diff options
| author | June McEnroe <june@causal.agency> | 2026-06-01 14:45:02 -0400 |
|---|---|---|
| committer | June McEnroe <june@causal.agency> | 2026-06-01 14:45:02 -0400 |
| commit | f39835641d4413ef327857f0dc4a24d5b9599861 (patch) | |
| tree | deec6e5701019178078d700fcb187e97c6932c43 | |
| parent | Import LibreSSL 4.0.1 (diff) | |
| download | libretls-f39835641d4413ef327857f0dc4a24d5b9599861.tar.gz libretls-f39835641d4413ef327857f0dc4a24d5b9599861.zip | |
Import LibreSSL 4.1.0
Diffstat (limited to '')
| -rw-r--r-- | LIBTLS_VERSION | 2 | ||||
| -rw-r--r-- | VERSION | 2 | ||||
| -rw-r--r-- | compat/posix_win.c | 85 | ||||
| -rw-r--r-- | configure.ac | 29 | ||||
| -rw-r--r-- | include/compat/stdio.h | 12 | ||||
| -rw-r--r-- | include/compat/sys/stat.h | 8 | ||||
| -rw-r--r-- | include/tls.h | 3 | ||||
| -rw-r--r-- | m4/check-libc.m4 | 4 | ||||
| -rw-r--r-- | m4/check-os-options.m4 | 1 | ||||
| -rw-r--r-- | man/Makefile.am | 213 | ||||
| -rw-r--r-- | man/tls_conn_version.3 | 15 | ||||
| -rw-r--r-- | tls.sym | 1 | ||||
| -rw-r--r-- | tls_config.c | 4 | ||||
| -rw-r--r-- | tls_conninfo.c | 14 | ||||
| -rw-r--r-- | tls_internal.h | 5 | ||||
| -rw-r--r-- | tls_peer.c | 10 | ||||
| -rw-r--r-- | tls_verify.c | 99 |
17 files changed, 265 insertions, 242 deletions
diff --git a/LIBTLS_VERSION b/LIBTLS_VERSION index a4e70a8..3e2207f 100644 --- a/LIBTLS_VERSION +++ b/LIBTLS_VERSION @@ -1 +1 @@ -31:0:0 +32:1:0 diff --git a/VERSION b/VERSION index 1454f6e..ee74734 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.0.1 +4.1.0 diff --git a/compat/posix_win.c b/compat/posix_win.c index 1fbfce1..572e527 100644 --- a/compat/posix_win.c +++ b/compat/posix_win.c @@ -22,6 +22,25 @@ #include <string.h> #include <unistd.h> +#include <sys/stat.h> + +static int +is_socket(int fd) +{ + // Border case: Don't break std* file descriptors + if (fd < 3) + return 0; + + // All locally-allocated file descriptors will have the high bit set + return (fd & 0x80000000) == 0; +} + +static int +get_real_fd(int fd) +{ + return (fd & 0x7fffffff); +} + void posix_perror(const char *s) { @@ -44,6 +63,12 @@ posix_fopen(const char *path, const char *mode) } int +libressl_fstat(int fd, struct stat *statbuf) +{ + return fstat(get_real_fd(fd), statbuf); +} + +int posix_open(const char *path, ...) { va_list ap; @@ -62,7 +87,11 @@ posix_open(const char *path, ...) flags |= O_NOINHERIT; } flags &= ~O_NONBLOCK; - return open(path, flags, mode); + + const int fh = open(path, flags, mode); + + // Set high bit to mark file descriptor as a file handle + return fh + 0x80000000; } char * @@ -150,52 +179,6 @@ wsa_errno(int err) return -1; } -/* - * Employ a similar trick to cpython (pycore_fileutils.h) where the CRT report - * handler is disabled while checking if a descriptor is a socket or a file - */ -#if defined _MSC_VER && _MSC_VER >= 1900 - -#include <crtdbg.h> -#include <stdlib.h> - -static void noop_handler(const wchar_t *expression, const wchar_t *function, - const wchar_t *file, unsigned int line, uintptr_t pReserved) -{ - return; -} - -#define BEGIN_SUPPRESS_IPH \ - const int old_report_mode = _CrtSetReportMode(_CRT_ASSERT, 0); \ - const _invalid_parameter_handler old_handler = _set_thread_local_invalid_parameter_handler(noop_handler) -#define END_SUPPRESS_IPH \ - (void)old_report_mode; /* Silence warning in release mode when _CrtSetReportMode compiles to void. */ \ - _CrtSetReportMode(_CRT_ASSERT, old_report_mode); \ - _set_thread_local_invalid_parameter_handler(old_handler) - -#else - -#define BEGIN_SUPPRESS_IPH -#define END_SUPPRESS_IPH - -#endif - -static int -is_socket(int fd) -{ - intptr_t hd; - - BEGIN_SUPPRESS_IPH; - hd = _get_osfhandle(fd); - END_SUPPRESS_IPH; - - if (hd == (intptr_t)INVALID_HANDLE_VALUE) { - return 1; /* fd is not file descriptor */ - } - - return 0; -} - int posix_connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen) { @@ -209,14 +192,13 @@ int posix_close(int fd) { int rc; - if (is_socket(fd)) { if ((rc = closesocket(fd)) == SOCKET_ERROR) { int err = WSAGetLastError(); rc = wsa_errno(err); } } else { - rc = close(fd); + rc = close(get_real_fd(fd)); } return rc; } @@ -225,14 +207,13 @@ ssize_t posix_read(int fd, void *buf, size_t count) { ssize_t rc; - if (is_socket(fd)) { if ((rc = recv(fd, buf, count, 0)) == SOCKET_ERROR) { int err = WSAGetLastError(); rc = wsa_errno(err); } } else { - rc = read(fd, buf, count); + rc = read(get_real_fd(fd), buf, count); } return rc; } @@ -246,7 +227,7 @@ posix_write(int fd, const void *buf, size_t count) rc = wsa_errno(WSAGetLastError()); } } else { - rc = write(fd, buf, count); + rc = write(get_real_fd(fd), buf, count); } return rc; } diff --git a/configure.ac b/configure.ac index 87a80cc..7a88f27 100644 --- a/configure.ac +++ b/configure.ac @@ -32,10 +32,6 @@ LT_INIT([pic-only]) CHECK_OS_OPTIONS -if test "$HOST_OS" = "unsupported"; then - AC_MSG_ERROR([unsupported platform: $host_os]) -fi - CHECK_C_HARDENING_OPTIONS DISABLE_AS_EXECUTABLE_STACK @@ -90,16 +86,17 @@ AS_CASE([$host_cpu], ) AM_CONDITIONAL([HOST_CPU_IS_INTEL], [test "x$HOSTARCH" = "xintel"]) -AM_CONDITIONAL([HOST_AARCH64], [test "$host_cpu" = "aarch64"]) -AM_CONDITIONAL([HOST_ARM], [test "$host_cpu" = "arm"]) -AM_CONDITIONAL([HOST_I386], [test "$host_cpu" = "i386"]) -AM_CONDITIONAL([HOST_MIPS], [test "$host_cpu" = "mips"]) -AM_CONDITIONAL([HOST_MIPS64], [test "$host_cpu" = "mips64"]) -AM_CONDITIONAL([HOST_POWERPC], [test "$host_cpu" = "powerpc"]) -AM_CONDITIONAL([HOST_POWERPC64], [test "$host_cpu" = "ppc64"]) -AM_CONDITIONAL([HOST_RISCV64], [test "$host_cpu" = "riscv64"]) -AM_CONDITIONAL([HOST_SPARC64], [test "$host_cpu" = "sparc64"]) -AM_CONDITIONAL([HOST_X86_64], [test "$host_cpu" = "x86_64"]) +AM_CONDITIONAL([HOST_AARCH64], [test "$host_cpu" = "aarch64"]) +AM_CONDITIONAL([HOST_ARM], [test "$host_cpu" = "arm"]) +AM_CONDITIONAL([HOST_I386], [test "$host_cpu" = "i386"]) +AM_CONDITIONAL([HOST_LOONGARCH64], [test "$host_cpu" = "loongarch64"]) +AM_CONDITIONAL([HOST_MIPS], [test "$host_cpu" = "mips"]) +AM_CONDITIONAL([HOST_MIPS64], [test "$host_cpu" = "mips64"]) +AM_CONDITIONAL([HOST_POWERPC], [test "$host_cpu" = "powerpc"]) +AM_CONDITIONAL([HOST_POWERPC64], [test "$host_cpu" = "ppc64"]) +AM_CONDITIONAL([HOST_RISCV64], [test "$host_cpu" = "riscv64"]) +AM_CONDITIONAL([HOST_SPARC64], [test "$host_cpu" = "sparc64"]) +AM_CONDITIONAL([HOST_X86_64], [test "$host_cpu" = "x86_64"]) AC_MSG_CHECKING([if .gnu.warning accepts long strings]) AC_LINK_IFELSE([AC_LANG_SOURCE([[ @@ -163,3 +160,7 @@ AM_CONDITIONAL([ENABLE_LIBTLS_ONLY], [test "x$enable_libtls_only" = xyes]) AC_REQUIRE_AUX_FILE([tap-driver.sh]) AC_OUTPUT + +if test "$HOST_OS" = "unsupported"; then + AC_MSG_WARN([unsupported platform: $host_os]) +fi diff --git a/include/compat/stdio.h b/include/compat/stdio.h index 2af8f3e..2ccdeeb 100644 --- a/include/compat/stdio.h +++ b/include/compat/stdio.h @@ -18,6 +18,18 @@ #include_next <stdio.h> #endif +#ifndef HAVE_GETDELIM +#include <sys/types.h> +#define getdelim libressl_getdelim +ssize_t getdelim(char **buf, size_t *bufsiz, int delimiter, FILE *fp); +#endif + +#ifndef HAVE_GETLINE +#include <sys/types.h> +#define getline libressl_getline +ssize_t getline(char **buf, size_t *bufsiz, FILE *fp); +#endif + #ifndef HAVE_ASPRINTF #include <stdarg.h> #define vasprintf libressl_vasprintf diff --git a/include/compat/sys/stat.h b/include/compat/sys/stat.h index b88da1d..57aa521 100644 --- a/include/compat/sys/stat.h +++ b/include/compat/sys/stat.h @@ -118,4 +118,12 @@ #endif +#ifdef _WIN32 +int libressl_fstat(int fd, struct stat *statbuf); + +#ifndef NO_REDEF_POSIX_FUNCTIONS +#define fstat(fd, statbuf) libressl_fstat(fd, statbuf) +#endif +#endif + #endif diff --git a/include/tls.h b/include/tls.h index 26d5982..c3ff339 100644 --- a/include/tls.h +++ b/include/tls.