ml64:win32",
# x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
# 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
-"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
# Unified CE target
"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
@@ -918,7 +918,8 @@
$disabled{"tlsext"} = "forced";
}
-if (defined($disabled{"ec"}))
+if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
+ || defined($disabled{"dh"}))
{
$disabled{"gost"} = "forced";
}
diff --git a/INSTALL.W32 b/INSTALL.W32
index 7794cf1..849544b 100644
--- a/INSTALL.W32
+++ b/INSTALL.W32
@@ -27,7 +27,7 @@
- Netwide Assembler, a.k.a. NASM, available from http://nasm.sourceforge.net/
is required if you intend to utilize assembler modules. Note that NASM
- is the only supported assembler.
+ is now the only supported assembler.
If you are compiling from a tarball or a CVS snapshot then the Win32 files
may well be not up to date. This may mean that some "tweaking" is required to
@@ -43,7 +43,7 @@
Firstly you should run Configure:
- > perl Configure VC-WIN32 --prefix=c:/some/openssl/dir
+ > perl Configure VC-WIN32 --prefix=c:\some\openssl\dir
Where the prefix argument specifies where OpenSSL will be installed to.
@@ -56,6 +56,7 @@
- If you don't want to use the assembly language files at all then run:
+ > perl Configure VC-WIN32 no-asm --prefix=c:/some/openssl/dir
> ms\do_ms
If you get errors about things not having numbers assigned then check the
diff --git a/apps/apps.c b/apps/apps.c
index 7294c26..b04bfbd 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -921,11 +921,13 @@
&pkey, NULL, NULL))
goto end;
}
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
else if (format == FORMAT_MSBLOB)
pkey = b2i_PrivateKey_bio(key);
else if (format == FORMAT_PVK)
pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback,
&cb_data);
+#endif
else
{
BIO_printf(err,"bad input format specified for key file\n");
@@ -989,6 +991,7 @@
{
pkey=d2i_PUBKEY_bio(key, NULL);
}
+#ifndef OPENSSL_NO_RSA
else if (format == FORMAT_ASN1RSA)
{
RSA *rsa;
@@ -1018,7 +1021,7 @@
else
pkey = NULL;
}
-
+#endif
else if (format == FORMAT_PEM)
{
pkey=PEM_read_bio_PUBKEY(key,NULL,
@@ -1028,8 +1031,10 @@
else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
pkey = load_netscape_key(err, key, file, key_descrip, format);
#endif
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
else if (format == FORMAT_MSBLOB)
pkey = b2i_PublicKey_bio(key);
+#endif
else
{
BIO_printf(err,"bad input format specified for key file\n");
diff --git a/apps/dh.c b/apps/dh.c
index c4d891e..e9609d6 100644
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -349,4 +349,10 @@
apps_shutdown();
OPENSSL_EXIT(ret);
}
+#else /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
#endif
diff --git a/apps/dhparam.c b/apps/dhparam.c
index 04bd57c..5fab29e 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -554,4 +554,10 @@
return 1;
}
+#else /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
#endif
diff --git a/apps/dsa.c b/apps/dsa.c
index 5911f11..9f38e2b 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -334,6 +334,7 @@
i=PEM_write_bio_DSA_PUBKEY(out,dsa);
else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
NULL,0,NULL, passout);
+#ifndef OPENSSL_NO_RSA
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
@@ -345,6 +346,7 @@
else
i = i2b_PrivateKey_bio(out, pk);
EVP_PKEY_free(pk);
+#endif
} else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
goto end;
@@ -365,4 +367,10 @@
apps_shutdown();
OPENSSL_EXIT(ret);
}
+#else /* !OPENSSL_NO_DSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
#endif
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index c301e81..4305a73 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -475,4 +475,10 @@
#endif
return 1;
}
+#else /* !OPENSSL_NO_DSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
#endif
diff --git a/apps/gendh.c b/apps/gendh.c
index 4749786..caa7327 100644
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -235,4 +235,10 @@
#endif
return 1;
}
+#else /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
#endif
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 8a296c6..22c3962 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -279,4 +279,10 @@
apps_shutdown();
OPENSSL_EXIT(ret);
}
+#else /* !OPENSSL_NO_DSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
#endif
diff --git a/apps/req.c b/apps/req.c
index 3b4ab28..e9b764b 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1715,7 +1715,7 @@
ERR_print_errors(err);
return NULL;
}
-
+#ifndef OPENSSL_NO_RSA
if ((*pkey_type == EVP_PKEY_RSA) && (keylen != -1))
{
if (EVP_PKEY_CTX_set_rsa_keygen_bits(gctx, keylen) <= 0)
@@ -1726,6 +1726,7 @@
return NULL;
}
}
+#endif
return gctx;
}
diff --git a/apps/rsa.c b/apps/rsa.c
index c316da7..4a6206b 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -409,6 +409,7 @@
}
else i=PEM_write_bio_RSAPrivateKey(out,rsa,
enc,NULL,0,NULL,passout);
+#ifndef OPENSSL_NO_DSA
