oweals/openssl.git
21 years agoCRYPTO_malloc(), CRYPTO_realloc() and variants of them should return NULL
Richard Levitte [Mon, 1 Dec 2003 12:06:17 +0000 (12:06 +0000)]
CRYPTO_malloc(), CRYPTO_realloc() and variants of them should return NULL
if the give size is 0.

This is a thought that came up in PR 751.

21 years agoMake sure the documentation matches reality.
Richard Levitte [Sat, 29 Nov 2003 10:33:26 +0000 (10:33 +0000)]
Make sure the documentation matches reality.

PR: 755
Notified by: Jakub Bogusz <qboosh@pld-linux.org>

21 years agoWe're getting a clash with C++ because it has a type called 'list'.
Richard Levitte [Sat, 29 Nov 2003 10:26:41 +0000 (10:26 +0000)]
We're getting a clash with C++ because it has a type called 'list'.
Therefore, change all instances of the symbol 'list' to something else.

PR: 758
Submitted by: Frédéric Giudicelli <groups@newpki.org>

21 years agoRSA_size() and DH_size() return the amount of bytes in a key, and we
Richard Levitte [Fri, 28 Nov 2003 23:03:16 +0000 (23:03 +0000)]
RSA_size() and DH_size() return the amount of bytes in a key, and we
compared it to the amount of bits required...
PR: 770
Submitted by: c zhang <czhang2005@hotmail.com>

21 years ago1024 is the export key bits limit according to current regulations, not 512.
Richard Levitte [Fri, 28 Nov 2003 22:39:20 +0000 (22:39 +0000)]
1024 is the export key bits limit according to current regulations, not 512.
PR: 771
Submitted by: c zhang <czhang2005@hotmail.com>

21 years agoLet's use text/plain in the example instead of crapy HTML.
Richard Levitte [Fri, 28 Nov 2003 14:32:33 +0000 (14:32 +0000)]
Let's use text/plain in the example instead of crapy HTML.
PR: 777
Submitted by: Michael Shields <mshields@sunblocksystems.com>

21 years agoFix typo breaking linux-s390x target: "," -> "." .
Lutz Jänicke [Sun, 16 Nov 2003 15:57:33 +0000 (15:57 +0000)]
Fix typo breaking linux-s390x target: "," -> "." .
PR: #759
Submitted by: Martin Kraemer <Martin.Kraemer@Fujitsu-Siemens.com>

21 years agoBump revision after tagging
Mark J. Cox [Tue, 4 Nov 2003 11:37:18 +0000 (11:37 +0000)]
Bump revision after tagging

21 years agoStop bug triggering large recursion when presented with OpenSSL_0_9_6l
Mark J. Cox [Tue, 4 Nov 2003 11:30:40 +0000 (11:30 +0000)]
Stop bug triggering large recursion when presented with
certain ASN.1 tags (CAN-2003-0851)

21 years agoIn this version of OpenSSL, declarations aren't always strict
Richard Levitte [Mon, 3 Nov 2003 09:14:48 +0000 (09:14 +0000)]
In this version of OpenSSL, declarations aren't always strict
prototypes, so I'm removing -Wstrict-prototypes and
-Wmissing-prototypes from my debugging target in favor of
-Wmissing-declarations.  That will make other issues more visible than
in the middle of a thousand warnings telling me there isn't a proper
prototype for this or that function pointer...

21 years agoCorrect a mixup of return values
Richard Levitte [Thu, 2 Oct 2003 10:39:31 +0000 (10:39 +0000)]
Correct a mixup of return values

21 years agoInclude e_os.h to get a proper definition of memmove on the platforms
Richard Levitte [Wed, 1 Oct 2003 20:43:30 +0000 (20:43 +0000)]
Include e_os.h to get a proper definition of memmove on the platforms
that do not have it.

21 years agoNew dev version.
Dr. Stephen Henson [Tue, 30 Sep 2003 13:09:07 +0000 (13:09 +0000)]
New dev version.

21 years agoChanges for release OpenSSL_0_9_6k
Dr. Stephen Henson [Tue, 30 Sep 2003 12:09:13 +0000 (12:09 +0000)]
Changes for release

21 years agoFix for ASN1 parsing bugs.
Dr. Stephen Henson [Tue, 30 Sep 2003 12:05:11 +0000 (12:05 +0000)]
Fix for ASN1 parsing bugs.

