diff options
author | Eduardo Chappa <chappa@washington.edu> | 2020-01-04 20:08:32 -0700 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2020-01-04 20:08:32 -0700 |
commit | f398f615b6df385aec2b3553310cc237b29e068a (patch) | |
tree | 5af79c6a9a180c72c58a9d9cd2d79a1d7657d152 /libressl/include/openssl/pem.h | |
parent | 77191bf3e4e049603fb6a0547876259c29c71dbd (diff) | |
download | alpine-f398f615b6df385aec2b3553310cc237b29e068a.tar.xz |
* The feature that stopped alpine from saving passwords in the password
file prevented users from actually saving their passwords in Windows
and MAC OS. Fix the code so that passwords will be saved. Also,
update the documentation of this feature.
* Fix a buffer overflow bug in the XOAUTH2 code (off by one error).
* Update PC-Alpine to work with Libressl version 3.0.2 instead of
version 2.5.5 (update build.bat and lib files from the LibreSSL
build).
* Erase SSLXXXXXX file.
* ssl_nt.c actually directs the code to ssl_libressl.c or ssl_win.c.
The file ssl_libressl.c is the file ssl_unix.c from the unix osdep
directory. The file ssl_win.c is the native SSL windows code. The
Unix side provides S/MIME support for Alpine and the latest
encryption protocols support for Alpine when connecting to a secure
server, while the windows side provide TLSv1_3 support for Alpine,
but not S/MIME support.
In order to provide unix code for TLSv1_3 (once LibreSSL supports it)
edit the file os_nt.c and remove the comments on the #ifdef section.
This would provide both TLSv1_3 and S/MIME support with unix code. On
the other hand, when we provide TLSv1_3 with the Windows code we need
to undefine DF_ENCRYPTION_RANGE, and this is done in the file
include/config.wnt.h. The way this is done as of this moment is by
commenting an #else directive that preceedes this #undefine.
* Update makefile.nt and friends in the windows side to account for the
addition of XOAUTH2, and the use of only ssl_nt.c when dealing with
Alpine.
* Define SMIME_SSLCERTS as c:\libressl\ssl\certs, so that these
certificates be considered while checking a digital S/MIME signature.
* Improvements to the SMARTTIME24 token to account for changes in year.
Diffstat (limited to 'libressl/include/openssl/pem.h')
-rw-r--r-- | libressl/include/openssl/pem.h | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/libressl/include/openssl/pem.h b/libressl/include/openssl/pem.h index d1916a18..adc85226 100644 --- a/libressl/include/openssl/pem.h +++ b/libressl/include/openssl/pem.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pem.h,v 1.17 2016/09/04 16:22:54 jsing Exp $ */ +/* $OpenBSD: pem.h,v 1.19 2018/08/24 19:51:31 tb Exp $ */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -385,8 +385,8 @@ int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data, long *len, #ifndef OPENSSL_NO_BIO int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, long *len); -int PEM_write_bio(BIO *bp, const char *name, char *hdr, unsigned char *data, - long len); +int PEM_write_bio(BIO *bp, const char *name, const char *hdr, + const unsigned char *data, long len); int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp, pem_password_cb *cb, void *u); void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, @@ -403,8 +403,8 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, int PEM_read(FILE *fp, char **name, char **header, unsigned char **data, long *len); -int PEM_write(FILE *fp, char *name, char *hdr, unsigned char *data, - long len); +int PEM_write(FILE *fp, const char *name, const char *hdr, + const unsigned char *data, long len); void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, pem_password_cb *cb, void *u); int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, @@ -421,8 +421,8 @@ void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl, int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, unsigned char *out, int *outl, EVP_PKEY *priv); -void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); -void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt); +int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); +int PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt); int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVP_PKEY *pkey); |