Merge shellback.(none):/home/msvensson/mysql/yassl_import/my50-yassl_import

yaSSL Release notes, version 1.4.0 (08/13/06)

yaSSL Release notes, version 1.5.0 (11/09/06)

    This release of yaSSL contains bug fixes, portability enhancements,

    and full TLS 1.1 support.  Use the functions:

        SSL_METHOD *TLSv1_1_server_method(void);

        SSL_METHOD *TLSv1_1_client_method(void);

    or the SSLv23 versions (even though yaSSL doesn't support SSL 2.0 the v23

    means to pick the highest of SSL 3.0, TLS 1.0, or TLS 1.1.

See normal  build instructions below under 1.0.6.

See libcurl build instructions below under 1.3.0.

****************yaSSL Release notes, version 1.4.5 (10/15/06)

    This release of yaSSL contains bug fixes, portability enhancements,

    zlib compression support, removal of assembly instructions at runtime if

    not supported, and initial TLS 1.1 support.

    Compression Notes:  yaSSL uses zlib for compression and the compression

    should only be used if yaSSL is at both ends because the implementation

    details aren't yet standard.  If you'd like to turn compression on use

    the SSL_set_compression() function on the client before calling

    SSL_connect().  If both the client and server were built with zlib support

    then the connection will use compression.  If the client isn't built with

    support then SSL_set_compression() will return an error (-1).

    To build yaSSL with zlib support on Unix simply have zlib support on your

    system and configure will find it if it's in the standard locations.  If

    it's somewhere else use the option ./configure --with-zlib=DIR.  If you'd

    like to disable compression support in yaSSL use ./configure --without-zlib.

    To build yaSSL with zlib support on Windows:

        1) download zlib from http://www.zlib.net/

        2) follow the instructions in zlib from projects/visualc6/README.txt

           for how to add the zlib project into the yaSSL workspace noting that

           you'll need to add configuration support for "Win32 Debug" and

           "Win32 Release" in note 3 under "To use:". 

        3) define HAVE_LIBZ when building yaSSL

See normal  build instructions below under 1.0.6.

See libcurl build instructions below under 1.3.0.

********************yaSSL Release notes, version 1.4.0 (08/13/06)

    This release of yaSSL contains bug fixes, portability enhancements,

run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build

--To enable ia32 assembly for TaoCrypt ciphers and message digests

    On MSVC this is always on

    On GCC **, use ./configure --enable-ia32-asm

    ** This isn't on by default because of the use of intel syntax and the

    problem that olders versions of gas have with some addressing statements.

    If you enable this and get assemler errors during compilation or can't

    pass the TaoCrypt tests, please send todd@yassl.com a message and disable

    this option in the meantime.

***************** yaSSL Release notes, version 1.0.5

//#define TEST_RESUME

void ClientError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg)

{

    SSL_CTX_free(ctx);

    SSL_free(ssl);

    tcp_close(sockfd);

    err_sys(msg);

}

#ifdef NON_BLOCKING

    void NonBlockingSSL_Connect(SSL* ssl, SSL_CTX* ctx, SOCKET_T& sockfd)

    {

        int ret = SSL_connect(ssl);

        while (ret =! SSL_SUCCESS && SSL_get_error(ssl, 0) ==

                                     SSL_ERROR_WANT_READ) {

            printf("... client would block\n");

            #ifdef _WIN32

                Sleep(1000);

            #else

                sleep(1);

            #endif

            ret = SSL_connect(ssl);

        }

        if (ret != SSL_SUCCESS)

            ClientError(ctx, ssl, sockfd, "SSL_connect failed");

    }

#endif

void client_test(void* args)

{

#ifdef _WIN32

    set_args(argc, argv, *static_cast<func_args*>(args));

    tcp_connect(sockfd);

#ifdef NON_BLOCKING

    tcp_set_nonblocking(sockfd);

#endif

    SSL_METHOD* method = TLSv1_client_method();

    SSL_CTX*    ctx = SSL_CTX_new(method);

    SSL_set_fd(ssl, sockfd);

#ifdef NON_BLOCKING

    NonBlockingSSL_Connect(ssl, ctx, sockfd);

#else

    if (SSL_connect(ssl) != SSL_SUCCESS)

    {

        SSL_CTX_free(ctx);

        SSL_free(ssl);

        tcp_close(sockfd);

        err_sys("SSL_connect failed");

    }

        ClientError(ctx, ssl, sockfd, "SSL_connect failed");

#endif

    showPeer(ssl);

    const char* cipher = 0;

    char msg[] = "hello yassl!";

    if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))

    {

        SSL_CTX_free(ctx);

        SSL_free(ssl);

        tcp_close(sockfd);

        err_sys("SSL_write failed");

    }

        ClientError(ctx, ssl, sockfd, "SSL_write failed");

    char reply[1024];

    reply[SSL_read(ssl, reply, sizeof(reply))] = 0;

    int input = SSL_read(ssl, reply, sizeof(reply));

    if (input > 0) {

        reply[input] = 0;

    printf("Server response: %s\n", reply);

    }

#ifdef TEST_RESUME

    SSL_SESSION* session   = SSL_get_session(ssl);

    SSL_set_session(sslResume, session);

    if (SSL_connect(sslResume) != SSL_SUCCESS)

    {

        SSL_CTX_free(ctx);

        SSL_free(ssl);

        tcp_close(sockfd);

        err_sys("SSL resume failed");

