Dr. Stephen Henson [Wed, 14 Aug 2002 00:36:44 +0000 (00:36 +0000)]
Fix typo in OBJ_txt2obj which incorrectly passed the content
length, instead of the encoding length to d2i_ASN1_OBJECT.
This wasn't visible before becuse ASN1_get_object() used
to read past the length of the supplied buffer.
Richard Levitte [Fri, 9 Aug 2002 12:08:23 +0000 (12:08 +0000)]
Time to go on...
Richard Levitte [Fri, 9 Aug 2002 11:37:15 +0000 (11:37 +0000)]
Time to release 0.9.6g.
The tag will be OpenSSL_0_9_6g.
Richard Levitte [Fri, 9 Aug 2002 08:49:53 +0000 (08:49 +0000)]
When we want to give a -f argument to $(MAKE), we'd better make sure the
variable doesn't already contain a -f argument.
PR: 203, part 4
Bodo Möller [Fri, 9 Aug 2002 08:13:13 +0000 (08:13 +0000)]
entry for change in 'engine' branch
Richard Levitte [Fri, 9 Aug 2002 07:39:57 +0000 (07:39 +0000)]
Since we moved the pod2man check to be outside the loop, the path to it is different.
PR: 203, part 3
Richard Levitte [Fri, 9 Aug 2002 07:37:28 +0000 (07:37 +0000)]
Remove an extra @, since that line is now a continuation of the previous one.
PR: 203, part 2
Richard Levitte [Fri, 9 Aug 2002 07:32:38 +0000 (07:32 +0000)]
Parse version numbers prefixed with text (egcs does that, even with
-dumpversion).
PR: 203, part 1
Richard Levitte [Thu, 8 Aug 2002 21:23:51 +0000 (21:23 +0000)]
Tagging has been done, update to next development version.
Richard Levitte [Thu, 8 Aug 2002 20:51:52 +0000 (20:51 +0000)]
Time to release version 0.9.6f.
The tag will be OpenSSL_0_9_6f.
Richard Levitte [Thu, 8 Aug 2002 20:41:20 +0000 (20:41 +0000)]
make update
Dr. Stephen Henson [Fri, 2 Aug 2002 19:00:21 +0000 (19:00 +0000)]
Fix typo
Dr. Stephen Henson [Fri, 2 Aug 2002 18:41:08 +0000 (18:41 +0000)]
Fix the ASN1 sanity check: correct header length
calculation and check overflow against LONG_MAX.
Richard Levitte [Fri, 2 Aug 2002 11:14:06 +0000 (11:14 +0000)]
Certain flag macros were tested with #if instead if #ifdef...
Bodo Möller [Fri, 2 Aug 2002 10:51:59 +0000 (10:51 +0000)]
get rid of OpenSSLDie
Richard Levitte [Thu, 1 Aug 2002 21:53:24 +0000 (21:53 +0000)]
We don't need to find out which pod2man to use more than once
Richard Levitte [Thu, 1 Aug 2002 21:34:56 +0000 (21:34 +0000)]
Don't try testing with parallell make, that will just fail.
PR: 175
Richard Levitte [Thu, 1 Aug 2002 13:50:41 +0000 (13:50 +0000)]
Linux on s390 really knows about loading dynamically.
PR: 183
Richard Levitte [Thu, 1 Aug 2002 10:17:05 +0000 (10:17 +0000)]
Make sure it's possible to check GCCVER even if it wasn't set.
PR: 179
Richard Levitte [Thu, 1 Aug 2002 10:08:53 +0000 (10:08 +0000)]
If CRYPTO_realloc() is called with a NULL pointer, have it call
OPENSSL_malloc().
PR: 187
Richard Levitte [Wed, 31 Jul 2002 13:49:22 +0000 (13:49 +0000)]
Make sure to use $(MAKE) everywhere instead of make.
Part of PR 181
Richard Levitte [Wed, 31 Jul 2002 13:38:50 +0000 (13:38 +0000)]
ln -f -s doesn't always work, so do a rm -f followed by a ln -s.
Part of PR 181
Lutz Jänicke [Tue, 30 Jul 2002 10:52:36 +0000 (10:52 +0000)]
Next version of 0.9.6 would be 0.9.6f.