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
@@ -420,6 +421,7 @@
else
i = i2b_PrivateKey_bio(out, pk);
EVP_PKEY_free(pk);
+#endif
} else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
goto end;
diff --git a/apps/rsautl.c b/apps/rsautl.c
index 923e2b6..b01f004 100644
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -342,4 +342,10 @@
}
+#else /* !OPENSSL_NO_RSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
#endif
diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
index 9d2b78d..e396704 100644
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@@ -61,7 +61,9 @@
#include <stdio.h>
#include <errno.h>
+#ifdef OPENSSL_SYS_VMS
#include <sys/time.h>
+#endif
#define USE_SOCKETS
#include "cryptlib.h"
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 51f0b6a..4a05f0b 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -77,9 +77,15 @@
static const EVP_PKEY_METHOD *standard_methods[] =
{
+#ifndef OPENSSL_NO_RSA
&rsa_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_DH
&dh_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_DSA
&dsa_pkey_meth,
+#endif
#ifndef OPENSSL_NO_EC
&ec_pkey_meth,
#endif
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 5d391cf..11e1f10 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -63,6 +63,7 @@
#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/bn.h>
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
#include <openssl/dsa.h>
#include <openssl/rsa.h>
@@ -933,3 +934,4 @@
}
return -1;
}
+#endif
diff --git a/engines/e_capi.c b/engines/e_capi.c
index e98946c..01ef96b 100644
--- a/engines/e_capi.c
+++ b/engines/e_capi.c
@@ -56,12 +56,12 @@
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/buffer.h>
-#include <openssl/rsa.h>
#include <openssl/bn.h>
#ifdef OPENSSL_SYS_WIN32
#ifndef OPENSSL_NO_CAPIENG
+#include <openssl/rsa.h>
#include <windows.h>
diff --git a/engines/e_gmp.c b/engines/e_gmp.c
index dc9f295..c1f5601 100644
--- a/engines/e_gmp.c
+++ b/engines/e_gmp.c
@@ -85,7 +85,9 @@
#include <openssl/crypto.h>
#include <openssl/buffer.h>
#include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
+#endif
#include <openssl/bn.h>
#ifndef OPENSSL_NO_HW
diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c
index e8389de..fe6bdba 100644
--- a/engines/e_ubsec.c
+++ b/engines/e_ubsec.c
@@ -95,14 +95,14 @@
static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
+#ifndef OPENSSL_NO_RSA
static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *q, const BIGNUM *dp,
const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx);
-#ifndef OPENSSL_NO_RSA
static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
-#endif
static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#endif
#ifndef OPENSSL_NO_DSA
#ifdef NOT_USED
static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
@@ -302,10 +302,10 @@
*p_UBSEC_diffie_hellman_generate_ioctl = NULL;
static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl = NULL;
#endif
-/* #ifndef OPENSSL_NO_RSA */
static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL;
+#ifndef OPENSSL_NO_RSA
static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-/* #endif */
+#endif
#ifndef OPENSSL_NO_DSA
static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL;
static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL;
@@ -624,7 +624,6 @@
err:
return to_return;
}
-#endif
static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *q, const BIGNUM *dp,
@@ -672,6 +671,7 @@
r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1)/BN_BITS2;
return 1;
}
+#endif
#ifndef OPENSSL_NO_DSA
#ifdef NOT_USED
@@ -704,6 +704,8 @@
#endif
#endif
+#ifndef OPENSSL_NO_RSA
+
/*
* This function is aliased to mod_exp (with the mont stuff dropped).
*/
@@ -712,7 +714,6 @@
{
int ret = 0;
-#ifndef OPENSSL_NO_RSA
/* Do in software if the key is too large for the hardware. */
if (BN_num_bits(m) > max_key_len)
{
@@ -720,13 +721,13 @@
ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx);
}
else
-#endif
{
ret = ubsec_mod_exp(r, a, p, m, ctx);
}
return ret;
}
+#endif
#ifndef OPENSSL_NO_DH
/* This function is aliased to mod_exp (with the dh and mont dropped). */
diff --git a/ms/do_ms.bat b/ms/do_ms.bat
index 9323336..55014d3 100755
--- a/ms/do_ms.bat
+++ b/ms/do_ms.bat
@@ -1,9 +1,11 @@
-
-perl util\mkfiles.pl >MINFO
-perl util\mk1mf.pl no-asm VC-WIN32 >ms\nt.mak
-perl util\mk1mf.pl dll no-asm VC-WIN32 >ms\ntdll.mak
-perl util\mk1mf.pl no-asm VC-CE >ms\ce.mak
-perl util\mk1mf.pl dll no-asm VC-CE >ms\cedll.mak
-
-perl util\mkdef.pl 32 libeay > ms\libeay32.def
-perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
+
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl no-asm VC-WIN32 >ms\nt.mak
+perl util\mk1mf.pl dll no-asm VC-WIN32 >ms\ntdll.mak
+if x%OSVERSION% == x goto skipce
+perl util\mk1mf.pl no-asm VC-CE >ms\ce.mak
+perl util\mk1mf.pl dll no-asm VC-CE >ms\cedll.mak
+:skipce
+
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
