oweals/openssl.git
24 years agoPoint out the PRNG usage bug affecting openssl rsa.
Bodo Möller [Thu, 16 Mar 2000 16:17:00 +0000 (16:17 +0000)]
Point out the PRNG usage bug affecting openssl rsa.
(Should we point to snapshots, or directly give the one-line patch?)

24 years agoRemove CRYPTO_push/pop_info invocations to improve code readability --
Bodo Möller [Tue, 14 Mar 2000 21:25:39 +0000 (21:25 +0000)]
Remove CRYPTO_push/pop_info invocations to improve code readability --
I hope all memory leaks that may occur here have already been tracked down.

24 years agoAvoid a warning.
Bodo Möller [Tue, 14 Mar 2000 16:35:36 +0000 (16:35 +0000)]
Avoid a warning.

24 years agoSSL_ALLOW_ADH no longer has a meaning.
Bodo Möller [Tue, 14 Mar 2000 16:05:19 +0000 (16:05 +0000)]
SSL_ALLOW_ADH no longer has a meaning.

24 years agoInsert a comment: This is one of the few files in this directory
Bodo Möller [Tue, 14 Mar 2000 14:33:11 +0000 (14:33 +0000)]
Insert a comment: This is one of the few files in this directory
that is actually used (even though it may not appear so at first
sight).

24 years agoUse correct function names in SSLerr macros.
Bodo Möller [Tue, 14 Mar 2000 14:10:56 +0000 (14:10 +0000)]
Use correct function names in SSLerr macros.

24 years agoRemove "Makefile.uni" files and some related stuff.
Bodo Möller [Tue, 14 Mar 2000 13:56:00 +0000 (13:56 +0000)]
Remove "Makefile.uni" files and some related stuff.
This was meant for building individual ciphers separately;
but nothing of this is maintained, it does not work
because we rely on central configuration by the Configure
utility with <openssl/opensslconf.h> etc., so the files
are only wasting space and time.

24 years agoTypos corrected.
Richard Levitte [Tue, 14 Mar 2000 06:51:18 +0000 (06:51 +0000)]
Typos corrected.

24 years agoMake it possible top build just a part of the crypto library.
Richard Levitte [Tue, 14 Mar 2000 06:30:02 +0000 (06:30 +0000)]
Make it possible top build just a part of the crypto library.

24 years agoTarget added.
Richard Levitte [Tue, 14 Mar 2000 06:17:52 +0000 (06:17 +0000)]
Target added.

24 years agoBugs corrected, and a couple of include files to get declarations for
Richard Levitte [Tue, 14 Mar 2000 06:12:30 +0000 (06:12 +0000)]
Bugs corrected, and a couple of include files to get declarations for
lib$-functions and sys$-functions.

24 years agoTypo corrected
Richard Levitte [Tue, 14 Mar 2000 04:32:24 +0000 (04:32 +0000)]
Typo corrected

24 years agobss_log has dollars, so compile it with that warning flag disabled.
Richard Levitte [Tue, 14 Mar 2000 04:23:03 +0000 (04:23 +0000)]
bss_log has dollars, so compile it with that warning flag disabled.

24 years agoTypo corrected
Richard Levitte [Tue, 14 Mar 2000 04:16:10 +0000 (04:16 +0000)]
Typo corrected

24 years agoMake sure strcmp() gets declared.
Richard Levitte [Tue, 14 Mar 2000 04:09:48 +0000 (04:09 +0000)]
Make sure strcmp() gets declared.

24 years agoMake V_ASN1_APP_CHOOSE work again.
Dr. Stephen Henson [Tue, 14 Mar 2000 03:29:57 +0000 (03:29 +0000)]
Make V_ASN1_APP_CHOOSE work again.

24 years agoanother typo
Bodo Möller [Mon, 13 Mar 2000 23:06:03 +0000 (23:06 +0000)]
another typo

24 years agotypo
Bodo Möller [Mon, 13 Mar 2000 23:01:32 +0000 (23:01 +0000)]
typo

24 years agoSynchronise with Unixly tests
Richard Levitte [Mon, 13 Mar 2000 22:27:52 +0000 (22:27 +0000)]
Synchronise with Unixly tests

24 years agoCorrection.
Bodo Möller [Mon, 13 Mar 2000 21:01:05 +0000 (21:01 +0000)]
Correction.

24 years agoClarifications for 'no-XXX'.
Bodo Möller [Mon, 13 Mar 2000 20:48:23 +0000 (20:48 +0000)]
Clarifications for 'no-XXX'.