Submitted by:
Reviewed by:
PR:
Lutz Jänicke [Tue, 30 Jul 2002 10:34:35 +0000 (10:34 +0000)]
Release 0.9.6e.
Submitted by:
Reviewed by:
PR:
Lutz Jänicke [Tue, 30 Jul 2002 10:19:01 +0000 (10:19 +0000)]
OpenSSL Security Advisory [30 July 2002]
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Submitted by:
Reviewed by:
PR:
Lutz Jänicke [Tue, 30 Jul 2002 09:32:45 +0000 (09:32 +0000)]
"make update"
Submitted by:
Reviewed by:
PR:
Bodo Möller [Mon, 29 Jul 2002 12:34:47 +0000 (12:34 +0000)]
mention SSL_do_handshake()
Bodo Möller [Thu, 25 Jul 2002 11:17:01 +0000 (11:17 +0000)]
typo etc.
Bodo Möller [Thu, 25 Jul 2002 11:16:05 +0000 (11:16 +0000)]
more detailed instructions for export from US
Bodo Möller [Thu, 25 Jul 2002 11:01:22 +0000 (11:01 +0000)]
BIS URL really spells 'Notify' as 'Nofify'
Bodo Möller [Thu, 25 Jul 2002 11:00:19 +0000 (11:00 +0000)]
bxa => bis
Richard Levitte [Wed, 24 Jul 2002 14:42:05 +0000 (14:42 +0000)]
Don't clobber loop variable.
PR: 159
Lutz Jänicke [Fri, 19 Jul 2002 16:33:26 +0000 (16:33 +0000)]
HP-UX shared libraries must be +x and should be -w. It doesn't hurt on
other platforms.
Submitted by:
Reviewed by:
PR: 134
Bodo Möller [Fri, 19 Jul 2002 12:37:30 +0000 (12:37 +0000)]
'SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION' does not belong here,
it's 0.9.7 only
Bodo Möller [Fri, 19 Jul 2002 12:33:41 +0000 (12:33 +0000)]
update
Lutz Jänicke [Fri, 19 Jul 2002 11:54:37 +0000 (11:54 +0000)]
The behaviour is undefined when calling SSL_write() with num=0.
Submitted by:
Reviewed by:
PR: 141
Lutz Jänicke [Fri, 19 Jul 2002 11:07:53 +0000 (11:07 +0000)]
Manual page for SSL_do_handshake().
Submitted by: Martin Sjögren <martin@strakt.com>
PR: 137
cvs2svn [Fri, 19 Jul 2002 11:05:52 +0000 (11:05 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.
Lutz Jänicke [Fri, 19 Jul 2002 11:05:50 +0000 (11:05 +0000)]
Manual page for SSL_do_handshake().
Submitted by: Martin Sjögren <martin@strakt.com>
PR: 137
Geoff Thorpe [Thu, 18 Jul 2002 22:24:25 +0000 (22:24 +0000)]
this is a non-ENGINE version of the clarifications made to the other CVS
branches.
PR: 86
Geoff Thorpe [Thu, 18 Jul 2002 20:59:22 +0000 (20:59 +0000)]
This documentation change was being written at the same time as Richard's
changes. So I'm committing this version to overwrite his changes for now,
and he can always take his turn to overwrite my words if he wants :-)
PR: 86
Richard Levitte [Thu, 18 Jul 2002 19:10:57 +0000 (19:10 +0000)]
Explain why RSA_check_key() doesn't work with hard keys.
PR: 86
Richard Levitte [Thu, 18 Jul 2002 18:54:46 +0000 (18:54 +0000)]
Add history for documented new functions.
PR: 59
Richard Levitte [Thu, 18 Jul 2002 17:59:27 +0000 (17:59 +0000)]
Allow subjects with more than 255 characters to be properly printed.
PR: 147
Richard Levitte [Thu, 18 Jul 2002 17:59:21 +0000 (17:59 +0000)]
Allow subjects with more than 255 characters to be properly printed.
PR: 147
Richard Levitte [Thu, 18 Jul 2002 12:37:59 +0000 (12:37 +0000)]
Further enhance assembler support on Cygwin and DJGPP.
Make pod2mantest useable on DOS-based systems.
