Richard Levitte [Sun, 17 Apr 2005 09:07:37 +0000 (09:07 +0000)]
Synchronise with ec/Makefile.
Andy Polyakov [Sat, 16 Apr 2005 15:23:21 +0000 (15:23 +0000)]
Mitigate cache-timing attack in CBC mode. This is done by implementing
compressed tables (2x compression factor) and by pre-fetching them into
processor cache prior every CBC en-/decryption pass. One can argue why
just CBC? Well, it's commonly used mode in real-life applications and
API allows us to amortize the prefetch costs for larger data chunks...
Nils Larsch [Fri, 15 Apr 2005 18:29:33 +0000 (18:29 +0000)]
const fixes
Nils Larsch [Fri, 15 Apr 2005 16:01:35 +0000 (16:01 +0000)]
EVP_CIPHER_CTX_init is a void function + fix typo
PR: 1044 + 1045
Dr. Stephen Henson [Thu, 14 Apr 2005 22:58:44 +0000 (22:58 +0000)]
Check return values of <Digest>_Init functions in low level digest calls.
Andy Polyakov [Thu, 14 Apr 2005 07:47:10 +0000 (07:47 +0000)]
Prototype mnemonics in padlock_verify_context for better portability
[read support for Solaris assembler].
Andy Polyakov [Thu, 14 Apr 2005 07:41:29 +0000 (07:41 +0000)]
Fix for bug emerged in openvpn conext.
Andy Polyakov [Wed, 13 Apr 2005 23:54:28 +0000 (23:54 +0000)]
Final touch to mingw shared.
Andy Polyakov [Wed, 13 Apr 2005 21:46:30 +0000 (21:46 +0000)]
More cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...
Andy Polyakov [Wed, 13 Apr 2005 21:10:07 +0000 (21:10 +0000)]
Addenum to cvs.openssl.org/chngview?cn=13054.
Andy Polyakov [Wed, 13 Apr 2005 21:08:39 +0000 (21:08 +0000)]
Final(?) touches to mingw shared support.
Andy Polyakov [Wed, 13 Apr 2005 20:51:42 +0000 (20:51 +0000)]
Zap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL.
Nils Larsch [Wed, 13 Apr 2005 19:09:43 +0000 (19:09 +0000)]
Makefile.ssl -> Makefile
Andy Polyakov [Wed, 13 Apr 2005 15:41:11 +0000 (15:41 +0000)]
Fix typos.
Andy Polyakov [Wed, 13 Apr 2005 08:46:35 +0000 (08:46 +0000)]
Introduce OPENSSL_NONPIC_relocated to denote relocated DLLs.
Andy Polyakov [Wed, 13 Apr 2005 07:22:41 +0000 (07:22 +0000)]
Parameterize do_solaris rules in Makefile.shared.
Andy Polyakov [Wed, 13 Apr 2005 06:55:42 +0000 (06:55 +0000)]
Minor cryptlib.c update: compiler warnings in OPENSSL_showfatal and
OPENSSL_stderr stub.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:38:00 +0000 (16:38 +0000)]
Update FAQ.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:36:36 +0000 (16:36 +0000)]
More overwritten stuff...
Dr. Stephen Henson [Tue, 12 Apr 2005 16:17:53 +0000 (16:17 +0000)]
Replace overwritten lines before error codes.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:15:22 +0000 (16:15 +0000)]
Rebuild error codes.
Dr. Stephen Henson [Tue, 12 Apr 2005 13:31:14 +0000 (13:31 +0000)]
Include error library value in C error source files instead of fixing up
at runtime.
Nils Larsch [Mon, 11 Apr 2005 20:59:58 +0000 (20:59 +0000)]
include limits.h for UINT_MAX etc.
Richard Levitte [Mon, 11 Apr 2005 15:05:45 +0000 (15:05 +0000)]
Add a NEWS item for 0.9.7g.
Richard Levitte [Mon, 11 Apr 2005 14:17:07 +0000 (14:17 +0000)]
Add emacs cache files to .cvsignore.
Dr. Stephen Henson [Sun, 10 Apr 2005 23:41:09 +0000 (23:41 +0000)]
Move allow_proxy_certs declaration to start of function.
