oweals/openssl.git
16 years agoFix indentation.
Dr. Stephen Henson [Mon, 2 Jun 2008 14:29:32 +0000 (14:29 +0000)]
Fix indentation.

16 years agoAvoid case in ca.c fix.
Dr. Stephen Henson [Mon, 2 Jun 2008 12:10:06 +0000 (12:10 +0000)]
Avoid case in ca.c fix.

16 years agoRevert, doesn't fix warning :-(
Dr. Stephen Henson [Mon, 2 Jun 2008 10:42:57 +0000 (10:42 +0000)]
Revert, doesn't fix warning :-(

16 years agoAvoid cast with wrapper function.
Dr. Stephen Henson [Mon, 2 Jun 2008 10:37:53 +0000 (10:37 +0000)]
Avoid cast with wrapper function.

16 years agoFree old store name (if any).
Dr. Stephen Henson [Sun, 1 Jun 2008 23:45:11 +0000 (23:45 +0000)]
Free old store name (if any).

16 years agoAdd ctrl for alternative certificate store names.
Dr. Stephen Henson [Sun, 1 Jun 2008 23:42:49 +0000 (23:42 +0000)]
Add ctrl for alternative certificate store names.

16 years agoUse keyspec for DSA too.
Dr. Stephen Henson [Sun, 1 Jun 2008 23:28:17 +0000 (23:28 +0000)]
Use keyspec for DSA too.

16 years agoGet and note keyspec when signing.
Dr. Stephen Henson [Sun, 1 Jun 2008 23:24:53 +0000 (23:24 +0000)]
Get and note keyspec when signing.

16 years agoRelease engine reference when calling SSL_CTX_free().
Dr. Stephen Henson [Sun, 1 Jun 2008 23:06:48 +0000 (23:06 +0000)]
Release engine reference when calling SSL_CTX_free().

16 years agoAllow ENGINE client cert callback to specify a set of other certs, for
Dr. Stephen Henson [Sun, 1 Jun 2008 22:45:08 +0000 (22:45 +0000)]
Allow ENGINE client cert callback to specify a set of other certs, for
the rest of the certificate chain. Currently unused.

16 years agoUpdate error codes.
Dr. Stephen Henson [Sun, 1 Jun 2008 22:34:40 +0000 (22:34 +0000)]
Update error codes.

16 years agoAdd client cert engine to SSL routines.
Dr. Stephen Henson [Sun, 1 Jun 2008 22:33:24 +0000 (22:33 +0000)]
Add client cert engine to SSL routines.

16 years agoUpdate error codes, move typedef of SSL, SSL_CTX to ossl_typ.h
Dr. Stephen Henson [Sun, 1 Jun 2008 21:18:47 +0000 (21:18 +0000)]
Update error codes, move typedef of SSL, SSL_CTX to ossl_typ.h

16 years agoAdd support for ENGINE supplied SSL client auth.
Dr. Stephen Henson [Sun, 1 Jun 2008 21:10:30 +0000 (21:10 +0000)]
Add support for ENGINE supplied SSL client auth.

16 years agoUpdate from stable branch.
Dr. Stephen Henson [Sun, 1 Jun 2008 11:07:34 +0000 (11:07 +0000)]
Update from stable branch.

16 years agoUpdate from stable branch.
Dr. Stephen Henson [Sat, 31 May 2008 23:48:02 +0000 (23:48 +0000)]
Update from stable branch.

16 years agoUpdate VC-32.pl and load CryptoAPI engine in the right place.
Dr. Stephen Henson [Sat, 31 May 2008 23:21:40 +0000 (23:21 +0000)]
Update VC-32.pl and load CryptoAPI engine in the right place.

16 years agoMore CryptoAPI engine code from stable branch.
Dr. Stephen Henson [Sat, 31 May 2008 22:53:16 +0000 (22:53 +0000)]
More CryptoAPI engine code from stable branch.

16 years agoAdd CryptoAPI error file too.
Dr. Stephen Henson [Sat, 31 May 2008 22:50:00 +0000 (22:50 +0000)]
Add CryptoAPI error file too.

16 years agoAdd CryptoAPI ENGINE from stable branch.
Dr. Stephen Henson [Sat, 31 May 2008 22:49:32 +0000 (22:49 +0000)]
Add CryptoAPI ENGINE from stable branch.

16 years agoRecognize LHASH_OF().
Dr. Stephen Henson [Sat, 31 May 2008 21:20:53 +0000 (21:20 +0000)]
Recognize LHASH_OF().

16 years agoStop const mismatch warning.
Dr. Stephen Henson [Sat, 31 May 2008 19:28:57 +0000 (19:28 +0000)]
Stop const mismatch warning.