Part of PR 75, the rest is still under investigation.
Bodo Möller [Thu, 18 Jul 2002 11:23:50 +0000 (11:23 +0000)]
Fix bug introduced with revision 1.95 when this filed was modified to
use the new X509_CRL_set_issuer_name() function:
The CRL issuer should be X509_get_subject_name(x509), not
X509_get_issuer_name(x509).
Submitted by: Juergen Lesny <lesnyj@informatik.tu-muenchen.de>
typo
Bodo Möller [Thu, 18 Jul 2002 11:15:52 +0000 (11:15 +0000)]
typo
Richard Levitte [Thu, 18 Jul 2002 10:39:34 +0000 (10:39 +0000)]
Reverse the change with the following log, it needs further investigation:
Make S/MIME output conform with the mail and MIME standards.
PR: 151
Richard Levitte [Thu, 18 Jul 2002 10:39:20 +0000 (10:39 +0000)]
Reverse the change with the following log, it needs further investigation:
Make S/MIME output conform with the mail and MIME standards.
PR: 151
Richard Levitte [Thu, 18 Jul 2002 08:47:47 +0000 (08:47 +0000)]
Make S/MIME output conform with the mail and MIME standards.
PR: 151
Richard Levitte [Thu, 18 Jul 2002 08:47:33 +0000 (08:47 +0000)]
Make S/MIME output conform with the mail and MIME standards.
PR: 151
Richard Levitte [Thu, 18 Jul 2002 07:47:30 +0000 (07:47 +0000)]
Unixware doesn't have strings.h, so we need to declare strcasecmp()
differently.
Unixware 2 needs to link with libresolv.
PR: 148
Richard Levitte [Thu, 18 Jul 2002 06:34:34 +0000 (06:34 +0000)]
OPENSSL_SYS_WIN32 is important so util/mkdef.pl can detect it
Richard Levitte [Wed, 17 Jul 2002 13:33:06 +0000 (13:33 +0000)]
Make mkdir failsafe in case the directories are already present
Richard Levitte [Wed, 17 Jul 2002 13:33:02 +0000 (13:33 +0000)]
Make mkdir failsafe in case the directories are already present
Richard Levitte [Wed, 17 Jul 2002 13:27:43 +0000 (13:27 +0000)]
Add support for shared libraries with OS/2.
PR: 124
Richard Levitte [Wed, 17 Jul 2002 11:29:26 +0000 (11:29 +0000)]
Add a few FAQ entries for the various ways building OpenSSL on MacOS X
can fail, and point at the text in the PROBLEMS file
Richard Levitte [Wed, 17 Jul 2002 11:29:15 +0000 (11:29 +0000)]
Add a few FAQ entries for the various ways building OpenSSL on MacOS X
can fail, and point at the text in the PROBLEMS file
Richard Levitte [Wed, 17 Jul 2002 11:16:22 +0000 (11:16 +0000)]
If OpenSSL is built with shared library support on MacOS X,
everything works fine. Note: this is only true for 0.9.7 and on
Richard Levitte [Wed, 17 Jul 2002 11:09:44 +0000 (11:09 +0000)]
On MacOS X, the shared library editor uses DYLD_LIBRARY_PATH
Richard Levitte [Wed, 17 Jul 2002 08:20:40 +0000 (08:20 +0000)]
On MacOS X, you're not allowed to have common objects in shared libraries
Richard Levitte [Wed, 17 Jul 2002 08:20:27 +0000 (08:20 +0000)]
On MacOS X, you're not allowed to have common objects in shared libraries
Richard Levitte [Wed, 17 Jul 2002 07:48:44 +0000 (07:48 +0000)]
Add the usually recommended solution to the linking problem entry for MacOS X
Richard Levitte [Wed, 17 Jul 2002 07:48:39 +0000 (07:48 +0000)]
Add the usually recommended solution to the linking problem entry for MacOS X
Richard Levitte [Tue, 16 Jul 2002 11:07:42 +0000 (11:07 +0000)]
We had some experimental options in the Darwin entries. They are no longer needed
Richard Levitte [Tue, 16 Jul 2002 10:46:04 +0000 (10:46 +0000)]
The default C compiler on MacOS X doesn't like empty object files
Richard Levitte [Tue, 16 Jul 2002 10:46:00 +0000 (10:46 +0000)]
The default C compiler on MacOS X doesn't like empty object files
Richard Levitte [Tue, 16 Jul 2002 10:39:37 +0000 (10:39 +0000)]
Add the new PROBLEMS section from HEAD
cvs2svn [Tue, 16 Jul 2002 10:20:07 +0000 (10:20 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.