Dr. Stephen Henson [Sat, 9 Apr 2005 23:55:55 +0000 (23:55 +0000)]
Make kerberos ciphersuite code work with newer header files
Richard Levitte [Sat, 9 Apr 2005 16:07:12 +0000 (16:07 +0000)]
Added restrictions on the use of proxy certificates, as they may pose
a security threat on unexpecting applications. Document and test.
Nils Larsch [Fri, 8 Apr 2005 22:52:42 +0000 (22:52 +0000)]
add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()
and SSL_use_PrivateKey_file()
PR: 1035
Submitted by: Walter Goulet
Reviewed by: Nils Larsch
Nils Larsch [Fri, 8 Apr 2005 22:49:57 +0000 (22:49 +0000)]
improve docu of SSL_CTX_use_PrivateKey()
Nils Larsch [Thu, 7 Apr 2005 23:19:17 +0000 (23:19 +0000)]
get rid of very buggy and very imcomplete DH cert support
Reviewed by: Bodo Moeller
Nils Larsch [Thu, 7 Apr 2005 22:53:35 +0000 (22:53 +0000)]
make sure error queue is totally emptied
PR: 359
Nils Larsch [Thu, 7 Apr 2005 22:48:33 +0000 (22:48 +0000)]
const fixes
Andy Polyakov [Thu, 7 Apr 2005 20:24:29 +0000 (20:24 +0000)]
Recognize MSYS/MINGW environment.
Andy Polyakov [Thu, 7 Apr 2005 18:39:45 +0000 (18:39 +0000)]
Implement OPENSSL_showfatal and make it Win32 GUI and service aware
[meaning that it will detect in which context application is running
and either write message to stderr, post a dialog or log an event].
Andy Polyakov [Thu, 7 Apr 2005 15:51:55 +0000 (15:51 +0000)]
Harmonize cygwin/mingw and VC targets.
Andy Polyakov [Wed, 6 Apr 2005 09:45:42 +0000 (09:45 +0000)]
+45% RC4 performance boost on Intel EM64T core. Unrolled loop providing
further +35% will follow...
Submitted by: Zou Nanhai
Nils Larsch [Tue, 5 Apr 2005 19:11:19 +0000 (19:11 +0000)]
some const fixes
Nils Larsch [Tue, 5 Apr 2005 18:17:13 +0000 (18:17 +0000)]
update progs.pl to reflect changes in progs.h
Nils Larsch [Tue, 5 Apr 2005 11:17:03 +0000 (11:17 +0000)]
fix example in docu
PR: 800
Nils Larsch [Tue, 5 Apr 2005 10:29:43 +0000 (10:29 +0000)]
some const fixes and cleanup
Nils Larsch [Mon, 4 Apr 2005 18:15:59 +0000 (18:15 +0000)]
remove unused recp method
Andy Polyakov [Mon, 4 Apr 2005 17:10:53 +0000 (17:10 +0000)]
Extend Solaris x86 support to amd64.
Andy Polyakov [Mon, 4 Apr 2005 17:07:16 +0000 (17:07 +0000)]
Solaris x86 linker erroneously pads .init segment with zeros instead of
nops, which causes SEGV at startup. So I don't align anymore.
Andy Polyakov [Mon, 4 Apr 2005 17:05:06 +0000 (17:05 +0000)]
Some non-GNU compilers (such as Sun C) define __i386.
Bodo Möller [Sun, 3 Apr 2005 23:53:48 +0000 (23:53 +0000)]
HISTORY section: point out change of default digest
Andy Polyakov [Sun, 3 Apr 2005 18:53:29 +0000 (18:53 +0000)]
Make bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially
introduced for a reason [like bug in initial gcc port], but proposed
=&r is treated correctly by senior 3.2, so we can assume it's safe now.
PR: 1031
Ben Laurie [Sun, 3 Apr 2005 16:38:22 +0000 (16:38 +0000)]
If input is bad, we still need to clear the buffer.
Nils Larsch [Sat, 2 Apr 2005 09:29:15 +0000 (09:29 +0000)]
use SHA-1 as the default digest for the apps/openssl commands
Dr. Stephen Henson [Fri, 1 Apr 2005 21:56:15 +0000 (21:56 +0000)]
Typo
Nils Larsch [Fri, 1 Apr 2005 17:50:09 +0000 (17:50 +0000)]
really clear the error queue here
PR: 860
Nils Larsch [Fri, 1 Apr 2005 17:35:32 +0000 (17:35 +0000)]
use SSL3_VERSION_MAJOR instead of SSL3_VERSION etc.
