diff --git a/UPDATING b/UPDATING
index 2e13d9dd1f7b..689474e62bd6 100644
--- a/UPDATING
+++ b/UPDATING
@@ -1,2089 +1,2093 @@
Updating Information for FreeBSD stable/12 users.
This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>.
See end of file for further details. For commonly done items, please see the
COMMON ITEMS: section later in the file. These instructions assume that you
basically know what you are doing. If not, then please consult the FreeBSD
handbook:
https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
Items affecting the ports and packages system can be found in
/usr/ports/UPDATING. Please read that file before running portupgrade.
NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping
from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to
the tip of head, and then rebuild without this option. The bootstrap process
from older version of current across the gcc/clang cutover is a bit fragile.
+20201208: p2 FreeBSD-SA-20:33.openssl
+
+ Fix OpenSSL NULL pointer de-reference. [SA-20:33.openssl]
+
20201201: p1 FreeBSD-EN-20:19.audit
FreeBSD-EN-20:20.tzdata
FreeBSD-EN-20:21.ipfw
FreeBSD-EN-20:22.callout
FreeBSD-SA-20:31.icmp6
FreeBSD-SA-20:32.rtsold
Fix execve/fexecve system call auditing. [EN-20:19.audit]
Update timezone database information. [EN-20:20.tzdata]
Fix uninitialized variable in ipfw. [EN-20:21.ipfw]
Fix race condition in callout CPU migration. [EN-20:22.callout]
Fix ICMPv6 use-after-free in error message handling. [SA-20:31.icmp6]
Fix multiple vulnerabilities in rtsold. [SA-20:32.rtsold]
20201027:
12.2-RELEASE.
20200915: p1 FreeBSD-SA-20:27.ure
FreeBSD-SA-20:28.bhyve_vmcs
FreeBSD-SA-20:29.bhyve_svm
FreeBSD-SA-20:30.ftpd
Fix ure device driver susceptible to packet-in-packet attack.
[SA-20:27.ure]
Fix bhyve privilege escalation via VMCS access. [SA-20:28.bhyve_vmcs]
Fix bhyve SVM guest escape. [SA-20:29.bhyve_svm]
Fix ftpd privilege escalation via ftpchroot. [SA-20:30.ftpd]
20200912:
The make.conf(5) MALLOC_PRODUCTION variable, used for disabling and
enabling assertions and statistics gathering in malloc(3), has been
migrated to a src.conf(5) WITH/WITHOUT_MALLOC_PRODUCTION option.
On stable branches, WITH_MALLOC_PRODUCTION is set by default, which
means that malloc(3) has assertions and statistics gathering disabled,
for improved performance.
For backwards compatibility, the make.conf(5) MALLOC_PRODUCTION is still
honored, but it is now deprecated and undocumented.
20200909:
The resume code now notifies devd with the 'kernel' system
rather than the old 'kern' subsystem to be consistent with
other use. The old notification will be created as well, but
will be removed prior to FreeBSD 14.0.
20200722:
Clang, llvm, lld, lldb, compiler-rt, libc++, libunwind and openmp have
been upgraded to 10.0.1. Please see the 20141231 entry below for
information about prerequisites and upgrading, if you are not already
using clang 3.5.0 or higher.
20200708:
read(2) of a directory fd is now rejected by default. root may
re-enable it for the entire system with the
security.bsd.allow_read_dir sysctl(8) MIB.
It may be advised to setup aliases for grep to default to `-d skip` if
commonly non-recursively grepping a list that includes directories and
the potential for the resulting stderr output is not tolerable. Example
aliases are now installed, commented out, in /root/.cshrc.
20200414:
Upstream DTS from Linux 5.6 was merged and they now have the SID
and THS (Secure ID controller and THermal Sensor) node present.
The DTB overlays have now been removed from the tree for the H3/H5 and
A64 SoCs and the aw_sid and aw_thermal driver have been updated to
deal with upstream DTS. If you are using those overlays you need to
remove them from loader.conf and update the DTBs on the FAT partition.
20200501:
Clang, llvm, lld, lldb, compiler-rt, libc++, libunwind and openmp have
been upgraded to 10.0.0. Please see the 20141231 entry below for
information about prerequisites and upgrading, if you are not already
using clang 3.5.0 or higher.
20200430:
The root certificates of the Mozilla CA Certificate Store have been
imported into the base system and can be managed with the certctl(8)
utility. If you have installed the security/ca_root_nss port or package
with the ETCSYMLINK option (the default), be advised that there may be
differences between those included in the port and those included in
base due to differences in nss branch used as well as general update
frequency. Note also that certctl(8) cannot manage certs in the
format used by the security/ca_root_nss port.
20200107:
Clang, llvm, lld, lldb, compiler-rt, libc++, libunwind and openmp have
been upgraded to 9.0.1. Please see the 20141231 entry below for
information about prerequisites and upgrading, if you are not already
using clang 3.5.0 or higher.
20191107:
The nctgpio and wbwd drivers have been moved to the superio bus.
If you have one of these drivers in a kernel configuration, then
you should add device superio to it. If you use one of these drivers
as a module and you compile a custom set of modules, then you should
add superio to the set.
20191024:
The tap(4) driver has been folded into tun(4), and the module has been
renamed to tuntap. You should update any kld_list="if_tap" or
kld_list="if_tun" entries in /etc/rc.conf, if_tap_load="YES" or
if_tun_load="YES" entries in /boot/loader.conf to load the if_tuntap
module instead, and "device tap" or "device tun" entries in kernel
config files to select the tuntap device instead.
20190913:
ntpd no longer by default locks its pages in memory, allowing them
to be paged out by the kernel. Use rlimit memlock to restore
historic BSD behaviour. For example, add "rlimit memlock 32"
to ntp.conf to lock up to 32 MB of ntpd address space in memory.
20190914:
The vfs.fusefs.sync_unmount and vfs.fusefs.init_backgrounded sysctls
and the "-o sync_unmount" and "-o init_backgrounded" mount options have
been removed from mount_fusefs(8). You can safely remove them from
your scripts, because they had no effect.
The vfs.fusefs.fix_broken_io, vfs.fusefs.sync_resize,
vfs.fusefs.refresh_size, vfs.fusefs.mmap_enable,
vfs.fusefs.reclaim_revoked, and vfs.fusefs.data_cache_invalidate
sysctls have been removed. If you felt the need to set any of them to
a non-default value, please tell asomers@FreeBSD.org why.
20190906:
The fuse(4) module has been renamed to fusefs(4) for consistency with
other filesystems. You should update any kld_load="fuse" entries in
/etc/rc.conf, fuse_load="YES" entries in /boot/loader.conf, and
"options FUSE" enties in kernel config files.
20190811:
Default permissions on the /var/account/acct file (and copies of it
rotated by periodic daily scripts) are changed from 0644 to 0640
because the file contains sensitive information that should not be
world-readable. If the /var/account directory must be created by
rc.d/accounting, the mode used is now 0750. Admins who use the
accounting feature are encouraged to change the mode of an existing
/var/account directory to 0750 or 0700.
20190723:
Clang, llvm, lld, lldb, compiler-rt, libc++, libunwind and openmp have
been upgraded to 8.0.1. Please see the 20141231 entry below for
information about prerequisites and upgrading, if you are not already
using clang 3.5.0 or higher.
20190413:
Now Clang 8 has been merged (see the 20190412 entry below), the ifunc
functionality needed for the RETPOLINE option should work properly
again. The RETPOLINE option has been removed from BROKEN_OPTIONS.
20190412:
Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to
8.0.0. Please see the 20141231 entry below for information about
prerequisites and upgrading, if you are not already using clang 3.5.0
or higher.
20190307:
The RETPOLINE option produces non-functional ifunc-using binaries
with Clang 7.0.1, and has been forced off (via BROKEN_OPTIONS).
Once Clang 8 is merged it may be enabled again.
20190216:
Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to
7.0.1. Please see the 20141231 entry below for information about
prerequisites and upgrading, if you are not already using clang 3.5.0
or higher.
20190226:
geom_uzip(4) depends on the new module xz. If geom_uzip is statically
compiled into your custom kernel, add 'device xz' statement to the
kernel config.
20190214:
Iflib is no longer unconditionally compiled into the kernel. Drivers
using iflib and statically compiled into the kernel, now require
the 'device iflib' config option. For the same drivers loaded as
modules on kernels not having 'device iflib', the iflib.ko module
is loaded automatically.
20181228:
r342561 modifies the NFSv4 server so that it obeys vfs.nfsd.nfs_privport
in the same as it is applied to NFSv2 and 3. This implies that NFSv4
servers that have vfs.nfsd.nfs_privport set will only allow mounts
from clients using a reserved port#. Since both the FreeBSD and Linux
NFSv4 clients use reserved port#s by default, this should not affect
most NFSv4 mounts.
20181129:
On amd64, arm64 and armv7 (architectures that install LLVM's ld.lld
linker as /usr/bin/ld) GNU ld is no longer installed as ld.bfd, as
it produces broken binaries when ifuncs are in use. Users needing
GNU ld should install the binutils port or package.
20181115:
The set of CTM commands (ctm, ctm_smail, ctm_rmail, ctm_dequeue)
has been converted to a port (misc/ctm) and will be removed from
FreeBSD-13. A depreciation warning will be printed to stderr by
the ctm command, but the functionality will remain in base for all
FreeBSD-12 releases.
20181019:
The stable/12 branch has been created in subversion from head
revision r339432.
20181015:
Ports for the DRM modules have been simplified. Now, amd64 users should
just install the drm-kmod port. All others should install
drm-legacy-kmod.
Graphics hardware that's newer than about 2010 usually works with
drm-kmod. For hardware older than 2013, however, some users will need
to use drm-legacy-kmod if drm-kmod doesn't work for them. Hardware older
than 2008 usually only works in drm-legacy-kmod. The graphics team can
only commit to hardware made since 2013 due to the complexity of the
market and difficulty to test all the older cards effectively. If you
have hardware supported by drm-kmod, you are strongly encouraged to use
that as you will get better support.
Other than KPI chasing, drm-legacy-kmod will not be updated. As outlined
elsewhere, the drm and drm2 modules will be eliminated from the src base
soon (with a limited exception for arm). Please update to the package asap
and report any issues to x11@freebsd.org.
Generally, anybody using the drm*-kmod packages should add
WITHOUT_DRM_MODULE=t and WITHOUT_DRM2_MODULE=t to avoid nasty
cross-threading surprises, especially with automatic driver
loading from X11 startup. These will become the defaults in 13-current
shortly.
20181012:
The ixlv(4) driver has been renamed to iavf(4). As a consequence,
custom kernel and module loading configuration files must be updated
accordingly. Moreover, interfaces previous presented as ixlvN to the
system are now exposed as iavfN and network configuration files must
be adjusted as necessary.
20181009:
OpenSSL has been updated to version 1.1.1. This update included
additional various API changes througout the base system. It is
important to rebuild third-party software after upgrading. The value
of __FreeBSD_version has been bumped accordingly.
20181006:
The legacy DRM modules and drivers have now been added to the loader's
module blacklist, in favor of loading them with kld_list in rc.conf(5).
The module blacklist may be overridden with the loader.conf(5)
'module_blacklist' variable, but loading them via rc.conf(5) is strongly
encouraged.
20181002:
The cam(4) based nda(4) driver will be used over nvd(4) by default on
powerpc64. You may set 'options NVME_USE_NVD=1' in your kernel conf or
loader tunable 'hw.nvme.use_nvd=1' if you wish to use the existing
driver. Make sure to edit /boot/etc/kboot.conf and fstab to use the
nda device name.
20180913:
Reproducible build mode is now on by default, in preparation for
FreeBSD 12.0. This eliminates build metadata such as the user,
host, and time from the kernel (and uname), unless the working tree
corresponds to a modified checkout from a version control system.
The previous behavior can be obtained by setting the /etc/src.conf
knob WITHOUT_REPRODUCIBLE_BUILD.
20180826:
The Yarrow CSPRNG has been removed from the kernel as it has not been
supported by its designers since at least 2003. Fortuna has been the
default since FreeBSD-11.
20180822:
devctl freeze/thaw have gone into the tree, the rc scripts have been
updated to use them and devmatch has been changed. You should update
kernel, userland and rc scripts all at the same time.
20180818:
The default interpreter has been switched from 4th to Lua.
LOADER_DEFAULT_INTERP, documented in build(7), will override the default
interpreter. If you have custom FORTH code you will need to set
LOADER_DEFAULT_INTERP=4th (valid values are 4th, lua or simp) in
src.conf for the build. This will create default hard links between
loader and loader_4th instead of loader and loader_lua, the new default.
If you are using UEFI it will create the proper hard link to loader.efi.
bhyve uses userboot.so. It remains 4th-only until some issues are solved
regarding coexisting with multiple versions of FreeBSD are resolved.
20180815:
ls(1) now respects the COLORTERM environment variable used in other
systems and software to indicate that a colored terminal is both
supported and desired. If ls(1) is suddenly emitting colors, they may
be disabled again by either removing the unwanted COLORTERM from your
environment, or using `ls --color=never`. The ls(1) specific CLICOLOR
may not be observed in a future release.
20180808:
The default pager for most commands has been changed to "less". To
restore the old behavior, set PAGER="more" and MANPAGER="more -s" in
your environment.
20180731:
The jedec_ts(4) driver has been removed. A superset of its functionality
is available in the jedec_dimm(4) driver, and the manpage for that
driver includes migration instructions. If you have "device jedec_ts"
in your kernel configuration file, it must be removed.
20180730:
amd64/GENERIC now has EFI runtime services, EFIRT, enabled by default.
This should have no effect if the kernel is booted via BIOS/legacy boot.
EFIRT may be disabled via a loader tunable, efi.rt.disabled, if a system
has a buggy firmware that prevents a successful boot due to use of
runtime services.
20180727:
Atmel AT91RM9200 and AT91SAM9, Cavium CNS 11xx and XScale
support has been removed from the tree. These ports were
obsolete and/or known to be broken for many years.
20180723:
loader.efi has been augmented to participate more fully in the
UEFI boot manager protocol. loader.efi will now look at the
BootXXXX environment variable to determine if a specific kernel
or root partition was specified. XXXX is derived from BootCurrent.
efibootmgr(8) manages these standard UEFI variables.
20180720:
zfsloader's functionality has now been folded into loader.
zfsloader is no longer necessary once you've updated your
boot blocks. For a transition period, we will install a
hardlink for zfsloader to loader to allow a smooth transition
until the boot blocks can be updated (hard link because old
zfs boot blocks don't understand symlinks).
20180719:
ARM64 now have efifb support, if you want to have serial console
on your arm64 board when an screen is connected and the bootloader
setup a frambuffer for us to use, just add :
boot_serial=YES
boot_multicons=YES
in /boot/loader.conf
For Raspberry Pi 3 (RPI) users, this is needed even if you don't have
an screen connected as the firmware will setup a framebuffer are that
u-boot will expose as an EFI framebuffer.
20180719:
New uid:gid added, ntpd:ntpd (123:123). Be sure to run mergemaster
or take steps to update /etc/passwd before doing installworld on
existing systems. Do not skip the "mergemaster -Fp" step before
installworld, as described in the update procedures near the bottom
of this document. Also, rc.d/ntpd now starts ntpd(8) as user ntpd
if the new mac_ntpd(4) policy is available, unless ntpd_flags or
the ntp config file contain options that change file/dir locations.
When such options (e.g., "statsdir" or "crypto") are used, ntpd can
still be run as non-root by setting ntpd_user=ntpd in rc.conf, after
taking steps to ensure that all required files/dirs are accessible
by the ntpd user.
20180717:
Big endian arm support has been removed.
20180711:
The static environment setup in kernel configs is no longer mutually
exclusive with the loader(8) environment by default. In order to
restore the previous default behavior of disabling the loader(8)
environment if a static environment is present, you must specify
loader_env.disabled=1 in the static environment.
20180705:
The ABI of syscalls used by management tools like sockstat and
netstat has been broken to allow 32-bit binaries to work on
64-bit kernels without modification. These programs will need
to match the kernel in order to function. External programs may
require minor modifications to accommodate a change of type in
structures from pointers to 64-bit virtual addresses.
20180702:
On i386 and amd64 atomics are now inlined. Out of tree modules using
atomics will need to be rebuilt.
20180701:
The '%I' format in the kern.corefile sysctl limits the number of
core files that a process can generate to the number stored in the
debug.ncores sysctl. The '%I' format is replaced by the single digit
index. Previously, if all indexes were taken the kernel would overwrite
only a core file with the highest index in a filename.
Currently the system will create a new core file if there is a free
index or if all slots are taken it will overwrite the oldest one.
20180630:
Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to
6.0.1. Please see the 20141231 entry below for information about
prerequisites and upgrading, if you are not already using clang 3.5.0
or higher.
20180628:
r335753 introduced a new quoting method. However, etc/devd/devmatch.conf
needed to be changed to work with it. This change was made with r335763
and requires a mergemaster / etcupdate / etc to update the installed file.
20180612:
r334930 changed the interface between the NFS modules, so they all
need to be rebuilt. r335018 did a __FreeBSD_version bump for this.
20180530:
As of r334391 lld is the default amd64 system linker; it is installed
as /usr/bin/ld. Kernel build workarounds (see 20180510 entry) are no
longer necessary.
20180530:
The kernel / userland interface for devinfo changed, so you'll
need a new kernel and userland as a pair for it to work (rebuilding
lib/libdevinfo is all that's required). devinfo and devmatch will
not work, but everything else will when there's a mismatch.
20180523:
The on-disk format for hwpmc callchain records has changed to include
threadid corresponding to a given record. This changes the field offsets
and thus requires that libpmcstat be rebuilt before using a kernel
later than r334108.
20180517:
The vxge(4) driver has been removed. This driver was introduced into
HEAD one week before the Exar left the Ethernet market and is not
known to be used. If you have device vxge in your kernel config file
it must be removed.
20180510:
The amd64 kernel now requires a ld that supports ifunc to produce a
working kernel, either lld or a newer binutils. lld is built by default
on amd64, and the 'buildkernel' target uses it automatically. However,
it is not the default linker, so building the kernel the traditional
way requires LD=ld.lld on the command line (or LD=/usr/local/bin/ld for
binutils port/package). lld will soon be default, and this requirement
will go away.
NOTE: As of r334391 lld is the default system linker on amd64, and no
workaround is necessary.
20180508:
The nxge(4) driver has been removed. This driver was for PCI-X 10g
cards made by s2io/Neterion. The company was aquired by Exar and
no longer sells or supports Ethernet products. If you have device
nxge in your kernel config file it must be removed.
20180504:
The tz database (tzdb) has been updated to 2018e. This version more
correctly models time stamps in time zones with negative DST such as
Europe/Dublin (from 1971 on), Europe/Prague (1946/7), and
Africa/Windhoek (1994/2017). This does not affect the UT offsets, only
time zone abbreviations and the tm_isdst flag.
20180502:
The ixgb(4) driver has been removed. This driver was for an early and
uncommon legacy PCI 10GbE for a single ASIC, Intel 82597EX. Intel
quickly shifted to the long lived ixgbe family. If you have device
ixgb in your kernel config file it must be removed.
20180501:
The lmc(4) driver has been removed. This was a WAN interface
card that was already reportedly rare in 2003, and had an ambiguous
license. If you have device lmc in your kernel config file it must
be removed.
20180413:
Support for Arcnet networks has been removed. If you have device
arcnet or device cm in your kernel config file they must be
removed.
20180411:
Support for FDDI networks has been removed. If you have device
fddi or device fpa in your kernel config file they must be
removed.
20180406:
In addition to supporting RFC 3164 formatted messages, the
syslogd(8) service is now capable of parsing RFC 5424 formatted
log messages. The main benefit of using RFC 5424 is that clients
may now send log messages with timestamps containing year numbers,
microseconds and time zone offsets.
Similarly, the syslog(3) C library function has been altered to
send RFC 5424 formatted messages to the local system logging
daemon. On systems using syslogd(8), this change should have no
negative impact, as long as syslogd(8) and the C library are
updated at the same time. On systems using a different system
logging daemon, it may be necessary to make configuration
adjustments, depending on the software used.
When using syslog-ng, add the 'syslog-protocol' flag to local
input sources to enable parsing of RFC 5424 formatted messages:
source src {
unix-dgram("/var/run/log" flags(syslog-protocol));
}
When using rsyslog, disable the 'SysSock.UseSpecialParser' option
of the 'imuxsock' module to let messages be processed by the
regular RFC 3164/5424 parsing pipeline:
module(load="imuxsock" SysSock.UseSpecialParser="off")
Do note that these changes only affect communication between local
applications and syslogd(8). The format that syslogd(8) uses to
store messages on disk or forward messages to other systems
remains unchanged. syslogd(8) still uses RFC 3164 for these
purposes. Options to customize this behaviour will be added in the
future. Utilities that process log files stored in /var/log are
thus expected to continue to function as before.
__FreeBSD_version has been incremented to 1200061 to denote this
change.
20180328:
Support for token ring networks has been removed. If you
have "device token" in your kernel config you should remove
it. No device drivers supported token ring.
20180323:
makefs was modified to be able to tag ISO9660 El Torito boot catalog
entries as EFI instead of overloading the i386 tag as done previously.
The amd64 mkisoimages.sh script used to build amd64 ISO images for
release was updated to use this. This may mean that makefs must be
updated before "make cdrom" can be run in the release directory. This
should be as simple as:
$ cd $SRCDIR/usr.sbin/makefs
$ make depend all install
20180212:
FreeBSD boot loader enhanced with Lua scripting. It's purely opt-in for
now by building WITH_LOADER_LUA and WITHOUT_FORTH in /etc/src.conf.
Co-existance for the transition period will come shortly. Booting is a
complex environment and test coverage for Lua-enabled loaders has been
thin, so it would be prudent to assume it might not work and make
provisions for backup boot methods.
20180211:
devmatch functionality has been turned on in devd. It will automatically
load drivers for unattached devices. This may cause unexpected drivers to
be loaded. Please report any problems to current@ and imp@freebsd.org.
20180114:
Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to
6.0.0. Please see the 20141231 entry below for information about
prerequisites and upgrading, if you are not already using clang 3.5.0
or higher.
20180110:
LLVM's lld linker is now used as the FreeBSD/amd64 bootstrap linker.
This means it is used to link the kernel and userland libraries and
executables, but is not yet installed as /usr/bin/ld by default.
To revert to ld.bfd as the bootstrap linker, in /etc/src.conf set
WITHOUT_LLD_BOOTSTRAP=yes
20180110:
On i386, pmtimer has been removed. Its functionality has been folded
into apm. It was a no-op on ACPI in current for a while now (but was still
needed on i386 in FreeBSD 11 and earlier). Users may need to remove it
from kernel config files.
20180104:
The use of RSS hash from the network card aka flowid has been
disabled by default for lagg(4) as it's currently incompatible with
the lacp and loadbalance protocols.
This can be re-enabled by setting the following in loader.conf:
net.link.lagg.default_use_flowid="1"
20180102:
The SW_WATCHDOG option is no longer necessary to enable the
hardclock-based software watchdog if no hardware watchdog is
configured. As before, SW_WATCHDOG will cause the software
watchdog to be enabled even if a hardware watchdog is configured.
20171215:
r326887 fixes the issue described in the 20171214 UPDATING entry.
r326888 flips the switch back to building GELI support always.
20171214:
r362593 broke ZFS + GELI support for reasons unknown. However,
it also broke ZFS support generally, so GELI has been turned off
by default as the lesser evil in r326857. If you boot off ZFS and/or
GELI, it might not be a good time to update.
20171125:
PowerPC users must update loader(8) by rebuilding world before
installing a new kernel, as the protocol connecting them has
changed. Without the update, loader metadata will not be passed
successfully to the kernel and users will have to enter their
root partition at the kernel mountroot prompt to continue booting.
Newer versions of loader can boot old kernels without issue.
20171110:
The LOADER_FIREWIRE_SUPPORT build variable as been renamed to
WITH/OUT_LOADER_FIREWIRE. LOADER_{NO_,}GELI_SUPPORT has been renamed
to WITH/OUT_LOADER_GELI.
20171106:
The naive and non-compliant support of posix_fallocate(2) in ZFS
has been removed as of r325320. The system call now returns EINVAL
when used on a ZFS file. Although the new behavior complies with the
standard, some consumers are not prepared to cope with it.
One known victim is lld prior to r325420.
20171102:
Building in a FreeBSD src checkout will automatically create object
directories now rather than store files in the current directory if
'make obj' was not ran. Calling 'make obj' is no longer necessary.
This feature can be disabled by setting WITHOUT_AUTO_OBJ=yes in
/etc/src-env.conf (not /etc/src.conf), or passing the option in the
environment.
20171101:
The default MAKEOBJDIR has changed from /usr/obj/<srcdir> for native
builds, and /usr/obj/<arch>/<srcdir> for cross-builds, to a unified
/usr/obj/<srcdir>/<arch>. This behavior can be changed to the old
format by setting WITHOUT_UNIFIED_OBJDIR=yes in /etc/src-env.conf,
the environment, or with -DWITHOUT_UNIFIED_OBJDIR when building.
The UNIFIED_OBJDIR option is a transitional feature that will be
removed for 12.0 release; please migrate to the new format for any
tools by looking up the OBJDIR used by 'make -V .OBJDIR' means rather
than hardcoding paths.
20171028:
The native-xtools target no longer installs the files by default to the
OBJDIR. Use the native-xtools-install target with a DESTDIR to install
to ${DESTDIR}/${NXTP} where NXTP defaults to /nxb-bin.
20171021:
As part of the boot loader infrastructure cleanup, LOADER_*_SUPPORT
options are changing from controlling the build if defined / undefined
to controlling the build with explicit 'yes' or 'no' values. They will
shift to WITH/WITHOUT options to match other options in the system.
20171010:
libstand has turned into a private library for sys/boot use only.
It is no longer supported as a public interface outside of sys/boot.
20171005:
The arm port has split armv6 into armv6 and armv7. armv7 is now
a valid TARGET_ARCH/MACHINE_ARCH setting. If you have an armv7 system
and are running a kernel from before r324363, you will need to add
MACHINE_ARCH=armv7 to 'make buildworld' to do a native build.
20171003:
When building multiple kernels using KERNCONF, non-existent KERNCONF
files will produce an error and buildkernel will fail. Previously
missing KERNCONF files silently failed giving no indication as to
why, only to subsequently discover during installkernel that the
desired kernel was never built in the first place.
20170912:
The default serial number format for CTL LUNs has changed. This will
affect users who use /dev/diskid/* device nodes, or whose FibreChannel
or iSCSI clients care about their LUNs' serial numbers. Users who
require serial number stability should hardcode serial numbers in
/etc/ctl.conf .
20170912:
For 32-bit arm compiled for hard-float support, soft-floating point
binaries now always get their shared libraries from
LD_SOFT_LIBRARY_PATH (in the past, this was only used if
/usr/libsoft also existed). Only users with a hard-float ld.so, but
soft-float everything else should be affected.
20170826:
The geli password typed at boot is now hidden. To restore the previous
behavior, see geli(8) for configuration options.
20170825:
Move PMTUD blackhole counters to TCPSTATS and remove them from bare
sysctl values. Minor nit, but requires a rebuild of both world/kernel
to complete.
20170814:
"make check" behavior (made in ^/head@r295380) has been changed to
execute from a limited sandbox, as opposed to executing from
${TESTSDIR}.
Behavioral changes:
- The "beforecheck" and "aftercheck" targets are now specified.
- ${CHECKDIR} (added in commit noted above) has been removed.
- Legacy behavior can be enabled by setting
WITHOUT_MAKE_CHECK_USE_SANDBOX in src.conf(5) or the environment.
If the limited sandbox mode is enabled, "make check" will execute
"make distribution", then install, execute the tests, and clean up the
sandbox if successful.
The "make distribution" and "make install" targets are typically run as
root to set appropriate permissions and ownership at installation time.
The end-user should set "WITH_INSTALL_AS_USER" in src.conf(5) or the
environment if executing "make check" with limited sandbox mode using
an unprivileged user.
20170808:
Since the switch to GPT disk labels, fsck for UFS/FFS has been
unable to automatically find alternate superblocks. As of r322297,
the information needed to find alternate superblocks has been
moved to the end of the area reserved for the boot block.
Filesystems created with a newfs of this vintage or later
will create the recovery information. If you have a filesystem
created prior to this change and wish to have a recovery block
created for your filesystem, you can do so by running fsck in
foreground mode (i.e., do not use the -p or -y options). As it
starts, fsck will ask ``SAVE DATA TO FIND ALTERNATE SUPERBLOCKS''
to which you should answer yes.
20170728:
As of r321665, an NFSv4 server configuration that services
Kerberos mounts or clients that do not support the uid/gid in
owner/owner_group string capability, must explicitly enable
the nfsuserd daemon by adding nfsuserd_enable="YES" to the
machine's /etc/rc.conf file.
20170722:
Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 5.0.0.
Please see the 20141231 entry below for information about prerequisites
and upgrading, if you are not already using clang 3.5.0 or higher.
20170701:
WITHOUT_RCMDS is now the default. Set WITH_RCMDS if you need the
r-commands (rlogin, rsh, etc.) to be built with the base system.
20170625:
The FreeBSD/powerpc platform now uses a 64-bit type for time_t. This is
a very major ABI incompatible change, so users of FreeBSD/powerpc must
be careful when performing source upgrades. It is best to run
'make installworld' from an alternate root system, either a live
CD/memory stick, or a temporary root partition. Additionally, all ports
must be recompiled. powerpc64 is largely unaffected, except in the case
of 32-bit compatibility. All 32-bit binaries will be affected.
20170623:
Forward compatibility for the "ino64" project have been committed. This
will allow most new binaries to run on older kernels in a limited
fashion. This prevents many of the common foot-shooting actions in the
upgrade as well as the limited ability to roll back the kernel across
the ino64 upgrade. Complicated use cases may not work properly, though
enough simpler ones work to allow recovery in most situations.
20170620:
Switch back to the BSDL dtc (Device Tree Compiler). Set WITH_GPL_DTC
if you require the GPL compiler.
20170618:
The internal ABI used for communication between the NFS kernel modules
was changed by r320085, so __FreeBSD_version was bumped to
ensure all the NFS related modules are updated together.
20170617:
The ABI of struct event was changed by extending the data
member to 64bit and adding ext fields. For upgrade, same
precautions as for the entry 20170523 "ino64" must be
followed.
20170531:
The GNU roff toolchain has been removed from base. To render manpages
which are not supported by mandoc(1), man(1) can fallback on GNU roff
from ports (and recommends to install it).
To render roff(7) documents, consider using GNU roff from ports or the
heirloom doctools roff toolchain from ports via pkg install groff or
via pkg install heirloom-doctools.
20170524:
The ath(4) and ath_hal(4) modules now build piecemeal to allow for
smaller runtime footprint builds. This is useful for embedded systems
which only require one chipset support.
If you load it as a module, make sure this is in /boot/loader.conf:
if_ath_load="YES"
This will load the HAL, all chip/RF backends and if_ath_pci.
If you have if_ath_pci in /boot/loader.conf, ensure it is after
if_ath or it will not load any HAL chipset support.
If you want to selectively load things (eg on ye cheape ARM/MIPS
platforms where RAM is at a premium) you should:
* load ath_hal
* load the chip modules in question
* load ath_rate, ath_dfs
* load ath_main
* load if_ath_pci and/or if_ath_ahb depending upon your particular
bus bind type - this is where probe/attach is done.
For further comments/feedback, poke adrian@ .
20170523:
The "ino64" 64-bit inode project has been committed, which extends
a number of types to 64 bits. Upgrading in place requires care and
adherence to the documented upgrade procedure.
If using a custom kernel configuration ensure that the
COMPAT_FREEBSD11 option is included (as during the upgrade the
system will be running the ino64 kernel with the existing world).
For the safest in-place upgrade begin by removing previous build
artifacts via "rm -rf /usr/obj/*". Then, carefully follow the
full procedure documented below under the heading "To rebuild
everything and install it on the current system." Specifically,
a reboot is required after installing the new kernel before
installing world.
20170424:
The NATM framework including the en(4), fatm(4), hatm(4), and
patm(4) devices has been removed. Consumers should plan a
migration before the end-of-life date for FreeBSD 11.
20170420:
GNU diff has been replaced by a BSD licensed diff. Some features of GNU
diff has not been implemented, if those are needed a newer version of
GNU diff is available via the diffutils package under the gdiff name.
20170413:
As of r316810 for ipfilter, keep frags is no longer assumed when
keep state is specified in a rule. r316810 aligns ipfilter with
documentation in man pages separating keep frags from keep state.
This allows keep state to be specified without forcing keep frags
and allows keep frags to be specified independently of keep state.
To maintain previous behaviour, also specify keep frags with
keep state (as documented in ipf.conf.5).
20170407:
arm64 builds now use the base system LLD 4.0.0 linker by default,
instead of requiring that the aarch64-binutils port or package be
installed. To continue using aarch64-binutils, set
CROSS_BINUTILS_PREFIX=/usr/local/aarch64-freebsd/bin .
20170405:
The UDP optimization in entry 20160818 that added the sysctl
net.inet.udp.require_l2_bcast has been reverted. L2 broadcast
packets will no longer be treated as L3 broadcast packets.
20170331:
Binds and sends to the loopback addresses, IPv6 and IPv4, will now
use any explicitly assigned loopback address available in the jail
instead of using the first assigned address of the jail.
20170329:
The ctl.ko module no longer implements the iSCSI target frontend:
cfiscsi.ko does instead.
If building cfiscsi.ko as a kernel module, the module can be loaded
via one of the following methods:
- `cfiscsi_load="YES"` in loader.conf(5).
- Add `cfiscsi` to `$kld_list` in rc.conf(5).
- ctladm(8)/ctld(8), when compiled with iSCSI support
(`WITH_ISCSI=yes` in src.conf(5))
Please see cfiscsi(4) for more details.
20170316:
The mmcsd.ko module now additionally depends on geom_flashmap.ko.
Also, mmc.ko and mmcsd.ko need to be a matching pair built from the
same source (previously, the dependency of mmcsd.ko on mmc.ko was
missing, but mmcsd.ko now will refuse to load if it is incompatible
with mmc.ko).
20170315:
The syntax of ipfw(8) named states was changed to avoid ambiguity.
If you have used named states in the firewall rules, you need to modify
them after installworld and before rebooting. Now named states must
be prefixed with colon.
20170311:
The old drm (sys/dev/drm/) drivers for i915 and radeon have been
removed as the userland we provide cannot use them. The KMS version
(sys/dev/drm2) supports the same hardware.
20170302:
Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 4.0.0.
Please see the 20141231 entry below for information about prerequisites
and upgrading, if you are not already using clang 3.5.0 or higher.
20170221:
The code that provides support for ZFS .zfs/ directory functionality
has been reimplemented. It's not possible now to create a snapshot
by mkdir under .zfs/snapshot/. That should be the only user visible
change.
20170216:
EISA bus support has been removed. The WITH_EISA option is no longer
valid.
20170215:
MCA bus support has been removed.
20170127:
The WITH_LLD_AS_LD / WITHOUT_LLD_AS_LD build knobs have been renamed
WITH_LLD_IS_LD / WITHOUT_LLD_IS_LD, for consistency with CLANG_IS_CC.
20170112:
The EM_MULTIQUEUE kernel configuration option is deprecated now that
the em(4) driver conforms to iflib specifications.
20170109:
The igb(4), em(4) and lem(4) ethernet drivers are now implemented via
IFLIB. If you have a custom kernel configuration that excludes em(4)
but you use igb(4), you need to re-add em(4) to your custom configuration.
20161217:
Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.9.1.
Please see the 20141231 entry below for information about prerequisites
and upgrading, if you are not already using clang 3.5.0 or higher.
20161124:
Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.9.0.
Please see the 20141231 entry below for information about prerequisites
and upgrading, if you are not already using clang 3.5.0 or higher.
20161119:
The layout of the pmap structure has changed for powerpc to put the pmap
statistics at the front for all CPU variations. libkvm(3) and all tools
that link against it need to be recompiled.
20161030:
isl(4) and cyapa(4) drivers now require a new driver,
chromebook_platform(4), to work properly on Chromebook-class hardware.
On other types of hardware the drivers may need to be configured using
device hints. Please see the corresponding manual pages for details.
20161017:
The urtwn(4) driver was merged into rtwn(4) and now consists of
rtwn(4) main module + rtwn_usb(4) and rtwn_pci(4) bus-specific
parts.
Also, firmware for RTL8188CE was renamed due to possible name
conflict (rtwnrtl8192cU(B) -> rtwnrtl8192cE(B))
20161015:
GNU rcs has been removed from base. It is available as packages:
- rcs: Latest GPLv3 GNU rcs version.
- rcs57: Copy of the latest version of GNU rcs (GPLv2) before it was
removed from base.
20161008:
Use of the cc_cdg, cc_chd, cc_hd, or cc_vegas congestion control
modules now requires that the kernel configuration contain the
TCP_HHOOK option. (This option is included in the GENERIC kernel.)
20161003:
The WITHOUT_ELFCOPY_AS_OBJCOPY src.conf(5) knob has been retired.
ELF Tool Chain's elfcopy is always installed as /usr/bin/objcopy.
20160924:
Relocatable object files with the extension of .So have been renamed
to use an extension of .pico instead. The purpose of this change is
to avoid a name clash with shared libraries on case-insensitive file
systems. On those file systems, foo.So is the same file as foo.so.
20160918:
GNU rcs has been turned off by default. It can (temporarily) be built
again by adding WITH_RCS knob in src.conf.
Otherwise, GNU rcs is available from packages:
- rcs: Latest GPLv3 GNU rcs version.
- rcs57: Copy of the latest version of GNU rcs (GPLv2) from base.
20160918:
The backup_uses_rcs functionality has been removed from rc.subr.
20160908:
The queue(3) debugging macro, QUEUE_MACRO_DEBUG, has been split into
two separate components, QUEUE_MACRO_DEBUG_TRACE and
QUEUE_MACRO_DEBUG_TRASH. Define both for the original
QUEUE_MACRO_DEBUG behavior.
20160824:
r304787 changed some ioctl interfaces between the iSCSI userspace
programs and the kernel. ctladm, ctld, iscsictl, and iscsid must be
rebuilt to work with new kernels. __FreeBSD_version has been bumped
to 1200005.
20160818:
The UDP receive code has been updated to only treat incoming UDP
packets that were addressed to an L2 broadcast address as L3
broadcast packets. It is not expected that this will affect any
standards-conforming UDP application. The new behaviour can be
disabled by setting the sysctl net.inet.udp.require_l2_bcast to
0.
20160818:
Remove the openbsd_poll system call.
__FreeBSD_version has been bumped because of this.
20160708:
The stable/11 branch has been created from head@r302406.
20160622:
The libc stub for the pipe(2) system call has been replaced with
a wrapper that calls the pipe2(2) system call and the pipe(2)
system call is now only implemented by the kernels that include
"options COMPAT_FREEBSD10" in their config file (this is the
default). Users should ensure that this option is enabled in
their kernel or upgrade userspace to r302092 before upgrading their
kernel.
20160527:
CAM will now strip leading spaces from SCSI disks' serial numbers.
This will affect users who create UFS filesystems on SCSI disks using
those disk's diskid device nodes. For example, if /etc/fstab
previously contained a line like
"/dev/diskid/DISK-%20%20%20%20%20%20%20ABCDEFG0123456", you should
change it to "/dev/diskid/DISK-ABCDEFG0123456". Users of geom
transforms like gmirror may also be affected. ZFS users should
generally be fine.
20160523:
The bitstring(3) API has been updated with new functionality and
improved performance. But it is binary-incompatible with the old API.
Objects built with the new headers may not be linked against objects
built with the old headers.
20160520:
The brk and sbrk functions have been removed from libc on arm64.
Binutils from ports has been updated to not link to these
functions and should be updated to the latest version before
installing a new libc.
20160517:
The armv6 port now defaults to hard float ABI. Limited support
for running both hardfloat and soft float on the same system
is available using the libraries installed with -DWITH_LIBSOFT.
This has only been tested as an upgrade path for installworld
and packages may fail or need manual intervention to run. New
packages will be needed.
To update an existing self-hosted armv6hf system, you must add
TARGET_ARCH=armv6 on the make command line for both the build
and the install steps.
20160510:
Kernel modules compiled outside of a kernel build now default to
installing to /boot/modules instead of /boot/kernel. Many kernel
modules built this way (such as those in ports) already overrode
KMODDIR explicitly to install into /boot/modules. However,
manually building and installing a module from /sys/modules will
now install to /boot/modules instead of /boot/kernel.
20160414:
The CAM I/O scheduler has been committed to the kernel. There should be
no user visible impact. This does enable NCQ Trim on ada SSDs. While the
list of known rogues that claim support for this but actually corrupt
data is believed to be complete, be on the lookout for data
corruption. The known rogue list is believed to be complete:
o Crucial MX100, M550 drives with MU01 firmware.
o Micron M510 and M550 drives with MU01 firmware.
o Micron M500 prior to MU07 firmware
o Samsung 830, 840, and 850 all firmwares
o FCCT M500 all firmwares
Crucial has firmware http://www.crucial.com/usa/en/support-ssd-firmware
with working NCQ TRIM. For Micron branded drives, see your sales rep for
updated firmware. Black listed drives will work correctly because these
drives work correctly so long as no NCQ TRIMs are sent to them. Given
this list is the same as found in Linux, it's believed there are no
other rogues in the market place. All other models from the above
vendors work.
To be safe, if you are at all concerned, you can quirk each of your
drives to prevent NCQ from being sent by setting:
kern.cam.ada.X.quirks="0x2"
in loader.conf. If the drive requires the 4k sector quirk, set the
quirks entry to 0x3.
20160330:
The FAST_DEPEND build option has been removed and its functionality is
now the one true way. The old mkdep(1) style of 'make depend' has
been removed. See 20160311 for further details.
20160317:
Resource range types have grown from unsigned long to uintmax_t. All
drivers, and anything using libdevinfo, need to be recompiled.
20160311:
WITH_FAST_DEPEND is now enabled by default for in-tree and out-of-tree
builds. It no longer runs mkdep(1) during 'make depend', and the
'make depend' stage can safely be skipped now as it is auto ran
when building 'make all' and will generate all SRCS and DPSRCS before
building anything else. Dependencies are gathered at compile time with
-MF flags kept in separate .depend files per object file. Users should
run 'make cleandepend' once if using -DNO_CLEAN to clean out older
stale .depend files.
20160306:
On amd64, clang 3.8.0 can now insert sections of type AMD64_UNWIND into
kernel modules. Therefore, if you load any kernel modules at boot time,
please install the boot loaders after you install the kernel, but before
rebooting, e.g.:
make buildworld
make buildkernel KERNCONF=YOUR_KERNEL_HERE
make installkernel KERNCONF=YOUR_KERNEL_HERE
make -C sys/boot install
<reboot in single user>
Then follow the usual steps, described in the General Notes section,
below.
20160305:
Clang, llvm, lldb and compiler-rt have been upgraded to 3.8.0. Please
see the 20141231 entry below for information about prerequisites and
upgrading, if you are not already using clang 3.5.0 or higher.
20160301:
The AIO subsystem is now a standard part of the kernel. The
VFS_AIO kernel option and aio.ko kernel module have been removed.
Due to stability concerns, asynchronous I/O requests are only
permitted on sockets and raw disks by default. To enable
asynchronous I/O requests on all file types, set the
vfs.aio.enable_unsafe sysctl to a non-zero value.
20160226:
The ELF object manipulation tool objcopy is now provided by the
ELF Tool Chain project rather than by GNU binutils. It should be a
drop-in replacement, with the addition of arm64 support. The
(temporary) src.conf knob WITHOUT_ELFCOPY_AS_OBJCOPY knob may be set
to obtain the GNU version if necessary.
20160129:
Building ZFS pools on top of zvols is prohibited by default. That
feature has never worked safely; it's always been prone to deadlocks.
Using a zvol as the backing store for a VM guest's virtual disk will
still work, even if the guest is using ZFS. Legacy behavior can be
restored by setting vfs.zfs.vol.recursive=1.
20160119:
The NONE and HPN patches has been removed from OpenSSH. They are
still available in the security/openssh-portable port.
20160113:
With the addition of ypldap(8), a new _ypldap user is now required
during installworld. "mergemaster -p" can be used to add the user
prior to installworld, as documented in the handbook.
20151216:
The tftp loader (pxeboot) now uses the option root-path directive. As a
consequence it no longer looks for a pxeboot.4th file on the tftp
server. Instead it uses the regular /boot infrastructure as with the
other loaders.
20151211:
The code to start recording plug and play data into the modules has
been committed. While the old tools will properly build a new kernel,
a number of warnings about "unknown metadata record 4" will be produced
for an older kldxref. To avoid such warnings, make sure to rebuild
the kernel toolchain (or world). Make sure that you have r292078 or
later when trying to build 292077 or later before rebuilding.
20151207:
Debug data files are now built by default with 'make buildworld' and
installed with 'make installworld'. This facilitates debugging but
requires more disk space both during the build and for the installed
world. Debug files may be disabled by setting WITHOUT_DEBUG_FILES=yes
in src.conf(5).
20151130:
r291527 changed the internal interface between the nfsd.ko and
nfscommon.ko modules. As such, they must both be upgraded to-gether.
__FreeBSD_version has been bumped because of this.
20151108:
Add support for unicode collation strings leads to a change of
order of files listed by ls(1) for example. To get back to the old
behaviour, set LC_COLLATE environment variable to "C".
Databases administrators will need to reindex their databases given
collation results will be different.
Due to a bug in install(1) it is recommended to remove the ancient
locales before running make installworld.
rm -rf /usr/share/locale/*
20151030:
The OpenSSL has been upgraded to 1.0.2d. Any binaries requiring
libcrypto.so.7 or libssl.so.7 must be recompiled.
20151020:
Qlogic 24xx/25xx firmware images were updated from 5.5.0 to 7.3.0.
Kernel modules isp_2400_multi and isp_2500_multi were removed and
should be replaced with isp_2400 and isp_2500 modules respectively.
20151017:
The build previously allowed using 'make -n' to not recurse into
sub-directories while showing what commands would be executed, and
'make -n -n' to recursively show commands. Now 'make -n' will recurse
and 'make -N' will not.
20151012:
If you specify SENDMAIL_MC or SENDMAIL_CF in make.conf, mergemaster
and etcupdate will now use this file. A custom sendmail.cf is now
updated via this mechanism rather than via installworld. If you had
excluded sendmail.cf in mergemaster.rc or etcupdate.conf, you may
want to remove the exclusion or change it to "always install".
/etc/mail/sendmail.cf is now managed the same way regardless of
whether SENDMAIL_MC/SENDMAIL_CF is used. If you are not using
SENDMAIL_MC/SENDMAIL_CF there should be no change in behavior.
20151011:
Compatibility shims for legacy ATA device names have been removed.
It includes ATA_STATIC_ID kernel option, kern.cam.ada.legacy_aliases
and kern.geom.raid.legacy_aliases loader tunables, kern.devalias.*
environment variables, /dev/ad* and /dev/ar* symbolic links.
20151006:
Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.7.0.
Please see the 20141231 entry below for information about prerequisites
and upgrading, if you are not already using clang 3.5.0 or higher.
20150924:
Kernel debug files have been moved to /usr/lib/debug/boot/kernel/,
and renamed from .symbols to .debug. This reduces the size requirements
on the boot partition or file system and provides consistency with
userland debug files.
When using the supported kernel installation method the
/usr/lib/debug/boot/kernel directory will be renamed (to kernel.old)
as is done with /boot/kernel.
Developers wishing to maintain the historical behavior of installing
debug files in /boot/kernel/ can set KERN_DEBUGDIR="" in src.conf(5).
20150827:
The wireless drivers had undergone changes that remove the 'parent
interface' from the ifconfig -l output. The rc.d network scripts
used to check presence of a parent interface in the list, so old
scripts would fail to start wireless networking. Thus, etcupdate(3)
or mergemaster(8) run is required after kernel update, to update your
rc.d scripts in /etc.
20150827:
pf no longer supports 'scrub fragment crop' or 'scrub fragment drop-ovl'
These configurations are now automatically interpreted as
'scrub fragment reassemble'.
20150817:
Kernel-loadable modules for the random(4) device are back. To use
them, the kernel must have
device random
options RANDOM_LOADABLE
kldload(8) can then be used to load random_fortuna.ko
or random_yarrow.ko. Please note that due to the indirect
function calls that the loadable modules need to provide,
the build-in variants will be slightly more efficient.
The random(4) kernel option RANDOM_DUMMY has been retired due to
unpopularity. It was not all that useful anyway.
20150813:
The WITHOUT_ELFTOOLCHAIN_TOOLS src.conf(5) knob has been retired.
Control over building the ELF Tool Chain tools is now provided by
the WITHOUT_TOOLCHAIN knob.
