oweals/openssl.git
19 years agoSynchronise with ec/Makefile.
Richard Levitte [Sun, 17 Apr 2005 09:07:37 +0000 (09:07 +0000)]
Synchronise with ec/Makefile.

19 years agoMitigate cache-timing attack in CBC mode. This is done by implementing
Andy Polyakov [Sat, 16 Apr 2005 15:23:21 +0000 (15:23 +0000)]
Mitigate cache-timing attack in CBC mode. This is done by implementing
compressed tables (2x compression factor) and by pre-fetching them into
processor cache prior every CBC en-/decryption pass. One can argue why
just CBC? Well, it's commonly used mode in real-life applications and
API allows us to amortize the prefetch costs for larger data chunks...

19 years agoconst fixes
Nils Larsch [Fri, 15 Apr 2005 18:29:33 +0000 (18:29 +0000)]
const fixes

19 years agoEVP_CIPHER_CTX_init is a void function + fix typo
Nils Larsch [Fri, 15 Apr 2005 16:01:35 +0000 (16:01 +0000)]
EVP_CIPHER_CTX_init is a void function + fix typo

PR: 1044 + 1045

19 years agoCheck return values of <Digest>_Init functions in low level digest calls.
Dr. Stephen Henson [Thu, 14 Apr 2005 22:58:44 +0000 (22:58 +0000)]
Check return values of <Digest>_Init functions in low level digest calls.

19 years agoPrototype mnemonics in padlock_verify_context for better portability
Andy Polyakov [Thu, 14 Apr 2005 07:47:10 +0000 (07:47 +0000)]
Prototype mnemonics in padlock_verify_context for better portability
[read support for Solaris assembler].

19 years agoFix for bug emerged in openvpn conext.
Andy Polyakov [Thu, 14 Apr 2005 07:41:29 +0000 (07:41 +0000)]
Fix for bug emerged in openvpn conext.

19 years agoFinal touch to mingw shared.
Andy Polyakov [Wed, 13 Apr 2005 23:54:28 +0000 (23:54 +0000)]
Final touch to mingw shared.

19 years agoMore cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...
Andy Polyakov [Wed, 13 Apr 2005 21:46:30 +0000 (21:46 +0000)]
More cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...

19 years agoAddenum to http://cvs.openssl.org/chngview?cn=13054.
Andy Polyakov [Wed, 13 Apr 2005 21:10:07 +0000 (21:10 +0000)]
Addenum to cvs.openssl.org/chngview?cn=13054.

19 years agoFinal(?) touches to mingw shared support.
Andy Polyakov [Wed, 13 Apr 2005 21:08:39 +0000 (21:08 +0000)]
Final(?) touches to mingw shared support.

19 years agoZap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL.
Andy Polyakov [Wed, 13 Apr 2005 20:51:42 +0000 (20:51 +0000)]
Zap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL.

19 years agoMakefile.ssl -> Makefile
Nils Larsch [Wed, 13 Apr 2005 19:09:43 +0000 (19:09 +0000)]
Makefile.ssl -> Makefile

19 years agoFix typos.
Andy Polyakov [Wed, 13 Apr 2005 15:41:11 +0000 (15:41 +0000)]
Fix typos.

19 years agoIntroduce OPENSSL_NONPIC_relocated to denote relocated DLLs.
Andy Polyakov [Wed, 13 Apr 2005 08:46:35 +0000 (08:46 +0000)]
Introduce OPENSSL_NONPIC_relocated to denote relocated DLLs.

19 years agoParameterize do_solaris rules in Makefile.shared.
Andy Polyakov [Wed, 13 Apr 2005 07:22:41 +0000 (07:22 +0000)]
Parameterize do_solaris rules in Makefile.shared.

19 years agoMinor cryptlib.c update: compiler warnings in OPENSSL_showfatal and
Andy Polyakov [Wed, 13 Apr 2005 06:55:42 +0000 (06:55 +0000)]
Minor cryptlib.c update: compiler warnings in OPENSSL_showfatal and
OPENSSL_stderr stub.

19 years agoUpdate FAQ.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:38:00 +0000 (16:38 +0000)]
Update FAQ.

19 years agoMore overwritten stuff...
Dr. Stephen Henson [Tue, 12 Apr 2005 16:36:36 +0000 (16:36 +0000)]
More overwritten stuff...

19 years agoReplace overwritten lines before error codes.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:17:53 +0000 (16:17 +0000)]
Replace overwritten lines before error codes.

19 years agoRebuild error codes.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:15:22 +0000 (16:15 +0000)]
Rebuild error codes.