PR: 658
Ben Laurie [Thu, 31 Mar 2005 13:57:54 +0000 (13:57 +0000)]
Consistency.
Richard Levitte [Thu, 31 Mar 2005 11:51:47 +0000 (11:51 +0000)]
Add a file with fingerprints that have recently been used to sign
OpenSSL distributions, or are about to. This has been requested a
little now and then by users, for years :-/...
Ben Laurie [Thu, 31 Mar 2005 10:55:55 +0000 (10:55 +0000)]
Simplicate and add lightness.
Ben Laurie [Thu, 31 Mar 2005 10:34:59 +0000 (10:34 +0000)]
Get rid of irritating noise.
Ben Laurie [Thu, 31 Mar 2005 09:26:39 +0000 (09:26 +0000)]
Give everything prototypes (well, everything that's actually used).
Nils Larsch [Wed, 30 Mar 2005 21:38:29 +0000 (21:38 +0000)]
fix header
Nils Larsch [Wed, 30 Mar 2005 21:37:05 +0000 (21:37 +0000)]
Makefile.ssl doesn't exist anymore
Ben Laurie [Wed, 30 Mar 2005 14:44:50 +0000 (14:44 +0000)]
Take account of Makefile.ssl removal.
Ben Laurie [Wed, 30 Mar 2005 14:19:21 +0000 (14:19 +0000)]
Make tags target useful.
Ben Laurie [Wed, 30 Mar 2005 14:15:14 +0000 (14:15 +0000)]
Don't debug.
Ben Laurie [Wed, 30 Mar 2005 13:05:57 +0000 (13:05 +0000)]
Blow away Makefile.ssl.
Nils Larsch [Wed, 30 Mar 2005 11:50:14 +0000 (11:50 +0000)]
update docs (recent constification)
Ben Laurie [Wed, 30 Mar 2005 10:26:02 +0000 (10:26 +0000)]
Constification.
Nils Larsch [Tue, 29 Mar 2005 17:50:08 +0000 (17:50 +0000)]
the second argument of EVP_SealInit is const
Nils Larsch [Mon, 28 Mar 2005 15:06:29 +0000 (15:06 +0000)]
when building with OPENSSL_NO_DEPRECATED defined BN_zero is a macro
which cannot be evaluated in an if statement
Bodo Möller [Thu, 24 Mar 2005 01:37:07 +0000 (01:37 +0000)]
Harmonize with CHANGES as distributed in OpenSSL 0.9.7f.
Ulf Möller [Thu, 24 Mar 2005 00:14:59 +0000 (00:14 +0000)]
undo Cygwin change
Richard Levitte [Wed, 23 Mar 2005 21:14:59 +0000 (21:14 +0000)]
Change the memory leak FAQ entry to describe the levels of thread safety in each function
Dr. Stephen Henson [Tue, 22 Mar 2005 20:10:38 +0000 (20:10 +0000)]
Update FAQ
Dr. Stephen Henson [Tue, 22 Mar 2005 17:55:33 +0000 (17:55 +0000)]
Doc fixes.
Nils Larsch [Tue, 22 Mar 2005 17:55:18 +0000 (17:55 +0000)]
test, remove unnecessary const cast
Dr. Stephen Henson [Tue, 22 Mar 2005 14:11:06 +0000 (14:11 +0000)]
Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server and
client random values.
Richard Levitte [Mon, 21 Mar 2005 13:52:12 +0000 (13:52 +0000)]
There are cases when there are no files left to verify. Make sure to
handle that properly.
Nils Larsch [Sun, 20 Mar 2005 23:12:13 +0000 (23:12 +0000)]
add new curves to the loop (with some cleanup from me)
Submitted by: Jean-Luc Duval
Reviewed by: Nils Larsch
Nils Larsch [Sun, 20 Mar 2005 22:56:07 +0000 (22:56 +0000)]
some const fixes
Ulf Möller [Sat, 19 Mar 2005 11:39:17 +0000 (11:39 +0000)]
Use Windows randomness code on Cygwin
Ulf Möller [Sat, 19 Mar 2005 11:13:30 +0000 (11:13 +0000)]
fix breakage for Perl versions that do boolean operations on long words
Ulf Möller [Sat, 19 Mar 2005 10:19:45 +0000 (10:19 +0000)]
typo
Richard Levitte [Mon, 14 Mar 2005 15:39:25 +0000 (15:39 +0000)]
Added HOWTO about proxy certificates.