24 years agoRun test_ssl last -- it's the only test that really uses the SSL library
Bodo Möller [Mon, 13 Mar 2000 20:47:45 +0000 (20:47 +0000)]
Run test_ssl last -- it's the only test that really uses the SSL library
in addition to the crypto library.

24 years ago"openssl no-..." commands for avoiding the need to grep
Bodo Möller [Mon, 13 Mar 2000 20:31:46 +0000 (20:31 +0000)]
"openssl no-..." commands for avoiding the need to grep
"openssl list-standard-commands".

24 years agoInclude a timing test that works without RSA.
Bodo Möller [Mon, 13 Mar 2000 19:44:45 +0000 (19:44 +0000)]
Include a timing test that works without RSA.

24 years agoCorrections.
Bodo Möller [Mon, 13 Mar 2000 19:35:37 +0000 (19:35 +0000)]
Corrections.

In testss, use MD5 as digest algorithm so that the resulting
certificates can be used for testssl with RSA.

24 years agoUpdate usage info
Bodo Möller [Mon, 13 Mar 2000 19:30:59 +0000 (19:30 +0000)]
Update usage info

24 years agoUpdate test suite so that 'make test' succeeds in 'no-rsa' configuration.
Bodo Möller [Mon, 13 Mar 2000 19:24:39 +0000 (19:24 +0000)]
Update test suite so that 'make test' succeeds in 'no-rsa' configuration.

24 years agoSynchronise with Unix.
Richard Levitte [Mon, 13 Mar 2000 19:05:18 +0000 (19:05 +0000)]
Synchronise with Unix.

24 years agoCorrect a potential bug.
Richard Levitte [Mon, 13 Mar 2000 18:59:11 +0000 (18:59 +0000)]
Correct a potential bug.

24 years agoDon't try to test the RSA command if it is not available.
Bodo Möller [Mon, 13 Mar 2000 18:05:59 +0000 (18:05 +0000)]
Don't try to test the RSA command if it is not available.

24 years agoCopy DH key (if available) in addition to the bare parameters
Bodo Möller [Mon, 13 Mar 2000 17:07:04 +0000 (17:07 +0000)]
Copy DH key (if available) in addition to the bare parameters
in SSL_new.
If SSL_OP_SINGLE_DH_USE is set, don't waste time in SSL_[CTX_]set_tmp_dh
on computing a DH key that will be ignored anyway.

ssltest -dhe1024dsa (w/ 160-bit sub-prime) had an unfair performance
advantage over -dhe1024 (safe prime): SSL_OP_SINGLE_DH_USE was
effectively always enabled because SSL_new ignored the DH key set in
the SSL_CTX.  Now -dhe1024 takes the server only about twice as long
as -dhe1024dsa instead of three times as long (for 1024 bit RSA
with 1024 bit DH).

24 years agoConnection timings (using ISO C function clock()).
Bodo Möller [Mon, 13 Mar 2000 15:06:54 +0000 (15:06 +0000)]
Connection timings (using ISO C function clock()).

24 years agoRemove Win32 assembler files. They are always rebuilt (with some
Bodo Möller [Mon, 13 Mar 2000 08:04:20 +0000 (08:04 +0000)]
Remove Win32 assembler files.  They are always rebuilt (with some
choice of parameters) when they are needed.

24 years agocleaning up a little
Bodo Möller [Sun, 12 Mar 2000 23:27:14 +0000 (23:27 +0000)]
cleaning up a little

24 years agoasm workaround for SuSE Linux
Ulf Möller [Sun, 12 Mar 2000 12:52:36 +0000 (12:52 +0000)]
asm workaround for SuSE Linux
proposed by Holger Reif

24 years agomake update
Ulf Möller [Sun, 12 Mar 2000 12:49:45 +0000 (12:49 +0000)]
make update

24 years agoWorkaround for Windoze weirdness.
Bodo Möller [Sat, 11 Mar 2000 01:29:26 +0000 (01:29 +0000)]
Workaround for Windoze weirdness.

24 years agoOn NeXT, ssize_t is int, not long (see <sys/types.h> -- the definition
Bodo Möller [Sat, 11 Mar 2000 01:29:14 +0000 (01:29 +0000)]
On NeXT, ssize_t is int, not long (see <sys/types.h> -- the definition
is activated only when _POSIX_SOURCE is defined).

24 years agoNO_SYSLOG is defined for MSDOS anyway. just don't include the Unix
Ulf Möller [Fri, 10 Mar 2000 23:45:51 +0000 (23:45 +0000)]
NO_SYSLOG is defined for MSDOS anyway. just don't include the Unix
header...