19 years agoInclude error library value in C error source files instead of fixing up
Dr. Stephen Henson [Tue, 12 Apr 2005 13:31:14 +0000 (13:31 +0000)]
Include error library value in C error source files instead of fixing up
at runtime.

19 years agoinclude limits.h for UINT_MAX etc.
Nils Larsch [Mon, 11 Apr 2005 20:59:58 +0000 (20:59 +0000)]
include limits.h for UINT_MAX etc.

19 years agoAdd a NEWS item for 0.9.7g.
Richard Levitte [Mon, 11 Apr 2005 15:05:45 +0000 (15:05 +0000)]
Add a NEWS item for 0.9.7g.

19 years agoAdd emacs cache files to .cvsignore.
Richard Levitte [Mon, 11 Apr 2005 14:17:07 +0000 (14:17 +0000)]
Add emacs cache files to .cvsignore.

19 years agoMove allow_proxy_certs declaration to start of function.
Dr. Stephen Henson [Sun, 10 Apr 2005 23:41:09 +0000 (23:41 +0000)]
Move allow_proxy_certs declaration to start of function.

19 years agoMake kerberos ciphersuite code work with newer header files
Dr. Stephen Henson [Sat, 9 Apr 2005 23:55:55 +0000 (23:55 +0000)]
Make kerberos ciphersuite code work with newer header files

19 years agoAdded restrictions on the use of proxy certificates, as they may pose
Richard Levitte [Sat, 9 Apr 2005 16:07:12 +0000 (16:07 +0000)]
Added restrictions on the use of proxy certificates, as they may pose
a security threat on unexpecting applications.  Document and test.

19 years agoadd support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()
Nils Larsch [Fri, 8 Apr 2005 22:52:42 +0000 (22:52 +0000)]
add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()
and SSL_use_PrivateKey_file()

PR: 1035
Submitted by: Walter Goulet
Reviewed by:  Nils Larsch

19 years agoimprove docu of SSL_CTX_use_PrivateKey()
Nils Larsch [Fri, 8 Apr 2005 22:49:57 +0000 (22:49 +0000)]
improve docu of SSL_CTX_use_PrivateKey()

19 years agoget rid of very buggy and very imcomplete DH cert support
Nils Larsch [Thu, 7 Apr 2005 23:19:17 +0000 (23:19 +0000)]
get rid of very buggy and very imcomplete DH cert support

Reviewed by: Bodo Moeller

19 years agomake sure error queue is totally emptied
Nils Larsch [Thu, 7 Apr 2005 22:53:35 +0000 (22:53 +0000)]
make sure error queue is totally emptied

PR: 359

19 years agoconst fixes
Nils Larsch [Thu, 7 Apr 2005 22:48:33 +0000 (22:48 +0000)]
const fixes

19 years agoRecognize MSYS/MINGW environment.
Andy Polyakov [Thu, 7 Apr 2005 20:24:29 +0000 (20:24 +0000)]
Recognize MSYS/MINGW environment.

19 years agoImplement OPENSSL_showfatal and make it Win32 GUI and service aware
Andy Polyakov [Thu, 7 Apr 2005 18:39:45 +0000 (18:39 +0000)]
Implement OPENSSL_showfatal and make it Win32 GUI and service aware
[meaning that it will detect in which context application is running
and either write message to stderr, post a dialog or log an event].

19 years agoHarmonize cygwin/mingw and VC targets.
Andy Polyakov [Thu, 7 Apr 2005 15:51:55 +0000 (15:51 +0000)]
Harmonize cygwin/mingw and VC targets.

19 years ago+45% RC4 performance boost on Intel EM64T core. Unrolled loop providing
Andy Polyakov [Wed, 6 Apr 2005 09:45:42 +0000 (09:45 +0000)]
+45% RC4 performance boost on Intel EM64T core. Unrolled loop providing
further +35% will follow...

Submitted by: Zou Nanhai

19 years agosome const fixes
Nils Larsch [Tue, 5 Apr 2005 19:11:19 +0000 (19:11 +0000)]
some const fixes

19 years agoupdate progs.pl to reflect changes in progs.h
Nils Larsch [Tue, 5 Apr 2005 18:17:13 +0000 (18:17 +0000)]
update progs.pl to reflect changes in progs.h

19 years agofix example in docu
Nils Larsch [Tue, 5 Apr 2005 11:17:03 +0000 (11:17 +0000)]
fix example in docu

PR: 800

19 years agosome const fixes and cleanup
Nils Larsch [Tue, 5 Apr 2005 10:29:43 +0000 (10:29 +0000)]
some const fixes and cleanup

19 years agoremove unused recp method
Nils Larsch [Mon, 4 Apr 2005 18:15:59 +0000 (18:15 +0000)]
remove unused recp method

19 years agoExtend Solaris x86 support to amd64.
Andy Polyakov [Mon, 4 Apr 2005 17:10:53 +0000 (17:10 +0000)]
Extend Solaris x86 support to amd64.

