# Generic OpenSSL-style methods relating to this support
# are always compiled but return NULL if the hardware
# support isn't compiled.
+#
+# enable-demos Enable the building of the example code in the demos directory
# no-hw do not compile support for any crypto hardware.
# [no-]threads [don't] try to create a library that is suitable for
# multithreaded applications (default is "threads" if we
"crypto-mdebug",
"ct",
"default-thread-pool",
+ "demos",
"deprecated",
"des",
"devcryptoeng",
"buildtest-c++" => "default",
"crypto-mdebug" => "default",
"crypto-mdebug-backtrace" => "default",
+ "demos" => "default",
"devcryptoeng" => "default",
"ec_nistp_64_gcc_128" => "default",
"egd" => "default",
# Note that some of these directories are filtered in Configure. Look for
# %skipdir there for further explanations.
-SUBDIRS=crypto ssl apps util tools fuzz providers doc demos
+SUBDIRS=crypto ssl apps util tools fuzz providers doc
IF[{- !$disabled{tests} -}]
SUBDIRS=test
ENDIF
+IF[{- !$disabled{demos} -}]
+ SUBDIRS=demos
+ENDIF
IF[{- !$disabled{'deprecated-3.0'} -}]
SUBDIRS=engines
ENDIF
static volatile int done = 0;
-void interrupt(int sig)
+static void interrupt(int sig)
{
done = 1;
}
-void sigsetup(void)
+static void sigsetup(void)
{
struct sigaction sa;
/* Enable trust chain verification */
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
- SSL_CTX_load_verify_locations(ssl_ctx, CAfile, NULL);
+ if (!SSL_CTX_load_verify_locations(ssl_ctx, CAfile, NULL))
+ goto err;
/* Lets make a SSL structure */
ssl = SSL_new(ssl_ctx);
const char *propq = NULL;
-int aes_ccm_encrypt(void)
+static int aes_ccm_encrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
return ret;
}
-int aes_ccm_decrypt(void)
+static int aes_ccm_decrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
-int aes_gcm_encrypt(void)
+static int aes_gcm_encrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
return ret;
}
-int aes_gcm_decrypt(void)
+static int aes_gcm_decrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
-int aes_wrap_encrypt(void)
+static int aes_wrap_encrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
return ret;
}
-int aes_wrap_decrypt(void)
+static int aes_wrap_decrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
-int aria_cbc_encrypt(void)
+static int aria_cbc_encrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
return ret;
}
-int aria_cbc_decrypt(void)
+static int aria_cbc_decrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
0x81, 0xca, 0x8f, 0x78, 0x29, 0x19, 0x9a, 0xfe,
};
-int demonstrate_digest(void)
+static int demonstrate_digest(void)
{
OSSL_LIB_CTX *library_context;
int ret = 0;
const char *option_properties = NULL;
EVP_MD *message_digest = NULL;
EVP_MD_CTX *digest_context = NULL;
- int digest_length;
+ unsigned int digest_length;
unsigned char *digest_value = NULL;
- int j;
+ unsigned int j;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
* a BIO created to read from stdin
*/
-int demonstrate_digest(BIO *input)
+static int demonstrate_digest(BIO *input)
{
OSSL_LIB_CTX *library_context = NULL;
int ret = 0;
const char *option_properties = NULL;
EVP_MD *message_digest = NULL;
EVP_MD_CTX *digest_context = NULL;
- int digest_length;
+ unsigned int digest_length;
unsigned char *digest_value = NULL;
unsigned char buffer[512];
- int ii;
+ unsigned int ii;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
const char message[] = "This is a test message.";
/* Expected output when an output length of 20 bytes is used. */
-static const char known_answer[] = {
+static const unsigned char known_answer[] = {
0x52, 0x97, 0x93, 0x78, 0x27, 0x58, 0x7d, 0x62,
0x8b, 0x00, 0x25, 0xb5, 0xec, 0x39, 0x5e, 0x2d,
0x7f, 0x3e, 0xd4, 0x19
return bio;
}
-int write_a_request(SSL *stream, const char *request_start,
- const char *hostname)
+static int write_a_request(SSL *stream, const char *request_start,
+ const char *hostname)
{
const char *request_end = "\r\n\r\n";
size_t written;
* See the EVP_PKEY_DSA_paramgen demo if you need to
* use non default parameters.
*/
-EVP_PKEY *dsa_genparams(OSSL_LIB_CTX *libctx, const char *propq)
+static EVP_PKEY *dsa_genparams(OSSL_LIB_CTX *libctx, const char *propq)
{
EVP_PKEY *dsaparamkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
* Create a new dsa param key that is the combination of an existing param key
* plus extra parameters.
*/
-EVP_PKEY_CTX *create_merged_key(EVP_PKEY *dsaparams, const OSSL_PARAM *newparams,
- OSSL_LIB_CTX *libctx, const char *propq)
+static EVP_PKEY_CTX *create_merged_key(EVP_PKEY *dsaparams, const OSSL_PARAM *newparams,
+ OSSL_LIB_CTX *libctx, const char *propq)
{
EVP_PKEY_CTX *out = NULL;
EVP_PKEY_CTX *ctx = NULL;
*/
static volatile bool server_running = true;
-int create_socket(bool isServer)
+static int create_socket(bool isServer)
{
int s;
int optval = 1;
return s;
}
-SSL_CTX* create_context(bool isServer)
+static SSL_CTX* create_context(bool isServer)
{
const SSL_METHOD *method;
SSL_CTX *ctx;
return ctx;
}
-void configure_server_context(SSL_CTX *ctx)
+static void configure_server_context(SSL_CTX *ctx)
{
/* Set the key and cert */
if (SSL_CTX_use_certificate_chain_file(ctx, "cert.pem") <= 0) {
}
}
-void configure_client_context(SSL_CTX *ctx)
+static void configure_client_context(SSL_CTX *ctx)
{
/*
* Configure the client to abort the handshake if certificate verification
}
}
-void usage(void)
+static void usage(void)
{
printf("Usage: sslecho s\n");
printf(" --or--\n");
/* Create server SSL structure using newly accepted client socket */
ssl = SSL_new(ssl_ctx);
- SSL_set_fd(ssl, client_skt);
+ if (!SSL_set_fd(ssl, client_skt)) {
+ ERR_print_errors_fp(stderr);
+ exit(EXIT_FAILURE);
+ }
/* Wait for SSL connection from the client */
if (SSL_accept(ssl) <= 0) {
/* Create client SSL structure using dedicated client socket */
ssl = SSL_new(ssl_ctx);
- SSL_set_fd(ssl, client_skt);
+ if (!SSL_set_fd(ssl, client_skt)) {
+ ERR_print_errors_fp(stderr);
+ goto exit;
+ }
/* Set hostname for SNI */
SSL_set_tlsext_host_name(ssl, rem_server_ip);
/* Configure server hostname check */
- SSL_set1_host(ssl, rem_server_ip);
+ if (!SSL_set1_host(ssl, rem_server_ip)) {
+ ERR_print_errors_fp(stderr);
+ goto exit;
+ }
/* Now do SSL connect with server */
if (SSL_connect(ssl) == 1) {
projects / thirdparty / openssl.git / commitdiff
