diff --git a/.gitignore b/.gitignore index 77d15ac2c..78c79be84 100644 --- a/.gitignore +++ b/.gitignore @@ -1,13 +1,14 @@ *.lo *.la *.o -*.m4 *.deps *.libs *sh *.cache config* stamp* +libtool.m4 +lt*.m4 Makefile.in Makefile depcomp diff --git a/configure.in b/configure.in index b93fa7447..e134b00df 100644 --- a/configure.in +++ b/configure.in @@ -33,6 +33,7 @@ AC_CHECK_LIBM AC_CHECK_HEADERS(errno.h) + OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer" OPTIMIZE_FAST_CFLAGS="-O3 -fomit-frame-pointer" OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET" @@ -457,6 +458,9 @@ AS_HELP_STRING(--enable-linker-hardening, enable linker security fixups), fi]) +PANDORA_VISIBILITY +CFLAGS="$CFLAGS $CFLAG_VISIBILITY" + AC_SUBST(CFLAGS) AC_SUBST(LIBS) diff --git a/ctaocrypt/include/arc4.h b/ctaocrypt/include/arc4.h index 1ffff6f35..592495b38 100644 --- a/ctaocrypt/include/arc4.h +++ b/ctaocrypt/include/arc4.h @@ -43,8 +43,8 @@ typedef struct Arc4 { byte state[ARC4_STATE_SIZE]; } Arc4; -void Arc4Process(Arc4*, byte*, const byte*, word32); -void Arc4SetKey(Arc4*, const byte*, word32); +CYASSL_API void Arc4Process(Arc4*, byte*, const byte*, word32); +CYASSL_API void Arc4SetKey(Arc4*, const byte*, word32); #ifdef __cplusplus diff --git a/ctaocrypt/include/asn.h b/ctaocrypt/include/asn.h index a98e1bf51..c7959d813 100644 --- a/ctaocrypt/include/asn.h +++ b/ctaocrypt/include/asn.h @@ -238,48 +238,59 @@ struct Signer { }; -void InitDecodedCert(DecodedCert*, byte*, void*); -void FreeDecodedCert(DecodedCert*); -int ParseCert(DecodedCert*, word32, int type, int verify, Signer* signer); -int ParseCertRelative(DecodedCert*, word32, int type, int verify, - Signer* signer); +CYASSL_API void InitDecodedCert(DecodedCert*, byte*, void*); +CYASSL_API void FreeDecodedCert(DecodedCert*); +CYASSL_API int ParseCert(DecodedCert*, word32, int type, int verify, + Signer* signer); +CYASSL_LOCAL int ParseCertRelative(DecodedCert*, word32, int type, int verify, + Signer* signer); -word32 EncodeSignature(byte* out, const byte* digest, word32 digSz,int hashOID); +CYASSL_LOCAL word32 EncodeSignature(byte* out, const byte* digest, word32 digSz, + int hashOID); -Signer* MakeSigner(void*); -void FreeSigners(Signer*, void*); +CYASSL_LOCAL Signer* MakeSigner(void*); +CYASSL_LOCAL void FreeSigners(Signer*, void*); -int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32); -int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32); -int ToTraditional(byte* buffer, word32 length); -int ToTraditionalEnc(byte* buffer, word32 length, const char*, int); +CYASSL_API int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, + word32); +CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, + word32); +CYASSL_LOCAL int ToTraditional(byte* buffer, word32 length); +CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int); #ifndef NO_DH -int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32); -int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz); +CYASSL_API int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, + word32); +CYASSL_API int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, + word32 gSz); #endif #ifndef NO_DSA -int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, word32); -int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, word32); +CYASSL_API int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, + word32); +CYASSL_API int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, + word32); #endif #ifdef CYASSL_KEY_GEN -int RsaKeyToDer(RsaKey*, byte* output, word32 inLen); +CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen); #endif #ifdef HAVE_ECC /* ASN sig helpers */ - int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s); - int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s); + CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, + mp_int* s); + CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, + mp_int* r, mp_int* s); /* private key helpers */ - int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,ecc_key*,word32); + CYASSL_LOCAL int EccPrivateKeyDecode(const byte* input,word32* inOutIdx, + ecc_key*,word32); #endif #if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) -int DerToPem(const byte* der, word32 derSz, byte* output, word32 outputSz, - int type); +CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output, + word32 outputSz, int type); #endif #ifdef CYASSL_CERT_GEN @@ -331,14 +342,15 @@ typedef struct Cert { subject = blank keyType = RSA_KEY (default) */ -void InitCert(Cert*); -int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); -int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); -int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); -int SetIssuer(Cert*, const char*); +CYASSL_API void InitCert(Cert*); +CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); +CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); +CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, + RNG*); +CYASSL_API int SetIssuer(Cert*, const char*); #ifdef HAVE_NTRU -int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, const byte* ntruKey, - word16 keySz, RNG*); +CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, + const byte* ntruKey, word16 keySz, RNG*); #endif diff --git a/ctaocrypt/include/coding.h b/ctaocrypt/include/coding.h index 2ece68f5e..72d3aaf97 100644 --- a/ctaocrypt/include/coding.h +++ b/ctaocrypt/include/coding.h @@ -31,11 +31,15 @@ /* decode needed by CyaSSL */ -int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen); +CYASSL_LOCAL int Base64Decode(const byte* in, word32 inLen, byte* out, + word32* outLen); #if defined(OPENSSL_EXTRA) || defined(SESSION_CERTS) || defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) || defined(HAVE_WEBSERVER) /* encode isn't */ - int Base64Encode(const byte* in, word32 inLen, byte* out, word32* outLen); + CYASSL_LOCAL + int Base64Encode(const byte* in, word32 inLen, byte* out, + word32* outLen); + CYASSL_LOCAL int Base16Decode(const byte* in, word32 inLen, byte* out, word32* outLen); #endif diff --git a/ctaocrypt/include/config.h b/ctaocrypt/include/config.h index 7230d2c67..1267a8baf 100644 --- a/ctaocrypt/include/config.h +++ b/ctaocrypt/include/config.h @@ -40,6 +40,10 @@ /* Define to 1 if you have the header file. */ #define HAVE_UNISTD_H 1 +/* Define to 1 or 0, depending whether the compiler supports simple visibility + declarations. */ +#define HAVE_VISIBILITY 1 + /* Define to the sub-directory in which libtool stores uninstalled libraries. */ #define LT_OBJDIR ".libs/" diff --git a/ctaocrypt/include/config.h.in b/ctaocrypt/include/config.h.in index 4a3601353..357d05033 100644 --- a/ctaocrypt/include/config.h.in +++ b/ctaocrypt/include/config.h.in @@ -39,6 +39,10 @@ /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H +/* Define to 1 or 0, depending whether the compiler supports simple visibility + declarations. */ +#undef HAVE_VISIBILITY + /* Define to the sub-directory in which libtool stores uninstalled libraries. */ #undef LT_OBJDIR diff --git a/ctaocrypt/include/ctc_aes.h b/ctaocrypt/include/ctc_aes.h index 64fc7426e..747408375 100644 --- a/ctaocrypt/include/ctc_aes.h +++ b/ctaocrypt/include/ctc_aes.h @@ -69,9 +69,10 @@ typedef struct Aes { } Aes; -int AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, int dir); -void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); -void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz); +CYASSL_API int AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, + int dir); +CYASSL_API void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); +CYASSL_API void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz); #ifdef __cplusplus diff --git a/ctaocrypt/include/ctc_dh.h b/ctaocrypt/include/ctc_dh.h index f94b6d720..4329a3855 100644 --- a/ctaocrypt/include/ctc_dh.h +++ b/ctaocrypt/include/ctc_dh.h @@ -40,13 +40,14 @@ typedef struct DhKey { } DhKey; -void InitDhKey(DhKey* key); -void FreeDhKey(DhKey* key); +CYASSL_API void InitDhKey(DhKey* key); +CYASSL_API void FreeDhKey(DhKey* key); -int DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv, word32* privSz, - byte* pub, word32* pubSz); -int DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv, - word32 privSz, const byte* otherPub, word32 pubSz); +CYASSL_API int DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv, + word32* privSz, byte* pub, word32* pubSz); +CYASSL_API int DhAgree(DhKey* key, byte* agree, word32* agreeSz, + const byte* priv, word32 privSz, const byte* otherPub, + word32 pubSz); #ifdef __cplusplus diff --git a/ctaocrypt/include/ctc_dsa.h b/ctaocrypt/include/ctc_dsa.h index 1779e2097..1dbcb77fe 100644 --- a/ctaocrypt/include/ctc_dsa.h +++ b/ctaocrypt/include/ctc_dsa.h @@ -45,11 +45,12 @@ typedef struct DsaKey { } DsaKey; -void InitDsaKey(DsaKey* key); -void FreeDsaKey(DsaKey* key); +CYASSL_API void InitDsaKey(DsaKey* key); +CYASSL_API void FreeDsaKey(DsaKey* key); -int DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng); -int DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer); +CYASSL_API int DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng); +CYASSL_API int DsaVerify(const byte* digest, const byte* sig, DsaKey* key, + int* answer); #ifdef __cplusplus diff --git a/ctaocrypt/include/ctc_ecc.h b/ctaocrypt/include/ctc_ecc.h index 207a96c41..6a2cff301 100644 --- a/ctaocrypt/include/ctc_ecc.h +++ b/ctaocrypt/include/ctc_ecc.h @@ -80,28 +80,36 @@ typedef struct { extern const ecc_set_type ecc_sets[]; +CYASSL_LOCAL int ecc_make_key(RNG* rng, int keysize, ecc_key* key); +CYASSL_LOCAL int ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, word32* outlen); - +CYASSL_LOCAL int ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, RNG* rng, ecc_key* key); +CYASSL_LOCAL int ecc_verify_hash(const byte* sig, word32 siglen, byte* hash, word32 hashlen, int* stat, ecc_key* key); - +CYASSL_LOCAL void ecc_init(ecc_key* key); +CYASSL_LOCAL void ecc_free(ecc_key* key); /* ASN key helpers */ +CYASSL_LOCAL int ecc_export_x963(ecc_key*, byte* out, word32* outLen); +CYASSL_LOCAL int ecc_import_x963(const byte* in, word32 inLen, ecc_key* key); - +CYASSL_LOCAL int ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, word32 pubSz, ecc_key* key); /* size helper */ +CYASSL_LOCAL int ecc_size(ecc_key* key); +CYASSL_LOCAL int ecc_sig_size(ecc_key* key); /* TODO: fix mutex types */ diff --git a/ctaocrypt/include/ctc_hmac.h b/ctaocrypt/include/ctc_hmac.h index 27ecb605c..12deecf71 100644 --- a/ctaocrypt/include/ctc_hmac.h +++ b/ctaocrypt/include/ctc_hmac.h @@ -70,9 +70,10 @@ typedef struct Hmac { } Hmac; -void HmacSetKey(Hmac*, int type, const byte* key, word32 keySz); /* does init */ -void HmacUpdate(Hmac*, const byte*, word32); -void HmacFinal(Hmac*, byte*); +/* does init */ +CYASSL_API void HmacSetKey(Hmac*, int type, const byte* key, word32 keySz); +CYASSL_API void HmacUpdate(Hmac*, const byte*, word32); +CYASSL_API void HmacFinal(Hmac*, byte*); #ifdef __cplusplus diff --git a/ctaocrypt/include/ctc_md4.h b/ctaocrypt/include/ctc_md4.h index 2bb389d28..2305426d0 100644 --- a/ctaocrypt/include/ctc_md4.h +++ b/ctaocrypt/include/ctc_md4.h @@ -50,9 +50,9 @@ typedef struct Md4 { } Md4; -void InitMd4(Md4*); -void Md4Update(Md4*, const byte*, word32); -void Md4Final(Md4*, byte*); +CYASSL_API void InitMd4(Md4*); +CYASSL_API void Md4Update(Md4*, const byte*, word32); +CYASSL_API void Md4Final(Md4*, byte*); #ifdef __cplusplus diff --git a/ctaocrypt/include/ctc_md5.h b/ctaocrypt/include/ctc_md5.h index 058f3ed24..20393c110 100644 --- a/ctaocrypt/include/ctc_md5.h +++ b/ctaocrypt/include/ctc_md5.h @@ -49,9 +49,9 @@ typedef struct Md5 { } Md5; -void InitMd5(Md5*); -void Md5Update(Md5*, const byte*, word32); -void Md5Final(Md5*, byte*); +CYASSL_API void InitMd5(Md5*); +CYASSL_API void Md5Update(Md5*, const byte*, word32); +CYASSL_API void Md5Final(Md5*, byte*); #ifdef __cplusplus diff --git a/ctaocrypt/include/ctc_ripemd.h b/ctaocrypt/include/ctc_ripemd.h index dff207199..7b44b39b2 100644 --- a/ctaocrypt/include/ctc_ripemd.h +++ b/ctaocrypt/include/ctc_ripemd.h @@ -52,9 +52,9 @@ typedef struct RipeMd { } RipeMd; -void InitRipeMd(RipeMd*); -void RipeMdUpdate(RipeMd*, const byte*, word32); -void RipeMdFinal(RipeMd*, byte*); +CYASSL_API void InitRipeMd(RipeMd*); +CYASSL_API void RipeMdUpdate(RipeMd*, const byte*, word32); +CYASSL_API void RipeMdFinal(RipeMd*, byte*); #ifdef __cplusplus diff --git a/ctaocrypt/include/ctc_rsa.h b/ctaocrypt/include/ctc_rsa.h index f47bbe296..fe6a6de97 100644 --- a/ctaocrypt/include/ctc_rsa.h +++ b/ctaocrypt/include/ctc_rsa.h @@ -45,24 +45,25 @@ typedef struct RsaKey { } RsaKey; -void InitRsaKey(RsaKey* key, void*); -void FreeRsaKey(RsaKey* key); +CYASSL_API void InitRsaKey(RsaKey* key, void*); +CYASSL_API void FreeRsaKey(RsaKey* key); -int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen, - RsaKey* key, RNG* rng); -int RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key); -int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen, - RsaKey* key); -int RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen, - RsaKey* key, RNG* rng); -int RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key); -int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen, - RsaKey* key); - -int RsaEncryptSize(RsaKey* key); +CYASSL_API int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key, RNG* rng); +CYASSL_API int RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, + RsaKey* key); +CYASSL_API int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key); +CYASSL_API int RsaSSL_Sign(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key, RNG* rng); +CYASSL_API int RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, + RsaKey* key); +CYASSL_API int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key); +CYASSL_API int RsaEncryptSize(RsaKey* key); #ifdef CYASSL_KEY_GEN - int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng); + CYASSL_API int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng); #endif diff --git a/ctaocrypt/include/ctc_sha.h b/ctaocrypt/include/ctc_sha.h index ab7f6cb1f..6d799ec38 100644 --- a/ctaocrypt/include/ctc_sha.h +++ b/ctaocrypt/include/ctc_sha.h @@ -50,9 +50,9 @@ typedef struct Sha { } Sha; -void InitSha(Sha*); -void ShaUpdate(Sha*, const byte*, word32); -void ShaFinal(Sha*, byte*); +CYASSL_API void InitSha(Sha*); +CYASSL_API void ShaUpdate(Sha*, const byte*, word32); +CYASSL_API void ShaFinal(Sha*, byte*); #ifdef __cplusplus diff --git a/ctaocrypt/include/cyassl_memory.h b/ctaocrypt/include/cyassl_memory.h index f9a167324..8b39b4527 100644 --- a/ctaocrypt/include/cyassl_memory.h +++ b/ctaocrypt/include/cyassl_memory.h @@ -37,13 +37,13 @@ typedef void (*CyaSSL_Free_cb)(void *ptr); typedef void *(*CyaSSL_Realloc_cb)(void *ptr, size_t size); -int CyaSSL_SetAllocators(CyaSSL_Malloc_cb malloc_function, - CyaSSL_Free_cb free_function, - CyaSSL_Realloc_cb realloc_function); +CYASSL_API int CyaSSL_SetAllocators(CyaSSL_Malloc_cb malloc_function, + CyaSSL_Free_cb free_function, + CyaSSL_Realloc_cb realloc_function); -void* CyaSSL_Malloc(size_t size); -void CyaSSL_Free(void *ptr); -void* CyaSSL_Realloc(void *ptr, size_t size); +CYASSL_API void* CyaSSL_Malloc(size_t size); +CYASSL_API void CyaSSL_Free(void *ptr); +CYASSL_API void* CyaSSL_Realloc(void *ptr, size_t size); diff --git a/ctaocrypt/include/des3.h b/ctaocrypt/include/des3.h index 3af40fb36..927d7defb 100644 --- a/ctaocrypt/include/des3.h +++ b/ctaocrypt/include/des3.h @@ -57,13 +57,13 @@ typedef struct Des3 { } Des3; -void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir); -void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz); -void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz); +CYASSL_API void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir); +CYASSL_API void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz); +CYASSL_API void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz); -void Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir); -void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz); -void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz); +CYASSL_API void Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir); +CYASSL_API void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz); +CYASSL_API void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz); #ifdef __cplusplus diff --git a/ctaocrypt/include/hc128.h b/ctaocrypt/include/hc128.h index aa58304d0..7b9b441c9 100644 --- a/ctaocrypt/include/hc128.h +++ b/ctaocrypt/include/hc128.h @@ -44,8 +44,8 @@ typedef struct HC128 { } HC128; -void Hc128_Process(HC128*, byte*, const byte*, word32); -void Hc128_SetKey(HC128*, const byte* key, const byte* iv); +CYASSL_API void Hc128_Process(HC128*, byte*, const byte*, word32); +CYASSL_API void Hc128_SetKey(HC128*, const byte* key, const byte* iv); #ifdef __cplusplus diff --git a/ctaocrypt/include/logging.h b/ctaocrypt/include/logging.h index 7f4a52dee..2ad6be126 100644 --- a/ctaocrypt/include/logging.h +++ b/ctaocrypt/include/logging.h @@ -41,7 +41,7 @@ enum CYA_Log_Levels { typedef void (*CyaSSL_Logging_cb)(const int logLevel, const char *const logMessage); -int CyaSSL_SetLoggingCb(CyaSSL_Logging_cb log_function); +CYASSL_API int CyaSSL_SetLoggingCb(CyaSSL_Logging_cb log_function); #ifdef DEBUG_CYASSL diff --git a/ctaocrypt/include/misc.h b/ctaocrypt/include/misc.h index 63ab10685..4c206a109 100644 --- a/ctaocrypt/include/misc.h +++ b/ctaocrypt/include/misc.h @@ -34,14 +34,21 @@ #ifdef NO_INLINE +CYASSL_LOCAL word32 rotlFixed(word32, word32); +CYASSL_LOCAL word32 rotrFixed(word32, word32); +CYASSL_LOCAL word32 ByteReverseWord32(word32); +CYASSL_LOCAL void ByteReverseWords(word32*, const word32*, word32); +CYASSL_LOCAL void ByteReverseBytes(byte*, const byte*, word32); +CYASSL_LOCAL void XorWords(word*, const word*, word32); +CYASSL_LOCAL void xorbuf(byte*, const byte*, word32); #endif /* NO_INLINE */ diff --git a/ctaocrypt/include/os_settings.h b/ctaocrypt/include/os_settings.h index 8cdb9e1b5..f24b98de0 100644 --- a/ctaocrypt/include/os_settings.h +++ b/ctaocrypt/include/os_settings.h @@ -41,10 +41,12 @@ /* Uncomment next line if using Mbed */ /* #define MBED */ -#ifdef USE_CYASSL_CONFIG +#if defined(USE_CYASSL_CONFIG) || defined(HAVE_CONFIG_H) #include "config.h" /* may not want global HAVE_CONFIG_H */ #endif +#include "visibility.h" + #ifdef IPHONE #define SIZEOF_LONG_LONG 8 #endif diff --git a/ctaocrypt/include/pwdbased.h b/ctaocrypt/include/pwdbased.h index 565a11f88..4866a287f 100644 --- a/ctaocrypt/include/pwdbased.h +++ b/ctaocrypt/include/pwdbased.h @@ -34,13 +34,15 @@ #endif -int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt, - int sLen, int iterations, int kLen, int hashType); -int PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt, - int sLen, int iterations, int kLen, int hashType); - -int PKCS12_PBKDF(byte* output, const byte* passwd, int pLen, const byte* salt, - int sLen, int iterations, int kLen, int hashType, int purpose); +CYASSL_API int PBKDF1(byte* output, const byte* passwd, int pLen, + const byte* salt, int sLen, int iterations, int kLen, + int hashType); +CYASSL_API int PBKDF2(byte* output, const byte* passwd, int pLen, + const byte* salt, int sLen, int iterations, int kLen, + int hashType); +CYASSL_API int PKCS12_PBKDF(byte* output, const byte* passwd, int pLen, + const byte* salt, int sLen, int iterations, + int kLen, int hashType, int purpose); #ifdef __cplusplus diff --git a/ctaocrypt/include/rabbit.h b/ctaocrypt/include/rabbit.h index dd9165dd1..5ad8fb020 100644 --- a/ctaocrypt/include/rabbit.h +++ b/ctaocrypt/include/rabbit.h @@ -47,8 +47,8 @@ typedef struct Rabbit { } Rabbit; -void RabbitProcess(Rabbit*, byte*, const byte*, word32); -void RabbitSetKey(Rabbit*, const byte* key, const byte* iv); +CYASSL_API void RabbitProcess(Rabbit*, byte*, const byte*, word32); +CYASSL_API void RabbitSetKey(Rabbit*, const byte* key, const byte* iv); #ifdef __cplusplus diff --git a/ctaocrypt/include/random.h b/ctaocrypt/include/random.h index f153b1e8b..d21712180 100644 --- a/ctaocrypt/include/random.h +++ b/ctaocrypt/include/random.h @@ -49,6 +49,7 @@ typedef struct OS_Seed { #endif } OS_Seed; +CYASSL_LOCAL int GenerateSeed(OS_Seed* os, byte* seed, word32 sz); @@ -59,9 +60,9 @@ typedef struct RNG { } RNG; -int InitRng(RNG*); -void RNG_GenerateBlock(RNG*, byte*, word32 sz); -byte RNG_GenerateByte(RNG*); +CYASSL_API int InitRng(RNG*); +CYASSL_API void RNG_GenerateBlock(RNG*, byte*, word32 sz); +CYASSL_API byte RNG_GenerateByte(RNG*); #ifdef __cplusplus diff --git a/ctaocrypt/include/sha256.h b/ctaocrypt/include/sha256.h index 811b6f698..45936dd3c 100644 --- a/ctaocrypt/include/sha256.h +++ b/ctaocrypt/include/sha256.h @@ -55,9 +55,9 @@ typedef struct Sha256 { } Sha256; -void InitSha256(Sha256*); -void Sha256Update(Sha256*, const byte*, word32); -void Sha256Final(Sha256*, byte*); +CYASSL_API void InitSha256(Sha256*); +CYASSL_API void Sha256Update(Sha256*, const byte*, word32); +CYASSL_API void Sha256Final(Sha256*, byte*); #ifdef __cplusplus diff --git a/ctaocrypt/include/sha512.h b/ctaocrypt/include/sha512.h index f892a4fb2..765c8b731 100644 --- a/ctaocrypt/include/sha512.h +++ b/ctaocrypt/include/sha512.h @@ -52,9 +52,9 @@ typedef struct Sha512 { } Sha512; -void InitSha512(Sha512*); -void Sha512Update(Sha512*, const byte*, word32); -void Sha512Final(Sha512*, byte*); +CYASSL_API void InitSha512(Sha512*); +CYASSL_API void Sha512Update(Sha512*, const byte*, word32); +CYASSL_API void Sha512Final(Sha512*, byte*); #ifdef __cplusplus diff --git a/ctaocrypt/include/visibility.h b/ctaocrypt/include/visibility.h new file mode 100644 index 000000000..8ed3144c1 --- /dev/null +++ b/ctaocrypt/include/visibility.h @@ -0,0 +1,67 @@ +/* visibility.h + * + * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +/* Visibility control macros */ + +#ifndef CTAO_CRYPT_VISIBILITY_H +#define CTAO_CRYPT_VISIBILITY_H + +/* CYASSL_API is used for the public API symbols. + It either imports or exports (or does nothing for static builds) + + CYASSL_LOCAL is used for non-API symbols (private). +*/ + +#if defined(BUILDING_CYASSL) + #if defined(HAVE_VISIBILITY) && HAVE_VISIBILITY + #define CYASSL_API __attribute__ ((visibility("default"))) + #define CYASSL_LOCAL __attribute__ ((visibility("hidden"))) + #elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550) + #define CYASSL_API __global + #define CYASSL_LOCAL __hidden + #elif defined(_MSC_VER) + #ifdef CYASSL_DLL + #define CYASSL_API extern __declspec(dllexport) + #else + #define CYASSL_API + #endif + #define CYASSL_LOCAL + #else + #define CYASSL_API + #define CYASSL_LOCAL + #endif /* HAVE_VISIBILITY */ +#else /* BUILDING_CYASSL */ + #if defined(_MSC_VER) + #ifdef CYASSL_DLL + #define CYASSL_API extern __declspec(dllimport) + #else + #define CYASSL_API + #endif + #define CYASSL_LOCAL + #else + #define CYASSL_API + #define CYASSL_LOCAL + #endif +#endif /* BUILDING_CYASSL */ + + +#endif /* CTAO_CRYPT_VISIBILITY_H */ + diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index 4726e99a1..970253483 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -27,7 +27,7 @@ static void SignalReady(void* args) } -THREAD_RETURN CYASSL_API echoserver_test(void* args) +THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) { SOCKET_T sockfd = 0; SSL_METHOD* method = 0; diff --git a/examples/server/server.c b/examples/server/server.c index 8c379d363..6780a7c5a 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -39,7 +39,7 @@ #endif -THREAD_RETURN CYASSL_API server_test(void* args) +THREAD_RETURN CYASSL_THREAD server_test(void* args) { SOCKET_T sockfd = 0; int clientfd = 0; diff --git a/include/cyassl_error.h b/include/cyassl_error.h index 3e54f18ea..6ef5e11a8 100644 --- a/include/cyassl_error.h +++ b/include/cyassl_error.h @@ -107,6 +107,7 @@ enum CyaSSL_ErrorCodes { #endif +CYASSL_LOCAL void SetErrorString(int error, char* buffer); diff --git a/include/cyassl_int.h b/include/cyassl_int.h index a84f9d01f..444f1018a 100644 --- a/include/cyassl_int.h +++ b/include/cyassl_int.h @@ -428,13 +428,13 @@ typedef struct ProtocolVersion { } ProtocolVersion; -ProtocolVersion MakeSSLv3(void); -ProtocolVersion MakeTLSv1(void); -ProtocolVersion MakeTLSv1_1(void); -ProtocolVersion MakeTLSv1_2(void); +CYASSL_LOCAL ProtocolVersion MakeSSLv3(void); +CYASSL_LOCAL ProtocolVersion MakeTLSv1(void); +CYASSL_LOCAL ProtocolVersion MakeTLSv1_1(void); +CYASSL_LOCAL ProtocolVersion MakeTLSv1_2(void); #ifdef CYASSL_DTLS - ProtocolVersion MakeDTLSv1(void); + CYASSL_LOCAL ProtocolVersion MakeDTLSv1(void); #endif @@ -475,11 +475,12 @@ struct SSL_METHOD { /* defautls to client */ -void InitSSL_Method(SSL_METHOD*, ProtocolVersion); +CYASSL_LOCAL void InitSSL_Method(SSL_METHOD*, ProtocolVersion); /* for sniffer */ -int DoFinished(SSL* ssl, const byte* input, word32* inOutIdx, int sniff); -int DoApplicationData(SSL* ssl, byte* input, word32* inOutIdx); +CYASSL_LOCAL int DoFinished(SSL* ssl, const byte* input, word32* inOutIdx, + int sniff); +CYASSL_LOCAL int DoApplicationData(SSL* ssl, byte* input, word32* inOutIdx); /* CyaSSL buffer type */ @@ -559,7 +560,9 @@ typedef struct Suites { } Suites; +CYASSL_LOCAL void InitSuites(Suites*, ProtocolVersion, byte, byte, byte, byte, int); +CYASSL_LOCAL int SetCipherList(SSL_CTX* ctx, const char* list); #ifndef PSK_TYPES_DEFINED @@ -572,11 +575,14 @@ int SetCipherList(SSL_CTX* ctx, const char* list); #ifndef CYASSL_USER_IO /* default IO callbacks */ + CYASSL_LOCAL int EmbedReceive(char *buf, int sz, void *ctx); + CYASSL_LOCAL int EmbedSend(char *buf, int sz, void *ctx); #endif #ifdef CYASSL_DTLS + CYASSL_LOCAL int IsUDP(void*); #endif @@ -624,14 +630,21 @@ struct SSL_CTX { }; +CYASSL_LOCAL void InitSSL_Ctx(SSL_CTX*, SSL_METHOD*); +CYASSL_LOCAL void FreeSSL_Ctx(SSL_CTX*); +CYASSL_LOCAL void SSL_CtxResourceFree(SSL_CTX*); +CYASSL_LOCAL int DeriveTlsKeys(SSL* ssl); +CYASSL_LOCAL int ProcessOldClientHello(SSL* ssl, const byte* input, word32* inOutIdx, word32 inSz, word16 sz); +CYASSL_LOCAL int AddCA(SSL_CTX* ctx, buffer der); +CYASSL_LOCAL int IsCA(SSL_CTX* ctx, byte* hash); /* All cipher suite related info */ @@ -813,7 +826,9 @@ struct SSL_SESSION { }; +CYASSL_LOCAL SSL_SESSION* GetSession(SSL*, byte*); +CYASSL_LOCAL int SetSession(SSL*, SSL_SESSION*); typedef void (*hmacfp) (SSL*, byte*, const byte*, word32, int, int); @@ -1038,9 +1053,11 @@ struct SSL { }; +CYASSL_LOCAL int InitSSL(SSL*, SSL_CTX*); +CYASSL_LOCAL void FreeSSL(SSL*); -void SSL_ResourceFree(SSL*); +CYASSL_API void SSL_ResourceFree(SSL*); /* Micrium uses */ enum { @@ -1060,14 +1077,22 @@ typedef struct EncryptedInfo { #ifdef CYASSL_CALLBACKS + CYASSL_LOCAL void InitHandShakeInfo(HandShakeInfo*); + CYASSL_LOCAL void FinishHandShakeInfo(HandShakeInfo*, const SSL*); + CYASSL_LOCAL void AddPacketName(const char*, HandShakeInfo*); + CYASSL_LOCAL void InitTimeoutInfo(TimeoutInfo*); + CYASSL_LOCAL void FreeTimeoutInfo(TimeoutInfo*, void*); + CYASSL_LOCAL void AddPacketInfo(const char*, TimeoutInfo*, const byte*, int, void*); + CYASSL_LOCAL void AddLateName(const char*, TimeoutInfo*); + CYASSL_LOCAL void AddLateRecordHeader(const RecordLayerHeader* rl, TimeoutInfo* info); #endif @@ -1158,41 +1183,41 @@ static const byte tls_server[FINISHED_LABEL_SZ + 1] = "server finished"; /* internal functions */ -int SendChangeCipher(SSL*); -int SendData(SSL*, const void*, int); -int SendCertificate(SSL*); -int SendCertificateRequest(SSL*); -int SendServerKeyExchange(SSL*); -int SendBuffered(SSL*); -int ReceiveData(SSL*, byte*, int); -int SendFinished(SSL*); -int SendAlert(SSL*, int, int); -int ProcessReply(SSL*); +CYASSL_LOCAL int SendChangeCipher(SSL*); +CYASSL_LOCAL int SendData(SSL*, const void*, int); +CYASSL_LOCAL int SendCertificate(SSL*); +CYASSL_LOCAL int SendCertificateRequest(SSL*); +CYASSL_LOCAL int SendServerKeyExchange(SSL*); +CYASSL_LOCAL int SendBuffered(SSL*); +CYASSL_LOCAL int ReceiveData(SSL*, byte*, int); +CYASSL_LOCAL int SendFinished(SSL*); +CYASSL_LOCAL int SendAlert(SSL*, int, int); +CYASSL_LOCAL int ProcessReply(SSL*); -int SetCipherSpecs(SSL*); -int MakeMasterSecret(SSL*); +CYASSL_LOCAL int SetCipherSpecs(SSL*); +CYASSL_LOCAL int MakeMasterSecret(SSL*); -int AddSession(SSL*); -int DeriveKeys(SSL* ssl); -int StoreKeys(SSL* ssl, const byte* keyData); +CYASSL_LOCAL int AddSession(SSL*); +CYASSL_LOCAL int DeriveKeys(SSL* ssl); +CYASSL_LOCAL int StoreKeys(SSL* ssl, const byte* keyData); -int IsTLS(const SSL* ssl); -int IsAtLeastTLSv1_2(const SSL* ssl); +CYASSL_LOCAL int IsTLS(const SSL* ssl); +CYASSL_LOCAL int IsAtLeastTLSv1_2(const SSL* ssl); -void ShrinkInputBuffer(SSL* ssl, int forcedFree); -void ShrinkOutputBuffer(SSL* ssl); +CYASSL_LOCAL void ShrinkInputBuffer(SSL* ssl, int forcedFree); +CYASSL_LOCAL void ShrinkOutputBuffer(SSL* ssl); #ifndef NO_CYASSL_CLIENT - int SendClientHello(SSL*); - int SendClientKeyExchange(SSL*); - int SendCertificateVerify(SSL*); + CYASSL_LOCAL int SendClientHello(SSL*); + CYASSL_LOCAL int SendClientKeyExchange(SSL*); + CYASSL_LOCAL int SendCertificateVerify(SSL*); #endif /* NO_CYASSL_CLIENT */ #ifndef NO_CYASSL_SERVER - int SendServerHello(SSL*); - int SendServerHelloDone(SSL*); + CYASSL_LOCAL int SendServerHello(SSL*); + CYASSL_LOCAL int SendServerHelloDone(SSL*); #ifdef CYASSL_DTLS - int SendHelloVerifyRequest(SSL*); + CYASSL_LOCAL int SendHelloVerifyRequest(SSL*); #endif #endif /* NO_CYASSL_SERVER */ @@ -1206,8 +1231,8 @@ void ShrinkOutputBuffer(SSL* ssl); typedef double timer_d; -timer_d Timer(void); -word32 LowResTimer(void); +CYASSL_LOCAL timer_d Timer(void); +CYASSL_LOCAL word32 LowResTimer(void); #ifdef SINGLE_THREADED @@ -1226,10 +1251,10 @@ word32 LowResTimer(void); #endif /* USE_WINDOWS_API */ #endif /* SINGLE_THREADED */ -int InitMutex(CyaSSL_Mutex*); -int FreeMutex(CyaSSL_Mutex*); -int LockMutex(CyaSSL_Mutex*); -int UnLockMutex(CyaSSL_Mutex*); +CYASSL_LOCAL int InitMutex(CyaSSL_Mutex*); +CYASSL_LOCAL int FreeMutex(CyaSSL_Mutex*); +CYASSL_LOCAL int LockMutex(CyaSSL_Mutex*); +CYASSL_LOCAL int UnLockMutex(CyaSSL_Mutex*); diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index 603943bc1..6e63d2f9f 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -7,8 +7,8 @@ #include "prefix_crypto.h" #endif -const char* SSLeay_version(int type); -unsigned long SSLeay(void); +CYASSL_API const char* SSLeay_version(int type); +CYASSL_API unsigned long SSLeay(void); #define SSLEAY_VERSION 0x0090600fL diff --git a/include/openssl/cyassl_test.h b/include/openssl/cyassl_test.h index 14c2a5904..ef191bdab 100644 --- a/include/openssl/cyassl_test.h +++ b/include/openssl/cyassl_test.h @@ -71,16 +71,16 @@ #ifdef SINGLE_THREADED typedef unsigned int THREAD_RETURN; typedef void* THREAD_TYPE; - #define CYASSL_API + #define CYASSL_THREAD #else #ifndef _POSIX_THREADS typedef unsigned int THREAD_RETURN; typedef HANDLE THREAD_TYPE; - #define CYASSL_API __stdcall + #define CYASSL_THREAD __stdcall #else typedef void* THREAD_RETURN; typedef pthread_t THREAD_TYPE; - #define CYASSL_API + #define CYASSL_THREAD #endif #endif @@ -137,7 +137,7 @@ typedef struct func_args { } func_args; -typedef THREAD_RETURN CYASSL_API THREAD_FUNC(void*); +typedef THREAD_RETURN CYASSL_THREAD THREAD_FUNC(void*); void start_thread(THREAD_FUNC, func_args*, THREAD_TYPE*); void join_thread(THREAD_TYPE); diff --git a/include/openssl/des.h b/include/openssl/des.h index b74409b2a..0a48db3b9 100644 --- a/include/openssl/des.h +++ b/include/openssl/des.h @@ -49,18 +49,18 @@ enum { }; -void DES_set_key_unchecked(const_DES_cblock*, DES_key_schedule*); -int DES_key_sched(const_DES_cblock* key, DES_key_schedule* schedule); -void DES_cbc_encrypt(const unsigned char* input, unsigned char* output, - long length, DES_key_schedule* schedule, DES_cblock* ivec, - int enc); -void DES_ncbc_encrypt(const unsigned char* input, unsigned char* output, - long length, DES_key_schedule* schedule, DES_cblock* ivec, - int enc); +CYASSL_API void DES_set_key_unchecked(const_DES_cblock*, DES_key_schedule*); +CYASSL_API int DES_key_sched(const_DES_cblock* key,DES_key_schedule* schedule); +CYASSL_API void DES_cbc_encrypt(const unsigned char* input, + unsigned char* output, long length, + DES_key_schedule* schedule, DES_cblock* ivec, int enc); +CYASSL_API void DES_ncbc_encrypt(const unsigned char* input, + unsigned char* output, long length, + DES_key_schedule* schedule, DES_cblock* ivec, int enc); - -void DES_set_odd_parity(DES_cblock*); -void DES_ecb_encrypt(DES_cblock*, DES_cblock*, DES_key_schedule*, int); +CYASSL_API void DES_set_odd_parity(DES_cblock*); +CYASSL_API void DES_ecb_encrypt(DES_cblock*, DES_cblock*, DES_key_schedule*, + int); #ifdef __cplusplus } /* extern "C" */ diff --git a/include/openssl/evp.h b/include/openssl/evp.h index b50477f21..fc427589f 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -44,8 +44,8 @@ typedef char EVP_MD; typedef char EVP_CIPHER; -const EVP_MD* EVP_md5(void); -const EVP_MD* EVP_sha1(void); +CYASSL_API const EVP_MD* EVP_md5(void); +CYASSL_API const EVP_MD* EVP_sha1(void); typedef union { @@ -60,16 +60,19 @@ typedef struct EVP_MD_CTX { } EVP_MD_CTX; -void EVP_MD_CTX_init(EVP_MD_CTX* ctx); -int EVP_MD_CTX_cleanup(EVP_MD_CTX* ctx); +CYASSL_API void EVP_MD_CTX_init(EVP_MD_CTX* ctx); +CYASSL_API int EVP_MD_CTX_cleanup(EVP_MD_CTX* ctx); -int EVP_DigestInit(EVP_MD_CTX* ctx, const EVP_MD* type); -int EVP_DigestUpdate(EVP_MD_CTX* ctx, const void* data, unsigned long sz); -int EVP_DigestFinal(EVP_MD_CTX* ctx, unsigned char* md, unsigned int* s); -int EVP_DigestFinal_ex(EVP_MD_CTX* ctx, unsigned char* md, unsigned int* s); - -int EVP_BytesToKey(const EVP_CIPHER*, const EVP_MD*, const unsigned char*, - const unsigned char*, int, int, unsigned char*, unsigned char*); +CYASSL_API int EVP_DigestInit(EVP_MD_CTX* ctx, const EVP_MD* type); +CYASSL_API int EVP_DigestUpdate(EVP_MD_CTX* ctx, const void* data, + unsigned long sz); +CYASSL_API int EVP_DigestFinal(EVP_MD_CTX* ctx, unsigned char* md, + unsigned int* s); +CYASSL_API int EVP_DigestFinal_ex(EVP_MD_CTX* ctx, unsigned char* md, + unsigned int* s); +CYASSL_API int EVP_BytesToKey(const EVP_CIPHER*, const