21 years agoFix warning on Win32.
Dr. Stephen Henson [Mon, 29 Sep 2003 17:17:54 +0000 (17:17 +0000)]
Fix warning on Win32.

21 years agoMake MD5 assembler code able to handle messages larger than 2GB on 32-bit
Richard Levitte [Sat, 27 Sep 2003 22:14:43 +0000 (22:14 +0000)]
Make MD5 assembler code able to handle messages larger than 2GB on 32-bit
systems and above.
PR: 664

21 years agoHave ssl3_ssl3_send_client_verify() change the state to SSL3_ST_SW_CERT_VRFY_B.
Richard Levitte [Sat, 27 Sep 2003 19:32:12 +0000 (19:32 +0000)]
Have ssl3_ssl3_send_client_verify() change the state to SSL3_ST_SW_CERT_VRFY_B.
PR: 679

21 years agoHave ssl3_send_certificate_request() change the state to SSL3_ST_SW_CERT_REQ_B.
Richard Levitte [Sat, 27 Sep 2003 19:28:54 +0000 (19:28 +0000)]
Have ssl3_send_certificate_request() change the state to SSL3_ST_SW_CERT_REQ_B.
PR: 680

21 years agoRemove extra argument to BIO_printf().
Richard Levitte [Sat, 27 Sep 2003 18:31:43 +0000 (18:31 +0000)]
Remove extra argument to BIO_printf().
PR: 685

21 years agoCorrect small documentation error.
Richard Levitte [Sat, 27 Sep 2003 10:39:21 +0000 (10:39 +0000)]
Correct small documentation error.
PR: 698

21 years agoIn order to get the expected self signed error when
Dr. Stephen Henson [Sun, 21 Sep 2003 02:11:31 +0000 (02:11 +0000)]
In order to get the expected self signed error when
calling X509_verify_cert() in x509.c the cert should
not be added to the trusted store.

21 years agoThese should be write-locks, not read-locks.
Geoff Thorpe [Mon, 8 Sep 2003 16:01:38 +0000 (16:01 +0000)]
These should be write-locks, not read-locks.

21 years agoOnly accept a client certificate if the server requests
Dr. Stephen Henson [Wed, 3 Sep 2003 23:35:54 +0000 (23:35 +0000)]
Only accept a client certificate if the server requests
one, as required by SSL/TLS specs.

21 years agoUndo the change that left LD_LIBRARY_PATH unchanged. The errors I saw
Richard Levitte [Thu, 14 Aug 2003 06:30:32 +0000 (06:30 +0000)]
Undo the change that left LD_LIBRARY_PATH unchanged.  The errors I saw
weren't due to that, but to a change on the SCO machines I used for
testing, where my $PATH was suddenly incorrect.

21 years agomake sure no error is left in the queue that is intentionally ignored
Bodo Möller [Mon, 11 Aug 2003 18:56:50 +0000 (18:56 +0000)]
make sure no error is left in the queue that is intentionally ignored

21 years agoTypo, I had typed { instead of [.
Richard Levitte [Sat, 9 Aug 2003 09:30:39 +0000 (09:30 +0000)]
Typo, I had typed { instead of [.

21 years agoSome installations (currently, it's been noted on a sco5 system where
Richard Levitte [Fri, 8 Aug 2003 09:36:46 +0000 (09:36 +0000)]
Some installations (currently, it's been noted on a sco5 system where
gcc is used to build with) don't take it too well if LD_LIBRARY_PATH
is messed with when linknig programs.  I'm going to assume that it's
OK to leave it unchanged when linking non-shared.

21 years agoCorrect two problems, found by Martin Kochanski <cardbox@easynet.co.uk>:
Richard Levitte [Thu, 7 Aug 2003 11:57:45 +0000 (11:57 +0000)]
Correct two problems, found by Martin Kochanski <cardbox@easynet.co.uk>:

1. CreateToolhelp32Snapshot returns INVALID_HANDLE_VALUE, not NULL, on error.
2. On Windows CE, a snapshot handle is closed with CloseToolhelp32Snapshot,
   not CloseHandle.