20150810:
The polarity of Pulse Per Second (PPS) capture events with the
uart(4) driver has been corrected. Prior to this change the PPS
"assert" event corresponded to the trailing edge of a positive PPS
pulse and the "clear" event was the leading edge of the next pulse.
As the width of a PPS pulse in a typical GPS receiver is on the
order of 1 millisecond, most users will not notice any significant
difference with this change.
Anyone who has compensated for the historical polarity reversal by
configuring a negative offset equal to the pulse width will need to
remove that workaround.
20150809:
The default group assigned to /dev/dri entries has been changed
from 'wheel' to 'video' with the id of '44'. If you want to have
access to the dri devices please add yourself to the video group
with:
# pw groupmod video -m $USER
20150806:
The menu.rc and loader.rc files will now be replaced during
upgrades. Please migrate local changes to menu.rc.local and
loader.rc.local instead.
20150805:
GNU Binutils versions of addr2line, c++filt, nm, readelf, size,
strings and strip have been removed. The src.conf(5) knob
WITHOUT_ELFTOOLCHAIN_TOOLS no longer provides the binutils tools.
20150728:
As ZFS requires more kernel stack pages than is the default on some
architectures e.g. i386, it now warns if KSTACK_PAGES is less than
ZFS_MIN_KSTACK_PAGES (which is 4 at the time of writing).
Please consider using 'options KSTACK_PAGES=X' where X is greater
than or equal to ZFS_MIN_KSTACK_PAGES i.e. 4 in such configurations.
20150706:
sendmail has been updated to 8.15.2. Starting with FreeBSD 11.0
and sendmail 8.15, sendmail uses uncompressed IPv6 addresses by
default, i.e., they will not contain "::". For example, instead
of ::1, it will be 0:0:0:0:0:0:0:1. This permits a zero subnet
to have a more specific match, such as different map entries for
IPv6:0:0 vs IPv6:0. This change requires that configuration
data (including maps, files, classes, custom ruleset, etc.) must
use the same format, so make certain such configuration data is
upgrading. As a very simple check search for patterns like
'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. To return to the old
behavior, set the m4 option confUSE_COMPRESSED_IPV6_ADDRESSES or
the cf option UseCompressedIPv6Addresses.
20150630:
The default kernel entropy-processing algorithm is now
Fortuna, replacing Yarrow.
Assuming you have 'device random' in your kernel config
file, the configurations allow a kernel option to override
this default. You may choose *ONE* of:
options RANDOM_YARROW # Legacy /dev/random algorithm.
options RANDOM_DUMMY # Blocking-only driver.
If you have neither, you get Fortuna. For most people,
read no further, Fortuna will give a /dev/random that works
like it always used to, and the difference will be irrelevant.
If you remove 'device random', you get *NO* kernel-processed
entropy at all. This may be acceptable to folks building
embedded systems, but has complications. Carry on reading,
and it is assumed you know what you need.
*PLEASE* read random(4) and random(9) if you are in the
habit of tweaking kernel configs, and/or if you are a member
of the embedded community, wanting specific and not-usual
behaviour from your security subsystems.
NOTE!! If you use RANDOM_DUMMY and/or have no 'device
random', you will NOT have a functioning /dev/random, and
many cryptographic features will not work, including SSH.
You may also find strange behaviour from the random(3) set
of library functions, in particular sranddev(3), srandomdev(3)
and arc4random(3). The reason for this is that the KERN_ARND
sysctl only returns entropy if it thinks it has some to
share, and with RANDOM_DUMMY or no 'device random' this
will never happen.
20150623:
An additional fix for the issue described in the 20150614 sendmail
entry below has been committed in revision 284717.
20150616:
FreeBSD's old make (fmake) has been removed from the system. It is
available as the devel/fmake port or via pkg install fmake.
20150615:
The fix for the issue described in the 20150614 sendmail entry
below has been committed in revision 284436. The work
around described in that entry is no longer needed unless the
default setting is overridden by a confDH_PARAMETERS configuration
setting of '5' or pointing to a 512 bit DH parameter file.
20150614:
ALLOW_DEPRECATED_ATF_TOOLS/ATFFILE support has been removed from
atf.test.mk (included from bsd.test.mk). Please upgrade devel/atf
and devel/kyua to version 0.20+ and adjust any calling code to work
with Kyuafile and kyua.
20150614:
The import of openssl to address the FreeBSD-SA-15:10.openssl
security advisory includes a change which rejects handshakes
with DH parameters below 768 bits. sendmail releases prior
to 8.15.2 (not yet released), defaulted to a 512 bit
DH parameter setting for client connections. To work around
this interoperability, sendmail can be configured to use a
2048 bit DH parameter by:
1. Edit /etc/mail/`hostname`.mc
2. If a setting for confDH_PARAMETERS does not exist or
exists and is set to a string beginning with '5',
replace it with '2'.
3. If a setting for confDH_PARAMETERS exists and is set to
a file path, create a new file with:
openssl dhparam -out /path/to/file 2048
4. Rebuild the .cf file:
cd /etc/mail/; make; make install
5. Restart sendmail:
cd /etc/mail/; make restart
A sendmail patch is coming, at which time this file will be
updated.
20150604:
Generation of legacy formatted entries have been disabled by default
in pwd_mkdb(8), as all base system consumers of the legacy formatted
entries were converted to use the new format by default when the new,
machine independent format have been added and supported since FreeBSD
5.x.
Please see the pwd_mkdb(8) manual page for further details.
20150525:
Clang and llvm have been upgraded to 3.6.1 release. Please see the
20141231 entry below for information about prerequisites and upgrading,
if you are not already using 3.5.0 or higher.
20150521:
TI platform code switched to using vendor DTS files and this update
may break existing systems running on Beaglebone, Beaglebone Black,
and Pandaboard:
- dtb files should be regenerated/reinstalled. Filenames are the
same but content is different now
- GPIO addressing was changed, now each GPIO bank (32 pins per bank)
has its own /dev/gpiocX device, e.g. pin 121 on /dev/gpioc0 in old
addressing scheme is now pin 25 on /dev/gpioc3.
- Pandaboard: /etc/ttys should be updated, serial console device is
now /dev/ttyu2, not /dev/ttyu0
20150501:
soelim(1) from gnu/usr.bin/groff has been replaced by usr.bin/soelim.
If you need the GNU extension from groff soelim(1), install groff
from package: pkg install groff, or via ports: textproc/groff.
20150423:
chmod, chflags, chown and chgrp now affect symlinks in -R mode as
defined in symlink(7); previously symlinks were silently ignored.
20150415:
The const qualifier has been removed from iconv(3) to comply with
POSIX. The ports tree is aware of this from r384038 onwards.
20150416:
Libraries specified by LIBADD in Makefiles must have a corresponding
DPADD_<lib> variable to ensure correct dependencies. This is now
enforced in src.libnames.mk.
20150324:
From legacy ata(4) driver was removed support for SATA controllers
supported by more functional drivers ahci(4), siis(4) and mvs(4).
Kernel modules ataahci and ataadaptec were removed completely,
replaced by ahci and mvs modules respectively.
20150315:
Clang, llvm and lldb have been upgraded to 3.6.0 release. Please see
the 20141231 entry below for information about prerequisites and
upgrading, if you are not already using 3.5.0 or higher.
20150307:
The 32-bit PowerPC kernel has been changed to a position-independent
executable. This can only be booted with a version of loader(8)
newer than January 31, 2015, so make sure to update both world and
kernel before rebooting.
20150217:
If you are running a -CURRENT kernel since r273872 (Oct 30th, 2014),
but before r278950, the RNG was not seeded properly. Immediately
upgrade the kernel to r278950 or later and regenerate any keys (e.g.
ssh keys or openssl keys) that were generated w/ a kernel from that
range. This does not affect programs that directly used /dev/random
or /dev/urandom. All userland uses of arc4random(3) are affected.
20150210:
The autofs(4) ABI was changed in order to restore binary compatibility
with 10.1-RELEASE. The automountd(8) daemon needs to be rebuilt to work
with the new kernel.
20150131:
The powerpc64 kernel has been changed to a position-independent
executable. This can only be booted with a new version of loader(8),
so make sure to update both world and kernel before rebooting.
20150118:
Clang and llvm have been upgraded to 3.5.1 release. This is a bugfix
only release, no new features have been added. Please see the 20141231
entry below for information about prerequisites and upgrading, if you
are not already using 3.5.0.
20150107:
ELF tools addr2line, elfcopy (strip), nm, size, and strings are now
taken from the ELF Tool Chain project rather than GNU binutils. They
should be drop-in replacements, with the addition of arm64 support.
The WITHOUT_ELFTOOLCHAIN_TOOLS= knob may be used to obtain the
binutils tools, if necessary. See 20150805 for updated information.
20150105:
The default Unbound configuration now enables remote control
using a local socket. Users who have already enabled the
local_unbound service should regenerate their configuration
by running "service local_unbound setup" as root.
20150102:
The GNU texinfo and GNU info pages have been removed.
To be able to view GNU info pages please install texinfo from ports.
20141231:
Clang, llvm and lldb have been upgraded to 3.5.0 release.
As of this release, a prerequisite for building clang, llvm and lldb is
a C++11 capable compiler and C++11 standard library. This means that to
be able to successfully build the cross-tools stage of buildworld, with
clang as the bootstrap compiler, your system compiler or cross compiler
should either be clang 3.3 or later, or gcc 4.8 or later, and your
system C++ library should be libc++, or libdstdc++ from gcc 4.8 or
later.
On any standard FreeBSD 10.x or 11.x installation, where clang and
libc++ are on by default (that is, on x86 or arm), this should work out
of the box.
On 9.x installations where clang is enabled by default, e.g. on x86 and
powerpc, libc++ will not be enabled by default, so libc++ should be
built (with clang) and installed first. If both clang and libc++ are
missing, build clang first, then use it to build libc++.
On 8.x and earlier installations, upgrade to 9.x first, and then follow
the instructions for 9.x above.
Sparc64 and mips users are unaffected, as they still use gcc 4.2.1 by
default, and do not build clang.
Many embedded systems are resource constrained, and will not be able to
build clang in a reasonable time, or in some cases at all. In those
cases, cross building bootable systems on amd64 is a workaround.
This new version of clang introduces a number of new warnings, of which
the following are most likely to appear:
-Wabsolute-value
This warns in two cases, for both C and C++:
* When the code is trying to take the absolute value of an unsigned
quantity, which is effectively a no-op, and almost never what was
intended. The code should be fixed, if at all possible. If you are
sure that the unsigned quantity can be safely cast to signed, without
loss of information or undefined behavior, you can add an explicit
cast, or disable the warning.
* When the code is trying to take an absolute value, but the called
abs() variant is for the wrong type, which can lead to truncation.
If you want to disable the warning instead of fixing the code, please
make sure that truncation will not occur, or it might lead to unwanted
side-effects.
-Wtautological-undefined-compare and
-Wundefined-bool-conversion
These warn when C++ code is trying to compare 'this' against NULL, while
'this' should never be NULL in well-defined C++ code. However, there is
some legacy (pre C++11) code out there, which actively abuses this
feature, which was less strictly defined in previous C++ versions.
Squid and openjdk do this, for example. The warning can be turned off
for C++98 and earlier, but compiling the code in C++11 mode might result
in unexpected behavior; for example, the parts of the program that are
unreachable could be optimized away.
20141222:
The old NFS client and server (kernel options NFSCLIENT, NFSSERVER)
kernel sources have been removed. The .h files remain, since some
utilities include them. This will need to be fixed later.
If "mount -t oldnfs ..." is attempted, it will fail.
If the "-o" option on mountd(8), nfsd(8) or nfsstat(1) is used,
the utilities will report errors.
20141121:
The handling of LOCAL_LIB_DIRS has been altered to skip addition of
directories to top level SUBDIR variable when their parent
directory is included in LOCAL_DIRS. Users with build systems with
such hierarchies and without SUBDIR entries in the parent
directory Makefiles should add them or add the directories to
LOCAL_DIRS.
20141109:
faith(4) and faithd(8) have been removed from the base system. Faith
has been obsolete for a very long time.
20141104:
vt(4), the new console driver, is enabled by default. It brings
support for Unicode and double-width characters, as well as
support for UEFI and integration with the KMS kernel video
drivers.
You may need to update your console settings in /etc/rc.conf,
most probably the keymap. During boot, /etc/rc.d/syscons will
indicate what you need to do.
vt(4) still has issues and lacks some features compared to
syscons(4). See the wiki for up-to-date information:
https://wiki.freebsd.org/Newcons
If you want to keep using syscons(4), you can do so by adding
the following line to /boot/loader.conf:
kern.vty=sc
20141102:
pjdfstest has been integrated into kyua as an opt-in test suite.
Please see share/doc/pjdfstest/README for more details on how to
execute it.
20141009:
gperf has been removed from the base system for architectures
that use clang. Ports that require gperf will obtain it from the
devel/gperf port.
20140923:
pjdfstest has been moved from tools/regression/pjdfstest to
contrib/pjdfstest .
20140922:
At svn r271982, The default linux compat kernel ABI has been adjusted
to 2.6.18 in support of the linux-c6 compat ports infrastructure
update. If you wish to continue using the linux-f10 compat ports,
add compat.linux.osrelease=2.6.16 to your local sysctl.conf. Users are
encouraged to update their linux-compat packages to linux-c6 during
their next update cycle.
20140729:
The ofwfb driver, used to provide a graphics console on PowerPC when
using vt(4), no longer allows mmap() of all physical memory. This
will prevent Xorg on PowerPC with some ATI graphics cards from
initializing properly unless x11-servers/xorg-server is updated to
1.12.4_8 or newer.
20140723:
The xdev targets have been converted to using TARGET and
TARGET_ARCH instead of XDEV and XDEV_ARCH.
20140719:
The default unbound configuration has been modified to address
issues with reverse lookups on networks that use private
address ranges. If you use the local_unbound service, run
"service local_unbound setup" as root to regenerate your
configuration, then "service local_unbound reload" to load the
new configuration.
20140709:
The GNU texinfo and GNU info pages are not built and installed
anymore, WITH_INFO knob has been added to allow to built and install
them again.
UPDATE: see 20150102 entry on texinfo's removal
20140708:
The GNU readline library is now an INTERNALLIB - that is, it is
statically linked into consumers (GDB and variants) in the base
system, and the shared library is no longer installed. The
devel/readline port is available for third party software that
requires readline.
20140702:
The Itanium architecture (ia64) has been removed from the list of
known architectures. This is the first step in the removal of the
architecture.
20140701:
Commit r268115 has added NFSv4.1 server support, merged from
projects/nfsv4.1-server. Since this includes changes to the
internal interfaces between the NFS related modules, a full
build of the kernel and modules will be necessary.
__FreeBSD_version has been bumped.
20140629:
The WITHOUT_VT_SUPPORT kernel config knob has been renamed
WITHOUT_VT. (The other _SUPPORT knobs have a consistent meaning
which differs from the behaviour controlled by this knob.)
20140619:
Maximal length of the serial number in CTL was increased from 16 to
64 chars, that breaks ABI. All CTL-related tools, such as ctladm
and ctld, need to be rebuilt to work with a new kernel.
20140606:
The libatf-c and libatf-c++ major versions were downgraded to 0 and
1 respectively to match the upstream numbers. They were out of
sync because, when they were originally added to FreeBSD, the
upstream versions were not respected. These libraries are private
and not yet built by default, so renumbering them should be a
non-issue. However, unclean source trees will yield broken test
programs once the operator executes "make delete-old-libs" after a
"make installworld".
Additionally, the atf-sh binary was made private by moving it into
/usr/libexec/. Already-built shell test programs will keep the
path to the old binary so they will break after "make delete-old"
is run.
If you are using WITH_TESTS=yes (not the default), wipe the object
tree and rebuild from scratch to prevent spurious test failures.
This is only needed once: the misnumbered libraries and misplaced
binaries have been added to OptionalObsoleteFiles.inc so they will
be removed during a clean upgrade.
20140512:
Clang and llvm have been upgraded to 3.4.1 release.
20140508:
We bogusly installed src.opts.mk in /usr/share/mk. This file should
be removed to avoid issues in the future (and has been added to
ObsoleteFiles.inc).
20140505:
/etc/src.conf now affects only builds of the FreeBSD src tree. In the
past, it affected all builds that used the bsd.*.mk files. The old
behavior was a bug, but people may have relied upon it. To get this
behavior back, you can .include /etc/src.conf from /etc/make.conf
(which is still global and isn't changed). This also changes the
behavior of incremental builds inside the tree of individual
directories. Set MAKESYSPATH to ".../share/mk" to do that.
Although this has survived make universe and some upgrade scenarios,
other upgrade scenarios may have broken. At least one form of
temporary breakage was fixed with MAKESYSPATH settings for buildworld
as well... In cases where MAKESYSPATH isn't working with this
setting, you'll need to set it to the full path to your tree.
One side effect of all this cleaning up is that bsd.compiler.mk
is no longer implicitly included by bsd.own.mk. If you wish to
use COMPILER_TYPE, you must now explicitly include bsd.compiler.mk
as well.
20140430:
The lindev device has been removed since /dev/full has been made a
standard device. __FreeBSD_version has been bumped.
20140424:
The knob WITHOUT_VI was added to the base system, which controls
building ex(1), vi(1), etc. Older releases of FreeBSD required ex(1)
in order to reorder files share/termcap and didn't build ex(1) as a
build tool, so building/installing with WITH_VI is highly advised for
build hosts for older releases.
This issue has been fixed in stable/9 and stable/10 in r277022 and
r276991, respectively.
20140418:
The YES_HESIOD knob has been removed. It has been obsolete for
a decade. Please move to using WITH_HESIOD instead or your builds
will silently lack HESIOD.
20140405:
The uart(4) driver has been changed with respect to its handling
of the low-level console. Previously the uart(4) driver prevented
any process from changing the baudrate or the CLOCAL and HUPCL
control flags. By removing the restrictions, operators can make
changes to the serial console port without having to reboot.
However, when getty(8) is started on the serial device that is
associated with the low-level console, a misconfigured terminal
line in /etc/ttys will now have a real impact.
Before upgrading the kernel, make sure that /etc/ttys has the
serial console device configured as 3wire without baudrate to
preserve the previous behaviour. E.g:
ttyu0 "/usr/libexec/getty 3wire" vt100 on secure
20140306:
Support for libwrap (TCP wrappers) in rpcbind was disabled by default
to improve performance. To re-enable it, if needed, run rpcbind
with command line option -W.
20140226:
Switched back to the GPL dtc compiler due to updates in the upstream
dts files not being supported by the BSDL dtc compiler. You will need
to rebuild your kernel toolchain to pick up the new compiler. Core dumps
may result while building dtb files during a kernel build if you fail
to do so. Set WITHOUT_GPL_DTC if you require the BSDL compiler.
20140216:
Clang and llvm have been upgraded to 3.4 release.
20140216:
The nve(4) driver has been removed. Please use the nfe(4) driver
for NVIDIA nForce MCP Ethernet adapters instead.
20140212:
An ABI incompatibility crept into the libc++ 3.4 import in r261283.
This could cause certain C++ applications using shared libraries built
against the previous version of libc++ to crash. The incompatibility
has now been fixed, but any C++ applications or shared libraries built
between r261283 and r261801 should be recompiled.
20140204:
OpenSSH will now ignore errors caused by kernel lacking of Capsicum
capability mode support. Please note that enabling the feature in
kernel is still highly recommended.
20140131:
OpenSSH is now built with sandbox support, and will use sandbox as
the default privilege separation method. This requires Capsicum
capability mode support in kernel.
20140128:
The libelf and libdwarf libraries have been updated to newer
versions from upstream. Shared library version numbers for
these two libraries were bumped. Any ports or binaries
requiring these two libraries should be recompiled.
__FreeBSD_version is bumped to 1100006.
20140110:
If a Makefile in a tests/ directory was auto-generating a Kyuafile
instead of providing an explicit one, this would prevent such
Makefile from providing its own Kyuafile in the future during
NO_CLEAN builds. This has been fixed in the Makefiles but manual
intervention is needed to clean an objdir if you use NO_CLEAN:
# find /usr/obj -name Kyuafile | xargs rm -f
20131213:
The behavior of gss_pseudo_random() for the krb5 mechanism
has changed, for applications requesting a longer random string
than produced by the underlying enctype's pseudo-random() function.
In particular, the random string produced from a session key of
enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will
be different at the 17th octet and later, after this change.
The counter used in the PRF+ construction is now encoded as a
big-endian integer in accordance with RFC 4402.
__FreeBSD_version is bumped to 1100004.
20131108:
The WITHOUT_ATF build knob has been removed and its functionality
has been subsumed into the more generic WITHOUT_TESTS. If you were
using the former to disable the build of the ATF libraries, you
should change your settings to use the latter.
20131025:
The default version of mtree is nmtree which is obtained from
NetBSD. The output is generally the same, but may vary
slightly. If you found you need identical output adding
"-F freebsd9" to the command line should do the trick. For the
time being, the old mtree is available as fmtree.
20131014:
libbsdyml has been renamed to libyaml and moved to /usr/lib/private.
This will break ports-mgmt/pkg. Rebuild the port, or upgrade to pkg
1.1.4_8 and verify bsdyml not linked in, before running "make
delete-old-libs":
# make -C /usr/ports/ports-mgmt/pkg build deinstall install clean
or
# pkg install pkg; ldd /usr/local/sbin/pkg | grep bsdyml
20131010:
The stable/10 branch has been created in subversion from head
revision r256279.
COMMON ITEMS:
General Notes
-------------
Avoid using make -j when upgrading. While generally safe, there are
sometimes problems using -j to upgrade. If your upgrade fails with
-j, please try again without -j. From time to time in the past there
have been problems using -j with buildworld and/or installworld. This
is especially true when upgrading between "distant" versions (eg one
that cross a major release boundary or several minor releases, or when
several months have passed on the -current branch).
Sometimes, obscure build problems are the result of environment
poisoning. This can happen because the make utility reads its
environment when searching for values for global variables. To run
your build attempts in an "environmental clean room", prefix all make
commands with 'env -i '. See the env(1) manual page for more details.
When upgrading from one major version to another it is generally best to
upgrade to the latest code in the currently installed branch first, then
do an upgrade to the new branch. This is the best-tested upgrade path,
and has the highest probability of being successful. Please try this
approach if you encounter problems with a major version upgrade. Since
the stable 4.x branch point, one has generally been able to upgrade from
anywhere in the most recent stable branch to head / current (or even the
last couple of stable branches). See the top of this file when there's
an exception.
When upgrading a live system, having a root shell around before
installing anything can help undo problems. Not having a root shell
around can lead to problems if pam has changed too much from your
starting point to allow continued authentication after the upgrade.
This file should be read as a log of events. When a later event changes
information of a prior event, the prior event should not be deleted.
Instead, a pointer to the entry with the new information should be
placed in the old entry. Readers of this file should also sanity check
older entries before relying on them blindly. Authors of new entries
should write them with this in mind.
ZFS notes
---------
When upgrading the boot ZFS pool to a new version, always follow
these two steps:
1.) recompile and reinstall the ZFS boot loader and boot block
(this is part of "make buildworld" and "make installworld")
2.) update the ZFS boot block on your boot drive
The following example updates the ZFS boot block on the first
partition (freebsd-boot) of a GPT partitioned drive ada0:
"gpart bootcode -p /boot/gptzfsboot -i 1 ada0"
Non-boot pools do not need these updates.
To build a kernel
-----------------
If you are updating from a prior version of FreeBSD (even one just
a few days old), you should follow this procedure. It is the most
failsafe as it uses a /usr/obj tree with a fresh mini-buildworld,
make kernel-toolchain
make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE
make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE
To test a kernel once
---------------------
If you just want to boot a kernel once (because you are not sure
if it works, or if you want to boot a known bad kernel to provide
debugging information) run
make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel
nextboot -k testkernel
To rebuild everything and install it on the current system.
-----------------------------------------------------------
# Note: sometimes if you are running current you gotta do more than
# is listed here if you are upgrading from a really old current.
<make sure you have good level 0 dumps>
make buildworld
make buildkernel KERNCONF=YOUR_KERNEL_HERE
make installkernel KERNCONF=YOUR_KERNEL_HERE
[1]
<reboot in single user> [3]
mergemaster -Fp [5]
make installworld
mergemaster -Fi [4]
make delete-old [6]
<reboot>
To cross-install current onto a separate partition
--------------------------------------------------
# In this approach we use a separate partition to hold
# current's root, 'usr', and 'var' directories. A partition
# holding "/", "/usr" and "/var" should be about 2GB in
# size.
<make sure you have good level 0 dumps>
<boot into -stable>
make buildworld
make buildkernel KERNCONF=YOUR_KERNEL_HERE
<maybe newfs current's root partition>
<mount current's root partition on directory ${CURRENT_ROOT}>
make installworld DESTDIR=${CURRENT_ROOT} -DDB_FROM_SRC
make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd
<edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
<reboot into current>
<do a "native" rebuild/install as described in the previous section>
<maybe install compatibility libraries from ports/misc/compat*>
<reboot>
To upgrade in-place from stable to current
----------------------------------------------
<make sure you have good level 0 dumps>
make buildworld [9]
make buildkernel KERNCONF=YOUR_KERNEL_HERE [8]
make installkernel KERNCONF=YOUR_KERNEL_HERE
[1]
<reboot in single user> [3]
mergemaster -Fp [5]
make installworld
mergemaster -Fi [4]
make delete-old [6]
<reboot>
Make sure that you've read the UPDATING file to understand the
tweaks to various things you need. At this point in the life
cycle of current, things change often and you are on your own
to cope. The defaults can also change, so please read ALL of
the UPDATING entries.
Also, if you are tracking -current, you must be subscribed to
freebsd-current@freebsd.org. Make sure that before you update
your sources that you have read and understood all the recent
messages there. If in doubt, please track -stable which has
much fewer pitfalls.
[1] If you have third party modules, such as vmware, you
should disable them at this point so they don't crash your
system on reboot.
[3] From the bootblocks, boot -s, and then do
fsck -p
mount -u /
mount -a
cd src
adjkerntz -i # if CMOS is wall time
Also, when doing a major release upgrade, it is required that
you boot into single user mode to do the installworld.
[4] Note: This step is non-optional. Failure to do this step
can result in a significant reduction in the functionality of the
system. Attempting to do it by hand is not recommended and those
that pursue this avenue should read this file carefully, as well
as the archives of freebsd-current and freebsd-hackers mailing lists
for potential gotchas. The -U option is also useful to consider.
See mergemaster(8) for more information.
[5] Usually this step is a no-op. However, from time to time
you may need to do this if you get unknown user in the following
step. It never hurts to do it all the time. You may need to
install a new mergemaster (cd src/usr.sbin/mergemaster && make
install) after the buildworld before this step if you last updated
from current before 20130425 or from -stable before 20130430.
[6] This only deletes old files and directories. Old libraries
can be deleted by "make delete-old-libs", but you have to make
sure that no program is using those libraries anymore.
[8] The new kernel must be able to run existing binaries used by
an installworld. When upgrading across major versions, the new
kernel's configuration must include the correct COMPAT_FREEBSD<n>
option for existing binaries (e.g. COMPAT_FREEBSD11 to run 11.x
binaries). Failure to do so may leave you with a system that is
hard to boot to recover. A GENERIC kernel will include suitable
compatibility options to run binaries from older branches.
Make sure that you merge any new devices from GENERIC since the
last time you updated your kernel config file.
[9] If CPUTYPE is defined in your /etc/make.conf, make sure to use the
"?=" instead of the "=" assignment operator, so that buildworld can
override the CPUTYPE if it needs to.
MAKEOBJDIRPREFIX must be defined in an environment variable, and
not on the command line, or in /etc/make.conf. buildworld will
warn if it is improperly defined.
FORMAT:
This file contains a list, in reverse chronological order, of major
breakages in tracking -current. It is not guaranteed to be a complete
list of such breakages, and only contains entries since September 23, 2011.
If you need to see UPDATING entries from before that date, you will need
to fetch an UPDATING file from an older FreeBSD release.
Copyright information:
Copyright 1998-2009 M. Warner Losh. All Rights Reserved.
Redistribution, publication, translation and use, with or without
modification, in full or in part, in any form or format of this
document are permitted without further permission from the author.
THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
Contact Warner Losh if you have any questions about your use of
this document.
$FreeBSD$
diff --git a/crypto/openssl/crypto/asn1/asn1_err.c b/crypto/openssl/crypto/asn1/asn1_err.c
index 613f9ae71333..cc0a59ca4c8b 100644
--- a/crypto/openssl/crypto/asn1/asn1_err.c
+++ b/crypto/openssl/crypto/asn1/asn1_err.c
@@ -1,350 +1,352 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/err.h>
#include <openssl/asn1err.h>
#ifndef OPENSSL_NO_ERR
static const ERR_STRING_DATA ASN1_str_functs[] = {
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_A2D_ASN1_OBJECT, 0), "a2d_ASN1_OBJECT"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_A2I_ASN1_INTEGER, 0), "a2i_ASN1_INTEGER"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_A2I_ASN1_STRING, 0), "a2i_ASN1_STRING"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_APPEND_EXP, 0), "append_exp"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_BIO_INIT, 0), "asn1_bio_init"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_BIT_STRING_SET_BIT, 0),
"ASN1_BIT_STRING_set_bit"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_CB, 0), "asn1_cb"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_CHECK_TLEN, 0), "asn1_check_tlen"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_COLLECT, 0), "asn1_collect"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_EX_PRIMITIVE, 0),
"asn1_d2i_ex_primitive"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_FP, 0), "ASN1_d2i_fp"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_READ_BIO, 0), "asn1_d2i_read_bio"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DIGEST, 0), "ASN1_digest"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DO_ADB, 0), "asn1_do_adb"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DO_LOCK, 0), "asn1_do_lock"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DUP, 0), "ASN1_dup"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ENC_SAVE, 0), "asn1_enc_save"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_EX_C2I, 0), "asn1_ex_c2i"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_FIND_END, 0), "asn1_find_end"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GENERALIZEDTIME_ADJ, 0),
"ASN1_GENERALIZEDTIME_adj"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GENERATE_V3, 0), "ASN1_generate_v3"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_INT64, 0), "asn1_get_int64"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_OBJECT, 0), "ASN1_get_object"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_UINT64, 0), "asn1_get_uint64"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_I2D_BIO, 0), "ASN1_i2d_bio"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_I2D_FP, 0), "ASN1_i2d_fp"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_D2I_FP, 0), "ASN1_item_d2i_fp"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_DUP, 0), "ASN1_item_dup"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_D2I, 0),
"asn1_item_embed_d2i"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_NEW, 0),
"asn1_item_embed_new"},
+ {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EX_I2D, 0), "ASN1_item_ex_i2d"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_FLAGS_I2D, 0),
"asn1_item_flags_i2d"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_BIO, 0), "ASN1_item_i2d_bio"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_FP, 0), "ASN1_item_i2d_fp"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_PACK, 0), "ASN1_item_pack"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_SIGN, 0), "ASN1_item_sign"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_SIGN_CTX, 0),
"ASN1_item_sign_ctx"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_UNPACK, 0), "ASN1_item_unpack"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_VERIFY, 0), "ASN1_item_verify"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_MBSTRING_NCOPY, 0),
"ASN1_mbstring_ncopy"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_OBJECT_NEW, 0), "ASN1_OBJECT_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_OUTPUT_DATA, 0), "asn1_output_data"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_PCTX_NEW, 0), "ASN1_PCTX_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_PRIMITIVE_NEW, 0),
"asn1_primitive_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_SCTX_NEW, 0), "ASN1_SCTX_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_SIGN, 0), "ASN1_sign"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STR2TYPE, 0), "asn1_str2type"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_GET_INT64, 0),
"asn1_string_get_int64"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_GET_UINT64, 0),
"asn1_string_get_uint64"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_SET, 0), "ASN1_STRING_set"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_TABLE_ADD, 0),
"ASN1_STRING_TABLE_add"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_TO_BN, 0), "asn1_string_to_bn"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_TYPE_NEW, 0),
"ASN1_STRING_type_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TEMPLATE_EX_D2I, 0),
"asn1_template_ex_d2i"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TEMPLATE_NEW, 0), "asn1_template_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 0),
"asn1_template_noexp_d2i"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TIME_ADJ, 0), "ASN1_TIME_adj"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING, 0),
"ASN1_TYPE_get_int_octetstring"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TYPE_GET_OCTETSTRING, 0),
"ASN1_TYPE_get_octetstring"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_UTCTIME_ADJ, 0), "ASN1_UTCTIME_adj"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_VERIFY, 0), "ASN1_verify"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_B64_READ_ASN1, 0), "b64_read_asn1"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_B64_WRITE_ASN1, 0), "B64_write_ASN1"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_BIO_NEW_NDEF, 0), "BIO_new_NDEF"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_BITSTR_CB, 0), "bitstr_cb"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_BN_TO_ASN1_STRING, 0), "bn_to_asn1_string"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_ASN1_BIT_STRING, 0),
"c2i_ASN1_BIT_STRING"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_ASN1_INTEGER, 0), "c2i_ASN1_INTEGER"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_ASN1_OBJECT, 0), "c2i_ASN1_OBJECT"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_IBUF, 0), "c2i_ibuf"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_UINT64_INT, 0), "c2i_uint64_int"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_COLLECT_DATA, 0), "collect_data"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_ASN1_OBJECT, 0), "d2i_ASN1_OBJECT"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_ASN1_UINTEGER, 0), "d2i_ASN1_UINTEGER"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_AUTOPRIVATEKEY, 0),
"d2i_AutoPrivateKey"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_PRIVATEKEY, 0), "d2i_PrivateKey"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_PUBLICKEY, 0), "d2i_PublicKey"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_BUF, 0), "do_buf"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_CREATE, 0), "do_create"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_DUMP, 0), "do_dump"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_TCREATE, 0), "do_tcreate"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2A_ASN1_OBJECT, 0), "i2a_ASN1_OBJECT"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_ASN1_BIO_STREAM, 0),
"i2d_ASN1_bio_stream"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_ASN1_OBJECT, 0), "i2d_ASN1_OBJECT"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_DSA_PUBKEY, 0), "i2d_DSA_PUBKEY"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_EC_PUBKEY, 0), "i2d_EC_PUBKEY"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_PRIVATEKEY, 0), "i2d_PrivateKey"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_PUBLICKEY, 0), "i2d_PublicKey"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_RSA_PUBKEY, 0), "i2d_RSA_PUBKEY"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_LONG_C2I, 0), "long_c2i"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_NDEF_PREFIX, 0), "ndef_prefix"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_NDEF_SUFFIX, 0), "ndef_suffix"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_OID_MODULE_INIT, 0), "oid_module_init"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_PARSE_TAGGING, 0), "parse_tagging"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE2_SET_IV, 0), "PKCS5_pbe2_set_iv"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE2_SET_SCRYPT, 0),
"PKCS5_pbe2_set_scrypt"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE_SET, 0), "PKCS5_pbe_set"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE_SET0_ALGOR, 0),
"PKCS5_pbe_set0_algor"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBKDF2_SET, 0), "PKCS5_pbkdf2_set"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_SCRYPT_SET, 0), "pkcs5_scrypt_set"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_SMIME_READ_ASN1, 0), "SMIME_read_ASN1"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_SMIME_TEXT, 0), "SMIME_text"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_STABLE_GET, 0), "stable_get"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_STBL_MODULE_INIT, 0), "stbl_module_init"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_UINT32_C2I, 0), "uint32_c2i"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_UINT32_NEW, 0), "uint32_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_UINT64_C2I, 0), "uint64_c2i"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_UINT64_NEW, 0), "uint64_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_CRL_ADD0_REVOKED, 0),
"X509_CRL_add0_revoked"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_INFO_NEW, 0), "X509_INFO_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_NAME_ENCODE, 0), "x509_name_encode"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_NAME_EX_D2I, 0), "x509_name_ex_d2i"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_NAME_EX_NEW, 0), "x509_name_ex_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_PKEY_NEW, 0), "X509_PKEY_new"},
{0, NULL}
};
static const ERR_STRING_DATA ASN1_str_reasons[] = {
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ADDING_OBJECT), "adding object"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ASN1_PARSE_ERROR), "asn1 parse error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ASN1_SIG_PARSE_ERROR),
"asn1 sig parse error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_AUX_ERROR), "aux error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_OBJECT_HEADER), "bad object header"},
+ {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_TEMPLATE), "bad template"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BMPSTRING_IS_WRONG_LENGTH),
"bmpstring is wrong length"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BN_LIB), "bn lib"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BOOLEAN_IS_WRONG_LENGTH),
"boolean is wrong length"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BUFFER_TOO_SMALL), "buffer too small"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
"cipher has no object identifier"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_CONTEXT_NOT_INITIALISED),
"context not initialised"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DATA_IS_WRONG), "data is wrong"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DECODE_ERROR), "decode error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DEPTH_EXCEEDED), "depth exceeded"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED),
"digest and key type not supported"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ENCODE_ERROR), "encode error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ERROR_GETTING_TIME),
"error getting time"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ERROR_LOADING_SECTION),
"error loading section"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ERROR_SETTING_CIPHER_PARAMS),
"error setting cipher params"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPECTING_AN_INTEGER),
"expecting an integer"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPECTING_AN_OBJECT),
"expecting an object"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPLICIT_LENGTH_MISMATCH),
"explicit length mismatch"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED),
"explicit tag not constructed"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_FIELD_MISSING), "field missing"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_FIRST_NUM_TOO_LARGE),
"first num too large"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_HEADER_TOO_LONG), "header too long"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_BITSTRING_FORMAT),
"illegal bitstring format"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_BOOLEAN), "illegal boolean"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_CHARACTERS),
"illegal characters"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_FORMAT), "illegal format"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_HEX), "illegal hex"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_IMPLICIT_TAG),
"illegal implicit tag"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_INTEGER), "illegal integer"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NEGATIVE_VALUE),
"illegal negative value"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NESTED_TAGGING),
"illegal nested tagging"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NULL), "illegal null"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NULL_VALUE),
"illegal null value"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_OBJECT), "illegal object"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_OPTIONAL_ANY),
"illegal optional any"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),
"illegal options on item template"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_PADDING), "illegal padding"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_TAGGED_ANY),
"illegal tagged any"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_TIME_VALUE),
"illegal time value"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_ZERO_CONTENT),
"illegal zero content"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INTEGER_NOT_ASCII_FORMAT),
"integer not ascii format"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),
"integer too large for long"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_BIT_STRING_BITS_LEFT),
"invalid bit string bits left"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_BMPSTRING_LENGTH),
"invalid bmpstring length"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_DIGIT), "invalid digit"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_MIME_TYPE), "invalid mime type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_MODIFIER), "invalid modifier"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_NUMBER), "invalid number"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_OBJECT_ENCODING),
"invalid object encoding"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_SCRYPT_PARAMETERS),
"invalid scrypt parameters"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_SEPARATOR), "invalid separator"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_STRING_TABLE_VALUE),
"invalid string table value"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),
"invalid universalstring length"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_UTF8STRING),
"invalid utf8string"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_VALUE), "invalid value"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_LIST_ERROR), "list error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MIME_NO_CONTENT_TYPE),
"mime no content type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MIME_PARSE_ERROR), "mime parse error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MIME_SIG_PARSE_ERROR),
"mime sig parse error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MISSING_EOC), "missing eoc"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MISSING_SECOND_NUMBER),
"missing second number"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MISSING_VALUE), "missing value"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MSTRING_NOT_UNIVERSAL),
"mstring not universal"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NESTED_ASN1_STRING),
"nested asn1 string"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NESTED_TOO_DEEP), "nested too deep"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NON_HEX_CHARACTERS),
"non hex characters"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NOT_ENOUGH_DATA), "not enough data"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_CONTENT_TYPE), "no content type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_MATCHING_CHOICE_TYPE),
"no matching choice type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_MULTIPART_BODY_FAILURE),
"no multipart body failure"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_MULTIPART_BOUNDARY),
"no multipart boundary"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_SIG_CONTENT_TYPE),
"no sig content type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NULL_IS_WRONG_LENGTH),
"null is wrong length"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_OBJECT_NOT_ASCII_FORMAT),
"object not ascii format"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ODD_NUMBER_OF_CHARS),
"odd number of chars"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SECOND_NUMBER_TOO_LARGE),
"second number too large"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SEQUENCE_LENGTH_MISMATCH),
"sequence length mismatch"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SEQUENCE_NOT_CONSTRUCTED),
"sequence not constructed"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG),
"sequence or set needs config"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SHORT_LINE), "short line"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SIG_INVALID_MIME_TYPE),
"sig invalid mime type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_STREAMING_NOT_SUPPORTED),
"streaming not supported"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_STRING_TOO_LONG), "string too long"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_STRING_TOO_SHORT), "string too short"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
"the asn1 object identifier is not known for this md"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TIME_NOT_ASCII_FORMAT),
"time not ascii format"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TOO_LARGE), "too large"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TOO_LONG), "too long"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TOO_SMALL), "too small"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TYPE_NOT_CONSTRUCTED),
"type not constructed"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TYPE_NOT_PRIMITIVE),
"type not primitive"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNEXPECTED_EOC), "unexpected eoc"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),
"universalstring is wrong length"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_FORMAT), "unknown format"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),
"unknown message digest algorithm"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_OBJECT_TYPE),
"unknown object type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE),
"unknown public key type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM),
"unknown signature algorithm"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_TAG), "unknown tag"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),
"unsupported any defined by type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_CIPHER),
"unsupported cipher"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
"unsupported public key type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_TYPE), "unsupported type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_INTEGER_TYPE),
"wrong integer type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_PUBLIC_KEY_TYPE),
"wrong public key type"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_TAG), "wrong tag"},
{0, NULL}
};
#endif
int ERR_load_ASN1_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) {
ERR_load_strings_const(ASN1_str_functs);
ERR_load_strings_const(ASN1_str_reasons);
}
#endif
return 1;
}
diff --git a/crypto/openssl/crypto/asn1/tasn_dec.c b/crypto/openssl/crypto/asn1/tasn_dec.c
index 2332b204edc1..1021705f4346 100644
--- a/crypto/openssl/crypto/asn1/tasn_dec.c
+++ b/crypto/openssl/crypto/asn1/tasn_dec.c
@@ -1,1160 +1,1179 @@
/*
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stddef.h>
#include <string.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include <openssl/buffer.h>
#include <openssl/err.h>
#include "internal/numbers.h"
#include "asn1_local.h"
/*
* Constructed types with a recursive definition (such as can be found in PKCS7)
* could eventually exceed the stack given malicious input with excessive
* recursion. Therefore we limit the stack depth. This is the maximum number of
* recursive invocations of asn1_item_embed_d2i().
*/
#define ASN1_MAX_CONSTRUCTED_NEST 30
static int asn1_item_embed_d2i(ASN1_VALUE **pval, const unsigned char **in,
long len, const ASN1_ITEM *it,
int tag, int aclass, char opt, ASN1_TLC *ctx,
int depth);
static int asn1_check_eoc(const unsigned char **in, long len);
static int asn1_find_end(const unsigned char **in, long len, char inf);
static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
char inf, int tag, int aclass, int depth);
static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
char *inf, char *cst,
const unsigned char **in, long len,
int exptag, int expclass, char opt, ASN1_TLC *ctx);
static int asn1_template_ex_d2i(ASN1_VALUE **pval,
const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx, int depth);
static int asn1_template_noexp_d2i(ASN1_VALUE **val,
const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx, int depth);
static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
const unsigned char **in, long len,
const ASN1_ITEM *it,
int tag, int aclass, char opt,
ASN1_TLC *ctx);
static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it);
/* Table to convert tags to bit values, used for MSTRING type */
static const unsigned long tag2bit[32] = {
/* tags 0 - 3 */
0, 0, 0, B_ASN1_BIT_STRING,
/* tags 4- 7 */
B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,
/* tags 8-11 */
B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,
/* tags 12-15 */
B_ASN1_UTF8STRING, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,
/* tags 16-19 */
B_ASN1_SEQUENCE, 0, B_ASN1_NUMERICSTRING, B_ASN1_PRINTABLESTRING,
/* tags 20-22 */
B_ASN1_T61STRING, B_ASN1_VIDEOTEXSTRING, B_ASN1_IA5STRING,
/* tags 23-24 */
B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME,
/* tags 25-27 */
B_ASN1_GRAPHICSTRING, B_ASN1_ISO64STRING, B_ASN1_GENERALSTRING,
/* tags 28-31 */
B_ASN1_UNIVERSALSTRING, B_ASN1_UNKNOWN, B_ASN1_BMPSTRING, B_ASN1_UNKNOWN,
};
unsigned long ASN1_tag2bit(int tag)
{
if ((tag < 0) || (tag > 30))
return 0;
return tag2bit[tag];
}
/* Macro to initialize and invalidate the cache */
#define asn1_tlc_clear(c) if (c) (c)->valid = 0
/* Version to avoid compiler warning about 'c' always non-NULL */
#define asn1_tlc_clear_nc(c) (c)->valid = 0
/*
* Decode an ASN1 item, this currently behaves just like a standard 'd2i'
* function. 'in' points to a buffer to read the data from, in future we
* will have more advanced versions that can input data a piece at a time and
* this will simply be a special case.
*/
ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
const unsigned char **in, long len,
const ASN1_ITEM *it)
{
ASN1_TLC c;
ASN1_VALUE *ptmpval = NULL;
if (!pval)
pval = &ptmpval;
asn1_tlc_clear_nc(&c);
if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
return *pval;
return NULL;
}
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it,
int tag, int aclass, char opt, ASN1_TLC *ctx)
{
int rv;
rv = asn1_item_embed_d2i(pval, in, len, it, tag, aclass, opt, ctx, 0);
if (rv <= 0)
ASN1_item_ex_free(pval, it);
return rv;
}
/*
* Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and
* tag mismatch return -1 to handle OPTIONAL
*/
static int asn1_item_embed_d2i(ASN1_VALUE **pval, const unsigned char **in,
long len, const ASN1_ITEM *it,
int tag, int aclass, char opt, ASN1_TLC *ctx,
int depth)
{
const ASN1_TEMPLATE *tt, *errtt = NULL;
const ASN1_EXTERN_FUNCS *ef;
const ASN1_AUX *aux = it->funcs;
ASN1_aux_cb *asn1_cb;
const unsigned char *p = NULL, *q;
unsigned char oclass;
char seq_eoc, seq_nolen, cst, isopt;
long tmplen;
int i;
int otag;
int ret = 0;
ASN1_VALUE **pchptr;
if (!pval)
return 0;
if (aux && aux->asn1_cb)
asn1_cb = aux->asn1_cb;
else
asn1_cb = 0;
if (++depth > ASN1_MAX_CONSTRUCTED_NEST) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_NESTED_TOO_DEEP);
goto err;
}
switch (it->itype) {
case ASN1_ITYPE_PRIMITIVE:
if (it->templates) {
/*
* tagging or OPTIONAL is currently illegal on an item template
* because the flags can't get passed down. In practice this
* isn't a problem: we include the relevant flags from the item
* template in the template itself.
*/
if ((tag != -1) || opt) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I,
ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
goto err;
}
return asn1_template_ex_d2i(pval, in, len,
it->templates, opt, ctx, depth);
}
return asn1_d2i_ex_primitive(pval, in, len, it,
tag, aclass, opt, ctx);
case ASN1_ITYPE_MSTRING:
+ /*
+ * It never makes sense for multi-strings to have implicit tagging, so
+ * if tag != -1, then this looks like an error in the template.
+ */
+ if (tag != -1) {
+ ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE);
+ goto err;
+ }
+
p = *in;
/* Just read in tag and class */
ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
&p, len, -1, 0, 1, ctx);
if (!ret) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
}
/* Must be UNIVERSAL class */
if (oclass != V_ASN1_UNIVERSAL) {
/* If OPTIONAL, assume this is OK */
if (opt)
return -1;
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
goto err;
}
+
/* Check tag matches bit map */
if (!(ASN1_tag2bit(otag) & it->utype)) {
/* If OPTIONAL, assume this is OK */
if (opt)
return -1;
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_MSTRING_WRONG_TAG);
goto err;
}
return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx);
case ASN1_ITYPE_EXTERN:
/* Use new style d2i */
ef = it->funcs;
return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx);
case ASN1_ITYPE_CHOICE:
+ /*
+ * It never makes sense for CHOICE types to have implicit tagging, so
+ * if tag != -1, then this looks like an error in the template.
+ */
+ if (tag != -1) {
+ ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE);
+ goto err;
+ }
+
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
goto auxerr;
if (*pval) {
/* Free up and zero CHOICE value if initialised */
i = asn1_get_choice_selector(pval, it);
if ((i >= 0) && (i < it->tcount)) {
tt = it->templates + i;
pchptr = asn1_get_field_ptr(pval, tt);
asn1_template_free(pchptr, tt);
asn1_set_choice_selector(pval, -1, it);
}
} else if (!ASN1_item_ex_new(pval, it)) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
}
/* CHOICE type, try each possibility in turn */
p = *in;
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
pchptr = asn1_get_field_ptr(pval, tt);
/*
* We mark field as OPTIONAL so its absence can be recognised.