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls.h,v 1.67 2024/08/02 15:00:01 tb Exp $ */ +/* $OpenBSD: tls.h,v 1.68 2024/12/10 08:40:30 tb Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -207,6 +207,7 @@ int tls_close(struct tls *_ctx); int tls_peer_cert_provided(struct tls *_ctx); int tls_peer_cert_contains_name(struct tls *_ctx, const char *_name); +const char *tls_peer_cert_common_name(struct tls *_ctx); const char *tls_peer_cert_hash(struct tls *_ctx); const char *tls_peer_cert_issuer(struct tls *_ctx); const char *tls_peer_cert_subject(struct tls *_ctx); diff --git a/m4/check-libc.m4 b/m4/check-libc.m4 index 40df15b..8cb849b 100644 --- a/m4/check-libc.m4 +++ b/m4/check-libc.m4 @@ -7,7 +7,7 @@ AC_CHECK_HEADERS([netinet/ip.h], [], [], ]) AC_HEADER_RESOLV # Check for general libc functions -AC_CHECK_FUNCS([asprintf freezero memmem]) +AC_CHECK_FUNCS([asprintf freezero getdelim getline memmem]) AC_CHECK_FUNCS([readpassphrase reallocarray recallocarray]) AC_CHECK_FUNCS([strcasecmp strlcat strlcpy strndup strnlen strsep strtonum]) AC_CHECK_FUNCS([timegm _mkgmtime timespecsub]) @@ -24,6 +24,8 @@ AC_CACHE_CHECK([for getpagesize], ac_cv_func_getpagesize, [ ]) AM_CONDITIONAL([HAVE_ASPRINTF], [test "x$ac_cv_func_asprintf" = xyes]) AM_CONDITIONAL([HAVE_FREEZERO], [test "x$ac_cv_func_freezero" = xyes]) +AM_CONDITIONAL([HAVE_GETDELIM], [test "x$ac_cv_func_getdelim" = xyes]) +AM_CONDITIONAL([HAVE_GETLINE], [test "x$ac_cv_func_getline" = xyes]) AM_CONDITIONAL([HAVE_GETPAGESIZE], [test "x$ac_cv_func_getpagesize" = xyes]) AM_CONDITIONAL([HAVE_GETOPT], [test "x$ac_cv_func_getopt" = xyes]) AM_CONDITIONAL([HAVE_MEMMEM], [test "x$ac_cv_func_memmem" = xyes]) diff --git a/m4/check-os-options.m4 b/m4/check-os-options.m4 index 91c3021..2ef4293 100644 --- a/m4/check-os-options.m4 +++ b/m4/check-os-options.m4 @@ -133,6 +133,7 @@ char buf[1]; getentropy(buf, 1); ;; *) HOST_OS=unsupported + HOST_ABI=elf ;; esac diff --git a/man/Makefile.am b/man/Makefile.am index 0ed3d93..ea3b869 100644 --- a/man/Makefile.am +++ b/man/Makefile.am @@ -229,10 +229,10 @@ dist_man3_MANS += CMS_verify.3 dist_man3_MANS += CMS_verify_receipt.3 dist_man3_MANS += CONF_modules_free.3 dist_man3_MANS += CONF_modules_load_file.3 -dist_man3_MANS += CRYPTO_get_mem_functions.3 dist_man3_MANS += CRYPTO_lock.3 dist_man3_MANS += CRYPTO_memcmp.3 dist_man3_MANS += CRYPTO_set_ex_data.3 +dist_man3_MANS += CRYPTO_set_mem_functions.3 dist_man3_MANS += ChaCha.3 dist_man3_MANS += DES_set_key.3 dist_man3_MANS += DH_generate_key.3 @@ -257,7 +257,6 @@ dist_man3_MANS += DSA_sign.3 dist_man3_MANS += DSA_size.3 dist_man3_MANS += ECDH_compute_key.3 dist_man3_MANS += ECDSA_SIG_new.3 -dist_man3_MANS += EC_GFp_simple_method.3 dist_man3_MANS += EC_GROUP_copy.3 dist_man3_MANS += EC_GROUP_new.3 dist_man3_MANS += EC_KEY_METHOD_new.3 @@ -302,17 +301,14 @@ dist_man3_MANS += EVP_PKEY_CTX_new.3 dist_man3_MANS += EVP_PKEY_CTX_set_hkdf_md.3 dist_man3_MANS += EVP_PKEY_CTX_set_tls1_prf_md.3 dist_man3_MANS += EVP_PKEY_asn1_get_count.3 -dist_man3_MANS += EVP_PKEY_asn1_new.3 -dist_man3_MANS += EVP_PKEY_check.3 dist_man3_MANS += EVP_PKEY_cmp.3 dist_man3_MANS += EVP_PKEY_decrypt.3 dist_man3_MANS += EVP_PKEY_derive.3 dist_man3_MANS += EVP_PKEY_encrypt.3 dist_man3_MANS += EVP_PKEY_get_default_digest_nid.3 dist_man3_MANS += EVP_PKEY_keygen.3 -dist_man3_MANS += EVP_PKEY_meth_get0_info.3 -dist_man3_MANS += EVP_PKEY_meth_new.3 dist_man3_MANS += EVP_PKEY_new.3 +dist_man3_MANS += EVP_PKEY_new_CMAC_key.3 dist_man3_MANS += EVP_PKEY_print_private.3 dist_man3_MANS += EVP_PKEY_set1_RSA.3 dist_man3_MANS += EVP_PKEY_sign.3 @@ -323,9 +319,12 @@ dist_man3_MANS += EVP_SealInit.3 dist_man3_MANS += EVP_SignInit.3 dist_man3_MANS += EVP_VerifyInit.3 dist_man3_MANS += EVP_aes_128_cbc.3 +dist_man3_MANS += EVP_aes_128_ccm.3 +dist_man3_MANS += EVP_aes_128_gcm.3 dist_man3_MANS += EVP_camellia_128_cbc.3 dist_man3_MANS += EVP_chacha20.3 dist_man3_MANS += EVP_des_cbc.3 +dist_man3_MANS += EVP_rc2_cbc.3 dist_man3_MANS += EVP_rc4.3 dist_man3_MANS += EVP_sha1.3 dist_man3_MANS += EVP_sha3_224.3 @@ -391,6 +390,7 @@ dist_man3_MANS += RAND_add.3 dist_man3_MANS += RAND_bytes.3 dist_man3_MANS += RAND_load_file.3 dist_man3_MANS += RAND_set_rand_method.3 +dist_man3_MANS += RC2_encrypt.3 dist_man3_MANS += RC4.3 dist_man3_MANS += RIPEMD160.3 dist_man3_MANS += RSA_PSS_PARAMS_new.3 @@ -430,6 +430,7 @@ dist_man3_MANS += X509V3_EXT_get_nid.3 dist_man3_MANS += X509V3_EXT_print.3 dist_man3_MANS += X509V3_extensions_print.3 dist_man3_MANS += X509V3_get_d2i.3 +dist_man3_MANS += X509V3_parse_list.3 dist_man3_MANS += X509_ALGOR_dup.3 dist_man3_MANS += X509_ATTRIBUTE_get0_object.3 dist_man3_MANS += X509_ATTRIBUTE_new.3 @@ -507,6 +508,7 @@ dist_man3_MANS += X509v3_addr_validate_path.3 dist_man3_MANS += X509v3_asid_add_id_or_range.3 dist_man3_MANS += X509v3_get_ext_by_NID.3 dist_man3_MANS += a2d_ASN1_OBJECT.3 +dist_man3_MANS += a2i_ipadd.3 dist_man3_MANS += bn_dump.3 dist_man3_MANS += crypto.3 dist_man3_MANS += d2i_ASN1_NULL.3 @@ -548,6 +550,7 @@ dist_man3_MANS += i2d_CMS_bio_stream.3 dist_man3_MANS += i2d_PKCS7_bio_stream.3 dist_man3_MANS += lh_new.3 dist_man3_MANS += s2i_ASN1_INTEGER.3 +dist_man3_MANS += v2i_ASN1_BIT_STRING.3 dist_man3_MANS += x509_verify.3 dist_man3_MANS += tls_accept_socket.3 dist_man3_MANS += tls_client.3 @@ -1079,12 +1082,6 @@ install-data-hook: ln -sf "CONF_modules_free.3" "$(DESTDIR)$(mandir)/man3/CONF_modules_unload.3" ln -sf "CONF_modules_load_file.3" "$(DESTDIR)$(mandir)/man3/CONF_modules_load.3" ln -sf "CONF_modules_load_file.3" "$(DESTDIR)$(mandir)/man3/X509_get_default_cert_area.3" - ln -sf "CRYPTO_get_mem_functions.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_MEM_LEAK_CB.3" - ln -sf "CRYPTO_get_mem_functions.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_ctrl.3" - ln -sf "CRYPTO_get_mem_functions.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks.3" - ln -sf "CRYPTO_get_mem_functions.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks_cb.3" - ln -sf "CRYPTO_get_mem_functions.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks_fp.3" - ln -sf "CRYPTO_get_mem_functions.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_set_mem_functions.3" ln -sf "CRYPTO_lock.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_add.3" ln -sf "CRYPTO_lock.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_r_lock.3" ln -sf "CRYPTO_lock.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_r_unlock.3" @@ -1097,6 +1094,11 @@ install-data-hook: ln -sf "CRYPTO_set_ex_data.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_get_ex_data.3" ln -sf "CRYPTO_set_ex_data.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_get_ex_new_index.3" ln -sf "CRYPTO_set_ex_data.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_new_ex_data.3" + ln -sf "CRYPTO_set_mem_functions.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_MEM_LEAK_CB.3" + ln -sf "CRYPTO_set_mem_functions.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_ctrl.3" + ln -sf "CRYPTO_set_mem_functions.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks.3" + ln -sf "CRYPTO_set_mem_functions.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks_cb.3" + ln -sf "CRYPTO_set_mem_functions.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks_fp.3" ln -sf "ChaCha.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_chacha_20.3" ln -sf "ChaCha.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_hchacha_20.3" ln -sf "ChaCha.3" "$(DESTDIR)$(mandir)/man3/CRYPTO_xchacha_20.3" @@ -1210,8 +1212,6 @@ install-data-hook: ln -sf "ECDSA_SIG_new.3" "$(DESTDIR)$(mandir)/man3/ECDSA_verify.3" ln -sf "ECDSA_SIG_new.3" "$(DESTDIR)$(mandir)/man3/d2i_ECDSA_SIG.3" ln -sf "ECDSA_SIG_new.3" "$(DESTDIR)$(mandir)/man3/i2d_ECDSA_SIG.3" - ln -sf "EC_GFp_simple_method.3" "$(DESTDIR)$(mandir)/man3/EC_GFp_mont_method.3" - ln -sf "EC_GFp_simple_method.3" "$(DESTDIR)$(mandir)/man3/EC_METHOD_get_field_type.3" ln -sf "EC_GROUP_copy.