Пример #1
0
DLLEXPORT const char *
tqsl_getErrorString_v(int err) {
	static char buf[256];
	unsigned long openssl_err;
	int adjusted_err;

	if (err == 0)
		return "NO ERROR";
	if (err == TQSL_CUSTOM_ERROR) {
		if (tQSL_CustomError[0] == 0)
			return "Unknown custom error";
		else {
			strncpy(buf, tQSL_CustomError, sizeof buf);
			return buf;
		}
	}
	if (err == TQSL_SYSTEM_ERROR) {
		strcpy(buf, "System error: ");
		if (strlen(tQSL_ErrorFile) > 0) {
			strncat(buf, tQSL_ErrorFile, sizeof buf - strlen(buf));
			strncat(buf, ": ", sizeof buf - strlen(buf));
		}
		strncat(buf, strerror(errno), sizeof buf - strlen(buf));
		return buf;
	}
	if (err == TQSL_OPENSSL_ERROR) {
		openssl_err = ERR_get_error();
		strcpy(buf, "OpenSSL error: ");
		if (openssl_err)
			ERR_error_string_n(openssl_err, buf + strlen(buf), sizeof buf - strlen(buf));
		else
			strncat(buf, "[error code not available]", sizeof buf - strlen(buf));
		return buf;
	}
	if (err == TQSL_ADIF_ERROR) {
		buf[0] = 0;
		if (strlen(tQSL_ErrorFile) > 0) {
			strncpy(buf, tQSL_ErrorFile, sizeof buf);
			strncat(buf, ": ", sizeof buf - strlen(buf));
		}
		strncat(buf, tqsl_adifGetError(tQSL_ADIF_Error), sizeof buf - strlen(buf));
		return buf;
	}
	if (err == TQSL_CABRILLO_ERROR) {
		buf[0] = 0;
		if (strlen(tQSL_ErrorFile) > 0) {
			strncpy(buf, tQSL_ErrorFile, sizeof buf);
			strncat(buf, ": ", sizeof buf - strlen(buf));
		}
		strncat(buf, tqsl_cabrilloGetError(tQSL_Cabrillo_Error), sizeof buf - strlen(buf));
		return buf;
	}
	if (err == TQSL_OPENSSL_VERSION_ERROR) {
		sprintf(buf, "Incompatible OpenSSL Library version %d.%d.%d; expected %d.%d.%d",
			int(SSLeay() >> 28) & 0xff, int(SSLeay() >> 20) & 0xff, int(SSLeay() >> 12) & 0xff,
			int(OPENSSL_VERSION_NUMBER >> 28) & 0xff, int(OPENSSL_VERSION_NUMBER >> 20) & 0xff,
			int(OPENSSL_VERSION_NUMBER >> 12) & 0xff);
		return buf;
	}
Пример #2
0
static void
regress_bufferevent_openssl(void *arg)
{
	struct basic_test_data *data = arg;

	struct bufferevent *bev1, *bev2;
	SSL *ssl1, *ssl2;
	X509 *cert = getcert();
	EVP_PKEY *key = getkey();
	const int start_open = strstr((char*)data->setup_data, "open")!=NULL;
	const int filter = strstr((char*)data->setup_data, "filter")!=NULL;
	int flags = BEV_OPT_DEFER_CALLBACKS;
	struct bufferevent *bev_ll[2] = { NULL, NULL };
	evutil_socket_t *fd_pair = NULL;

	tt_assert(cert);
	tt_assert(key);

	init_ssl();

	if (strstr((char*)data->setup_data, "renegotiate")) {
		if (SSLeay() >= 0x10001000 &&
		    SSLeay() <  0x1000104f) {
			/* 1.0.1 up to 1.0.1c has a bug where TLS1.1 and 1.2
			 * can't renegotiate with themselves. Disable. */
			disable_tls_11_and_12 = 1;
		}
		renegotiate_at = 600;
	}

	ssl1 = SSL_new(get_ssl_ctx());
	ssl2 = SSL_new(get_ssl_ctx());

	SSL_use_certificate(ssl2, cert);
	SSL_use_PrivateKey(ssl2, key);

	if (! start_open)
		flags |= BEV_OPT_CLOSE_ON_FREE;

	if (!filter) {
		tt_assert(strstr((char*)data->setup_data, "socketpair"));
		fd_pair = data->pair;
	} else {
		bev_ll[0] = bufferevent_socket_new(data->base, data->pair[0],
		    BEV_OPT_CLOSE_ON_FREE);
		bev_ll[1] = bufferevent_socket_new(data->base, data->pair[1],
		    BEV_OPT_CLOSE_ON_FREE);
	}

	open_ssl_bufevs(&bev1, &bev2, data->base, 0, flags, ssl1, ssl2,
	    fd_pair, bev_ll);

	if (!filter) {
		tt_int_op(bufferevent_getfd(bev1), ==, data->pair[0]);
	} else {
Пример #3
0
void
ssl_check_version(void)
{
	if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) {
		msyslog(LOG_WARNING,
		    "OpenSSL version mismatch. Built against %lx, you have %lx",
		    (u_long)OPENSSL_VERSION_NUMBER, SSLeay());
		fprintf(stderr,
		    "OpenSSL version mismatch. Built against %lx, you have %lx\n",
		    (u_long)OPENSSL_VERSION_NUMBER, SSLeay());
	}

