Bodo Möller [Thu, 16 Mar 2000 16:17:00 +0000 (16:17 +0000)]
Point out the PRNG usage bug affecting openssl rsa.
(Should we point to snapshots, or directly give the one-line patch?)
Bodo Möller [Tue, 14 Mar 2000 21:25:39 +0000 (21:25 +0000)]
Remove CRYPTO_push/pop_info invocations to improve code readability --
I hope all memory leaks that may occur here have already been tracked down.
Bodo Möller [Tue, 14 Mar 2000 16:35:36 +0000 (16:35 +0000)]
Avoid a warning.
Bodo Möller [Tue, 14 Mar 2000 16:05:19 +0000 (16:05 +0000)]
SSL_ALLOW_ADH no longer has a meaning.
Bodo Möller [Tue, 14 Mar 2000 14:33:11 +0000 (14:33 +0000)]
Insert a comment: This is one of the few files in this directory
that is actually used (even though it may not appear so at first
sight).
Bodo Möller [Tue, 14 Mar 2000 14:10:56 +0000 (14:10 +0000)]
Use correct function names in SSLerr macros.
Bodo Möller [Tue, 14 Mar 2000 13:56:00 +0000 (13:56 +0000)]
Remove "Makefile.uni" files and some related stuff.
This was meant for building individual ciphers separately;
but nothing of this is maintained, it does not work
because we rely on central configuration by the Configure
utility with <openssl/opensslconf.h> etc., so the files
are only wasting space and time.
Richard Levitte [Tue, 14 Mar 2000 06:51:18 +0000 (06:51 +0000)]
Typos corrected.
Richard Levitte [Tue, 14 Mar 2000 06:30:02 +0000 (06:30 +0000)]
Make it possible top build just a part of the crypto library.
Richard Levitte [Tue, 14 Mar 2000 06:17:52 +0000 (06:17 +0000)]
Target added.
Richard Levitte [Tue, 14 Mar 2000 06:12:30 +0000 (06:12 +0000)]
Bugs corrected, and a couple of include files to get declarations for
lib$-functions and sys$-functions.
Richard Levitte [Tue, 14 Mar 2000 04:32:24 +0000 (04:32 +0000)]
Typo corrected
Richard Levitte [Tue, 14 Mar 2000 04:23:03 +0000 (04:23 +0000)]
bss_log has dollars, so compile it with that warning flag disabled.
Richard Levitte [Tue, 14 Mar 2000 04:16:10 +0000 (04:16 +0000)]
Typo corrected
Richard Levitte [Tue, 14 Mar 2000 04:09:48 +0000 (04:09 +0000)]
Make sure strcmp() gets declared.
Dr. Stephen Henson [Tue, 14 Mar 2000 03:29:57 +0000 (03:29 +0000)]
Make V_ASN1_APP_CHOOSE work again.
Bodo Möller [Mon, 13 Mar 2000 23:06:03 +0000 (23:06 +0000)]
another typo
Bodo Möller [Mon, 13 Mar 2000 23:01:32 +0000 (23:01 +0000)]
typo
Richard Levitte [Mon, 13 Mar 2000 22:27:52 +0000 (22:27 +0000)]
Synchronise with Unixly tests
Bodo Möller [Mon, 13 Mar 2000 21:01:05 +0000 (21:01 +0000)]
Correction.
Bodo Möller [Mon, 13 Mar 2000 20:48:23 +0000 (20:48 +0000)]
Clarifications for 'no-XXX'.
Bodo Möller [Mon, 13 Mar 2000 20:47:45 +0000 (20:47 +0000)]
Run test_ssl last -- it's the only test that really uses the SSL library
in addition to the crypto library.
Bodo Möller [Mon, 13 Mar 2000 20:31:46 +0000 (20:31 +0000)]
"openssl no-..." commands for avoiding the need to grep
"openssl list-standard-commands".
Bodo Möller [Mon, 13 Mar 2000 19:44:45 +0000 (19:44 +0000)]
Include a timing test that works without RSA.
Bodo Möller [Mon, 13 Mar 2000 19:35:37 +0000 (19:35 +0000)]
Corrections.
In testss, use MD5 as digest algorithm so that the resulting
certificates can be used for testssl with RSA.