EVP_MD*, + const unsigned char*, const unsigned char*, + int, int, unsigned char*, unsigned char*); #ifdef __cplusplus } /* extern "C" */ diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h index 960365038..8cd40b1d2 100644 --- a/include/openssl/hmac.h +++ b/include/openssl/hmac.h @@ -40,8 +40,9 @@ #endif -unsigned char* HMAC(const EVP_MD* evp_md, const void* key, int key_len, - const unsigned char* d, int n, unsigned char* md, unsigned int* md_len); +CYASSL_API unsigned char* HMAC(const EVP_MD* evp_md, const void* key, + int key_len, const unsigned char* d, int n, + unsigned char* md, unsigned int* md_len); #ifdef __cplusplus diff --git a/include/openssl/md5.h b/include/openssl/md5.h index 467db4cc8..5b5341f4e 100644 --- a/include/openssl/md5.h +++ b/include/openssl/md5.h @@ -17,9 +17,9 @@ typedef struct MD5_CTX { int holder[24]; /* big enough to hold ctaocrypt md5, but check on init */ } MD5_CTX; -void MD5_Init(MD5_CTX*); -void MD5_Update(MD5_CTX*, const void*, unsigned long); -void MD5_Final(unsigned char*, MD5_CTX*); +CYASSL_API void MD5_Init(MD5_CTX*); +CYASSL_API void MD5_Update(MD5_CTX*, const void*, unsigned long); +CYASSL_API void MD5_Final(unsigned char*, MD5_CTX*); diff --git a/include/openssl/sha.h b/include/openssl/sha.h index 804722200..6fc9fe252 100644 --- a/include/openssl/sha.h +++ b/include/openssl/sha.h @@ -17,14 +17,14 @@ typedef struct SHA_CTX { int holder[24]; /* big enough to hold ctaocrypt sha, but check on init */ } SHA_CTX; -void SHA_Init(SHA_CTX*); -void SHA_Update(SHA_CTX*, const void*, unsigned long); -void SHA_Final(unsigned char*, SHA_CTX*); +CYASSL_API void SHA_Init(SHA_CTX*); +CYASSL_API void SHA_Update(SHA_CTX*, const void*, unsigned long); +CYASSL_API void SHA_Final(unsigned char*, SHA_CTX*); /* SHA1 points to above, shouldn't use SHA0 ever */ -void SHA1_Init(SHA_CTX*); -void SHA1_Update(SHA_CTX*, const void*, unsigned long); -void SHA1_Final(unsigned char*, SHA_CTX*); +CYASSL_API void SHA1_Init(SHA_CTX*); +CYASSL_API void SHA1_Update(SHA_CTX*, const void*, unsigned long); +CYASSL_API void SHA1_Final(unsigned char*, SHA_CTX*); enum { SHA_DIGEST_LENGTH = 20 diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 7d8145552..f3ed78a5f 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -125,246 +125,251 @@ typedef struct X509_STORE_CTX { } X509_STORE_CTX; -SSL_METHOD *SSLv3_server_method(void); -SSL_METHOD *SSLv3_client_method(void); -SSL_METHOD *TLSv1_server_method(void); -SSL_METHOD *TLSv1_client_method(void); -SSL_METHOD *TLSv1_1_server_method(void); -SSL_METHOD *TLSv1_1_client_method(void); -SSL_METHOD *TLSv1_2_server_method(void); -SSL_METHOD *TLSv1_2_client_method(void); +CYASSL_API SSL_METHOD *SSLv3_server_method(void); +CYASSL_API SSL_METHOD *SSLv3_client_method(void); +CYASSL_API SSL_METHOD *TLSv1_server_method(void); +CYASSL_API SSL_METHOD *TLSv1_client_method(void); +CYASSL_API SSL_METHOD *TLSv1_1_server_method(void); +CYASSL_API SSL_METHOD *TLSv1_1_client_method(void); +CYASSL_API SSL_METHOD *TLSv1_2_server_method(void); +CYASSL_API SSL_METHOD *TLSv1_2_client_method(void); #ifdef CYASSL_DTLS - SSL_METHOD *DTLSv1_client_method(void); - SSL_METHOD *DTLSv1_server_method(void); + CYASSL_API SSL_METHOD *DTLSv1_client_method(void); + CYASSL_API SSL_METHOD *DTLSv1_server_method(void); #endif #ifndef NO_FILESYSTEM -int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int); -int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int); -int SSL_CTX_load_verify_locations(SSL_CTX*, const char*, const char*); -int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); -int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int); +CYASSL_API int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int); +CYASSL_API int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int); +CYASSL_API int SSL_CTX_load_verify_locations(SSL_CTX*, const char*,const char*); +CYASSL_API int SSL_CTX_use_certificate_chain_file(SSL_CTX *, const char *file); +CYASSL_API int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int); #ifdef CYASSL_DER_LOAD - int CyaSSL_CTX_load_verify_locations(SSL_CTX*, const char*, int); + CYASSL_API int CyaSSL_CTX_load_verify_locations(SSL_CTX*, const char*, int); #endif #ifdef HAVE_NTRU - int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU - private key blob */ + CYASSL_API int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); + /* load NTRU private key blob */ #endif -int CyaSSL_PemCertToDer(const char*, unsigned char*, int); +CYASSL_API int CyaSSL_PemCertToDer(const char*, unsigned char*, int); #endif /* NO_FILESYSTEM */ -SSL_CTX* SSL_CTX_new(SSL_METHOD*); -SSL* SSL_new(SSL_CTX*); -int SSL_set_fd (SSL*, int); -int SSL_get_fd(const SSL*); -int SSL_connect(SSL*); /* please see note at top of README +CYASSL_API SSL_CTX* SSL_CTX_new(SSL_METHOD*); +CYASSL_API SSL* SSL_new(SSL_CTX*); +CYASSL_API int SSL_set_fd (SSL*, int); +CYASSL_API int SSL_get_fd(const SSL*); +CYASSL_API int SSL_connect(SSL*); /* please see note at top of README if you get an error from connect */ -int SSL_write(SSL*, const void*, int); -int SSL_read(SSL*, void*, int); -int SSL_accept(SSL*); -void SSL_CTX_free(SSL_CTX*); -void SSL_free(SSL*); -int SSL_shutdown(SSL*); +CYASSL_API int SSL_write(SSL*, const void*, int); +CYASSL_API int SSL_read(SSL*, void*, int); +CYASSL_API int SSL_accept(SSL*); +CYASSL_API void SSL_CTX_free(SSL_CTX*); +CYASSL_API void SSL_free(SSL*); +CYASSL_API int SSL_shutdown(SSL*); -void SSL_CTX_set_quiet_shutdown(SSL_CTX*, int); +CYASSL_API void SSL_CTX_set_quiet_shutdown(SSL_CTX*, int); -int SSL_get_error(SSL*, int); +CYASSL_API int SSL_get_error(SSL*, int); -int SSL_set_session(SSL *ssl, SSL_SESSION *session); -SSL_SESSION* SSL_get_session(SSL* ssl); -void SSL_flush_sessions(SSL_CTX *ctx, long tm); +CYASSL_API int SSL_set_session(SSL *ssl, SSL_SESSION *session); +CYASSL_API SSL_SESSION* SSL_get_session(SSL* ssl); +CYASSL_API void SSL_flush_sessions(SSL_CTX *ctx, long tm); typedef int (*VerifyCallback)(int, X509_STORE_CTX*); typedef int (*pem_password_cb)(char*, int, int, void*); -void SSL_CTX_set_verify(SSL_CTX*, int, VerifyCallback verify_callback); +CYASSL_API void SSL_CTX_set_verify(SSL_CTX*,int,VerifyCallback verify_callback); -int SSL_pending(SSL*); +CYASSL_API int SSL_pending(SSL*); -void SSL_load_error_strings(void); -int SSL_library_init(void); -long SSL_CTX_set_session_cache_mode(SSL_CTX*, long); +CYASSL_API void SSL_load_error_strings(void); +CYASSL_API int SSL_library_init(void); +CYASSL_API long SSL_CTX_set_session_cache_mode(SSL_CTX*, long); /* only supports full name from cipher_name[] delimited by : */ -int SSL_CTX_set_cipher_list(SSL_CTX*, const char*); +CYASSL_API int SSL_CTX_set_cipher_list(SSL_CTX*, const char*); -char* ERR_error_string(unsigned long,char*); -void ERR_error_string_n(unsigned long e, char *buf, unsigned long len); +CYASSL_API char* ERR_error_string(unsigned long,char*); +CYASSL_API void ERR_error_string_n(unsigned long e,char *buf,unsigned long sz); /* extras */ #define STACK_OF(x) x -int SSL_set_ex_data(SSL*, int, void*); -int SSL_get_shutdown(const SSL*); -int SSL_set_rfd(SSL*, int); -int SSL_set_wfd(SSL*, int); -void SSL_set_shutdown(SSL*, int); -int SSL_set_session_id_context(SSL*, const unsigned char*, unsigned int); -void SSL_set_connect_state(SSL*); -void SSL_set_accept_state(SSL*); -int SSL_session_reused(SSL*); -void SSL_SESSION_free(SSL_SESSION* session); +CYASSL_API int SSL_set_ex_data(SSL*, int, void*); +CYASSL_API int SSL_get_shutdown(const SSL*); +CYASSL_API int SSL_set_rfd(SSL*, int); +CYASSL_API int SSL_set_wfd(SSL*, int); +CYASSL_API void SSL_set_shutdown(SSL*, int); +CYASSL_API int SSL_set_session_id_context(SSL*, const unsigned char*, + unsigned int); +CYASSL_API void SSL_set_connect_state(SSL*); +CYASSL_API void SSL_set_accept_state(SSL*); +CYASSL_API int SSL_session_reused(SSL*); +CYASSL_API void SSL_SESSION_free(SSL_SESSION* session); -const char* SSL_get_version(SSL*); -SSL_CIPHER* SSL_get_current_cipher(SSL*); -char* SSL_CIPHER_description(SSL_CIPHER*, char*, int); -const char* SSL_CIPHER_get_name(const SSL_CIPHER* cipher); -SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */ +CYASSL_API const char* SSL_get_version(SSL*); +CYASSL_API SSL_CIPHER* SSL_get_current_cipher(SSL*); +CYASSL_API char* SSL_CIPHER_description(SSL_CIPHER*, char*, int); +CYASSL_API const char* SSL_CIPHER_get_name(const SSL_CIPHER* cipher); +CYASSL_API SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */ -void X509_free(X509*); -void OPENSSL_free(void*); +CYASSL_API