24 years agossize_t
Ulf Möller [Fri, 10 Mar 2000 23:45:28 +0000 (23:45 +0000)]
ssize_t

24 years agoUse signed types where necessary, and add missing functionality
Bodo Möller [Fri, 10 Mar 2000 21:44:38 +0000 (21:44 +0000)]
Use signed types where necessary, and add missing functionality
to make SSL_nread0 work.

24 years agoUse L for all constants.
Ulf Möller [Fri, 10 Mar 2000 17:43:05 +0000 (17:43 +0000)]
Use L for all constants.

24 years agoDon't generate asm files for no-asm.
Ulf Möller [Fri, 10 Mar 2000 17:02:12 +0000 (17:02 +0000)]
Don't generate asm files for no-asm.

24 years agoRepair bss_log.
Ulf Möller [Fri, 10 Mar 2000 17:01:23 +0000 (17:01 +0000)]
Repair bss_log.

Curiously enough, void functions don't return a value.

24 years agoMention -ign_eof.
Bodo Möller [Fri, 10 Mar 2000 13:49:02 +0000 (13:49 +0000)]
Mention -ign_eof.

24 years agoAlways use fixed DH parameters created with 'dhparam -C',
Bodo Möller [Fri, 10 Mar 2000 13:23:20 +0000 (13:23 +0000)]
Always use fixed DH parameters created with 'dhparam -C',
don't dynamically create them.  This allows using ssltest
for approximate performance comparisons:
   $ time ./ssltest -num 50 -tls1 -cert ../apps/server2.pem \
     [-no_dhe|-dhe1024dsa|-dhe1024]
(server2.pem contains a 1024 bit RSA key, the default has only
512 bits.) Note that these timings contain both the server's and
the client's computations, they are not a good indicator for
server workload in different configurations.

24 years agoAdd the possibility (with -ign_eof) to ignore end of file on input but
Richard Levitte [Fri, 10 Mar 2000 12:18:28 +0000 (12:18 +0000)]
Add the possibility (with -ign_eof) to ignore end of file on input but
still not be quiet.  Also make it clear that -quiet implicitely means
-ign_eof as well.

24 years agoChange to code generated by 'dhparam -C':
Bodo Möller [Fri, 10 Mar 2000 12:17:37 +0000 (12:17 +0000)]
Change to code generated by 'dhparam -C':

- Move DH parameter components inside the function.
- Automatically #include the required header file if it
  has not already been #included.

24 years agoanother typo
Bodo Möller [Fri, 10 Mar 2000 11:47:58 +0000 (11:47 +0000)]
another typo

24 years agotypo
Bodo Möller [Fri, 10 Mar 2000 11:43:45 +0000 (11:43 +0000)]
typo

24 years agoclarify.
Ulf Möller [Thu, 9 Mar 2000 17:07:55 +0000 (17:07 +0000)]
clarify.

24 years agobug fix.
Ulf Möller [Thu, 9 Mar 2000 17:07:19 +0000 (17:07 +0000)]
bug fix.
Submitted by: "Yoram Meroz" <yoram@mail.idrive.com>

24 years agoManual page installation did not work if INSTALL_PREFIX was a relative path.
Bodo Möller [Thu, 9 Mar 2000 15:04:27 +0000 (15:04 +0000)]
Manual page installation did not work if INSTALL_PREFIX was a relative path.

24 years agoDon't Free() password if it was read from config file.
Dr. Stephen Henson [Thu, 9 Mar 2000 01:03:44 +0000 (01:03 +0000)]
Don't Free() password if it was read from config file.

24 years agoClarification.
Bodo Möller [Wed, 8 Mar 2000 20:20:15 +0000 (20:20 +0000)]
Clarification.

24 years agoFix typo and make ca get the CA and request fields correct.
Dr. Stephen Henson [Wed, 8 Mar 2000 12:44:10 +0000 (12:44 +0000)]
Fix typo and make ca get the CA and request fields correct.

24 years agoManual pages for EVP_Open* and EVP_Seal*
Dr. Stephen Henson [Wed, 8 Mar 2000 01:48:12 +0000 (01:48 +0000)]
Manual pages for EVP_Open* and EVP_Seal*

24 years agoProtect variables from potential misinterpretations, for example a
Richard Levitte [Tue, 7 Mar 2000 23:17:48 +0000 (23:17 +0000)]
Protect variables from potential misinterpretations, for example a
colon which may bite the lesser knowleged...

24 years agoCheck that a password was actually passed, or the user will just get
Richard Levitte [Tue, 7 Mar 2000 22:35:27 +0000 (22:35 +0000)]
Check that a password was actually passed, or the user will just get
mysterious crashes.