Bodo Möller [Mon, 13 Mar 2000 19:30:59 +0000 (19:30 +0000)]
Update usage info
Bodo Möller [Mon, 13 Mar 2000 19:24:39 +0000 (19:24 +0000)]
Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
Richard Levitte [Mon, 13 Mar 2000 19:05:18 +0000 (19:05 +0000)]
Synchronise with Unix.
Richard Levitte [Mon, 13 Mar 2000 18:59:11 +0000 (18:59 +0000)]
Correct a potential bug.
Bodo Möller [Mon, 13 Mar 2000 18:05:59 +0000 (18:05 +0000)]
Don't try to test the RSA command if it is not available.
Bodo Möller [Mon, 13 Mar 2000 17:07:04 +0000 (17:07 +0000)]
Copy DH key (if available) in addition to the bare parameters
in SSL_new.
If SSL_OP_SINGLE_DH_USE is set, don't waste time in SSL_[CTX_]set_tmp_dh
on computing a DH key that will be ignored anyway.
ssltest -dhe1024dsa (w/ 160-bit sub-prime) had an unfair performance
advantage over -dhe1024 (safe prime): SSL_OP_SINGLE_DH_USE was
effectively always enabled because SSL_new ignored the DH key set in
the SSL_CTX. Now -dhe1024 takes the server only about twice as long
as -dhe1024dsa instead of three times as long (for 1024 bit RSA
with 1024 bit DH).
Bodo Möller [Mon, 13 Mar 2000 15:06:54 +0000 (15:06 +0000)]
Connection timings (using ISO C function clock()).
Bodo Möller [Mon, 13 Mar 2000 08:04:20 +0000 (08:04 +0000)]
Remove Win32 assembler files. They are always rebuilt (with some
choice of parameters) when they are needed.
Bodo Möller [Sun, 12 Mar 2000 23:27:14 +0000 (23:27 +0000)]
cleaning up a little
Ulf Möller [Sun, 12 Mar 2000 12:52:36 +0000 (12:52 +0000)]
asm workaround for SuSE Linux
proposed by Holger Reif
Ulf Möller [Sun, 12 Mar 2000 12:49:45 +0000 (12:49 +0000)]
make update
Bodo Möller [Sat, 11 Mar 2000 01:29:26 +0000 (01:29 +0000)]
Workaround for Windoze weirdness.
Bodo Möller [Sat, 11 Mar 2000 01:29:14 +0000 (01:29 +0000)]
On NeXT, ssize_t is int, not long (see <sys/types.h> -- the definition
is activated only when _POSIX_SOURCE is defined).
Ulf Möller [Fri, 10 Mar 2000 23:45:51 +0000 (23:45 +0000)]
NO_SYSLOG is defined for MSDOS anyway. just don't include the Unix
header...
Ulf Möller [Fri, 10 Mar 2000 23:45:28 +0000 (23:45 +0000)]
ssize_t
Bodo Möller [Fri, 10 Mar 2000 21:44:38 +0000 (21:44 +0000)]
Use signed types where necessary, and add missing functionality
to make SSL_nread0 work.
Ulf Möller [Fri, 10 Mar 2000 17:43:05 +0000 (17:43 +0000)]
Use L for all constants.
Ulf Möller [Fri, 10 Mar 2000 17:02:12 +0000 (17:02 +0000)]
Don't generate asm files for no-asm.
Ulf Möller [Fri, 10 Mar 2000 17:01:23 +0000 (17:01 +0000)]
Repair bss_log.
Curiously enough, void functions don't return a value.
Bodo Möller [Fri, 10 Mar 2000 13:49:02 +0000 (13:49 +0000)]
Mention -ign_eof.
Bodo Möller [Fri, 10 Mar 2000 13:23:20 +0000 (13:23 +0000)]
Always use fixed DH parameters created with 'dhparam -C',
don't dynamically create them. This allows using ssltest
for approximate performance comparisons:
$ time ./ssltest -num 50 -tls1 -cert ../apps/server2.pem \
[-no_dhe|-dhe1024dsa|-dhe1024]
(server2.pem contains a 1024 bit RSA key, the default has only
512 bits.) Note that these timings contain both the server's and
the client's computations, they are not a good indicator for
server workload in different configurations.
Richard Levitte [Fri, 10 Mar 2000 12:18:28 +0000 (12:18 +0000)]
Add the possibility (with -ign_eof) to ignore end of file on input but
still not be quiet. Also make it clear that -quiet implicitely means
-ign_eof as well.