Richard Levitte [Tue, 16 Jul 2002 10:20:06 +0000 (10:20 +0000)]
Actually, the "bug" is really documented in the man-page for ld, so
it's really a misfeature according to the jargon file (4.0.0)
definition:
":misfeature: /mis-fee'chr/ or /mis'fee`chr/ /n./ A feature
that eventually causes lossage, possibly because it is not adequate
for a new situation that has evolved. Since it results from a
deliberate and properly implemented feature, a misfeature is not a
bug."
Richard Levitte [Tue, 16 Jul 2002 10:04:40 +0000 (10:04 +0000)]
There are problems on certain platforms, and possible answers on how to (temporarly) solve them.
Richard Levitte [Tue, 16 Jul 2002 09:19:37 +0000 (09:19 +0000)]
For those wanting to build for several platforms with the same source
directory, making a separate directory tree with lots of symbolic links
seems to be the solution. Unfortunately, Configure doesn't take appropriate
steps to support this solution (as in removing a file that's going to be
rewritten). This change corrects that situation. Now I just have to
find all other places where there's lack of support for this.
Richard Levitte [Tue, 16 Jul 2002 08:53:32 +0000 (08:53 +0000)]
For those wanting to build for several platforms with the same source
directory, making a separate directory tree with lots of symbolic links
seems to be the solution. Unfortunatelt, Configure doesn't take appropriate
steps to support this solution (as in removing a file that's going to be
rewritten). This change corrects that situation. Now I just have to
find all other places where there's lack of support for this.
Richard Levitte [Tue, 16 Jul 2002 08:02:31 +0000 (08:02 +0000)]
Some older code (never committed) wasn't converted to the new format.
Corrected.
Richard Levitte [Tue, 16 Jul 2002 07:06:48 +0000 (07:06 +0000)]
Let's not forget the second -Wtraditional
Richard Levitte [Tue, 16 Jul 2002 06:53:45 +0000 (06:53 +0000)]
Using -Wtraditional took it a little far. After all, we expect ANSI C, so
we don't need to care about traditional compilers
Richard Levitte [Tue, 16 Jul 2002 06:52:03 +0000 (06:52 +0000)]
Set up the engine before doing anything random-related, since engine randomness
is only used for seeding and doing it in the wrong order will mean seeding
is done before the engine randomness is hooked in.
Notified by Frederic DONNAT <frederic.donnat@zencod.com>
Richard Levitte [Mon, 15 Jul 2002 15:35:40 +0000 (15:35 +0000)]
There's an ongoing project to bring some kind of path selection
mechanism to the ENGINE framework. This means there there are going
to be new functionality for the DSO part, and ultimately some way of
merging two file specifications together.
This commit places the merging code into the repository. It's
currently not used anywhere, and hasn't been tested at all. It may be
full of errors, including syntactical ones. Those will be fixed as
promptly as possible.
Bodo Möller [Sun, 14 Jul 2002 16:54:31 +0000 (16:54 +0000)]
Replace 'ecdsaparam' commandline utility by 'ecparam'
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.
Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.
Fix ec_asn1.c (take into account the desired conversion form).
'make update'.
Submitted by: Nils Larsch
Lutz Jänicke [Fri, 12 Jul 2002 15:27:35 +0000 (15:27 +0000)]
Rewording: some algorithms are also patented in Europe, so choose more
defensive phrases...
Lutz Jänicke [Fri, 12 Jul 2002 15:26:37 +0000 (15:26 +0000)]
Rewording: some algorithms are also patented in Europe, so choose more
defensive phrases...
Richard Levitte [Thu, 11 Jul 2002 09:12:29 +0000 (09:12 +0000)]
In UI_UTIL_read_pw(), we should look at the size parameter, not at BUFSIZ.