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_check.3" ln -sf "EC_GROUP_copy.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_check_discriminant.3" ln -sf "EC_GROUP_copy.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_cmp.3" @@ -1226,7 +1226,6 @@ install-data-hook: ln -sf "EC_GROUP_copy.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_get_order.3" ln -sf "EC_GROUP_copy.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_get_point_conversion_form.3" ln -sf "EC_GROUP_copy.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_get_seed_len.3" - ln -sf "EC_GROUP_copy.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_method_of.3" ln -sf "EC_GROUP_copy.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_order_bits.3" ln -sf "EC_GROUP_copy.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_set_asn1_flag.3" ln -sf "EC_GROUP_copy.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_set_curve_name.3" @@ -1286,8 +1285,6 @@ install-data-hook: ln -sf "EC_KEY_new.3" "$(DESTDIR)$(mandir)/man3/EC_KEY_set_public_key.3" ln -sf "EC_KEY_new.3" "$(DESTDIR)$(mandir)/man3/EC_KEY_set_public_key_affine_coordinates.3" ln -sf "EC_KEY_new.3" "$(DESTDIR)$(mandir)/man3/EC_KEY_up_ref.3" - ln -sf "EC_POINT_add.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_have_precompute_mult.3" - ln -sf "EC_POINT_add.3" "$(DESTDIR)$(mandir)/man3/EC_GROUP_precompute_mult.3" ln -sf "EC_POINT_add.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_cmp.3" ln -sf "EC_POINT_add.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_dbl.3" ln -sf "EC_POINT_add.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_invert.3" @@ -1295,23 +1292,18 @@ install-data-hook: ln -sf "EC_POINT_add.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_is_on_curve.3" ln -sf "EC_POINT_add.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_make_affine.3" ln -sf "EC_POINT_add.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_mul.3" - ln -sf "EC_POINT_add.3" "$(DESTDIR)$(mandir)/man3/EC_POINTs_make_affine.3" - ln -sf "EC_POINT_add.3" "$(DESTDIR)$(mandir)/man3/EC_POINTs_mul.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_bn2point.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_clear_free.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_copy.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_dup.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_free.3" - ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_get_Jprojective_coordinates_GFp.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_get_affine_coordinates.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_get_affine_coordinates_GFp.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_hex2point.3" - ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_method_of.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_oct2point.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_point2bn.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_point2hex.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_point2oct.3" - ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_set_Jprojective_coordinates_GFp.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_set_affine_coordinates.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_set_affine_coordinates_GFp.3" ln -sf "EC_POINT_new.3" "$(DESTDIR)$(mandir)/man3/EC_POINT_set_compressed_coordinates.3" @@ -1501,13 +1493,6 @@ install-data-hook: ln -sf "EVP_EncryptInit.3" "$(DESTDIR)$(mandir)/man3/EVP_idea_cfb64.3" ln -sf "EVP_EncryptInit.3" "$(DESTDIR)$(mandir)/man3/EVP_idea_ecb.3" ln -sf "EVP_EncryptInit.3" "$(DESTDIR)$(mandir)/man3/EVP_idea_ofb.3" - ln -sf "EVP_EncryptInit.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_40_cbc.3" - ln -sf "EVP_EncryptInit.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_64_cbc.3" - ln -sf "EVP_EncryptInit.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_cbc.3" - ln -sf "EVP_EncryptInit.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_cfb.3" - ln -sf "EVP_EncryptInit.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_cfb64.3" - ln -sf "EVP_EncryptInit.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_ecb.3" - ln -sf "EVP_EncryptInit.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_ofb.3" ln -sf "EVP_MD_CTX_ctrl.3" "$(DESTDIR)$(mandir)/man3/EVP_MD_CTX_clear_flags.3" ln -sf "EVP_MD_CTX_ctrl.3" "$(DESTDIR)$(mandir)/man3/EVP_MD_CTX_md_data.3" ln -sf "EVP_MD_CTX_ctrl.3" "$(DESTDIR)$(mandir)/man3/EVP_MD_CTX_pkey_ctx.3" @@ -1562,19 +1547,6 @@ install-data-hook: ln -sf "EVP_PKEY_asn1_get_count.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_get0.3" ln -sf "EVP_PKEY_asn1_get_count.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_get0_info.3" ln -sf "EVP_PKEY_asn1_get_count.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_get0_asn1.3" - ln -sf "EVP_PKEY_asn1_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_copy.3" - ln -sf "EVP_PKEY_asn1_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_free.3" - ln -sf "EVP_PKEY_asn1_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_check.3" - ln -sf "EVP_PKEY_asn1_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_ctrl.3" - ln -sf "EVP_PKEY_asn1_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_free.3" - ln -sf "EVP_PKEY_asn1_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_param.3" - ln -sf "EVP_PKEY_asn1_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_param_check.3" - ln -sf "EVP_PKEY_asn1_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_private.3" - ln -sf "EVP_PKEY_asn1_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_public.3" - ln -sf "EVP_PKEY_asn1_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_public_check.3" - ln -sf "EVP_PKEY_asn1_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_security_bits.3" - ln -sf "EVP_PKEY_check.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_param_check.3" - ln -sf "EVP_PKEY_check.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_public_check.3" ln -sf "EVP_PKEY_cmp.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_cmp_parameters.3" ln -sf "EVP_PKEY_cmp.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_copy_parameters.3" ln -sf "EVP_PKEY_cmp.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_missing_parameters.3" @@ -1585,41 +1557,19 @@ install-data-hook: ln -sf "EVP_PKEY_encrypt.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_encrypt_init.3" ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_get_app_data.3" ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_get_cb.3" + ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_get_data.3" ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_get_keygen_info.3" ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set0_keygen_info.3" ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set_app_data.3" ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set_cb.3" + ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set_data.3" ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_gen_cb.3" ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_keygen_init.3" ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_paramgen.3" ln -sf "EVP_PKEY_keygen.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_paramgen_init.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_get_data.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set_data.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_add0.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_copy.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_find.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_free.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_check.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_cleanup.