void X509_free(X509*); +CYASSL_API void OPENSSL_free(void*); -int OCSP_parse_url(char* url, char** host, char** port, char** path, int* ssl); +CYASSL_API int OCSP_parse_url(char* url, char** host, char** port, char** path, + int* ssl); -SSL_METHOD* SSLv23_client_method(void); -SSL_METHOD* SSLv2_client_method(void); -SSL_METHOD* SSLv2_server_method(void); +CYASSL_API SSL_METHOD* SSLv23_client_method(void); +CYASSL_API SSL_METHOD* SSLv2_client_method(void); +CYASSL_API SSL_METHOD* SSLv2_server_method(void); -void MD4_Init(MD4_CTX*); -void MD4_Update(MD4_CTX*, const void*, unsigned long); -void MD4_Final(unsigned char*, MD4_CTX*); +CYASSL_API void MD4_Init(MD4_CTX*); +CYASSL_API void MD4_Update(MD4_CTX*, const void*, unsigned long); +CYASSL_API void MD4_Final(unsigned char*, MD4_CTX*); -BIO* BIO_new(BIO_METHOD*); -int BIO_free(BIO*); -int BIO_free_all(BIO*); -int BIO_read(BIO*, void*, int); -int BIO_write(BIO*, const void*, int); -BIO* BIO_push(BIO*, BIO* append); -BIO* BIO_pop(BIO*); -int BIO_flush(BIO*); -int BIO_pending(BIO*); +CYASSL_API BIO* BIO_new(BIO_METHOD*); +CYASSL_API int BIO_free(BIO*); +CYASSL_API int BIO_free_all(BIO*); +CYASSL_API int BIO_read(BIO*, void*, int); +CYASSL_API int BIO_write(BIO*, const void*, int); +CYASSL_API BIO* BIO_push(BIO*, BIO* append); +CYASSL_API BIO* BIO_pop(BIO*); +CYASSL_API int BIO_flush(BIO*); +CYASSL_API int BIO_pending(BIO*); -BIO_METHOD* BIO_f_buffer(void); -long BIO_set_write_buffer_size(BIO*, long size); -BIO_METHOD* BIO_f_ssl(void); -BIO* BIO_new_socket(int sfd, int flag); -void SSL_set_bio(SSL*, BIO* rd, BIO* wr); -int BIO_eof(BIO*); -long BIO_set_ssl(BIO*, SSL*, int flag); +CYASSL_API BIO_METHOD* BIO_f_buffer(void); +CYASSL_API long BIO_set_write_buffer_size(BIO*, long size); +CYASSL_API BIO_METHOD* BIO_f_ssl(void); +CYASSL_API BIO* BIO_new_socket(int sfd, int flag); +CYASSL_API void SSL_set_bio(SSL*, BIO* rd, BIO* wr); +CYASSL_API int BIO_eof(BIO*); +CYASSL_API long BIO_set_ssl(BIO*, SSL*, int flag); -BIO_METHOD* BIO_s_mem(void); -BIO_METHOD* BIO_f_base64(void); -void BIO_set_flags(BIO*, int); +CYASSL_API BIO_METHOD* BIO_s_mem(void); +CYASSL_API BIO_METHOD* BIO_f_base64(void); +CYASSL_API void BIO_set_flags(BIO*, int); -void OpenSSL_add_all_algorithms(void); -int SSLeay_add_ssl_algorithms(void); -int SSLeay_add_all_algorithms(void); +CYASSL_API void OpenSSL_add_all_algorithms(void); +CYASSL_API int SSLeay_add_ssl_algorithms(void); +CYASSL_API int SSLeay_add_all_algorithms(void); -void RAND_screen(void); -const char* RAND_file_name(char*, unsigned long); -int RAND_write_file(const char*); -int RAND_load_file(const char*, long); -int RAND_egd(const char*); +CYASSL_API void RAND_screen(void); +CYASSL_API const char* RAND_file_name(char*, unsigned long); +CYASSL_API int RAND_write_file(const char*); +CYASSL_API int RAND_load_file(const char*, long); +CYASSL_API int RAND_egd(const char*); -COMP_METHOD* COMP_zlib(void); -COMP_METHOD* COMP_rle(void); -int SSL_COMP_add_compression_method(int, void*); +CYASSL_API COMP_METHOD* COMP_zlib(void); +CYASSL_API COMP_METHOD* COMP_rle(void); +CYASSL_API int SSL_COMP_add_compression_method(int, void*); -int SSL_get_ex_new_index(long, void*, void*, void*, void*); +CYASSL_API int SSL_get_ex_new_index(long, void*, void*, void*, void*); -void CRYPTO_set_id_callback(unsigned long (*f)(void)); -void CRYPTO_set_locking_callback(void (*f)(int, int, const char*, int)); -void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value* (*f)(const char*, - int)); -void CRYPTO_set_dynlock_lock_callback(void (*f)(int, CRYPTO_dynlock_value*, - const char*, int)); -void CRYPTO_set_dynlock_destroy_callback(void (*f)(CRYPTO_dynlock_value*, - const char*, int)); +CYASSL_API void CRYPTO_set_id_callback(unsigned long (*f)(void)); +CYASSL_API void CRYPTO_set_locking_callback(void (*f)(int, int, const char*, + int)); +CYASSL_API void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value* (*f) + (const char*, int)); +CYASSL_API void CRYPTO_set_dynlock_lock_callback(void (*f)(int, + CRYPTO_dynlock_value*, const char*, int)); +CYASSL_API void CRYPTO_set_dynlock_destroy_callback(void (*f) + (CRYPTO_dynlock_value*, const char*, int)); -X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*); -int X509_STORE_CTX_get_error(X509_STORE_CTX*); -int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*); +CYASSL_API X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*); +CYASSL_API int X509_STORE_CTX_get_error(X509_STORE_CTX*); +CYASSL_API int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*); -char* X509_NAME_oneline(X509_NAME*, char*, int); -X509_NAME* X509_get_issuer_name(X509*); -X509_NAME* X509_get_subject_name(X509*); -const char* X509_verify_cert_error_string(long); +CYASSL_API char* X509_NAME_oneline(X509_NAME*, char*, int); +CYASSL_API X509_NAME* X509_get_issuer_name(X509*); +CYASSL_API X509_NAME* X509_get_subject_name(X509*); +CYASSL_API const char* X509_verify_cert_error_string(long); -int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long); -int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long); -X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void); -X509_LOOKUP_METHOD* X509_LOOKUP_file(void); +CYASSL_API int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long); +CYASSL_API int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long); +CYASSL_API X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void); +CYASSL_API X509_LOOKUP_METHOD* X509_LOOKUP_file(void); -X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*); -X509_STORE* X509_STORE_new(void); -int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*, - X509_OBJECT*); -int X509_STORE_CTX_init(X509_STORE_CTX*, X509_STORE*, X509*, STACK_OF(X509)*); -void X509_STORE_CTX_cleanup(X509_STORE_CTX*); +CYASSL_API X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*); +CYASSL_API X509_STORE* X509_STORE_new(void); +CYASSL_API int X509_STORE_get_by_subject(X509_STORE_CTX*, int, + X509_NAME*, X509_OBJECT*); +CYASSL_API int X509_STORE_CTX_init(X509_STORE_CTX*, X509_STORE*, X509*, + STACK_OF(X509)*); +CYASSL_API void X509_STORE_CTX_cleanup(X509_STORE_CTX*); -ASN1_TIME* X509_CRL_get_lastUpdate(X509_CRL*); -ASN1_TIME* X509_CRL_get_nextUpdate(X509_CRL*); +CYASSL_API ASN1_TIME* X509_CRL_get_lastUpdate(X509_CRL*); +CYASSL_API ASN1_TIME* X509_CRL_get_nextUpdate(X509_CRL*); -EVP_PKEY* X509_get_pubkey(X509*); -int X509_CRL_verify(X509_CRL*, EVP_PKEY*); -void X509_STORE_CTX_set_error(X509_STORE_CTX*, int); -void X509_OBJECT_free_contents(X509_OBJECT*); -void EVP_PKEY_free(EVP_PKEY*); -int X509_cmp_current_time(const ASN1_TIME*); -int sk_X509_REVOKED_num(X509_REVOKED*); +CYASSL_API EVP_PKEY* X509_get_pubkey(X509*); +CYASSL_API int X509_CRL_verify(X509_CRL*, EVP_PKEY*); +CYASSL_API void X509_STORE_CTX_set_error(X509_STORE_CTX*, int); +CYASSL_API void X509_OBJECT_free_contents(X509_OBJECT*); +CYASSL_API void EVP_PKEY_free(EVP_PKEY*); +CYASSL_API int X509_cmp_current_time(const ASN1_TIME*); +CYASSL_API int sk_X509_REVOKED_num(X509_REVOKED*); -X509_REVOKED* X509_CRL_get_REVOKED(X509_CRL*); -X509_REVOKED* sk_X509_REVOKED_value(X509_REVOKED*, int); +CYASSL_API X509_REVOKED* X509_CRL_get_REVOKED(X509_CRL*); +CYASSL_API X509_REVOKED* sk_X509_REVOKED_value(X509_REVOKED*, int); -ASN1_INTEGER* X509_get_serialNumber(X509*); +CYASSL_API ASN1_INTEGER* X509_get_serialNumber(X509*); -int ASN1_TIME_print(BIO*, const ASN1_TIME*); +CYASSL_API int ASN1_TIME_print(BIO*, const ASN1_TIME*); -int ASN1_INTEGER_cmp(const ASN1_INTEGER*, const ASN1_INTEGER*); -long ASN1_INTEGER_get(const ASN1_INTEGER*); +CYASSL_API int ASN1_INTEGER_cmp(const ASN1_INTEGER*, const ASN1_INTEGER*); +CYASSL_API long ASN1_INTEGER_get(const ASN1_INTEGER*); -STACK_OF(X509_NAME)* SSL_load_client_CA_file(const char*); +CYASSL_API STACK_OF(X509_NAME)* SSL_load_client_CA_file(const char*); -void SSL_CTX_set_client_CA_list(SSL_CTX*, STACK_OF(X509_NAME)*); -void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX*, int); -int SSL_get_ex_data_X509_STORE_CTX_idx(void); -void* SSL_get_ex_data(const SSL*, int); +CYASSL_API void SSL_CTX_set_client_CA_list(SSL_CTX*, STACK_OF(X509_NAME)*); +CYASSL_API void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX*, int); +CYASSL_API int SSL_get_ex_data_X509_STORE_CTX_idx(void); +CYASSL_API void* SSL_get_ex_data(const SSL*, int); -void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata); -void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb); +CYASSL_API