	INIT_SSL();
}
Пример #4
0
void
rb_get_ssl_info(char *buf, size_t len)
{
	rb_snprintf(buf, len, "Using SSL: %s compiled: 0x%lx, library 0x%lx",
		    SSLeay_version(SSLEAY_VERSION),
		    (long)OPENSSL_VERSION_NUMBER, SSLeay());
}
Пример #5
0
static void init(struct fmt_main *self)
{
	/* OpenSSL init, cleanup part is left to OS */
	SSL_load_error_strings();
	SSL_library_init();
	OpenSSL_add_all_algorithms();

#if defined(_OPENMP) && OPENSSL_VERSION_NUMBER >= 0x10000000
	if (SSLeay() < 0x10000000) {
		fprintf(stderr, "Warning: compiled against OpenSSL 1.0+, "
		    "but running with an older version -\n"
		    "disabling OpenMP for pfx because of thread-safety issues "
		    "of older OpenSSL\n");
		fmt_pfx.params.min_keys_per_crypt =
		    fmt_pfx.params.max_keys_per_crypt = 1;
		fmt_pfx.params.flags &= ~FMT_OMP;
	}
	else {
		int omp_t = 1;
		omp_t = omp_get_max_threads();
		self->params.min_keys_per_crypt *= omp_t;
		omp_t *= OMP_SCALE;
		self->params.max_keys_per_crypt *= omp_t;
	}
#endif
	saved_key = mem_calloc_tiny(sizeof(*saved_key) *
			self->params.max_keys_per_crypt, MEM_ALIGN_NONE);
	any_cracked = 0;
	cracked_size = sizeof(*cracked) * self->params.max_keys_per_crypt;
	cracked = mem_calloc_tiny(cracked_size, MEM_ALIGN_WORD);
}
void
init_rng(void)
{
    /*
     * OpenSSL version numbers: MNNFFPPS: major minor fix patch status
     * We match major, minor, fix and status (not patch)
     */
    if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L)
        fatal("OpenSSL version mismatch. Built against %lx, you "
              "have %lx", OPENSSL_VERSION_NUMBER, SSLeay());

#ifndef OPENSSL_PRNG_ONLY
    original_uid = getuid();
    original_euid = geteuid();
#endif
}
Пример #7
0
END_TEST

START_TEST(ssl_features_01)
{
	long vdiff = ((OPENSSL_VERSION_NUMBER ^ SSLeay()) & 0xfffff000L);

	fail_unless(!vdiff, "OpenSSL version mismatch at runtime");
}
Пример #8
0
/**
 * @internal
 * @brief Initialize libcrypto's subsystem
 */
int ssh_crypto_init(void)
{
    size_t i;

    if (libcrypto_initialized) {
        return SSH_OK;
    }
    if (SSLeay() != OPENSSL_VERSION_NUMBER){
        SSH_LOG(SSH_LOG_WARNING, "libssh compiled with %s "
            "headers, currently running with %s.",
            OPENSSL_VERSION_TEXT,
            SSLeay_version(SSLeay())
        );
    }
#ifdef CAN_DISABLE_AESNI
    /*
     * disable AES-NI when running within Valgrind, because they generate
     * too many "uninitialized memory access" false positives
     */
    if (RUNNING_ON_VALGRIND){
        SSH_LOG(SSH_LOG_INFO, "Running within Valgrind, disabling AES-NI");
        /* Bit #57 denotes AES-NI instruction set extension */
        OPENSSL_ia32cap &= ~(1LL << 57);
    }
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000L
    OpenSSL_add_all_algorithms();
#endif

    for (i = 0; ssh_ciphertab[i].name != NULL; i++) {
        int cmp;

        cmp = strcmp(ssh_ciphertab[i].name, "*****@*****.**");
        if (cmp == 0) {
            memcpy(&ssh_ciphertab[i],
                   ssh_get_chacha20poly1305_cipher(),
                   sizeof(struct ssh_cipher_struct));
            break;
        }
    }

    libcrypto_initialized = 1;

    return SSH_OK;
}
Пример #9
0
void
init_rng(void)
{
#if defined (DISABLED_BY_DEBIAN)
  /* drow: Is this check still too strict for Debian?  */
	/*
	 * OpenSSL version numbers: MNNFFPPS: major minor fix patch status
	 * We match major, minor, fix and status (not patch)
	 */
	if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L)
		fatal("OpenSSL version mismatch. Built against %lx, you "
		    "have %lx", OPENSSL_VERSION_NUMBER, SSLeay());
#endif