16 years agoStop warning about extra ';' outside of function.
Dr. Stephen Henson [Sat, 31 May 2008 19:17:25 +0000 (19:17 +0000)]
Stop warning about extra ';' outside of function.

16 years agoStop const mismatch warning in VC++.
Dr. Stephen Henson [Sat, 31 May 2008 18:55:23 +0000 (18:55 +0000)]
Stop const mismatch warning in VC++.

16 years agoEveryone's had a few years to port their favorite additions to 0.9.7
Bodo Möller [Sat, 31 May 2008 13:42:53 +0000 (13:42 +0000)]
Everyone's had a few years to port their favorite additions to 0.9.7
to HEAD (and the 0.9.8 branch).  Remove the reminder.

16 years agoFix from stable branch.
Dr. Stephen Henson [Fri, 30 May 2008 10:57:49 +0000 (10:57 +0000)]
Fix from stable branch.

16 years agosync with 0.9.8 branch
Bodo Möller [Wed, 28 May 2008 22:30:28 +0000 (22:30 +0000)]
sync with 0.9.8 branch

16 years agoFrom HEAD:
Bodo Möller [Wed, 28 May 2008 22:17:34 +0000 (22:17 +0000)]
From HEAD:

Fix flaw if 'Server Key exchange message' is omitted from a TLS
handshake which could lead to a cilent crash as found using the
Codenomicon TLS test suite (CVE-2008-1672)

Reviewed by: openssl-security@openssl.org

Obtained from: mark@awe.com

16 years agoFrom HEAD:
Bodo Möller [Wed, 28 May 2008 22:15:48 +0000 (22:15 +0000)]
From HEAD:

Fix double-free in TLS server name extensions which could lead to a remote
crash found by Codenomicon TLS test suite (CVE-2008-0891)

Reviewed by: openssl-security@openssl.org

Obtained from: jorton@redhat.com

16 years agogrammar
Bodo Möller [Tue, 27 May 2008 18:43:20 +0000 (18:43 +0000)]
grammar

16 years agoyear 2008
Bodo Möller [Tue, 27 May 2008 18:41:09 +0000 (18:41 +0000)]
year 2008

16 years agoAvoid "duplicate const" warnings.
Dr. Stephen Henson [Tue, 27 May 2008 11:44:03 +0000 (11:44 +0000)]
Avoid "duplicate const" warnings.

16 years agoAvoid warning about empty structures and always define CHECKED_PTR_OF
Dr. Stephen Henson [Tue, 27 May 2008 11:28:49 +0000 (11:28 +0000)]
Avoid warning about empty structures and always define CHECKED_PTR_OF

16 years agoC++ style comments fixed.
Dr. Stephen Henson [Mon, 26 May 2008 15:39:36 +0000 (15:39 +0000)]
C++ style comments fixed.

16 years agoLHASH revamp. make depend.
Ben Laurie [Mon, 26 May 2008 11:24:29 +0000 (11:24 +0000)]
LHASH revamp. make depend.

16 years agoAdd README about removed root CA certificates.
Lutz Jänicke [Mon, 26 May 2008 06:23:57 +0000 (06:23 +0000)]
Add README about removed root CA certificates.

16 years agoReword comment to be much shorter to stop other people from complaining
Lutz Jänicke [Mon, 26 May 2008 06:21:13 +0000 (06:21 +0000)]
Reword comment to be much shorter to stop other people from complaining
about "overcommenting".

16 years agoClear error queue when starting SSL_CTX_use_certificate_chain_file
Lutz Jänicke [Fri, 23 May 2008 10:37:52 +0000 (10:37 +0000)]
Clear error queue when starting SSL_CTX_use_certificate_chain_file
PR: 1417, 1513
Submitted by: Erik de Castro Lopo <mle+openssl@mega-nerd.com>

16 years agoRemove all root CA files (beyond test CAs including private key)
Lutz Jänicke [Fri, 23 May 2008 08:59:23 +0000 (08:59 +0000)]
Remove all root CA files (beyond test CAs including private key)
from the OpenSSL distribution.

16 years agoTypo.
Dr. Stephen Henson [Tue, 20 May 2008 18:49:00 +0000 (18:49 +0000)]
Typo.

16 years agoTypo.
Dr. Stephen Henson [Tue, 20 May 2008 16:13:57 +0000 (16:13 +0000)]
Typo.

16 years agoUpdate ordinals.
Dr. Stephen Henson [Tue, 20 May 2008 12:23:38 +0000 (12:23 +0000)]
Update ordinals.

16 years agoUpdate from stable branch.
Dr. Stephen Henson [Tue, 20 May 2008 11:52:57 +0000 (11:52 +0000)]
Update from stable branch.

16 years agoFix from stable branch.
Dr. Stephen Henson [Tue, 20 May 2008 11:30:27 +0000 (11:30 +0000)]
Fix from stable branch.