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_copy.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_ctrl.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_decrypt.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_derive.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_encrypt.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_init.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_keygen.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_param_check.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_paramgen.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_public_check.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_sign.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_signctx.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_verify.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_verify_recover.3" - ln -sf "EVP_PKEY_meth_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_verifyctx.3" ln -sf "EVP_PKEY_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_free.3" ln -sf "EVP_PKEY_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_get_raw_private_key.3" ln -sf "EVP_PKEY_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_get_raw_public_key.3" - ln -sf "EVP_PKEY_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_new_CMAC_key.3" ln -sf "EVP_PKEY_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_new_mac_key.3" ln -sf "EVP_PKEY_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_new_raw_private_key.3" ln -sf "EVP_PKEY_new.3" "$(DESTDIR)$(mandir)/man3/EVP_PKEY_new_raw_public_key.3" @@ -1663,41 +1613,39 @@ install-data-hook: ln -sf "EVP_VerifyInit.3" "$(DESTDIR)$(mandir)/man3/EVP_VerifyInit_ex.3" ln -sf "EVP_VerifyInit.3" "$(DESTDIR)$(mandir)/man3/EVP_VerifyUpdate.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_cbc_hmac_sha1.3" - ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_ccm.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_cfb.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_cfb1.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_cfb128.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_cfb8.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_ctr.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_ecb.3" - ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_gcm.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_ofb.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_wrap.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_128_xts.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_cbc.3" - ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_ccm.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_cfb.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_cfb1.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_cfb128.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_cfb8.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_ctr.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_ecb.3" - ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_gcm.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_ofb.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_wrap.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cbc.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cbc_hmac_sha1.3" - ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_ccm.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cfb.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cfb1.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cfb128.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cfb8.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_ctr.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_ecb.3" - ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_gcm.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_ofb.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_wrap.3" ln -sf "EVP_aes_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_xts.3" + ln -sf "EVP_aes_128_ccm.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_ccm.3" + ln -sf "EVP_aes_128_ccm.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_ccm.3" + ln -sf "EVP_aes_128_gcm.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_192_gcm.3" + ln -sf "EVP_aes_128_gcm.3" "$(DESTDIR)$(mandir)/man3/EVP_aes_256_gcm.3" ln -sf "EVP_camellia_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_camellia_128_cfb.3" ln -sf "EVP_camellia_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_camellia_128_cfb1.3" ln -sf "EVP_camellia_128_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_camellia_128_cfb128.3" @@ -1740,6 +1688,12 @@ install-data-hook: ln -sf "EVP_des_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_des_ede_ofb.3" ln -sf "EVP_des_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_des_ofb.3" ln -sf "EVP_des_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_desx_cbc.3" + ln -sf "EVP_rc2_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_40_cbc.3" + ln -sf "EVP_rc2_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_64_cbc.3" + ln -sf "EVP_rc2_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_cfb.3" + ln -sf "EVP_rc2_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_cfb64.3" + ln -sf "EVP_rc2_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_ecb.3" + ln -sf "EVP_rc2_cbc.3" "$(DESTDIR)$(mandir)/man3/EVP_rc2_ofb.3" ln -sf "EVP_rc4.3" "$(DESTDIR)$(mandir)/man3/EVP_rc4_40.3" ln -sf "EVP_rc4.3" "$(DESTDIR)$(mandir)/man3/EVP_rc4_hmac_md5.3" ln -sf "EVP_sha1.3" "$(DESTDIR)$(mandir)/man3/EVP_md4.3" @@ -2078,6 +2032,12 @@ install-data-hook: ln -sf "RAND_load_file.3" "$(DESTDIR)$(mandir)/man3/RAND_write_file.3" ln -sf "RAND_set_rand_method.3" "$(DESTDIR)$(mandir)/man3/RAND_SSLeay.3" ln -sf "RAND_set_rand_method.3" "$(DESTDIR)$(mandir)/man3/RAND_get_rand_method.3" + ln -sf "RC2_encrypt.3" "$(DESTDIR)$(mandir)/man3/RC2_cbc_encrypt.3" + ln -sf "RC2_encrypt.3" "$(DESTDIR)$(mandir)/man3/RC2_cfb64_encrypt.3" + ln -sf "RC2_encrypt.3" "$(DESTDIR)$(mandir)/man3/RC2_decrypt.3" + ln -sf "RC2_encrypt.3" "$(DESTDIR)$(mandir)/man3/RC2_ecb_encrypt.3" + ln -sf "RC2_encrypt.3" "$(DESTDIR)$(mandir)/man3/RC2_ofb64_encrypt.3" + ln -sf "RC2_encrypt.3" "$(DESTDIR)$(mandir)/man3/RC2_set_key.3" ln -sf "RC4.3" "$(DESTDIR)$(mandir)/man3/RC4_set_key.3" ln -sf "RIPEMD160.3" "$(DESTDIR)$(mandir)/man3/RIPEMD160_Final.3" ln -sf "RIPEMD160.3" "$(DESTDIR)$(mandir)/man3/RIPEMD160_Init.3" @@ -2555,6 +2515,7 @@ install-data-hook: ln -sf "X25519.3" "$(DESTDIR)$(mandir)/man3/ED25519_verify.3" ln -sf "X25519.3" "$(DESTDIR)$(mandir)/man3/X25519_keypair.3" ln -sf "X509V3_EXT_get_nid.3" "$(DESTDIR)$(mandir)/man3/X509V3_EXT_get.3" + ln -sf "X509V3_EXT_print.3" "$(DESTDIR)$(mandir)/man3/X509V3_EXT_print_fp.3" ln -sf "X509V3_get_d2i.3" "$(DESTDIR)$(mandir)/man3/X509V3_EXT_d2i.3" ln -sf "X509V3_get_d2i.3" "$(DESTDIR)$(mandir)/man3/X509V3_EXT_i2d.3" ln -sf "X509V3_get_d2i.3" "$(DESTDIR)$(mandir)/man3/X509V3_add1_i2d.3" @@ -2568,6 +2529,7 @@ install-data-hook: ln -sf "X509V3_get_d2i.3" "$(DESTDIR)$(mandir)/man3/X509_get0_extensions.3" ln -sf "X509V3_get_d2i.3" "$(DESTDIR)$(mandir)/man3/X509_get0_uids.3" ln -sf "X509V3_get_d2i.3" "$(DESTDIR)$(mandir)/man3/X509_get_ext_d2i.3" + ln -sf "X509V3_parse_list.3" "$(DESTDIR)$(mandir)/man3/X509V3_conf_free.3" ln -sf "X509_ALGOR_dup.3" "$(DESTDIR)$(mandir)/man3/X509_ALGOR_cmp.3" ln -sf "X509_ALGOR_dup.3" "$(DESTDIR)$(mandir)/man3/X509_ALGOR_free.3" ln -sf "X509_ALGOR_dup.3" "$(DESTDIR)$(mandir)/man3/X509_ALGOR_get0.3" @@ -2608,6 +2570,7 @@ install-data-hook: ln -sf "X509_EXTENSION_set_object.3" "$(DESTDIR)$(mandir)/man3/X509_EXTENSION_new.3" ln -sf "X509_EXTENSION_set_object.3" "$(DESTDIR)$(mandir)/man3/X509_EXTENSION_set_critical.3" ln -sf "X509_EXTENSION_set_object.3" "$(DESTDIR)$(mandir)/man3/X509_EXTENSION_set_data.3" + ln -sf "X509_EXTENSION_set_object.3" "$(DESTDIR)$(mandir)/man3/X509_supported_extension.3" ln -sf "X509_INFO_new.3" "$(DESTDIR)$(mandir)/man3/X509_INFO_free.3" ln -sf "X509_LOOKUP_hash_dir.3" "$(DESTDIR)$(mandir)/man3/X509_LOOKUP_file.3" ln -sf "X509_LOOKUP_hash_dir.3" "$(DESTDIR)$(mandir)/man3/X509_LOOKUP_mem.3" @@ -2645,17 +2608,14 @@ install-data-hook: ln -sf "X509_NAME_hash.3" "$(DESTDIR)$(mandir)/man3/X509_subject_name_hash_old.3" ln -sf "X509_NAME_new.3" "$(DESTDIR)$(mandir)/man3/X509_NAME_free.3" ln -sf "X509_NAME_print_ex.3" "$(DESTDIR)$(mandir)/man3/X509_NAME_oneline.3" - ln -sf "X509_NAME_print_ex.3" "$(DESTDIR)$(mandir)/man3/X509_NAME_print.3" ln -sf "X509_NAME_print_ex.3" "$(DESTDIR)$(mandir)/man3/X509_NAME_print_ex_fp.3" ln -sf "X509_OBJECT_get0_X509.3" "$(DESTDIR)$(mandir)/man3/X509_OBJECT_free.3" - ln -sf "X509_OBJECT_get0_X509.3" "$(DESTDIR)$(mandir)/man3/X509_OBJECT_free_contents.3" ln -sf "X509_OBJECT_get0_X509.3" "$(DESTDIR)$(mandir)/man3/X509_OBJECT_get0_X509_CRL.3" ln -sf "X509_OBJECT_get0_X509.3" "$(DESTDIR)$(mandir)/man3/X509_OBJECT_get_type.3" ln -sf "X509_OBJECT_get0_X509.3" "$(DESTDIR)$(mandir)/man3/X509_OBJECT_idx_by_subject.3" ln -sf "X509_OBJECT_get0_X509.3" "$(DESTDIR)$(mandir)/man3/X509_OBJECT_new.3" ln -sf "X509_OBJECT_get0_X509.3" "$(DESTDIR)$(mandir)/man3/X509_OBJECT_retrieve_by_subject.3" ln -sf "X509_OBJECT_get0_X509.3" "$(DESTDIR)$(mandir)/man3/X509_OBJECT_retrieve_match.3" - ln -sf "X509_OBJECT_get0_X509.3" "$(DESTDIR)$(mandir)/man3/X509_OBJECT_up_ref_count.3" ln -sf "X509_PKEY_new.3" "$(DESTDIR)$(mandir)/man3/X509_PKEY_free.3" ln -sf "X509_PUBKEY_new.3" "$(DESTDIR)$(mandir)/man3/X509_PUBKEY_free.3" ln -sf "X509_PUBKEY_new.3" "$(DESTDIR)$(mandir)/man3/X509_PUBKEY_get.3" @@ -2948,6 +2908,8 @@ install-data-hook: ln -sf "X509v3_get_ext_by_NID.3" "$(DESTDIR)$(mandir)/man3/X509v3_get_ext_by_OBJ.3" ln -sf "X509v3_get_ext_by_NID.3" "$(DESTDIR)$(mandir)/man3/X509v3_get_ext_by_critical.3" ln -sf "X509v3_get_ext_by_NID.3" "$(DESTDIR)$(mandir)/man3/X509v3_get_ext_count.3" + ln -sf "a2i_ipadd.3" "$(DESTDIR)$(mandir)/man3/a2i_IPADDRESS.3" + ln -sf "a2i_ipadd.3" "$(DESTDIR)$(mandir)/man3/a2i_IPADDRESS_NC.3" ln -sf "bn_dump.3" "$(DESTDIR)$(mandir)/man3/bn_add_words.3" ln -sf "bn_dump.3" "$(DESTDIR)$(mandir)/man3/bn_div_words.3" ln -sf "bn_dump.3" "$(DESTDIR)$(mandir)/man3/bn_expand.3" @@ -3329,6 +3291,7 @@ install-data-hook: ln -sf "tls_conn_version.3" "$(DESTDIR)$(mandir)/man3/tls_conn_servername.3" ln -sf "tls_conn_version.3" "$(DESTDIR)$(mandir)/man3/tls_conn_session_resumed.3" ln -sf "tls_conn_version.3" "$(DESTDIR)$(mandir)/man3/tls_peer_cert_chain_pem.3" + ln -sf "tls_conn_version.3" "$(DESTDIR)$(mandir)/man3/tls_peer_cert_common_name.3" ln -sf "tls_conn_version.3" "$(DESTDIR)$(mandir)/man3/tls_peer_cert_contains_name.3" ln -sf "tls_conn_version.3" "$(DESTDIR)$(mandir)/man3/tls_peer_cert_hash.3" ln -sf "tls_conn_version.3" "$(DESTDIR)$(mandir)/man3/tls_peer_cert_issuer.3" @@ -3380,6 +3343,7 @@ install-data-hook: ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_error.3" ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_handshake.3" ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_write.3" + ln -sf "v2i_ASN1_BIT_STRING.3" "$(DESTDIR)$(mandir)/man3/i2v_ASN1_BIT_STRING.3" ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_chain.3" ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_depth.3" ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_string.3" @@ -3907,12 +3871,6 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/CONF_modules_unload.3" -rm -f "$(DESTDIR)$(mandir)/man3/CONF_modules_load.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_get_default_cert_area.3" - -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_MEM_LEAK_CB.3" - -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_ctrl.3" - -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks.3" - -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks_cb.3" - -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks_fp.3" - -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_set_mem_functions.3" -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_add.3" -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_r_lock.3" -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_r_unlock.3" @@ -3925,6 +3883,11 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_get_ex_data.3" -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_get_ex_new_index.3" -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_new_ex_data.3" + -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_MEM_LEAK_CB.3" + -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_ctrl.3" + -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks.3" + -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks_cb.3" + -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_mem_leaks_fp.3" -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_chacha_20.3" -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_hchacha_20.3" -rm -f "$(DESTDIR)$(mandir)/man3/CRYPTO_xchacha_20.3" @@ -4038,8 +4001,6 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/ECDSA_verify.3" -rm -f "$(DESTDIR)$(mandir)/man3/d2i_ECDSA_SIG.3" -rm -f "$(DESTDIR)$(mandir)/man3/i2d_ECDSA_SIG.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EC_GFp_mont_method.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EC_METHOD_get_field_type.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_check.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_check_discriminant.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_cmp.3" @@ -4054,7 +4015,6 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_get_order.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_get_point_conversion_form.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_get_seed_len.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_method_of.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_order_bits.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_set_asn1_flag.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_set_curve_name.3" @@ -4114,8 +4074,6 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/EC_KEY_set_public_key.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_KEY_set_public_key_affine_coordinates.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_KEY_up_ref.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_have_precompute_mult.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EC_GROUP_precompute_mult.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_cmp.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_dbl.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_invert.3" @@ -4123,23 +4081,18 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_is_on_curve.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_make_affine.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_mul.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINTs_make_affine.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINTs_mul.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_bn2point.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_clear_free.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_copy.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_dup.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_free.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_get_Jprojective_coordinates_GFp.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_get_affine_coordinates.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_get_affine_coordinates_GFp.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_hex2point.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_method_of.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_oct2point.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_point2bn.