19 years agoSolaris x86 linker erroneously pads .init segment with zeros instead of
Andy Polyakov [Mon, 4 Apr 2005 17:07:16 +0000 (17:07 +0000)]
Solaris x86 linker erroneously pads .init segment with zeros instead of
nops, which causes SEGV at startup. So I don't align anymore.

19 years agoSome non-GNU compilers (such as Sun C) define __i386.
Andy Polyakov [Mon, 4 Apr 2005 17:05:06 +0000 (17:05 +0000)]
Some non-GNU compilers (such as Sun C) define __i386.

19 years agoHISTORY section: point out change of default digest
Bodo Möller [Sun, 3 Apr 2005 23:53:48 +0000 (23:53 +0000)]
HISTORY section: point out change of default digest

19 years agoMake bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially
Andy Polyakov [Sun, 3 Apr 2005 18:53:29 +0000 (18:53 +0000)]
Make bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially
introduced for a reason [like bug in initial gcc port], but proposed
=&r is treated correctly by senior 3.2, so we can assume it's safe now.
PR: 1031

19 years agoIf input is bad, we still need to clear the buffer.
Ben Laurie [Sun, 3 Apr 2005 16:38:22 +0000 (16:38 +0000)]
If input is bad, we still need to clear the buffer.

19 years agouse SHA-1 as the default digest for the apps/openssl commands
Nils Larsch [Sat, 2 Apr 2005 09:29:15 +0000 (09:29 +0000)]
use SHA-1 as the default digest for the apps/openssl commands

19 years agoTypo
Dr. Stephen Henson [Fri, 1 Apr 2005 21:56:15 +0000 (21:56 +0000)]
Typo

19 years agoreally clear the error queue here
Nils Larsch [Fri, 1 Apr 2005 17:50:09 +0000 (17:50 +0000)]
really clear the error queue here

PR: 860

19 years agouse SSL3_VERSION_MAJOR instead of SSL3_VERSION etc.
Nils Larsch [Fri, 1 Apr 2005 17:35:32 +0000 (17:35 +0000)]
use SSL3_VERSION_MAJOR instead of SSL3_VERSION etc.

PR: 658

19 years agoConsistency.
Ben Laurie [Thu, 31 Mar 2005 13:57:54 +0000 (13:57 +0000)]
Consistency.

19 years agoAdd a file with fingerprints that have recently been used to sign
Richard Levitte [Thu, 31 Mar 2005 11:51:47 +0000 (11:51 +0000)]
Add a file with fingerprints that have recently been used to sign
OpenSSL distributions, or are about to.  This has been requested a
little now and then by users, for years :-/...

19 years agoSimplicate and add lightness.
Ben Laurie [Thu, 31 Mar 2005 10:55:55 +0000 (10:55 +0000)]
Simplicate and add lightness.

19 years agoGet rid of irritating noise.
Ben Laurie [Thu, 31 Mar 2005 10:34:59 +0000 (10:34 +0000)]
Get rid of irritating noise.

19 years agoGive everything prototypes (well, everything that's actually used).
Ben Laurie [Thu, 31 Mar 2005 09:26:39 +0000 (09:26 +0000)]
Give everything prototypes (well, everything that's actually used).

19 years agofix header
Nils Larsch [Wed, 30 Mar 2005 21:38:29 +0000 (21:38 +0000)]
fix header

19 years agoMakefile.ssl doesn't exist anymore
Nils Larsch [Wed, 30 Mar 2005 21:37:05 +0000 (21:37 +0000)]
Makefile.ssl doesn't exist anymore

19 years agoTake account of Makefile.ssl removal.
Ben Laurie [Wed, 30 Mar 2005 14:44:50 +0000 (14:44 +0000)]
Take account of Makefile.ssl removal.

19 years agoMake tags target useful.
Ben Laurie [Wed, 30 Mar 2005 14:19:21 +0000 (14:19 +0000)]
Make tags target useful.

19 years agoDon't debug.
Ben Laurie [Wed, 30 Mar 2005 14:15:14 +0000 (14:15 +0000)]
Don't debug.