24 years agoManual pages for EVP signing and verifying.
Dr. Stephen Henson [Tue, 7 Mar 2000 17:35:25 +0000 (17:35 +0000)]
Manual pages for EVP signing and verifying.

24 years agospelling
Bodo Möller [Tue, 7 Mar 2000 15:10:08 +0000 (15:10 +0000)]
spelling

24 years agoNew compatability trust and purpose settings.
Dr. Stephen Henson [Tue, 7 Mar 2000 14:04:29 +0000 (14:04 +0000)]
New compatability trust and purpose settings.

24 years ago{NEXT,OPEN}STEP don't have pid_t.
Bodo Möller [Tue, 7 Mar 2000 09:37:19 +0000 (09:37 +0000)]
{NEXT,OPEN}STEP don't have pid_t.

24 years agoFix the PKCS#8 DSA code so it works again. All the
Dr. Stephen Henson [Tue, 7 Mar 2000 01:03:33 +0000 (01:03 +0000)]
Fix the PKCS#8 DSA code so it works again. All the
broken formats worked but the valid didn't :-(

24 years agobug fix release planned
Ulf Möller [Mon, 6 Mar 2000 14:24:25 +0000 (14:24 +0000)]
bug fix release planned

24 years agoFix the indentation, and avoid a compiler warning.
Bodo Möller [Mon, 6 Mar 2000 10:21:57 +0000 (10:21 +0000)]
Fix the indentation, and avoid a compiler warning.

24 years agoLet's not lie to the people.
Richard Levitte [Mon, 6 Mar 2000 07:31:17 +0000 (07:31 +0000)]
Let's not lie to the people.

24 years agoAdd missing include (only MONOLITH builds were possible without it).
Bodo Möller [Sun, 5 Mar 2000 01:11:44 +0000 (01:11 +0000)]
Add missing include (only MONOLITH builds were possible without it).
Submitted by: Andrew W. Gray

24 years agoPreserve reason strings in automatically build tables.
Bodo Möller [Sun, 5 Mar 2000 00:19:36 +0000 (00:19 +0000)]
Preserve reason strings in automatically build tables.

24 years agoBeautifying. Sorry, but code that's slammed to the far left is not
Richard Levitte [Sat, 4 Mar 2000 21:31:52 +0000 (21:31 +0000)]
Beautifying.  Sorry, but code that's slammed to the far left is not
very readable in my opinion.

24 years agoLet's care about the compiler warnings for both cases, shall we?
Richard Levitte [Sat, 4 Mar 2000 20:19:57 +0000 (20:19 +0000)]
Let's care about the compiler warnings for both cases, shall we?

24 years agoThere is no reason to use downcase letters throughout in error reason
Bodo Möller [Sat, 4 Mar 2000 17:56:32 +0000 (17:56 +0000)]
There is no reason to use downcase letters throughout in error reason
strings, it's just the default because it's usually ok.

24 years agoRead complete seed files given in -rand options.
Bodo Möller [Sat, 4 Mar 2000 17:44:07 +0000 (17:44 +0000)]
Read complete seed files given in -rand options.

24 years agoGet definition of ssize_t.
Ben Laurie [Sat, 4 Mar 2000 11:42:40 +0000 (11:42 +0000)]
Get definition of ssize_t.

24 years agoChange output text (ar is not a linker).
Bodo Möller [Sat, 4 Mar 2000 02:06:04 +0000 (02:06 +0000)]
Change output text (ar is not a linker).

24 years agoGenerate correct error reasons strings for SYSerr.
Bodo Möller [Sat, 4 Mar 2000 01:36:53 +0000 (01:36 +0000)]
Generate correct error reasons strings for SYSerr.

24 years agoThe selftest sometimes lacked important information
Ulf Möller [Sat, 4 Mar 2000 00:22:56 +0000 (00:22 +0000)]
The selftest sometimes lacked important information

24 years agonew component
Ulf Möller [Sat, 4 Mar 2000 00:22:04 +0000 (00:22 +0000)]
new component

24 years agogcc warnings
Ulf Möller [Sat, 4 Mar 2000 00:21:45 +0000 (00:21 +0000)]
gcc warnings

24 years agoNote about PRNG error message for openssl command line tool.
Bodo Möller [Fri, 3 Mar 2000 23:28:35 +0000 (23:28 +0000)]
Note about PRNG error message for openssl command line tool.

24 years agoAdd an #include.
Bodo Möller [Fri, 3 Mar 2000 23:27:56 +0000 (23:27 +0000)]
Add an #include.