*/
ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx, depth);
/* If field not present, try the next one */
if (ret == -1)
continue;
/* If positive return, read OK, break loop */
if (ret > 0)
break;
/*
* Must be an ASN1 parsing error.
* Free up any partial choice value
*/
asn1_template_free(pchptr, tt);
errtt = tt;
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
}
/* Did we fall off the end without reading anything? */
if (i == it->tcount) {
/* If OPTIONAL, this is OK */
if (opt) {
/* Free and zero it */
ASN1_item_ex_free(pval, it);
return -1;
}
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE);
goto err;
}
asn1_set_choice_selector(pval, i, it);
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
goto auxerr;
*in = p;
return 1;
case ASN1_ITYPE_NDEF_SEQUENCE:
case ASN1_ITYPE_SEQUENCE:
p = *in;
tmplen = len;
/* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
if (tag == -1) {
tag = V_ASN1_SEQUENCE;
aclass = V_ASN1_UNIVERSAL;
}
/* Get SEQUENCE length and update len, p */
ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst,
&p, len, tag, aclass, opt, ctx);
if (!ret) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
} else if (ret == -1)
return -1;
if (aux && (aux->flags & ASN1_AFLG_BROKEN)) {
len = tmplen - (p - *in);
seq_nolen = 1;
}
/* If indefinite we don't do a length check */
else
seq_nolen = seq_eoc;
if (!cst) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
goto err;
}
if (!*pval && !ASN1_item_ex_new(pval, it)) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
}
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
goto auxerr;
/* Free up and zero any ADB found */
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
if (tt->flags & ASN1_TFLG_ADB_MASK) {
const ASN1_TEMPLATE *seqtt;
ASN1_VALUE **pseqval;
seqtt = asn1_do_adb(pval, tt, 0);
if (seqtt == NULL)
continue;
pseqval = asn1_get_field_ptr(pval, seqtt);
asn1_template_free(pseqval, seqtt);
}
}
/* Get each field entry */
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
const ASN1_TEMPLATE *seqtt;
ASN1_VALUE **pseqval;
seqtt = asn1_do_adb(pval, tt, 1);
if (seqtt == NULL)
goto err;
pseqval = asn1_get_field_ptr(pval, seqtt);
/* Have we ran out of data? */
if (!len)
break;
q = p;
if (asn1_check_eoc(&p, len)) {
if (!seq_eoc) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_UNEXPECTED_EOC);
goto err;
}
len -= p - q;
seq_eoc = 0;
q = p;
break;
}
/*
* This determines the OPTIONAL flag value. The field cannot be
* omitted if it is the last of a SEQUENCE and there is still
* data to be read. This isn't strictly necessary but it
* increases efficiency in some cases.
*/
if (i == (it->tcount - 1))
isopt = 0;
else
isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL);
/*
* attempt to read in field, allowing each to be OPTIONAL
*/
ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx,
depth);
if (!ret) {
errtt = seqtt;
goto err;
} else if (ret == -1) {
/*
* OPTIONAL component absent. Free and zero the field.
*/
asn1_template_free(pseqval, seqtt);
continue;
}
/* Update length */
len -= p - q;
}
/* Check for EOC if expecting one */
if (seq_eoc && !asn1_check_eoc(&p, len)) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_MISSING_EOC);
goto err;
}
/* Check all data read */
if (!seq_nolen && len) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH);
goto err;
}
/*
* If we get here we've got no more data in the SEQUENCE, however we
* may not have read all fields so check all remaining are OPTIONAL
* and clear any that are.
*/
for (; i < it->tcount; tt++, i++) {
const ASN1_TEMPLATE *seqtt;
seqtt = asn1_do_adb(pval, tt, 1);
if (seqtt == NULL)
goto err;
if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
ASN1_VALUE **pseqval;
pseqval = asn1_get_field_ptr(pval, seqtt);
asn1_template_free(pseqval, seqtt);
} else {
errtt = seqtt;
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_FIELD_MISSING);
goto err;
}
}
/* Save encoding */
if (!asn1_enc_save(pval, *in, p - *in, it))
goto auxerr;
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
goto auxerr;
*in = p;
return 1;
default:
return 0;
}
auxerr:
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_AUX_ERROR);
err:
if (errtt)
ERR_add_error_data(4, "Field=", errtt->field_name,
", Type=", it->sname);
else
ERR_add_error_data(2, "Type=", it->sname);
return 0;
}
/*
* Templates are handled with two separate functions. One handles any
* EXPLICIT tag and the other handles the rest.
*/
static int asn1_template_ex_d2i(ASN1_VALUE **val,
const unsigned char **in, long inlen,
const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx, int depth)
{
int flags, aclass;
int ret;
long len;
const unsigned char *p, *q;
char exp_eoc;
if (!val)
return 0;
flags = tt->flags;
aclass = flags & ASN1_TFLG_TAG_CLASS;
p = *in;
/* Check if EXPLICIT tag expected */
if (flags & ASN1_TFLG_EXPTAG) {
char cst;
/*
* Need to work out amount of data available to the inner content and
* where it starts: so read in EXPLICIT header to get the info.
*/
ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst,
&p, inlen, tt->tag, aclass, opt, ctx);
q = p;
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
return 0;
} else if (ret == -1)
return -1;
if (!cst) {
ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
return 0;
}
/* We've found the field so it can't be OPTIONAL now */
ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx, depth);
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
return 0;
}
/* We read the field in OK so update length */
len -= p - q;
if (exp_eoc) {
/* If NDEF we must have an EOC here */
if (!asn1_check_eoc(&p, len)) {
ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_MISSING_EOC);
goto err;
}
} else {
/*
* Otherwise we must hit the EXPLICIT tag end or its an error
*/
if (len) {
ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
ASN1_R_EXPLICIT_LENGTH_MISMATCH);
goto err;
}
}
} else
return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx, depth);
*in = p;
return 1;
err:
return 0;
}
static int asn1_template_noexp_d2i(ASN1_VALUE **val,
const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx, int depth)
{
int flags, aclass;
int ret;
ASN1_VALUE *tval;
const unsigned char *p, *q;
if (!val)
return 0;
flags = tt->flags;
aclass = flags & ASN1_TFLG_TAG_CLASS;
p = *in;
q = p;
/*
* If field is embedded then val needs fixing so it is a pointer to
* a pointer to a field.
*/
if (tt->flags & ASN1_TFLG_EMBED) {
tval = (ASN1_VALUE *)val;
val = &tval;
}
if (flags & ASN1_TFLG_SK_MASK) {
/* SET OF, SEQUENCE OF */
int sktag, skaclass;
char sk_eoc;
/* First work out expected inner tag value */
if (flags & ASN1_TFLG_IMPTAG) {
sktag = tt->tag;
skaclass = aclass;
} else {
skaclass = V_ASN1_UNIVERSAL;
if (flags & ASN1_TFLG_SET_OF)
sktag = V_ASN1_SET;
else
sktag = V_ASN1_SEQUENCE;
}
/* Get the tag */
ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
&p, len, sktag, skaclass, opt, ctx);
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
return 0;
} else if (ret == -1)
return -1;
if (!*val)
*val = (ASN1_VALUE *)sk_ASN1_VALUE_new_null();
else {
/*
* We've got a valid STACK: free up any items present
*/
STACK_OF(ASN1_VALUE) *sktmp = (STACK_OF(ASN1_VALUE) *)*val;
ASN1_VALUE *vtmp;
while (sk_ASN1_VALUE_num(sktmp) > 0) {
vtmp = sk_ASN1_VALUE_pop(sktmp);
ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item));
}
}
if (!*val) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
goto err;
}
/* Read as many items as we can */
while (len > 0) {
ASN1_VALUE *skfield;
q = p;
/* See if EOC found */
if (asn1_check_eoc(&p, len)) {
if (!sk_eoc) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ASN1_R_UNEXPECTED_EOC);
goto err;
}
len -= p - q;
sk_eoc = 0;
break;
}
skfield = NULL;
if (!asn1_item_embed_d2i(&skfield, &p, len,
ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx,
depth)) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ERR_R_NESTED_ASN1_ERROR);
/* |skfield| may be partially allocated despite failure. */
ASN1_item_free(skfield, ASN1_ITEM_ptr(tt->item));
goto err;
}
len -= p - q;
if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
ASN1_item_free(skfield, ASN1_ITEM_ptr(tt->item));
goto err;
}
}
if (sk_eoc) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC);
goto err;
}
} else if (flags & ASN1_TFLG_IMPTAG) {
/* IMPLICIT tagging */
ret = asn1_item_embed_d2i(val, &p, len,
ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt,
ctx, depth);
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
} else if (ret == -1)
return -1;
} else {
/* Nothing special */
ret = asn1_item_embed_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
-1, 0, opt, ctx, depth);
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
} else if (ret == -1)
return -1;
}
*in = p;
return 1;
err:
return 0;
}
static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
const unsigned char **in, long inlen,
const ASN1_ITEM *it,
int tag, int aclass, char opt, ASN1_TLC *ctx)
{
int ret = 0, utype;
long plen;
char cst, inf, free_cont = 0;
const unsigned char *p;
BUF_MEM buf = { 0, NULL, 0, 0 };
const unsigned char *cont = NULL;
long len;
if (!pval) {
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
return 0; /* Should never happen */
}
if (it->itype == ASN1_ITYPE_MSTRING) {
utype = tag;
tag = -1;
} else
utype = it->utype;
if (utype == V_ASN1_ANY) {
/* If type is ANY need to figure out type from tag */
unsigned char oclass;
if (tag >= 0) {
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY);
return 0;
}
if (opt) {
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
ASN1_R_ILLEGAL_OPTIONAL_ANY);
return 0;
}
p = *in;
ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL,
&p, inlen, -1, 0, 0, ctx);
if (!ret) {
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
return 0;
}
if (oclass != V_ASN1_UNIVERSAL)
utype = V_ASN1_OTHER;
}
if (tag == -1) {
tag = utype;
aclass = V_ASN1_UNIVERSAL;
}
p = *in;
/* Check header */
ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst,
&p, inlen, tag, aclass, opt, ctx);
if (!ret) {
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
return 0;
} else if (ret == -1)
return -1;
ret = 0;
/* SEQUENCE, SET and "OTHER" are left in encoded form */
if ((utype == V_ASN1_SEQUENCE)
|| (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
/*
* Clear context cache for type OTHER because the auto clear when we
* have a exact match won't work
*/
if (utype == V_ASN1_OTHER) {
asn1_tlc_clear(ctx);
}
/* SEQUENCE and SET must be constructed */
else if (!cst) {
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
ASN1_R_TYPE_NOT_CONSTRUCTED);
return 0;
}
cont = *in;
/* If indefinite length constructed find the real end */
if (inf) {
if (!asn1_find_end(&p, plen, inf))
goto err;
len = p - cont;
} else {
len = p - cont + plen;
p += plen;
}
} else if (cst) {
if (utype == V_ASN1_NULL || utype == V_ASN1_BOOLEAN
|| utype == V_ASN1_OBJECT || utype == V_ASN1_INTEGER
|| utype == V_ASN1_ENUMERATED) {
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_PRIMITIVE);
return 0;
}
/* Free any returned 'buf' content */
free_cont = 1;
/*
* Should really check the internal tags are correct but some things
* may get this wrong. The relevant specs say that constructed string
* types should be OCTET STRINGs internally irrespective of the type.
* So instead just check for UNIVERSAL class and ignore the tag.
*/
if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
goto err;
}
len = buf.length;
/* Append a final null to string */
if (!BUF_MEM_grow_clean(&buf, len + 1)) {
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
goto err;
}
buf.data[len] = 0;
cont = (const unsigned char *)buf.data;
} else {
cont = p;
len = plen;
p += plen;
}
/* We now have content length and type: translate into a structure */
/* asn1_ex_c2i may reuse allocated buffer, and so sets free_cont to 0 */
if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it))
goto err;
*in = p;
ret = 1;
err:
if (free_cont)
OPENSSL_free(buf.data);
return ret;
}
/* Translate ASN1 content octets into a structure */
static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it)
{
ASN1_VALUE **opval = NULL;
ASN1_STRING *stmp;
ASN1_TYPE *typ = NULL;
int ret = 0;
const ASN1_PRIMITIVE_FUNCS *pf;
ASN1_INTEGER **tint;
pf = it->funcs;
if (pf && pf->prim_c2i)
return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
/* If ANY type clear type and set pointer to internal value */
if (it->utype == V_ASN1_ANY) {
if (!*pval) {
typ = ASN1_TYPE_new();
if (typ == NULL)
goto err;
*pval = (ASN1_VALUE *)typ;
} else
typ = (ASN1_TYPE *)*pval;
if (utype != typ->type)
ASN1_TYPE_set(typ, utype, NULL);
opval = pval;
pval = &typ->value.asn1_value;
}
switch (utype) {
case V_ASN1_OBJECT:
if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len))
goto err;
break;
case V_ASN1_NULL:
if (len) {
ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_NULL_IS_WRONG_LENGTH);
goto err;
}
*pval = (ASN1_VALUE *)1;
break;
case V_ASN1_BOOLEAN:
if (len != 1) {
ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
goto err;
} else {
ASN1_BOOLEAN *tbool;
tbool = (ASN1_BOOLEAN *)pval;
*tbool = *cont;
}
break;
case V_ASN1_BIT_STRING:
if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len))
goto err;
break;
case V_ASN1_INTEGER:
case V_ASN1_ENUMERATED:
tint = (ASN1_INTEGER **)pval;
if (!c2i_ASN1_INTEGER(tint, &cont, len))
goto err;
/* Fixup type to match the expected form */
(*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
break;
case V_ASN1_OCTET_STRING:
case V_ASN1_NUMERICSTRING:
case V_ASN1_PRINTABLESTRING:
case V_ASN1_T61STRING:
case V_ASN1_VIDEOTEXSTRING:
case V_ASN1_IA5STRING:
case V_ASN1_UTCTIME:
case V_ASN1_GENERALIZEDTIME:
case V_ASN1_GRAPHICSTRING:
case V_ASN1_VISIBLESTRING:
case V_ASN1_GENERALSTRING:
case V_ASN1_UNIVERSALSTRING:
case V_ASN1_BMPSTRING:
case V_ASN1_UTF8STRING:
case V_ASN1_OTHER:
case V_ASN1_SET:
case V_ASN1_SEQUENCE:
default:
if (utype == V_ASN1_BMPSTRING && (len & 1)) {
ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
goto err;
}
if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) {
ASN1err(ASN1_F_ASN1_EX_C2I,
ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
goto err;
}
/* All based on ASN1_STRING and handled the same */
if (!*pval) {
stmp = ASN1_STRING_type_new(utype);
if (stmp == NULL) {
ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE);
goto err;
}
*pval = (ASN1_VALUE *)stmp;
} else {
stmp = (ASN1_STRING *)*pval;
stmp->type = utype;
}
/* If we've already allocated a buffer use it */
if (*free_cont) {
OPENSSL_free(stmp->data);
stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */
stmp->length = len;
*free_cont = 0;
} else {
if (!ASN1_STRING_set(stmp, cont, len)) {
ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE);
ASN1_STRING_free(stmp);
*pval = NULL;
goto err;
}
}
break;
}
/* If ASN1_ANY and NULL type fix up value */
if (typ && (utype == V_ASN1_NULL))
typ->value.ptr = NULL;
ret = 1;
err:
if (!ret) {
ASN1_TYPE_free(typ);
if (opval)
*opval = NULL;
}
return ret;
}
/*
* This function finds the end of an ASN1 structure when passed its maximum
* length, whether it is indefinite length and a pointer to the content. This
* is more efficient than calling asn1_collect because it does not recurse on
* each indefinite length header.
*/
static int asn1_find_end(const unsigned char **in, long len, char inf)
{
uint32_t expected_eoc;
long plen;
const unsigned char *p = *in, *q;
/* If not indefinite length constructed just add length */
if (inf == 0) {
*in += len;
return 1;
}
expected_eoc = 1;
/*
* Indefinite length constructed form. Find the end when enough EOCs are
* found. If more indefinite length constructed headers are encountered
* increment the expected eoc count otherwise just skip to the end of the
* data.
*/
while (len > 0) {
if (asn1_check_eoc(&p, len)) {
expected_eoc--;
if (expected_eoc == 0)
break;
len -= 2;
continue;
}
q = p;
/* Just read in a header: only care about the length */
if (!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
-1, 0, 0, NULL)) {
ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
return 0;
}
if (inf) {
if (expected_eoc == UINT32_MAX) {
ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
return 0;
}
expected_eoc++;
} else {
p += plen;
}
len -= p - q;
}
if (expected_eoc) {
ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
return 0;
}
*in = p;
return 1;
}
/*
* This function collects the asn1 data from a constructed string type into
* a buffer. The values of 'in' and 'len' should refer to the contents of the
* constructed type and 'inf' should be set if it is indefinite length.
*/
#ifndef ASN1_MAX_STRING_NEST
/*
* This determines how many levels of recursion are permitted in ASN1 string
* types. If it is not limited stack overflows can occur. If set to zero no
* recursion is allowed at all. Although zero should be adequate examples
* exist that require a value of 1. So 5 should be more than enough.
*/
# define ASN1_MAX_STRING_NEST 5
#endif
static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
char inf, int tag, int aclass, int depth)
{
const unsigned char *p, *q;
long plen;
char cst, ininf;
p = *in;
inf &= 1;
/*
* If no buffer and not indefinite length constructed just pass over the
* encoded data
*/
if (!buf && !inf) {
*in += len;
return 1;
}
while (len > 0) {
q = p;
/* Check for EOC */
if (asn1_check_eoc(&p, len)) {
/*
* EOC is illegal outside indefinite length constructed form
*/
if (!inf) {
ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC);
return 0;
}
inf = 0;
break;
}
if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
len, tag, aclass, 0, NULL)) {
ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
return 0;
}
/* If indefinite length constructed update max length */
if (cst) {
if (depth >= ASN1_MAX_STRING_NEST) {
ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING);
return 0;
}
if (!asn1_collect(buf, &p, plen, ininf, tag, aclass, depth + 1))
return 0;
} else if (plen && !collect_data(buf, &p, plen))
return 0;
len -= p - q;
}
if (inf) {
ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
return 0;
}
*in = p;
return 1;
}
static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen)
{
int len;
if (buf) {
len = buf->length;
if (!BUF_MEM_grow_clean(buf, len + plen)) {
ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
return 0;
}
memcpy(buf->data + len, *p, plen);
}
*p += plen;
return 1;
}
/* Check for ASN1 EOC and swallow it if found */
static int asn1_check_eoc(const unsigned char **in, long len)
{
const unsigned char *p;
if (len < 2)
return 0;
p = *in;
if (!p[0] && !p[1]) {
*in += 2;
return 1;
}
return 0;
}
/*
* Check an ASN1 tag and length: a bit like ASN1_get_object but it sets the
* length for indefinite length constructed form, we don't know the exact
* length but we can set an upper bound to the amount of data available minus
* the header length just read.
*/
static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
char *inf, char *cst,
const unsigned char **in, long len,
int exptag, int expclass, char opt, ASN1_TLC *ctx)
{
int i;
int ptag, pclass;
long plen;
const unsigned char *p, *q;
p = *in;
q = p;
if (ctx && ctx->valid) {
i = ctx->ret;
plen = ctx->plen;
pclass = ctx->pclass;
ptag = ctx->ptag;
p += ctx->hdrlen;
} else {
i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
if (ctx) {
ctx->ret = i;
ctx->plen = plen;
ctx->pclass = pclass;
ctx->ptag = ptag;
ctx->hdrlen = p - q;
ctx->valid = 1;
/*
* If definite length, and no error, length + header can't exceed
* total amount of data available.
*/
if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) {
ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG);
asn1_tlc_clear(ctx);
return 0;
}
}
}
if (i & 0x80) {
ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
asn1_tlc_clear(ctx);
return 0;
}
if (exptag >= 0) {
if ((exptag != ptag) || (expclass != pclass)) {
/*
* If type is OPTIONAL, not an error: indicate missing type.
*/
if (opt)
return -1;
asn1_tlc_clear(ctx);
ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
return 0;
}
/*
* We have a tag and class match: assume we are going to do something
* with it
*/
asn1_tlc_clear(ctx);
}
if (i & 1)
plen = len - (p - q);
if (inf)
*inf = i & 1;
if (cst)
*cst = i & V_ASN1_CONSTRUCTED;
if (olen)
*olen = plen;
if (oclass)
*oclass = pclass;
if (otag)
*otag = ptag;
*in = p;
return 1;
}
diff --git a/crypto/openssl/crypto/asn1/tasn_enc.c b/crypto/openssl/crypto/asn1/tasn_enc.c
index d600c7a53804..52a051d5b1c1 100644
--- a/crypto/openssl/crypto/asn1/tasn_enc.c
+++ b/crypto/openssl/crypto/asn1/tasn_enc.c
@@ -1,609 +1,625 @@
/*
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stddef.h>
#include <string.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include "crypto/asn1.h"
#include "asn1_local.h"
static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
int skcontlen, const ASN1_ITEM *item,
int do_sort, int iclass);
static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
const ASN1_TEMPLATE *tt, int tag, int aclass);
static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
const ASN1_ITEM *it, int flags);
static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
const ASN1_ITEM *it);
/*
* Top level i2d equivalents: the 'ndef' variant instructs the encoder to use
* indefinite length constructed encoding, where appropriate
*/
int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
const ASN1_ITEM *it)
{
return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF);
}
int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
{
return asn1_item_flags_i2d(val, out, it, 0);
}
/*
* Encode an ASN1 item, this is use by the standard 'i2d' function. 'out'
* points to a buffer to output the data to. The new i2d has one additional
* feature. If the output buffer is NULL (i.e. *out == NULL) then a buffer is
* allocated and populated with the encoding.
*/
static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
const ASN1_ITEM *it, int flags)
{
if (out && !*out) {
unsigned char *p, *buf;
int len;
len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags);
if (len <= 0)
return len;
if ((buf = OPENSSL_malloc(len)) == NULL) {
ASN1err(ASN1_F_ASN1_ITEM_FLAGS_I2D, ERR_R_MALLOC_FAILURE);
return -1;
}
p = buf;
ASN1_item_ex_i2d(&val, &p, it, -1, flags);
*out = buf;
return len;
}
return ASN1_item_ex_i2d(&val, out, it, -1, flags);
}
/*
* Encode an item, taking care of IMPLICIT tagging (if any). This function
* performs the normal item handling: it can be used in external types.
*/
int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass)
{
const ASN1_TEMPLATE *tt = NULL;
int i, seqcontlen, seqlen, ndef = 1;
const ASN1_EXTERN_FUNCS *ef;
const ASN1_AUX *aux = it->funcs;
ASN1_aux_cb *asn1_cb = 0;
if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
return 0;
if (aux && aux->asn1_cb)
asn1_cb = aux->asn1_cb;
switch (it->itype) {
case ASN1_ITYPE_PRIMITIVE:
if (it->templates)
return asn1_template_ex_i2d(pval, out, it->templates,
tag, aclass);
return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
case ASN1_ITYPE_MSTRING:
+ /*
+ * It never makes sense for multi-strings to have implicit tagging, so
+ * if tag != -1, then this looks like an error in the template.
+ */
+ if (tag != -1) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE);
+ return -1;
+ }
return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
case ASN1_ITYPE_CHOICE:
+ /*
+ * It never makes sense for CHOICE types to have implicit tagging, so
+ * if tag != -1, then this looks like an error in the template.
+ */
+ if (tag != -1) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE);
+ return -1;
+ }
if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
return 0;
i = asn1_get_choice_selector(pval, it);
if ((i >= 0) && (i < it->tcount)) {
ASN1_VALUE **pchval;
const ASN1_TEMPLATE *chtt;
chtt = it->templates + i;
pchval = asn1_get_field_ptr(pval, chtt);
return asn1_template_ex_i2d(pchval, out, chtt, -1, aclass);
}
/* Fixme: error condition if selector out of range */
if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
return 0;
break;
case ASN1_ITYPE_EXTERN:
/* If new style i2d it does all the work */
ef = it->funcs;
return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
case ASN1_ITYPE_NDEF_SEQUENCE:
/* Use indefinite length constructed if requested */
if (aclass & ASN1_TFLG_NDEF)
ndef = 2;
/* fall through */
case ASN1_ITYPE_SEQUENCE:
i = asn1_enc_restore(&seqcontlen, out, pval, it);
/* An error occurred */
if (i < 0)
return 0;
/* We have a valid cached encoding... */
if (i > 0)
return seqcontlen;
/* Otherwise carry on */
seqcontlen = 0;
/* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
if (tag == -1) {
tag = V_ASN1_SEQUENCE;
/* Retain any other flags in aclass */
aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
| V_ASN1_UNIVERSAL;
}
if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
return 0;
/* First work out sequence content length */
for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
const ASN1_TEMPLATE *seqtt;
ASN1_VALUE **pseqval;
int tmplen;
seqtt = asn1_do_adb(pval, tt, 1);
if (!seqtt)
return 0;
pseqval = asn1_get_field_ptr(pval, seqtt);
tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, aclass);
if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen))
return -1;
seqcontlen += tmplen;
}
seqlen = ASN1_object_size(ndef, seqcontlen, tag);
if (!out || seqlen == -1)
return seqlen;
/* Output SEQUENCE header */
ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
const ASN1_TEMPLATE *seqtt;
ASN1_VALUE **pseqval;
seqtt = asn1_do_adb(pval, tt, 1);
if (!seqtt)
return 0;
pseqval = asn1_get_field_ptr(pval, seqtt);
/* FIXME: check for errors in enhanced version */
asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass);
}
if (ndef == 2)
ASN1_put_eoc(out);
if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
return 0;
return seqlen;
default:
return 0;
}
return 0;
}
static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
const ASN1_TEMPLATE *tt, int tag, int iclass)
{
int i, ret, flags, ttag, tclass, ndef;
ASN1_VALUE *tval;
flags = tt->flags;
/*
* If field is embedded then val needs fixing so it is a pointer to
* a pointer to a field.
*/
if (flags & ASN1_TFLG_EMBED) {
tval = (ASN1_VALUE *)pval;
pval = &tval;
}
/*
* Work out tag and class to use: tagging may come either from the
* template or the arguments, not both because this would create
* ambiguity. Additionally the iclass argument may contain some
* additional flags which should be noted and passed down to other
* levels.
*/
if (flags & ASN1_TFLG_TAG_MASK) {
/* Error if argument and template tagging */
if (tag != -1)
/* FIXME: error code here */
return -1;
/* Get tagging from template */
ttag = tt->tag;
tclass = flags & ASN1_TFLG_TAG_CLASS;
} else if (tag != -1) {
/* No template tagging, get from arguments */
ttag = tag;
tclass = iclass & ASN1_TFLG_TAG_CLASS;
} else {
ttag = -1;
tclass = 0;
}
/*
* Remove any class mask from iflag.
*/
iclass &= ~ASN1_TFLG_TAG_CLASS;
/*
* At this point 'ttag' contains the outer tag to use, 'tclass' is the
* class and iclass is any flags passed to this function.
*/
/* if template and arguments require ndef, use it */
if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF))
ndef = 2;
else
ndef = 1;
if (flags & ASN1_TFLG_SK_MASK) {
/* SET OF, SEQUENCE OF */
STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
int isset, sktag, skaclass;
int skcontlen, sklen;
ASN1_VALUE *skitem;
if (!*pval)
return 0;
if (flags & ASN1_TFLG_SET_OF) {
isset = 1;
/* 2 means we reorder */
if (flags & ASN1_TFLG_SEQUENCE_OF)
isset = 2;
} else
isset = 0;
/*
* Work out inner tag value: if EXPLICIT or no tagging use underlying
* type.
*/
if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) {
sktag = ttag;
skaclass = tclass;
} else {
skaclass = V_ASN1_UNIVERSAL;
if (isset)
sktag = V_ASN1_SET;
else
sktag = V_ASN1_SEQUENCE;
}
/* Determine total length of items */
skcontlen = 0;
for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
int tmplen;
skitem = sk_ASN1_VALUE_value(sk, i);
tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item),
-1, iclass);
if (tmplen == -1 || (skcontlen > INT_MAX - tmplen))
return -1;
skcontlen += tmplen;
}
sklen = ASN1_object_size(ndef, skcontlen, sktag);
if (sklen == -1)
return -1;
/* If EXPLICIT need length of surrounding tag */
if (flags & ASN1_TFLG_EXPTAG)
ret = ASN1_object_size(ndef, sklen, ttag);
else
ret = sklen;
if (!out || ret == -1)
return ret;
/* Now encode this lot... */
/* EXPLICIT tag */
if (flags & ASN1_TFLG_EXPTAG)
ASN1_put_object(out, ndef, sklen, ttag, tclass);
/* SET or SEQUENCE and IMPLICIT tag */
ASN1_put_object(out, ndef, skcontlen, sktag, skaclass);
/* And the stuff itself */
asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
isset, iclass);
if (ndef == 2) {
ASN1_put_eoc(out);
if (flags & ASN1_TFLG_EXPTAG)
ASN1_put_eoc(out);
}
return ret;
}
if (flags & ASN1_TFLG_EXPTAG) {
/* EXPLICIT tagging */
/* Find length of tagged item */
i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, iclass);
if (!i)
return 0;
/* Find length of EXPLICIT tag */
ret = ASN1_object_size(ndef, i, ttag);
if (out && ret != -1) {
/* Output tag and item */
ASN1_put_object(out, ndef, i, ttag, tclass);
ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass);
if (ndef == 2)
ASN1_put_eoc(out);
}
return ret;
}
/* Either normal or IMPLICIT tagging: combine class and flags */
return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
ttag, tclass | iclass);
}
/* Temporary structure used to hold DER encoding of items for SET OF */
typedef struct {
unsigned char *data;
int length;
ASN1_VALUE *field;
} DER_ENC;
static int der_cmp(const void *a, const void *b)
{
const DER_ENC *d1 = a, *d2 = b;
int cmplen, i;
cmplen = (d1->length < d2->length) ? d1->length : d2->length;
i = memcmp(d1->data, d2->data, cmplen);
if (i)
return i;
return d1->length - d2->length;
}
/* Output the content octets of SET OF or SEQUENCE OF */
static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
int skcontlen, const ASN1_ITEM *item,
int do_sort, int iclass)
{
int i;
ASN1_VALUE *skitem;
unsigned char *tmpdat = NULL, *p = NULL;
DER_ENC *derlst = NULL, *tder;
if (do_sort) {
/* Don't need to sort less than 2 items */
if (sk_ASN1_VALUE_num(sk) < 2)
do_sort = 0;
else {
derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk)
* sizeof(*derlst));
if (derlst == NULL)
return 0;
tmpdat = OPENSSL_malloc(skcontlen);
if (tmpdat == NULL) {
OPENSSL_free(derlst);
return 0;
}
}
}
/* If not sorting just output each item */
if (!do_sort) {
for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
skitem = sk_ASN1_VALUE_value(sk, i);
ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
}
return 1;
}
p = tmpdat;
/* Doing sort: build up a list of each member's DER encoding */
for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
skitem = sk_ASN1_VALUE_value(sk, i);
tder->data = p;
tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass);
tder->field = skitem;
}
/* Now sort them */
qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
/* Output sorted DER encoding */
p = *out;
for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
memcpy(p, tder->data, tder->length);
p += tder->length;
}
*out = p;
/* If do_sort is 2 then reorder the STACK */
if (do_sort == 2) {
for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
(void)sk_ASN1_VALUE_set(sk, i, tder->field);
}
OPENSSL_free(derlst);
OPENSSL_free(tmpdat);
return 1;
}
static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass)
{
int len;
int utype;
int usetag;
int ndef = 0;
utype = it->utype;
/*
* Get length of content octets and maybe find out the underlying type.
*/
len = asn1_ex_i2c(pval, NULL, &utype, it);
/*
* If SEQUENCE, SET or OTHER then header is included in pseudo content
* octets so don't include tag+length. We need to check here because the
* call to asn1_ex_i2c() could change utype.
*/
if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
(utype == V_ASN1_OTHER))
usetag = 0;
else
usetag = 1;
/* -1 means omit type */
if (len == -1)
return 0;
/* -2 return is special meaning use ndef */
if (len == -2) {
ndef = 2;
len = 0;
}
/* If not implicitly tagged get tag from underlying type */
if (tag == -1)
tag = utype;
/* Output tag+length followed by content octets */
if (out) {
if (usetag)
ASN1_put_object(out, ndef, len, tag, aclass);
asn1_ex_i2c(pval, *out, &utype, it);
if (ndef)
ASN1_put_eoc(out);
else
*out += len;
}
if (usetag)
return ASN1_object_size(ndef, len, tag);
return len;
}
/* Produce content octets from a structure */
static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
const ASN1_ITEM *it)
{
ASN1_BOOLEAN *tbool = NULL;
ASN1_STRING *strtmp;
ASN1_OBJECT *otmp;
int utype;
const unsigned char *cont;
unsigned char c;
int len;
const ASN1_PRIMITIVE_FUNCS *pf;
pf = it->funcs;
if (pf && pf->prim_i2c)
return pf->prim_i2c(pval, cout, putype, it);
/* Should type be omitted? */
if ((it->itype != ASN1_ITYPE_PRIMITIVE)
|| (it->utype != V_ASN1_BOOLEAN)) {
if (!*pval)
return -1;
}
if (it->itype == ASN1_ITYPE_MSTRING) {
/* If MSTRING type set the underlying type */
strtmp = (ASN1_STRING *)*pval;
utype = strtmp->type;
*putype = utype;
} else if (it->utype == V_ASN1_ANY) {
/* If ANY set type and pointer to value */
ASN1_TYPE *typ;
typ = (ASN1_TYPE *)*pval;
utype = typ->type;
*putype = utype;
pval = &typ->value.asn1_value;
} else
utype = *putype;
switch (utype) {
case V_ASN1_OBJECT:
otmp = (ASN1_OBJECT *)*pval;
cont = otmp->data;
len = otmp->length;
if (cont == NULL || len == 0)
return -1;
break;
case V_ASN1_NULL:
cont = NULL;
len = 0;
break;
case V_ASN1_BOOLEAN:
tbool = (ASN1_BOOLEAN *)pval;
if (*tbool == -1)
return -1;
if (it->utype != V_ASN1_ANY) {
/*
* Default handling if value == size field then omit
*/
if (*tbool && (it->size > 0))
return -1;
if (!*tbool && !it->size)
return -1;
}
c = (unsigned char)*tbool;
cont = &c;
len = 1;
break;
case V_ASN1_BIT_STRING:
return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
cout ? &cout : NULL);
case V_ASN1_INTEGER:
case V_ASN1_ENUMERATED:
/*
* These are all have the same content format as ASN1_INTEGER
*/
return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL);
case V_ASN1_OCTET_STRING:
case V_ASN1_NUMERICSTRING:
case V_ASN1_PRINTABLESTRING:
case V_ASN1_T61STRING:
case V_ASN1_VIDEOTEXSTRING:
case V_ASN1_IA5STRING:
case V_ASN1_UTCTIME:
case V_ASN1_GENERALIZEDTIME:
case V_ASN1_GRAPHICSTRING:
case V_ASN1_VISIBLESTRING:
case V_ASN1_GENERALSTRING:
case V_ASN1_UNIVERSALSTRING:
case V_ASN1_BMPSTRING:
case V_ASN1_UTF8STRING:
case V_ASN1_SEQUENCE:
case V_ASN1_SET:
default:
/* All based on ASN1_STRING and handled the same */
strtmp = (ASN1_STRING *)*pval;
/* Special handling for NDEF */
if ((it->size == ASN1_TFLG_NDEF)
&& (strtmp->flags & ASN1_STRING_FLAG_NDEF)) {
if (cout) {
strtmp->data = cout;
strtmp->length = 0;
}
/* Special return code */
return -2;
}
cont = strtmp->data;
len = strtmp->length;
break;
}
if (cout && len)
memcpy(cout, cont, len);
return len;
}
diff --git a/crypto/openssl/crypto/err/openssl.txt b/crypto/openssl/crypto/err/openssl.txt
index 0b5873ebbcb7..815460b24f67 100644
--- a/crypto/openssl/crypto/err/openssl.txt
+++ b/crypto/openssl/crypto/err/openssl.txt
@@ -1,3054 +1,3056 @@
# Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# Function codes
ASN1_F_A2D_ASN1_OBJECT:100:a2d_ASN1_OBJECT
ASN1_F_A2I_ASN1_INTEGER:102:a2i_ASN1_INTEGER
ASN1_F_A2I_ASN1_STRING:103:a2i_ASN1_STRING
ASN1_F_APPEND_EXP:176:append_exp
ASN1_F_ASN1_BIO_INIT:113:asn1_bio_init
ASN1_F_ASN1_BIT_STRING_SET_BIT:183:ASN1_BIT_STRING_set_bit
ASN1_F_ASN1_CB:177:asn1_cb
ASN1_F_ASN1_CHECK_TLEN:104:asn1_check_tlen
ASN1_F_ASN1_COLLECT:106:asn1_collect
ASN1_F_ASN1_D2I_EX_PRIMITIVE:108:asn1_d2i_ex_primitive
ASN1_F_ASN1_D2I_FP:109:ASN1_d2i_fp
ASN1_F_ASN1_D2I_READ_BIO:107:asn1_d2i_read_bio
ASN1_F_ASN1_DIGEST:184:ASN1_digest
ASN1_F_ASN1_DO_ADB:110:asn1_do_adb