Bodo Möller [Fri, 10 Mar 2000 12:17:37 +0000 (12:17 +0000)]
Change to code generated by 'dhparam -C':
- Move DH parameter components inside the function.
- Automatically #include the required header file if it
has not already been #included.
Bodo Möller [Fri, 10 Mar 2000 11:47:58 +0000 (11:47 +0000)]
another typo
Bodo Möller [Fri, 10 Mar 2000 11:43:45 +0000 (11:43 +0000)]
typo
Ulf Möller [Thu, 9 Mar 2000 17:07:55 +0000 (17:07 +0000)]
clarify.
Ulf Möller [Thu, 9 Mar 2000 17:07:19 +0000 (17:07 +0000)]
bug fix.
Submitted by: "Yoram Meroz" <yoram@mail.idrive.com>
Bodo Möller [Thu, 9 Mar 2000 15:04:27 +0000 (15:04 +0000)]
Manual page installation did not work if INSTALL_PREFIX was a relative path.
Dr. Stephen Henson [Thu, 9 Mar 2000 01:03:44 +0000 (01:03 +0000)]
Don't Free() password if it was read from config file.
Bodo Möller [Wed, 8 Mar 2000 20:20:15 +0000 (20:20 +0000)]
Clarification.
Dr. Stephen Henson [Wed, 8 Mar 2000 12:44:10 +0000 (12:44 +0000)]
Fix typo and make ca get the CA and request fields correct.
Dr. Stephen Henson [Wed, 8 Mar 2000 01:48:12 +0000 (01:48 +0000)]
Manual pages for EVP_Open* and EVP_Seal*
Richard Levitte [Tue, 7 Mar 2000 23:17:48 +0000 (23:17 +0000)]
Protect variables from potential misinterpretations, for example a
colon which may bite the lesser knowleged...
Richard Levitte [Tue, 7 Mar 2000 22:35:27 +0000 (22:35 +0000)]
Check that a password was actually passed, or the user will just get
mysterious crashes.
Dr. Stephen Henson [Tue, 7 Mar 2000 17:35:25 +0000 (17:35 +0000)]
Manual pages for EVP signing and verifying.
Bodo Möller [Tue, 7 Mar 2000 15:10:08 +0000 (15:10 +0000)]
spelling
Dr. Stephen Henson [Tue, 7 Mar 2000 14:04:29 +0000 (14:04 +0000)]
New compatability trust and purpose settings.
Bodo Möller [Tue, 7 Mar 2000 09:37:19 +0000 (09:37 +0000)]
{NEXT,OPEN}STEP don't have pid_t.
Dr. Stephen Henson [Tue, 7 Mar 2000 01:03:33 +0000 (01:03 +0000)]
Fix the PKCS#8 DSA code so it works again. All the
broken formats worked but the valid didn't :-(
Ulf Möller [Mon, 6 Mar 2000 14:24:25 +0000 (14:24 +0000)]
bug fix release planned
Bodo Möller [Mon, 6 Mar 2000 10:21:57 +0000 (10:21 +0000)]
Fix the indentation, and avoid a compiler warning.
Richard Levitte [Mon, 6 Mar 2000 07:31:17 +0000 (07:31 +0000)]
Let's not lie to the people.
Bodo Möller [Sun, 5 Mar 2000 01:11:44 +0000 (01:11 +0000)]
Add missing include (only MONOLITH builds were possible without it).
Submitted by: Andrew W. Gray
Bodo Möller [Sun, 5 Mar 2000 00:19:36 +0000 (00:19 +0000)]
Preserve reason strings in automatically build tables.
Richard Levitte [Sat, 4 Mar 2000 21:31:52 +0000 (21:31 +0000)]
Beautifying. Sorry, but code that's slammed to the far left is not
very readable in my opinion.
Richard Levitte [Sat, 4 Mar 2000 20:19:57 +0000 (20:19 +0000)]
Let's care about the compiler warnings for both cases, shall we?
Bodo Möller [Sat, 4 Mar 2000 17:56:32 +0000 (17:56 +0000)]
There is no reason to use downcase letters throughout in error reason
strings, it's just the default because it's usually ok.
Bodo Möller [Sat, 4 Mar 2000 17:44:07 +0000 (17:44 +0000)]
Read complete seed files given in -rand options.
Ben Laurie [Sat, 4 Mar 2000 11:42:40 +0000 (11:42 +0000)]
Get definition of ssize_t.