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_point2hex.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_point2oct.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_set_Jprojective_coordinates_GFp.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_set_affine_coordinates.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_set_affine_coordinates_GFp.3" -rm -f "$(DESTDIR)$(mandir)/man3/EC_POINT_set_compressed_coordinates.3" @@ -4329,13 +4282,6 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/EVP_idea_cfb64.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_idea_ecb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_idea_ofb.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_40_cbc.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_64_cbc.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_cbc.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_cfb.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_cfb64.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_ecb.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_ofb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_MD_CTX_clear_flags.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_MD_CTX_md_data.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_MD_CTX_pkey_ctx.3" @@ -4390,19 +4336,6 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_get0.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_get0_info.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_get0_asn1.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_copy.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_free.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_check.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_ctrl.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_free.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_param.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_param_check.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_private.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_public.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_public_check.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_asn1_set_security_bits.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_param_check.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_public_check.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_cmp_parameters.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_copy_parameters.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_missing_parameters.3" @@ -4413,41 +4346,19 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_encrypt_init.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_get_app_data.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_get_cb.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_get_data.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_get_keygen_info.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set0_keygen_info.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set_app_data.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set_cb.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set_data.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_gen_cb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_keygen_init.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_paramgen.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_paramgen_init.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_get_data.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set_data.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_add0.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_copy.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_find.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_free.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_check.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_cleanup.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_copy.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_ctrl.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_decrypt.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_derive.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_encrypt.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_init.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_keygen.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_param_check.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_paramgen.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_public_check.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_sign.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_signctx.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_verify.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_verify_recover.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_meth_set_verifyctx.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_free.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_get_raw_private_key.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_get_raw_public_key.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_new_CMAC_key.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_new_mac_key.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_new_raw_private_key.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_PKEY_new_raw_public_key.3" @@ -4491,41 +4402,39 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/EVP_VerifyInit_ex.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_VerifyUpdate.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_cbc_hmac_sha1.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_ccm.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_cfb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_cfb1.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_cfb128.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_cfb8.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_ctr.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_ecb.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_gcm.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_ofb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_wrap.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_128_xts.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_cbc.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_ccm.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_cfb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_cfb1.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_cfb128.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_cfb8.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_ctr.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_ecb.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_gcm.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_ofb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_wrap.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cbc.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cbc_hmac_sha1.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_ccm.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cfb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cfb1.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cfb128.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_cfb8.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_ctr.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_ecb.3" - -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_gcm.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_ofb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_wrap.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_xts.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_ccm.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_ccm.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_192_gcm.