ASN1_F_ASN1_DO_LOCK:233:asn1_do_lock
ASN1_F_ASN1_DUP:111:ASN1_dup
ASN1_F_ASN1_ENC_SAVE:115:asn1_enc_save
ASN1_F_ASN1_EX_C2I:204:asn1_ex_c2i
ASN1_F_ASN1_FIND_END:190:asn1_find_end
ASN1_F_ASN1_GENERALIZEDTIME_ADJ:216:ASN1_GENERALIZEDTIME_adj
ASN1_F_ASN1_GENERATE_V3:178:ASN1_generate_v3
ASN1_F_ASN1_GET_INT64:224:asn1_get_int64
ASN1_F_ASN1_GET_OBJECT:114:ASN1_get_object
ASN1_F_ASN1_GET_UINT64:225:asn1_get_uint64
ASN1_F_ASN1_I2D_BIO:116:ASN1_i2d_bio
ASN1_F_ASN1_I2D_FP:117:ASN1_i2d_fp
ASN1_F_ASN1_ITEM_D2I_FP:206:ASN1_item_d2i_fp
ASN1_F_ASN1_ITEM_DUP:191:ASN1_item_dup
ASN1_F_ASN1_ITEM_EMBED_D2I:120:asn1_item_embed_d2i
ASN1_F_ASN1_ITEM_EMBED_NEW:121:asn1_item_embed_new
+ASN1_F_ASN1_ITEM_EX_I2D:144:ASN1_item_ex_i2d
ASN1_F_ASN1_ITEM_FLAGS_I2D:118:asn1_item_flags_i2d
ASN1_F_ASN1_ITEM_I2D_BIO:192:ASN1_item_i2d_bio
ASN1_F_ASN1_ITEM_I2D_FP:193:ASN1_item_i2d_fp
ASN1_F_ASN1_ITEM_PACK:198:ASN1_item_pack
ASN1_F_ASN1_ITEM_SIGN:195:ASN1_item_sign
ASN1_F_ASN1_ITEM_SIGN_CTX:220:ASN1_item_sign_ctx
ASN1_F_ASN1_ITEM_UNPACK:199:ASN1_item_unpack
ASN1_F_ASN1_ITEM_VERIFY:197:ASN1_item_verify
ASN1_F_ASN1_MBSTRING_NCOPY:122:ASN1_mbstring_ncopy
ASN1_F_ASN1_OBJECT_NEW:123:ASN1_OBJECT_new
ASN1_F_ASN1_OUTPUT_DATA:214:asn1_output_data
ASN1_F_ASN1_PCTX_NEW:205:ASN1_PCTX_new
ASN1_F_ASN1_PRIMITIVE_NEW:119:asn1_primitive_new
ASN1_F_ASN1_SCTX_NEW:221:ASN1_SCTX_new
ASN1_F_ASN1_SIGN:128:ASN1_sign
ASN1_F_ASN1_STR2TYPE:179:asn1_str2type
ASN1_F_ASN1_STRING_GET_INT64:227:asn1_string_get_int64
ASN1_F_ASN1_STRING_GET_UINT64:230:asn1_string_get_uint64
ASN1_F_ASN1_STRING_SET:186:ASN1_STRING_set
ASN1_F_ASN1_STRING_TABLE_ADD:129:ASN1_STRING_TABLE_add
ASN1_F_ASN1_STRING_TO_BN:228:asn1_string_to_bn
ASN1_F_ASN1_STRING_TYPE_NEW:130:ASN1_STRING_type_new
ASN1_F_ASN1_TEMPLATE_EX_D2I:132:asn1_template_ex_d2i
ASN1_F_ASN1_TEMPLATE_NEW:133:asn1_template_new
ASN1_F_ASN1_TEMPLATE_NOEXP_D2I:131:asn1_template_noexp_d2i
ASN1_F_ASN1_TIME_ADJ:217:ASN1_TIME_adj
ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING:134:ASN1_TYPE_get_int_octetstring
ASN1_F_ASN1_TYPE_GET_OCTETSTRING:135:ASN1_TYPE_get_octetstring
ASN1_F_ASN1_UTCTIME_ADJ:218:ASN1_UTCTIME_adj
ASN1_F_ASN1_VERIFY:137:ASN1_verify
ASN1_F_B64_READ_ASN1:209:b64_read_asn1
ASN1_F_B64_WRITE_ASN1:210:B64_write_ASN1
ASN1_F_BIO_NEW_NDEF:208:BIO_new_NDEF
ASN1_F_BITSTR_CB:180:bitstr_cb
ASN1_F_BN_TO_ASN1_STRING:229:bn_to_asn1_string
ASN1_F_C2I_ASN1_BIT_STRING:189:c2i_ASN1_BIT_STRING
ASN1_F_C2I_ASN1_INTEGER:194:c2i_ASN1_INTEGER
ASN1_F_C2I_ASN1_OBJECT:196:c2i_ASN1_OBJECT
ASN1_F_C2I_IBUF:226:c2i_ibuf
ASN1_F_C2I_UINT64_INT:101:c2i_uint64_int
ASN1_F_COLLECT_DATA:140:collect_data
ASN1_F_D2I_ASN1_OBJECT:147:d2i_ASN1_OBJECT
ASN1_F_D2I_ASN1_UINTEGER:150:d2i_ASN1_UINTEGER
ASN1_F_D2I_AUTOPRIVATEKEY:207:d2i_AutoPrivateKey
ASN1_F_D2I_PRIVATEKEY:154:d2i_PrivateKey
ASN1_F_D2I_PUBLICKEY:155:d2i_PublicKey
ASN1_F_DO_BUF:142:do_buf
ASN1_F_DO_CREATE:124:do_create
ASN1_F_DO_DUMP:125:do_dump
ASN1_F_DO_TCREATE:222:do_tcreate
ASN1_F_I2A_ASN1_OBJECT:126:i2a_ASN1_OBJECT
ASN1_F_I2D_ASN1_BIO_STREAM:211:i2d_ASN1_bio_stream
ASN1_F_I2D_ASN1_OBJECT:143:i2d_ASN1_OBJECT
ASN1_F_I2D_DSA_PUBKEY:161:i2d_DSA_PUBKEY
ASN1_F_I2D_EC_PUBKEY:181:i2d_EC_PUBKEY
ASN1_F_I2D_PRIVATEKEY:163:i2d_PrivateKey
ASN1_F_I2D_PUBLICKEY:164:i2d_PublicKey
ASN1_F_I2D_RSA_PUBKEY:165:i2d_RSA_PUBKEY
ASN1_F_LONG_C2I:166:long_c2i
ASN1_F_NDEF_PREFIX:127:ndef_prefix
ASN1_F_NDEF_SUFFIX:136:ndef_suffix
ASN1_F_OID_MODULE_INIT:174:oid_module_init
ASN1_F_PARSE_TAGGING:182:parse_tagging
ASN1_F_PKCS5_PBE2_SET_IV:167:PKCS5_pbe2_set_iv
ASN1_F_PKCS5_PBE2_SET_SCRYPT:231:PKCS5_pbe2_set_scrypt
ASN1_F_PKCS5_PBE_SET:202:PKCS5_pbe_set
ASN1_F_PKCS5_PBE_SET0_ALGOR:215:PKCS5_pbe_set0_algor
ASN1_F_PKCS5_PBKDF2_SET:219:PKCS5_pbkdf2_set
ASN1_F_PKCS5_SCRYPT_SET:232:pkcs5_scrypt_set
ASN1_F_SMIME_READ_ASN1:212:SMIME_read_ASN1
ASN1_F_SMIME_TEXT:213:SMIME_text
ASN1_F_STABLE_GET:138:stable_get
ASN1_F_STBL_MODULE_INIT:223:stbl_module_init
ASN1_F_UINT32_C2I:105:uint32_c2i
ASN1_F_UINT32_NEW:139:uint32_new
ASN1_F_UINT64_C2I:112:uint64_c2i
ASN1_F_UINT64_NEW:141:uint64_new
ASN1_F_X509_CRL_ADD0_REVOKED:169:X509_CRL_add0_revoked
ASN1_F_X509_INFO_NEW:170:X509_INFO_new
ASN1_F_X509_NAME_ENCODE:203:x509_name_encode
ASN1_F_X509_NAME_EX_D2I:158:x509_name_ex_d2i
ASN1_F_X509_NAME_EX_NEW:171:x509_name_ex_new
ASN1_F_X509_PKEY_NEW:173:X509_PKEY_new
ASYNC_F_ASYNC_CTX_NEW:100:async_ctx_new
ASYNC_F_ASYNC_INIT_THREAD:101:ASYNC_init_thread
ASYNC_F_ASYNC_JOB_NEW:102:async_job_new
ASYNC_F_ASYNC_PAUSE_JOB:103:ASYNC_pause_job
ASYNC_F_ASYNC_START_FUNC:104:async_start_func
ASYNC_F_ASYNC_START_JOB:105:ASYNC_start_job
ASYNC_F_ASYNC_WAIT_CTX_SET_WAIT_FD:106:ASYNC_WAIT_CTX_set_wait_fd
BIO_F_ACPT_STATE:100:acpt_state
BIO_F_ADDRINFO_WRAP:148:addrinfo_wrap
BIO_F_ADDR_STRINGS:134:addr_strings
BIO_F_BIO_ACCEPT:101:BIO_accept
BIO_F_BIO_ACCEPT_EX:137:BIO_accept_ex
BIO_F_BIO_ACCEPT_NEW:152:BIO_ACCEPT_new
BIO_F_BIO_ADDR_NEW:144:BIO_ADDR_new
BIO_F_BIO_BIND:147:BIO_bind
BIO_F_BIO_CALLBACK_CTRL:131:BIO_callback_ctrl
BIO_F_BIO_CONNECT:138:BIO_connect
BIO_F_BIO_CONNECT_NEW:153:BIO_CONNECT_new
BIO_F_BIO_CTRL:103:BIO_ctrl
BIO_F_BIO_GETS:104:BIO_gets
BIO_F_BIO_GET_HOST_IP:106:BIO_get_host_ip
BIO_F_BIO_GET_NEW_INDEX:102:BIO_get_new_index
BIO_F_BIO_GET_PORT:107:BIO_get_port
BIO_F_BIO_LISTEN:139:BIO_listen
BIO_F_BIO_LOOKUP:135:BIO_lookup
BIO_F_BIO_LOOKUP_EX:143:BIO_lookup_ex
BIO_F_BIO_MAKE_PAIR:121:bio_make_pair
BIO_F_BIO_METH_NEW:146:BIO_meth_new
BIO_F_BIO_NEW:108:BIO_new
BIO_F_BIO_NEW_DGRAM_SCTP:145:BIO_new_dgram_sctp
BIO_F_BIO_NEW_FILE:109:BIO_new_file
BIO_F_BIO_NEW_MEM_BUF:126:BIO_new_mem_buf
BIO_F_BIO_NREAD:123:BIO_nread
BIO_F_BIO_NREAD0:124:BIO_nread0
BIO_F_BIO_NWRITE:125:BIO_nwrite
BIO_F_BIO_NWRITE0:122:BIO_nwrite0
BIO_F_BIO_PARSE_HOSTSERV:136:BIO_parse_hostserv
BIO_F_BIO_PUTS:110:BIO_puts
BIO_F_BIO_READ:111:BIO_read
BIO_F_BIO_READ_EX:105:BIO_read_ex
BIO_F_BIO_READ_INTERN:120:bio_read_intern
BIO_F_BIO_SOCKET:140:BIO_socket
BIO_F_BIO_SOCKET_NBIO:142:BIO_socket_nbio
BIO_F_BIO_SOCK_INFO:141:BIO_sock_info
BIO_F_BIO_SOCK_INIT:112:BIO_sock_init
BIO_F_BIO_WRITE:113:BIO_write
BIO_F_BIO_WRITE_EX:119:BIO_write_ex
BIO_F_BIO_WRITE_INTERN:128:bio_write_intern
BIO_F_BUFFER_CTRL:114:buffer_ctrl
BIO_F_CONN_CTRL:127:conn_ctrl
BIO_F_CONN_STATE:115:conn_state
BIO_F_DGRAM_SCTP_NEW:149:dgram_sctp_new
BIO_F_DGRAM_SCTP_READ:132:dgram_sctp_read
BIO_F_DGRAM_SCTP_WRITE:133:dgram_sctp_write
BIO_F_DOAPR_OUTCH:150:doapr_outch
BIO_F_FILE_CTRL:116:file_ctrl
BIO_F_FILE_READ:130:file_read
BIO_F_LINEBUFFER_CTRL:129:linebuffer_ctrl
BIO_F_LINEBUFFER_NEW:151:linebuffer_new
BIO_F_MEM_WRITE:117:mem_write
BIO_F_NBIOF_NEW:154:nbiof_new
BIO_F_SLG_WRITE:155:slg_write
BIO_F_SSL_NEW:118:SSL_new
BN_F_BNRAND:127:bnrand
BN_F_BNRAND_RANGE:138:bnrand_range
BN_F_BN_BLINDING_CONVERT_EX:100:BN_BLINDING_convert_ex
BN_F_BN_BLINDING_CREATE_PARAM:128:BN_BLINDING_create_param
BN_F_BN_BLINDING_INVERT_EX:101:BN_BLINDING_invert_ex
BN_F_BN_BLINDING_NEW:102:BN_BLINDING_new
BN_F_BN_BLINDING_UPDATE:103:BN_BLINDING_update
BN_F_BN_BN2DEC:104:BN_bn2dec
BN_F_BN_BN2HEX:105:BN_bn2hex
BN_F_BN_COMPUTE_WNAF:142:bn_compute_wNAF
BN_F_BN_CTX_GET:116:BN_CTX_get
BN_F_BN_CTX_NEW:106:BN_CTX_new
BN_F_BN_CTX_START:129:BN_CTX_start
BN_F_BN_DIV:107:BN_div
BN_F_BN_DIV_RECP:130:BN_div_recp
BN_F_BN_EXP:123:BN_exp
BN_F_BN_EXPAND_INTERNAL:120:bn_expand_internal
BN_F_BN_GENCB_NEW:143:BN_GENCB_new
BN_F_BN_GENERATE_DSA_NONCE:140:BN_generate_dsa_nonce
BN_F_BN_GENERATE_PRIME_EX:141:BN_generate_prime_ex
BN_F_BN_GF2M_MOD:131:BN_GF2m_mod
BN_F_BN_GF2M_MOD_EXP:132:BN_GF2m_mod_exp
BN_F_BN_GF2M_MOD_MUL:133:BN_GF2m_mod_mul
BN_F_BN_GF2M_MOD_SOLVE_QUAD:134:BN_GF2m_mod_solve_quad
BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR:135:BN_GF2m_mod_solve_quad_arr
BN_F_BN_GF2M_MOD_SQR:136:BN_GF2m_mod_sqr
BN_F_BN_GF2M_MOD_SQRT:137:BN_GF2m_mod_sqrt
BN_F_BN_LSHIFT:145:BN_lshift
BN_F_BN_MOD_EXP2_MONT:118:BN_mod_exp2_mont
BN_F_BN_MOD_EXP_MONT:109:BN_mod_exp_mont
BN_F_BN_MOD_EXP_MONT_CONSTTIME:124:BN_mod_exp_mont_consttime
BN_F_BN_MOD_EXP_MONT_WORD:117:BN_mod_exp_mont_word
BN_F_BN_MOD_EXP_RECP:125:BN_mod_exp_recp
BN_F_BN_MOD_EXP_SIMPLE:126:BN_mod_exp_simple
BN_F_BN_MOD_INVERSE:110:BN_mod_inverse
BN_F_BN_MOD_INVERSE_NO_BRANCH:139:BN_mod_inverse_no_branch
BN_F_BN_MOD_LSHIFT_QUICK:119:BN_mod_lshift_quick
BN_F_BN_MOD_SQRT:121:BN_mod_sqrt
BN_F_BN_MONT_CTX_NEW:149:BN_MONT_CTX_new
BN_F_BN_MPI2BN:112:BN_mpi2bn
BN_F_BN_NEW:113:BN_new
BN_F_BN_POOL_GET:147:BN_POOL_get
BN_F_BN_RAND:114:BN_rand
BN_F_BN_RAND_RANGE:122:BN_rand_range
BN_F_BN_RECP_CTX_NEW:150:BN_RECP_CTX_new
BN_F_BN_RSHIFT:146:BN_rshift
BN_F_BN_SET_WORDS:144:bn_set_words
BN_F_BN_STACK_PUSH:148:BN_STACK_push
BN_F_BN_USUB:115:BN_usub
BUF_F_BUF_MEM_GROW:100:BUF_MEM_grow
BUF_F_BUF_MEM_GROW_CLEAN:105:BUF_MEM_grow_clean
BUF_F_BUF_MEM_NEW:101:BUF_MEM_new
CMS_F_CHECK_CONTENT:99:check_content
CMS_F_CMS_ADD0_CERT:164:CMS_add0_cert
CMS_F_CMS_ADD0_RECIPIENT_KEY:100:CMS_add0_recipient_key
CMS_F_CMS_ADD0_RECIPIENT_PASSWORD:165:CMS_add0_recipient_password
CMS_F_CMS_ADD1_RECEIPTREQUEST:158:CMS_add1_ReceiptRequest
CMS_F_CMS_ADD1_RECIPIENT_CERT:101:CMS_add1_recipient_cert
CMS_F_CMS_ADD1_SIGNER:102:CMS_add1_signer
CMS_F_CMS_ADD1_SIGNINGTIME:103:cms_add1_signingTime
CMS_F_CMS_COMPRESS:104:CMS_compress
CMS_F_CMS_COMPRESSEDDATA_CREATE:105:cms_CompressedData_create
CMS_F_CMS_COMPRESSEDDATA_INIT_BIO:106:cms_CompressedData_init_bio
CMS_F_CMS_COPY_CONTENT:107:cms_copy_content
CMS_F_CMS_COPY_MESSAGEDIGEST:108:cms_copy_messageDigest
CMS_F_CMS_DATA:109:CMS_data
CMS_F_CMS_DATAFINAL:110:CMS_dataFinal
CMS_F_CMS_DATAINIT:111:CMS_dataInit
CMS_F_CMS_DECRYPT:112:CMS_decrypt
CMS_F_CMS_DECRYPT_SET1_KEY:113:CMS_decrypt_set1_key
CMS_F_CMS_DECRYPT_SET1_PASSWORD:166:CMS_decrypt_set1_password
CMS_F_CMS_DECRYPT_SET1_PKEY:114:CMS_decrypt_set1_pkey
CMS_F_CMS_DIGESTALGORITHM_FIND_CTX:115:cms_DigestAlgorithm_find_ctx
CMS_F_CMS_DIGESTALGORITHM_INIT_BIO:116:cms_DigestAlgorithm_init_bio
CMS_F_CMS_DIGESTEDDATA_DO_FINAL:117:cms_DigestedData_do_final
CMS_F_CMS_DIGEST_VERIFY:118:CMS_digest_verify
CMS_F_CMS_ENCODE_RECEIPT:161:cms_encode_Receipt
CMS_F_CMS_ENCRYPT:119:CMS_encrypt
CMS_F_CMS_ENCRYPTEDCONTENT_INIT:179:cms_EncryptedContent_init
CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO:120:cms_EncryptedContent_init_bio
CMS_F_CMS_ENCRYPTEDDATA_DECRYPT:121:CMS_EncryptedData_decrypt
CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT:122:CMS_EncryptedData_encrypt
CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY:123:CMS_EncryptedData_set1_key
CMS_F_CMS_ENVELOPEDDATA_CREATE:124:CMS_EnvelopedData_create
CMS_F_CMS_ENVELOPEDDATA_INIT_BIO:125:cms_EnvelopedData_init_bio
CMS_F_CMS_ENVELOPED_DATA_INIT:126:cms_enveloped_data_init
CMS_F_CMS_ENV_ASN1_CTRL:171:cms_env_asn1_ctrl
CMS_F_CMS_FINAL:127:CMS_final
CMS_F_CMS_GET0_CERTIFICATE_CHOICES:128:cms_get0_certificate_choices
CMS_F_CMS_GET0_CONTENT:129:CMS_get0_content
CMS_F_CMS_GET0_ECONTENT_TYPE:130:cms_get0_econtent_type
CMS_F_CMS_GET0_ENVELOPED:131:cms_get0_enveloped
CMS_F_CMS_GET0_REVOCATION_CHOICES:132:cms_get0_revocation_choices
CMS_F_CMS_GET0_SIGNED:133:cms_get0_signed
CMS_F_CMS_MSGSIGDIGEST_ADD1:162:cms_msgSigDigest_add1
CMS_F_CMS_RECEIPTREQUEST_CREATE0:159:CMS_ReceiptRequest_create0
CMS_F_CMS_RECEIPT_VERIFY:160:cms_Receipt_verify
CMS_F_CMS_RECIPIENTINFO_DECRYPT:134:CMS_RecipientInfo_decrypt
CMS_F_CMS_RECIPIENTINFO_ENCRYPT:169:CMS_RecipientInfo_encrypt
CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT:178:cms_RecipientInfo_kari_encrypt
CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG:175:CMS_RecipientInfo_kari_get0_alg
CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID:173:\
CMS_RecipientInfo_kari_get0_orig_id
CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS:172:CMS_RecipientInfo_kari_get0_reks
CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP:174:CMS_RecipientInfo_kari_orig_id_cmp
CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT:135:cms_RecipientInfo_kekri_decrypt
CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT:136:cms_RecipientInfo_kekri_encrypt
CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID:137:CMS_RecipientInfo_kekri_get0_id
CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP:138:CMS_RecipientInfo_kekri_id_cmp
CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP:139:CMS_RecipientInfo_ktri_cert_cmp
CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT:140:cms_RecipientInfo_ktri_decrypt
CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT:141:cms_RecipientInfo_ktri_encrypt
CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS:142:CMS_RecipientInfo_ktri_get0_algs
CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID:143:\
CMS_RecipientInfo_ktri_get0_signer_id
CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT:167:cms_RecipientInfo_pwri_crypt
CMS_F_CMS_RECIPIENTINFO_SET0_KEY:144:CMS_RecipientInfo_set0_key
CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD:168:CMS_RecipientInfo_set0_password
CMS_F_CMS_RECIPIENTINFO_SET0_PKEY:145:CMS_RecipientInfo_set0_pkey
CMS_F_CMS_SD_ASN1_CTRL:170:cms_sd_asn1_ctrl
CMS_F_CMS_SET1_IAS:176:cms_set1_ias
CMS_F_CMS_SET1_KEYID:177:cms_set1_keyid
CMS_F_CMS_SET1_SIGNERIDENTIFIER:146:cms_set1_SignerIdentifier
CMS_F_CMS_SET_DETACHED:147:CMS_set_detached
CMS_F_CMS_SIGN:148:CMS_sign
CMS_F_CMS_SIGNED_DATA_INIT:149:cms_signed_data_init
CMS_F_CMS_SIGNERINFO_CONTENT_SIGN:150:cms_SignerInfo_content_sign
CMS_F_CMS_SIGNERINFO_SIGN:151:CMS_SignerInfo_sign
CMS_F_CMS_SIGNERINFO_VERIFY:152:CMS_SignerInfo_verify
CMS_F_CMS_SIGNERINFO_VERIFY_CERT:153:cms_signerinfo_verify_cert
CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT:154:CMS_SignerInfo_verify_content
CMS_F_CMS_SIGN_RECEIPT:163:CMS_sign_receipt
CMS_F_CMS_SI_CHECK_ATTRIBUTES:183:CMS_si_check_attributes
CMS_F_CMS_STREAM:155:CMS_stream
CMS_F_CMS_UNCOMPRESS:156:CMS_uncompress
CMS_F_CMS_VERIFY:157:CMS_verify
CMS_F_KEK_UNWRAP_KEY:180:kek_unwrap_key
COMP_F_BIO_ZLIB_FLUSH:99:bio_zlib_flush
COMP_F_BIO_ZLIB_NEW:100:bio_zlib_new
COMP_F_BIO_ZLIB_READ:101:bio_zlib_read
COMP_F_BIO_ZLIB_WRITE:102:bio_zlib_write
COMP_F_COMP_CTX_NEW:103:COMP_CTX_new
CONF_F_CONF_DUMP_FP:104:CONF_dump_fp
CONF_F_CONF_LOAD:100:CONF_load
CONF_F_CONF_LOAD_FP:103:CONF_load_fp
CONF_F_CONF_PARSE_LIST:119:CONF_parse_list
CONF_F_DEF_LOAD:120:def_load
CONF_F_DEF_LOAD_BIO:121:def_load_bio
CONF_F_GET_NEXT_FILE:107:get_next_file
CONF_F_MODULE_ADD:122:module_add
CONF_F_MODULE_INIT:115:module_init
CONF_F_MODULE_LOAD_DSO:117:module_load_dso
CONF_F_MODULE_RUN:118:module_run
CONF_F_NCONF_DUMP_BIO:105:NCONF_dump_bio
CONF_F_NCONF_DUMP_FP:106:NCONF_dump_fp
CONF_F_NCONF_GET_NUMBER_E:112:NCONF_get_number_e
CONF_F_NCONF_GET_SECTION:108:NCONF_get_section
CONF_F_NCONF_GET_STRING:109:NCONF_get_string
CONF_F_NCONF_LOAD:113:NCONF_load
CONF_F_NCONF_LOAD_BIO:110:NCONF_load_bio
CONF_F_NCONF_LOAD_FP:114:NCONF_load_fp
CONF_F_NCONF_NEW:111:NCONF_new
CONF_F_PROCESS_INCLUDE:116:process_include
CONF_F_SSL_MODULE_INIT:123:ssl_module_init
CONF_F_STR_COPY:101:str_copy
CRYPTO_F_CMAC_CTX_NEW:120:CMAC_CTX_new
CRYPTO_F_CRYPTO_DUP_EX_DATA:110:CRYPTO_dup_ex_data
CRYPTO_F_CRYPTO_FREE_EX_DATA:111:CRYPTO_free_ex_data
CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX:100:CRYPTO_get_ex_new_index
CRYPTO_F_CRYPTO_MEMDUP:115:CRYPTO_memdup
CRYPTO_F_CRYPTO_NEW_EX_DATA:112:CRYPTO_new_ex_data
CRYPTO_F_CRYPTO_OCB128_COPY_CTX:121:CRYPTO_ocb128_copy_ctx
CRYPTO_F_CRYPTO_OCB128_INIT:122:CRYPTO_ocb128_init
CRYPTO_F_CRYPTO_SET_EX_DATA:102:CRYPTO_set_ex_data
CRYPTO_F_FIPS_MODE_SET:109:FIPS_mode_set
CRYPTO_F_GET_AND_LOCK:113:get_and_lock
CRYPTO_F_OPENSSL_ATEXIT:114:OPENSSL_atexit
CRYPTO_F_OPENSSL_BUF2HEXSTR:117:OPENSSL_buf2hexstr
CRYPTO_F_OPENSSL_FOPEN:119:openssl_fopen
CRYPTO_F_OPENSSL_HEXSTR2BUF:118:OPENSSL_hexstr2buf
CRYPTO_F_OPENSSL_INIT_CRYPTO:116:OPENSSL_init_crypto
CRYPTO_F_OPENSSL_LH_NEW:126:OPENSSL_LH_new
CRYPTO_F_OPENSSL_SK_DEEP_COPY:127:OPENSSL_sk_deep_copy
CRYPTO_F_OPENSSL_SK_DUP:128:OPENSSL_sk_dup
CRYPTO_F_PKEY_HMAC_INIT:123:pkey_hmac_init
CRYPTO_F_PKEY_POLY1305_INIT:124:pkey_poly1305_init
CRYPTO_F_PKEY_SIPHASH_INIT:125:pkey_siphash_init
CRYPTO_F_SK_RESERVE:129:sk_reserve
CT_F_CTLOG_NEW:117:CTLOG_new
CT_F_CTLOG_NEW_FROM_BASE64:118:CTLOG_new_from_base64
CT_F_CTLOG_NEW_FROM_CONF:119:ctlog_new_from_conf
CT_F_CTLOG_STORE_LOAD_CTX_NEW:122:ctlog_store_load_ctx_new
CT_F_CTLOG_STORE_LOAD_FILE:123:CTLOG_STORE_load_file
CT_F_CTLOG_STORE_LOAD_LOG:130:ctlog_store_load_log
CT_F_CTLOG_STORE_NEW:131:CTLOG_STORE_new
CT_F_CT_BASE64_DECODE:124:ct_base64_decode
CT_F_CT_POLICY_EVAL_CTX_NEW:133:CT_POLICY_EVAL_CTX_new
CT_F_CT_V1_LOG_ID_FROM_PKEY:125:ct_v1_log_id_from_pkey
CT_F_I2O_SCT:107:i2o_SCT
CT_F_I2O_SCT_LIST:108:i2o_SCT_LIST
CT_F_I2O_SCT_SIGNATURE:109:i2o_SCT_signature
CT_F_O2I_SCT:110:o2i_SCT
CT_F_O2I_SCT_LIST:111:o2i_SCT_LIST
CT_F_O2I_SCT_SIGNATURE:112:o2i_SCT_signature
CT_F_SCT_CTX_NEW:126:SCT_CTX_new
CT_F_SCT_CTX_VERIFY:128:SCT_CTX_verify
CT_F_SCT_NEW:100:SCT_new
CT_F_SCT_NEW_FROM_BASE64:127:SCT_new_from_base64
CT_F_SCT_SET0_LOG_ID:101:SCT_set0_log_id
CT_F_SCT_SET1_EXTENSIONS:114:SCT_set1_extensions
CT_F_SCT_SET1_LOG_ID:115:SCT_set1_log_id
CT_F_SCT_SET1_SIGNATURE:116:SCT_set1_signature
CT_F_SCT_SET_LOG_ENTRY_TYPE:102:SCT_set_log_entry_type
CT_F_SCT_SET_SIGNATURE_NID:103:SCT_set_signature_nid
CT_F_SCT_SET_VERSION:104:SCT_set_version
DH_F_COMPUTE_KEY:102:compute_key
DH_F_DHPARAMS_PRINT_FP:101:DHparams_print_fp
DH_F_DH_BUILTIN_GENPARAMS:106:dh_builtin_genparams
DH_F_DH_CHECK_EX:121:DH_check_ex
DH_F_DH_CHECK_PARAMS_EX:122:DH_check_params_ex
DH_F_DH_CHECK_PUB_KEY_EX:123:DH_check_pub_key_ex
DH_F_DH_CMS_DECRYPT:114:dh_cms_decrypt
DH_F_DH_CMS_SET_PEERKEY:115:dh_cms_set_peerkey
DH_F_DH_CMS_SET_SHARED_INFO:116:dh_cms_set_shared_info
DH_F_DH_METH_DUP:117:DH_meth_dup
DH_F_DH_METH_NEW:118:DH_meth_new
DH_F_DH_METH_SET1_NAME:119:DH_meth_set1_name
DH_F_DH_NEW_BY_NID:104:DH_new_by_nid
DH_F_DH_NEW_METHOD:105:DH_new_method
DH_F_DH_PARAM_DECODE:107:dh_param_decode
DH_F_DH_PKEY_PUBLIC_CHECK:124:dh_pkey_public_check
DH_F_DH_PRIV_DECODE:110:dh_priv_decode
DH_F_DH_PRIV_ENCODE:111:dh_priv_encode
DH_F_DH_PUB_DECODE:108:dh_pub_decode
DH_F_DH_PUB_ENCODE:109:dh_pub_encode
DH_F_DO_DH_PRINT:100:do_dh_print
DH_F_GENERATE_KEY:103:generate_key
DH_F_PKEY_DH_CTRL_STR:120:pkey_dh_ctrl_str
DH_F_PKEY_DH_DERIVE:112:pkey_dh_derive
DH_F_PKEY_DH_INIT:125:pkey_dh_init
DH_F_PKEY_DH_KEYGEN:113:pkey_dh_keygen
DSA_F_DSAPARAMS_PRINT:100:DSAparams_print
DSA_F_DSAPARAMS_PRINT_FP:101:DSAparams_print_fp
DSA_F_DSA_BUILTIN_PARAMGEN:125:dsa_builtin_paramgen
DSA_F_DSA_BUILTIN_PARAMGEN2:126:dsa_builtin_paramgen2
DSA_F_DSA_DO_SIGN:112:DSA_do_sign
DSA_F_DSA_DO_VERIFY:113:DSA_do_verify
DSA_F_DSA_METH_DUP:127:DSA_meth_dup
DSA_F_DSA_METH_NEW:128:DSA_meth_new
DSA_F_DSA_METH_SET1_NAME:129:DSA_meth_set1_name
DSA_F_DSA_NEW_METHOD:103:DSA_new_method
DSA_F_DSA_PARAM_DECODE:119:dsa_param_decode
DSA_F_DSA_PRINT_FP:105:DSA_print_fp
DSA_F_DSA_PRIV_DECODE:115:dsa_priv_decode
DSA_F_DSA_PRIV_ENCODE:116:dsa_priv_encode
DSA_F_DSA_PUB_DECODE:117:dsa_pub_decode
DSA_F_DSA_PUB_ENCODE:118:dsa_pub_encode
DSA_F_DSA_SIGN:106:DSA_sign
DSA_F_DSA_SIGN_SETUP:107:DSA_sign_setup
DSA_F_DSA_SIG_NEW:102:DSA_SIG_new
DSA_F_OLD_DSA_PRIV_DECODE:122:old_dsa_priv_decode
DSA_F_PKEY_DSA_CTRL:120:pkey_dsa_ctrl
DSA_F_PKEY_DSA_CTRL_STR:104:pkey_dsa_ctrl_str
DSA_F_PKEY_DSA_KEYGEN:121:pkey_dsa_keygen
DSO_F_DLFCN_BIND_FUNC:100:dlfcn_bind_func
DSO_F_DLFCN_LOAD:102:dlfcn_load
DSO_F_DLFCN_MERGER:130:dlfcn_merger
DSO_F_DLFCN_NAME_CONVERTER:123:dlfcn_name_converter
DSO_F_DLFCN_UNLOAD:103:dlfcn_unload
DSO_F_DL_BIND_FUNC:104:dl_bind_func
DSO_F_DL_LOAD:106:dl_load
DSO_F_DL_MERGER:131:dl_merger
DSO_F_DL_NAME_CONVERTER:124:dl_name_converter
DSO_F_DL_UNLOAD:107:dl_unload
DSO_F_DSO_BIND_FUNC:108:DSO_bind_func
DSO_F_DSO_CONVERT_FILENAME:126:DSO_convert_filename
DSO_F_DSO_CTRL:110:DSO_ctrl
DSO_F_DSO_FREE:111:DSO_free
DSO_F_DSO_GET_FILENAME:127:DSO_get_filename
DSO_F_DSO_GLOBAL_LOOKUP:139:DSO_global_lookup
DSO_F_DSO_LOAD:112:DSO_load
DSO_F_DSO_MERGE:132:DSO_merge
DSO_F_DSO_NEW_METHOD:113:DSO_new_method
DSO_F_DSO_PATHBYADDR:105:DSO_pathbyaddr
DSO_F_DSO_SET_FILENAME:129:DSO_set_filename
DSO_F_DSO_UP_REF:114:DSO_up_ref
DSO_F_VMS_BIND_SYM:115:vms_bind_sym
DSO_F_VMS_LOAD:116:vms_load
DSO_F_VMS_MERGER:133:vms_merger
DSO_F_VMS_UNLOAD:117:vms_unload
DSO_F_WIN32_BIND_FUNC:101:win32_bind_func
DSO_F_WIN32_GLOBALLOOKUP:142:win32_globallookup
DSO_F_WIN32_JOINER:135:win32_joiner
DSO_F_WIN32_LOAD:120:win32_load
DSO_F_WIN32_MERGER:134:win32_merger
DSO_F_WIN32_NAME_CONVERTER:125:win32_name_converter
DSO_F_WIN32_PATHBYADDR:109:*
DSO_F_WIN32_SPLITTER:136:win32_splitter
DSO_F_WIN32_UNLOAD:121:win32_unload
EC_F_BN_TO_FELEM:224:BN_to_felem
EC_F_D2I_ECPARAMETERS:144:d2i_ECParameters
EC_F_D2I_ECPKPARAMETERS:145:d2i_ECPKParameters
EC_F_D2I_ECPRIVATEKEY:146:d2i_ECPrivateKey
EC_F_DO_EC_KEY_PRINT:221:do_EC_KEY_print
EC_F_ECDH_CMS_DECRYPT:238:ecdh_cms_decrypt
EC_F_ECDH_CMS_SET_SHARED_INFO:239:ecdh_cms_set_shared_info
EC_F_ECDH_COMPUTE_KEY:246:ECDH_compute_key
EC_F_ECDH_SIMPLE_COMPUTE_KEY:257:ecdh_simple_compute_key
EC_F_ECDSA_DO_SIGN_EX:251:ECDSA_do_sign_ex
EC_F_ECDSA_DO_VERIFY:252:ECDSA_do_verify
EC_F_ECDSA_SIGN_EX:254:ECDSA_sign_ex
EC_F_ECDSA_SIGN_SETUP:248:ECDSA_sign_setup
EC_F_ECDSA_SIG_NEW:265:ECDSA_SIG_new
EC_F_ECDSA_VERIFY:253:ECDSA_verify
EC_F_ECD_ITEM_VERIFY:270:ecd_item_verify
EC_F_ECKEY_PARAM2TYPE:223:eckey_param2type
EC_F_ECKEY_PARAM_DECODE:212:eckey_param_decode
EC_F_ECKEY_PRIV_DECODE:213:eckey_priv_decode
EC_F_ECKEY_PRIV_ENCODE:214:eckey_priv_encode
EC_F_ECKEY_PUB_DECODE:215:eckey_pub_decode
EC_F_ECKEY_PUB_ENCODE:216:eckey_pub_encode
EC_F_ECKEY_TYPE2PARAM:220:eckey_type2param
EC_F_ECPARAMETERS_PRINT:147:ECParameters_print
EC_F_ECPARAMETERS_PRINT_FP:148:ECParameters_print_fp
EC_F_ECPKPARAMETERS_PRINT:149:ECPKParameters_print
EC_F_ECPKPARAMETERS_PRINT_FP:150:ECPKParameters_print_fp
EC_F_ECP_NISTZ256_GET_AFFINE:240:ecp_nistz256_get_affine
EC_F_ECP_NISTZ256_INV_MOD_ORD:275:ecp_nistz256_inv_mod_ord
EC_F_ECP_NISTZ256_MULT_PRECOMPUTE:243:ecp_nistz256_mult_precompute
EC_F_ECP_NISTZ256_POINTS_MUL:241:ecp_nistz256_points_mul
EC_F_ECP_NISTZ256_PRE_COMP_NEW:244:ecp_nistz256_pre_comp_new
EC_F_ECP_NISTZ256_WINDOWED_MUL:242:ecp_nistz256_windowed_mul
EC_F_ECX_KEY_OP:266:ecx_key_op
EC_F_ECX_PRIV_ENCODE:267:ecx_priv_encode
EC_F_ECX_PUB_ENCODE:268:ecx_pub_encode
EC_F_EC_ASN1_GROUP2CURVE:153:ec_asn1_group2curve
EC_F_EC_ASN1_GROUP2FIELDID:154:ec_asn1_group2fieldid
EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY:208:ec_GF2m_montgomery_point_multiply
EC_F_EC_GF2M_SIMPLE_FIELD_INV:296:ec_GF2m_simple_field_inv
EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT:159:\
ec_GF2m_simple_group_check_discriminant
EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE:195:ec_GF2m_simple_group_set_curve
EC_F_EC_GF2M_SIMPLE_LADDER_POST:285:ec_GF2m_simple_ladder_post
EC_F_EC_GF2M_SIMPLE_LADDER_PRE:288:ec_GF2m_simple_ladder_pre
EC_F_EC_GF2M_SIMPLE_OCT2POINT:160:ec_GF2m_simple_oct2point
EC_F_EC_GF2M_SIMPLE_POINT2OCT:161:ec_GF2m_simple_point2oct
EC_F_EC_GF2M_SIMPLE_POINTS_MUL:289:ec_GF2m_simple_points_mul
EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES:162:\
ec_GF2m_simple_point_get_affine_coordinates
EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES:163:\
ec_GF2m_simple_point_set_affine_coordinates
EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES:164:\
ec_GF2m_simple_set_compressed_coordinates
EC_F_EC_GFP_MONT_FIELD_DECODE:133:ec_GFp_mont_field_decode
EC_F_EC_GFP_MONT_FIELD_ENCODE:134:ec_GFp_mont_field_encode
EC_F_EC_GFP_MONT_FIELD_INV:297:ec_GFp_mont_field_inv
EC_F_EC_GFP_MONT_FIELD_MUL:131:ec_GFp_mont_field_mul
EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE:209:ec_GFp_mont_field_set_to_one
EC_F_EC_GFP_MONT_FIELD_SQR:132:ec_GFp_mont_field_sqr
EC_F_EC_GFP_MONT_GROUP_SET_CURVE:189:ec_GFp_mont_group_set_curve
EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE:225:ec_GFp_nistp224_group_set_curve
EC_F_EC_GFP_NISTP224_POINTS_MUL:228:ec_GFp_nistp224_points_mul
EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES:226:\
ec_GFp_nistp224_point_get_affine_coordinates
EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE:230:ec_GFp_nistp256_group_set_curve
EC_F_EC_GFP_NISTP256_POINTS_MUL:231:ec_GFp_nistp256_points_mul
EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES:232:\
ec_GFp_nistp256_point_get_affine_coordinates
EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE:233:ec_GFp_nistp521_group_set_curve
EC_F_EC_GFP_NISTP521_POINTS_MUL:234:ec_GFp_nistp521_points_mul
EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES:235:\
ec_GFp_nistp521_point_get_affine_coordinates
EC_F_EC_GFP_NIST_FIELD_MUL:200:ec_GFp_nist_field_mul
EC_F_EC_GFP_NIST_FIELD_SQR:201:ec_GFp_nist_field_sqr
EC_F_EC_GFP_NIST_GROUP_SET_CURVE:202:ec_GFp_nist_group_set_curve
EC_F_EC_GFP_SIMPLE_BLIND_COORDINATES:287:ec_GFp_simple_blind_coordinates
EC_F_EC_GFP_SIMPLE_FIELD_INV:298:ec_GFp_simple_field_inv
EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT:165:\
ec_GFp_simple_group_check_discriminant
EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE:166:ec_GFp_simple_group_set_curve
EC_F_EC_GFP_SIMPLE_MAKE_AFFINE:102:ec_GFp_simple_make_affine
EC_F_EC_GFP_SIMPLE_OCT2POINT:103:ec_GFp_simple_oct2point
EC_F_EC_GFP_SIMPLE_POINT2OCT:104:ec_GFp_simple_point2oct
EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE:137:ec_GFp_simple_points_make_affine
EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES:167:\
ec_GFp_simple_point_get_affine_coordinates
EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES:168:\
ec_GFp_simple_point_set_affine_coordinates
EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES:169:\
ec_GFp_simple_set_compressed_coordinates
EC_F_EC_GROUP_CHECK:170:EC_GROUP_check
EC_F_EC_GROUP_CHECK_DISCRIMINANT:171:EC_GROUP_check_discriminant
EC_F_EC_GROUP_COPY:106:EC_GROUP_copy
EC_F_EC_GROUP_GET_CURVE:291:EC_GROUP_get_curve
EC_F_EC_GROUP_GET_CURVE_GF2M:172:EC_GROUP_get_curve_GF2m
EC_F_EC_GROUP_GET_CURVE_GFP:130:EC_GROUP_get_curve_GFp
EC_F_EC_GROUP_GET_DEGREE:173:EC_GROUP_get_degree
EC_F_EC_GROUP_GET_ECPARAMETERS:261:EC_GROUP_get_ecparameters
EC_F_EC_GROUP_GET_ECPKPARAMETERS:262:EC_GROUP_get_ecpkparameters
EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS:193:EC_GROUP_get_pentanomial_basis
EC_F_EC_GROUP_GET_TRINOMIAL_BASIS:194:EC_GROUP_get_trinomial_basis
EC_F_EC_GROUP_NEW:108:EC_GROUP_new
EC_F_EC_GROUP_NEW_BY_CURVE_NAME:174:EC_GROUP_new_by_curve_name
EC_F_EC_GROUP_NEW_FROM_DATA:175:ec_group_new_from_data
EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS:263:EC_GROUP_new_from_ecparameters
EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS:264:EC_GROUP_new_from_ecpkparameters
EC_F_EC_GROUP_SET_CURVE:292:EC_GROUP_set_curve
EC_F_EC_GROUP_SET_CURVE_GF2M:176:EC_GROUP_set_curve_GF2m
EC_F_EC_GROUP_SET_CURVE_GFP:109:EC_GROUP_set_curve_GFp
EC_F_EC_GROUP_SET_GENERATOR:111:EC_GROUP_set_generator
EC_F_EC_GROUP_SET_SEED:286:EC_GROUP_set_seed
EC_F_EC_KEY_CHECK_KEY:177:EC_KEY_check_key
EC_F_EC_KEY_COPY:178:EC_KEY_copy
EC_F_EC_KEY_GENERATE_KEY:179:EC_KEY_generate_key
EC_F_EC_KEY_NEW:182:EC_KEY_new
EC_F_EC_KEY_NEW_METHOD:245:EC_KEY_new_method
EC_F_EC_KEY_OCT2PRIV:255:EC_KEY_oct2priv
EC_F_EC_KEY_PRINT:180:EC_KEY_print
EC_F_EC_KEY_PRINT_FP:181:EC_KEY_print_fp
EC_F_EC_KEY_PRIV2BUF:279:EC_KEY_priv2buf
EC_F_EC_KEY_PRIV2OCT:256:EC_KEY_priv2oct
EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES:229:\
EC_KEY_set_public_key_affine_coordinates
EC_F_EC_KEY_SIMPLE_CHECK_KEY:258:ec_key_simple_check_key
EC_F_EC_KEY_SIMPLE_OCT2PRIV:259:ec_key_simple_oct2priv
EC_F_EC_KEY_SIMPLE_PRIV2OCT:260:ec_key_simple_priv2oct
EC_F_EC_PKEY_CHECK:273:ec_pkey_check
EC_F_EC_PKEY_PARAM_CHECK:274:ec_pkey_param_check
EC_F_EC_POINTS_MAKE_AFFINE:136:EC_POINTs_make_affine
EC_F_EC_POINTS_MUL:290:EC_POINTs_mul
EC_F_EC_POINT_ADD:112:EC_POINT_add
EC_F_EC_POINT_BN2POINT:280:EC_POINT_bn2point
EC_F_EC_POINT_CMP:113:EC_POINT_cmp
EC_F_EC_POINT_COPY:114:EC_POINT_copy
EC_F_EC_POINT_DBL:115:EC_POINT_dbl
EC_F_EC_POINT_GET_AFFINE_COORDINATES:293:EC_POINT_get_affine_coordinates
EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M:183:\
EC_POINT_get_affine_coordinates_GF2m
EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP:116:EC_POINT_get_affine_coordinates_GFp
EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP:117:\
EC_POINT_get_Jprojective_coordinates_GFp
EC_F_EC_POINT_INVERT:210:EC_POINT_invert
EC_F_EC_POINT_IS_AT_INFINITY:118:EC_POINT_is_at_infinity
EC_F_EC_POINT_IS_ON_CURVE:119:EC_POINT_is_on_curve
EC_F_EC_POINT_MAKE_AFFINE:120:EC_POINT_make_affine
EC_F_EC_POINT_NEW:121:EC_POINT_new
EC_F_EC_POINT_OCT2POINT:122:EC_POINT_oct2point
EC_F_EC_POINT_POINT2BUF:281:EC_POINT_point2buf
EC_F_EC_POINT_POINT2OCT:123:EC_POINT_point2oct
EC_F_EC_POINT_SET_AFFINE_COORDINATES:294:EC_POINT_set_affine_coordinates
EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M:185:\
EC_POINT_set_affine_coordinates_GF2m
EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP:124:EC_POINT_set_affine_coordinates_GFp
EC_F_EC_POINT_SET_COMPRESSED_COORDINATES:295:EC_POINT_set_compressed_coordinates
EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M:186:\
EC_POINT_set_compressed_coordinates_GF2m
EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP:125:\
EC_POINT_set_compressed_coordinates_GFp
EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP:126:\
EC_POINT_set_Jprojective_coordinates_GFp
EC_F_EC_POINT_SET_TO_INFINITY:127:EC_POINT_set_to_infinity
EC_F_EC_PRE_COMP_NEW:196:ec_pre_comp_new
EC_F_EC_SCALAR_MUL_LADDER:284:ec_scalar_mul_ladder
EC_F_EC_WNAF_MUL:187:ec_wNAF_mul
EC_F_EC_WNAF_PRECOMPUTE_MULT:188:ec_wNAF_precompute_mult
EC_F_I2D_ECPARAMETERS:190:i2d_ECParameters
EC_F_I2D_ECPKPARAMETERS:191:i2d_ECPKParameters
EC_F_I2D_ECPRIVATEKEY:192:i2d_ECPrivateKey
EC_F_I2O_ECPUBLICKEY:151:i2o_ECPublicKey
EC_F_NISTP224_PRE_COMP_NEW:227:nistp224_pre_comp_new
EC_F_NISTP256_PRE_COMP_NEW:236:nistp256_pre_comp_new
EC_F_NISTP521_PRE_COMP_NEW:237:nistp521_pre_comp_new
EC_F_O2I_ECPUBLICKEY:152:o2i_ECPublicKey
EC_F_OLD_EC_PRIV_DECODE:222:old_ec_priv_decode
EC_F_OSSL_ECDH_COMPUTE_KEY:247:ossl_ecdh_compute_key
EC_F_OSSL_ECDSA_SIGN_SIG:249:ossl_ecdsa_sign_sig
EC_F_OSSL_ECDSA_VERIFY_SIG:250:ossl_ecdsa_verify_sig
EC_F_PKEY_ECD_CTRL:271:pkey_ecd_ctrl
EC_F_PKEY_ECD_DIGESTSIGN:272:pkey_ecd_digestsign
EC_F_PKEY_ECD_DIGESTSIGN25519:276:pkey_ecd_digestsign25519
EC_F_PKEY_ECD_DIGESTSIGN448:277:pkey_ecd_digestsign448
EC_F_PKEY_ECX_DERIVE:269:pkey_ecx_derive
EC_F_PKEY_EC_CTRL:197:pkey_ec_ctrl
EC_F_PKEY_EC_CTRL_STR:198:pkey_ec_ctrl_str
EC_F_PKEY_EC_DERIVE:217:pkey_ec_derive
EC_F_PKEY_EC_INIT:282:pkey_ec_init
EC_F_PKEY_EC_KDF_DERIVE:283:pkey_ec_kdf_derive
EC_F_PKEY_EC_KEYGEN:199:pkey_ec_keygen
EC_F_PKEY_EC_PARAMGEN:219:pkey_ec_paramgen
EC_F_PKEY_EC_SIGN:218:pkey_ec_sign
EC_F_VALIDATE_ECX_DERIVE:278:validate_ecx_derive
ENGINE_F_DIGEST_UPDATE:198:digest_update
ENGINE_F_DYNAMIC_CTRL:180:dynamic_ctrl
ENGINE_F_DYNAMIC_GET_DATA_CTX:181:dynamic_get_data_ctx
ENGINE_F_DYNAMIC_LOAD:182:dynamic_load
ENGINE_F_DYNAMIC_SET_DATA_CTX:183:dynamic_set_data_ctx
ENGINE_F_ENGINE_ADD:105:ENGINE_add
ENGINE_F_ENGINE_BY_ID:106:ENGINE_by_id
ENGINE_F_ENGINE_CMD_IS_EXECUTABLE:170:ENGINE_cmd_is_executable
ENGINE_F_ENGINE_CTRL:142:ENGINE_ctrl
ENGINE_F_ENGINE_CTRL_CMD:178:ENGINE_ctrl_cmd
ENGINE_F_ENGINE_CTRL_CMD_STRING:171:ENGINE_ctrl_cmd_string
ENGINE_F_ENGINE_FINISH:107:ENGINE_finish
ENGINE_F_ENGINE_GET_CIPHER:185:ENGINE_get_cipher
ENGINE_F_ENGINE_GET_DIGEST:186:ENGINE_get_digest
ENGINE_F_ENGINE_GET_FIRST:195:ENGINE_get_first
ENGINE_F_ENGINE_GET_LAST:196:ENGINE_get_last
ENGINE_F_ENGINE_GET_NEXT:115:ENGINE_get_next
ENGINE_F_ENGINE_GET_PKEY_ASN1_METH:193:ENGINE_get_pkey_asn1_meth
ENGINE_F_ENGINE_GET_PKEY_METH:192:ENGINE_get_pkey_meth
ENGINE_F_ENGINE_GET_PREV:116:ENGINE_get_prev
ENGINE_F_ENGINE_INIT:119:ENGINE_init
ENGINE_F_ENGINE_LIST_ADD:120:engine_list_add
ENGINE_F_ENGINE_LIST_REMOVE:121:engine_list_remove
ENGINE_F_ENGINE_LOAD_PRIVATE_KEY:150:ENGINE_load_private_key
ENGINE_F_ENGINE_LOAD_PUBLIC_KEY:151:ENGINE_load_public_key
ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT:194:ENGINE_load_ssl_client_cert
ENGINE_F_ENGINE_NEW:122:ENGINE_new
ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR:197:ENGINE_pkey_asn1_find_str
ENGINE_F_ENGINE_REMOVE:123:ENGINE_remove
ENGINE_F_ENGINE_SET_DEFAULT_STRING:189:ENGINE_set_default_string
ENGINE_F_ENGINE_SET_ID:129:ENGINE_set_id
ENGINE_F_ENGINE_SET_NAME:130:ENGINE_set_name
ENGINE_F_ENGINE_TABLE_REGISTER:184:engine_table_register
ENGINE_F_ENGINE_UNLOCKED_FINISH:191:engine_unlocked_finish
ENGINE_F_ENGINE_UP_REF:190:ENGINE_up_ref
ENGINE_F_INT_CLEANUP_ITEM:199:int_cleanup_item
ENGINE_F_INT_CTRL_HELPER:172:int_ctrl_helper
ENGINE_F_INT_ENGINE_CONFIGURE:188:int_engine_configure
ENGINE_F_INT_ENGINE_MODULE_INIT:187:int_engine_module_init
ENGINE_F_OSSL_HMAC_INIT:200:ossl_hmac_init
EVP_F_AESNI_INIT_KEY:165:aesni_init_key
EVP_F_AESNI_XTS_INIT_KEY:207:aesni_xts_init_key
EVP_F_AES_GCM_CTRL:196:aes_gcm_ctrl
EVP_F_AES_INIT_KEY:133:aes_init_key
EVP_F_AES_OCB_CIPHER:169:aes_ocb_cipher
EVP_F_AES_T4_INIT_KEY:178:aes_t4_init_key
EVP_F_AES_T4_XTS_INIT_KEY:208:aes_t4_xts_init_key
EVP_F_AES_WRAP_CIPHER:170:aes_wrap_cipher
EVP_F_AES_XTS_INIT_KEY:209:aes_xts_init_key
EVP_F_ALG_MODULE_INIT:177:alg_module_init
EVP_F_ARIA_CCM_INIT_KEY:175:aria_ccm_init_key
EVP_F_ARIA_GCM_CTRL:197:aria_gcm_ctrl
EVP_F_ARIA_GCM_INIT_KEY:176:aria_gcm_init_key
EVP_F_ARIA_INIT_KEY:185:aria_init_key
EVP_F_B64_NEW:198:b64_new
EVP_F_CAMELLIA_INIT_KEY:159:camellia_init_key
EVP_F_CHACHA20_POLY1305_CTRL:182:chacha20_poly1305_ctrl
EVP_F_CMLL_T4_INIT_KEY:179:cmll_t4_init_key
EVP_F_DES_EDE3_WRAP_CIPHER:171:des_ede3_wrap_cipher
EVP_F_DO_SIGVER_INIT:161:do_sigver_init
EVP_F_ENC_NEW:199:enc_new
EVP_F_EVP_CIPHERINIT_EX:123:EVP_CipherInit_ex
EVP_F_EVP_CIPHER_ASN1_TO_PARAM:204:EVP_CIPHER_asn1_to_param
EVP_F_EVP_CIPHER_CTX_COPY:163:EVP_CIPHER_CTX_copy
EVP_F_EVP_CIPHER_CTX_CTRL:124:EVP_CIPHER_CTX_ctrl
EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH:122:EVP_CIPHER_CTX_set_key_length
EVP_F_EVP_CIPHER_PARAM_TO_ASN1:205:EVP_CIPHER_param_to_asn1
EVP_F_EVP_DECRYPTFINAL_EX:101:EVP_DecryptFinal_ex
EVP_F_EVP_DECRYPTUPDATE:166:EVP_DecryptUpdate
EVP_F_EVP_DIGESTFINALXOF:174:EVP_DigestFinalXOF
EVP_F_EVP_DIGESTINIT_EX:128:EVP_DigestInit_ex
EVP_F_EVP_ENCRYPTDECRYPTUPDATE:219:evp_EncryptDecryptUpdate
EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex
EVP_F_EVP_ENCRYPTUPDATE:167:EVP_EncryptUpdate
EVP_F_EVP_MD_CTX_COPY_EX:110:EVP_MD_CTX_copy_ex
EVP_F_EVP_MD_SIZE:162:EVP_MD_size
EVP_F_EVP_OPENINIT:102:EVP_OpenInit
EVP_F_EVP_PBE_ALG_ADD:115:EVP_PBE_alg_add
EVP_F_EVP_PBE_ALG_ADD_TYPE:160:EVP_PBE_alg_add_type
EVP_F_EVP_PBE_CIPHERINIT:116:EVP_PBE_CipherInit
EVP_F_EVP_PBE_SCRYPT:181:EVP_PBE_scrypt
EVP_F_EVP_PKCS82PKEY:111:EVP_PKCS82PKEY
EVP_F_EVP_PKEY2PKCS8:113:EVP_PKEY2PKCS8
EVP_F_EVP_PKEY_ASN1_ADD0:188:EVP_PKEY_asn1_add0
EVP_F_EVP_PKEY_CHECK:186:EVP_PKEY_check
EVP_F_EVP_PKEY_COPY_PARAMETERS:103:EVP_PKEY_copy_parameters
EVP_F_EVP_PKEY_CTX_CTRL:137:EVP_PKEY_CTX_ctrl
EVP_F_EVP_PKEY_CTX_CTRL_STR:150:EVP_PKEY_CTX_ctrl_str
EVP_F_EVP_PKEY_CTX_DUP:156:EVP_PKEY_CTX_dup
EVP_F_EVP_PKEY_CTX_MD:168:EVP_PKEY_CTX_md
EVP_F_EVP_PKEY_DECRYPT:104:EVP_PKEY_decrypt
EVP_F_EVP_PKEY_DECRYPT_INIT:138:EVP_PKEY_decrypt_init
EVP_F_EVP_PKEY_DECRYPT_OLD:151:EVP_PKEY_decrypt_old
EVP_F_EVP_PKEY_DERIVE:153:EVP_PKEY_derive
EVP_F_EVP_PKEY_DERIVE_INIT:154:EVP_PKEY_derive_init
EVP_F_EVP_PKEY_DERIVE_SET_PEER:155:EVP_PKEY_derive_set_peer
EVP_F_EVP_PKEY_ENCRYPT:105:EVP_PKEY_encrypt
EVP_F_EVP_PKEY_ENCRYPT_INIT:139:EVP_PKEY_encrypt_init
EVP_F_EVP_PKEY_ENCRYPT_OLD:152:EVP_PKEY_encrypt_old
EVP_F_EVP_PKEY_GET0_DH:119:EVP_PKEY_get0_DH
EVP_F_EVP_PKEY_GET0_DSA:120:EVP_PKEY_get0_DSA
EVP_F_EVP_PKEY_GET0_EC_KEY:131:EVP_PKEY_get0_EC_KEY
EVP_F_EVP_PKEY_GET0_HMAC:183:EVP_PKEY_get0_hmac
EVP_F_EVP_PKEY_GET0_POLY1305:184:EVP_PKEY_get0_poly1305
