New Configure option no-<cipher> (rsa, idea, rc5, ...).
diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl index 83c19aa..5971ada 100644 --- a/apps/Makefile.ssl +++ b/apps/Makefile.ssl
@@ -109,7 +109,7 @@ lint -DLINT $(INCLUDES) $(SRC)>fluff depend: - $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(SRC) + $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC) dclean: $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
diff --git a/apps/ciphers.c b/apps/ciphers.c index 3c76782..08e47be 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c
@@ -66,6 +66,10 @@ #include <openssl/err.h> #include <openssl/ssl.h> +#if defined(NO_RSA) && !defined(NO_SSL2) +#define NO_SSL2 +#endif + #undef PROG #define PROG ciphers_main
diff --git a/apps/dh.c b/apps/dh.c index 0274248..b4abbe7 100644 --- a/apps/dh.c +++ b/apps/dh.c
@@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#ifndef NO_DH #include <stdio.h> #include <stdlib.h> #include <time.h> @@ -308,3 +309,4 @@ if (dh != NULL) DH_free(dh); EXIT(ret); } +#endif
diff --git a/apps/dsa.c b/apps/dsa.c index dc282b7..977955a 100644 --- a/apps/dsa.c +++ b/apps/dsa.c
@@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#ifndef NO_DSA #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -252,4 +253,4 @@ if (dsa != NULL) DSA_free(dsa); EXIT(ret); } - +#endif
diff --git a/apps/dsaparam.c b/apps/dsaparam.c index bd368a3..118d974 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c
@@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#ifndef NO_DSA #include <stdio.h> #include <stdlib.h> #include <time.h> @@ -349,3 +350,4 @@ p=n; #endif } +#endif
diff --git a/apps/enc.c b/apps/enc.c index ce5f7f0..ca5691d 100644 --- a/apps/enc.c +++ b/apps/enc.c
@@ -65,7 +65,7 @@ #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/x509.h> -#ifdef NO_MD5 +#ifndef NO_MD5 #include <openssl/md5.h> #endif #include <openssl/pem.h>
diff --git a/apps/gendh.c b/apps/gendh.c index e3be082..b3c1958 100644 --- a/apps/gendh.c +++ b/apps/gendh.c
@@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#ifndef NO_DH #include <stdio.h> #include <string.h> #include <sys/types.h> @@ -219,5 +220,4 @@ } return(tot); } - - +#endif
diff --git a/apps/gendsa.c b/apps/gendsa.c index e43fd6a..da43245 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c
@@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#ifndef NO_DSA #include <stdio.h> #include <string.h> #include <sys/types.h> @@ -228,5 +229,4 @@ } return(tot); } - - +#endif
diff --git a/apps/genrsa.c b/apps/genrsa.c index 2218fb0..1cba9f5 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c
@@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#ifndef NO_RSA #include <stdio.h> #include <string.h> #include <sys/types.h> @@ -262,5 +263,4 @@ } return(tot); } - - +#endif
diff --git a/apps/pem_mail.c b/apps/pem_mail.c index b60c9a3..f85c7b1 100644 --- a/apps/pem_mail.c +++ b/apps/pem_mail.c
@@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#ifndef NO_RSA #include <stdio.h> #include <openssl/rsa.h> #include <openssl/evp.h> @@ -166,3 +167,4 @@ ERR_print_errors(bio_err); EXIT(1); } +#endif