21 years agoadd OpenSSL license
Bodo Möller [Wed, 6 Aug 2003 10:40:19 +0000 (10:40 +0000)]
add OpenSSL license

fix typo

21 years agotolerate extra data at end of client hello for SSL 3.0
Bodo Möller [Mon, 21 Jul 2003 15:16:20 +0000 (15:16 +0000)]
tolerate extra data at end of client hello for SSL 3.0

21 years agotypo
Bodo Möller [Mon, 21 Jul 2003 14:58:32 +0000 (14:58 +0000)]
typo

21 years agoAdd a slash so grep doesn't return both ./crypto/bio/bss_mem.o and
Richard Levitte [Thu, 3 Jul 2003 21:43:50 +0000 (21:43 +0000)]
Add a slash so grep doesn't return both ./crypto/bio/bss_mem.o and
./crypto/mem.o when we're looking for mem.o.

21 years agoDocument the last change.
Richard Levitte [Thu, 19 Jun 2003 19:04:17 +0000 (19:04 +0000)]
Document the last change.
PR: 587

21 years agoWe set the export flag for 512 *bit* keys, not 512 *byte* ones.
Richard Levitte [Thu, 19 Jun 2003 18:55:53 +0000 (18:55 +0000)]
We set the export flag for 512 *bit* keys, not 512 *byte* ones.
PR: 587

21 years agoIncorrect patching removed.
Richard Levitte [Thu, 12 Jun 2003 06:56:45 +0000 (06:56 +0000)]
Incorrect patching removed.

21 years agoTypo.
Richard Levitte [Thu, 12 Jun 2003 01:04:09 +0000 (01:04 +0000)]
Typo.
PR: 584

21 years agoMake sure ssize_t is defined on SunOS4.
Richard Levitte [Thu, 12 Jun 2003 00:56:30 +0000 (00:56 +0000)]
Make sure ssize_t is defined on SunOS4.
PR: 585

21 years agoMake sure DSO-dlfcn works properly on SunOS4.
Richard Levitte [Thu, 12 Jun 2003 00:51:57 +0000 (00:51 +0000)]
Make sure DSO-dlfcn works properly on SunOS4.
PR: 585

21 years agoRemove debugging output that wasn't supposed to be committed in the first place.
Richard Levitte [Wed, 11 Jun 2003 18:46:22 +0000 (18:46 +0000)]
Remove debugging output that wasn't supposed to be committed in the first place.

21 years agoMake sure to NUL-terminate the string on end-of-file (and error)
Richard Levitte [Wed, 11 Jun 2003 18:43:47 +0000 (18:43 +0000)]
Make sure to NUL-terminate the string on end-of-file (and error)
PR: 643

21 years agoCorrect a typo (basically, one can't just replace 'memset' with
Richard Levitte [Thu, 22 May 2003 09:35:46 +0000 (09:35 +0000)]
Correct a typo (basically, one can't just replace 'memset' with
'OPENSSL_cleanse', there's an argument to remove as well).

21 years agoString not properly NUL-terminated when no X509_NAME is given.
Richard Levitte [Wed, 21 May 2003 14:44:59 +0000 (14:44 +0000)]
String not properly NUL-terminated when no X509_NAME is given.
PR: 618

21 years agoDon't forget that strlen() doesn't include the ending NUL.
Richard Levitte [Wed, 21 May 2003 14:41:02 +0000 (14:41 +0000)]
Don't forget that strlen() doesn't include the ending NUL.
PR: 618

21 years agoCleanse the MD context properly when done adding or getting random data.
Richard Levitte [Wed, 21 May 2003 14:35:04 +0000 (14:35 +0000)]
Cleanse the MD context properly when done adding or getting random data.
PR: 619

21 years agoFix sign bugs.
Richard Levitte [Wed, 21 May 2003 14:29:22 +0000 (14:29 +0000)]
Fix sign bugs.
PR: 621

21 years agofix typo
Bodo Möller [Tue, 22 Apr 2003 12:45:47 +0000 (12:45 +0000)]
fix typo

Submitted by: Nils Larsch

21 years agoTypo.
Richard Levitte [Thu, 17 Apr 2003 21:49:47 +0000 (21:49 +0000)]
Typo.
PR: 562

21 years agoMemory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances.
Richard Levitte [Wed, 16 Apr 2003 06:25:25 +0000 (06:25 +0000)]
Memory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances.
Memory leak fix: RSA_blinding_on() would leave a dangling pointer in
                 rsa->blinding under certain circumstances.
Double definition fix: RSA_FLAG_NO_BLINDING was defined twice.