EVP_F_EVP_PKEY_GET0_RSA:121:EVP_PKEY_get0_RSA
EVP_F_EVP_PKEY_GET0_SIPHASH:172:EVP_PKEY_get0_siphash
EVP_F_EVP_PKEY_GET_RAW_PRIVATE_KEY:202:EVP_PKEY_get_raw_private_key
EVP_F_EVP_PKEY_GET_RAW_PUBLIC_KEY:203:EVP_PKEY_get_raw_public_key
EVP_F_EVP_PKEY_KEYGEN:146:EVP_PKEY_keygen
EVP_F_EVP_PKEY_KEYGEN_INIT:147:EVP_PKEY_keygen_init
EVP_F_EVP_PKEY_METH_ADD0:194:EVP_PKEY_meth_add0
EVP_F_EVP_PKEY_METH_NEW:195:EVP_PKEY_meth_new
EVP_F_EVP_PKEY_NEW:106:EVP_PKEY_new
EVP_F_EVP_PKEY_NEW_CMAC_KEY:193:EVP_PKEY_new_CMAC_key
EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY:191:EVP_PKEY_new_raw_private_key
EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY:192:EVP_PKEY_new_raw_public_key
EVP_F_EVP_PKEY_PARAMGEN:148:EVP_PKEY_paramgen
EVP_F_EVP_PKEY_PARAMGEN_INIT:149:EVP_PKEY_paramgen_init
EVP_F_EVP_PKEY_PARAM_CHECK:189:EVP_PKEY_param_check
EVP_F_EVP_PKEY_PUBLIC_CHECK:190:EVP_PKEY_public_check
EVP_F_EVP_PKEY_SET1_ENGINE:187:EVP_PKEY_set1_engine
EVP_F_EVP_PKEY_SET_ALIAS_TYPE:206:EVP_PKEY_set_alias_type
EVP_F_EVP_PKEY_SIGN:140:EVP_PKEY_sign
EVP_F_EVP_PKEY_SIGN_INIT:141:EVP_PKEY_sign_init
EVP_F_EVP_PKEY_VERIFY:142:EVP_PKEY_verify
EVP_F_EVP_PKEY_VERIFY_INIT:143:EVP_PKEY_verify_init
EVP_F_EVP_PKEY_VERIFY_RECOVER:144:EVP_PKEY_verify_recover
EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT:145:EVP_PKEY_verify_recover_init
EVP_F_EVP_SIGNFINAL:107:EVP_SignFinal
EVP_F_EVP_VERIFYFINAL:108:EVP_VerifyFinal
EVP_F_INT_CTX_NEW:157:int_ctx_new
EVP_F_OK_NEW:200:ok_new
EVP_F_PKCS5_PBE_KEYIVGEN:117:PKCS5_PBE_keyivgen
EVP_F_PKCS5_V2_PBE_KEYIVGEN:118:PKCS5_v2_PBE_keyivgen
EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN:164:PKCS5_v2_PBKDF2_keyivgen
EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN:180:PKCS5_v2_scrypt_keyivgen
EVP_F_PKEY_SET_TYPE:158:pkey_set_type
EVP_F_RC2_MAGIC_TO_METH:109:rc2_magic_to_meth
EVP_F_RC5_CTRL:125:rc5_ctrl
EVP_F_R_32_12_16_INIT_KEY:242:r_32_12_16_init_key
EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_gcm_ctrl
EVP_F_UPDATE:173:update
KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str
KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive
KDF_F_PKEY_HKDF_INIT:108:pkey_hkdf_init
KDF_F_PKEY_SCRYPT_CTRL_STR:104:pkey_scrypt_ctrl_str
KDF_F_PKEY_SCRYPT_CTRL_UINT64:105:pkey_scrypt_ctrl_uint64
KDF_F_PKEY_SCRYPT_DERIVE:109:pkey_scrypt_derive
KDF_F_PKEY_SCRYPT_INIT:106:pkey_scrypt_init
KDF_F_PKEY_SCRYPT_SET_MEMBUF:107:pkey_scrypt_set_membuf
KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tls1_prf_ctrl_str
KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive
KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init
KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg
OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object
OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid
OBJ_F_OBJ_CREATE:100:OBJ_create
OBJ_F_OBJ_DUP:101:OBJ_dup
OBJ_F_OBJ_NAME_NEW_INDEX:106:OBJ_NAME_new_index
OBJ_F_OBJ_NID2LN:102:OBJ_nid2ln
OBJ_F_OBJ_NID2OBJ:103:OBJ_nid2obj
OBJ_F_OBJ_NID2SN:104:OBJ_nid2sn
OBJ_F_OBJ_TXT2OBJ:108:OBJ_txt2obj
OCSP_F_D2I_OCSP_NONCE:102:d2i_ocsp_nonce
OCSP_F_OCSP_BASIC_ADD1_STATUS:103:OCSP_basic_add1_status
OCSP_F_OCSP_BASIC_SIGN:104:OCSP_basic_sign
OCSP_F_OCSP_BASIC_SIGN_CTX:119:OCSP_basic_sign_ctx
OCSP_F_OCSP_BASIC_VERIFY:105:OCSP_basic_verify
OCSP_F_OCSP_CERT_ID_NEW:101:OCSP_cert_id_new
OCSP_F_OCSP_CHECK_DELEGATED:106:ocsp_check_delegated
OCSP_F_OCSP_CHECK_IDS:107:ocsp_check_ids
OCSP_F_OCSP_CHECK_ISSUER:108:ocsp_check_issuer
OCSP_F_OCSP_CHECK_VALIDITY:115:OCSP_check_validity
OCSP_F_OCSP_MATCH_ISSUERID:109:ocsp_match_issuerid
OCSP_F_OCSP_PARSE_URL:114:OCSP_parse_url
OCSP_F_OCSP_REQUEST_SIGN:110:OCSP_request_sign
OCSP_F_OCSP_REQUEST_VERIFY:116:OCSP_request_verify
OCSP_F_OCSP_RESPONSE_GET1_BASIC:111:OCSP_response_get1_basic
OCSP_F_PARSE_HTTP_LINE1:118:parse_http_line1
OSSL_STORE_F_FILE_CTRL:129:file_ctrl
OSSL_STORE_F_FILE_FIND:138:file_find
OSSL_STORE_F_FILE_GET_PASS:118:file_get_pass
OSSL_STORE_F_FILE_LOAD:119:file_load
OSSL_STORE_F_FILE_LOAD_TRY_DECODE:124:file_load_try_decode
OSSL_STORE_F_FILE_NAME_TO_URI:126:file_name_to_uri
OSSL_STORE_F_FILE_OPEN:120:file_open
OSSL_STORE_F_OSSL_STORE_ATTACH_PEM_BIO:127:ossl_store_attach_pem_bio
OSSL_STORE_F_OSSL_STORE_EXPECT:130:OSSL_STORE_expect
OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT:128:\
ossl_store_file_attach_pem_bio_int
OSSL_STORE_F_OSSL_STORE_FIND:131:OSSL_STORE_find
OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT:100:ossl_store_get0_loader_int
OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT:101:OSSL_STORE_INFO_get1_CERT
OSSL_STORE_F_OSSL_STORE_INFO_GET1_CRL:102:OSSL_STORE_INFO_get1_CRL
OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME:103:OSSL_STORE_INFO_get1_NAME
OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME_DESCRIPTION:135:\
OSSL_STORE_INFO_get1_NAME_description
OSSL_STORE_F_OSSL_STORE_INFO_GET1_PARAMS:104:OSSL_STORE_INFO_get1_PARAMS
OSSL_STORE_F_OSSL_STORE_INFO_GET1_PKEY:105:OSSL_STORE_INFO_get1_PKEY
OSSL_STORE_F_OSSL_STORE_INFO_NEW_CERT:106:OSSL_STORE_INFO_new_CERT
OSSL_STORE_F_OSSL_STORE_INFO_NEW_CRL:107:OSSL_STORE_INFO_new_CRL
OSSL_STORE_F_OSSL_STORE_INFO_NEW_EMBEDDED:123:ossl_store_info_new_EMBEDDED
OSSL_STORE_F_OSSL_STORE_INFO_NEW_NAME:109:OSSL_STORE_INFO_new_NAME
OSSL_STORE_F_OSSL_STORE_INFO_NEW_PARAMS:110:OSSL_STORE_INFO_new_PARAMS
OSSL_STORE_F_OSSL_STORE_INFO_NEW_PKEY:111:OSSL_STORE_INFO_new_PKEY
OSSL_STORE_F_OSSL_STORE_INFO_SET0_NAME_DESCRIPTION:134:\
OSSL_STORE_INFO_set0_NAME_description
OSSL_STORE_F_OSSL_STORE_INIT_ONCE:112:ossl_store_init_once
OSSL_STORE_F_OSSL_STORE_LOADER_NEW:113:OSSL_STORE_LOADER_new
OSSL_STORE_F_OSSL_STORE_OPEN:114:OSSL_STORE_open
OSSL_STORE_F_OSSL_STORE_OPEN_INT:115:*
OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT:117:ossl_store_register_loader_int
OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS:132:OSSL_STORE_SEARCH_by_alias
OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL:133:\
OSSL_STORE_SEARCH_by_issuer_serial
OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT:136:\
OSSL_STORE_SEARCH_by_key_fingerprint
OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME:137:OSSL_STORE_SEARCH_by_name
OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT:116:\
ossl_store_unregister_loader_int
OSSL_STORE_F_TRY_DECODE_PARAMS:121:try_decode_params
OSSL_STORE_F_TRY_DECODE_PKCS12:122:try_decode_PKCS12
OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED:125:try_decode_PKCS8Encrypted
PEM_F_B2I_DSS:127:b2i_dss
PEM_F_B2I_PVK_BIO:128:b2i_PVK_bio
PEM_F_B2I_RSA:129:b2i_rsa
PEM_F_CHECK_BITLEN_DSA:130:check_bitlen_dsa
PEM_F_CHECK_BITLEN_RSA:131:check_bitlen_rsa
PEM_F_D2I_PKCS8PRIVATEKEY_BIO:120:d2i_PKCS8PrivateKey_bio
PEM_F_D2I_PKCS8PRIVATEKEY_FP:121:d2i_PKCS8PrivateKey_fp
PEM_F_DO_B2I:132:do_b2i
PEM_F_DO_B2I_BIO:133:do_b2i_bio
PEM_F_DO_BLOB_HEADER:134:do_blob_header
PEM_F_DO_I2B:146:do_i2b
PEM_F_DO_PK8PKEY:126:do_pk8pkey
PEM_F_DO_PK8PKEY_FP:125:do_pk8pkey_fp
PEM_F_DO_PVK_BODY:135:do_PVK_body
PEM_F_DO_PVK_HEADER:136:do_PVK_header
PEM_F_GET_HEADER_AND_DATA:143:get_header_and_data
PEM_F_GET_NAME:144:get_name
PEM_F_I2B_PVK:137:i2b_PVK
PEM_F_I2B_PVK_BIO:138:i2b_PVK_bio
PEM_F_LOAD_IV:101:load_iv
PEM_F_PEM_ASN1_READ:102:PEM_ASN1_read
PEM_F_PEM_ASN1_READ_BIO:103:PEM_ASN1_read_bio
PEM_F_PEM_ASN1_WRITE:104:PEM_ASN1_write
PEM_F_PEM_ASN1_WRITE_BIO:105:PEM_ASN1_write_bio
PEM_F_PEM_DEF_CALLBACK:100:PEM_def_callback
PEM_F_PEM_DO_HEADER:106:PEM_do_header
PEM_F_PEM_GET_EVP_CIPHER_INFO:107:PEM_get_EVP_CIPHER_INFO
PEM_F_PEM_READ:108:PEM_read
PEM_F_PEM_READ_BIO:109:PEM_read_bio
PEM_F_PEM_READ_BIO_DHPARAMS:141:PEM_read_bio_DHparams
PEM_F_PEM_READ_BIO_EX:145:PEM_read_bio_ex
PEM_F_PEM_READ_BIO_PARAMETERS:140:PEM_read_bio_Parameters
PEM_F_PEM_READ_BIO_PRIVATEKEY:123:PEM_read_bio_PrivateKey
PEM_F_PEM_READ_DHPARAMS:142:PEM_read_DHparams
PEM_F_PEM_READ_PRIVATEKEY:124:PEM_read_PrivateKey
PEM_F_PEM_SIGNFINAL:112:PEM_SignFinal
PEM_F_PEM_WRITE:113:PEM_write
PEM_F_PEM_WRITE_BIO:114:PEM_write_bio
PEM_F_PEM_WRITE_BIO_PRIVATEKEY_TRADITIONAL:147:\
PEM_write_bio_PrivateKey_traditional
PEM_F_PEM_WRITE_PRIVATEKEY:139:PEM_write_PrivateKey
PEM_F_PEM_X509_INFO_READ:115:PEM_X509_INFO_read
PEM_F_PEM_X509_INFO_READ_BIO:116:PEM_X509_INFO_read_bio
PEM_F_PEM_X509_INFO_WRITE_BIO:117:PEM_X509_INFO_write_bio
PKCS12_F_OPENSSL_ASC2UNI:121:OPENSSL_asc2uni
PKCS12_F_OPENSSL_UNI2ASC:124:OPENSSL_uni2asc
PKCS12_F_OPENSSL_UNI2UTF8:127:OPENSSL_uni2utf8
PKCS12_F_OPENSSL_UTF82UNI:129:OPENSSL_utf82uni
PKCS12_F_PKCS12_CREATE:105:PKCS12_create
PKCS12_F_PKCS12_GEN_MAC:107:PKCS12_gen_mac
PKCS12_F_PKCS12_INIT:109:PKCS12_init
PKCS12_F_PKCS12_ITEM_DECRYPT_D2I:106:PKCS12_item_decrypt_d2i
PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT:108:PKCS12_item_i2d_encrypt
PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG:117:PKCS12_item_pack_safebag
PKCS12_F_PKCS12_KEY_GEN_ASC:110:PKCS12_key_gen_asc
PKCS12_F_PKCS12_KEY_GEN_UNI:111:PKCS12_key_gen_uni
PKCS12_F_PKCS12_KEY_GEN_UTF8:116:PKCS12_key_gen_utf8
PKCS12_F_PKCS12_NEWPASS:128:PKCS12_newpass
PKCS12_F_PKCS12_PACK_P7DATA:114:PKCS12_pack_p7data
PKCS12_F_PKCS12_PACK_P7ENCDATA:115:PKCS12_pack_p7encdata
PKCS12_F_PKCS12_PARSE:118:PKCS12_parse
PKCS12_F_PKCS12_PBE_CRYPT:119:PKCS12_pbe_crypt
PKCS12_F_PKCS12_PBE_KEYIVGEN:120:PKCS12_PBE_keyivgen
PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF:112:PKCS12_SAFEBAG_create0_p8inf
PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8:113:PKCS12_SAFEBAG_create0_pkcs8
PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT:133:\
PKCS12_SAFEBAG_create_pkcs8_encrypt
PKCS12_F_PKCS12_SETUP_MAC:122:PKCS12_setup_mac
PKCS12_F_PKCS12_SET_MAC:123:PKCS12_set_mac
PKCS12_F_PKCS12_UNPACK_AUTHSAFES:130:PKCS12_unpack_authsafes
PKCS12_F_PKCS12_UNPACK_P7DATA:131:PKCS12_unpack_p7data
PKCS12_F_PKCS12_VERIFY_MAC:126:PKCS12_verify_mac
PKCS12_F_PKCS8_ENCRYPT:125:PKCS8_encrypt
PKCS12_F_PKCS8_SET0_PBE:132:PKCS8_set0_pbe
PKCS7_F_DO_PKCS7_SIGNED_ATTRIB:136:do_pkcs7_signed_attrib
PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME:135:PKCS7_add0_attrib_signing_time
PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP:118:PKCS7_add_attrib_smimecap
PKCS7_F_PKCS7_ADD_CERTIFICATE:100:PKCS7_add_certificate
PKCS7_F_PKCS7_ADD_CRL:101:PKCS7_add_crl
PKCS7_F_PKCS7_ADD_RECIPIENT_INFO:102:PKCS7_add_recipient_info
PKCS7_F_PKCS7_ADD_SIGNATURE:131:PKCS7_add_signature
PKCS7_F_PKCS7_ADD_SIGNER:103:PKCS7_add_signer
PKCS7_F_PKCS7_BIO_ADD_DIGEST:125:PKCS7_bio_add_digest
PKCS7_F_PKCS7_COPY_EXISTING_DIGEST:138:pkcs7_copy_existing_digest
PKCS7_F_PKCS7_CTRL:104:PKCS7_ctrl
PKCS7_F_PKCS7_DATADECODE:112:PKCS7_dataDecode
PKCS7_F_PKCS7_DATAFINAL:128:PKCS7_dataFinal
PKCS7_F_PKCS7_DATAINIT:105:PKCS7_dataInit
PKCS7_F_PKCS7_DATAVERIFY:107:PKCS7_dataVerify
PKCS7_F_PKCS7_DECRYPT:114:PKCS7_decrypt
PKCS7_F_PKCS7_DECRYPT_RINFO:133:pkcs7_decrypt_rinfo
PKCS7_F_PKCS7_ENCODE_RINFO:132:pkcs7_encode_rinfo
PKCS7_F_PKCS7_ENCRYPT:115:PKCS7_encrypt
PKCS7_F_PKCS7_FINAL:134:PKCS7_final
PKCS7_F_PKCS7_FIND_DIGEST:127:PKCS7_find_digest
PKCS7_F_PKCS7_GET0_SIGNERS:124:PKCS7_get0_signers
PKCS7_F_PKCS7_RECIP_INFO_SET:130:PKCS7_RECIP_INFO_set
PKCS7_F_PKCS7_SET_CIPHER:108:PKCS7_set_cipher
PKCS7_F_PKCS7_SET_CONTENT:109:PKCS7_set_content
PKCS7_F_PKCS7_SET_DIGEST:126:PKCS7_set_digest
PKCS7_F_PKCS7_SET_TYPE:110:PKCS7_set_type
PKCS7_F_PKCS7_SIGN:116:PKCS7_sign
PKCS7_F_PKCS7_SIGNATUREVERIFY:113:PKCS7_signatureVerify
PKCS7_F_PKCS7_SIGNER_INFO_SET:129:PKCS7_SIGNER_INFO_set
PKCS7_F_PKCS7_SIGNER_INFO_SIGN:139:PKCS7_SIGNER_INFO_sign
PKCS7_F_PKCS7_SIGN_ADD_SIGNER:137:PKCS7_sign_add_signer
PKCS7_F_PKCS7_SIMPLE_SMIMECAP:119:PKCS7_simple_smimecap
PKCS7_F_PKCS7_VERIFY:117:PKCS7_verify
RAND_F_DATA_COLLECT_METHOD:127:data_collect_method
RAND_F_DRBG_BYTES:101:drbg_bytes
RAND_F_DRBG_GET_ENTROPY:105:drbg_get_entropy
RAND_F_DRBG_SETUP:117:drbg_setup
RAND_F_GET_ENTROPY:106:get_entropy
RAND_F_RAND_BYTES:100:RAND_bytes
RAND_F_RAND_DRBG_ENABLE_LOCKING:119:rand_drbg_enable_locking
RAND_F_RAND_DRBG_GENERATE:107:RAND_DRBG_generate
RAND_F_RAND_DRBG_GET_ENTROPY:120:rand_drbg_get_entropy
RAND_F_RAND_DRBG_GET_NONCE:123:rand_drbg_get_nonce
RAND_F_RAND_DRBG_INSTANTIATE:108:RAND_DRBG_instantiate
RAND_F_RAND_DRBG_NEW:109:RAND_DRBG_new
RAND_F_RAND_DRBG_RESEED:110:RAND_DRBG_reseed
RAND_F_RAND_DRBG_RESTART:102:rand_drbg_restart
RAND_F_RAND_DRBG_SET:104:RAND_DRBG_set
RAND_F_RAND_DRBG_SET_DEFAULTS:121:RAND_DRBG_set_defaults
RAND_F_RAND_DRBG_UNINSTANTIATE:118:RAND_DRBG_uninstantiate
RAND_F_RAND_LOAD_FILE:111:RAND_load_file
RAND_F_RAND_POOL_ACQUIRE_ENTROPY:122:rand_pool_acquire_entropy
RAND_F_RAND_POOL_ADD:103:rand_pool_add
RAND_F_RAND_POOL_ADD_BEGIN:113:rand_pool_add_begin
RAND_F_RAND_POOL_ADD_END:114:rand_pool_add_end
RAND_F_RAND_POOL_ATTACH:124:rand_pool_attach
RAND_F_RAND_POOL_BYTES_NEEDED:115:rand_pool_bytes_needed
RAND_F_RAND_POOL_GROW:125:rand_pool_grow
RAND_F_RAND_POOL_NEW:116:rand_pool_new
RAND_F_RAND_PSEUDO_BYTES:126:RAND_pseudo_bytes
RAND_F_RAND_WRITE_FILE:112:RAND_write_file
RSA_F_CHECK_PADDING_MD:140:check_padding_md
RSA_F_ENCODE_PKCS1:146:encode_pkcs1
RSA_F_INT_RSA_VERIFY:145:int_rsa_verify
RSA_F_OLD_RSA_PRIV_DECODE:147:old_rsa_priv_decode
RSA_F_PKEY_PSS_INIT:165:pkey_pss_init
RSA_F_PKEY_RSA_CTRL:143:pkey_rsa_ctrl
RSA_F_PKEY_RSA_CTRL_STR:144:pkey_rsa_ctrl_str
RSA_F_PKEY_RSA_SIGN:142:pkey_rsa_sign
RSA_F_PKEY_RSA_VERIFY:149:pkey_rsa_verify
RSA_F_PKEY_RSA_VERIFYRECOVER:141:pkey_rsa_verifyrecover
RSA_F_RSA_ALGOR_TO_MD:156:rsa_algor_to_md
RSA_F_RSA_BUILTIN_KEYGEN:129:rsa_builtin_keygen
RSA_F_RSA_CHECK_KEY:123:RSA_check_key
RSA_F_RSA_CHECK_KEY_EX:160:RSA_check_key_ex
RSA_F_RSA_CMS_DECRYPT:159:rsa_cms_decrypt
RSA_F_RSA_CMS_VERIFY:158:rsa_cms_verify
RSA_F_RSA_ITEM_VERIFY:148:rsa_item_verify
RSA_F_RSA_METH_DUP:161:RSA_meth_dup
RSA_F_RSA_METH_NEW:162:RSA_meth_new
RSA_F_RSA_METH_SET1_NAME:163:RSA_meth_set1_name
RSA_F_RSA_MGF1_TO_MD:157:*
RSA_F_RSA_MULTIP_INFO_NEW:166:rsa_multip_info_new
RSA_F_RSA_NEW_METHOD:106:RSA_new_method
RSA_F_RSA_NULL:124:*
RSA_F_RSA_NULL_PRIVATE_DECRYPT:132:*
RSA_F_RSA_NULL_PRIVATE_ENCRYPT:133:*
RSA_F_RSA_NULL_PUBLIC_DECRYPT:134:*
RSA_F_RSA_NULL_PUBLIC_ENCRYPT:135:*
RSA_F_RSA_OSSL_PRIVATE_DECRYPT:101:rsa_ossl_private_decrypt
RSA_F_RSA_OSSL_PRIVATE_ENCRYPT:102:rsa_ossl_private_encrypt
RSA_F_RSA_OSSL_PUBLIC_DECRYPT:103:rsa_ossl_public_decrypt
RSA_F_RSA_OSSL_PUBLIC_ENCRYPT:104:rsa_ossl_public_encrypt
RSA_F_RSA_PADDING_ADD_NONE:107:RSA_padding_add_none
RSA_F_RSA_PADDING_ADD_PKCS1_OAEP:121:RSA_padding_add_PKCS1_OAEP
RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1:154:RSA_padding_add_PKCS1_OAEP_mgf1
RSA_F_RSA_PADDING_ADD_PKCS1_PSS:125:RSA_padding_add_PKCS1_PSS
RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1:152:RSA_padding_add_PKCS1_PSS_mgf1
RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1:108:RSA_padding_add_PKCS1_type_1
RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2:109:RSA_padding_add_PKCS1_type_2
RSA_F_RSA_PADDING_ADD_SSLV23:110:RSA_padding_add_SSLv23
RSA_F_RSA_PADDING_ADD_X931:127:RSA_padding_add_X931
RSA_F_RSA_PADDING_CHECK_NONE:111:RSA_padding_check_none
RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP:122:RSA_padding_check_PKCS1_OAEP
RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1:153:RSA_padding_check_PKCS1_OAEP_mgf1
RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1:112:RSA_padding_check_PKCS1_type_1
RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2:113:RSA_padding_check_PKCS1_type_2
RSA_F_RSA_PADDING_CHECK_SSLV23:114:RSA_padding_check_SSLv23
RSA_F_RSA_PADDING_CHECK_X931:128:RSA_padding_check_X931
RSA_F_RSA_PARAM_DECODE:164:rsa_param_decode
RSA_F_RSA_PRINT:115:RSA_print
RSA_F_RSA_PRINT_FP:116:RSA_print_fp
RSA_F_RSA_PRIV_DECODE:150:rsa_priv_decode
RSA_F_RSA_PRIV_ENCODE:138:rsa_priv_encode
RSA_F_RSA_PSS_GET_PARAM:151:rsa_pss_get_param
RSA_F_RSA_PSS_TO_CTX:155:rsa_pss_to_ctx
RSA_F_RSA_PUB_DECODE:139:rsa_pub_decode
RSA_F_RSA_SETUP_BLINDING:136:RSA_setup_blinding
RSA_F_RSA_SIGN:117:RSA_sign
RSA_F_RSA_SIGN_ASN1_OCTET_STRING:118:RSA_sign_ASN1_OCTET_STRING
RSA_F_RSA_VERIFY:119:RSA_verify
RSA_F_RSA_VERIFY_ASN1_OCTET_STRING:120:RSA_verify_ASN1_OCTET_STRING
RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1:126:RSA_verify_PKCS1_PSS_mgf1
RSA_F_SETUP_TBUF:167:setup_tbuf
SM2_F_PKEY_SM2_COPY:115:pkey_sm2_copy
SM2_F_PKEY_SM2_CTRL:109:pkey_sm2_ctrl
SM2_F_PKEY_SM2_CTRL_STR:110:pkey_sm2_ctrl_str
SM2_F_PKEY_SM2_DIGEST_CUSTOM:114:pkey_sm2_digest_custom
SM2_F_PKEY_SM2_INIT:111:pkey_sm2_init
SM2_F_PKEY_SM2_SIGN:112:pkey_sm2_sign
SM2_F_SM2_COMPUTE_MSG_HASH:100:sm2_compute_msg_hash
SM2_F_SM2_COMPUTE_USERID_DIGEST:101:sm2_compute_userid_digest
SM2_F_SM2_COMPUTE_Z_DIGEST:113:sm2_compute_z_digest
SM2_F_SM2_DECRYPT:102:sm2_decrypt
SM2_F_SM2_ENCRYPT:103:sm2_encrypt
SM2_F_SM2_PLAINTEXT_SIZE:104:sm2_plaintext_size
SM2_F_SM2_SIGN:105:sm2_sign
SM2_F_SM2_SIG_GEN:106:sm2_sig_gen
SM2_F_SM2_SIG_VERIFY:107:sm2_sig_verify
SM2_F_SM2_VERIFY:108:sm2_verify
SSL_F_ADD_CLIENT_KEY_SHARE_EXT:438:*
SSL_F_ADD_KEY_SHARE:512:add_key_share
SSL_F_BYTES_TO_CIPHER_LIST:519:bytes_to_cipher_list
SSL_F_CHECK_SUITEB_CIPHER_LIST:331:check_suiteb_cipher_list
SSL_F_CIPHERSUITE_CB:622:ciphersuite_cb
SSL_F_CONSTRUCT_CA_NAMES:552:construct_ca_names
SSL_F_CONSTRUCT_KEY_EXCHANGE_TBS:553:construct_key_exchange_tbs
SSL_F_CONSTRUCT_STATEFUL_TICKET:636:construct_stateful_ticket
SSL_F_CONSTRUCT_STATELESS_TICKET:637:construct_stateless_ticket
SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH:539:create_synthetic_message_hash
SSL_F_CREATE_TICKET_PREQUEL:638:create_ticket_prequel
SSL_F_CT_MOVE_SCTS:345:ct_move_scts
SSL_F_CT_STRICT:349:ct_strict
SSL_F_CUSTOM_EXT_ADD:554:custom_ext_add
SSL_F_CUSTOM_EXT_PARSE:555:custom_ext_parse
SSL_F_D2I_SSL_SESSION:103:d2i_SSL_SESSION
SSL_F_DANE_CTX_ENABLE:347:dane_ctx_enable
SSL_F_DANE_MTYPE_SET:393:dane_mtype_set
SSL_F_DANE_TLSA_ADD:394:dane_tlsa_add
SSL_F_DERIVE_SECRET_KEY_AND_IV:514:derive_secret_key_and_iv
SSL_F_DO_DTLS1_WRITE:245:do_dtls1_write
SSL_F_DO_SSL3_WRITE:104:do_ssl3_write
SSL_F_DTLS1_BUFFER_RECORD:247:dtls1_buffer_record
SSL_F_DTLS1_CHECK_TIMEOUT_NUM:318:dtls1_check_timeout_num
SSL_F_DTLS1_HEARTBEAT:305:*
SSL_F_DTLS1_HM_FRAGMENT_NEW:623:dtls1_hm_fragment_new
SSL_F_DTLS1_PREPROCESS_FRAGMENT:288:dtls1_preprocess_fragment
SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS:424:dtls1_process_buffered_records
SSL_F_DTLS1_PROCESS_RECORD:257:dtls1_process_record
SSL_F_DTLS1_READ_BYTES:258:dtls1_read_bytes
SSL_F_DTLS1_READ_FAILED:339:dtls1_read_failed
SSL_F_DTLS1_RETRANSMIT_MESSAGE:390:dtls1_retransmit_message
SSL_F_DTLS1_WRITE_APP_DATA_BYTES:268:dtls1_write_app_data_bytes
SSL_F_DTLS1_WRITE_BYTES:545:dtls1_write_bytes
SSL_F_DTLSV1_LISTEN:350:DTLSv1_listen
SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC:371:dtls_construct_change_cipher_spec
SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST:385:\
dtls_construct_hello_verify_request
SSL_F_DTLS_GET_REASSEMBLED_MESSAGE:370:dtls_get_reassembled_message
SSL_F_DTLS_PROCESS_HELLO_VERIFY:386:dtls_process_hello_verify
SSL_F_DTLS_RECORD_LAYER_NEW:635:DTLS_RECORD_LAYER_new
SSL_F_DTLS_WAIT_FOR_DRY:592:dtls_wait_for_dry
SSL_F_EARLY_DATA_COUNT_OK:532:early_data_count_ok
SSL_F_FINAL_EARLY_DATA:556:final_early_data
SSL_F_FINAL_EC_PT_FORMATS:485:final_ec_pt_formats
SSL_F_FINAL_EMS:486:final_ems
SSL_F_FINAL_KEY_SHARE:503:final_key_share
SSL_F_FINAL_MAXFRAGMENTLEN:557:final_maxfragmentlen
SSL_F_FINAL_RENEGOTIATE:483:final_renegotiate
SSL_F_FINAL_SERVER_NAME:558:final_server_name
SSL_F_FINAL_SIG_ALGS:497:final_sig_algs
SSL_F_GET_CERT_VERIFY_TBS_DATA:588:get_cert_verify_tbs_data
SSL_F_NSS_KEYLOG_INT:500:nss_keylog_int
SSL_F_OPENSSL_INIT_SSL:342:OPENSSL_init_ssl
SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION:436:*
SSL_F_OSSL_STATEM_CLIENT13_WRITE_TRANSITION:598:\
ossl_statem_client13_write_transition
SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE:430:*
SSL_F_OSSL_STATEM_CLIENT_POST_PROCESS_MESSAGE:593:\
ossl_statem_client_post_process_message
SSL_F_OSSL_STATEM_CLIENT_PROCESS_MESSAGE:594:ossl_statem_client_process_message
SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION:417:ossl_statem_client_read_transition
SSL_F_OSSL_STATEM_CLIENT_WRITE_TRANSITION:599:\
ossl_statem_client_write_transition
SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION:437:*
SSL_F_OSSL_STATEM_SERVER13_WRITE_TRANSITION:600:\
ossl_statem_server13_write_transition
SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE:431:*
SSL_F_OSSL_STATEM_SERVER_POST_PROCESS_MESSAGE:601:\
ossl_statem_server_post_process_message
SSL_F_OSSL_STATEM_SERVER_POST_WORK:602:ossl_statem_server_post_work
SSL_F_OSSL_STATEM_SERVER_PRE_WORK:640:
SSL_F_OSSL_STATEM_SERVER_PROCESS_MESSAGE:603:ossl_statem_server_process_message
SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION:418:ossl_statem_server_read_transition
SSL_F_OSSL_STATEM_SERVER_WRITE_TRANSITION:604:\
ossl_statem_server_write_transition
SSL_F_PARSE_CA_NAMES:541:parse_ca_names
SSL_F_PITEM_NEW:624:pitem_new
SSL_F_PQUEUE_NEW:625:pqueue_new
SSL_F_PROCESS_KEY_SHARE_EXT:439:*
SSL_F_READ_STATE_MACHINE:352:read_state_machine
SSL_F_SET_CLIENT_CIPHERSUITE:540:set_client_ciphersuite
SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET:595:srp_generate_client_master_secret
SSL_F_SRP_GENERATE_SERVER_MASTER_SECRET:589:srp_generate_server_master_secret
SSL_F_SRP_VERIFY_SERVER_PARAM:596:srp_verify_server_param
SSL_F_SSL3_CHANGE_CIPHER_STATE:129:ssl3_change_cipher_state
SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM:130:ssl3_check_cert_and_algorithm
SSL_F_SSL3_CTRL:213:ssl3_ctrl
SSL_F_SSL3_CTX_CTRL:133:ssl3_ctx_ctrl
SSL_F_SSL3_DIGEST_CACHED_RECORDS:293:ssl3_digest_cached_records
SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC:292:ssl3_do_change_cipher_spec
SSL_F_SSL3_ENC:608:ssl3_enc
SSL_F_SSL3_FINAL_FINISH_MAC:285:ssl3_final_finish_mac
SSL_F_SSL3_FINISH_MAC:587:ssl3_finish_mac
SSL_F_SSL3_GENERATE_KEY_BLOCK:238:ssl3_generate_key_block
SSL_F_SSL3_GENERATE_MASTER_SECRET:388:ssl3_generate_master_secret
SSL_F_SSL3_GET_RECORD:143:ssl3_get_record
SSL_F_SSL3_INIT_FINISHED_MAC:397:ssl3_init_finished_mac
SSL_F_SSL3_OUTPUT_CERT_CHAIN:147:ssl3_output_cert_chain
SSL_F_SSL3_READ_BYTES:148:ssl3_read_bytes
SSL_F_SSL3_READ_N:149:ssl3_read_n
SSL_F_SSL3_SETUP_KEY_BLOCK:157:ssl3_setup_key_block
SSL_F_SSL3_SETUP_READ_BUFFER:156:ssl3_setup_read_buffer
SSL_F_SSL3_SETUP_WRITE_BUFFER:291:ssl3_setup_write_buffer
SSL_F_SSL3_WRITE_BYTES:158:ssl3_write_bytes
SSL_F_SSL3_WRITE_PENDING:159:ssl3_write_pending
SSL_F_SSL_ADD_CERT_CHAIN:316:ssl_add_cert_chain
SSL_F_SSL_ADD_CERT_TO_BUF:319:*
SSL_F_SSL_ADD_CERT_TO_WPACKET:493:ssl_add_cert_to_wpacket
SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT:298:*
SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT:277:*
SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT:307:*
SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK:215:SSL_add_dir_cert_subjects_to_stack
SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK:216:\
SSL_add_file_cert_subjects_to_stack
SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT:299:*
SSL_F_SSL_ADD_SERVERHELLO_TLSEXT:278:*
SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT:308:*
SSL_F_SSL_BAD_METHOD:160:ssl_bad_method
SSL_F_SSL_BUILD_CERT_CHAIN:332:ssl_build_cert_chain
SSL_F_SSL_BYTES_TO_CIPHER_LIST:161:SSL_bytes_to_cipher_list
SSL_F_SSL_CACHE_CIPHERLIST:520:ssl_cache_cipherlist
SSL_F_SSL_CERT_ADD0_CHAIN_CERT:346:ssl_cert_add0_chain_cert
SSL_F_SSL_CERT_DUP:221:ssl_cert_dup
SSL_F_SSL_CERT_NEW:162:ssl_cert_new
SSL_F_SSL_CERT_SET0_CHAIN:340:ssl_cert_set0_chain
SSL_F_SSL_CHECK_PRIVATE_KEY:163:SSL_check_private_key
SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT:280:*
SSL_F_SSL_CHECK_SRP_EXT_CLIENTHELLO:606:ssl_check_srp_ext_ClientHello
SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG:279:ssl_check_srvr_ecc_cert_and_alg
SSL_F_SSL_CHOOSE_CLIENT_VERSION:607:ssl_choose_client_version
SSL_F_SSL_CIPHER_DESCRIPTION:626:SSL_CIPHER_description
SSL_F_SSL_CIPHER_LIST_TO_BYTES:425:ssl_cipher_list_to_bytes
SSL_F_SSL_CIPHER_PROCESS_RULESTR:230:ssl_cipher_process_rulestr
SSL_F_SSL_CIPHER_STRENGTH_SORT:231:ssl_cipher_strength_sort
SSL_F_SSL_CLEAR:164:SSL_clear
SSL_F_SSL_CLIENT_HELLO_GET1_EXTENSIONS_PRESENT:627:\
SSL_client_hello_get1_extensions_present
SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD:165:SSL_COMP_add_compression_method
SSL_F_SSL_CONF_CMD:334:SSL_CONF_cmd
SSL_F_SSL_CREATE_CIPHER_LIST:166:ssl_create_cipher_list
SSL_F_SSL_CTRL:232:SSL_ctrl
SSL_F_SSL_CTX_CHECK_PRIVATE_KEY:168:SSL_CTX_check_private_key
SSL_F_SSL_CTX_ENABLE_CT:398:SSL_CTX_enable_ct
SSL_F_SSL_CTX_MAKE_PROFILES:309:ssl_ctx_make_profiles
SSL_F_SSL_CTX_NEW:169:SSL_CTX_new
SSL_F_SSL_CTX_SET_ALPN_PROTOS:343:SSL_CTX_set_alpn_protos
SSL_F_SSL_CTX_SET_CIPHER_LIST:269:SSL_CTX_set_cipher_list
SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE:290:SSL_CTX_set_client_cert_engine
SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK:396:SSL_CTX_set_ct_validation_callback
SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT:219:SSL_CTX_set_session_id_context
SSL_F_SSL_CTX_SET_SSL_VERSION:170:SSL_CTX_set_ssl_version
SSL_F_SSL_CTX_SET_TLSEXT_MAX_FRAGMENT_LENGTH:551:\
SSL_CTX_set_tlsext_max_fragment_length
SSL_F_SSL_CTX_USE_CERTIFICATE:171:SSL_CTX_use_certificate
SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1:172:SSL_CTX_use_certificate_ASN1
SSL_F_SSL_CTX_USE_CERTIFICATE_FILE:173:SSL_CTX_use_certificate_file
SSL_F_SSL_CTX_USE_PRIVATEKEY:174:SSL_CTX_use_PrivateKey
SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1:175:SSL_CTX_use_PrivateKey_ASN1
SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE:176:SSL_CTX_use_PrivateKey_file
SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT:272:SSL_CTX_use_psk_identity_hint
SSL_F_SSL_CTX_USE_RSAPRIVATEKEY:177:SSL_CTX_use_RSAPrivateKey
SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1:178:SSL_CTX_use_RSAPrivateKey_ASN1
SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE:179:SSL_CTX_use_RSAPrivateKey_file
SSL_F_SSL_CTX_USE_SERVERINFO:336:SSL_CTX_use_serverinfo
SSL_F_SSL_CTX_USE_SERVERINFO_EX:543:SSL_CTX_use_serverinfo_ex
SSL_F_SSL_CTX_USE_SERVERINFO_FILE:337:SSL_CTX_use_serverinfo_file
SSL_F_SSL_DANE_DUP:403:ssl_dane_dup
SSL_F_SSL_DANE_ENABLE:395:SSL_dane_enable
SSL_F_SSL_DERIVE:590:ssl_derive
SSL_F_SSL_DO_CONFIG:391:ssl_do_config
SSL_F_SSL_DO_HANDSHAKE:180:SSL_do_handshake
SSL_F_SSL_DUP_CA_LIST:408:SSL_dup_CA_list
SSL_F_SSL_ENABLE_CT:402:SSL_enable_ct
SSL_F_SSL_GENERATE_PKEY_GROUP:559:ssl_generate_pkey_group
SSL_F_SSL_GENERATE_SESSION_ID:547:ssl_generate_session_id
SSL_F_SSL_GET_NEW_SESSION:181:ssl_get_new_session
SSL_F_SSL_GET_PREV_SESSION:217:ssl_get_prev_session
SSL_F_SSL_GET_SERVER_CERT_INDEX:322:*
SSL_F_SSL_GET_SIGN_PKEY:183:*
SSL_F_SSL_HANDSHAKE_HASH:560:ssl_handshake_hash
SSL_F_SSL_INIT_WBIO_BUFFER:184:ssl_init_wbio_buffer
SSL_F_SSL_KEY_UPDATE:515:SSL_key_update
SSL_F_SSL_LOAD_CLIENT_CA_FILE:185:SSL_load_client_CA_file
SSL_F_SSL_LOG_MASTER_SECRET:498:*
SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE:499:ssl_log_rsa_client_key_exchange
SSL_F_SSL_MODULE_INIT:392:ssl_module_init
SSL_F_SSL_NEW:186:SSL_new
SSL_F_SSL_NEXT_PROTO_VALIDATE:565:ssl_next_proto_validate
SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT:300:*
SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT:302:*
SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT:310:*
SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT:301:*
SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT:303:*
SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT:311:*
SSL_F_SSL_PEEK:270:SSL_peek
SSL_F_SSL_PEEK_EX:432:SSL_peek_ex
SSL_F_SSL_PEEK_INTERNAL:522:ssl_peek_internal
SSL_F_SSL_READ:223:SSL_read
SSL_F_SSL_READ_EARLY_DATA:529:SSL_read_early_data
SSL_F_SSL_READ_EX:434:SSL_read_ex
SSL_F_SSL_READ_INTERNAL:523:ssl_read_internal
SSL_F_SSL_RENEGOTIATE:516:SSL_renegotiate
SSL_F_SSL_RENEGOTIATE_ABBREVIATED:546:SSL_renegotiate_abbreviated
SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT:320:*
SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT:321:*
SSL_F_SSL_SESSION_DUP:348:ssl_session_dup
SSL_F_SSL_SESSION_NEW:189:SSL_SESSION_new
SSL_F_SSL_SESSION_PRINT_FP:190:SSL_SESSION_print_fp
SSL_F_SSL_SESSION_SET1_ID:423:SSL_SESSION_set1_id
SSL_F_SSL_SESSION_SET1_ID_CONTEXT:312:SSL_SESSION_set1_id_context
SSL_F_SSL_SET_ALPN_PROTOS:344:SSL_set_alpn_protos
SSL_F_SSL_SET_CERT:191:ssl_set_cert
SSL_F_SSL_SET_CERT_AND_KEY:621:ssl_set_cert_and_key
SSL_F_SSL_SET_CIPHER_LIST:271:SSL_set_cipher_list
SSL_F_SSL_SET_CT_VALIDATION_CALLBACK:399:SSL_set_ct_validation_callback
SSL_F_SSL_SET_FD:192:SSL_set_fd
SSL_F_SSL_SET_PKEY:193:ssl_set_pkey
SSL_F_SSL_SET_RFD:194:SSL_set_rfd
SSL_F_SSL_SET_SESSION:195:SSL_set_session
SSL_F_SSL_SET_SESSION_ID_CONTEXT:218:SSL_set_session_id_context
SSL_F_SSL_SET_SESSION_TICKET_EXT:294:SSL_set_session_ticket_ext
SSL_F_SSL_SET_TLSEXT_MAX_FRAGMENT_LENGTH:550:SSL_set_tlsext_max_fragment_length
SSL_F_SSL_SET_WFD:196:SSL_set_wfd
SSL_F_SSL_SHUTDOWN:224:SSL_shutdown
SSL_F_SSL_SRP_CTX_INIT:313:SSL_SRP_CTX_init
SSL_F_SSL_START_ASYNC_JOB:389:ssl_start_async_job
SSL_F_SSL_UNDEFINED_FUNCTION:197:ssl_undefined_function
SSL_F_SSL_UNDEFINED_VOID_FUNCTION:244:ssl_undefined_void_function
SSL_F_SSL_USE_CERTIFICATE:198:SSL_use_certificate
SSL_F_SSL_USE_CERTIFICATE_ASN1:199:SSL_use_certificate_ASN1
SSL_F_SSL_USE_CERTIFICATE_FILE:200:SSL_use_certificate_file
SSL_F_SSL_USE_PRIVATEKEY:201:SSL_use_PrivateKey
SSL_F_SSL_USE_PRIVATEKEY_ASN1:202:SSL_use_PrivateKey_ASN1
SSL_F_SSL_USE_PRIVATEKEY_FILE:203:SSL_use_PrivateKey_file
SSL_F_SSL_USE_PSK_IDENTITY_HINT:273:SSL_use_psk_identity_hint
SSL_F_SSL_USE_RSAPRIVATEKEY:204:SSL_use_RSAPrivateKey
SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1:205:SSL_use_RSAPrivateKey_ASN1
SSL_F_SSL_USE_RSAPRIVATEKEY_FILE:206:SSL_use_RSAPrivateKey_file
SSL_F_SSL_VALIDATE_CT:400:ssl_validate_ct
SSL_F_SSL_VERIFY_CERT_CHAIN:207:ssl_verify_cert_chain
SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE:616:SSL_verify_client_post_handshake
SSL_F_SSL_WRITE:208:SSL_write
SSL_F_SSL_WRITE_EARLY_DATA:526:SSL_write_early_data
SSL_F_SSL_WRITE_EARLY_FINISH:527:*
SSL_F_SSL_WRITE_EX:433:SSL_write_ex
SSL_F_SSL_WRITE_INTERNAL:524:ssl_write_internal
SSL_F_STATE_MACHINE:353:state_machine
SSL_F_TLS12_CHECK_PEER_SIGALG:333:tls12_check_peer_sigalg
SSL_F_TLS12_COPY_SIGALGS:533:tls12_copy_sigalgs
SSL_F_TLS13_CHANGE_CIPHER_STATE:440:tls13_change_cipher_state
SSL_F_TLS13_ENC:609:tls13_enc
SSL_F_TLS13_FINAL_FINISH_MAC:605:tls13_final_finish_mac
SSL_F_TLS13_GENERATE_SECRET:591:tls13_generate_secret
SSL_F_TLS13_HKDF_EXPAND:561:tls13_hkdf_expand
SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA:617:\
tls13_restore_handshake_digest_for_pha
SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA:618:\
tls13_save_handshake_digest_for_pha
SSL_F_TLS13_SETUP_KEY_BLOCK:441:tls13_setup_key_block
SSL_F_TLS1_CHANGE_CIPHER_STATE:209:tls1_change_cipher_state
SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS:341:*
SSL_F_TLS1_ENC:401:tls1_enc
SSL_F_TLS1_EXPORT_KEYING_MATERIAL:314:tls1_export_keying_material
SSL_F_TLS1_GET_CURVELIST:338:tls1_get_curvelist
SSL_F_TLS1_PRF:284:tls1_PRF
SSL_F_TLS1_SAVE_U16:628:tls1_save_u16
SSL_F_TLS1_SETUP_KEY_BLOCK:211:tls1_setup_key_block
SSL_F_TLS1_SET_GROUPS:629:tls1_set_groups
SSL_F_TLS1_SET_RAW_SIGALGS:630:tls1_set_raw_sigalgs
SSL_F_TLS1_SET_SERVER_SIGALGS:335:tls1_set_server_sigalgs
SSL_F_TLS1_SET_SHARED_SIGALGS:631:tls1_set_shared_sigalgs
SSL_F_TLS1_SET_SIGALGS:632:tls1_set_sigalgs
SSL_F_TLS_CHOOSE_SIGALG:513:tls_choose_sigalg
SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK:354:tls_client_key_exchange_post_work
SSL_F_TLS_COLLECT_EXTENSIONS:435:tls_collect_extensions
SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES:542:\
tls_construct_certificate_authorities
SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST:372:tls_construct_certificate_request
SSL_F_TLS_CONSTRUCT_CERT_STATUS:429:*
SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY:494:tls_construct_cert_status_body
SSL_F_TLS_CONSTRUCT_CERT_VERIFY:496:tls_construct_cert_verify
SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC:427:tls_construct_change_cipher_spec
SSL_F_TLS_CONSTRUCT_CKE_DHE:404:tls_construct_cke_dhe
SSL_F_TLS_CONSTRUCT_CKE_ECDHE:405:tls_construct_cke_ecdhe
SSL_F_TLS_CONSTRUCT_CKE_GOST:406:tls_construct_cke_gost
SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE:407:tls_construct_cke_psk_preamble
SSL_F_TLS_CONSTRUCT_CKE_RSA:409:tls_construct_cke_rsa
SSL_F_TLS_CONSTRUCT_CKE_SRP:410:tls_construct_cke_srp
SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE:484:tls_construct_client_certificate
SSL_F_TLS_CONSTRUCT_CLIENT_HELLO:487:tls_construct_client_hello
SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE:488:tls_construct_client_key_exchange
SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY:489:*
SSL_F_TLS_CONSTRUCT_CTOS_ALPN:466:tls_construct_ctos_alpn
SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE:355:*
SSL_F_TLS_CONSTRUCT_CTOS_COOKIE:535:tls_construct_ctos_cookie
SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA:530:tls_construct_ctos_early_data
SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS:467:tls_construct_ctos_ec_pt_formats
SSL_F_TLS_CONSTRUCT_CTOS_EMS:468:tls_construct_ctos_ems
SSL_F_TLS_CONSTRUCT_CTOS_ETM:469:tls_construct_ctos_etm
SSL_F_TLS_CONSTRUCT_CTOS_HELLO:356:*
SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE:357:*
SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE:470:tls_construct_ctos_key_share
SSL_F_TLS_CONSTRUCT_CTOS_MAXFRAGMENTLEN:549:tls_construct_ctos_maxfragmentlen
SSL_F_TLS_CONSTRUCT_CTOS_NPN:471:tls_construct_ctos_npn
SSL_F_TLS_CONSTRUCT_CTOS_PADDING:472:tls_construct_ctos_padding
SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH:619:\
tls_construct_ctos_post_handshake_auth
SSL_F_TLS_CONSTRUCT_CTOS_PSK:501:tls_construct_ctos_psk
SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES:509:tls_construct_ctos_psk_kex_modes
SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE:473:tls_construct_ctos_renegotiate
SSL_F_TLS_CONSTRUCT_CTOS_SCT:474:tls_construct_ctos_sct
SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME:475:tls_construct_ctos_server_name
SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET:476:tls_construct_ctos_session_ticket
SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS:477:tls_construct_ctos_sig_algs
SSL_F_TLS_CONSTRUCT_CTOS_SRP:478:tls_construct_ctos_srp
SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST:479:tls_construct_ctos_status_request
SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS:480:\
tls_construct_ctos_supported_groups
SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS:481:\
tls_construct_ctos_supported_versions
SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP:482:tls_construct_ctos_use_srtp
SSL_F_TLS_CONSTRUCT_CTOS_VERIFY:358:*
SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS:443:tls_construct_encrypted_extensions
SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA:536:tls_construct_end_of_early_data
SSL_F_TLS_CONSTRUCT_EXTENSIONS:447:tls_construct_extensions
SSL_F_TLS_CONSTRUCT_FINISHED:359:tls_construct_finished
SSL_F_TLS_CONSTRUCT_HELLO_REQUEST:373:*
SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST:510:tls_construct_hello_retry_request
SSL_F_TLS_CONSTRUCT_KEY_UPDATE:517:tls_construct_key_update
SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET:428:tls_construct_new_session_ticket
SSL_F_TLS_CONSTRUCT_NEXT_PROTO:426:tls_construct_next_proto
SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE:490:tls_construct_server_certificate
SSL_F_TLS_CONSTRUCT_SERVER_HELLO:491:tls_construct_server_hello
SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE:492:tls_construct_server_key_exchange
SSL_F_TLS_CONSTRUCT_STOC_ALPN:451:tls_construct_stoc_alpn
SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE:374:*
SSL_F_TLS_CONSTRUCT_STOC_COOKIE:613:tls_construct_stoc_cookie
SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG:452:tls_construct_stoc_cryptopro_bug
SSL_F_TLS_CONSTRUCT_STOC_DONE:375:*
SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA:531:tls_construct_stoc_early_data
SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO:525:*
SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS:453:tls_construct_stoc_ec_pt_formats
SSL_F_TLS_CONSTRUCT_STOC_EMS:454:tls_construct_stoc_ems
SSL_F_TLS_CONSTRUCT_STOC_ETM:455:tls_construct_stoc_etm
SSL_F_TLS_CONSTRUCT_STOC_HELLO:376:*
SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE:377:*
SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE:456:tls_construct_stoc_key_share
SSL_F_TLS_CONSTRUCT_STOC_MAXFRAGMENTLEN:548:tls_construct_stoc_maxfragmentlen
SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG:457:tls_construct_stoc_next_proto_neg
SSL_F_TLS_CONSTRUCT_STOC_PSK:504:tls_construct_stoc_psk
SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE:458:tls_construct_stoc_renegotiate
SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME:459:tls_construct_stoc_server_name
SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET:460:tls_construct_stoc_session_ticket
SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST:461:tls_construct_stoc_status_request
SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS:544:\
tls_construct_stoc_supported_groups
SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS:611:\
tls_construct_stoc_supported_versions
SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP:462:tls_construct_stoc_use_srtp
SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO:521:\
tls_early_post_process_client_hello
SSL_F_TLS_FINISH_HANDSHAKE:597:tls_finish_handshake
SSL_F_TLS_GET_MESSAGE_BODY:351:tls_get_message_body
SSL_F_TLS_GET_MESSAGE_HEADER:387:tls_get_message_header
SSL_F_TLS_HANDLE_ALPN:562:tls_handle_alpn
SSL_F_TLS_HANDLE_STATUS_REQUEST:563:tls_handle_status_request
SSL_F_TLS_PARSE_CERTIFICATE_AUTHORITIES:566:tls_parse_certificate_authorities
SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT:449:*
SSL_F_TLS_PARSE_CTOS_ALPN:567:tls_parse_ctos_alpn
SSL_F_TLS_PARSE_CTOS_COOKIE:614:tls_parse_ctos_cookie
SSL_F_TLS_PARSE_CTOS_EARLY_DATA:568:tls_parse_ctos_early_data
SSL_F_TLS_PARSE_CTOS_EC_PT_FORMATS:569:tls_parse_ctos_ec_pt_formats
SSL_F_TLS_PARSE_CTOS_EMS:570:tls_parse_ctos_ems
SSL_F_TLS_PARSE_CTOS_KEY_SHARE:463:tls_parse_ctos_key_share
SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN:571:tls_parse_ctos_maxfragmentlen
SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH:620:tls_parse_ctos_post_handshake_auth
SSL_F_TLS_PARSE_CTOS_PSK:505:tls_parse_ctos_psk
SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES:572:tls_parse_ctos_psk_kex_modes
SSL_F_TLS_PARSE_CTOS_RENEGOTIATE:464:tls_parse_ctos_renegotiate
SSL_F_TLS_PARSE_CTOS_SERVER_NAME:573:tls_parse_ctos_server_name
SSL_F_TLS_PARSE_CTOS_SESSION_TICKET:574:tls_parse_ctos_session_ticket
SSL_F_TLS_PARSE_CTOS_SIG_ALGS:575:tls_parse_ctos_sig_algs
SSL_F_TLS_PARSE_CTOS_SIG_ALGS_CERT:615:tls_parse_ctos_sig_algs_cert
SSL_F_TLS_PARSE_CTOS_SRP:576:tls_parse_ctos_srp
SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST:577:tls_parse_ctos_status_request
SSL_F_TLS_PARSE_CTOS_SUPPORTED_GROUPS:578:tls_parse_ctos_supported_groups
SSL_F_TLS_PARSE_CTOS_USE_SRTP:465:tls_parse_ctos_use_srtp
SSL_F_TLS_PARSE_STOC_ALPN:579:tls_parse_stoc_alpn
SSL_F_TLS_PARSE_STOC_COOKIE:534:tls_parse_stoc_cookie
SSL_F_TLS_PARSE_STOC_EARLY_DATA:538:tls_parse_stoc_early_data
SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO:528:*
SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS:580:tls_parse_stoc_ec_pt_formats
SSL_F_TLS_PARSE_STOC_KEY_SHARE:445:tls_parse_stoc_key_share
SSL_F_TLS_PARSE_STOC_MAXFRAGMENTLEN:581:tls_parse_stoc_maxfragmentlen
SSL_F_TLS_PARSE_STOC_NPN:582:tls_parse_stoc_npn
SSL_F_TLS_PARSE_STOC_PSK:502:tls_parse_stoc_psk
SSL_F_TLS_PARSE_STOC_RENEGOTIATE:448:tls_parse_stoc_renegotiate
SSL_F_TLS_PARSE_STOC_SCT:564:tls_parse_stoc_sct
SSL_F_TLS_PARSE_STOC_SERVER_NAME:583:tls_parse_stoc_server_name
SSL_F_TLS_PARSE_STOC_SESSION_TICKET:584:tls_parse_stoc_session_ticket
SSL_F_TLS_PARSE_STOC_STATUS_REQUEST:585:tls_parse_stoc_status_request
SSL_F_TLS_PARSE_STOC_SUPPORTED_VERSIONS:612:tls_parse_stoc_supported_versions
SSL_F_TLS_PARSE_STOC_USE_SRTP:446:tls_parse_stoc_use_srtp
SSL_F_TLS_POST_PROCESS_CLIENT_HELLO:378:tls_post_process_client_hello
SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE:384:\
tls_post_process_client_key_exchange
SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE:360:tls_prepare_client_certificate
SSL_F_TLS_PROCESS_AS_HELLO_RETRY_REQUEST:610:tls_process_as_hello_retry_request
SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST:361:tls_process_certificate_request
SSL_F_TLS_PROCESS_CERT_STATUS:362:*
SSL_F_TLS_PROCESS_CERT_STATUS_BODY:495:tls_process_cert_status_body
SSL_F_TLS_PROCESS_CERT_VERIFY:379:tls_process_cert_verify
SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC:363:tls_process_change_cipher_spec
SSL_F_TLS_PROCESS_CKE_DHE:411:tls_process_cke_dhe
SSL_F_TLS_PROCESS_CKE_ECDHE:412:tls_process_cke_ecdhe
SSL_F_TLS_PROCESS_CKE_GOST:413:tls_process_cke_gost
SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE:414:tls_process_cke_psk_preamble
SSL_F_TLS_PROCESS_CKE_RSA:415:tls_process_cke_rsa
SSL_F_TLS_PROCESS_CKE_SRP:416:tls_process_cke_srp
SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE:380:tls_process_client_certificate
SSL_F_TLS_PROCESS_CLIENT_HELLO:381:tls_process_client_hello
SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE:382:tls_process_client_key_exchange
SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS:444:tls_process_encrypted_extensions
SSL_F_TLS_PROCESS_END_OF_EARLY_DATA:537:tls_process_end_of_early_data
SSL_F_TLS_PROCESS_FINISHED:364:tls_process_finished
SSL_F_TLS_PROCESS_HELLO_REQ:507:tls_process_hello_req
SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST:511:tls_process_hello_retry_request
SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT:442:tls_process_initial_server_flight
SSL_F_TLS_PROCESS_KEY_EXCHANGE:365:tls_process_key_exchange
SSL_F_TLS_PROCESS_KEY_UPDATE:518:tls_process_key_update
SSL_F_TLS_PROCESS_NEW_SESSION_TICKET:366:tls_process_new_session_ticket
SSL_F_TLS_PROCESS_NEXT_PROTO:383:tls_process_next_proto
SSL_F_TLS_PROCESS_SERVER_CERTIFICATE:367:tls_process_server_certificate
SSL_F_TLS_PROCESS_SERVER_DONE:368:tls_process_server_done
SSL_F_TLS_PROCESS_SERVER_HELLO:369:tls_process_server_hello
SSL_F_TLS_PROCESS_SKE_DHE:419:tls_process_ske_dhe
SSL_F_TLS_PROCESS_SKE_ECDHE:420:tls_process_ske_ecdhe
SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE:421:tls_process_ske_psk_preamble
SSL_F_TLS_PROCESS_SKE_SRP:422:tls_process_ske_srp
SSL_F_TLS_PSK_DO_BINDER:506:tls_psk_do_binder
SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT:450:*
SSL_F_TLS_SETUP_HANDSHAKE:508:tls_setup_handshake
SSL_F_USE_CERTIFICATE_CHAIN_FILE:220:use_certificate_chain_file
SSL_F_WPACKET_INTERN_INIT_LEN:633:wpacket_intern_init_len
SSL_F_WPACKET_START_SUB_PACKET_LEN__:634:WPACKET_start_sub_packet_len__
SSL_F_WRITE_STATE_MACHINE:586:write_state_machine
TS_F_DEF_SERIAL_CB:110:def_serial_cb
TS_F_DEF_TIME_CB:111:def_time_cb
TS_F_ESS_ADD_SIGNING_CERT:112:ess_add_signing_cert
TS_F_ESS_ADD_SIGNING_CERT_V2:147:ess_add_signing_cert_v2
TS_F_ESS_CERT_ID_NEW_INIT:113:ess_CERT_ID_new_init
TS_F_ESS_CERT_ID_V2_NEW_INIT:156:ess_cert_id_v2_new_init
TS_F_ESS_SIGNING_CERT_NEW_INIT:114:ess_SIGNING_CERT_new_init
TS_F_ESS_SIGNING_CERT_V2_NEW_INIT:157:ess_signing_cert_v2_new_init
TS_F_INT_TS_RESP_VERIFY_TOKEN:149:int_ts_RESP_verify_token
TS_F_PKCS7_TO_TS_TST_INFO:148:PKCS7_to_TS_TST_INFO
TS_F_TS_ACCURACY_SET_MICROS:115:TS_ACCURACY_set_micros
TS_F_TS_ACCURACY_SET_MILLIS:116:TS_ACCURACY_set_millis
TS_F_TS_ACCURACY_SET_SECONDS:117:TS_ACCURACY_set_seconds
TS_F_TS_CHECK_IMPRINTS:100:ts_check_imprints
TS_F_TS_CHECK_NONCES:101:ts_check_nonces
TS_F_TS_CHECK_POLICY:102:ts_check_policy
TS_F_TS_CHECK_SIGNING_CERTS:103:ts_check_signing_certs
TS_F_TS_CHECK_STATUS_INFO:104:ts_check_status_info
TS_F_TS_COMPUTE_IMPRINT:145:ts_compute_imprint
TS_F_TS_CONF_INVALID:151:ts_CONF_invalid
TS_F_TS_CONF_LOAD_CERT:153:TS_CONF_load_cert
TS_F_TS_CONF_LOAD_CERTS:154:TS_CONF_load_certs
TS_F_TS_CONF_LOAD_KEY:155:TS_CONF_load_key
TS_F_TS_CONF_LOOKUP_FAIL:152:ts_CONF_lookup_fail
TS_F_TS_CONF_SET_DEFAULT_ENGINE:146:TS_CONF_set_default_engine
TS_F_TS_GET_STATUS_TEXT:105:ts_get_status_text
TS_F_TS_MSG_IMPRINT_SET_ALGO:118:TS_MSG_IMPRINT_set_algo
TS_F_TS_REQ_SET_MSG_IMPRINT:119:TS_REQ_set_msg_imprint
TS_F_TS_REQ_SET_NONCE:120:TS_REQ_set_nonce
TS_F_TS_REQ_SET_POLICY_ID:121:TS_REQ_set_policy_id
TS_F_TS_RESP_CREATE_RESPONSE:122:TS_RESP_create_response
TS_F_TS_RESP_CREATE_TST_INFO:123:ts_RESP_create_tst_info
TS_F_TS_RESP_CTX_ADD_FAILURE_INFO:124:TS_RESP_CTX_add_failure_info
TS_F_TS_RESP_CTX_ADD_MD:125:TS_RESP_CTX_add_md
TS_F_TS_RESP_CTX_ADD_POLICY:126:TS_RESP_CTX_add_policy
TS_F_TS_RESP_CTX_NEW:127:TS_RESP_CTX_new
TS_F_TS_RESP_CTX_SET_ACCURACY:128:TS_RESP_CTX_set_accuracy
TS_F_TS_RESP_CTX_SET_CERTS:129:TS_RESP_CTX_set_certs
TS_F_TS_RESP_CTX_SET_DEF_POLICY:130:TS_RESP_CTX_set_def_policy
TS_F_TS_RESP_CTX_SET_SIGNER_CERT:131:TS_RESP_CTX_set_signer_cert
TS_F_TS_RESP_CTX_SET_STATUS_INFO:132:TS_RESP_CTX_set_status_info
TS_F_TS_RESP_GET_POLICY:133:ts_RESP_get_policy
TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION:134:TS_RESP_set_genTime_with_precision
TS_F_TS_RESP_SET_STATUS_INFO:135:TS_RESP_set_status_info
TS_F_TS_RESP_SET_TST_INFO:150:TS_RESP_set_tst_info
TS_F_TS_RESP_SIGN:136:ts_RESP_sign
TS_F_TS_RESP_VERIFY_SIGNATURE:106:TS_RESP_verify_signature
TS_F_TS_TST_INFO_SET_ACCURACY:137:TS_TST_INFO_set_accuracy
TS_F_TS_TST_INFO_SET_MSG_IMPRINT:138:TS_TST_INFO_set_msg_imprint
TS_F_TS_TST_INFO_SET_NONCE:139:TS_TST_INFO_set_nonce
TS_F_TS_TST_INFO_SET_POLICY_ID:140:TS_TST_INFO_set_policy_id
TS_F_TS_TST_INFO_SET_SERIAL:141:TS_TST_INFO_set_serial
TS_F_TS_TST_INFO_SET_TIME:142:TS_TST_INFO_set_time
TS_F_TS_TST_INFO_SET_TSA:143:TS_TST_INFO_set_tsa
TS_F_TS_VERIFY:108:*
TS_F_TS_VERIFY_CERT:109:ts_verify_cert
TS_F_TS_VERIFY_CTX_NEW:144:TS_VERIFY_CTX_new
UI_F_CLOSE_CONSOLE:115:close_console
UI_F_ECHO_CONSOLE:116:echo_console
UI_F_GENERAL_ALLOCATE_BOOLEAN:108:general_allocate_boolean
UI_F_GENERAL_ALLOCATE_PROMPT:109:general_allocate_prompt
UI_F_NOECHO_CONSOLE:117:noecho_console
UI_F_OPEN_CONSOLE:114:open_console
UI_F_UI_CONSTRUCT_PROMPT:121:UI_construct_prompt
UI_F_UI_CREATE_METHOD:112:UI_create_method
UI_F_UI_CTRL:111:UI_ctrl
UI_F_UI_DUP_ERROR_STRING:101:UI_dup_error_string
UI_F_UI_DUP_INFO_STRING:102:UI_dup_info_string
UI_F_UI_DUP_INPUT_BOOLEAN:110:UI_dup_input_boolean
UI_F_UI_DUP_INPUT_STRING:103:UI_dup_input_string
UI_F_UI_DUP_USER_DATA:118:UI_dup_user_data
UI_F_UI_DUP_VERIFY_STRING:106:UI_dup_verify_string
UI_F_UI_GET0_RESULT:107:UI_get0_result
UI_F_UI_GET_RESULT_LENGTH:119:UI_get_result_length
UI_F_UI_NEW_METHOD:104:UI_new_method
UI_F_UI_PROCESS:113:UI_process
UI_F_UI_SET_RESULT:105:UI_set_result
UI_F_UI_SET_RESULT_EX:120:UI_set_result_ex
X509V3_F_A2I_GENERAL_NAME:164:a2i_GENERAL_NAME
X509V3_F_ADDR_VALIDATE_PATH_INTERNAL:166:addr_validate_path_internal
X509V3_F_ASIDENTIFIERCHOICE_CANONIZE:161:ASIdentifierChoice_canonize
X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL:162:ASIdentifierChoice_is_canonical
X509V3_F_BIGNUM_TO_STRING:167:bignum_to_string
X509V3_F_COPY_EMAIL:122:copy_email
X509V3_F_COPY_ISSUER:123:copy_issuer
X509V3_F_DO_DIRNAME:144:do_dirname
X509V3_F_DO_EXT_I2D:135:do_ext_i2d
X509V3_F_DO_EXT_NCONF:151:do_ext_nconf
X509V3_F_GNAMES_FROM_SECTNAME:156:gnames_from_sectname
X509V3_F_I2S_ASN1_ENUMERATED:121:i2s_ASN1_ENUMERATED
X509V3_F_I2S_ASN1_IA5STRING:149:i2s_ASN1_IA5STRING
X509V3_F_I2S_ASN1_INTEGER:120:i2s_ASN1_INTEGER
X509V3_F_I2V_AUTHORITY_INFO_ACCESS:138:i2v_AUTHORITY_INFO_ACCESS
X509V3_F_LEVEL_ADD_NODE:168:level_add_node
X509V3_F_NOTICE_SECTION:132:notice_section
X509V3_F_NREF_NOS:133:nref_nos
X509V3_F_POLICY_CACHE_CREATE:169:policy_cache_create
X509V3_F_POLICY_CACHE_NEW:170:policy_cache_new
X509V3_F_POLICY_DATA_NEW:171:policy_data_new
X509V3_F_POLICY_SECTION:131:policy_section
X509V3_F_PROCESS_PCI_VALUE:150:process_pci_value
X509V3_F_R2I_CERTPOL:130:r2i_certpol
X509V3_F_R2I_PCI:155:r2i_pci
X509V3_F_S2I_ASN1_IA5STRING:100:s2i_ASN1_IA5STRING
X509V3_F_S2I_ASN1_INTEGER:108:s2i_ASN1_INTEGER
X509V3_F_S2I_ASN1_OCTET_STRING:112:s2i_ASN1_OCTET_STRING
X509V3_F_S2I_SKEY_ID:115:s2i_skey_id
X509V3_F_SET_DIST_POINT_NAME:158:set_dist_point_name
X509V3_F_SXNET_ADD_ID_ASC:125:SXNET_add_id_asc
X509V3_F_SXNET_ADD_ID_INTEGER:126:SXNET_add_id_INTEGER
X509V3_F_SXNET_ADD_ID_ULONG:127:SXNET_add_id_ulong
X509V3_F_SXNET_GET_ID_ASC:128:SXNET_get_id_asc
X509V3_F_SXNET_GET_ID_ULONG:129:SXNET_get_id_ulong
X509V3_F_TREE_INIT:172:tree_init
X509V3_F_V2I_ASIDENTIFIERS:163:v2i_ASIdentifiers
X509V3_F_V2I_ASN1_BIT_STRING:101:v2i_ASN1_BIT_STRING
X509V3_F_V2I_AUTHORITY_INFO_ACCESS:139:v2i_AUTHORITY_INFO_ACCESS
X509V3_F_V2I_AUTHORITY_KEYID:119:v2i_AUTHORITY_KEYID
X509V3_F_V2I_BASIC_CONSTRAINTS:102:v2i_BASIC_CONSTRAINTS
X509V3_F_V2I_CRLD:134:v2i_crld
X509V3_F_V2I_EXTENDED_KEY_USAGE:103:v2i_EXTENDED_KEY_USAGE
X509V3_F_V2I_GENERAL_NAMES:118:v2i_GENERAL_NAMES
X509V3_F_V2I_GENERAL_NAME_EX:117:v2i_GENERAL_NAME_ex
X509V3_F_V2I_IDP:157:v2i_idp
X509V3_F_V2I_IPADDRBLOCKS:159:v2i_IPAddrBlocks
X509V3_F_V2I_ISSUER_ALT:153:v2i_issuer_alt
X509V3_F_V2I_NAME_CONSTRAINTS:147:v2i_NAME_CONSTRAINTS
X509V3_F_V2I_POLICY_CONSTRAINTS:146:v2i_POLICY_CONSTRAINTS
X509V3_F_V2I_POLICY_MAPPINGS:145:v2i_POLICY_MAPPINGS
X509V3_F_V2I_SUBJECT_ALT:154:v2i_subject_alt
X509V3_F_V2I_TLS_FEATURE:165:v2i_TLS_FEATURE
X509V3_F_V3_GENERIC_EXTENSION:116:v3_generic_extension
X509V3_F_X509V3_ADD1_I2D:140:X509V3_add1_i2d
X509V3_F_X509V3_ADD_VALUE:105:X509V3_add_value
X509V3_F_X509V3_EXT_ADD:104:X509V3_EXT_add
X509V3_F_X509V3_EXT_ADD_ALIAS:106:X509V3_EXT_add_alias
X509V3_F_X509V3_EXT_I2D:136:X509V3_EXT_i2d
X509V3_F_X509V3_EXT_NCONF:152:X509V3_EXT_nconf
X509V3_F_X509V3_GET_SECTION:142:X509V3_get_section
X509V3_F_X509V3_GET_STRING:143:X509V3_get_string
X509V3_F_X509V3_GET_VALUE_BOOL:110:X509V3_get_value_bool
X509V3_F_X509V3_PARSE_LIST:109:X509V3_parse_list
X509V3_F_X509_PURPOSE_ADD:137:X509_PURPOSE_add
X509V3_F_X509_PURPOSE_SET:141:X509_PURPOSE_set
X509_F_ADD_CERT_DIR:100:add_cert_dir
X509_F_BUILD_CHAIN:106:build_chain
X509_F_BY_FILE_CTRL:101:by_file_ctrl
X509_F_CHECK_NAME_CONSTRAINTS:149:check_name_constraints
X509_F_CHECK_POLICY:145:check_policy
X509_F_DANE_I2D:107:dane_i2d
X509_F_DIR_CTRL:102:dir_ctrl
X509_F_GET_CERT_BY_SUBJECT:103:get_cert_by_subject
X509_F_I2D_X509_AUX:151:i2d_X509_AUX
X509_F_LOOKUP_CERTS_SK:152:lookup_certs_sk
X509_F_NETSCAPE_SPKI_B64_DECODE:129:NETSCAPE_SPKI_b64_decode
X509_F_NETSCAPE_SPKI_B64_ENCODE:130:NETSCAPE_SPKI_b64_encode
X509_F_NEW_DIR:153:new_dir
X509_F_X509AT_ADD1_ATTR:135:X509at_add1_attr
X509_F_X509V3_ADD_EXT:104:X509v3_add_ext
X509_F_X509_ATTRIBUTE_CREATE_BY_NID:136:X509_ATTRIBUTE_create_by_NID
X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ:137:X509_ATTRIBUTE_create_by_OBJ
X509_F_X509_ATTRIBUTE_CREATE_BY_TXT:140:X509_ATTRIBUTE_create_by_txt
X509_F_X509_ATTRIBUTE_GET0_DATA:139:X509_ATTRIBUTE_get0_data
X509_F_X509_ATTRIBUTE_SET1_DATA:138:X509_ATTRIBUTE_set1_data
X509_F_X509_CHECK_PRIVATE_KEY:128:X509_check_private_key
X509_F_X509_CRL_DIFF:105:X509_CRL_diff
X509_F_X509_CRL_METHOD_NEW:154:X509_CRL_METHOD_new
X509_F_X509_CRL_PRINT_FP:147:X509_CRL_print_fp
X509_F_X509_EXTENSION_CREATE_BY_NID:108:X509_EXTENSION_create_by_NID
X509_F_X509_EXTENSION_CREATE_BY_OBJ:109:X509_EXTENSION_create_by_OBJ
X509_F_X509_GET_PUBKEY_PARAMETERS:110:X509_get_pubkey_parameters
X509_F_X509_LOAD_CERT_CRL_FILE:132:X509_load_cert_crl_file
X509_F_X509_LOAD_CERT_FILE:111:X509_load_cert_file
X509_F_X509_LOAD_CRL_FILE:112:X509_load_crl_file
X509_F_X509_LOOKUP_METH_NEW:160:X509_LOOKUP_meth_new
X509_F_X509_LOOKUP_NEW:155:X509_LOOKUP_new
X509_F_X509_NAME_ADD_ENTRY:113:X509_NAME_add_entry
X509_F_X509_NAME_CANON:156:x509_name_canon
X509_F_X509_NAME_ENTRY_CREATE_BY_NID:114:X509_NAME_ENTRY_create_by_NID
X509_F_X509_NAME_ENTRY_CREATE_BY_TXT:131:X509_NAME_ENTRY_create_by_txt
X509_F_X509_NAME_ENTRY_SET_OBJECT:115:X509_NAME_ENTRY_set_object
X509_F_X509_NAME_ONELINE:116:X509_NAME_oneline
X509_F_X509_NAME_PRINT:117:X509_NAME_print
X509_F_X509_OBJECT_NEW:150:X509_OBJECT_new
X509_F_X509_PRINT_EX_FP:118:X509_print_ex_fp
X509_F_X509_PUBKEY_DECODE:148:x509_pubkey_decode
X509_F_X509_PUBKEY_GET:161:X509_PUBKEY_get
X509_F_X509_PUBKEY_GET0:119:X509_PUBKEY_get0
X509_F_X509_PUBKEY_SET:120:X509_PUBKEY_set
X509_F_X509_REQ_CHECK_PRIVATE_KEY:144:X509_REQ_check_private_key
X509_F_X509_REQ_PRINT_EX:121:X509_REQ_print_ex
X509_F_X509_REQ_PRINT_FP:122:X509_REQ_print_fp
X509_F_X509_REQ_TO_X509:123:X509_REQ_to_X509
X509_F_X509_STORE_ADD_CERT:124:X509_STORE_add_cert
X509_F_X509_STORE_ADD_CRL:125:X509_STORE_add_crl
X509_F_X509_STORE_ADD_LOOKUP:157:X509_STORE_add_lookup
X509_F_X509_STORE_CTX_GET1_ISSUER:146:X509_STORE_CTX_get1_issuer
X509_F_X509_STORE_CTX_INIT:143:X509_STORE_CTX_init
X509_F_X509_STORE_CTX_NEW:142:X509_STORE_CTX_new
X509_F_X509_STORE_CTX_PURPOSE_INHERIT:134:X509_STORE_CTX_purpose_inherit
X509_F_X509_STORE_NEW:158:X509_STORE_new
X509_F_X509_TO_X509_REQ:126:X509_to_X509_REQ
X509_F_X509_TRUST_ADD:133:X509_TRUST_add
X509_F_X509_TRUST_SET:141:X509_TRUST_set
X509_F_X509_VERIFY_CERT:127:X509_verify_cert
X509_F_X509_VERIFY_PARAM_NEW:159:X509_VERIFY_PARAM_new
#Reason codes
ASN1_R_ADDING_OBJECT:171:adding object
ASN1_R_ASN1_PARSE_ERROR:203:asn1 parse error
ASN1_R_ASN1_SIG_PARSE_ERROR:204:asn1 sig parse error
ASN1_R_AUX_ERROR:100:aux error
ASN1_R_BAD_OBJECT_HEADER:102:bad object header
+ASN1_R_BAD_TEMPLATE:230:bad template
ASN1_R_BMPSTRING_IS_WRONG_LENGTH:214:bmpstring is wrong length
ASN1_R_BN_LIB:105:bn lib
ASN1_R_BOOLEAN_IS_WRONG_LENGTH:106:boolean is wrong length
ASN1_R_BUFFER_TOO_SMALL:107:buffer too small
ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER:108:cipher has no object identifier
ASN1_R_CONTEXT_NOT_INITIALISED:217:context not initialised
ASN1_R_DATA_IS_WRONG:109:data is wrong
ASN1_R_DECODE_ERROR:110:decode error
ASN1_R_DEPTH_EXCEEDED:174:depth exceeded
ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED:198:digest and key type not supported
ASN1_R_ENCODE_ERROR:112:encode error
ASN1_R_ERROR_GETTING_TIME:173:error getting time
ASN1_R_ERROR_LOADING_SECTION:172:error loading section
ASN1_R_ERROR_SETTING_CIPHER_PARAMS:114:error setting cipher params
ASN1_R_EXPECTING_AN_INTEGER:115:expecting an integer
ASN1_R_EXPECTING_AN_OBJECT:116:expecting an object
ASN1_R_EXPLICIT_LENGTH_MISMATCH:119:explicit length mismatch
ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED:120:explicit tag not constructed
ASN1_R_FIELD_MISSING:121:field missing
ASN1_R_FIRST_NUM_TOO_LARGE:122:first num too large
ASN1_R_HEADER_TOO_LONG:123:header too long
ASN1_R_ILLEGAL_BITSTRING_FORMAT:175:illegal bitstring format
ASN1_R_ILLEGAL_BOOLEAN:176:illegal boolean
ASN1_R_ILLEGAL_CHARACTERS:124:illegal characters
ASN1_R_ILLEGAL_FORMAT:177:illegal format
ASN1_R_ILLEGAL_HEX:178:illegal hex
ASN1_R_ILLEGAL_IMPLICIT_TAG:179:illegal implicit tag
ASN1_R_ILLEGAL_INTEGER:180:illegal integer
ASN1_R_ILLEGAL_NEGATIVE_VALUE:226:illegal negative value
ASN1_R_ILLEGAL_NESTED_TAGGING:181:illegal nested tagging
ASN1_R_ILLEGAL_NULL:125:illegal null
ASN1_R_ILLEGAL_NULL_VALUE:182:illegal null value
ASN1_R_ILLEGAL_OBJECT:183:illegal object
ASN1_R_ILLEGAL_OPTIONAL_ANY:126:illegal optional any
ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE:170:illegal options on item template
ASN1_R_ILLEGAL_PADDING:221:illegal padding
ASN1_R_ILLEGAL_TAGGED_ANY:127:illegal tagged any
ASN1_R_ILLEGAL_TIME_VALUE:184:illegal time value
ASN1_R_ILLEGAL_ZERO_CONTENT:222:illegal zero content
ASN1_R_INTEGER_NOT_ASCII_FORMAT:185:integer not ascii format
ASN1_R_INTEGER_TOO_LARGE_FOR_LONG:128:integer too large for long
ASN1_R_INVALID_BIT_STRING_BITS_LEFT:220:invalid bit string bits left
ASN1_R_INVALID_BMPSTRING_LENGTH:129:invalid bmpstring length
ASN1_R_INVALID_DIGIT:130:invalid digit
ASN1_R_INVALID_MIME_TYPE:205:invalid mime type
ASN1_R_INVALID_MODIFIER:186:invalid modifier
ASN1_R_INVALID_NUMBER:187:invalid number
ASN1_R_INVALID_OBJECT_ENCODING:216:invalid object encoding
ASN1_R_INVALID_SCRYPT_PARAMETERS:227:invalid scrypt parameters
ASN1_R_INVALID_SEPARATOR:131:invalid separator
ASN1_R_INVALID_STRING_TABLE_VALUE:218:invalid string table value
ASN1_R_INVALID_UNIVERSALSTRING_LENGTH:133:invalid universalstring length
ASN1_R_INVALID_UTF8STRING:134:invalid utf8string
ASN1_R_INVALID_VALUE:219:invalid value
ASN1_R_LIST_ERROR:188:list error
ASN1_R_MIME_NO_CONTENT_TYPE:206:mime no content type
ASN1_R_MIME_PARSE_ERROR:207:mime parse error
ASN1_R_MIME_SIG_PARSE_ERROR:208:mime sig parse error
ASN1_R_MISSING_EOC:137:missing eoc
ASN1_R_MISSING_SECOND_NUMBER:138:missing second number
ASN1_R_MISSING_VALUE:189:missing value
ASN1_R_MSTRING_NOT_UNIVERSAL:139:mstring not universal
ASN1_R_MSTRING_WRONG_TAG:140:mstring wrong tag
ASN1_R_NESTED_ASN1_STRING:197:nested asn1 string
ASN1_R_NESTED_TOO_DEEP:201:nested too deep
ASN1_R_NON_HEX_CHARACTERS:141:non hex characters
ASN1_R_NOT_ASCII_FORMAT:190:not ascii format
ASN1_R_NOT_ENOUGH_DATA:142:not enough data
ASN1_R_NO_CONTENT_TYPE:209:no content type
ASN1_R_NO_MATCHING_CHOICE_TYPE:143:no matching choice type
ASN1_R_NO_MULTIPART_BODY_FAILURE:210:no multipart body failure
ASN1_R_NO_MULTIPART_BOUNDARY:211:no multipart boundary
ASN1_R_NO_SIG_CONTENT_TYPE:212:no sig content type
ASN1_R_NULL_IS_WRONG_LENGTH:144:null is wrong length
ASN1_R_OBJECT_NOT_ASCII_FORMAT:191:object not ascii format
ASN1_R_ODD_NUMBER_OF_CHARS:145:odd number of chars
ASN1_R_SECOND_NUMBER_TOO_LARGE:147:second number too large
ASN1_R_SEQUENCE_LENGTH_MISMATCH:148:sequence length mismatch
ASN1_R_SEQUENCE_NOT_CONSTRUCTED:149:sequence not constructed
ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG:192:sequence or set needs config
ASN1_R_SHORT_LINE:150:short line
ASN1_R_SIG_INVALID_MIME_TYPE:213:sig invalid mime type
ASN1_R_STREAMING_NOT_SUPPORTED:202:streaming not supported
ASN1_R_STRING_TOO_LONG:151:string too long
ASN1_R_STRING_TOO_SHORT:152:string too short
ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD:154:\
the asn1 object identifier is not known for this md
ASN1_R_TIME_NOT_ASCII_FORMAT:193:time not ascii format
ASN1_R_TOO_LARGE:223:too large
ASN1_R_TOO_LONG:155:too long
ASN1_R_TOO_SMALL:224:too small
ASN1_R_TYPE_NOT_CONSTRUCTED:156:type not constructed
ASN1_R_TYPE_NOT_PRIMITIVE:195:type not primitive
ASN1_R_UNEXPECTED_EOC:159:unexpected eoc
ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH:215:universalstring is wrong length
ASN1_R_UNKNOWN_FORMAT:160:unknown format
ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM:161:unknown message digest algorithm
ASN1_R_UNKNOWN_OBJECT_TYPE:162:unknown object type
ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE:163:unknown public key type
ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM:199:unknown signature algorithm
ASN1_R_UNKNOWN_TAG:194:unknown tag
ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE:164:unsupported any defined by type
ASN1_R_UNSUPPORTED_CIPHER:228:unsupported cipher
ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE:167:unsupported public key type
ASN1_R_UNSUPPORTED_TYPE:196:unsupported type
ASN1_R_WRONG_INTEGER_TYPE:225:wrong integer type
ASN1_R_WRONG_PUBLIC_KEY_TYPE:200:wrong public key type
ASN1_R_WRONG_TAG:168:wrong tag
ASYNC_R_FAILED_TO_SET_POOL:101:failed to set pool
ASYNC_R_FAILED_TO_SWAP_CONTEXT:102:failed to swap context
ASYNC_R_INIT_FAILED:105:init failed
ASYNC_R_INVALID_POOL_SIZE:103:invalid pool size
BIO_R_ACCEPT_ERROR:100:accept error
BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET:141:addrinfo addr is not af inet
BIO_R_AMBIGUOUS_HOST_OR_SERVICE:129:ambiguous host or service
BIO_R_BAD_FOPEN_MODE:101:bad fopen mode
BIO_R_BROKEN_PIPE:124:broken pipe
BIO_R_CONNECT_ERROR:103:connect error
BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET:107:gethostbyname addr is not af inet
BIO_R_GETSOCKNAME_ERROR:132:getsockname error
BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS:133:getsockname truncated address
BIO_R_GETTING_SOCKTYPE:134:getting socktype
BIO_R_INVALID_ARGUMENT:125:invalid argument
BIO_R_INVALID_SOCKET:135:invalid socket
BIO_R_IN_USE:123:in use
BIO_R_LENGTH_TOO_LONG:102:length too long
BIO_R_LISTEN_V6_ONLY:136:listen v6 only
BIO_R_LOOKUP_RETURNED_NOTHING:142:lookup returned nothing
BIO_R_MALFORMED_HOST_OR_SERVICE:130:malformed host or service
BIO_R_NBIO_CONNECT_ERROR:110:nbio connect error
BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED:143:\
no accept addr or service specified
BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED:144:no hostname or service specified
BIO_R_NO_PORT_DEFINED:113:no port defined
BIO_R_NO_SUCH_FILE:128:no such file
BIO_R_NULL_PARAMETER:115:null parameter
BIO_R_UNABLE_TO_BIND_SOCKET:117:unable to bind socket
BIO_R_UNABLE_TO_CREATE_SOCKET:118:unable to create socket
BIO_R_UNABLE_TO_KEEPALIVE:137:unable to keepalive
BIO_R_UNABLE_TO_LISTEN_SOCKET:119:unable to listen socket
BIO_R_UNABLE_TO_NODELAY:138:unable to nodelay
BIO_R_UNABLE_TO_REUSEADDR:139:unable to reuseaddr
BIO_R_UNAVAILABLE_IP_FAMILY:145:unavailable ip family
BIO_R_UNINITIALIZED:120:uninitialized
BIO_R_UNKNOWN_INFO_TYPE:140:unknown info type
BIO_R_UNSUPPORTED_IP_FAMILY:146:unsupported ip family
BIO_R_UNSUPPORTED_METHOD:121:unsupported method
BIO_R_UNSUPPORTED_PROTOCOL_FAMILY:131:unsupported protocol family
BIO_R_WRITE_TO_READ_ONLY_BIO:126:write to read only BIO
BIO_R_WSASTARTUP:122:WSAStartup
BN_R_ARG2_LT_ARG3:100:arg2 lt arg3
BN_R_BAD_RECIPROCAL:101:bad reciprocal
BN_R_BIGNUM_TOO_LONG:114:bignum too long
BN_R_BITS_TOO_SMALL:118:bits too small
BN_R_CALLED_WITH_EVEN_MODULUS:102:called with even modulus
BN_R_DIV_BY_ZERO:103:div by zero
BN_R_ENCODING_ERROR:104:encoding error
BN_R_EXPAND_ON_STATIC_BIGNUM_DATA:105:expand on static bignum data
BN_R_INPUT_NOT_REDUCED:110:input not reduced
BN_R_INVALID_LENGTH:106:invalid length
BN_R_INVALID_RANGE:115:invalid range
BN_R_INVALID_SHIFT:119:invalid shift
BN_R_NOT_A_SQUARE:111:not a square
BN_R_NOT_INITIALIZED:107:not initialized
BN_R_NO_INVERSE:108:no inverse
BN_R_NO_SOLUTION:116:no solution
BN_R_PRIVATE_KEY_TOO_LARGE:117:private key too large
BN_R_P_IS_NOT_PRIME:112:p is not prime
BN_R_TOO_MANY_ITERATIONS:113:too many iterations
BN_R_TOO_MANY_TEMPORARY_VARIABLES:109:too many temporary variables
CMS_R_ADD_SIGNER_ERROR:99:add signer error
CMS_R_ATTRIBUTE_ERROR:161:attribute error
CMS_R_CERTIFICATE_ALREADY_PRESENT:175:certificate already present
CMS_R_CERTIFICATE_HAS_NO_KEYID:160:certificate has no keyid
CMS_R_CERTIFICATE_VERIFY_ERROR:100:certificate verify error
CMS_R_CIPHER_INITIALISATION_ERROR:101:cipher initialisation error
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR:102:\
cipher parameter initialisation error
CMS_R_CMS_DATAFINAL_ERROR:103:cms datafinal error
CMS_R_CMS_LIB:104:cms lib
CMS_R_CONTENTIDENTIFIER_MISMATCH:170:contentidentifier mismatch
CMS_R_CONTENT_NOT_FOUND:105:content not found
CMS_R_CONTENT_TYPE_MISMATCH:171:content type mismatch
CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA:106:content type not compressed data
CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA:107:content type not enveloped data
CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA:108:content type not signed data
CMS_R_CONTENT_VERIFY_ERROR:109:content verify error
CMS_R_CTRL_ERROR:110:ctrl error
CMS_R_CTRL_FAILURE:111:ctrl failure
CMS_R_DECRYPT_ERROR:112:decrypt error
CMS_R_ERROR_GETTING_PUBLIC_KEY:113:error getting public key
CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE:114:\
error reading messagedigest attribute
CMS_R_ERROR_SETTING_KEY:115:error setting key
CMS_R_ERROR_SETTING_RECIPIENTINFO:116:error setting recipientinfo
CMS_R_INVALID_ENCRYPTED_KEY_LENGTH:117:invalid encrypted key length
CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER:176:invalid key encryption parameter
CMS_R_INVALID_KEY_LENGTH:118:invalid key length
CMS_R_MD_BIO_INIT_ERROR:119:md bio init error
CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH:120:\
messagedigest attribute wrong length
CMS_R_MESSAGEDIGEST_WRONG_LENGTH:121:messagedigest wrong length
CMS_R_MSGSIGDIGEST_ERROR:172:msgsigdigest error
CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE:162:msgsigdigest verification failure
CMS_R_MSGSIGDIGEST_WRONG_LENGTH:163:msgsigdigest wrong length
CMS_R_NEED_ONE_SIGNER:164:need one signer
CMS_R_NOT_A_SIGNED_RECEIPT:165:not a signed receipt
CMS_R_NOT_ENCRYPTED_DATA:122:not encrypted data
CMS_R_NOT_KEK:123:not kek
CMS_R_NOT_KEY_AGREEMENT:181:not key agreement
CMS_R_NOT_KEY_TRANSPORT:124:not key transport
CMS_R_NOT_PWRI:177:not pwri
CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE:125:not supported for this key type
CMS_R_NO_CIPHER:126:no cipher
CMS_R_NO_CONTENT:127:no content
CMS_R_NO_CONTENT_TYPE:173:no content type
CMS_R_NO_DEFAULT_DIGEST:128:no default digest
CMS_R_NO_DIGEST_SET:129:no digest set
CMS_R_NO_KEY:130:no key
CMS_R_NO_KEY_OR_CERT:174:no key or cert
CMS_R_NO_MATCHING_DIGEST:131:no matching digest
CMS_R_NO_MATCHING_RECIPIENT:132:no matching recipient
CMS_R_NO_MATCHING_SIGNATURE:166:no matching signature
CMS_R_NO_MSGSIGDIGEST:167:no msgsigdigest
CMS_R_NO_PASSWORD:178:no password
CMS_R_NO_PRIVATE_KEY:133:no private key
CMS_R_NO_PUBLIC_KEY:134:no public key
CMS_R_NO_RECEIPT_REQUEST:168:no receipt request
CMS_R_NO_SIGNERS:135:no signers
CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE:136:\
private key does not match certificate
CMS_R_RECEIPT_DECODE_ERROR:169:receipt decode error
CMS_R_RECIPIENT_ERROR:137:recipient error
CMS_R_SIGNER_CERTIFICATE_NOT_FOUND:138:signer certificate not found
CMS_R_SIGNFINAL_ERROR:139:signfinal error
CMS_R_SMIME_TEXT_ERROR:140:smime text error
CMS_R_STORE_INIT_ERROR:141:store init error
CMS_R_TYPE_NOT_COMPRESSED_DATA:142:type not compressed data
CMS_R_TYPE_NOT_DATA:143:type not data
CMS_R_TYPE_NOT_DIGESTED_DATA:144:type not digested data
CMS_R_TYPE_NOT_ENCRYPTED_DATA:145:type not encrypted data
CMS_R_TYPE_NOT_ENVELOPED_DATA:146:type not enveloped data
CMS_R_UNABLE_TO_FINALIZE_CONTEXT:147:unable to finalize context
CMS_R_UNKNOWN_CIPHER:148:unknown cipher
CMS_R_UNKNOWN_DIGEST_ALGORITHM:149:unknown digest algorithm
CMS_R_UNKNOWN_ID:150:unknown id
CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM:151:unsupported compression algorithm
CMS_R_UNSUPPORTED_CONTENT_TYPE:152:unsupported content type
CMS_R_UNSUPPORTED_KEK_ALGORITHM:153:unsupported kek algorithm
CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM:179:\
unsupported key encryption algorithm
CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE:155:unsupported recipientinfo type
CMS_R_UNSUPPORTED_RECIPIENT_TYPE:154:unsupported recipient type
CMS_R_UNSUPPORTED_TYPE:156:unsupported type
CMS_R_UNWRAP_ERROR:157:unwrap error
CMS_R_UNWRAP_FAILURE:180:unwrap failure
CMS_R_VERIFICATION_FAILURE:158:verification failure
CMS_R_WRAP_ERROR:159:wrap error
COMP_R_ZLIB_DEFLATE_ERROR:99:zlib deflate error
COMP_R_ZLIB_INFLATE_ERROR:100:zlib inflate error
COMP_R_ZLIB_NOT_SUPPORTED:101:zlib not supported
CONF_R_ERROR_LOADING_DSO:110:error loading dso
CONF_R_LIST_CANNOT_BE_NULL:115:list cannot be null
CONF_R_MISSING_CLOSE_SQUARE_BRACKET:100:missing close square bracket
CONF_R_MISSING_EQUAL_SIGN:101:missing equal sign
CONF_R_MISSING_INIT_FUNCTION:112:missing init function
CONF_R_MODULE_INITIALIZATION_ERROR:109:module initialization error
CONF_R_NO_CLOSE_BRACE:102:no close brace
CONF_R_NO_CONF:105:no conf
CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE:106:no conf or environment variable
CONF_R_NO_SECTION:107:no section
CONF_R_NO_SUCH_FILE:114:no such file
CONF_R_NO_VALUE:108:no value
CONF_R_NUMBER_TOO_LARGE:121:number too large
CONF_R_RECURSIVE_DIRECTORY_INCLUDE:111:recursive directory include
CONF_R_SSL_COMMAND_SECTION_EMPTY:117:ssl command section empty
CONF_R_SSL_COMMAND_SECTION_NOT_FOUND:118:ssl command section not found
CONF_R_SSL_SECTION_EMPTY:119:ssl section empty
CONF_R_SSL_SECTION_NOT_FOUND:120:ssl section not found
CONF_R_UNABLE_TO_CREATE_NEW_SECTION:103:unable to create new section
CONF_R_UNKNOWN_MODULE_NAME:113:unknown module name
CONF_R_VARIABLE_EXPANSION_TOO_LONG:116:variable expansion too long
CONF_R_VARIABLE_HAS_NO_VALUE:104:variable has no value
CRYPTO_R_FIPS_MODE_NOT_SUPPORTED:101:fips mode not supported
CRYPTO_R_ILLEGAL_HEX_DIGIT:102:illegal hex digit
CRYPTO_R_ODD_NUMBER_OF_DIGITS:103:odd number of digits
CT_R_BASE64_DECODE_ERROR:108:base64 decode error
CT_R_INVALID_LOG_ID_LENGTH:100:invalid log id length
CT_R_LOG_CONF_INVALID:109:log conf invalid
CT_R_LOG_CONF_INVALID_KEY:110:log conf invalid key
CT_R_LOG_CONF_MISSING_DESCRIPTION:111:log conf missing description
CT_R_LOG_CONF_MISSING_KEY:112:log conf missing key
CT_R_LOG_KEY_INVALID:113:log key invalid
CT_R_SCT_FUTURE_TIMESTAMP:116:sct future timestamp
CT_R_SCT_INVALID:104:sct invalid
CT_R_SCT_INVALID_SIGNATURE:107:sct invalid signature
CT_R_SCT_LIST_INVALID:105:sct list invalid
CT_R_SCT_LOG_ID_MISMATCH:114:sct log id mismatch
CT_R_SCT_NOT_SET:106:sct not set
CT_R_SCT_UNSUPPORTED_VERSION:115:sct unsupported version
CT_R_UNRECOGNIZED_SIGNATURE_NID:101:unrecognized signature nid
CT_R_UNSUPPORTED_ENTRY_TYPE:102:unsupported entry type
CT_R_UNSUPPORTED_VERSION:103:unsupported version
DH_R_BAD_GENERATOR:101:bad generator
DH_R_BN_DECODE_ERROR:109:bn decode error
DH_R_BN_ERROR:106:bn error
DH_R_CHECK_INVALID_J_VALUE:115:check invalid j value
DH_R_CHECK_INVALID_Q_VALUE:116:check invalid q value
DH_R_CHECK_PUBKEY_INVALID:122:check pubkey invalid
DH_R_CHECK_PUBKEY_TOO_LARGE:123:check pubkey too large
DH_R_CHECK_PUBKEY_TOO_SMALL:124:check pubkey too small
DH_R_CHECK_P_NOT_PRIME:117:check p not prime
DH_R_CHECK_P_NOT_SAFE_PRIME:118:check p not safe prime
DH_R_CHECK_Q_NOT_PRIME:119:check q not prime
DH_R_DECODE_ERROR:104:decode error
DH_R_INVALID_PARAMETER_NAME:110:invalid parameter name
DH_R_INVALID_PARAMETER_NID:114:invalid parameter nid
DH_R_INVALID_PUBKEY:102:invalid public key
DH_R_KDF_PARAMETER_ERROR:112:kdf parameter error
DH_R_KEYS_NOT_SET:108:keys not set
DH_R_MISSING_PUBKEY:125:missing pubkey
DH_R_MODULUS_TOO_LARGE:103:modulus too large
DH_R_NOT_SUITABLE_GENERATOR:120:not suitable generator
DH_R_NO_PARAMETERS_SET:107:no parameters set
DH_R_NO_PRIVATE_VALUE:100:no private value
DH_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error
DH_R_PEER_KEY_ERROR:111:peer key error
DH_R_SHARED_INFO_ERROR:113:shared info error
DH_R_UNABLE_TO_CHECK_GENERATOR:121:unable to check generator
DSA_R_BAD_Q_VALUE:102:bad q value
DSA_R_BN_DECODE_ERROR:108:bn decode error
DSA_R_BN_ERROR:109:bn error
DSA_R_DECODE_ERROR:104:decode error
DSA_R_INVALID_DIGEST_TYPE:106:invalid digest type
DSA_R_INVALID_PARAMETERS:112:invalid parameters
DSA_R_MISSING_PARAMETERS:101:missing parameters
DSA_R_MISSING_PRIVATE_KEY:111:missing private key
DSA_R_MODULUS_TOO_LARGE:103:modulus too large
DSA_R_NO_PARAMETERS_SET:107:no parameters set
DSA_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error
DSA_R_Q_NOT_PRIME:113:q not prime
DSA_R_SEED_LEN_SMALL:110:seed_len is less than the length of q
DSO_R_CTRL_FAILED:100:control command failed
DSO_R_DSO_ALREADY_LOADED:110:dso already loaded
DSO_R_EMPTY_FILE_STRUCTURE:113:empty file structure
DSO_R_FAILURE:114:failure
DSO_R_FILENAME_TOO_BIG:101:filename too big
DSO_R_FINISH_FAILED:102:cleanup method function failed
DSO_R_INCORRECT_FILE_SYNTAX:115:incorrect file syntax