Submitted by Götz Babin-Ebell <babinebell@trustcenter.de>
Lutz Jänicke [Wed, 10 Jul 2002 19:49:47 +0000 (19:49 +0000)]
Discussion about Redhat's specialties for the FAQ.
Submitted by: John.Airey@rnib.org.uk
Reviewed by:
PR: 128
Lutz Jänicke [Wed, 10 Jul 2002 19:48:51 +0000 (19:48 +0000)]
Discussion about Redhat's specialties for the FAQ.
Submitted by: John.Airey@rnib.org.uk
Reviewed by:
PR: 128
Lutz Jänicke [Wed, 10 Jul 2002 19:37:08 +0000 (19:37 +0000)]
Typos in links between manual pages
Submitted by: Richard.Koenning@fujitsu-siemens.com
Reviewed by:
PR: 129
Lutz Jänicke [Wed, 10 Jul 2002 19:35:54 +0000 (19:35 +0000)]
Typos in links between manual pages
Submitted by: Richard.Koenning@fujitsu-siemens.com
Reviewed by:
PR: 129
Lutz Jänicke [Wed, 10 Jul 2002 17:53:04 +0000 (17:53 +0000)]
Sun's official statement with respect to /dev/random support.
Submitted by: Garrett Anderson garrett@dirsec.com
Reviewed by:
PR: 120
Lutz Jänicke [Wed, 10 Jul 2002 17:52:03 +0000 (17:52 +0000)]
Sun's official statement with respect to /dev/random support.
Submitted by: Garrett Anderson garrett@dirsec.com
Reviewed by:
PR: 120
Lutz Jänicke [Wed, 10 Jul 2002 17:35:18 +0000 (17:35 +0000)]
Minor typos
Submitted by: jufi@nerdnet.de
Reviewed by:
PR: 138
Lutz Jänicke [Wed, 10 Jul 2002 17:34:54 +0000 (17:34 +0000)]
Minor typos
Submitted by: jufi@nerdnet.de
Reviewed by:
PR: 138
Bodo Möller [Wed, 10 Jul 2002 08:39:05 +0000 (08:39 +0000)]
remove obsolete comment
Lutz Jänicke [Wed, 10 Jul 2002 07:01:54 +0000 (07:01 +0000)]
Reorder inclusion of header files:
des_old.h redefines crypt:
#define crypt(b,s)\
DES_crypt((b),(s))
This scheme leads to failure, if header files with the OS's true definition
of crypt() are processed _after_ des_old.h was processed. This is e.g. the
case on HP-UX with unistd.h.
As evp.h now again includes des.h (which includes des_old.h), this problem
only came up after this modification.
Solution: move header files (indirectly) including e_os.h before the header
files (indirectly) including evp.h.
Submitted by:
Reviewed by:
PR:
Lutz Jänicke [Wed, 10 Jul 2002 06:41:55 +0000 (06:41 +0000)]
Ciphers with NULL encryption were not properly handled because they were
not covered by the strength bit mask.
Submitted by:
Reviewed by:
PR: 130
Lutz Jänicke [Wed, 10 Jul 2002 06:41:29 +0000 (06:41 +0000)]
Ciphers with NULL encryption were not properly handled because they were
not covered by the strength bit mask.
Submitted by:
Reviewed by:
PR: 130
Bodo Möller [Tue, 9 Jul 2002 10:51:57 +0000 (10:51 +0000)]
fix synopsis
Submitted by: Nils Larsch
Bodo Möller [Tue, 9 Jul 2002 10:51:25 +0000 (10:51 +0000)]
fix synopsis
Submitted by: Nils Larsch
Bodo Möller [Tue, 9 Jul 2002 08:49:09 +0000 (08:49 +0000)]
emtpy fragments are not necessary for SSL_eNULL
(but noone uses it anyway)
fix t1_enc.c: use OPENSSL_NO_RC4, not NO_RC4
Bodo Möller [Tue, 9 Jul 2002 08:48:03 +0000 (08:48 +0000)]
emtpy fragments are not necessary for SSL_eNULL
(but noone uses it anyway)
Geoff Thorpe [Mon, 8 Jul 2002 15:16:10 +0000 (15:16 +0000)]
oops, there were other cases of "ENGINE_ID" to change too.