void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*,void* userdata); +CYASSL_API void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb); -long SSL_CTX_set_timeout(SSL_CTX*, long); -void SSL_CTX_set_info_callback(SSL_CTX*, void (*)(void)); +CYASSL_API long SSL_CTX_set_timeout(SSL_CTX*, long); +CYASSL_API void SSL_CTX_set_info_callback(SSL_CTX*, void (*)(void)); -unsigned long ERR_peek_error(void); -int ERR_GET_REASON(int); +CYASSL_API unsigned long ERR_peek_error(void); +CYASSL_API int ERR_GET_REASON(int); -char* SSL_alert_type_string_long(int); -char* SSL_alert_desc_string_long(int); -char* SSL_state_string_long(SSL*); +CYASSL_API char* SSL_alert_type_string_long(int); +CYASSL_API char* SSL_alert_desc_string_long(int); +CYASSL_API char* SSL_state_string_long(SSL*); -void RSA_free(RSA*); -RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*); -void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int)); +CYASSL_API void RSA_free(RSA*); +CYASSL_API RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), + void*); +CYASSL_API void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int)); -int PEM_def_callback(char*, int num, int w, void* key); +CYASSL_API int PEM_def_callback(char*, int num, int w, void* key); -long SSL_CTX_sess_accept(SSL_CTX*); -long SSL_CTX_sess_connect(SSL_CTX*); -long SSL_CTX_sess_accept_good(SSL_CTX*); -long SSL_CTX_sess_connect_good(SSL_CTX*); -long SSL_CTX_sess_accept_renegotiate(SSL_CTX*); -long SSL_CTX_sess_connect_renegotiate(SSL_CTX*); -long SSL_CTX_sess_hits(SSL_CTX*); -long SSL_CTX_sess_cb_hits(SSL_CTX*); -long SSL_CTX_sess_cache_full(SSL_CTX*); -long SSL_CTX_sess_misses(SSL_CTX*); -long SSL_CTX_sess_timeouts(SSL_CTX*); -long SSL_CTX_sess_number(SSL_CTX*); -long SSL_CTX_sess_get_cache_size(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_accept(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_connect(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_accept_good(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_connect_good(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_accept_renegotiate(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_connect_renegotiate(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_hits(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_cb_hits(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_cache_full(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_misses(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_timeouts(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_number(SSL_CTX*); +CYASSL_API long SSL_CTX_sess_get_cache_size(SSL_CTX*); #define SSL_DEFAULT_CIPHER_LIST "" /* default all */ @@ -463,7 +468,7 @@ enum { #ifndef NO_FILESYSTEM /* CyaSSL extension, provide last error from SSL_get_error since not using thread storage error queue */ -void ERR_print_errors_fp(FILE*, int err); +CYASSL_API void ERR_print_errors_fp(FILE*, int err); #endif enum { /* ssl Constants */ @@ -522,20 +527,22 @@ enum { /* ssl Constants */ #ifndef NO_PSK typedef unsigned int (*psk_client_callback)(SSL*, const char*, char*, - unsigned int, unsigned char*, unsigned int); - void SSL_CTX_set_psk_client_callback(SSL_CTX*, psk_client_callback); - void SSL_set_psk_client_callback(SSL*, psk_client_callback); + unsigned int, unsigned char*, unsigned int); + CYASSL_API void SSL_CTX_set_psk_client_callback(SSL_CTX*, + psk_client_callback); + CYASSL_API void SSL_set_psk_client_callback(SSL*, psk_client_callback); - const char* SSL_get_psk_identity_hint(const SSL*); - const char* SSL_get_psk_identity(const SSL*); + CYASSL_API const char* SSL_get_psk_identity_hint(const SSL*); + CYASSL_API const char* SSL_get_psk_identity(const SSL*); - int SSL_CTX_use_psk_identity_hint(SSL_CTX*, const char*); - int SSL_use_psk_identity_hint(SSL*, const char*); + CYASSL_API int SSL_CTX_use_psk_identity_hint(SSL_CTX*, const char*); + CYASSL_API int SSL_use_psk_identity_hint(SSL*, const char*); typedef unsigned int (*psk_server_callback)(SSL*, const char*, unsigned char*, unsigned int); - void SSL_CTX_set_psk_server_callback(SSL_CTX*, psk_server_callback); - void SSL_set_psk_server_callback(SSL*, psk_server_callback); + CYASSL_API void SSL_CTX_set_psk_server_callback(SSL_CTX*, + psk_server_callback); + CYASSL_API void SSL_set_psk_server_callback(SSL*, psk_server_callback); #define PSK_TYPES_DEFINED #endif /* NO_PSK */ @@ -547,59 +554,62 @@ enum { /* ERR Constants */ ERR_TXT_STRING = 1 }; -unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *); +CYASSL_API unsigned long ERR_get_error_line_data(const char**, int*, + const char**, int *); -unsigned long ERR_get_error(void); -void ERR_clear_error(void); +CYASSL_API unsigned long ERR_get_error(void); +CYASSL_API void ERR_clear_error(void); -int RAND_status(void); -int RAND_bytes(unsigned char* buf, int num); -SSL_METHOD *SSLv23_server_method(void); -long SSL_CTX_set_options(SSL_CTX*, long); -int SSL_CTX_check_private_key(SSL_CTX*); +CYASSL_API int RAND_status(void); +CYASSL_API int RAND_bytes(unsigned char* buf, int num); +CYASSL_API SSL_METHOD *SSLv23_server_method(void); +CYASSL_API long SSL_CTX_set_options(SSL_CTX*, long); +CYASSL_API int SSL_CTX_check_private_key(SSL_CTX*); -void ERR_free_strings(void); -void ERR_remove_state(unsigned long); -void EVP_cleanup(void); +CYASSL_API void ERR_free_strings(void); +CYASSL_API void ERR_remove_state(unsigned long); +CYASSL_API void EVP_cleanup(void); -void CRYPTO_cleanup_all_ex_data(void); -long SSL_CTX_set_mode(SSL_CTX* ctx, long mode); -long SSL_CTX_get_mode(SSL_CTX* ctx); -void SSL_CTX_set_default_read_ahead(SSL_CTX* ctx, int m); +CYASSL_API void CRYPTO_cleanup_all_ex_data(void); +CYASSL_API long SSL_CTX_set_mode(SSL_CTX* ctx, long mode); +CYASSL_API long SSL_CTX_get_mode(SSL_CTX* ctx); +CYASSL_API void SSL_CTX_set_default_read_ahead(SSL_CTX* ctx, int m); -long SSL_CTX_sess_set_cache_size(SSL_CTX*, long); +CYASSL_API long SSL_CTX_sess_set_cache_size(SSL_CTX*, long); -int SSL_CTX_set_default_verify_paths(SSL_CTX*); -int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*, +CYASSL_API int SSL_CTX_set_default_verify_paths(SSL_CTX*); +CYASSL_API int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*, unsigned int); -X509* SSL_get_peer_certificate(SSL* ssl); +CYASSL_API X509* SSL_get_peer_certificate(SSL* ssl); -int SSL_want_read(SSL*); -int SSL_want_write(SSL*); +CYASSL_API int SSL_want_read(SSL*); +CYASSL_API int SSL_want_write(SSL*); -int BIO_printf(BIO*, const char*, ...); -int ASN1_UTCTIME_print(BIO*, const ASN1_UTCTIME*); +CYASSL_API int BIO_printf(BIO*, const char*, ...); +CYASSL_API int ASN1_UTCTIME_print(BIO*, const ASN1_UTCTIME*); -int sk_num(X509_REVOKED*); -void* sk_value(X509_REVOKED*, int); +CYASSL_API int sk_num(X509_REVOKED*); +CYASSL_API void* sk_value(X509_REVOKED*, int); /* stunnel 4.28 needs */ -void* SSL_CTX_get_ex_data(const SSL_CTX*, int); -int SSL_CTX_set_ex_data(SSL_CTX*, int, void*); -void SSL_CTX_sess_set_get_cb(SSL_CTX*, SSL_SESSION*(*f)(SSL*, unsigned char*, - int, int*)); -void SSL_CTX_sess_set_new_cb(SSL_CTX*, int (*f)(SSL*, SSL_SESSION*)); -void SSL_CTX_sess_set_remove_cb(SSL_CTX*, void (*f)(SSL_CTX*, SSL_SESSION*)); +CYASSL_API void* SSL_CTX_get_ex_data(const SSL_CTX*, int); +CYASSL_API int SSL_CTX_set_ex_data(SSL_CTX*, int, void*); +CYASSL_API void SSL_CTX_sess_set_get_cb(SSL_CTX*, SSL_SESSION*(*f)(SSL*, + unsigned char*, int, int*)); +CYASSL_API void SSL_CTX_sess_set_new_cb(SSL_CTX*, int (*f)(SSL*,SSL_SESSION*)); +CYASSL_API void SSL_CTX_sess_set_remove_cb(SSL_CTX*, void (*f)(SSL_CTX*, + SSL_SESSION*)); -int i2d_SSL_SESSION(SSL_SESSION*, unsigned char**); -SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION**,const unsigned char**, long); +CYASSL_API int i2d_SSL_SESSION(SSL_SESSION*, unsigned char**); +CYASSL_API SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION**,const unsigned char**, + long); -long SSL_SESSION_get_timeout(const SSL_SESSION*); -long SSL_SESSION_get_time(const SSL_SESSION*); -int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*); +CYASSL_API long SSL_SESSION_get_timeout(const SSL_SESSION*); +CYASSL_API long SSL_SESSION_get_time(const SSL_SESSION*); +CYASSL_API int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*); /* extra ends */ @@ -608,61 +618,79 @@ int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*); /* call before SSL_connect, if verifying will add name check to date check and signature check */ -int CyaSSL_check_domain_name(SSL* ssl, const char* dn); +CYASSL_API int CyaSSL_check_domain_name(SSL* ssl, const char* dn); -int