#ifndef OPENSSL_PRNG_ONLY
	original_uid = getuid();
	original_euid = geteuid();
#endif
}
Пример #10
0
static void
init_ssl(void)
{
	SSL_library_init();
	ERR_load_crypto_strings();
	SSL_load_error_strings();
	OpenSSL_add_all_algorithms();
	if (SSLeay() != OPENSSL_VERSION_NUMBER) {
		TT_DECLARE("WARN", ("Version mismatch for openssl: compiled with %lx but running with %lx", (unsigned long)OPENSSL_VERSION_NUMBER, (unsigned long)SSLeay()));
	}
}
Пример #11
0
/** Initialize OpenSSL, unless it has already been initialized.
 */
static void
tor_tls_init(void)
{
  if (!tls_library_is_initialized) {
    long version;
    SSL_library_init();
    SSL_load_error_strings();
    crypto_global_init(-1);
    
    version = SSLeay();

    /* OpenSSL 0.9.8l introdeced SSL3_FLAGS_ALLOW_UNSAGE_LEGACY_RENEGOTIATION
     * here, but without thinking too hard about it: it turns out that the
     * flag in question needed to be set at the last minute, and that it
     * conflicted with an existing flag number that had already been added
     * in the OpenSSL 1.0.0 betas.  OpenSSL 0.9.8m thoughtfully replaced
     * the flag with an option and (it seems) broke anything that used
     * SSL3_FLAGS_* for the purpose.  So we need to know how to do both,
     * and we mustn't use the SSL3_FLAGS option with anything besides
     * OpenSSL 0.9.8l.
     *
     * No, we can't just set flag 0x0010 everywhere.  It breaks Tor with
     * OpenSSL 1.0.0beta, since i.  No, we can't just set option
     * 0x00040000L everywhere: before 0.9.8m, it meant something else.
     *
     * No, we can't simply detect whether the flag or the option is present
     * in the headers at build-time: some vendors (notably Apple) like to
     * leave their headers out of sync with their libraries.
     *
     * Yes, it _is_ almost as if the OpenSSL developers decided that no
     * program should be allowed to use renegotiation its first passed an
     * test of intelligence and determination.
     */
    if (version >= 0x009080c0L && version < 0x009080d0L) {
      log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8l; "
                 "I will try SSL3_FLAGS  to enable renegotation.",
                 SSLeay_version(SSLEAY_VERSION));
      use_unsafe_renegotiation_flag = 1;
      use_unsafe_renegotiation_op = 1;
    } else if (version >= 0x009080d0L) {
      log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8m or later; "
                 "I will try SSL_OP to enable renegotiation",
                 SSLeay_version(SSLEAY_VERSION));
      use_unsafe_renegotiation_op = 1;
    } else {
      log_info(LD_GENERAL, "OpenSSL %s has version %lx",
               SSLeay_version(SSLEAY_VERSION), version);
    }

    tls_library_is_initialized = 1;
  }
}
Пример #12
0
int
version_main(int argc, char **argv)
{
	memset(&version_config, 0, sizeof(version_config));

	if (options_parse(argc, argv, version_options, NULL, NULL) != 0) {
		version_usage();
		return (1);
	}

	if (argc == 1)
		version_config.version = 1;

	if (version_config.version) {
		if (SSLeay() == SSLEAY_VERSION_NUMBER) {
			printf("%s\n", SSLeay_version(SSLEAY_VERSION));
		} else {
			printf("%s (Library: %s)\n",
			    OPENSSL_VERSION_TEXT,
			    SSLeay_version(SSLEAY_VERSION));
		}
	}
	if (version_config.date)
		printf("%s\n", SSLeay_version(SSLEAY_BUILT_ON));
	if (version_config.platform)
		printf("%s\n", SSLeay_version(SSLEAY_PLATFORM));
	if (version_config.options) {
		printf("options:  ");
		printf("%s ", BN_options());
#ifndef OPENSSL_NO_RC4
		printf("%s ", RC4_options());
#endif
#ifndef OPENSSL_NO_DES
		printf("%s ", DES_options());
#endif
#ifndef OPENSSL_NO_IDEA
		printf("%s ", idea_options());
#endif
#ifndef OPENSSL_NO_BF
		printf("%s ", BF_options());
#endif
		printf("\n");
	}
	if (version_config.cflags)
		printf("%s\n", SSLeay_version(SSLEAY_CFLAGS));
	if (version_config.dir)
		printf("%s\n", SSLeay_version(SSLEAY_DIR));

	return (0);
}
Пример #13
0
static void setup_ecdh(SSL_CTX *ctx)
{
   EC_KEY *ecdh;

   if (SSLeay() < 0x1000005fL) {
      return;
   }

   ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
   SSL_CTX_set_options(ctx, SSL_OP_SINGLE_ECDH_USE);
   SSL_CTX_set_tmp_ecdh(ctx, ecdh);

   EC_KEY_free(ecdh);
}
Пример #14
0
static int verify_lib_version(void)
{
    const unsigned long libv = SSLeay();
    const unsigned long hdrv = OPENSSL_VERSION_NUMBER;