diff --git a/apps/rsa.c b/apps/rsa.c index 1372a5f..3be1f67 100644 --- a/apps/rsa.c +++ b/apps/rsa.c
@@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#ifndef NO_RSA #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -298,4 +299,4 @@ if (rsa != NULL) RSA_free(rsa); EXIT(ret); } - +#endif
diff --git a/apps/s_client.c b/apps/s_client.c index ae3ce3e..44f228a 100644 --- a/apps/s_client.c +++ b/apps/s_client.c
@@ -70,6 +70,10 @@ #include <openssl/pem.h> #include "s_apps.h" +#if defined(NO_RSA) && !defined(NO_SSL2) +#define NO_SSL2 +#endif + #undef PROG #define PROG s_client_main
diff --git a/apps/s_server.c b/apps/s_server.c index dc218db..7d1b569 100644 --- a/apps/s_server.c +++ b/apps/s_server.c
@@ -74,7 +74,13 @@ #include <openssl/ssl.h> #include "s_apps.h" +#if defined(NO_RSA) && !defined(NO_SSL2) +#define NO_SSL2 +#endif + +#ifndef NO_RSA static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int export,int keylength); +#endif static int sv_body(char *hostname, int s, unsigned char *context); static int www_body(char *hostname, int s, unsigned char *context); static void close_accept_socket(void ); @@ -470,6 +476,7 @@ goto end; } +#ifndef NO_RSA #if 1 SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); #else @@ -491,6 +498,7 @@ BIO_printf(bio_s_out,"\n"); } #endif +#endif if (cipher != NULL) SSL_CTX_set_cipher_list(ctx,cipher); @@ -1199,6 +1207,7 @@ return(ret); } +#ifndef NO_RSA static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int export, int keylength) { static RSA *rsa_tmp=NULL; @@ -1210,9 +1219,7 @@ BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength); BIO_flush(bio_err); } -#ifndef NO_RSA rsa_tmp=RSA_generate_key(keylength,RSA_F4,NULL,NULL); -#endif if (!s_quiet) { BIO_printf(bio_err,"\n"); @@ -1221,3 +1228,4 @@ } return(rsa_tmp); } +#endif
diff --git a/apps/s_time.c b/apps/s_time.c index ae16192..c5e3dcd 100644 --- a/apps/s_time.c +++ b/apps/s_time.c
@@ -67,6 +67,10 @@ #include <stdlib.h> #include <string.h> +#if defined(NO_RSA) && !defined(NO_SSL2) +#define NO_SSL2 +#endif + #ifdef NO_STDIO #define APPS_WIN16 #endif
diff --git a/apps/speed.c b/apps/speed.c index ce489e6..4c48fd5 100644 --- a/apps/speed.c +++ b/apps/speed.c
@@ -127,10 +127,10 @@ #include <openssl/hmac.h> #include <openssl/evp.h> #endif -#ifndef NO_SHA1 +#ifndef NO_SHA #include <openssl/sha.h> #endif -#ifndef NO_RMD160 +#ifndef NO_RIPEMD #include <openssl/ripemd.h> #endif #ifndef NO_RC4 @@ -145,7 +145,7 @@ #ifndef NO_IDEA #include <openssl/idea.h> #endif -#ifndef NO_BLOWFISH +#ifndef NO_BF #include <openssl/blowfish.h> #endif #ifndef NO_CAST @@ -153,9 +153,9 @@ #endif #ifndef NO_RSA #include <openssl/rsa.h> +#include "./testrsa.h" #endif #include <openssl/x509.h> -#include "./testrsa.h" #ifndef NO_DSA #include "./testdsa.h" #endif @@ -261,10 +261,10 @@ unsigned char md5[MD5_DIGEST_LENGTH]; unsigned char hmac[MD5_DIGEST_LENGTH]; #endif -#ifndef NO_SHA1 +#ifndef NO_SHA unsigned char sha[SHA_DIGEST_LENGTH]; #endif -#ifndef NO_RMD160 +#ifndef NO_RIPEMD unsigned char rmd160[RIPEMD160_DIGEST_LENGTH]; #endif #ifndef NO_RC4 @@ -279,7 +279,7 @@ #ifndef