InitCyaSSL(void); /* need to call once to load library (session cache) */ -int FreeCyaSSL(void); /* call when done to free session cache mutex */ +/* need to call once to load library (session cache) */ +CYASSL_API int InitCyaSSL(void); +/* call when done to free session cache mutex */ +CYASSL_API int FreeCyaSSL(void); -int CyaSSL_Debugging_ON(void); /* turn logging on, only if compiled in */ -void CyaSSL_Debugging_OFF(void); /* turn logging off */ +/* turn logging on, only if compiled in */ +CYASSL_API int CyaSSL_Debugging_ON(void); +/* turn logging off */ +CYASSL_API void CyaSSL_Debugging_OFF(void); -int CyaSSL_negotiate(SSL* ssl); /* do accept or connect depedning on side */ -int CyaSSL_set_compression(SSL* ssl); /* turn on CyaSSL data compression */ +/* do accept or connect depedning on side */ +CYASSL_API int CyaSSL_negotiate(SSL* ssl); +/* turn on CyaSSL data compression */ +CYASSL_API int CyaSSL_set_compression(SSL* ssl); -int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU - private key blob */ -X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl); /* get CyaSSL peer X509_CHAIN */ -int CyaSSL_get_chain_count(X509_CHAIN* chain); /* peer chain count */ -int CyaSSL_get_chain_length(X509_CHAIN*, int idx); /* index cert length */ -unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx); /* index cert */ -int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx, unsigned char* buffer, - int inLen, int* outLen); /* get index cert in PEM */ -const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* session); -int CyaSSL_X509_get_serial_number(X509*, unsigned char*, int*); +/* load NTRU private key blob */ +CYASSL_API int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); +/* get CyaSSL peer X509_CHAIN */ +CYASSL_API X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl); +/* peer chain count */ +CYASSL_API int CyaSSL_get_chain_count(X509_CHAIN* chain); +/* index cert length */ +CYASSL_API int CyaSSL_get_chain_length(X509_CHAIN*, int idx); +/* index cert */ +CYASSL_API unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx); +/* get index cert in PEM */ +CYASSL_API int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx, + unsigned char* buffer, int inLen, int* outLen); +CYASSL_API const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* sess); +CYASSL_API int CyaSSL_X509_get_serial_number(X509*, unsigned char*, int*); /* server CTX Diffie-Hellman parameters */ -int CyaSSL_SetTmpDH(SSL*, unsigned char* p, int pSz, unsigned char* g,int gSz); +CYASSL_API int CyaSSL_SetTmpDH(SSL*, unsigned char* p, int pSz, + unsigned char* g, int gSz); #ifndef _WIN32 #ifndef NO_WRITEV #include /* allow writev style writing */ - int CyaSSL_writev(SSL* ssl, const struct iovec* iov, int iovcnt); + CYASSL_API int CyaSSL_writev(SSL* ssl, const struct iovec* iov, + int iovcnt); #endif #endif /* SSL_CTX versions */ -int CyaSSL_CTX_load_verify_buffer(SSL_CTX*, const unsigned char*, long, int); -int CyaSSL_CTX_use_certificate_buffer(SSL_CTX*, const unsigned char*, long,int); -int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX*, const unsigned char*, long, int); -int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX*,const unsigned char*,long); +CYASSL_API int CyaSSL_CTX_load_verify_buffer(SSL_CTX*, const unsigned char*, + long, int); +CYASSL_API int CyaSSL_CTX_use_certificate_buffer(SSL_CTX*, const unsigned char*, long,int); +CYASSL_API int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX*, const unsigned char*, + long, int); +CYASSL_API int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX*, + const unsigned char*, long); /* SSL versions */ -int CyaSSL_use_certificate_buffer(SSL*, const unsigned char*, long,int); -int CyaSSL_use_PrivateKey_buffer(SSL*, const unsigned char*, long, int); -int CyaSSL_use_certificate_chain_buffer(SSL*,const unsigned char*,long); - +CYASSL_API int CyaSSL_use_certificate_buffer(SSL*, const unsigned char*, long, + int); +CYASSL_API int CyaSSL_use_PrivateKey_buffer(SSL*, const unsigned char*, long, + int); +CYASSL_API int CyaSSL_use_certificate_chain_buffer(SSL*,const unsigned char*, + long); /* I/O callbacks */ typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx); typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx); -void CyaSSL_SetIORecv(SSL_CTX*, CallbackIORecv); -void CyaSSL_SetIOSend(SSL_CTX*, CallbackIOSend); +CYASSL_API void CyaSSL_SetIORecv(SSL_CTX*, CallbackIORecv); +CYASSL_API void CyaSSL_SetIOSend(SSL_CTX*, CallbackIOSend); -void CyaSSL_SetIOReadCtx(SSL* ssl, void *ctx); -void CyaSSL_SetIOWriteCtx(SSL* ssl, void *ctx); +CYASSL_API void CyaSSL_SetIOReadCtx(SSL* ssl, void *ctx); +CYASSL_API void CyaSSL_SetIOWriteCtx(SSL* ssl, void *ctx); #ifdef CYASSL_CALLBACKS @@ -675,8 +703,10 @@ typedef int (*TimeoutCallBack)(TimeoutInfo*); /* CyaSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack for diagnostics */ -int CyaSSL_connect_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval); -int CyaSSL_accept_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval); +CYASSL_API int CyaSSL_connect_ex(SSL*, HandShakeCallBack, TimeoutCallBack, + Timeval); +CYASSL_API int CyaSSL_accept_ex(SSL*, HandShakeCallBack, TimeoutCallBack, + Timeval); #endif /* CYASSL_CALLBACKS */ diff --git a/m4/pandora_visibility.m4 b/m4/pandora_visibility.m4 new file mode 100644 index 000000000..9c4ab3a36 --- /dev/null +++ b/m4/pandora_visibility.m4 @@ -0,0 +1,56 @@ +dnl Copyright (C) 2005, 2008 Free Software Foundation, Inc. +dnl Copyright (C) 2009 Monty Taylor +dnl This file is free software; the Free Software Foundation +dnl gives unlimited permission to copy and/or distribute it, +dnl with or without modifications, as long as this notice is preserved. + +dnl From Bruno Haible. + +dnl Tests whether the compiler supports the command-line option +dnl -fvisibility=hidden and the function and variable attributes +dnl __attribute__((__visibility__("hidden"))) and +dnl __attribute__((__visibility__("default"))). +dnl Does *not* test for __visibility__("protected") - which has tricky +dnl semantics (see the 'vismain' test in glibc) and does not exist e.g. on +dnl MacOS X. +dnl Does *not* test for __visibility__("internal") - which has processor +dnl dependent semantics. +dnl Does *not* test for #pragma GCC visibility push(hidden) - which is +dnl "really only recommended for legacy code". +dnl Set the variable CFLAG_VISIBILITY. +dnl Defines and sets the variable HAVE_VISIBILITY. + +AC_DEFUN([PANDORA_VISIBILITY], +[ + AC_REQUIRE([AC_PROG_CC]) + CFLAG_VISIBILITY= + HAVE_VISIBILITY=0 + AS_IF([test -n "$GCC"],[ + AC_MSG_CHECKING([for simple visibility declarations]) + AC_CACHE_VAL([gl_cv_cc_visibility], [ + gl_save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -fvisibility=hidden" + AC_TRY_COMPILE( + [extern __attribute__((__visibility__("hidden"))) int hiddenvar; + extern __attribute__((__visibility__("default"))) int exportedvar; + extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void); + extern __attribute__((__visibility__("default"))) int exportedfunc (void);], + [], + [gl_cv_cc_visibility=yes], + [gl_cv_cc_visibility=no]) + CFLAGS="$gl_save_CFLAGS"]) + AC_MSG_RESULT([$gl_cv_cc_visibility]) + if test $gl_cv_cc_visibility = yes; then + CFLAG_VISIBILITY="-fvisibility=hidden" + HAVE_VISIBILITY=1 + fi + ]) + AS_IF([test "x$SUNCC" = "xyes"],[ + CFLAG_VISIBILITY="-xldscope=hidden" + HAVE_VISIBILITY=1 + ]) + AC_SUBST([CFLAG_VISIBILITY]) + AC_SUBST([HAVE_VISIBILITY]) + AC_DEFINE_UNQUOTED([HAVE_VISIBILITY], [$HAVE_VISIBILITY], + [Define to 1 or 0, depending whether the compiler supports simple visibility declarations.]) +]) diff --git a/src/Makefile.am b/src/Makefile.am index bcefac3ca..c6e77dd50 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -11,6 +11,7 @@ libcyassl_la_SOURCES = \ ../ctaocrypt/src/pwdbased.c ../ctaocrypt/src/logging.c \ ../ctaocrypt/src/cyassl_memory.c libcyassl_la_LDFLAGS = -no-undefined -version-info 1:0:0 +libcyassl_la_CFLAGS = -DBUILDING_CYASSL EXTRA_DIST = ../include/*.h ../include/openssl/*.h ../include/*.rc if BUILD_AESNI diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index 09e445372..4c896303e 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -15,8 +15,8 @@ void ctaocrypt_test(void*); void client_test(void*); void echoclient_test(void*); -THREAD_RETURN CYASSL_API server_test(void*); -THREAD_RETURN CYASSL_API echoserver_test(void*); +THREAD_RETURN CYASSL_THREAD server_test(void*); +THREAD_RETURN CYASSL_THREAD echoserver_test(void*); void file_test(char* file, byte* hash);