24 years agoUse signed type where -1 may be returned.
Bodo Möller [Fri, 3 Mar 2000 22:34:35 +0000 (22:34 +0000)]
Use signed type where -1 may be returned.

24 years agoAvoid potential memory leak in code generated by 'openssl dhparam -C'.
Bodo Möller [Fri, 3 Mar 2000 22:24:43 +0000 (22:24 +0000)]
Avoid potential memory leak in code generated by 'openssl dhparam -C'.

24 years agoNew '-dsaparam' option for 'openssl dhparam', and related fixes.
Bodo Möller [Fri, 3 Mar 2000 22:18:19 +0000 (22:18 +0000)]
New '-dsaparam' option for 'openssl dhparam', and related fixes.

24 years agoFix for previous patch: If RAND_pseudo_bytes returns 0, this is not an error.
Bodo Möller [Fri, 3 Mar 2000 07:51:25 +0000 (07:51 +0000)]
Fix for previous patch: If RAND_pseudo_bytes returns 0, this is not an error.

24 years agoMake name_funcs_stack static.
Dr. Stephen Henson [Fri, 3 Mar 2000 01:37:11 +0000 (01:37 +0000)]
Make name_funcs_stack static.

24 years agoMove the 'file scope' argument in set_label to
Dr. Stephen Henson [Fri, 3 Mar 2000 00:06:40 +0000 (00:06 +0000)]
Move the 'file scope' argument in set_label to
the third argument: the second was being used
already.

24 years agoSynchronise
Richard Levitte [Thu, 2 Mar 2000 23:32:47 +0000 (23:32 +0000)]
Synchronise

24 years agoUse RAND_pseudo_bytes, not RAND_bytes, for IVs/salts.
Bodo Möller [Thu, 2 Mar 2000 22:44:55 +0000 (22:44 +0000)]
Use RAND_pseudo_bytes, not RAND_bytes, for IVs/salts.

24 years agoUse RAND_pseudo_bytes, not RAND_bytes, for IVs/salts.
Bodo Möller [Thu, 2 Mar 2000 22:29:38 +0000 (22:29 +0000)]
Use RAND_pseudo_bytes, not RAND_bytes, for IVs/salts.

24 years agoUpdate comment.
Bodo Möller [Thu, 2 Mar 2000 22:08:30 +0000 (22:08 +0000)]
Update comment.

24 years agoAdd missing dependencies.
Bodo Möller [Thu, 2 Mar 2000 19:30:41 +0000 (19:30 +0000)]
Add missing dependencies.

24 years agoUse RAND_METHOD for implementing RAND_status.
Bodo Möller [Thu, 2 Mar 2000 14:34:58 +0000 (14:34 +0000)]
Use RAND_METHOD for implementing RAND_status.

24 years agoChange comment.
Bodo Möller [Thu, 2 Mar 2000 14:34:08 +0000 (14:34 +0000)]
Change comment.

24 years agoHack b_print.c to implement asprintf() functionality. Not enabled by
Richard Levitte [Thu, 2 Mar 2000 07:50:02 +0000 (07:50 +0000)]
Hack b_print.c to implement asprintf() functionality.  Not enabled by
default yet, I wanna play with it a bit more.

For those who don't know: asprintf() is an allocating sprintf.  The
first argument to it is a double indirection to char instead of a
single.

24 years agoMake bss_log.c a bit more readable, and implement it for VMS as well.
Richard Levitte [Thu, 2 Mar 2000 07:45:31 +0000 (07:45 +0000)]
Make bss_log.c a bit more readable, and implement it for VMS as well.

24 years agoIt started with finding a misplaced #endif. Then I wanted to see the
Richard Levitte [Thu, 2 Mar 2000 07:42:48 +0000 (07:42 +0000)]
It started with finding a misplaced #endif.  Then I wanted to see the
structure better.  I hope noone minds, and that it still works.  Steve?

24 years agoI'm experimenting with a hack in dopr() and friends b_printf.c to make
Richard Levitte [Thu, 2 Mar 2000 07:38:45 +0000 (07:38 +0000)]
I'm experimenting with a hack in dopr() and friends b_printf.c to make
it work like asprintf().

24 years agoFix bug which would free up a public key
Dr. Stephen Henson [Thu, 2 Mar 2000 00:37:53 +0000 (00:37 +0000)]
Fix bug which would free up a public key
twice if the verify callback tried to
continue after a signature failure.

24 years agoadd comment.
Ulf Möller [Wed, 1 Mar 2000 19:08:47 +0000 (19:08 +0000)]
add comment.