NO_IDEA IDEA_KEY_SCHEDULE idea_ks; #endif -#ifndef NO_BLOWFISH +#ifndef NO_BF BF_KEY bf_ks; #endif #ifndef NO_CAST @@ -323,9 +323,9 @@ #define R_RSA_1024 1 #define R_RSA_2048 2 #define R_RSA_4096 3 +#ifndef NO_RSA RSA *rsa_key[RSA_NUM]; long rsa_c[RSA_NUM][2]; -#ifndef NO_RSA double rsa_results[RSA_NUM][2]; static unsigned int rsa_bits[RSA_NUM]={512,1024,2048,4096}; static unsigned char *rsa_data[RSA_NUM]= @@ -346,7 +346,7 @@ int pr_header=0; apps_startup(); -#ifdef NO_DSA +#ifndef NO_DSA memset(dsa_key,0,sizeof(dsa_key)); #endif @@ -402,13 +402,13 @@ if (strcmp(*argv,"hmac") == 0) doit[D_HMAC]=1; else #endif -#ifndef NO_SHA1 +#ifndef NO_SHA if (strcmp(*argv,"sha1") == 0) doit[D_SHA1]=1; else if (strcmp(*argv,"sha") == 0) doit[D_SHA1]=1; else #endif -#ifndef NO_RMD160 +#ifndef NO_RIPEMD if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1; else if (strcmp(*argv,"rmd160") == 0) doit[D_RMD160]=1; @@ -464,7 +464,7 @@ else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1; else #endif -#ifndef NO_BLOWFISH +#ifndef NO_BF if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1; else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1; else if (strcmp(*argv,"bf") == 0) doit[D_CBC_BF]=1; @@ -514,10 +514,10 @@ #ifndef NO_RC5 BIO_printf(bio_err,"rc5-cbc "); #endif -#ifndef NO_BLOWFISH +#ifndef NO_BF BIO_printf(bio_err,"bf-cbc"); #endif -#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BLOWFISH) && !defined(NO_RC5) +#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BF) && !defined(NO_RC5) BIO_printf(bio_err,"\n"); #endif BIO_printf(bio_err,"des-cbc des-ede3 "); @@ -601,14 +601,15 @@ #ifndef NO_RC5 RC5_32_set_key(&rc5_ks,16,key16,12); #endif -#ifndef NO_BLOWFISH +#ifndef NO_BF BF_set_key(&bf_ks,16,key16); #endif #ifndef NO_CAST CAST_set_key(&cast_ks,16,key16); #endif - +#ifndef NO_RSA memset(rsa_c,0,sizeof(rsa_c)); +#endif #ifndef SIGALRM BIO_printf(bio_err,"First we calculate the approximate speed ...\n"); count=10; @@ -659,6 +660,7 @@ c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1; c[D_CBC_CAST][i]=c[D_CBC_CAST][i-1]*l0/l1; } +#ifndef NO_RSA rsa_c[R_RSA_512][0]=count/2000; rsa_c[R_RSA_512][1]=count/400; for (i=1; i<RSA_NUM; i++) @@ -676,6 +678,7 @@ } } } +#endif dsa_c[R_DSA_512][0]=count/1000; dsa_c[R_DSA_512][1]=count/1000/2; @@ -777,7 +780,7 @@ } } #endif -#ifndef NO_SHA1 +#ifndef NO_SHA if (doit[D_SHA1]) { for (j=0; j<SIZE_NUM; j++) @@ -793,7 +796,7 @@ } } #endif -#ifndef NO_RMD160 +#ifndef NO_RIPEMD if (doit[D_RMD160]) { for (j=0; j<SIZE_NUM; j++) @@ -914,7 +917,7 @@ } } #endif -#ifndef NO_BLOWFISH +#ifndef NO_BF if (doit[D_CBC_BF]) { for (j=0; j<SIZE_NUM; j++) @@ -1092,7 +1095,7 @@ #ifndef NO_IDEA printf("%s ",idea_options()); #endif -#ifndef NO_BLOWFISH +#ifndef NO_BF printf("%s ",BF_options()); #endif fprintf(stdout,"\n%s\n",SSLeay_version(SSLEAY_CFLAGS));
diff --git a/apps/version.c b/apps/version.c index f249d15..a567f34 100644 --- a/apps/version.c +++ b/apps/version.c
@@ -119,7 +119,7 @@ #ifndef NO_IDEA printf("%s ",idea_options()); #endif -#ifndef NO_BLOWFISH +#ifndef NO_BF printf("%s ",BF_options()); #endif printf("\n");