21 years agoMemory leak fix: local blinding structure not freed in rsa_eay_private_decrypt()
Richard Levitte [Tue, 15 Apr 2003 13:01:43 +0000 (13:01 +0000)]
Memory leak fix: local blinding structure not freed in rsa_eay_private_decrypt()

21 years agoThe release is tagged, time to hope we won't have to work on 0.9.6k.
Richard Levitte [Thu, 10 Apr 2003 20:41:02 +0000 (20:41 +0000)]
The release is tagged, time to hope we won't have to work on 0.9.6k.

21 years agoI forgot to change the status bits to release. OpenSSL_0_9_6j
Richard Levitte [Thu, 10 Apr 2003 20:30:41 +0000 (20:30 +0000)]
I forgot to change the status bits to release.
This file will be retagged.

21 years agoTime to release 0.9.6j.
Richard Levitte [Thu, 10 Apr 2003 20:21:28 +0000 (20:21 +0000)]
Time to release 0.9.6j.
The ticket will be OpenSSL_0_9_6j.

21 years agomake update
Richard Levitte [Thu, 10 Apr 2003 20:11:28 +0000 (20:11 +0000)]
make update

21 years agoAdd the change from HEAD that allows us to parse multi-line comments.
Richard Levitte [Thu, 10 Apr 2003 20:07:51 +0000 (20:07 +0000)]
Add the change from HEAD that allows us to parse multi-line comments.

21 years agonew NEWS
Richard Levitte [Thu, 10 Apr 2003 19:33:23 +0000 (19:33 +0000)]
new NEWS

21 years agoMake the same changes for svr5 shared library building as in
Richard Levitte [Wed, 9 Apr 2003 06:49:01 +0000 (06:49 +0000)]
Make the same changes for svr5 shared library building as in
0.9.7-stable.

21 years agoSome ld implementations use LD_LIBRARY_PATH to find libraries, and
Richard Levitte [Wed, 9 Apr 2003 06:48:19 +0000 (06:48 +0000)]
Some ld implementations use LD_LIBRARY_PATH to find libraries, and
what's worse, they seem to use LD_LIBRARY_PATH as the first
directories to look into.  This is documented in the manual page for
ld on OpenUNIX 8.  Therefore, we need to hack LD_LIBRARY_PATH to
include the directory where the newly built libcrypto and libssl are.

21 years agoInclude rand.h, so RAND_status() and friends get properly declared.
Richard Levitte [Tue, 8 Apr 2003 11:07:09 +0000 (11:07 +0000)]
Include rand.h, so RAND_status() and friends get properly declared.

21 years agomake RSA blinding thread-safe
Bodo Möller [Wed, 2 Apr 2003 09:50:17 +0000 (09:50 +0000)]
make RSA blinding thread-safe

21 years agoFix the problem with missing definition of THREADS on VMS.
Richard Levitte [Thu, 27 Mar 2003 12:25:12 +0000 (12:25 +0000)]
Fix the problem with missing definition of THREADS on VMS.
Also produce a better configuration header file.
PR: 548

21 years agoPR:make sure RSA blinding works when the PRNG is not properly seeded;
Bodo Möller [Thu, 20 Mar 2003 17:24:54 +0000 (17:24 +0000)]
PR:make sure RSA blinding works when the PRNG is not properly seeded;
enable it automatically only for the built-in engine

21 years agoBlinding fix.
Ben Laurie [Thu, 20 Mar 2003 16:00:18 +0000 (16:00 +0000)]
Blinding fix.