Bodo Möller [Sun, 13 Mar 2005 19:49:47 +0000 (19:49 +0000)]
"make depend". This takes into account the algorithms that are now
disabled by default (MDC2 and RC5), which until now were skipped
by "make links" and yet supposedly required by some of the Makefiles,
meaning that the recent snapshots failed to compile.
Problem reported by Nils Larsch.
Bodo Möller [Sun, 13 Mar 2005 19:46:58 +0000 (19:46 +0000)]
It seems that Configure revision 1.404 broke "make depend" by hiding
from it which algorithms were disabled. With these new changes,
"make depend" will properly take into account algorithms that are skipped.
Andy Polyakov [Sat, 12 Mar 2005 11:28:41 +0000 (11:28 +0000)]
Cygwin to use DSO_FLFCN and mingw to use DSO_WIN32.
Andy Polyakov [Sat, 12 Mar 2005 09:12:44 +0000 (09:12 +0000)]
Avoid re-build avalanches with HP-UX make.
Bodo Möller [Fri, 11 Mar 2005 09:01:24 +0000 (09:01 +0000)]
fix potential memory leak when allocation fails
PR: 801
Submitted by: Nils Larsch
Bodo Möller [Wed, 9 Mar 2005 19:08:02 +0000 (19:08 +0000)]
Fix typo
PR: 1017
Submitted by: ciresh@yahoo.com
Reviewed by: Nils Larsch
Bodo Möller [Wed, 2 Mar 2005 20:22:58 +0000 (20:22 +0000)]
Take MDC2 patent into account.
Bodo Möller [Wed, 2 Mar 2005 20:11:31 +0000 (20:11 +0000)]
In addition to RC5, also exclude MDC2 from compilation unless
the algorithm is explicitly requested.
Bodo Möller [Tue, 22 Feb 2005 10:29:51 +0000 (10:29 +0000)]
Change ./Configure so that certain algorithms can be disabled by default.
This is now the case for RC5.
As a side effect, the OPTIONS in the Makefile will usually look a
little different now, but they are essentially only for information
anyway.
Lutz Jänicke [Sat, 19 Feb 2005 10:26:18 +0000 (10:26 +0000)]
Fix typo on blowfish manual page
PR: 1010
Submitted by: Marc Balmer <mbalmer@openbsd.org>
Lutz Jänicke [Sat, 19 Feb 2005 10:19:07 +0000 (10:19 +0000)]
Fix hang in EGD/PRNGD query when communication socket is closed
prematurely by EGD/PRNGD.
PR: 1014
Submitted by: Darren Tucker <dtucker@zip.com.au>
Dr. Stephen Henson [Mon, 14 Feb 2005 21:53:24 +0000 (21:53 +0000)]
Fix possible memory leak.
Andy Polyakov [Sun, 6 Feb 2005 13:43:02 +0000 (13:43 +0000)]
Remove unused assembler modules.
Andy Polyakov [Sun, 6 Feb 2005 13:23:34 +0000 (13:23 +0000)]
This patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF
and GNU binutils, but kept BSD make... And I took the opportunity to
unify other targets to this common least denominator...
Andy Polyakov [Sun, 6 Feb 2005 13:20:23 +0000 (13:20 +0000)]
Reliable BSD-x86-elf detection in ./config.
Andy Polyakov [Sun, 6 Feb 2005 13:18:40 +0000 (13:18 +0000)]
Make Makefile.shared BSD make-friendly, remove more redundant -lc, set up
OBJECT_MODE for AIX.
Andy Polyakov [Sun, 6 Feb 2005 13:15:21 +0000 (13:15 +0000)]
Make util/shlib_wrap.sh [Open]BSD-friendly.
Andy Polyakov [Sun, 6 Feb 2005 13:10:23 +0000 (13:10 +0000)]
Mention no-sse2 option in INSTALL note.
Dr. Stephen Henson [Sat, 5 Feb 2005 17:22:14 +0000 (17:22 +0000)]
In mkdef.pl ignore trailing whitespace in #ifdef lines