    }

        ClientError(ctx, sslResume, sockfd, "SSL_resume failed");

    showPeer(sslResume);

    if (SSL_write(sslResume, msg, sizeof(msg)) != sizeof(msg))

    {

      SSL_CTX_free(ctx);

      SSL_free(ssl);

      tcp_close(sockfd);

        err_sys("SSL_write failed");

    }

        ClientError(ctx, sslResume, sockfd, "SSL_write failed");

    reply[SSL_read(sslResume, reply, sizeof(reply))] = 0;

    input = SSL_read(sslResume, reply, sizeof(reply));

    if (input > 0) {

        reply[input] = 0;

    printf("Server response: %s\n", reply);

    }

    SSL_shutdown(sslResume);

    SSL_free(sslResume);

#include "../../testsuite/test.hpp"

void EchoClientError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg)

{

    SSL_CTX_free(ctx);

    SSL_free(ssl);

    tcp_close(sockfd);

    err_sys(msg);

}

void echoclient_test(void* args)

{

#ifdef _WIN32

    tcp_connect(sockfd);

    SSL_METHOD* method = TLSv1_client_method();

    SSL_METHOD* method = SSLv23_client_method();

    SSL_CTX*    ctx = SSL_CTX_new(method);

    set_certs(ctx);

    SSL*        ssl = SSL_new(ctx);

    SSL_set_fd(ssl, sockfd);

    if (SSL_connect(ssl) != SSL_SUCCESS)

    {

        SSL_CTX_free(ctx);

        SSL_free(ssl);

        tcp_close(sockfd);

        err_sys("SSL_connect failed");

    }

        EchoClientError(ctx, ssl, sockfd, "SSL_connect failed");

    char send[1024];

    char reply[1024];

        int sendSz = strlen(send) + 1;

        if (SSL_write(ssl, send, sendSz) != sendSz)

        {

            SSL_CTX_free(ctx);

            SSL_free(ssl);

            tcp_close(sockfd);

            err_sys("SSL_write failed");

        }

            EchoClientError(ctx, ssl, sockfd, "SSL_write failed");

        if (strncmp(send, "quit", 4) == 0) {

            fputs("sending server shutdown command: quit!\n", fout);

    tcp_listen(sockfd);

    SSL_METHOD* method = TLSv1_server_method();

    SSL_METHOD* method = SSLv23_server_method();

    SSL_CTX*    ctx    = SSL_CTX_new(method);

    set_serverCerts(ctx);

        SSL* ssl = SSL_new(ctx);

        SSL_set_fd(ssl, clientfd);

        if (SSL_accept(ssl) != SSL_SUCCESS)

            EchoError(ctx, ssl, sockfd, clientfd, "SSL_accept failed");

        if (SSL_accept(ssl) != SSL_SUCCESS) {

            printf("SSL_accept failed\n");

            SSL_free(ssl);

            tcp_close(clientfd);

            continue; 

        }

        char command[1024];

        int echoSz(0);

            if (SSL_write(ssl, command, echoSz) != echoSz)

                EchoError(ctx, ssl, sockfd, clientfd, "SSL_write failed");

        }

        SSL_shutdown(ssl);

        SSL_free(ssl);

        tcp_close(clientfd);

    }

}

#ifdef NON_BLOCKING

    void NonBlockingSSL_Accept(SSL* ssl, SSL_CTX* ctx, SOCKET_T& clientfd)

    {

        int ret = SSL_accept(ssl);

        while (ret != SSL_SUCCESS && SSL_get_error(ssl, 0) ==

                                     SSL_ERROR_WANT_READ) {

            printf("... server would block\n");

            #ifdef _WIN32

                Sleep(1000);

            #else

                sleep(1);

            #endif

            ret = SSL_accept(ssl);

        }

        if (ret != SSL_SUCCESS)

            ServerError(ctx, ssl, clientfd, "SSL_accept failed");

    }

#endif

THREAD_RETURN YASSL_API server_test(void* args)

{

#ifdef _WIN32

    SSL_METHOD* method = TLSv1_server_method();

    SSL_CTX*    ctx = SSL_CTX_new(method);

    //SSL_CTX_set_cipher_list(ctx, "RC4-SHA");

    //SSL_CTX_set_cipher_list(ctx, "RC4-SHA:RC4-MD5");

    SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);

    set_serverCerts(ctx);

    DH* dh = set_tmpDH(ctx);

    SSL* ssl = SSL_new(ctx);

    SSL_set_fd(ssl, clientfd);

#ifdef NON_BLOCKING

    NonBlockingSSL_Accept(ssl, ctx, clientfd);

#else

    if (SSL_accept(ssl) != SSL_SUCCESS)

        ServerError(ctx, ssl, clientfd, "SSL_accept failed");

#endif

    showPeer(ssl);

    printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl));

    char command[1024];

    command[SSL_read(ssl, command, sizeof(command))] = 0;

    int input = SSL_read(ssl, command, sizeof(command));

    if (input > 0) {

        command[input] = 0;

    printf("First client command: %s\n", command);

    }

    char msg[] = "I hear you, fa shizzle!";

    if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))

    DH_free(dh);

    SSL_CTX_free(ctx);

    SSL_shutdown(ssl);

    SSL_free(ssl);

    tcp_close(clientfd);

    }

#endif // NO_MAIN_DRIVER