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_aes_256_gcm.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_camellia_128_cfb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_camellia_128_cfb1.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_camellia_128_cfb128.3" @@ -4568,6 +4477,12 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/EVP_des_ede_ofb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_des_ofb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_desx_cbc.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_40_cbc.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_64_cbc.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_cfb.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_cfb64.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_ecb.3" + -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc2_ofb.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc4_40.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_rc4_hmac_md5.3" -rm -f "$(DESTDIR)$(mandir)/man3/EVP_md4.3" @@ -4906,6 +4821,12 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/RAND_write_file.3" -rm -f "$(DESTDIR)$(mandir)/man3/RAND_SSLeay.3" -rm -f "$(DESTDIR)$(mandir)/man3/RAND_get_rand_method.3" + -rm -f "$(DESTDIR)$(mandir)/man3/RC2_cbc_encrypt.3" + -rm -f "$(DESTDIR)$(mandir)/man3/RC2_cfb64_encrypt.3" + -rm -f "$(DESTDIR)$(mandir)/man3/RC2_decrypt.3" + -rm -f "$(DESTDIR)$(mandir)/man3/RC2_ecb_encrypt.3" + -rm -f "$(DESTDIR)$(mandir)/man3/RC2_ofb64_encrypt.3" + -rm -f "$(DESTDIR)$(mandir)/man3/RC2_set_key.3" -rm -f "$(DESTDIR)$(mandir)/man3/RC4_set_key.3" -rm -f "$(DESTDIR)$(mandir)/man3/RIPEMD160_Final.3" -rm -f "$(DESTDIR)$(mandir)/man3/RIPEMD160_Init.3" @@ -5383,6 +5304,7 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/ED25519_verify.3" -rm -f "$(DESTDIR)$(mandir)/man3/X25519_keypair.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509V3_EXT_get.3" + -rm -f "$(DESTDIR)$(mandir)/man3/X509V3_EXT_print_fp.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509V3_EXT_d2i.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509V3_EXT_i2d.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509V3_add1_i2d.3" @@ -5396,6 +5318,7 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/X509_get0_extensions.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_get0_uids.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_get_ext_d2i.3" + -rm -f "$(DESTDIR)$(mandir)/man3/X509V3_conf_free.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_ALGOR_cmp.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_ALGOR_free.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_ALGOR_get0.3" @@ -5436,6 +5359,7 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/X509_EXTENSION_new.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_EXTENSION_set_critical.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_EXTENSION_set_data.3" + -rm -f "$(DESTDIR)$(mandir)/man3/X509_supported_extension.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_INFO_free.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_LOOKUP_file.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_LOOKUP_mem.3" @@ -5473,17 +5397,14 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/X509_subject_name_hash_old.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_NAME_free.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_NAME_oneline.3" - -rm -f "$(DESTDIR)$(mandir)/man3/X509_NAME_print.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_NAME_print_ex_fp.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_OBJECT_free.3" - -rm -f "$(DESTDIR)$(mandir)/man3/X509_OBJECT_free_contents.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_OBJECT_get0_X509_CRL.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_OBJECT_get_type.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_OBJECT_idx_by_subject.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_OBJECT_new.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_OBJECT_retrieve_by_subject.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_OBJECT_retrieve_match.3" - -rm -f "$(DESTDIR)$(mandir)/man3/X509_OBJECT_up_ref_count.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_PKEY_free.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_PUBKEY_free.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509_PUBKEY_get.3" @@ -5776,6 +5697,8 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/X509v3_get_ext_by_OBJ.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509v3_get_ext_by_critical.3" -rm -f "$(DESTDIR)$(mandir)/man3/X509v3_get_ext_count.3" + -rm -f "$(DESTDIR)$(mandir)/man3/a2i_IPADDRESS.3" + -rm -f "$(DESTDIR)$(mandir)/man3/a2i_IPADDRESS_NC.3" -rm -f "$(DESTDIR)$(mandir)/man3/bn_add_words.3" -rm -f "$(DESTDIR)$(mandir)/man3/bn_div_words.3" -rm -f "$(DESTDIR)$(mandir)/man3/bn_expand.3" @@ -6157,6 +6080,7 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/tls_conn_servername.3" -rm -f "$(DESTDIR)$(mandir)/man3/tls_conn_session_resumed.3" -rm -f "$(DESTDIR)$(mandir)/man3/tls_peer_cert_chain_pem.3" + -rm -f "$(DESTDIR)$(mandir)/man3/tls_peer_cert_common_name.3" -rm -f "$(DESTDIR)$(mandir)/man3/tls_peer_cert_contains_name.3" -rm -f "$(DESTDIR)$(mandir)/man3/tls_peer_cert_hash.3" -rm -f "$(DESTDIR)$(mandir)/man3/tls_peer_cert_issuer.3" @@ -6208,6 +6132,7 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/tls_error.3" -rm -f "$(DESTDIR)$(mandir)/man3/tls_handshake.3" -rm -f "$(DESTDIR)$(mandir)/man3/tls_write.3" + -rm -f "$(DESTDIR)$(mandir)/man3/i2v_ASN1_BIT_STRING.3" -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_chain.3" -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_depth.3" -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_string.3" diff --git a/man/tls_conn_version.3 b/man/tls_conn_version.3 index 9ab6932..8fb3062 100644 --- a/man/tls_conn_version.3 +++ b/man/tls_conn_version.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tls_conn_version.3,v 1.10 2019/11/02 13:43:14 jsing Exp $ +.\" $OpenBSD: tls_conn_version.3,v 1.11 2024/12/10 08:42:12 tb Exp $ .\" .\" Copyright (c) 2015 Bob Beck <beck@openbsd.org> .\" Copyright (c) 2016, 2018 Joel Sing <jsing@openbsd.org> @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: November 2 2019 $ +.Dd $Mdocdate: December 10 2024 $ .Dt TLS_CONN_VERSION 3 .Os .Sh NAME @@ -30,6 +30,7 @@ .Nm tls_peer_cert_chain_pem , .Nm tls_peer_cert_issuer , .Nm tls_peer_cert_subject , +.Nm tls_peer_cert_common_name , .Nm tls_peer_cert_hash , .Nm tls_peer_cert_notbefore , .Nm tls_peer_cert_notafter @@ -65,6 +66,8 @@ .Ft const char * .Fn tls_peer_cert_subject "struct tls *ctx" .Ft const char * +.Fn tls_peer_cert_common_name "struct tls *ctx" +.Ft const char * .Fn tls_peer_cert_hash "struct tls *ctx" .Ft time_t .Fn tls_peer_cert_notbefore "struct tls *ctx" @@ -133,6 +136,11 @@ corresponding to the subject of the peer certificate from returns a string corresponding to the issuer of the peer certificate from .Ar ctx . +.Fn tls_peer_cert_common_name +returns a string +corresponding to the common name of the peer certificate from +.Ar ctx +or the empty string if no common name is present. .Pp .Fn tls_peer_cert_hash returns a string @@ -209,6 +217,9 @@ appeared in .Fn tls_conn_cipher_strength appeared in .Ox 6.7 . +.Fn tls_peer_cert_common_name +appeared in +.Ox 7.7 . .Sh AUTHORS .An Bob Beck Aq Mt beck@openbsd.org .An Joel Sing Aq Mt jsing@openbsd.org diff --git a/tls.sym b/tls.sym index 42c039d..ee7df86 100644 --- a/tls.sym +++ b/tls.sym @@ -69,6 +69,7 @@ tls_init tls_load_file tls_ocsp_process_response tls_peer_cert_chain_pem +tls_peer_cert_common_name tls_peer_cert_contains_name tls_peer_cert_hash tls_peer_cert_issuer diff --git a/tls_config.c b/tls_config.c index 22fa845..5774d40 100644 --- a/tls_config.c +++ b/tls_config.c @@ -742,8 +742,8 @@ tls_config_set_session_fd(struct tls_config *config, int session_fd) if (sb.st_uid != getuid()) { tls_config_set_errorx(config, TLS_ERROR_UNKNOWN, - "session file has incorrect owner (uid %u != %u)", - sb.st_uid, getuid()); + "session file has incorrect owner (uid %llu != %llu)", + (unsigned long long)sb.st_uid, (unsigned long long)getuid()); return (-1); } mugo = sb.