19 years agoBlow away Makefile.ssl.
Ben Laurie [Wed, 30 Mar 2005 13:05:57 +0000 (13:05 +0000)]
Blow away Makefile.ssl.

19 years agoupdate docs (recent constification)
Nils Larsch [Wed, 30 Mar 2005 11:50:14 +0000 (11:50 +0000)]
update docs (recent constification)

19 years agoConstification.
Ben Laurie [Wed, 30 Mar 2005 10:26:02 +0000 (10:26 +0000)]
Constification.

19 years agothe second argument of EVP_SealInit is const
Nils Larsch [Tue, 29 Mar 2005 17:50:08 +0000 (17:50 +0000)]
the second argument of EVP_SealInit is const

19 years agowhen building with OPENSSL_NO_DEPRECATED defined BN_zero is a macro
Nils Larsch [Mon, 28 Mar 2005 15:06:29 +0000 (15:06 +0000)]
when building with OPENSSL_NO_DEPRECATED defined BN_zero is a macro
which cannot be evaluated in an if statement

19 years agoHarmonize with CHANGES as distributed in OpenSSL 0.9.7f.
Bodo Möller [Thu, 24 Mar 2005 01:37:07 +0000 (01:37 +0000)]
Harmonize with CHANGES as distributed in OpenSSL 0.9.7f.

19 years agoundo Cygwin change
Ulf Möller [Thu, 24 Mar 2005 00:14:59 +0000 (00:14 +0000)]
undo Cygwin change

19 years agoChange the memory leak FAQ entry to describe the levels of thread safety in each...
Richard Levitte [Wed, 23 Mar 2005 21:14:59 +0000 (21:14 +0000)]
Change the memory leak FAQ entry to describe the levels of thread safety in each function

19 years agoUpdate FAQ
Dr. Stephen Henson [Tue, 22 Mar 2005 20:10:38 +0000 (20:10 +0000)]
Update FAQ

19 years agoDoc fixes.
Dr. Stephen Henson [Tue, 22 Mar 2005 17:55:33 +0000 (17:55 +0000)]
Doc fixes.

19 years agotest, remove unnecessary const cast
Nils Larsch [Tue, 22 Mar 2005 17:55:18 +0000 (17:55 +0000)]
test, remove unnecessary const cast

19 years agoEnsure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server and
Dr. Stephen Henson [Tue, 22 Mar 2005 14:11:06 +0000 (14:11 +0000)]
Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server and
client random values.

19 years agoThere are cases when there are no files left to verify. Make sure to
Richard Levitte [Mon, 21 Mar 2005 13:52:12 +0000 (13:52 +0000)]
There are cases when there are no files left to verify.  Make sure to
handle that properly.

19 years agoadd new curves to the loop (with some cleanup from me)
Nils Larsch [Sun, 20 Mar 2005 23:12:13 +0000 (23:12 +0000)]
add new curves to the loop (with some cleanup from me)

Submitted by: Jean-Luc Duval
Reviewed by:  Nils Larsch

19 years agosome const fixes
Nils Larsch [Sun, 20 Mar 2005 22:56:07 +0000 (22:56 +0000)]
some const fixes

19 years agoUse Windows randomness code on Cygwin
Ulf Möller [Sat, 19 Mar 2005 11:39:17 +0000 (11:39 +0000)]
Use Windows randomness code on Cygwin

19 years agofix breakage for Perl versions that do boolean operations on long words
Ulf Möller [Sat, 19 Mar 2005 11:13:30 +0000 (11:13 +0000)]
fix breakage for Perl versions that do boolean operations on long words

19 years agotypo
Ulf Möller [Sat, 19 Mar 2005 10:19:45 +0000 (10:19 +0000)]
typo

19 years agoAdded HOWTO about proxy certificates.
Richard Levitte [Mon, 14 Mar 2005 15:39:25 +0000 (15:39 +0000)]
Added HOWTO about proxy certificates.

19 years ago"make depend". This takes into account the algorithms that are now
Bodo Möller [Sun, 13 Mar 2005 19:49:47 +0000 (19:49 +0000)]
"make depend".  This takes into account the algorithms that are now
disabled by default (MDC2 and RC5), which until now were skipped
by "make links" and yet supposedly required by some of the Makefiles,
meaning that the recent snapshots failed to compile.

Problem reported by Nils Larsch.

19 years agoIt seems that Configure revision 1.404 broke "make depend" by hiding
Bodo Möller [Sun, 13 Mar 2005 19:46:58 +0000 (19:46 +0000)]
It seems that Configure revision 1.404 broke "make depend" by hiding
from it which algorithms were disabled.  With these new changes,
"make depend" will properly take into account algorithms that are skipped.