DSO_R_LOAD_FAILED:103:could not load the shared library
DSO_R_NAME_TRANSLATION_FAILED:109:name translation failed
DSO_R_NO_FILENAME:111:no filename
DSO_R_NULL_HANDLE:104:a null shared library handle was used
DSO_R_SET_FILENAME_FAILED:112:set filename failed
DSO_R_STACK_ERROR:105:the meth_data stack is corrupt
DSO_R_SYM_FAILURE:106:could not bind to the requested symbol name
DSO_R_UNLOAD_FAILED:107:could not unload the shared library
DSO_R_UNSUPPORTED:108:functionality not supported
EC_R_ASN1_ERROR:115:asn1 error
EC_R_BAD_SIGNATURE:156:bad signature
EC_R_BIGNUM_OUT_OF_RANGE:144:bignum out of range
EC_R_BUFFER_TOO_SMALL:100:buffer too small
EC_R_CANNOT_INVERT:165:cannot invert
EC_R_COORDINATES_OUT_OF_RANGE:146:coordinates out of range
EC_R_CURVE_DOES_NOT_SUPPORT_ECDH:160:curve does not support ecdh
EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING:159:curve does not support signing
EC_R_D2I_ECPKPARAMETERS_FAILURE:117:d2i ecpkparameters failure
EC_R_DECODE_ERROR:142:decode error
EC_R_DISCRIMINANT_IS_ZERO:118:discriminant is zero
EC_R_EC_GROUP_NEW_BY_NAME_FAILURE:119:ec group new by name failure
EC_R_FIELD_TOO_LARGE:143:field too large
EC_R_GF2M_NOT_SUPPORTED:147:gf2m not supported
EC_R_GROUP2PKPARAMETERS_FAILURE:120:group2pkparameters failure
EC_R_I2D_ECPKPARAMETERS_FAILURE:121:i2d ecpkparameters failure
EC_R_INCOMPATIBLE_OBJECTS:101:incompatible objects
EC_R_INVALID_ARGUMENT:112:invalid argument
EC_R_INVALID_COMPRESSED_POINT:110:invalid compressed point
EC_R_INVALID_COMPRESSION_BIT:109:invalid compression bit
EC_R_INVALID_CURVE:141:invalid curve
EC_R_INVALID_DIGEST:151:invalid digest
EC_R_INVALID_DIGEST_TYPE:138:invalid digest type
EC_R_INVALID_ENCODING:102:invalid encoding
EC_R_INVALID_FIELD:103:invalid field
EC_R_INVALID_FORM:104:invalid form
EC_R_INVALID_GROUP_ORDER:122:invalid group order
EC_R_INVALID_KEY:116:invalid key
EC_R_INVALID_OUTPUT_LENGTH:161:invalid output length
EC_R_INVALID_PEER_KEY:133:invalid peer key
EC_R_INVALID_PENTANOMIAL_BASIS:132:invalid pentanomial basis
EC_R_INVALID_PRIVATE_KEY:123:invalid private key
EC_R_INVALID_TRINOMIAL_BASIS:137:invalid trinomial basis
EC_R_KDF_PARAMETER_ERROR:148:kdf parameter error
EC_R_KEYS_NOT_SET:140:keys not set
EC_R_LADDER_POST_FAILURE:136:ladder post failure
EC_R_LADDER_PRE_FAILURE:153:ladder pre failure
EC_R_LADDER_STEP_FAILURE:162:ladder step failure
EC_R_MISSING_OID:167:missing OID
EC_R_MISSING_PARAMETERS:124:missing parameters
EC_R_MISSING_PRIVATE_KEY:125:missing private key
EC_R_NEED_NEW_SETUP_VALUES:157:need new setup values
EC_R_NOT_A_NIST_PRIME:135:not a NIST prime
EC_R_NOT_IMPLEMENTED:126:not implemented
EC_R_NOT_INITIALIZED:111:not initialized
EC_R_NO_PARAMETERS_SET:139:no parameters set
EC_R_NO_PRIVATE_VALUE:154:no private value
EC_R_OPERATION_NOT_SUPPORTED:152:operation not supported
EC_R_PASSED_NULL_PARAMETER:134:passed null parameter
EC_R_PEER_KEY_ERROR:149:peer key error
EC_R_PKPARAMETERS2GROUP_FAILURE:127:pkparameters2group failure
EC_R_POINT_ARITHMETIC_FAILURE:155:point arithmetic failure
EC_R_POINT_AT_INFINITY:106:point at infinity
EC_R_POINT_COORDINATES_BLIND_FAILURE:163:point coordinates blind failure
EC_R_POINT_IS_NOT_ON_CURVE:107:point is not on curve
EC_R_RANDOM_NUMBER_GENERATION_FAILED:158:random number generation failed
EC_R_SHARED_INFO_ERROR:150:shared info error
EC_R_SLOT_FULL:108:slot full
EC_R_UNDEFINED_GENERATOR:113:undefined generator
EC_R_UNDEFINED_ORDER:128:undefined order
EC_R_UNKNOWN_COFACTOR:164:unknown cofactor
EC_R_UNKNOWN_GROUP:129:unknown group
EC_R_UNKNOWN_ORDER:114:unknown order
EC_R_UNSUPPORTED_FIELD:131:unsupported field
EC_R_WRONG_CURVE_PARAMETERS:145:wrong curve parameters
EC_R_WRONG_ORDER:130:wrong order
ENGINE_R_ALREADY_LOADED:100:already loaded
ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER:133:argument is not a number
ENGINE_R_CMD_NOT_EXECUTABLE:134:cmd not executable
ENGINE_R_COMMAND_TAKES_INPUT:135:command takes input
ENGINE_R_COMMAND_TAKES_NO_INPUT:136:command takes no input
ENGINE_R_CONFLICTING_ENGINE_ID:103:conflicting engine id
ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED:119:ctrl command not implemented
ENGINE_R_DSO_FAILURE:104:DSO failure
ENGINE_R_DSO_NOT_FOUND:132:dso not found
ENGINE_R_ENGINES_SECTION_ERROR:148:engines section error
ENGINE_R_ENGINE_CONFIGURATION_ERROR:102:engine configuration error
ENGINE_R_ENGINE_IS_NOT_IN_LIST:105:engine is not in the list
ENGINE_R_ENGINE_SECTION_ERROR:149:engine section error
ENGINE_R_FAILED_LOADING_PRIVATE_KEY:128:failed loading private key
ENGINE_R_FAILED_LOADING_PUBLIC_KEY:129:failed loading public key
ENGINE_R_FINISH_FAILED:106:finish failed
ENGINE_R_ID_OR_NAME_MISSING:108:'id' or 'name' missing
ENGINE_R_INIT_FAILED:109:init failed
ENGINE_R_INTERNAL_LIST_ERROR:110:internal list error
ENGINE_R_INVALID_ARGUMENT:143:invalid argument
ENGINE_R_INVALID_CMD_NAME:137:invalid cmd name
ENGINE_R_INVALID_CMD_NUMBER:138:invalid cmd number
ENGINE_R_INVALID_INIT_VALUE:151:invalid init value
ENGINE_R_INVALID_STRING:150:invalid string
ENGINE_R_NOT_INITIALISED:117:not initialised
ENGINE_R_NOT_LOADED:112:not loaded
ENGINE_R_NO_CONTROL_FUNCTION:120:no control function
ENGINE_R_NO_INDEX:144:no index
ENGINE_R_NO_LOAD_FUNCTION:125:no load function
ENGINE_R_NO_REFERENCE:130:no reference
ENGINE_R_NO_SUCH_ENGINE:116:no such engine
ENGINE_R_UNIMPLEMENTED_CIPHER:146:unimplemented cipher
ENGINE_R_UNIMPLEMENTED_DIGEST:147:unimplemented digest
ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD:101:unimplemented public key method
ENGINE_R_VERSION_INCOMPATIBILITY:145:version incompatibility
EVP_R_AES_KEY_SETUP_FAILED:143:aes key setup failed
EVP_R_ARIA_KEY_SETUP_FAILED:176:aria key setup failed
EVP_R_BAD_DECRYPT:100:bad decrypt
EVP_R_BAD_KEY_LENGTH:195:bad key length
EVP_R_BUFFER_TOO_SMALL:155:buffer too small
EVP_R_CAMELLIA_KEY_SETUP_FAILED:157:camellia key setup failed
EVP_R_CIPHER_PARAMETER_ERROR:122:cipher parameter error
EVP_R_COMMAND_NOT_SUPPORTED:147:command not supported
EVP_R_COPY_ERROR:173:copy error
EVP_R_CTRL_NOT_IMPLEMENTED:132:ctrl not implemented
EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED:133:ctrl operation not implemented
EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH:138:data not multiple of block length
EVP_R_DECODE_ERROR:114:decode error
EVP_R_DIFFERENT_KEY_TYPES:101:different key types
EVP_R_DIFFERENT_PARAMETERS:153:different parameters
EVP_R_ERROR_LOADING_SECTION:165:error loading section
EVP_R_ERROR_SETTING_FIPS_MODE:166:error setting fips mode
EVP_R_EXPECTING_AN_HMAC_KEY:174:expecting an hmac key
EVP_R_EXPECTING_AN_RSA_KEY:127:expecting an rsa key
EVP_R_EXPECTING_A_DH_KEY:128:expecting a dh key
EVP_R_EXPECTING_A_DSA_KEY:129:expecting a dsa key
EVP_R_EXPECTING_A_EC_KEY:142:expecting a ec key
EVP_R_EXPECTING_A_POLY1305_KEY:164:expecting a poly1305 key
EVP_R_EXPECTING_A_SIPHASH_KEY:175:expecting a siphash key
EVP_R_FIPS_MODE_NOT_SUPPORTED:167:fips mode not supported
EVP_R_GET_RAW_KEY_FAILED:182:get raw key failed
EVP_R_ILLEGAL_SCRYPT_PARAMETERS:171:illegal scrypt parameters
EVP_R_INITIALIZATION_ERROR:134:initialization error
EVP_R_INPUT_NOT_INITIALIZED:111:input not initialized
EVP_R_INVALID_DIGEST:152:invalid digest
EVP_R_INVALID_FIPS_MODE:168:invalid fips mode
EVP_R_INVALID_IV_LENGTH:194:invalid iv length
EVP_R_INVALID_KEY:163:invalid key
EVP_R_INVALID_KEY_LENGTH:130:invalid key length
EVP_R_INVALID_OPERATION:148:invalid operation
EVP_R_KEYGEN_FAILURE:120:keygen failure
EVP_R_KEY_SETUP_FAILED:180:key setup failed
EVP_R_MEMORY_LIMIT_EXCEEDED:172:memory limit exceeded
EVP_R_MESSAGE_DIGEST_IS_NULL:159:message digest is null
EVP_R_METHOD_NOT_SUPPORTED:144:method not supported
EVP_R_MISSING_PARAMETERS:103:missing parameters
EVP_R_NOT_XOF_OR_INVALID_LENGTH:178:not XOF or invalid length
EVP_R_NO_CIPHER_SET:131:no cipher set
EVP_R_NO_DEFAULT_DIGEST:158:no default digest
EVP_R_NO_DIGEST_SET:139:no digest set
EVP_R_NO_KEY_SET:154:no key set
EVP_R_NO_OPERATION_SET:149:no operation set
EVP_R_ONLY_ONESHOT_SUPPORTED:177:only oneshot supported
EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\
operation not supported for this keytype
EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized
EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers
EVP_R_PBKDF2_ERROR:181:pbkdf2 error
EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\
pkey application asn1 method already registered
EVP_R_PRIVATE_KEY_DECODE_ERROR:145:private key decode error
EVP_R_PRIVATE_KEY_ENCODE_ERROR:146:private key encode error
EVP_R_PUBLIC_KEY_NOT_RSA:106:public key not rsa
EVP_R_UNKNOWN_CIPHER:160:unknown cipher
EVP_R_UNKNOWN_DIGEST:161:unknown digest
EVP_R_UNKNOWN_OPTION:169:unknown option
EVP_R_UNKNOWN_PBE_ALGORITHM:121:unknown pbe algorithm
EVP_R_UNSUPPORTED_ALGORITHM:156:unsupported algorithm
EVP_R_UNSUPPORTED_CIPHER:107:unsupported cipher
EVP_R_UNSUPPORTED_KEYLENGTH:123:unsupported keylength
EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION:124:\
unsupported key derivation function
EVP_R_UNSUPPORTED_KEY_SIZE:108:unsupported key size
EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS:135:unsupported number of rounds
EVP_R_UNSUPPORTED_PRF:125:unsupported prf
EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM:118:unsupported private key algorithm
EVP_R_UNSUPPORTED_SALT_TYPE:126:unsupported salt type
EVP_R_WRAP_MODE_NOT_ALLOWED:170:wrap mode not allowed
EVP_R_WRONG_FINAL_BLOCK_LENGTH:109:wrong final block length
EVP_R_XTS_DUPLICATED_KEYS:183:xts duplicated keys
KDF_R_INVALID_DIGEST:100:invalid digest
KDF_R_MISSING_ITERATION_COUNT:109:missing iteration count
KDF_R_MISSING_KEY:104:missing key
KDF_R_MISSING_MESSAGE_DIGEST:105:missing message digest
KDF_R_MISSING_PARAMETER:101:missing parameter
KDF_R_MISSING_PASS:110:missing pass
KDF_R_MISSING_SALT:111:missing salt
KDF_R_MISSING_SECRET:107:missing secret
KDF_R_MISSING_SEED:106:missing seed
KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type
KDF_R_VALUE_ERROR:108:value error
KDF_R_VALUE_MISSING:102:value missing
OBJ_R_OID_EXISTS:102:oid exists
OBJ_R_UNKNOWN_NID:101:unknown nid
OCSP_R_CERTIFICATE_VERIFY_ERROR:101:certificate verify error
OCSP_R_DIGEST_ERR:102:digest err
OCSP_R_ERROR_IN_NEXTUPDATE_FIELD:122:error in nextupdate field
OCSP_R_ERROR_IN_THISUPDATE_FIELD:123:error in thisupdate field
OCSP_R_ERROR_PARSING_URL:121:error parsing url
OCSP_R_MISSING_OCSPSIGNING_USAGE:103:missing ocspsigning usage
OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE:124:nextupdate before thisupdate
OCSP_R_NOT_BASIC_RESPONSE:104:not basic response
OCSP_R_NO_CERTIFICATES_IN_CHAIN:105:no certificates in chain
OCSP_R_NO_RESPONSE_DATA:108:no response data
OCSP_R_NO_REVOKED_TIME:109:no revoked time
OCSP_R_NO_SIGNER_KEY:130:no signer key
OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE:110:\
private key does not match certificate
OCSP_R_REQUEST_NOT_SIGNED:128:request not signed
OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA:111:\
response contains no revocation data
OCSP_R_ROOT_CA_NOT_TRUSTED:112:root ca not trusted
OCSP_R_SERVER_RESPONSE_ERROR:114:server response error
OCSP_R_SERVER_RESPONSE_PARSE_ERROR:115:server response parse error
OCSP_R_SIGNATURE_FAILURE:117:signature failure
OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND:118:signer certificate not found
OCSP_R_STATUS_EXPIRED:125:status expired
OCSP_R_STATUS_NOT_YET_VALID:126:status not yet valid
OCSP_R_STATUS_TOO_OLD:127:status too old
OCSP_R_UNKNOWN_MESSAGE_DIGEST:119:unknown message digest
OCSP_R_UNKNOWN_NID:120:unknown nid
OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE:129:unsupported requestorname type
OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE:107:ambiguous content type
OSSL_STORE_R_BAD_PASSWORD_READ:115:bad password read
OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC:113:error verifying pkcs12 mac
OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST:121:\
fingerprint size does not match digest
OSSL_STORE_R_INVALID_SCHEME:106:invalid scheme
OSSL_STORE_R_IS_NOT_A:112:is not a
OSSL_STORE_R_LOADER_INCOMPLETE:116:loader incomplete
OSSL_STORE_R_LOADING_STARTED:117:loading started
OSSL_STORE_R_NOT_A_CERTIFICATE:100:not a certificate
OSSL_STORE_R_NOT_A_CRL:101:not a crl
OSSL_STORE_R_NOT_A_KEY:102:not a key
OSSL_STORE_R_NOT_A_NAME:103:not a name
OSSL_STORE_R_NOT_PARAMETERS:104:not parameters
OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR:114:passphrase callback error
OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE:108:path must be absolute
OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES:119:\
search only supported for directories
OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED:109:\
ui process interrupted or cancelled
OSSL_STORE_R_UNREGISTERED_SCHEME:105:unregistered scheme
OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE:110:unsupported content type
OSSL_STORE_R_UNSUPPORTED_OPERATION:118:unsupported operation
OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE:120:unsupported search type
OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED:111:uri authority unsupported
PEM_R_BAD_BASE64_DECODE:100:bad base64 decode
PEM_R_BAD_DECRYPT:101:bad decrypt
PEM_R_BAD_END_LINE:102:bad end line
PEM_R_BAD_IV_CHARS:103:bad iv chars
PEM_R_BAD_MAGIC_NUMBER:116:bad magic number
PEM_R_BAD_PASSWORD_READ:104:bad password read
PEM_R_BAD_VERSION_NUMBER:117:bad version number
PEM_R_BIO_WRITE_FAILURE:118:bio write failure
PEM_R_CIPHER_IS_NULL:127:cipher is null
PEM_R_ERROR_CONVERTING_PRIVATE_KEY:115:error converting private key
PEM_R_EXPECTING_PRIVATE_KEY_BLOB:119:expecting private key blob
PEM_R_EXPECTING_PUBLIC_KEY_BLOB:120:expecting public key blob
PEM_R_HEADER_TOO_LONG:128:header too long
PEM_R_INCONSISTENT_HEADER:121:inconsistent header
PEM_R_KEYBLOB_HEADER_PARSE_ERROR:122:keyblob header parse error
PEM_R_KEYBLOB_TOO_SHORT:123:keyblob too short
PEM_R_MISSING_DEK_IV:129:missing dek iv
PEM_R_NOT_DEK_INFO:105:not dek info
PEM_R_NOT_ENCRYPTED:106:not encrypted
PEM_R_NOT_PROC_TYPE:107:not proc type
PEM_R_NO_START_LINE:108:no start line
PEM_R_PROBLEMS_GETTING_PASSWORD:109:problems getting password
PEM_R_PVK_DATA_TOO_SHORT:124:pvk data too short
PEM_R_PVK_TOO_SHORT:125:pvk too short
PEM_R_READ_KEY:111:read key
PEM_R_SHORT_HEADER:112:short header
PEM_R_UNEXPECTED_DEK_IV:130:unexpected dek iv
PEM_R_UNSUPPORTED_CIPHER:113:unsupported cipher
PEM_R_UNSUPPORTED_ENCRYPTION:114:unsupported encryption
PEM_R_UNSUPPORTED_KEY_COMPONENTS:126:unsupported key components
PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE:110:unsupported public key type
PKCS12_R_CANT_PACK_STRUCTURE:100:cant pack structure
PKCS12_R_CONTENT_TYPE_NOT_DATA:121:content type not data
PKCS12_R_DECODE_ERROR:101:decode error
PKCS12_R_ENCODE_ERROR:102:encode error
PKCS12_R_ENCRYPT_ERROR:103:encrypt error
PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE:120:error setting encrypted data type
PKCS12_R_INVALID_NULL_ARGUMENT:104:invalid null argument
PKCS12_R_INVALID_NULL_PKCS12_POINTER:105:invalid null pkcs12 pointer
PKCS12_R_IV_GEN_ERROR:106:iv gen error
PKCS12_R_KEY_GEN_ERROR:107:key gen error
PKCS12_R_MAC_ABSENT:108:mac absent
PKCS12_R_MAC_GENERATION_ERROR:109:mac generation error
PKCS12_R_MAC_SETUP_ERROR:110:mac setup error
PKCS12_R_MAC_STRING_SET_ERROR:111:mac string set error
PKCS12_R_MAC_VERIFY_FAILURE:113:mac verify failure
PKCS12_R_PARSE_ERROR:114:parse error
PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR:115:pkcs12 algor cipherinit error
PKCS12_R_PKCS12_CIPHERFINAL_ERROR:116:pkcs12 cipherfinal error
PKCS12_R_PKCS12_PBE_CRYPT_ERROR:117:pkcs12 pbe crypt error
PKCS12_R_UNKNOWN_DIGEST_ALGORITHM:118:unknown digest algorithm
PKCS12_R_UNSUPPORTED_PKCS12_MODE:119:unsupported pkcs12 mode
PKCS7_R_CERTIFICATE_VERIFY_ERROR:117:certificate verify error
PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER:144:cipher has no object identifier
PKCS7_R_CIPHER_NOT_INITIALIZED:116:cipher not initialized
PKCS7_R_CONTENT_AND_DATA_PRESENT:118:content and data present
PKCS7_R_CTRL_ERROR:152:ctrl error
PKCS7_R_DECRYPT_ERROR:119:decrypt error
PKCS7_R_DIGEST_FAILURE:101:digest failure
PKCS7_R_ENCRYPTION_CTRL_FAILURE:149:encryption ctrl failure
PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE:150:\
encryption not supported for this key type
PKCS7_R_ERROR_ADDING_RECIPIENT:120:error adding recipient
PKCS7_R_ERROR_SETTING_CIPHER:121:error setting cipher
PKCS7_R_INVALID_NULL_POINTER:143:invalid null pointer
PKCS7_R_INVALID_SIGNED_DATA_TYPE:155:invalid signed data type
PKCS7_R_NO_CONTENT:122:no content
PKCS7_R_NO_DEFAULT_DIGEST:151:no default digest
PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND:154:no matching digest type found
PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE:115:no recipient matches certificate
PKCS7_R_NO_SIGNATURES_ON_DATA:123:no signatures on data
PKCS7_R_NO_SIGNERS:142:no signers
PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE:104:\
operation not supported on this type
PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR:124:pkcs7 add signature error
PKCS7_R_PKCS7_ADD_SIGNER_ERROR:153:pkcs7 add signer error
PKCS7_R_PKCS7_DATASIGN:145:pkcs7 datasign
PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE:127:\
private key does not match certificate
PKCS7_R_SIGNATURE_FAILURE:105:signature failure
PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND:128:signer certificate not found
PKCS7_R_SIGNING_CTRL_FAILURE:147:signing ctrl failure
PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE:148:\
signing not supported for this key type
PKCS7_R_SMIME_TEXT_ERROR:129:smime text error
PKCS7_R_UNABLE_TO_FIND_CERTIFICATE:106:unable to find certificate
PKCS7_R_UNABLE_TO_FIND_MEM_BIO:107:unable to find mem bio
PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST:108:unable to find message digest
PKCS7_R_UNKNOWN_DIGEST_TYPE:109:unknown digest type
PKCS7_R_UNKNOWN_OPERATION:110:unknown operation
PKCS7_R_UNSUPPORTED_CIPHER_TYPE:111:unsupported cipher type
PKCS7_R_UNSUPPORTED_CONTENT_TYPE:112:unsupported content type
PKCS7_R_WRONG_CONTENT_TYPE:113:wrong content type
PKCS7_R_WRONG_PKCS7_TYPE:114:wrong pkcs7 type
RAND_R_ADDITIONAL_INPUT_TOO_LONG:102:additional input too long
RAND_R_ALREADY_INSTANTIATED:103:already instantiated
RAND_R_ARGUMENT_OUT_OF_RANGE:105:argument out of range
RAND_R_CANNOT_OPEN_FILE:121:Cannot open file
RAND_R_DRBG_ALREADY_INITIALIZED:129:drbg already initialized
RAND_R_DRBG_NOT_INITIALISED:104:drbg not initialised
RAND_R_ENTROPY_INPUT_TOO_LONG:106:entropy input too long
RAND_R_ENTROPY_OUT_OF_RANGE:124:entropy out of range
RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED:127:error entropy pool was ignored
RAND_R_ERROR_INITIALISING_DRBG:107:error initialising drbg
RAND_R_ERROR_INSTANTIATING_DRBG:108:error instantiating drbg
RAND_R_ERROR_RETRIEVING_ADDITIONAL_INPUT:109:error retrieving additional input
RAND_R_ERROR_RETRIEVING_ENTROPY:110:error retrieving entropy
RAND_R_ERROR_RETRIEVING_NONCE:111:error retrieving nonce
RAND_R_FAILED_TO_CREATE_LOCK:126:failed to create lock
RAND_R_FUNC_NOT_IMPLEMENTED:101:Function not implemented
RAND_R_FWRITE_ERROR:123:Error writing file
RAND_R_GENERATE_ERROR:112:generate error
RAND_R_INTERNAL_ERROR:113:internal error
RAND_R_IN_ERROR_STATE:114:in error state
RAND_R_NOT_A_REGULAR_FILE:122:Not a regular file
RAND_R_NOT_INSTANTIATED:115:not instantiated
RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED:128:no drbg implementation selected
RAND_R_PARENT_LOCKING_NOT_ENABLED:130:parent locking not enabled
RAND_R_PARENT_STRENGTH_TOO_WEAK:131:parent strength too weak
RAND_R_PERSONALISATION_STRING_TOO_LONG:116:personalisation string too long
RAND_R_PREDICTION_RESISTANCE_NOT_SUPPORTED:133:\
prediction resistance not supported
RAND_R_PRNG_NOT_SEEDED:100:PRNG not seeded
RAND_R_RANDOM_POOL_OVERFLOW:125:random pool overflow
RAND_R_RANDOM_POOL_UNDERFLOW:134:random pool underflow
RAND_R_REQUEST_TOO_LARGE_FOR_DRBG:117:request too large for drbg
RAND_R_RESEED_ERROR:118:reseed error
RAND_R_SELFTEST_FAILURE:119:selftest failure
RAND_R_TOO_LITTLE_NONCE_REQUESTED:135:too little nonce requested
RAND_R_TOO_MUCH_NONCE_REQUESTED:136:too much nonce requested
RAND_R_UNSUPPORTED_DRBG_FLAGS:132:unsupported drbg flags
RAND_R_UNSUPPORTED_DRBG_TYPE:120:unsupported drbg type
RSA_R_ALGORITHM_MISMATCH:100:algorithm mismatch
RSA_R_BAD_E_VALUE:101:bad e value
RSA_R_BAD_FIXED_HEADER_DECRYPT:102:bad fixed header decrypt
RSA_R_BAD_PAD_BYTE_COUNT:103:bad pad byte count
RSA_R_BAD_SIGNATURE:104:bad signature
RSA_R_BLOCK_TYPE_IS_NOT_01:106:block type is not 01
RSA_R_BLOCK_TYPE_IS_NOT_02:107:block type is not 02
RSA_R_DATA_GREATER_THAN_MOD_LEN:108:data greater than mod len
RSA_R_DATA_TOO_LARGE:109:data too large
RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE:110:data too large for key size
RSA_R_DATA_TOO_LARGE_FOR_MODULUS:132:data too large for modulus
RSA_R_DATA_TOO_SMALL:111:data too small
RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE:122:data too small for key size
RSA_R_DIGEST_DOES_NOT_MATCH:158:digest does not match
RSA_R_DIGEST_NOT_ALLOWED:145:digest not allowed
RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY:112:digest too big for rsa key
RSA_R_DMP1_NOT_CONGRUENT_TO_D:124:dmp1 not congruent to d
RSA_R_DMQ1_NOT_CONGRUENT_TO_D:125:dmq1 not congruent to d
RSA_R_D_E_NOT_CONGRUENT_TO_1:123:d e not congruent to 1
RSA_R_FIRST_OCTET_INVALID:133:first octet invalid
RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE:144:\
illegal or unsupported padding mode
RSA_R_INVALID_DIGEST:157:invalid digest
RSA_R_INVALID_DIGEST_LENGTH:143:invalid digest length
RSA_R_INVALID_HEADER:137:invalid header
RSA_R_INVALID_LABEL:160:invalid label
RSA_R_INVALID_MESSAGE_LENGTH:131:invalid message length
RSA_R_INVALID_MGF1_MD:156:invalid mgf1 md
RSA_R_INVALID_MULTI_PRIME_KEY:167:invalid multi prime key
RSA_R_INVALID_OAEP_PARAMETERS:161:invalid oaep parameters
RSA_R_INVALID_PADDING:138:invalid padding
RSA_R_INVALID_PADDING_MODE:141:invalid padding mode
RSA_R_INVALID_PSS_PARAMETERS:149:invalid pss parameters
RSA_R_INVALID_PSS_SALTLEN:146:invalid pss saltlen
RSA_R_INVALID_SALT_LENGTH:150:invalid salt length
RSA_R_INVALID_TRAILER:139:invalid trailer
RSA_R_INVALID_X931_DIGEST:142:invalid x931 digest
RSA_R_IQMP_NOT_INVERSE_OF_Q:126:iqmp not inverse of q
RSA_R_KEY_PRIME_NUM_INVALID:165:key prime num invalid
RSA_R_KEY_SIZE_TOO_SMALL:120:key size too small
RSA_R_LAST_OCTET_INVALID:134:last octet invalid
RSA_R_MGF1_DIGEST_NOT_ALLOWED:152:mgf1 digest not allowed
RSA_R_MISSING_PRIVATE_KEY:179:missing private key
RSA_R_MODULUS_TOO_LARGE:105:modulus too large
RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R:168:mp coefficient not inverse of r
RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D:169:mp exponent not congruent to d
RSA_R_MP_R_NOT_PRIME:170:mp r not prime
RSA_R_NO_PUBLIC_EXPONENT:140:no public exponent
RSA_R_NULL_BEFORE_BLOCK_MISSING:113:null before block missing
RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES:172:n does not equal product of primes
RSA_R_N_DOES_NOT_EQUAL_P_Q:127:n does not equal p q
RSA_R_OAEP_DECODING_ERROR:121:oaep decoding error
RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:148:\
operation not supported for this keytype
RSA_R_PADDING_CHECK_FAILED:114:padding check failed
RSA_R_PKCS_DECODING_ERROR:159:pkcs decoding error
RSA_R_PSS_SALTLEN_TOO_SMALL:164:pss saltlen too small
RSA_R_P_NOT_PRIME:128:p not prime
RSA_R_Q_NOT_PRIME:129:q not prime
RSA_R_RSA_OPERATIONS_NOT_SUPPORTED:130:rsa operations not supported
RSA_R_SLEN_CHECK_FAILED:136:salt length check failed
RSA_R_SLEN_RECOVERY_FAILED:135:salt length recovery failed
RSA_R_SSLV3_ROLLBACK_ATTACK:115:sslv3 rollback attack
RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD:116:\
the asn1 object identifier is not known for this md
RSA_R_UNKNOWN_ALGORITHM_TYPE:117:unknown algorithm type
RSA_R_UNKNOWN_DIGEST:166:unknown digest
RSA_R_UNKNOWN_MASK_DIGEST:151:unknown mask digest
RSA_R_UNKNOWN_PADDING_TYPE:118:unknown padding type
RSA_R_UNSUPPORTED_ENCRYPTION_TYPE:162:unsupported encryption type
RSA_R_UNSUPPORTED_LABEL_SOURCE:163:unsupported label source
RSA_R_UNSUPPORTED_MASK_ALGORITHM:153:unsupported mask algorithm
RSA_R_UNSUPPORTED_MASK_PARAMETER:154:unsupported mask parameter
RSA_R_UNSUPPORTED_SIGNATURE_TYPE:155:unsupported signature type
RSA_R_VALUE_MISSING:147:value missing
RSA_R_WRONG_SIGNATURE_LENGTH:119:wrong signature length
SM2_R_ASN1_ERROR:100:asn1 error
SM2_R_BAD_SIGNATURE:101:bad signature
SM2_R_BUFFER_TOO_SMALL:107:buffer too small
SM2_R_DIST_ID_TOO_LARGE:110:dist id too large
SM2_R_ID_NOT_SET:112:id not set
SM2_R_ID_TOO_LARGE:111:id too large
SM2_R_INVALID_CURVE:108:invalid curve
SM2_R_INVALID_DIGEST:102:invalid digest
SM2_R_INVALID_DIGEST_TYPE:103:invalid digest type
SM2_R_INVALID_ENCODING:104:invalid encoding
SM2_R_INVALID_FIELD:105:invalid field
SM2_R_NO_PARAMETERS_SET:109:no parameters set
SM2_R_USER_ID_TOO_LARGE:106:user id too large
SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY:291:\
application data after close notify
SSL_R_APP_DATA_IN_HANDSHAKE:100:app data in handshake
SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT:272:\
attempt to reuse session in different context
SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE:143:\
at least TLS 1.0 needed in FIPS mode
SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE:158:\
at least (D)TLS 1.2 needed in Suite B mode
SSL_R_BAD_CHANGE_CIPHER_SPEC:103:bad change cipher spec
SSL_R_BAD_CIPHER:186:bad cipher
SSL_R_BAD_DATA:390:bad data
SSL_R_BAD_DATA_RETURNED_BY_CALLBACK:106:bad data returned by callback
SSL_R_BAD_DECOMPRESSION:107:bad decompression
SSL_R_BAD_DH_VALUE:102:bad dh value
SSL_R_BAD_DIGEST_LENGTH:111:bad digest length
SSL_R_BAD_EARLY_DATA:233:bad early data
SSL_R_BAD_ECC_CERT:304:bad ecc cert
SSL_R_BAD_ECPOINT:306:bad ecpoint
SSL_R_BAD_EXTENSION:110:bad extension
SSL_R_BAD_HANDSHAKE_LENGTH:332:bad handshake length
SSL_R_BAD_HANDSHAKE_STATE:236:bad handshake state
SSL_R_BAD_HELLO_REQUEST:105:bad hello request
SSL_R_BAD_HRR_VERSION:263:bad hrr version
SSL_R_BAD_KEY_SHARE:108:bad key share
SSL_R_BAD_KEY_UPDATE:122:bad key update
SSL_R_BAD_LEGACY_VERSION:292:bad legacy version
SSL_R_BAD_LENGTH:271:bad length
SSL_R_BAD_PACKET:240:bad packet
SSL_R_BAD_PACKET_LENGTH:115:bad packet length
SSL_R_BAD_PROTOCOL_VERSION_NUMBER:116:bad protocol version number
SSL_R_BAD_PSK:219:bad psk
SSL_R_BAD_PSK_IDENTITY:114:bad psk identity
SSL_R_BAD_RECORD_TYPE:443:bad record type
SSL_R_BAD_RSA_ENCRYPT:119:bad rsa encrypt
SSL_R_BAD_SIGNATURE:123:bad signature
SSL_R_BAD_SRP_A_LENGTH:347:bad srp a length
SSL_R_BAD_SRP_PARAMETERS:371:bad srp parameters
SSL_R_BAD_SRTP_MKI_VALUE:352:bad srtp mki value
SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST:353:bad srtp protection profile list
SSL_R_BAD_SSL_FILETYPE:124:bad ssl filetype
SSL_R_BAD_VALUE:384:bad value
SSL_R_BAD_WRITE_RETRY:127:bad write retry
SSL_R_BINDER_DOES_NOT_VERIFY:253:binder does not verify
SSL_R_BIO_NOT_SET:128:bio not set
SSL_R_BLOCK_CIPHER_PAD_IS_WRONG:129:block cipher pad is wrong
SSL_R_BN_LIB:130:bn lib
SSL_R_CALLBACK_FAILED:234:callback failed
SSL_R_CANNOT_CHANGE_CIPHER:109:cannot change cipher
SSL_R_CA_DN_LENGTH_MISMATCH:131:ca dn length mismatch
SSL_R_CA_KEY_TOO_SMALL:397:ca key too small
SSL_R_CA_MD_TOO_WEAK:398:ca md too weak
SSL_R_CCS_RECEIVED_EARLY:133:ccs received early
SSL_R_CERTIFICATE_VERIFY_FAILED:134:certificate verify failed
SSL_R_CERT_CB_ERROR:377:cert cb error
SSL_R_CERT_LENGTH_MISMATCH:135:cert length mismatch
SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED:218:ciphersuite digest has changed
SSL_R_CIPHER_CODE_WRONG_LENGTH:137:cipher code wrong length
SSL_R_CIPHER_OR_HASH_UNAVAILABLE:138:cipher or hash unavailable
SSL_R_CLIENTHELLO_TLSEXT:226:clienthello tlsext
SSL_R_COMPRESSED_LENGTH_TOO_LONG:140:compressed length too long
SSL_R_COMPRESSION_DISABLED:343:compression disabled
SSL_R_COMPRESSION_FAILURE:141:compression failure
SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE:307:\
compression id not within private range
SSL_R_COMPRESSION_LIBRARY_ERROR:142:compression library error
SSL_R_CONNECTION_TYPE_NOT_SET:144:connection type not set
SSL_R_CONTEXT_NOT_DANE_ENABLED:167:context not dane enabled
SSL_R_COOKIE_GEN_CALLBACK_FAILURE:400:cookie gen callback failure
SSL_R_COOKIE_MISMATCH:308:cookie mismatch
SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED:206:\
custom ext handler already installed
SSL_R_DANE_ALREADY_ENABLED:172:dane already enabled
SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL:173:dane cannot override mtype full
SSL_R_DANE_NOT_ENABLED:175:dane not enabled
SSL_R_DANE_TLSA_BAD_CERTIFICATE:180:dane tlsa bad certificate
SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE:184:dane tlsa bad certificate usage
SSL_R_DANE_TLSA_BAD_DATA_LENGTH:189:dane tlsa bad data length
SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH:192:dane tlsa bad digest length
SSL_R_DANE_TLSA_BAD_MATCHING_TYPE:200:dane tlsa bad matching type
SSL_R_DANE_TLSA_BAD_PUBLIC_KEY:201:dane tlsa bad public key
SSL_R_DANE_TLSA_BAD_SELECTOR:202:dane tlsa bad selector
SSL_R_DANE_TLSA_NULL_DATA:203:dane tlsa null data
SSL_R_DATA_BETWEEN_CCS_AND_FINISHED:145:data between ccs and finished
SSL_R_DATA_LENGTH_TOO_LONG:146:data length too long
SSL_R_DECRYPTION_FAILED:147:decryption failed
SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC:281:\
decryption failed or bad record mac
SSL_R_DH_KEY_TOO_SMALL:394:dh key too small
SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG:148:dh public value length is wrong
SSL_R_DIGEST_CHECK_FAILED:149:digest check failed
SSL_R_DTLS_MESSAGE_TOO_BIG:334:dtls message too big
SSL_R_DUPLICATE_COMPRESSION_ID:309:duplicate compression id
SSL_R_ECC_CERT_NOT_FOR_SIGNING:318:ecc cert not for signing
SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE:374:ecdh required for suiteb mode
SSL_R_EE_KEY_TOO_SMALL:399:ee key too small
SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST:354:empty srtp protection profile list
SSL_R_ENCRYPTED_LENGTH_TOO_LONG:150:encrypted length too long
SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST:151:error in received cipher list
SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN:204:error setting tlsa base domain
SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE:194:exceeds max fragment size
SSL_R_EXCESSIVE_MESSAGE_SIZE:152:excessive message size
SSL_R_EXTENSION_NOT_RECEIVED:279:extension not received
SSL_R_EXTRA_DATA_IN_MESSAGE:153:extra data in message
SSL_R_EXT_LENGTH_MISMATCH:163:ext length mismatch
SSL_R_FAILED_TO_INIT_ASYNC:405:failed to init async
SSL_R_FRAGMENTED_CLIENT_HELLO:401:fragmented client hello
SSL_R_GOT_A_FIN_BEFORE_A_CCS:154:got a fin before a ccs
SSL_R_HTTPS_PROXY_REQUEST:155:https proxy request
SSL_R_HTTP_REQUEST:156:http request
SSL_R_ILLEGAL_POINT_COMPRESSION:162:illegal point compression
SSL_R_ILLEGAL_SUITEB_DIGEST:380:illegal Suite B digest
SSL_R_INAPPROPRIATE_FALLBACK:373:inappropriate fallback
SSL_R_INCONSISTENT_COMPRESSION:340:inconsistent compression
SSL_R_INCONSISTENT_EARLY_DATA_ALPN:222:inconsistent early data alpn
SSL_R_INCONSISTENT_EARLY_DATA_SNI:231:inconsistent early data sni
SSL_R_INCONSISTENT_EXTMS:104:inconsistent extms
SSL_R_INSUFFICIENT_SECURITY:241:insufficient security
SSL_R_INVALID_ALERT:205:invalid alert
SSL_R_INVALID_CCS_MESSAGE:260:invalid ccs message
SSL_R_INVALID_CERTIFICATE_OR_ALG:238:invalid certificate or alg
SSL_R_INVALID_COMMAND:280:invalid command
SSL_R_INVALID_COMPRESSION_ALGORITHM:341:invalid compression algorithm
SSL_R_INVALID_CONFIG:283:invalid config
SSL_R_INVALID_CONFIGURATION_NAME:113:invalid configuration name
SSL_R_INVALID_CONTEXT:282:invalid context
SSL_R_INVALID_CT_VALIDATION_TYPE:212:invalid ct validation type
SSL_R_INVALID_KEY_UPDATE_TYPE:120:invalid key update type
SSL_R_INVALID_MAX_EARLY_DATA:174:invalid max early data
SSL_R_INVALID_NULL_CMD_NAME:385:invalid null cmd name
SSL_R_INVALID_SEQUENCE_NUMBER:402:invalid sequence number
SSL_R_INVALID_SERVERINFO_DATA:388:invalid serverinfo data
SSL_R_INVALID_SESSION_ID:999:invalid session id
SSL_R_INVALID_SRP_USERNAME:357:invalid srp username
SSL_R_INVALID_STATUS_RESPONSE:328:invalid status response
SSL_R_INVALID_TICKET_KEYS_LENGTH:325:invalid ticket keys length
SSL_R_LENGTH_MISMATCH:159:length mismatch
SSL_R_LENGTH_TOO_LONG:404:length too long
SSL_R_LENGTH_TOO_SHORT:160:length too short
SSL_R_LIBRARY_BUG:274:library bug
SSL_R_LIBRARY_HAS_NO_CIPHERS:161:library has no ciphers
SSL_R_MISSING_DSA_SIGNING_CERT:165:missing dsa signing cert
SSL_R_MISSING_ECDSA_SIGNING_CERT:381:missing ecdsa signing cert
SSL_R_MISSING_FATAL:256:missing fatal
SSL_R_MISSING_PARAMETERS:290:missing parameters
SSL_R_MISSING_RSA_CERTIFICATE:168:missing rsa certificate
SSL_R_MISSING_RSA_ENCRYPTING_CERT:169:missing rsa encrypting cert
SSL_R_MISSING_RSA_SIGNING_CERT:170:missing rsa signing cert
SSL_R_MISSING_SIGALGS_EXTENSION:112:missing sigalgs extension
SSL_R_MISSING_SIGNING_CERT:221:missing signing cert
SSL_R_MISSING_SRP_PARAM:358:can't find SRP server param
SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION:209:missing supported groups extension
SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key
SSL_R_MISSING_TMP_ECDH_KEY:311:missing tmp ecdh key
SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA:293:\
mixed handshake and non handshake data
SSL_R_NOT_ON_RECORD_BOUNDARY:182:not on record boundary
SSL_R_NOT_REPLACING_CERTIFICATE:289:not replacing certificate
SSL_R_NOT_SERVER:284:not server
SSL_R_NO_APPLICATION_PROTOCOL:235:no application protocol
SSL_R_NO_CERTIFICATES_RETURNED:176:no certificates returned
SSL_R_NO_CERTIFICATE_ASSIGNED:177:no certificate assigned
SSL_R_NO_CERTIFICATE_SET:179:no certificate set
SSL_R_NO_CHANGE_FOLLOWING_HRR:214:no change following hrr
SSL_R_NO_CIPHERS_AVAILABLE:181:no ciphers available
SSL_R_NO_CIPHERS_SPECIFIED:183:no ciphers specified
SSL_R_NO_CIPHER_MATCH:185:no cipher match
SSL_R_NO_CLIENT_CERT_METHOD:331:no client cert method
SSL_R_NO_COMPRESSION_SPECIFIED:187:no compression specified
SSL_R_NO_COOKIE_CALLBACK_SET:287:no cookie callback set
SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER:330:\
Peer haven't sent GOST certificate, required for selected ciphersuite
SSL_R_NO_METHOD_SPECIFIED:188:no method specified
SSL_R_NO_PEM_EXTENSIONS:389:no pem extensions
SSL_R_NO_PRIVATE_KEY_ASSIGNED:190:no private key assigned
SSL_R_NO_PROTOCOLS_AVAILABLE:191:no protocols available
SSL_R_NO_RENEGOTIATION:339:no renegotiation
SSL_R_NO_REQUIRED_DIGEST:324:no required digest
SSL_R_NO_SHARED_CIPHER:193:no shared cipher
SSL_R_NO_SHARED_GROUPS:410:no shared groups
SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS:376:no shared signature algorithms
SSL_R_NO_SRTP_PROFILES:359:no srtp profiles
SSL_R_NO_SUITABLE_KEY_SHARE:101:no suitable key share
SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM:118:no suitable signature algorithm
SSL_R_NO_VALID_SCTS:216:no valid scts
SSL_R_NO_VERIFY_COOKIE_CALLBACK:403:no verify cookie callback
SSL_R_NULL_SSL_CTX:195:null ssl ctx
SSL_R_NULL_SSL_METHOD_PASSED:196:null ssl method passed
SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED:197:old session cipher not returned
SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED:344:\
old session compression algorithm not returned
SSL_R_OVERFLOW_ERROR:237:overflow error
SSL_R_PACKET_LENGTH_TOO_LONG:198:packet length too long
SSL_R_PARSE_TLSEXT:227:parse tlsext
SSL_R_PATH_TOO_LONG:270:path too long
SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE:199:peer did not return a certificate
SSL_R_PEM_NAME_BAD_PREFIX:391:pem name bad prefix
SSL_R_PEM_NAME_TOO_SHORT:392:pem name too short
SSL_R_PIPELINE_FAILURE:406:pipeline failure
SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR:278:post handshake auth encoding err
SSL_R_PRIVATE_KEY_MISMATCH:288:private key mismatch
SSL_R_PROTOCOL_IS_SHUTDOWN:207:protocol is shutdown
SSL_R_PSK_IDENTITY_NOT_FOUND:223:psk identity not found
SSL_R_PSK_NO_CLIENT_CB:224:psk no client cb
SSL_R_PSK_NO_SERVER_CB:225:psk no server cb
SSL_R_READ_BIO_NOT_SET:211:read bio not set
SSL_R_READ_TIMEOUT_EXPIRED:312:read timeout expired
SSL_R_RECORD_LENGTH_MISMATCH:213:record length mismatch
SSL_R_RECORD_TOO_SMALL:298:record too small
SSL_R_RENEGOTIATE_EXT_TOO_LONG:335:renegotiate ext too long
SSL_R_RENEGOTIATION_ENCODING_ERR:336:renegotiation encoding err
SSL_R_RENEGOTIATION_MISMATCH:337:renegotiation mismatch
SSL_R_REQUEST_PENDING:285:request pending
SSL_R_REQUEST_SENT:286:request sent
SSL_R_REQUIRED_CIPHER_MISSING:215:required cipher missing
SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING:342:\
required compression algorithm missing
SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING:345:scsv received when renegotiating
SSL_R_SCT_VERIFICATION_FAILED:208:sct verification failed
SSL_R_SERVERHELLO_TLSEXT:275:serverhello tlsext
SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED:277:session id context uninitialized
SSL_R_SHUTDOWN_WHILE_IN_INIT:407:shutdown while in init
SSL_R_SIGNATURE_ALGORITHMS_ERROR:360:signature algorithms error
SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE:220:\
signature for non signing certificate
SSL_R_SRP_A_CALC:361:error with the srp params
SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES:362:srtp could not allocate profiles
SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG:363:\
srtp protection profile list too long
SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE:364:srtp unknown protection profile
SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH:232:\
ssl3 ext invalid max fragment length
SSL_R_SSL3_EXT_INVALID_SERVERNAME:319:ssl3 ext invalid servername
SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE:320:ssl3 ext invalid servername type
SSL_R_SSL3_SESSION_ID_TOO_LONG:300:ssl3 session id too long
SSL_R_SSL_COMMAND_SECTION_EMPTY:117:ssl command section empty
SSL_R_SSL_COMMAND_SECTION_NOT_FOUND:125:ssl command section not found
SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION:228:ssl ctx has no default ssl version
SSL_R_SSL_HANDSHAKE_FAILURE:229:ssl handshake failure
SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS:230:ssl library has no ciphers
SSL_R_SSL_NEGATIVE_LENGTH:372:ssl negative length
SSL_R_SSL_SECTION_EMPTY:126:ssl section empty
SSL_R_SSL_SECTION_NOT_FOUND:136:ssl section not found
SSL_R_SSL_SESSION_ID_CALLBACK_FAILED:301:ssl session id callback failed
SSL_R_SSL_SESSION_ID_CONFLICT:302:ssl session id conflict
SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG:273:ssl session id context too long
SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH:303:ssl session id has bad length
SSL_R_SSL_SESSION_ID_TOO_LONG:408:ssl session id too long
SSL_R_SSL_SESSION_VERSION_MISMATCH:210:ssl session version mismatch
SSL_R_STILL_IN_INIT:121:still in init
SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT:365:peer does not accept heartbeats
SSL_R_TLS_HEARTBEAT_PENDING:366:heartbeat request already pending
SSL_R_TLS_ILLEGAL_EXPORTER_LABEL:367:tls illegal exporter label
SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST:157:tls invalid ecpointformat list
SSL_R_TOO_MANY_KEY_UPDATES:132:too many key updates
SSL_R_TOO_MANY_WARN_ALERTS:409:too many warn alerts
SSL_R_TOO_MUCH_EARLY_DATA:164:too much early data
SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS:314:unable to find ecdh parameters
SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS:239:\
unable to find public key parameters
SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines
SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message
SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data
SSL_R_UNEXPECTED_MESSAGE:244:unexpected message
SSL_R_UNEXPECTED_RECORD:245:unexpected record
SSL_R_UNINITIALIZED:276:uninitialized
SSL_R_UNKNOWN_ALERT_TYPE:246:unknown alert type
SSL_R_UNKNOWN_CERTIFICATE_TYPE:247:unknown certificate type
SSL_R_UNKNOWN_CIPHER_RETURNED:248:unknown cipher returned
SSL_R_UNKNOWN_CIPHER_TYPE:249:unknown cipher type
SSL_R_UNKNOWN_CMD_NAME:386:unknown cmd name
SSL_R_UNKNOWN_COMMAND:139:unknown command
SSL_R_UNKNOWN_DIGEST:368:unknown digest
SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE:250:unknown key exchange type
SSL_R_UNKNOWN_PKEY_TYPE:251:unknown pkey type
SSL_R_UNKNOWN_PROTOCOL:252:unknown protocol
SSL_R_UNKNOWN_SSL_VERSION:254:unknown ssl version
SSL_R_UNKNOWN_STATE:255:unknown state
SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED:338:\
unsafe legacy renegotiation disabled
SSL_R_UNSOLICITED_EXTENSION:217:unsolicited extension
SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM:257:unsupported compression algorithm
SSL_R_UNSUPPORTED_ELLIPTIC_CURVE:315:unsupported elliptic curve
SSL_R_UNSUPPORTED_PROTOCOL:258:unsupported protocol
SSL_R_UNSUPPORTED_SSL_VERSION:259:unsupported ssl version
SSL_R_UNSUPPORTED_STATUS_TYPE:329:unsupported status type
SSL_R_USE_SRTP_NOT_NEGOTIATED:369:use srtp not negotiated
SSL_R_VERSION_TOO_HIGH:166:version too high
SSL_R_VERSION_TOO_LOW:396:version too low
SSL_R_WRONG_CERTIFICATE_TYPE:383:wrong certificate type
SSL_R_WRONG_CIPHER_RETURNED:261:wrong cipher returned
SSL_R_WRONG_CURVE:378:wrong curve
SSL_R_WRONG_SIGNATURE_LENGTH:264:wrong signature length
SSL_R_WRONG_SIGNATURE_SIZE:265:wrong signature size
SSL_R_WRONG_SIGNATURE_TYPE:370:wrong signature type
SSL_R_WRONG_SSL_VERSION:266:wrong ssl version
SSL_R_WRONG_VERSION_NUMBER:267:wrong version number
SSL_R_X509_LIB:268:x509 lib
SSL_R_X509_VERIFICATION_SETUP_PROBLEMS:269:x509 verification setup problems
TS_R_BAD_PKCS7_TYPE:132:bad pkcs7 type
TS_R_BAD_TYPE:133:bad type
TS_R_CANNOT_LOAD_CERT:137:cannot load certificate
TS_R_CANNOT_LOAD_KEY:138:cannot load private key
TS_R_CERTIFICATE_VERIFY_ERROR:100:certificate verify error
TS_R_COULD_NOT_SET_ENGINE:127:could not set engine
TS_R_COULD_NOT_SET_TIME:115:could not set time
TS_R_DETACHED_CONTENT:134:detached content
TS_R_ESS_ADD_SIGNING_CERT_ERROR:116:ess add signing cert error
TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR:139:ess add signing cert v2 error
TS_R_ESS_SIGNING_CERTIFICATE_ERROR:101:ess signing certificate error
TS_R_INVALID_NULL_POINTER:102:invalid null pointer
TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE:117:invalid signer certificate purpose
TS_R_MESSAGE_IMPRINT_MISMATCH:103:message imprint mismatch
TS_R_NONCE_MISMATCH:104:nonce mismatch
TS_R_NONCE_NOT_RETURNED:105:nonce not returned
TS_R_NO_CONTENT:106:no content
TS_R_NO_TIME_STAMP_TOKEN:107:no time stamp token
TS_R_PKCS7_ADD_SIGNATURE_ERROR:118:pkcs7 add signature error
TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR:119:pkcs7 add signed attr error
TS_R_PKCS7_TO_TS_TST_INFO_FAILED:129:pkcs7 to ts tst info failed
TS_R_POLICY_MISMATCH:108:policy mismatch
TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE:120:\
private key does not match certificate
TS_R_RESPONSE_SETUP_ERROR:121:response setup error
TS_R_SIGNATURE_FAILURE:109:signature failure
TS_R_THERE_MUST_BE_ONE_SIGNER:110:there must be one signer
TS_R_TIME_SYSCALL_ERROR:122:time syscall error
TS_R_TOKEN_NOT_PRESENT:130:token not present
TS_R_TOKEN_PRESENT:131:token present
TS_R_TSA_NAME_MISMATCH:111:tsa name mismatch
TS_R_TSA_UNTRUSTED:112:tsa untrusted
TS_R_TST_INFO_SETUP_ERROR:123:tst info setup error
TS_R_TS_DATASIGN:124:ts datasign
TS_R_UNACCEPTABLE_POLICY:125:unacceptable policy
TS_R_UNSUPPORTED_MD_ALGORITHM:126:unsupported md algorithm
TS_R_UNSUPPORTED_VERSION:113:unsupported version
TS_R_VAR_BAD_VALUE:135:var bad value
TS_R_VAR_LOOKUP_FAILURE:136:cannot find config variable
TS_R_WRONG_CONTENT_TYPE:114:wrong content type
UI_R_COMMON_OK_AND_CANCEL_CHARACTERS:104:common ok and cancel characters
UI_R_INDEX_TOO_LARGE:102:index too large
UI_R_INDEX_TOO_SMALL:103:index too small
UI_R_NO_RESULT_BUFFER:105:no result buffer
UI_R_PROCESSING_ERROR:107:processing error
UI_R_RESULT_TOO_LARGE:100:result too large
UI_R_RESULT_TOO_SMALL:101:result too small
UI_R_SYSASSIGN_ERROR:109:sys$assign error
UI_R_SYSDASSGN_ERROR:110:sys$dassgn error
UI_R_SYSQIOW_ERROR:111:sys$qiow error
UI_R_UNKNOWN_CONTROL_COMMAND:106:unknown control command
UI_R_UNKNOWN_TTYGET_ERRNO_VALUE:108:unknown ttyget errno value
UI_R_USER_DATA_DUPLICATION_UNSUPPORTED:112:user data duplication unsupported
X509V3_R_BAD_IP_ADDRESS:118:bad ip address
X509V3_R_BAD_OBJECT:119:bad object
X509V3_R_BN_DEC2BN_ERROR:100:bn dec2bn error
X509V3_R_BN_TO_ASN1_INTEGER_ERROR:101:bn to asn1 integer error
X509V3_R_DIRNAME_ERROR:149:dirname error
X509V3_R_DISTPOINT_ALREADY_SET:160:distpoint already set
X509V3_R_DUPLICATE_ZONE_ID:133:duplicate zone id
X509V3_R_ERROR_CONVERTING_ZONE:131:error converting zone
X509V3_R_ERROR_CREATING_EXTENSION:144:error creating extension
X509V3_R_ERROR_IN_EXTENSION:128:error in extension
X509V3_R_EXPECTED_A_SECTION_NAME:137:expected a section name
X509V3_R_EXTENSION_EXISTS:145:extension exists
X509V3_R_EXTENSION_NAME_ERROR:115:extension name error
X509V3_R_EXTENSION_NOT_FOUND:102:extension not found
X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED:103:extension setting not supported
X509V3_R_EXTENSION_VALUE_ERROR:116:extension value error
X509V3_R_ILLEGAL_EMPTY_EXTENSION:151:illegal empty extension
X509V3_R_INCORRECT_POLICY_SYNTAX_TAG:152:incorrect policy syntax tag
X509V3_R_INVALID_ASNUMBER:162:invalid asnumber
X509V3_R_INVALID_ASRANGE:163:invalid asrange
X509V3_R_INVALID_BOOLEAN_STRING:104:invalid boolean string
X509V3_R_INVALID_EXTENSION_STRING:105:invalid extension string
X509V3_R_INVALID_INHERITANCE:165:invalid inheritance
X509V3_R_INVALID_IPADDRESS:166:invalid ipaddress
X509V3_R_INVALID_MULTIPLE_RDNS:161:invalid multiple rdns
X509V3_R_INVALID_NAME:106:invalid name
X509V3_R_INVALID_NULL_ARGUMENT:107:invalid null argument
X509V3_R_INVALID_NULL_NAME:108:invalid null name
X509V3_R_INVALID_NULL_VALUE:109:invalid null value
X509V3_R_INVALID_NUMBER:140:invalid number
X509V3_R_INVALID_NUMBERS:141:invalid numbers
X509V3_R_INVALID_OBJECT_IDENTIFIER:110:invalid object identifier
X509V3_R_INVALID_OPTION:138:invalid option
X509V3_R_INVALID_POLICY_IDENTIFIER:134:invalid policy identifier
X509V3_R_INVALID_PROXY_POLICY_SETTING:153:invalid proxy policy setting
X509V3_R_INVALID_PURPOSE:146:invalid purpose
X509V3_R_INVALID_SAFI:164:invalid safi
X509V3_R_INVALID_SECTION:135:invalid section
X509V3_R_INVALID_SYNTAX:143:invalid syntax
X509V3_R_ISSUER_DECODE_ERROR:126:issuer decode error
X509V3_R_MISSING_VALUE:124:missing value
X509V3_R_NEED_ORGANIZATION_AND_NUMBERS:142:need organization and numbers
X509V3_R_NO_CONFIG_DATABASE:136:no config database
X509V3_R_NO_ISSUER_CERTIFICATE:121:no issuer certificate
X509V3_R_NO_ISSUER_DETAILS:127:no issuer details
X509V3_R_NO_POLICY_IDENTIFIER:139:no policy identifier
X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED:154:\
no proxy cert policy language defined
X509V3_R_NO_PUBLIC_KEY:114:no public key
X509V3_R_NO_SUBJECT_DETAILS:125:no subject details
X509V3_R_OPERATION_NOT_DEFINED:148:operation not defined
X509V3_R_OTHERNAME_ERROR:147:othername error
X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED:155:policy language already defined
X509V3_R_POLICY_PATH_LENGTH:156:policy path length
X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED:157:\
policy path length already defined
X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY:159:\
policy when proxy language requires no policy
X509V3_R_SECTION_NOT_FOUND:150:section not found
X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS:122:unable to get issuer details
X509V3_R_UNABLE_TO_GET_ISSUER_KEYID:123:unable to get issuer keyid
X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT:111:unknown bit string argument
X509V3_R_UNKNOWN_EXTENSION:129:unknown extension
X509V3_R_UNKNOWN_EXTENSION_NAME:130:unknown extension name
X509V3_R_UNKNOWN_OPTION:120:unknown option
X509V3_R_UNSUPPORTED_OPTION:117:unsupported option
X509V3_R_UNSUPPORTED_TYPE:167:unsupported type
X509V3_R_USER_TOO_LONG:132:user too long
X509_R_AKID_MISMATCH:110:akid mismatch
X509_R_BAD_SELECTOR:133:bad selector
X509_R_BAD_X509_FILETYPE:100:bad x509 filetype
X509_R_BASE64_DECODE_ERROR:118:base64 decode error
X509_R_CANT_CHECK_DH_KEY:114:cant check dh key
X509_R_CERT_ALREADY_IN_HASH_TABLE:101:cert already in hash table
X509_R_CRL_ALREADY_DELTA:127:crl already delta
X509_R_CRL_VERIFY_FAILURE:131:crl verify failure
X509_R_IDP_MISMATCH:128:idp mismatch
X509_R_INVALID_ATTRIBUTES:138:invalid attributes
X509_R_INVALID_DIRECTORY:113:invalid directory
X509_R_INVALID_FIELD_NAME:119:invalid field name
X509_R_INVALID_TRUST:123:invalid trust
X509_R_ISSUER_MISMATCH:129:issuer mismatch
X509_R_KEY_TYPE_MISMATCH:115:key type mismatch
X509_R_KEY_VALUES_MISMATCH:116:key values mismatch
X509_R_LOADING_CERT_DIR:103:loading cert dir
X509_R_LOADING_DEFAULTS:104:loading defaults
X509_R_METHOD_NOT_SUPPORTED:124:method not supported
X509_R_NAME_TOO_LONG:134:name too long
X509_R_NEWER_CRL_NOT_NEWER:132:newer crl not newer
X509_R_NO_CERTIFICATE_FOUND:135:no certificate found
X509_R_NO_CERTIFICATE_OR_CRL_FOUND:136:no certificate or crl found
X509_R_NO_CERT_SET_FOR_US_TO_VERIFY:105:no cert set for us to verify
X509_R_NO_CRL_FOUND:137:no crl found
X509_R_NO_CRL_NUMBER:130:no crl number
X509_R_PUBLIC_KEY_DECODE_ERROR:125:public key decode error
X509_R_PUBLIC_KEY_ENCODE_ERROR:126:public key encode error
X509_R_SHOULD_RETRY:106:should retry
X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN:107:unable to find parameters in chain
X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY:108:unable to get certs public key
X509_R_UNKNOWN_KEY_TYPE:117:unknown key type
X509_R_UNKNOWN_NID:109:unknown nid
X509_R_UNKNOWN_PURPOSE_ID:121:unknown purpose id
X509_R_UNKNOWN_TRUST_ID:120:unknown trust id
X509_R_UNSUPPORTED_ALGORITHM:111:unsupported algorithm
X509_R_WRONG_LOOKUP_TYPE:112:wrong lookup type
X509_R_WRONG_TYPE:122:wrong type
diff --git a/crypto/openssl/crypto/x509v3/v3_genn.c b/crypto/openssl/crypto/x509v3/v3_genn.c
index 23e3bc45653c..6f0a347cced7 100644
--- a/crypto/openssl/crypto/x509v3/v3_genn.c
+++ b/crypto/openssl/crypto/x509v3/v3_genn.c
@@ -1,201 +1,241 @@
/*
* Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
ASN1_SEQUENCE(OTHERNAME) = {
ASN1_SIMPLE(OTHERNAME, type_id, ASN1_OBJECT),
/* Maybe have a true ANY DEFINED BY later */
ASN1_EXP(OTHERNAME, value, ASN1_ANY, 0)
} ASN1_SEQUENCE_END(OTHERNAME)
IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME)
ASN1_SEQUENCE(EDIPARTYNAME) = {
- ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
- ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
+ /* DirectoryString is a CHOICE type so use explicit tagging */
+ ASN1_EXP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
+ ASN1_EXP(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
} ASN1_SEQUENCE_END(EDIPARTYNAME)
IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME)
ASN1_CHOICE(GENERAL_NAME) = {
ASN1_IMP(GENERAL_NAME, d.otherName, OTHERNAME, GEN_OTHERNAME),
ASN1_IMP(GENERAL_NAME, d.rfc822Name, ASN1_IA5STRING, GEN_EMAIL),
ASN1_IMP(GENERAL_NAME, d.dNSName, ASN1_IA5STRING, GEN_DNS),
/* Don't decode this */
ASN1_IMP(GENERAL_NAME, d.x400Address, ASN1_SEQUENCE, GEN_X400),
/* X509_NAME is a CHOICE type so use EXPLICIT */
ASN1_EXP(GENERAL_NAME, d.directoryName, X509_NAME, GEN_DIRNAME),
ASN1_IMP(GENERAL_NAME, d.ediPartyName, EDIPARTYNAME, GEN_EDIPARTY),
ASN1_IMP(GENERAL_NAME, d.uniformResourceIdentifier, ASN1_IA5STRING, GEN_URI),
ASN1_IMP(GENERAL_NAME, d.iPAddress, ASN1_OCTET_STRING, GEN_IPADD),
ASN1_IMP(GENERAL_NAME, d.registeredID, ASN1_OBJECT, GEN_RID)
} ASN1_CHOICE_END(GENERAL_NAME)
IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME)
ASN1_ITEM_TEMPLATE(GENERAL_NAMES) =
ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME)
ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES)
IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES)
GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a)
{
return (GENERAL_NAME *)ASN1_dup((i2d_of_void *)i2d_GENERAL_NAME,
(d2i_of_void *)d2i_GENERAL_NAME,
(char *)a);
}
+static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b)
+{
+ int res;
+
+ if (a == NULL || b == NULL) {
+ /*
+ * Shouldn't be possible in a valid GENERAL_NAME, but we handle it
+ * anyway. OTHERNAME_cmp treats NULL != NULL so we do the same here
+ */
+ return -1;
+ }
+ if (a->nameAssigner == NULL && b->nameAssigner != NULL)
+ return -1;
+ if (a->nameAssigner != NULL && b->nameAssigner == NULL)
+ return 1;
+ /* If we get here then both have nameAssigner set, or both unset */
+ if (a->nameAssigner != NULL) {
+ res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner);
+ if (res != 0)
+ return res;
+ }
+ /*
+ * partyName is required, so these should never be NULL. We treat it in
+ * the same way as the a == NULL || b == NULL case above
+ */
+ if (a->partyName == NULL || b->partyName == NULL)
+ return -1;
+
+ return ASN1_STRING_cmp(a->partyName, b->partyName);
+}
+
/* Returns 0 if they are equal, != 0 otherwise. */
int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
{
int result = -1;
if (!a || !b || a->type != b->type)
return -1;
switch (a->type) {
case GEN_X400:
+ result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
+ break;
+
case GEN_EDIPARTY:
- result = ASN1_TYPE_cmp(a->d.other, b->d.other);
+ result = edipartyname_cmp(a->d.ediPartyName, b->d.ediPartyName);
break;
case GEN_OTHERNAME:
result = OTHERNAME_cmp(a->d.otherName, b->d.otherName);
break;
case GEN_EMAIL:
case GEN_DNS:
case GEN_URI:
result = ASN1_STRING_cmp(a->d.ia5, b->d.ia5);
break;
case GEN_DIRNAME:
result = X509_NAME_cmp(a->d.dirn, b->d.dirn);
break;
case GEN_IPADD:
result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip);
break;
case GEN_RID:
result = OBJ_cmp(a->d.rid, b->d.rid);
break;
}
return result;
}
/* Returns 0 if they are equal, != 0 otherwise. */
int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b)
{
int result = -1;
if (!a || !b)
return -1;
/* Check their type first. */
if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0)
return result;
/* Check the value. */
result = ASN1_TYPE_cmp(a->value, b->value);
return result;
}
void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value)
{
switch (type) {
case GEN_X400:
+ a->d.x400Address = value;
+ break;
+
case GEN_EDIPARTY:
- a->d.other = value;
+ a->d.ediPartyName = value;
break;
case GEN_OTHERNAME:
a->d.otherName = value;
break;
case GEN_EMAIL:
case GEN_DNS:
case GEN_URI:
a->d.ia5 = value;
break;
case GEN_DIRNAME:
a->d.dirn = value;
break;
case GEN_IPADD:
a->d.ip = value;
break;
case GEN_RID:
a->d.rid = value;
break;
}
a->type = type;
}
void *GENERAL_NAME_get0_value(const GENERAL_NAME *a, int *ptype)
{
if (ptype)
*ptype = a->type;
switch (a->type) {
case GEN_X400:
+ return a->d.x400Address;
+
case GEN_EDIPARTY:
- return a->d.other;
+ return a->d.ediPartyName;
case GEN_OTHERNAME:
return a->d.otherName;
case GEN_EMAIL:
case GEN_DNS:
case GEN_URI:
return a->d.ia5;
case GEN_DIRNAME:
return a->d.dirn;
case GEN_IPADD:
return a->d.ip;
case GEN_RID:
return a->d.rid;
default:
return NULL;
}
}
int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
ASN1_OBJECT *oid, ASN1_TYPE *value)
{
OTHERNAME *oth;
oth = OTHERNAME_new();
if (oth == NULL)
return 0;
ASN1_TYPE_free(oth->value);
oth->type_id = oid;
oth->value = value;
GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth);
return 1;
}
int GENERAL_NAME_get0_otherName(const GENERAL_NAME *gen,
ASN1_OBJECT **poid, ASN1_TYPE **pvalue)
{
if (gen->type != GEN_OTHERNAME)
return 0;
if (poid)
*poid = gen->d.otherName->type_id;
if (pvalue)
*pvalue = gen->d.otherName->value;
return 1;
}
diff --git a/crypto/openssl/include/openssl/asn1err.h b/crypto/openssl/include/openssl/asn1err.h
index faed5a55180d..e1ad1fefeca7 100644
--- a/crypto/openssl/include/openssl/asn1err.h
+++ b/crypto/openssl/include/openssl/asn1err.h
@@ -1,256 +1,256 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef HEADER_ASN1ERR_H
# define HEADER_ASN1ERR_H
-# ifndef HEADER_SYMHACKS_H
-# include <openssl/symhacks.h>
-# endif
+# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C"
# endif
int ERR_load_ASN1_strings(void);
/*
* ASN1 function codes.
*/
# define ASN1_F_A2D_ASN1_OBJECT 100
# define ASN1_F_A2I_ASN1_INTEGER 102
# define ASN1_F_A2I_ASN1_STRING 103
# define ASN1_F_APPEND_EXP 176
# define ASN1_F_ASN1_BIO_INIT 113
# define ASN1_F_ASN1_BIT_STRING_SET_BIT 183
# define ASN1_F_ASN1_CB 177
# define ASN1_F_ASN1_CHECK_TLEN 104
# define ASN1_F_ASN1_COLLECT 106
# define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
# define ASN1_F_ASN1_D2I_FP 109
# define ASN1_F_ASN1_D2I_READ_BIO 107
# define ASN1_F_ASN1_DIGEST 184
# define ASN1_F_ASN1_DO_ADB 110
# define ASN1_F_ASN1_DO_LOCK 233
# define ASN1_F_ASN1_DUP 111
# define ASN1_F_ASN1_ENC_SAVE 115
# define ASN1_F_ASN1_EX_C2I 204
# define ASN1_F_ASN1_FIND_END 190
# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216
# define ASN1_F_ASN1_GENERATE_V3 178
# define ASN1_F_ASN1_GET_INT64 224
# define ASN1_F_ASN1_GET_OBJECT 114
# define ASN1_F_ASN1_GET_UINT64 225
# define ASN1_F_ASN1_I2D_BIO 116
# define ASN1_F_ASN1_I2D_FP 117
# define ASN1_F_ASN1_ITEM_D2I_FP 206
# define ASN1_F_ASN1_ITEM_DUP 191
# define ASN1_F_ASN1_ITEM_EMBED_D2I 120
# define ASN1_F_ASN1_ITEM_EMBED_NEW 121
+# define ASN1_F_ASN1_ITEM_EX_I2D 144
# define ASN1_F_ASN1_ITEM_FLAGS_I2D 118
# define ASN1_F_ASN1_ITEM_I2D_BIO 192
# define ASN1_F_ASN1_ITEM_I2D_FP 193
# define ASN1_F_ASN1_ITEM_PACK 198
# define ASN1_F_ASN1_ITEM_SIGN 195
# define ASN1_F_ASN1_ITEM_SIGN_CTX 220
# define ASN1_F_ASN1_ITEM_UNPACK 199
# define ASN1_F_ASN1_ITEM_VERIFY 197
# define ASN1_F_ASN1_MBSTRING_NCOPY 122
# define ASN1_F_ASN1_OBJECT_NEW 123
# define ASN1_F_ASN1_OUTPUT_DATA 214
# define ASN1_F_ASN1_PCTX_NEW 205
# define ASN1_F_ASN1_PRIMITIVE_NEW 119
# define ASN1_F_ASN1_SCTX_NEW 221
# define ASN1_F_ASN1_SIGN 128
# define ASN1_F_ASN1_STR2TYPE 179
# define ASN1_F_ASN1_STRING_GET_INT64 227
# define ASN1_F_ASN1_STRING_GET_UINT64 230
# define ASN1_F_ASN1_STRING_SET 186
# define ASN1_F_ASN1_STRING_TABLE_ADD 129
# define ASN1_F_ASN1_STRING_TO_BN 228
# define ASN1_F_ASN1_STRING_TYPE_NEW 130
# define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
# define ASN1_F_ASN1_TEMPLATE_NEW 133
# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
# define ASN1_F_ASN1_TIME_ADJ 217
# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
# define ASN1_F_ASN1_UTCTIME_ADJ 218
# define ASN1_F_ASN1_VERIFY 137
# define ASN1_F_B64_READ_ASN1 209
# define ASN1_F_B64_WRITE_ASN1 210
# define ASN1_F_BIO_NEW_NDEF 208
# define ASN1_F_BITSTR_CB 180
# define ASN1_F_BN_TO_ASN1_STRING 229
# define ASN1_F_C2I_ASN1_BIT_STRING 189
# define ASN1_F_C2I_ASN1_INTEGER 194
# define ASN1_F_C2I_ASN1_OBJECT 196
# define ASN1_F_C2I_IBUF 226
# define ASN1_F_C2I_UINT64_INT 101
# define ASN1_F_COLLECT_DATA 140
# define ASN1_F_D2I_ASN1_OBJECT 147
# define ASN1_F_D2I_ASN1_UINTEGER 150
# define ASN1_F_D2I_AUTOPRIVATEKEY 207
# define ASN1_F_D2I_PRIVATEKEY 154
# define ASN1_F_D2I_PUBLICKEY 155
# define ASN1_F_DO_BUF 142
# define ASN1_F_DO_CREATE 124
# define ASN1_F_DO_DUMP 125
# define ASN1_F_DO_TCREATE 222
# define ASN1_F_I2A_ASN1_OBJECT 126
# define ASN1_F_I2D_ASN1_BIO_STREAM 211
# define ASN1_F_I2D_ASN1_OBJECT 143
# define ASN1_F_I2D_DSA_PUBKEY 161
# define ASN1_F_I2D_EC_PUBKEY 181
# define ASN1_F_I2D_PRIVATEKEY 163
# define ASN1_F_I2D_PUBLICKEY 164
# define ASN1_F_I2D_RSA_PUBKEY 165
# define ASN1_F_LONG_C2I 166
# define ASN1_F_NDEF_PREFIX 127
# define ASN1_F_NDEF_SUFFIX 136
# define ASN1_F_OID_MODULE_INIT 174
# define ASN1_F_PARSE_TAGGING 182
# define ASN1_F_PKCS5_PBE2_SET_IV 167
# define ASN1_F_PKCS5_PBE2_SET_SCRYPT 231
# define ASN1_F_PKCS5_PBE_SET 202
# define ASN1_F_PKCS5_PBE_SET0_ALGOR 215
# define ASN1_F_PKCS5_PBKDF2_SET 219
# define ASN1_F_PKCS5_SCRYPT_SET 232
# define ASN1_F_SMIME_READ_ASN1 212
# define ASN1_F_SMIME_TEXT 213
# define ASN1_F_STABLE_GET 138
# define ASN1_F_STBL_MODULE_INIT 223
# define ASN1_F_UINT32_C2I 105
# define ASN1_F_UINT32_NEW 139
# define ASN1_F_UINT64_C2I 112
# define ASN1_F_UINT64_NEW 141
# define ASN1_F_X509_CRL_ADD0_REVOKED 169
# define ASN1_F_X509_INFO_NEW 170
# define ASN1_F_X509_NAME_ENCODE 203
# define ASN1_F_X509_NAME_EX_D2I 158
# define ASN1_F_X509_NAME_EX_NEW 171
# define ASN1_F_X509_PKEY_NEW 173
/*
* ASN1 reason codes.
*/
# define ASN1_R_ADDING_OBJECT 171
# define ASN1_R_ASN1_PARSE_ERROR 203
# define ASN1_R_ASN1_SIG_PARSE_ERROR 204
# define ASN1_R_AUX_ERROR 100
# define ASN1_R_BAD_OBJECT_HEADER 102
+# define ASN1_R_BAD_TEMPLATE 230
# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
# define ASN1_R_BN_LIB 105
# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
# define ASN1_R_BUFFER_TOO_SMALL 107
# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
# define ASN1_R_CONTEXT_NOT_INITIALISED 217
# define ASN1_R_DATA_IS_WRONG 109
# define ASN1_R_DECODE_ERROR 110
# define ASN1_R_DEPTH_EXCEEDED 174
# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
# define ASN1_R_ENCODE_ERROR 112
# define ASN1_R_ERROR_GETTING_TIME 173
# define ASN1_R_ERROR_LOADING_SECTION 172
# define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
# define ASN1_R_EXPECTING_AN_INTEGER 115
# define ASN1_R_EXPECTING_AN_OBJECT 116
# define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
# define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
# define ASN1_R_FIELD_MISSING 121
# define ASN1_R_FIRST_NUM_TOO_LARGE 122
# define ASN1_R_HEADER_TOO_LONG 123
# define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175
# define ASN1_R_ILLEGAL_BOOLEAN 176
# define ASN1_R_ILLEGAL_CHARACTERS 124
# define ASN1_R_ILLEGAL_FORMAT 177
# define ASN1_R_ILLEGAL_HEX 178
# define ASN1_R_ILLEGAL_IMPLICIT_TAG 179
# define ASN1_R_ILLEGAL_INTEGER 180
# define ASN1_R_ILLEGAL_NEGATIVE_VALUE 226
# define ASN1_R_ILLEGAL_NESTED_TAGGING 181
# define ASN1_R_ILLEGAL_NULL 125
# define ASN1_R_ILLEGAL_NULL_VALUE 182
# define ASN1_R_ILLEGAL_OBJECT 183
# define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
# define ASN1_R_ILLEGAL_PADDING 221
# define ASN1_R_ILLEGAL_TAGGED_ANY 127
# define ASN1_R_ILLEGAL_TIME_VALUE 184
# define ASN1_R_ILLEGAL_ZERO_CONTENT 222
# define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
# define ASN1_R_INVALID_BMPSTRING_LENGTH 129
# define ASN1_R_INVALID_DIGIT 130
# define ASN1_R_INVALID_MIME_TYPE 205
# define ASN1_R_INVALID_MODIFIER 186
# define ASN1_R_INVALID_NUMBER 187
# define ASN1_R_INVALID_OBJECT_ENCODING 216
# define ASN1_R_INVALID_SCRYPT_PARAMETERS 227
# define ASN1_R_INVALID_SEPARATOR 131
# define ASN1_R_INVALID_STRING_TABLE_VALUE 218
# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
# define ASN1_R_INVALID_UTF8STRING 134
# define ASN1_R_INVALID_VALUE 219
# define ASN1_R_LIST_ERROR 188
# define ASN1_R_MIME_NO_CONTENT_TYPE 206
# define ASN1_R_MIME_PARSE_ERROR 207
# define ASN1_R_MIME_SIG_PARSE_ERROR 208
# define ASN1_R_MISSING_EOC 137
# define ASN1_R_MISSING_SECOND_NUMBER 138
# define ASN1_R_MISSING_VALUE 189
# define ASN1_R_MSTRING_NOT_UNIVERSAL 139
# define ASN1_R_MSTRING_WRONG_TAG 140
# define ASN1_R_NESTED_ASN1_STRING 197
# define ASN1_R_NESTED_TOO_DEEP 201
# define ASN1_R_NON_HEX_CHARACTERS 141
# define ASN1_R_NOT_ASCII_FORMAT 190
# define ASN1_R_NOT_ENOUGH_DATA 142
# define ASN1_R_NO_CONTENT_TYPE 209
# define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
# define ASN1_R_NO_MULTIPART_BODY_FAILURE 210
# define ASN1_R_NO_MULTIPART_BOUNDARY 211
# define ASN1_R_NO_SIG_CONTENT_TYPE 212
# define ASN1_R_NULL_IS_WRONG_LENGTH 144
# define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
# define ASN1_R_ODD_NUMBER_OF_CHARS 145
# define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
# define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
# define ASN1_R_SHORT_LINE 150
# define ASN1_R_SIG_INVALID_MIME_TYPE 213
# define ASN1_R_STREAMING_NOT_SUPPORTED 202
# define ASN1_R_STRING_TOO_LONG 151
# define ASN1_R_STRING_TOO_SHORT 152
# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
# define ASN1_R_TIME_NOT_ASCII_FORMAT 193
# define ASN1_R_TOO_LARGE 223
# define ASN1_R_TOO_LONG 155
# define ASN1_R_TOO_SMALL 224
# define ASN1_R_TYPE_NOT_CONSTRUCTED 156
# define ASN1_R_TYPE_NOT_PRIMITIVE 195
# define ASN1_R_UNEXPECTED_EOC 159
# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
# define ASN1_R_UNKNOWN_FORMAT 160
# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
# define ASN1_R_UNKNOWN_OBJECT_TYPE 162
# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
# define ASN1_R_UNKNOWN_TAG 194
# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
# define ASN1_R_UNSUPPORTED_CIPHER 228
# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
# define ASN1_R_UNSUPPORTED_TYPE 196
# define ASN1_R_WRONG_INTEGER_TYPE 225
# define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
# define ASN1_R_WRONG_TAG 168
#endif
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 98c30a869a7e..d6b2eb7881aa 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -1,313 +1,313 @@
#!/bin/sh -
#
# SPDX-License-Identifier: BSD-3-Clause
#
# Copyright (c) 1984, 1986, 1990, 1993
# The Regents of the University of California. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 3. Neither the name of the University nor the names of its contributors
# may be used to endorse or promote products derived from this software
# without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
# @(#)newvers.sh 8.1 (Berkeley) 4/20/94
# $FreeBSD$
# Command line options:
#
# -r Reproducible build. Do not embed directory names, user
# names, time stamps or other dynamic information into
# the output file. This is intended to allow two builds
# done at different times and even by different people on
# different hosts to produce identical output.
#
# -R Reproducible build if the tree represents an unmodified
# checkout from a version control system. Metadata is
# included if the tree is modified.
# Note: usr.sbin/amd/include/newvers.sh assumes all variable assignments of
# upper case variables starting in column 1 are on one line w/o continuation.
TYPE="FreeBSD"
REVISION="12.2"
-BRANCH="RELEASE-p1"
+BRANCH="RELEASE-p2"
if [ -n "${BRANCH_OVERRIDE}" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
RELEASE="${REVISION}-${BRANCH}"
VERSION="${TYPE} ${RELEASE}"
#
# findvcs dir
# Looks up directory dir at world root and up the filesystem
#
findvcs()
{
local savedir
savedir=$(pwd)
cd ${SYSDIR}/..
while [ $(pwd) != "/" ]; do
if [ -e "./$1" ]; then
VCSTOP=$(pwd)
VCSDIR=${VCSTOP}"/$1"
cd ${savedir}
return 0
fi
cd ..
done
cd ${savedir}
return 1
}
if [ -z "${SYSDIR}" ]; then
SYSDIR=$(dirname $0)/..
fi
RELDATE=$(awk '/__FreeBSD_version.*propagated to newvers/ {print $3}' ${PARAMFILE:-${SYSDIR}/sys/param.h})
if [ -r "${SYSDIR}/../COPYRIGHT" ]; then
year=$(sed -Ee '/^Copyright .* The FreeBSD Project/!d;s/^.*1992-([0-9]*) .*$/\1/g' ${SYSDIR}/../COPYRIGHT)
else
year=$(date +%Y)
fi
# look for copyright template
b=share/examples/etc/bsd-style-copyright
for bsd_copyright in ../$b ../../$b ../../../$b /usr/src/$b /usr/$b
do
if [ -r "$bsd_copyright" ]; then
COPYRIGHT=`sed \
-e "s/\[year\]/1992-$year/" \
-e 's/\[your name here\]\.* /The FreeBSD Project./' \
-e 's/\[your name\]\.*/The FreeBSD Project./' \
-e '/\[id for your version control system, if any\]/d' \
$bsd_copyright`
break
fi
done
# no copyright found, use a dummy
if [ -z "$COPYRIGHT" ]; then
COPYRIGHT="/*-
* Copyright (c) 1992-$year The FreeBSD Project.
* All rights reserved.
*
*/"
fi
# add newline
COPYRIGHT="$COPYRIGHT
"
# VARS_ONLY means no files should be generated, this is just being
# included.
[ -n "$VARS_ONLY" ] && return 0
LC_ALL=C; export LC_ALL
if [ ! -r version ]
then
echo 0 > version
fi
touch version
v=`cat version`
u=${USER:-root}
d=`pwd`
h=${HOSTNAME:-`hostname`}
if [ -n "$SOURCE_DATE_EPOCH" ]; then
if ! t=`date -r $SOURCE_DATE_EPOCH 2>/dev/null`; then
echo "Invalid SOURCE_DATE_EPOCH" >&2
exit 1
fi
else
t=`date`
fi
i=`${MAKE:-make} -V KERN_IDENT`
compiler_v=$($(${MAKE:-make} -V CC) -v 2>&1 | grep -w 'version')
for dir in /usr/bin /usr/local/bin; do
if [ ! -z "${svnversion}" ] ; then
break
fi
if [ -x "${dir}/svnversion" ] && [ -z ${svnversion} ] ; then
# Run svnversion from ${dir} on this script; if return code
# is not zero, the checkout might not be compatible with the
# svnversion being used.
${dir}/svnversion $(realpath ${0}) >/dev/null 2>&1
if [ $? -eq 0 ]; then
svnversion=${dir}/svnversion
break
fi
fi
done
if [ -z "${svnversion}" ] && [ -x /usr/bin/svnliteversion ] ; then
/usr/bin/svnliteversion $(realpath ${0}) >/dev/null 2>&1
if [ $? -eq 0 ]; then
svnversion=/usr/bin/svnliteversion
else
svnversion=
fi
fi
for dir in /usr/bin /usr/local/bin; do
if [ -x "${dir}/p4" ] && [ -z ${p4_cmd} ] ; then
p4_cmd=${dir}/p4
fi
done
if findvcs .git; then
for dir in /usr/bin /usr/local/bin; do
if [ -x "${dir}/git" ] ; then
git_cmd="${dir}/git -c help.autocorrect=0 --git-dir=${VCSDIR}"
break
fi
done
fi
if findvcs .hg; then
for dir in /usr/bin /usr/local/bin; do
if [ -x "${dir}/hg" ] ; then
hg_cmd="${dir}/hg -R ${VCSDIR}"
break
fi
done
fi
if [ -n "$svnversion" ] ; then
svn=`cd ${SYSDIR} && $svnversion 2>/dev/null`
case "$svn" in
[0-9]*[MSP]|*:*)
svn=" r${svn}"
modified=true
;;
[0-9]*)
svn=" r${svn}"
;;
*)
unset svn
;;
esac
fi
if [ -n "$git_cmd" ] ; then
git=`$git_cmd rev-parse --verify --short HEAD 2>/dev/null`
svn=`$git_cmd svn find-rev $git 2>/dev/null`
if [ -n "$svn" ] ; then
svn=" r${svn}"
git="=${git}"
else
svn=`$git_cmd log --grep '^git-svn-id:' | \
grep '^ git-svn-id:' | head -1 | \
sed -n 's/^.*@\([0-9][0-9]*\).*$/\1/p'`
if [ -z "$svn" ] ; then
svn=`$git_cmd log --format='format:%N' | \
grep '^svn ' | head -1 | \
sed -n 's/^.*revision=\([0-9][0-9]*\).*$/\1/p'`
fi
if [ -n "$svn" ] ; then
svn=" r${svn}"
git="+${git}"
else
git=" ${git}"
fi
fi
git_b=`$git_cmd rev-parse --abbrev-ref HEAD`
if [ -n "$git_b" ] ; then
git="${git}(${git_b})"
fi
if $git_cmd --work-tree=${VCSTOP} diff-index \
--name-only HEAD | read dummy; then
git="${git}-dirty"
modified=true
fi
fi
if [ -n "$p4_cmd" ] ; then
p4version=`cd ${SYSDIR} && $p4_cmd changes -m1 "./...#have" 2>&1 | \
awk '{ print $2 }'`
case "$p4version" in
[0-9]*)
p4version=" ${p4version}"
p4opened=`cd ${SYSDIR} && $p4_cmd opened ./... 2>&1`
case "$p4opened" in
File*) ;;
//*)
p4version="${p4version}+edit"
modified=true
;;
esac
;;
*) unset p4version ;;
esac
fi
if [ -n "$hg_cmd" ] ; then
hg=`$hg_cmd id 2>/dev/null`
svn=`$hg_cmd svn info 2>/dev/null | \
awk -F': ' '/Revision/ { print $2 }'`
if [ -n "$svn" ] ; then
svn=" r${svn}"
fi
if [ -n "$hg" ] ; then
hg=" ${hg}"
fi
fi
include_metadata=true
while getopts rR opt; do
case "$opt" in
r)
include_metadata=
;;
R)
if [ -z "${modified}" ]; then
include_metadata=
fi
esac
done
shift $((OPTIND - 1))
if [ -z "${include_metadata}" ]; then
VERINFO="${VERSION}${svn}${git}${hg}${p4version} ${i}"
VERSTR="${VERINFO}\\n"
else
VERINFO="${VERSION} #${v}${svn}${git}${hg}${p4version}: ${t}"
VERSTR="${VERINFO}\\n ${u}@${h}:${d}\\n"
fi
cat << EOF > vers.c
$COPYRIGHT
#define SCCSSTR "@(#)${VERINFO}"
#define VERSTR "${VERSTR}"
#define RELSTR "${RELEASE}"
char sccs[sizeof(SCCSSTR) > 128 ? sizeof(SCCSSTR) : 128] = SCCSSTR;
char version[sizeof(VERSTR) > 256 ? sizeof(VERSTR) : 256] = VERSTR;
char compiler_version[] = "${compiler_v}";
char ostype[] = "${TYPE}";
char osrelease[sizeof(RELSTR) > 32 ? sizeof(RELSTR) : 32] = RELSTR;
int osreldate = ${RELDATE};
char kern_ident[] = "${i}";
EOF
echo $((v + 1)) > version