#   define MAJOR_VER(V) ((unsigned long)(V) >> (7*4))

    if (MAJOR_VER(libv) != MAJOR_VER(hdrv)) {
	PRINTF_ERR2("CRYPTO: INCOMPATIBLE SSL VERSION"
		    " lib=%lx header=%lx\n", libv, hdrv);
	return 0;
    }
    return 1;
}
Пример #15
0
void
init_ssl(void)
{
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || \
	(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L)
	SSL_library_init();
	ERR_load_crypto_strings();
	SSL_load_error_strings();
	OpenSSL_add_all_algorithms();
	if (SSLeay() != OPENSSL_VERSION_NUMBER) {
		TT_DECLARE("WARN", ("Version mismatch for openssl: compiled with %lx but running with %lx", (unsigned long)OPENSSL_VERSION_NUMBER, (unsigned long) SSLeay()));
	}
#endif
}
Пример #16
0
void checkVersion()
{
    const char *header = OPENSSL_VERSION_TEXT;
    unsigned long header_num = SSLEAY_VERSION_NUMBER;
    const char *library = SSLeay_version(SSLEAY_VERSION);
    unsigned long library_num = SSLeay();
    // If this check fails, we have probably got a header/library mismatch
    if (strcmp(header,library) != 0 || header_num != library_num) {
        fprintf(stderr,"Version mismatch:\n");
        fprintf(stderr,"Header:  %lx: %s\n", header_num, header);
        fprintf(stderr,"Library: %lx: %s\n", library_num, library);
        abort();
    }
}
Пример #17
0
void
crypto_warn_openssl_version_changed(void)
{
    /*
     * Check that the OpenSSL headers used match the version of the
     * OpenSSL library used.
     * Output a warning if not.
     */
    if (SSLeay() != OPENSSL_VERSION_NUMBER) {
        log_info("Note: compiled using OpenSSL version '%s' headers, but linked to "
          "OpenSSL version '%s' library",
          OPENSSL_VERSION_TEXT,
          SSLeay_version(SSLEAY_VERSION));
    }
}
Пример #18
0
Файл: libsx.c Проект: michals/sx
sxc_client_t *sxc_init(const char *client_version, const sxc_logger_t *func, int (*confirm)(const char *prompt, int def)) {
    uint32_t runtime_ver = SSLeay();
    uint32_t compile_ver = SSLEAY_VERSION_NUMBER;
    sxc_client_t *sx;
    struct sxi_logger l;

    if (!func)
        return NULL;
    memset(&l, 0, sizeof(l));
    l.max_level = SX_LOG_DEBUG;
    l.func = func;

    const char *this_version = sxc_get_version();
    if (!client_version || strcmp(client_version, this_version)) {
        sxi_log_msg(&l, "sxc_init", SX_LOG_CRIT, "Version mismatch: our version '%s' - library version '%s'",
                    client_version, this_version);
        return NULL;
    }

    /* FIXME THIS IS NOT THREAD SAFE */
    srand(time(NULL));
    signal(SIGPIPE, SIG_IGN);
    /* TODO: have a way to log this */
    if((runtime_ver & 0xff0000000) != (compile_ver & 0xff0000000)) {
        return NULL;
    }
    CURLcode rc = curl_global_init(CURL_GLOBAL_ALL);
    if (rc) {
        sxi_log_msg(&l, "sxc_init", SX_LOG_CRIT, "Failed to initialize libcurl: %s",
                    curl_easy_strerror(rc));
        return NULL;
    }
    sx = calloc(1, sizeof(struct _sxc_client_t));
    if (!sx) {
        sxi_log_syserr(&l, "sxc_init", SX_LOG_CRIT, "Failed to allocate sx structure");
        return NULL;
    }
    if(lt_dlinit()) {
        const char *err = lt_dlerror();
	sx->fctx.filter_cnt = -1;
        sxi_log_syserr(&l, "sxc_init", SX_LOG_CRIT, "Failed to initialize libltdl: %s",
                       err ? err : "");
    }
    sx->log.max_level = SX_LOG_NOTICE;
    sx->log.func = func;
    sx->confirm = confirm;
    return sx;
}
Пример #19
0
/** Check build and linked versions of OpenSSL match
 *
 * Startup check for whether the linked version of OpenSSL matches the
 * version the server was built against.
 *
 * @return 0 if ok, else -1
 */
int ssl_check_version(void)
{
	long ssl_linked;

	ssl_linked = SSLeay();

	if (ssl_linked != ssl_built) {
		ERROR("libssl version mismatch."
		       "  Built with: %lx\n  Linked: %lx",
		       (unsigned long) ssl_built,
		       (unsigned long) ssl_linked);

		return -1;
	};

	return 0;
}
Пример #20
0
int main(int argc,char** argv){

	evbase = event_base_new(); 
	if(!evbase){ 
		fprintf(stderr, "create evbase error!\n");
		exit(0); 
	}