21 years agocountermeasure against new Klima-Pokorny-Rosa atack
Bodo Möller [Wed, 19 Mar 2003 19:20:30 +0000 (19:20 +0000)]
countermeasure against new Klima-Pokorny-Rosa atack

21 years agofix formatting
Bodo Möller [Tue, 18 Mar 2003 12:50:07 +0000 (12:50 +0000)]
fix formatting

21 years agoyear 2003
Bodo Möller [Mon, 24 Feb 2003 17:46:46 +0000 (17:46 +0000)]
year 2003

21 years agoRelease of 0.9.6i is tagged, let's pretend to move on to 0.9.6j.
Richard Levitte [Wed, 19 Feb 2003 12:56:04 +0000 (12:56 +0000)]
Release of 0.9.6i is tagged, let's pretend to move on to 0.9.6j.

21 years agoTime to release 0.9.6i. OpenSSL_0_9_6i
Richard Levitte [Wed, 19 Feb 2003 12:34:21 +0000 (12:34 +0000)]
Time to release 0.9.6i.
The tag will be OpenSSL_0_9_6i.

21 years agoSecurity fix: Vaudenay timing attack on CBC.
Richard Levitte [Wed, 19 Feb 2003 12:04:07 +0000 (12:04 +0000)]
Security fix: Vaudenay timing attack on CBC.
An advisory will be posted to the web.  Expect a release within the hour.

21 years agoMake sure the memory allocation routines check for negative sizes
Richard Levitte [Wed, 19 Feb 2003 11:54:53 +0000 (11:54 +0000)]
Make sure the memory allocation routines check for negative sizes

21 years agoChange no_rmd160 to no_ripemd for consistency.
Richard Levitte [Fri, 14 Feb 2003 05:20:32 +0000 (05:20 +0000)]
Change no_rmd160 to no_ripemd for consistency.
PR: 500

21 years agocomments
Bodo Möller [Wed, 12 Feb 2003 14:17:33 +0000 (14:17 +0000)]
comments

21 years agotypo in WIN16 section
Bodo Möller [Wed, 5 Feb 2003 16:52:37 +0000 (16:52 +0000)]
typo in WIN16 section

Submitted by: Toni Andjelkovic <toni@soth.at>

21 years agotypo
Bodo Möller [Tue, 4 Feb 2003 12:57:51 +0000 (12:57 +0000)]
typo

21 years agoUpdate PRNG entry:
Bodo Möller [Tue, 4 Feb 2003 12:26:30 +0000 (12:26 +0000)]
Update PRNG entry:
- OpenSSL version differences
- Sun /dev/urandom patch information

21 years agoCorrect an example that has a few typos.
Richard Levitte [Tue, 14 Jan 2003 13:56:44 +0000 (13:56 +0000)]
Correct an example that has a few typos.
PR: 458

21 years agofix release date (CHANGES as released with OpenSSL 0.9.6h on
Bodo Möller [Mon, 13 Jan 2003 13:23:08 +0000 (13:23 +0000)]
fix release date (CHANGES as released with OpenSSL 0.9.6h on
2002-12-05 said '[21 Dec 2002]')

21 years agotypo
Bodo Möller [Mon, 13 Jan 2003 13:16:49 +0000 (13:16 +0000)]
typo

21 years agoA function returning int should really return an int, even if it exits
Richard Levitte [Sat, 28 Dec 2002 01:47:11 +0000 (01:47 +0000)]
A function returning int should really return an int, even if it exits
first...

21 years agoMake sure OPENSSL_cleanse is declared properly.
Richard Levitte [Sat, 28 Dec 2002 01:46:21 +0000 (01:46 +0000)]
Make sure OPENSSL_cleanse is declared properly.

21 years agoMerge from HEAD...
Richard Levitte [Sat, 21 Dec 2002 23:54:23 +0000 (23:54 +0000)]
Merge from HEAD...

21 years agoSkip DH-specific tests when no-dh has been configured.
Richard Levitte [Thu, 12 Dec 2002 18:43:29 +0000 (18:43 +0000)]
Skip DH-specific tests when no-dh has been configured.
PR: 353

21 years agoIn CRYPTO_lock(), check that the application cares about locking (provided
Richard Levitte [Wed, 11 Dec 2002 08:56:38 +0000 (08:56 +0000)]
In CRYPTO_lock(), check that the application cares about locking (provided
callbacks) before attempting to lock.

