I have tested current source code for the 0.9.8 version and the 0.9.7
version (fips and non-fips) with DJGPP. The attached patches allow
building under DJGPP. In addition to a few substantive fixes, I put in
a number of minor fixes to get rid of gcc warnings when compiled with
"-W", such as putting "static" at the beginning of a declaration and
putting in missing initializers. Some of the changes (e.g., getting
rid of the erroneous "set -e") were previously reported (rt #932).
The code for watt-32 debugging didn't appear to be implemented
correctly. This should only be called when desired; otherwise large
files will be created, documenting every byte going through tcp. In
addition dbug_init() should be called only once, but was being called
multiple times. I moved dbug_init out of s_socket.c. It needs to be
hooked to a command-line option for any application that needs tcp
debugging. I put in code for s_client, since that is the place where
watt-32 debugging was most likely to be needed, but didn't put in code
for other applications (such as s_server).
When I last submitted patches in August, I was trying to get adequate
entropy for DOS. I think the answer is probably to use a separate
program to create /dev/random and /dev/urandom equivalents, then use
the mechanism in rand_unix.c. The DOS program "noise" collects entropy
by sampling keystroke timings, exec() and exit() timings, and flush()
timings. Because of peculiarities of the DOS filesystem, the authors
of "noise" create "/dev/random$" and "/dev/urandom$" rather than
/dev/random and /dev/urandom, avoiding problems reading files with
similar names. I added a default define for DEVRANDOM to the DJGPP
CFLAGs to enable use of the noise program, and had /dev/urandom$ read
in binary mode in rand_unix.c.
All 3 versions I tested were built without IDEA, RC5, and MDC2. I
haven't tried building this time with the "386" option. They all go
through "make, make depend, make test, and make install without error.
The binaries identify themselves as:
OpenSSL 0.9.8-dev XX xxx XXXX
built on: Sun Jan 2 20:36:37 PST 2005
platform: DJGPP
options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) blowfish(idx)
compiler: gcc -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2
-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fno-strict-aliasing
-fomit-frame-pointer -O2 -W -Wall -DDEVRANDOM="/dev/urandom$$"
-DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM
-DRMD160_ASM -DAES_ASM
OPENSSLDIR: "/dev/env/DJDIR/ssl"
OpenSSL 0.9.7f-dev XX xxx XXXX
built on: Sun Jan 2 19:26:44 PST 2005
platform: DJGPP
options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) blowfish(idx)
compiler: gcc -DOPENSSL_SYSNAME_MSDOS -DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA
-DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -I/dev/env/WATT_ROOT/inc -DTERMIOS
-DL_ENDIAN -fno-strict-aliasing -fomit-frame-pointer -O2 -W -Wall
-DDEVRANDOM="/dev/urandom$$"
OPENSSLDIR: "/dev/env/DJDIR/ssl"
OpenSSL 0.9.7f-fips-dev XX xxx XXXX
built on: Sun Jan 2 18:34:35 PST 2005
platform: DJGPP
options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) blowfish(idx)
compiler: gcc -DOPENSSL_SYSNAME_MSDOS -DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA
-DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -I/dev/env/WATT_ROOT/inc -DTERMIOS
-DL_ENDIAN -fno-strict-aliasing -fomit-frame-pointer -O2 -W -Wall
-DDEVRANDOM="/dev/urandom$$"
OPENSSLDIR: "/dev/env/DJDIR/ssl"
Since I am in the US, copies of the patches are being submitted to the
Bureau of Industry and Security.
Doug
--
Doug Kaufman
Internet: [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