	// 创建http server实例
	ev_ssl = evhttp_new(evbase);
	if(!ev_ssl){ 
		exit(0); 
	}

	// openssl 初始化 
	SSL_library_init(); 
	ERR_load_crypto_strings(); 
	SSL_load_error_strings(); 
	OpenSSL_add_all_algorithms();

	if (SSLeay() != OPENSSL_VERSION_NUMBER){ 
	
	}

	ev_ssl->ctx = get_ssl_ctx(certfile_url.c_str(),keyfile_url.c_str()); 
	ev_ssl->ssl_cb = bufferevent_openssl_socket_new;

	std::string ev_ssl_ip="192.168.1.10"; int ev_ssl_port = 8080;

	// evhttp_bind_socket_with_handle这个函数在原基础上追加一个参数,标示http server知否支持ssl(0:不支持 1:支持) 
	struct evhttp_bound_socket *ssl_handle = evhttp_bind_socket_with_handle(ev_ssl, ev_ssl_ip.c_str(), ev_ssl_port,1); 
	if(!ssl_handle){ 
		exit(0); 
	}
	
	struct evconnlistener *ssl_listener = evhttp_bound_socket_get_listener(ssl_handle); 
	evconnlistener_set_error_cb(ssl_listener, ssl_accept_error_cb);

	evhttp_set_cb(ev_ssl, "/ping", ping_handler, NULL);

	event_base_dispatch(evbase);

	evhttp_free(ev_ssl); event_base_free(evbase);

	return 0; 
}
Пример #21
0
const bool QFrankSSL::K_OpenSSLMitBugs()const
{
	/*	Version 0.9.7c hat ein Bug in der Funktion
		SSL_set_cipher_list() es wird immer 1 geliefert.
		Egal ob der Algorithmus gültig ist oder nicht.
	*/
	//qDebug("0x%X",SSLeay());
	if(SSLeay()==0x00090703f)
	{
#ifndef QT_NO_DEBUG
		qCritical(qPrintable(trUtf8("QFrankSSL Bugprüfung: 0.9.7c gefunden!!!","debug")));
#endif
		emit SSLFehler(trUtf8("Die installierte OpenSSL Version: %1 enthält Bugs.\r\nWeitere Hinweise entnehmen Sie bitte der Datei Hinweise.txt")
								.arg(SSLeay_version(SSLEAY_VERSION)));
		return true;
	}
	return false;
}
Пример #22
0
/**
 * @brief Configure generic SSL parameters 
 * @param d domain
 * @return 0
 */
static int set_ssl_options(tls_domain_t* d)
{
	int i;
	int procs_no;
	long options;
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
	long ssl_version;
	STACK_OF(SSL_COMP)* comp_methods;
#endif
	
	procs_no=get_max_procs();
	options=SSL_OP_ALL; /* all the bug workarrounds by default */
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
	options|=SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION |
				SSL_OP_CIPHER_SERVER_PREFERENCE;
#if		OPENSSL_VERSION_NUMBER >= 0x00908000L
	ssl_version=SSLeay();
	if ((ssl_version >= 0x0090800L) && (ssl_version < 0x0090803fL)){
		/* if 0.9.8 <= openssl version < 0.9.8c and compression support is
		 * enabled disable SSL_OP_TLS_BLOCK_PADDING_BUG (set by SSL_OP_ALL),
		 * see openssl #1204 http://rt.openssl.org/Ticket/Display.html?id=1204
		 */
		
		comp_methods=SSL_COMP_get_compression_methods();
		if (comp_methods && (sk_SSL_COMP_num(comp_methods) > 0)){
			options &= ~SSL_OP_TLS_BLOCK_PADDING_BUG;
			LOG(L_WARN, "tls: set_ssl_options: openssl "
					"SSL_OP_TLS_BLOCK_PADDING bug workaround enabled "
					"(openssl version %lx)\n", ssl_version);
		}else{
			LOG(L_INFO, "tls: set_ssl_options: detected openssl version (%lx) "
					" has the SSL_OP_TLS_BLOCK_PADDING bug, but compression "
					" is disabled so no workaround is needed\n", ssl_version);
		}
	}
#	endif
#endif
	for(i = 0; i < procs_no; i++) {
		SSL_CTX_set_options(d->ctx[i], options);
		if(sr_tls_renegotiation==0)
			SSL_CTX_set_info_callback(d->ctx[i], sr_ssl_ctx_info_callback);
	}
	return 0;
}
Пример #23
0
static int getssl_version( char *ptr, size_t left, long *num ) {