16 years agoCorrectly adjust location of comment
Lutz Jänicke [Tue, 20 May 2008 08:10:48 +0000 (08:10 +0000)]
Correctly adjust location of comment

Submitted by: Ben Laurie <ben@links.org>

16 years agoFix two invalid memory reads in RSA OAEP mode.
Dr. Stephen Henson [Mon, 19 May 2008 21:33:55 +0000 (21:33 +0000)]
Fix two invalid memory reads in RSA OAEP mode.
Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com>
Reviewed by: steve

16 years agoChange use of CRYPTO_THREADID so that we always use both the ulong and
Bodo Möller [Mon, 19 May 2008 20:45:25 +0000 (20:45 +0000)]
Change use of CRYPTO_THREADID so that we always use both the ulong and
ptr members.

(So if the id_callback is bogus, we still have &errno.)

16 years agoDisable code that clearly doesn't currently serve any useful purpose.
Bodo Möller [Mon, 19 May 2008 19:44:45 +0000 (19:44 +0000)]
Disable code that clearly doesn't currently serve any useful purpose.
(Buggy line reported by Matthias Koenig.)

16 years agoDocument "openssl s_server" -crl_check* options
Lutz Jänicke [Mon, 19 May 2008 07:52:15 +0000 (07:52 +0000)]
Document "openssl s_server" -crl_check* options

Submitted by: Daniel Black <daniel.subs@internode.on.net>

16 years agoProvide information about "openssl dgst" -hmac option.
Lutz Jänicke [Mon, 19 May 2008 07:43:34 +0000 (07:43 +0000)]
Provide information about "openssl dgst" -hmac option.

16 years agoTypo. (From 0.9.8-stable/S. Henson)
Lutz Jänicke [Mon, 19 May 2008 06:21:05 +0000 (06:21 +0000)]
Typo. (From 0.9.8-stable/S. Henson)
PR: 1672

16 years agoAnother occurance of possible valgrind/purify "uninitialized memory"
Lutz Jänicke [Fri, 16 May 2008 07:14:26 +0000 (07:14 +0000)]
Another occurance of possible valgrind/purify "uninitialized memory"
complaint related to the PRNG: with PURIFY policy don't feed uninitialized
memory into the PRNG.

Submitted by: Bodo Moeller <bmoeller@openssl.org> :-)

16 years agoFix from stable branch.
Dr. Stephen Henson [Mon, 12 May 2008 16:24:31 +0000 (16:24 +0000)]
Fix from stable branch.

16 years agoAdd missing cast.
Dr. Stephen Henson [Fri, 9 May 2008 23:16:24 +0000 (23:16 +0000)]
Add missing cast.

16 years agoDepict future Win64/x64 development.
Andy Polyakov [Sat, 3 May 2008 18:34:59 +0000 (18:34 +0000)]
Depict future Win64/x64 development.

16 years agoClarifying comment.
Bodo Möller [Fri, 2 May 2008 18:47:48 +0000 (18:47 +0000)]
Clarifying comment.

16 years agoNew function CMS_add1_crl().
Dr. Stephen Henson [Fri, 2 May 2008 17:27:01 +0000 (17:27 +0000)]
New function CMS_add1_crl().

16 years agoIndicate support for digest init ctrl.
Dr. Stephen Henson [Fri, 2 May 2008 11:24:40 +0000 (11:24 +0000)]
Indicate support for digest init ctrl.

16 years agoTypo.
Dr. Stephen Henson [Thu, 1 May 2008 23:35:36 +0000 (23:35 +0000)]
Typo.

16 years agoUse "cont" consistently in cms-examples.pl
Dr. Stephen Henson [Thu, 1 May 2008 23:30:06 +0000 (23:30 +0000)]
Use "cont" consistently in cms-examples.pl

Add a -certsout option to output any certificates in a message.

Add test for example 4.11

16 years agoMontgomery-related minor cleanups/documentation
Bodo Möller [Thu, 1 May 2008 18:48:20 +0000 (18:48 +0000)]
Montgomery-related minor cleanups/documentation

16 years agoUpdate from stable branch.
Dr. Stephen Henson [Wed, 30 Apr 2008 16:14:02 +0000 (16:14 +0000)]
Update from stable branch.

16 years agoUpdate from stable branch.
Dr. Stephen Henson [Tue, 29 Apr 2008 17:22:35 +0000 (17:22 +0000)]
Update from stable branch.

16 years agoOops!
Dr. Stephen Henson [Tue, 29 Apr 2008 16:46:46 +0000 (16:46 +0000)]
Oops!

16 years agoUpdate from stable branch.
Dr. Stephen Henson [Tue, 29 Apr 2008 16:44:51 +0000 (16:44 +0000)]
Update from stable branch.