19 years agoCygwin to use DSO_FLFCN and mingw to use DSO_WIN32.
Andy Polyakov [Sat, 12 Mar 2005 11:28:41 +0000 (11:28 +0000)]
Cygwin to use DSO_FLFCN and mingw to use DSO_WIN32.

19 years agoAvoid re-build avalanches with HP-UX make.
Andy Polyakov [Sat, 12 Mar 2005 09:12:44 +0000 (09:12 +0000)]
Avoid re-build avalanches with HP-UX make.

19 years agofix potential memory leak when allocation fails
Bodo Möller [Fri, 11 Mar 2005 09:01:24 +0000 (09:01 +0000)]
fix potential memory leak when allocation fails

PR: 801
Submitted by: Nils Larsch

19 years agoFix typo
Bodo Möller [Wed, 9 Mar 2005 19:08:02 +0000 (19:08 +0000)]
Fix typo

PR: 1017
Submitted by: ciresh@yahoo.com
Reviewed by: Nils Larsch

19 years agoTake MDC2 patent into account.
Bodo Möller [Wed, 2 Mar 2005 20:22:58 +0000 (20:22 +0000)]
Take MDC2 patent into account.

19 years agoIn addition to RC5, also exclude MDC2 from compilation unless
Bodo Möller [Wed, 2 Mar 2005 20:11:31 +0000 (20:11 +0000)]
In addition to RC5, also exclude MDC2 from compilation unless
the algorithm is explicitly requested.

19 years agoChange ./Configure so that certain algorithms can be disabled by default.
Bodo Möller [Tue, 22 Feb 2005 10:29:51 +0000 (10:29 +0000)]
Change ./Configure so that certain algorithms can be disabled by default.
This is now the case for RC5.

As a side effect, the OPTIONS in the Makefile will usually look a
little different now, but they are essentially only for information
anyway.

19 years agoFix typo on blowfish manual page
Lutz Jänicke [Sat, 19 Feb 2005 10:26:18 +0000 (10:26 +0000)]
Fix typo on blowfish manual page
PR: 1010
Submitted by: Marc Balmer <mbalmer@openbsd.org>

19 years agoFix hang in EGD/PRNGD query when communication socket is closed
Lutz Jänicke [Sat, 19 Feb 2005 10:19:07 +0000 (10:19 +0000)]
Fix hang in EGD/PRNGD query when communication socket is closed
prematurely by EGD/PRNGD.
PR: 1014
Submitted by: Darren Tucker <dtucker@zip.com.au>

19 years agoFix possible memory leak.
Dr. Stephen Henson [Mon, 14 Feb 2005 21:53:24 +0000 (21:53 +0000)]
Fix possible memory leak.

19 years agoRemove unused assembler modules.
Andy Polyakov [Sun, 6 Feb 2005 13:43:02 +0000 (13:43 +0000)]
Remove unused assembler modules.

19 years agoThis patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF
Andy Polyakov [Sun, 6 Feb 2005 13:23:34 +0000 (13:23 +0000)]
This patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF
and GNU binutils, but kept BSD make... And I took the opportunity to
unify other targets to this common least denominator...

19 years agoReliable BSD-x86-elf detection in ./config.
Andy Polyakov [Sun, 6 Feb 2005 13:20:23 +0000 (13:20 +0000)]
Reliable BSD-x86-elf detection in ./config.

19 years agoMake Makefile.shared BSD make-friendly, remove more redundant -lc, set up
Andy Polyakov [Sun, 6 Feb 2005 13:18:40 +0000 (13:18 +0000)]
Make Makefile.shared BSD make-friendly, remove more redundant -lc, set up
OBJECT_MODE for AIX.

19 years agoMake util/shlib_wrap.sh [Open]BSD-friendly.
Andy Polyakov [Sun, 6 Feb 2005 13:15:21 +0000 (13:15 +0000)]
Make util/shlib_wrap.sh [Open]BSD-friendly.

19 years agoMention no-sse2 option in INSTALL note.
Andy Polyakov [Sun, 6 Feb 2005 13:10:23 +0000 (13:10 +0000)]
Mention no-sse2 option in INSTALL note.

19 years agoIn mkdef.pl ignore trailing whitespace in #ifdef lines
Dr. Stephen Henson [Sat, 5 Feb 2005 17:22:14 +0000 (17:22 +0000)]
In mkdef.pl ignore trailing whitespace in #ifdef lines