#if ( SSLEAY_VERSION_NUMBER >= 0x905000 )
	{
		char sub[2];
		unsigned long ssleay_value;
		sub[1] = '\0';
		ssleay_value = SSLeay();
		*num = (long)ssleay_value;
		if ( ssleay_value < 0x906000 ) {
			ssleay_value = SSLEAY_VERSION_NUMBER;
			sub[0] = '\0';
		} else {
			if ( ssleay_value & 0xff0 ) {
				sub[0] = (char)( ( ssleay_value >> 4 ) & 0xff ) + 'a' - 1;
			} else {
				sub[0] = '\0';
			}
		}
Пример #24
0
size_t Curl_ossl_version(char *buffer, size_t size)
{
#if (SSLEAY_VERSION_NUMBER >= 0x905000)
  {
    char sub[2];
    unsigned long ssleay_value;
    sub[1]='\0';
    ssleay_value=SSLeay();
    if(ssleay_value < 0x906000) {
      ssleay_value=SSLEAY_VERSION_NUMBER;
      sub[0]='\0';
    }
    else {
      if(ssleay_value&0xff0) {
        sub[0]=(char)((ssleay_value>>4)&0xff) + 'a' -1;
      }
      else
        sub[0]='\0';
    }
Пример #25
0
void
print_version(void)
{
#ifdef OPENSSL_VERSION_NUMBER
	printf("OPENSSL_VERSION_NUMBER: %#08lx\n", OPENSSL_VERSION_NUMBER);
#endif
#ifdef LIBRESSL_VERSION_NUMBER
	printf("LIBRESSL_VERSION_NUMBER: %#08lx\n", LIBRESSL_VERSION_NUMBER);
#endif
#ifdef LIBRESSL_VERSION_TEXT
	printf("LIBRESSL_VERSION_TEXT: %s\n", LIBRESSL_VERSION_TEXT);
#endif
#if OPENSSL_VERSION_NUMBER >= 0x1010000f
	printf("OpenSSL_version_num: %#08lx\n", OpenSSL_version_num());
	printf("OpenSSL_version OPENSSL_VERSION: %s\n",
	    OpenSSL_version(OPENSSL_VERSION));
	printf("OpenSSL_version OPENSSL_CFLAGS: %s\n",
	    OpenSSL_version(OPENSSL_CFLAGS));
	printf("OpenSSL_version OPENSSL_BUILT_ON: %s\n",
	    OpenSSL_version(OPENSSL_BUILT_ON));
	printf("OpenSSL_version OPENSSL_PLATFORM: %s\n",
	    OpenSSL_version(OPENSSL_PLATFORM));
	printf("OpenSSL_version OPENSSL_DIR: %s\n",
	    OpenSSL_version(OPENSSL_DIR));
	printf("OpenSSL_version OPENSSL_ENGINES_DIR: %s\n",
	    OpenSSL_version(OPENSSL_ENGINES_DIR));
#endif
	printf("SSLeay: %#08lx\n", SSLeay());
	printf("SSLeay_version SSLEAY_VERSION: %s\n",
	    SSLeay_version(SSLEAY_VERSION));
	printf("SSLeay_version SSLEAY_CFLAGS: %s\n",
	    SSLeay_version(SSLEAY_CFLAGS));
	printf("SSLeay_version SSLEAY_BUILT_ON: %s\n",
	    SSLeay_version(SSLEAY_BUILT_ON));
	printf("SSLeay_version SSLEAY_PLATFORM: %s\n",
	    SSLeay_version(SSLEAY_PLATFORM));
	printf("SSLeay_version SSLEAY_DIR: %s\n",
	    SSLeay_version(SSLEAY_DIR));
}
Пример #26
0
static void TestDecrypt(const CCrypter& crypt, const std::vector<unsigned char>& vchCiphertext, \
                        const std::vector<unsigned char>& vchPlaintext = std::vector<unsigned char>())
{
    CKeyingMaterial vchDecrypted1;
    CKeyingMaterial vchDecrypted2;
    int result1, result2;
    result1 = crypt.Decrypt(vchCiphertext, vchDecrypted1);
    result2 = OldDecrypt(vchCiphertext, vchDecrypted2, crypt.vchKey.data(), crypt.vchIV.data());
    BOOST_CHECK(result1 == result2);

    // These two should be equal. However, OpenSSL 1.0.1j introduced a change
    // that would zero all padding except for the last byte for failed decrypts.
    // This behavior was reverted for 1.0.1k.
    if (vchDecrypted1 != vchDecrypted2 && vchDecrypted1.size() >= AES_BLOCK_SIZE && SSLeay() == 0x100010afL)
    {
        for(CKeyingMaterial::iterator it = vchDecrypted1.end() - AES_BLOCK_SIZE; it != vchDecrypted1.end() - 1; it++)
            *it = 0;
    }

    BOOST_CHECK_MESSAGE(vchDecrypted1 == vchDecrypted2, HexStr(vchDecrypted1.begin(), vchDecrypted1.end()) + " != " + HexStr(vchDecrypted2.begin(), vchDecrypted2.end()));

    if (vchPlaintext.size())
        BOOST_CHECK(CKeyingMaterial(vchPlaintext.begin(), vchPlaintext.end()) == vchDecrypted2);
}
Пример #27
0
/** Check build and linked versions of OpenSSL match
 *
 * Startup check for whether the linked version of OpenSSL matches the
 * version the server was built against.
 *
 * @return 0 if ok, else -1
 */
int ssl_check_version(void)
{
	long ssl_linked;

	/*
	 *	Initialize the library before calling any library
	 *	functions.
	 */
	SSL_library_init();
	SSL_load_error_strings();

	ssl_linked = SSLeay();

	if (ssl_linked != ssl_built) {
		radlog(L_ERR, "libssl version mismatch."
		       "  Built with: %lx\n  Linked: %lx",
		       (unsigned long) ssl_built,
		       (unsigned long) ssl_linked);

		return -1;
	};

	return 0;
}
Пример #28
0
/// Launch the mangos server
extern int main(int argc, char** argv)
{
    ///- Command line parsing
    char const* cfg_file = _MANGOSD_CONFIG;

    char const* options = ":a:c:s:";