21 years agosk_*_push() returns the number of items on the stack, not the index of the
Richard Levitte [Wed, 11 Dec 2002 08:33:34 +0000 (08:33 +0000)]
sk_*_push() returns the number of items on the stack, not the index of the
pushed item.  The index is the number of items - 1.  And if a NULL item was
found, actually use it.
Finally, provide a little bit of safety in CRYPTO_lock() by asserting the a
requested dynamic lock really must exist, instead of just being silent about it

21 years agoA memset() too many got converted into a OPENSSL_cleanse().
Richard Levitte [Tue, 10 Dec 2002 08:28:16 +0000 (08:28 +0000)]
A memset() too many got converted into a OPENSSL_cleanse().
PR: 393

21 years agoFix wrong URI.
Lutz Jänicke [Mon, 9 Dec 2002 08:49:03 +0000 (08:49 +0000)]
Fix wrong URI.
Submitted by: assar@kth.se
Reviewed by:
PR: 390

21 years agoUpdate version to 0.9.6i, even if that's never going to be released.
Richard Levitte [Thu, 5 Dec 2002 22:53:30 +0000 (22:53 +0000)]
Update version to 0.9.6i, even if that's never going to be released.

21 years agoSmall fault corrected OpenSSL_0_9_6h
Richard Levitte [Thu, 5 Dec 2002 22:44:12 +0000 (22:44 +0000)]
Small fault corrected

21 years agomake update
Richard Levitte [Thu, 5 Dec 2002 21:51:02 +0000 (21:51 +0000)]
make update

21 years agoTime to release OpenSSL 0.9.6h.
Richard Levitte [Thu, 5 Dec 2002 21:40:48 +0000 (21:40 +0000)]
Time to release OpenSSL 0.9.6h.
The tag will be OpenSSL_0_9_6h.

21 years agoMake sure using SSL_CERT_FILE actually works, and has priority over system defaults.
Richard Levitte [Thu, 5 Dec 2002 01:20:53 +0000 (01:20 +0000)]
Make sure using SSL_CERT_FILE actually works, and has priority over system defaults.
PR: 376

21 years agoFixes for VxWorks. Are these needed for 0.9.7 and up as well?
Richard Levitte [Wed, 4 Dec 2002 23:13:07 +0000 (23:13 +0000)]
Fixes for VxWorks.  Are these needed for 0.9.7 and up as well?
PR: 374

21 years agoInclude crypto.h to pull in definition of OPENSSL_cleanse in various
Dr. Stephen Henson [Wed, 4 Dec 2002 23:08:08 +0000 (23:08 +0000)]
Include crypto.h to pull in definition of OPENSSL_cleanse in various
places.

21 years agoMissing ")"
Lutz Jänicke [Wed, 4 Dec 2002 13:30:16 +0000 (13:30 +0000)]
Missing ")"
Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com>
Reviewed by:
PR:

21 years agoA gcc 3.0 bug is triggered by our code. Add a section about it in PROBLEMS.
Richard Levitte [Wed, 4 Dec 2002 08:24:23 +0000 (08:24 +0000)]
A gcc 3.0 bug is triggered by our code.  Add a section about it in PROBLEMS.
PR: 375

21 years agoEXIT() may mean return(). That's confusing, so let's have it really mean
Richard Levitte [Tue, 3 Dec 2002 16:51:51 +0000 (16:51 +0000)]
EXIT() may mean return().  That's confusing, so let's have it really mean
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)

21 years agoMake CRYPTO_cleanse() independent of endianness.
Richard Levitte [Tue, 3 Dec 2002 16:06:52 +0000 (16:06 +0000)]
Make CRYPTO_cleanse() independent of endianness.

22 years agoEXIT() needs to be in a function that returns int.
Richard Levitte [Sun, 1 Dec 2002 01:23:13 +0000 (01:23 +0000)]
EXIT() needs to be in a function that returns int.

22 years agoCorrect some names.
Richard Levitte [Fri, 29 Nov 2002 14:21:58 +0000 (14:21 +0000)]
Correct some names.

22 years agoA few more memset()s converted to OPENSSL_cleanse().
Richard Levitte [Fri, 29 Nov 2002 11:31:18 +0000 (11:31 +0000)]
A few more memset()s converted to OPENSSL_cleanse().
I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343