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO); diff --git a/tls_conninfo.c b/tls_conninfo.c index bf52517..8fb56c9 100644 --- a/tls_conninfo.c +++ b/tls_conninfo.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_conninfo.c,v 1.27 2024/03/26 06:31:22 jsing Exp $ */ +/* $OpenBSD: tls_conninfo.c,v 1.28 2024/12/10 08:40:30 tb Exp $ */ /* * Copyright (c) 2015 Joel Sing <jsing@openbsd.org> * Copyright (c) 2015 Bob Beck <beck@openbsd.org> @@ -119,6 +119,14 @@ tls_get_peer_cert_subject(struct tls *ctx, char **subject) } static int +tls_get_peer_cert_common_name(struct tls *ctx, char **common_name) +{ + if (ctx->ssl_peer_cert == NULL) + return (-1); + return tls_get_common_name(ctx, ctx->ssl_peer_cert, NULL, common_name); +} + +static int tls_get_peer_cert_times(struct tls *ctx, time_t *notbefore, time_t *notafter) { @@ -158,6 +166,9 @@ tls_get_peer_cert_info(struct tls *ctx) goto err; if (tls_get_peer_cert_issuer(ctx, &ctx->conninfo->issuer) == -1) goto err; + if (tls_get_peer_cert_common_name(ctx, + &ctx->conninfo->common_name) == -1) + goto err; if (tls_get_peer_cert_times(ctx, &ctx->conninfo->notbefore, &ctx->conninfo->notafter) == -1) goto err; @@ -298,6 +309,7 @@ tls_conninfo_free(struct tls_conninfo *conninfo) free(conninfo->servername); free(conninfo->version); + free(conninfo->common_name); free(conninfo->hash); free(conninfo->issuer); free(conninfo->subject); diff --git a/tls_internal.h b/tls_internal.h index 5ff48ed..8e566a3 100644 --- a/tls_internal.h +++ b/tls_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_internal.h,v 1.85 2024/03/26 06:24:52 joshua Exp $ */ +/* $OpenBSD: tls_internal.h,v 1.86 2024/12/10 08:40:30 tb Exp $ */ /* * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> @@ -129,6 +129,7 @@ struct tls_conninfo { int session_resumed; char *version; + char *common_name; char *hash; char *issuer; char *subject; @@ -238,6 +239,8 @@ struct tls_config *tls_config_new_internal(void); struct tls *tls_new(void); struct tls *tls_server_conn(struct tls *ctx); +int tls_get_common_name(struct tls *_ctx, X509 *_cert, const char *_in_name, + char **_out_common_name); int tls_check_name(struct tls *ctx, X509 *cert, const char *servername, int *match); int tls_configure_server(struct tls *ctx); diff --git a/tls_peer.c b/tls_peer.c index ec97a30..6d63a52 100644 --- a/tls_peer.c +++ b/tls_peer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_peer.c,v 1.8 2017/04/10 17:11:13 jsing Exp $ */ +/* $OpenBSD: tls_peer.c,v 1.9 2024/12/10 08:40:30 tb Exp $ */ /* * Copyright (c) 2015 Joel Sing <jsing@openbsd.org> * Copyright (c) 2015 Bob Beck <beck@openbsd.org> @@ -24,6 +24,14 @@ #include "tls_internal.h" const char * +tls_peer_cert_common_name(struct tls *ctx) +{ + if (ctx->conninfo == NULL) + return (NULL); + return (ctx->conninfo->common_name); +} + +const char * tls_peer_cert_hash(struct tls *ctx) { if (ctx->conninfo == NULL) diff --git a/tls_verify.c b/tls_verify.c index 78f6c24..2935278 100644 --- a/tls_verify.c +++ b/tls_verify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_verify.c,v 1.30 2024/03/26 06:24:52 joshua Exp $ */ +/* $OpenBSD: tls_verify.c,v 1.32 2024/12/10 08:40:30 tb Exp $ */ /* * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> * @@ -210,23 +210,26 @@ tls_check_subject_altname(struct tls *ctx, X509 *cert, const char *name, } static int -tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, - int *cn_match) +tls_get_common_name_internal(X509 *cert, char **out_common_name, + unsigned int *out_tlserr, const char **out_errstr) { unsigned char *utf8_bytes = NULL; X509_NAME *subject_name; char *common_name = NULL; - union tls_addr addrbuf; int common_name_len; ASN1_STRING *data; int lastpos = -1; int rv = -1; - *cn_match = 0; + *out_tlserr = TLS_ERROR_UNKNOWN; + *out_errstr = "unknown"; + + free(*out_common_name); + *out_common_name = NULL; subject_name = X509_get_subject_name(cert); if (subject_name == NULL) - goto done; + goto err; lastpos = X509_NAME_get_index_by_NID(subject_name, NID_commonName, lastpos); @@ -244,10 +247,10 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, * more than one CN fed to us in the subject, treating the * certificate as hostile. */ - tls_set_errorx(ctx, TLS_ERROR_UNKNOWN, - "error verifying name '%s': " + *out_tlserr = TLS_ERROR_UNKNOWN; + *out_errstr = "error getting common name: " "Certificate subject contains multiple Common Name fields, " - "probably a malicious or malformed certificate", name); + "probably a malicious or malformed certificate"; goto err; } @@ -257,10 +260,10 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, * Fail if we cannot encode the CN bytes as UTF-8. */ if ((common_name_len = ASN1_STRING_to_UTF8(&utf8_bytes, data)) < 0) { - tls_set_errorx(ctx, TLS_ERROR_UNKNOWN, - "error verifying name '%s': " + *out_tlserr = TLS_ERROR_UNKNOWN; + *out_errstr = "error getting common name: " "Common Name field cannot be encoded as a UTF-8 string, " - "probably a malicious certificate", name); + "probably a malicious certificate"; goto err; } /* @@ -268,30 +271,85 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, * must be between 1 and 64 bytes long. */ if (common_name_len < 1 || common_name_len > 64) { - tls_set_errorx(ctx, TLS_ERROR_UNKNOWN, - "error verifying name '%s': " + *out_tlserr = TLS_ERROR_UNKNOWN; + *out_errstr = "error getting common name: " "Common Name field has invalid length, " - "probably a malicious certificate", name); + "probably a malicious certificate"; goto err; } /* * Fail if the resulting text contains a NUL byte. */ if (memchr(utf8_bytes, 0, common_name_len) != NULL) { - tls_set_errorx(ctx, TLS_ERROR_UNKNOWN, - "error verifying name '%s': " + *out_tlserr = TLS_ERROR_UNKNOWN; + *out_errstr = "error getting common name: " "NUL byte in Common Name field, " - "probably a malicious certificate", name); + "probably a malicious certificate"; goto err; } common_name = strndup(utf8_bytes, common_name_len); if (common_name == NULL) { - tls_set_error(ctx, TLS_ERROR_OUT_OF_MEMORY, - "out of memory"); + *out_tlserr = TLS_ERROR_OUT_OF_MEMORY; + *out_errstr = "out of memory"; + goto err; + } + + *out_common_name = common_name; + common_name = NULL; + + done: + if (*out_common_name == NULL) + *out_common_name = strdup(""); + if (*out_common_name == NULL) { + *out_tlserr = TLS_ERROR_OUT_OF_MEMORY; + *out_errstr = "out of memory"; goto err; } + rv = 0; + + err: + free(utf8_bytes); + free(common_name); + return rv; +} + +int +tls_get_common_name(struct tls *ctx, X509 *cert, const char *in_name, + char **out_common_name) +{ + unsigned int errcode = TLS_ERROR_UNKNOWN; + const char *errstr = "unknown"; + + if (tls_get_common_name_internal(cert, out_common_name, &errcode, + &errstr) == -1) { + const char *name = in_name; + const char *space = " "; + + if (name == NULL) + name = space = ""; + + tls_set_errorx(ctx, errcode, "%s%s%s", name, space, errstr); + return -1; + } + + return 0; +} + +static int +tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, + int *cn_match) +{ + char *common_name = NULL; + union tls_addr addrbuf; + int rv = -1; + + if (tls_get_common_name(ctx, cert, name, &common_name) == -1) + goto err; + if (strlen(common_name) == 0) + goto done; + /* * We don't want to attempt wildcard matching against IP addresses, * so perform a simple comparison here. @@ -310,7 +368,6 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, rv = 0; err: - free(utf8_bytes); free(common_name); return rv; } |