    ACE_Get_Opt cmd_opts(argc, argv, options);
    cmd_opts.long_option("version", 'v', ACE_Get_Opt::NO_ARG);
    cmd_opts.long_option("ahbot", 'a', ACE_Get_Opt::ARG_REQUIRED);

    char serviceDaemonMode = '\0';

    int option;
    while ((option = cmd_opts()) != EOF)
    {
        switch (option)
        {
            case 'a':
                sAuctionBotConfig.SetConfigFileName(cmd_opts.opt_arg());
                break;
            case 'c':
                cfg_file = cmd_opts.opt_arg();
                break;
            case 'v':
                printf("%s\n", _FULLVERSION(REVISION_DATE, REVISION_TIME, REVISION_NR, REVISION_ID));
                return 0;
            case 's':
            {
                const char* mode = cmd_opts.opt_arg();

                if (!strcmp(mode, "run"))
                    { serviceDaemonMode = 'r'; }
#ifdef WIN32
                else if (!strcmp(mode, "install"))
                    { serviceDaemonMode = 'i'; }
                else if (!strcmp(mode, "uninstall"))
                    { serviceDaemonMode = 'u'; }
#else
                else if (!strcmp(mode, "stop"))
                    { serviceDaemonMode = 's'; }
#endif
                else
                {
                    sLog.outError("Runtime-Error: -%c unsupported argument %s", cmd_opts.opt_opt(), mode);
                    usage(argv[0]);
                    Log::WaitBeforeContinueIfNeed();
                    return 1;
                }
                break;
            }
            case ':':
                sLog.outError("Runtime-Error: -%c option requires an input argument", cmd_opts.opt_opt());
                usage(argv[0]);
                Log::WaitBeforeContinueIfNeed();
                return 1;
            default:
                sLog.outError("Runtime-Error: bad format of commandline arguments");
                usage(argv[0]);
                Log::WaitBeforeContinueIfNeed();
                return 1;
        }
    }

#ifdef WIN32                                                // windows service command need execute before config read
    switch (serviceDaemonMode)
    {
        case 'i':
            if (WinServiceInstall())
                { sLog.outString("Installing service"); }
            return 1;
        case 'u':
            if (WinServiceUninstall())
                { sLog.outString("Uninstalling service"); }
            return 1;
        case 'r':
            WinServiceRun();
            break;
    }
#endif

    if (!sConfig.SetSource(cfg_file))
    {
        sLog.outError("Could not find configuration file %s.", cfg_file);
        Log::WaitBeforeContinueIfNeed();
        return 1;
    }

#ifndef WIN32                                               // posix daemon commands need apply after config read
    switch (serviceDaemonMode)
    {
        case 'r':
            startDaemon();
            break;
        case 's':
            stopDaemon();
            break;
    }
#endif

    sLog.outString("%s [world-daemon]", _FULLVERSION(REVISION_DATE, REVISION_TIME, REVISION_NR, REVISION_ID));
    sLog.outString("<Ctrl-C> to stop.\n"
                   "  __  __      _  _  ___  ___  ___                        \n"
                   " |  \\/  |__ _| \\| |/ __|/ _ \\/ __|                    \n"
                   " | |\\/| / _` | .` | (_ | (_) \\__ \\                    \n"
                   " |_|  |_\\__,_|_|\\_|\\___|\\___/|___/                   \n"
                   "                                   ___                   \n"
                   " Visit our website for support:   |_  /___ _ _ ___       \n"
                   " http://getmangos.com/             / // -_) '_/ _ \\     \n"
                   "                                  /___\\___|_| \\___/    \n"
                   " We love vanilla WoW!                                    \n"
                  );
    sLog.outString("Using configuration file %s.", cfg_file);

    DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
    if (SSLeay() < 0x009080bfL)
    {
        DETAIL_LOG("WARNING: Outdated version of OpenSSL lib. Logins to server may not work!");
        DETAIL_LOG("WARNING: Minimal required version [OpenSSL 0.9.8k]");
    }

    DETAIL_LOG("Using ACE: %s", ACE_VERSION);

    ///- Set progress bars show mode
    BarGoLink::SetOutputState(sConfig.GetBoolDefault("ShowProgressBars", true));

    ///- and run the 'Master'
    /// \todo Why do we need this 'Master'? Can't all of this be in the Main as for Realmd?
    return sMaster.Run();