Bodo Möller [Sat, 4 Mar 2000 02:06:04 +0000 (02:06 +0000)]
Change output text (ar is not a linker).
Bodo Möller [Sat, 4 Mar 2000 01:36:53 +0000 (01:36 +0000)]
Generate correct error reasons strings for SYSerr.
Ulf Möller [Sat, 4 Mar 2000 00:22:56 +0000 (00:22 +0000)]
The selftest sometimes lacked important information
Ulf Möller [Sat, 4 Mar 2000 00:22:04 +0000 (00:22 +0000)]
new component
Ulf Möller [Sat, 4 Mar 2000 00:21:45 +0000 (00:21 +0000)]
gcc warnings
Bodo Möller [Fri, 3 Mar 2000 23:28:35 +0000 (23:28 +0000)]
Note about PRNG error message for openssl command line tool.
Bodo Möller [Fri, 3 Mar 2000 23:27:56 +0000 (23:27 +0000)]
Add an #include.
Bodo Möller [Fri, 3 Mar 2000 22:34:35 +0000 (22:34 +0000)]
Use signed type where -1 may be returned.
Bodo Möller [Fri, 3 Mar 2000 22:24:43 +0000 (22:24 +0000)]
Avoid potential memory leak in code generated by 'openssl dhparam -C'.
Bodo Möller [Fri, 3 Mar 2000 22:18:19 +0000 (22:18 +0000)]
New '-dsaparam' option for 'openssl dhparam', and related fixes.
Bodo Möller [Fri, 3 Mar 2000 07:51:25 +0000 (07:51 +0000)]
Fix for previous patch: If RAND_pseudo_bytes returns 0, this is not an error.
Dr. Stephen Henson [Fri, 3 Mar 2000 01:37:11 +0000 (01:37 +0000)]
Make name_funcs_stack static.
Dr. Stephen Henson [Fri, 3 Mar 2000 00:06:40 +0000 (00:06 +0000)]
Move the 'file scope' argument in set_label to
the third argument: the second was being used
already.
Richard Levitte [Thu, 2 Mar 2000 23:32:47 +0000 (23:32 +0000)]
Synchronise
Bodo Möller [Thu, 2 Mar 2000 22:44:55 +0000 (22:44 +0000)]
Use RAND_pseudo_bytes, not RAND_bytes, for IVs/salts.
Bodo Möller [Thu, 2 Mar 2000 22:29:38 +0000 (22:29 +0000)]
Use RAND_pseudo_bytes, not RAND_bytes, for IVs/salts.
Bodo Möller [Thu, 2 Mar 2000 22:08:30 +0000 (22:08 +0000)]
Update comment.
Bodo Möller [Thu, 2 Mar 2000 19:30:41 +0000 (19:30 +0000)]
Add missing dependencies.
Bodo Möller [Thu, 2 Mar 2000 14:34:58 +0000 (14:34 +0000)]
Use RAND_METHOD for implementing RAND_status.
Bodo Möller [Thu, 2 Mar 2000 14:34:08 +0000 (14:34 +0000)]
Change comment.
Richard Levitte [Thu, 2 Mar 2000 07:50:02 +0000 (07:50 +0000)]
Hack b_print.c to implement asprintf() functionality. Not enabled by
default yet, I wanna play with it a bit more.
For those who don't know: asprintf() is an allocating sprintf. The
first argument to it is a double indirection to char instead of a
single.
Richard Levitte [Thu, 2 Mar 2000 07:45:31 +0000 (07:45 +0000)]
Make bss_log.c a bit more readable, and implement it for VMS as well.
Richard Levitte [Thu, 2 Mar 2000 07:42:48 +0000 (07:42 +0000)]
It started with finding a misplaced #endif. Then I wanted to see the
structure better. I hope noone minds, and that it still works. Steve?
Richard Levitte [Thu, 2 Mar 2000 07:38:45 +0000 (07:38 +0000)]
I'm experimenting with a hack in dopr() and friends b_printf.c to make
it work like asprintf().
Dr. Stephen Henson [Thu, 2 Mar 2000 00:37:53 +0000 (00:37 +0000)]
Fix bug which would free up a public key
twice if the verify callback tried to
continue after a signature failure.
Ulf Möller [Wed, 1 Mar 2000 19:08:47 +0000 (19:08 +0000)]
add comment.