    // at sMaster return function exist with codes
    // 0 - normal shutdown
    // 1 - shutdown at error
    // 2 - restart command used, this code can be used by restarter for restart mangosd
}
Пример #29
0
/// Launch the mangos server
int main(int argc, char *argv[])
{
    std::string auctionBotConfig, configFile, serviceParameter;

    boost::program_options::options_description desc("Allowed options");
    desc.add_options()
        ("ahbot,a", boost::program_options::value<std::string>(&auctionBotConfig), "ahbot configuration file")
        ("config,c", boost::program_options::value<std::string>(&configFile)->default_value(_MANGOSD_CONFIG), "configuration file")
        ("help,h", "prints usage")
        ("version,v", "print version and exit")
#ifdef _WIN32
        ("s", boost::program_options::value<std::string>(&serviceParameter), "<run, install, uninstall> service");
#else
        ("s", boost::program_options::value<std::string>(&serviceParameter), "<run, stop> service");
#endif

    boost::program_options::variables_map vm;

    try
    {
        boost::program_options::store(boost::program_options::parse_command_line(argc, argv, desc), vm);
        boost::program_options::notify(vm);

        if (vm.count("help"))
        {
            std::cout << desc << std::endl;
            return 0;
        }

        if (vm.count("version"))
        {
            std::cout << _FULLVERSION(REVISION_DATE, REVISION_TIME, REVISION_ID) << std::endl;
            std::cout << "Boost version " << (BOOST_VERSION / 10000) << "." << ((BOOST_VERSION / 100) % 1000) << "." << (BOOST_VERSION % 100) << std::endl;
            return 0;
        }
    }
    catch (boost::program_options::error const &e)
    {
        std::cerr << "ERROR: " << e.what() << std::endl << std::endl;
        std::cerr << desc << std::endl;

        return 1;
    }

    if (vm.count("ahbot"))
        sAuctionBotConfig.SetConfigFileName(auctionBotConfig);

#ifdef _WIN32                                                // windows service command need execute before config read
    if (vm.count("s"))
    {
        switch (::tolower(serviceParameter[0]))
        {
            case 'i':
                if (WinServiceInstall())
                    sLog.outString("Installing service");
                return 1;
            case 'u':
                if (WinServiceUninstall())
                    sLog.outString("Uninstalling service");
                return 1;
            case 'r':
                WinServiceRun();
                break;
}
    }
#endif

    if (!sConfig.SetSource(configFile))
    {
        sLog.outError("Could not find configuration file %s.", configFile.c_str());
        Log::WaitBeforeContinueIfNeed();
        return 1;
    }

#ifndef _WIN32                                               // posix daemon commands need apply after config read
    if (vm.count("s"))
    {
        switch (::tolower(serviceParameter[0]))
        {
            case 'r':
                startDaemon();
                break;
            case 's':
                stopDaemon();
                break;
        }
    }
#endif

    sLog.outString("%s [world-daemon]", _FULLVERSION(REVISION_DATE, REVISION_TIME, REVISION_ID));
    sLog.outString("<Ctrl-C> to stop.");
    sLog.outString("\n\n"
                   "       _____     __  __       _   _  _____  ____   _____ \n"
                   "      / ____|   |  \\/  |     | \\ | |/ ____|/ __ \\ / ____|\n"
                   "     | |        | \\  / |     |  \\| | |  __  |  | | (___  \n"
                   "     | |ontinued| |\\/| | __ _| . ` | | |_ | |  | |\\___ \\ \n"
                   "     | |____    | |  | |/ _` | |\\  | |__| | |__| |____) |\n"
                   "      \\_____|   |_|  |_| (_| |_| \\_|\\_____|\\____/ \\____/ \n"
                   "      http://cmangos.net\\__,_|     Doing things right!\n\n");

    sLog.outString("Using configuration file %s.", configFile.c_str());

    DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
    if (SSLeay() < 0x009080bfL)
    {
        DETAIL_LOG("WARNING: Outdated version of OpenSSL lib. Logins to server may not work!");
        DETAIL_LOG("WARNING: Minimal required version [OpenSSL 0.9.8k]");
    }

    DETAIL_LOG("Using Boost: %s", BOOST_LIB_VERSION);

    ///- Set progress bars show mode
    BarGoLink::SetOutputState(sConfig.GetBoolDefault("ShowProgressBars", true));

    ///- and run the 'Master'
    /// \todo Why do we need this 'Master'? Can't all of this be in the Main as for Realmd?
    return sMaster.Run();

    // at sMaster return function exist with codes
    // 0 - normal shutdown
    // 1 - shutdown at error
    // 2 - restart command used, this code can be used by restarter for restart mangosd
}
Пример #30
0
if (
#ifdef DISABLE_SSL3_HANDSHAKE
      1 ||
#endif
      SSLeay()  <  OPENSSL_V(0,9,8,'s') ||
      (SSLeay() >= OPENSSL_V_SERIES(0,9,9) &&
       SSLeay() <  OPENSSL_V(1,0,0,'f'))) {
    /* And not SSL3 if it's subject to CVE-2011-4576. */
    log_info(LD_NET, "Disabling SSLv3 because this OpenSSL version "
             "might otherwise be vulnerable to CVE-2011-4576 "
             "(compile-time version %08lx (%s); "
             "runtime version %08lx (%s))",
             (unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
             (unsigned long)SSLeay(), SSLeay_version(SSLEAY_VERSION));
    SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3);
  }