16 years agoUpdate from stable branch.
Dr. Stephen Henson [Tue, 29 Apr 2008 16:39:03 +0000 (16:39 +0000)]
Update from stable branch.

16 years agoFix auto-discovery of ENGINEs. See the CHANGES entry for details (and/or
Geoff Thorpe [Mon, 28 Apr 2008 21:39:09 +0000 (21:39 +0000)]
Fix auto-discovery of ENGINEs. See the CHANGES entry for details (and/or
ticket #1668).

PR: 1668
Submitted by: Ian Lister
Reviewed by: Geoff Thorpe

16 years agoPaul Sheer optimised the OpenSSL to/from libGMP conversions for the case
Geoff Thorpe [Sun, 27 Apr 2008 18:41:23 +0000 (18:41 +0000)]
Paul Sheer optimised the OpenSSL to/from libGMP conversions for the case
where they both use the same limb size. I've tweaked his patch slightly, so
blame me if it breaks.

Submitted by: Paul Sheer
Reviewed by: Geoff Thorpe

16 years agoDon't send zero length session ID if stateless session resupmtion is
Dr. Stephen Henson [Fri, 25 Apr 2008 16:27:04 +0000 (16:27 +0000)]
Don't send zero length session ID if stateless session resupmtion is
successful. Check be seeing if there is a cache hit.

16 years agoDisable debugging fprintf.
Dr. Stephen Henson [Fri, 25 Apr 2008 11:33:32 +0000 (11:33 +0000)]
Disable debugging fprintf.

16 years agoAdd 64-bit support to BN_nist_mod_244 and engage BN_nist_mod_* on 64-bit
Andy Polyakov [Thu, 24 Apr 2008 10:04:26 +0000 (10:04 +0000)]
Add 64-bit support to BN_nist_mod_244 and engage BN_nist_mod_* on 64-bit
platforms.

16 years agoCompensate inline assembler in sha512.c for gcc 2.7.2 compiler bug.
Andy Polyakov [Thu, 24 Apr 2008 09:59:45 +0000 (09:59 +0000)]
Compensate inline assembler in sha512.c for gcc 2.7.2 compiler bug.
PR: 1667

16 years agoTakanori Yanagisawa has shown how to correctly use pre-computed values.
Andy Polyakov [Wed, 23 Apr 2008 08:10:25 +0000 (08:10 +0000)]
Takanori Yanagisawa has shown how to correctly use pre-computed values.
So in a sense this commit reverts few latest ones fixing bugs in original
code and improving it, most notably adding 64-bit support [though not in
BN_nist_mod_224 yet].
PR: 1593

16 years agoResolve __DECC warning and keep disclaiming support for 16-bit platforms.
Andy Polyakov [Fri, 18 Apr 2008 15:47:30 +0000 (15:47 +0000)]
Resolve __DECC warning and keep disclaiming support for 16-bit platforms.

16 years agoFix remaining BN_nist_mod_*.
Andy Polyakov [Fri, 18 Apr 2008 15:40:57 +0000 (15:40 +0000)]
Fix remaining BN_nist_mod_*.
PR: 1593

16 years agoMake certs argument work in CMS_sign() add test case.
Dr. Stephen Henson [Fri, 18 Apr 2008 11:18:20 +0000 (11:18 +0000)]
Make certs argument work in CMS_sign() add test case.
PR:1664

16 years agoAdd missing 'extern "C" {' to some _err.h files in crypto/engines/
Lutz Jänicke [Fri, 18 Apr 2008 07:43:26 +0000 (07:43 +0000)]
Add missing 'extern "C" {' to some _err.h files in crypto/engines/
PR: 1609

16 years agoAnother minor update from the mingw development
Lutz Jänicke [Fri, 18 Apr 2008 06:35:55 +0000 (06:35 +0000)]
Another minor update from the mingw development
PR: 1552
Submitted by: Roumen Petrov <openssl@roumenpetrov.info>

16 years agoSynchronise with Unix.
Richard Levitte [Fri, 18 Apr 2008 06:04:03 +0000 (06:04 +0000)]
Synchronise with Unix.

16 years agoFix incorrect return value in apps/apps.c:parse_yesno()
Lutz Jänicke [Thu, 17 Apr 2008 14:15:27 +0000 (14:15 +0000)]
Fix incorrect return value in apps/apps.c:parse_yesno()
PR: 1607
Submitted by: "Christophe Macé" <mace.christophe@gmail.com>

16 years agoCorrectly handle case of bad arguments supplied to rsautl
Lutz Jänicke [Thu, 17 Apr 2008 13:36:13 +0000 (13:36 +0000)]
Correctly handle case of bad arguments supplied to rsautl
PR: 1659

16 years agoApply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev
Lutz Jänicke [Thu, 17 Apr 2008 10:19:16 +0000 (10:19 +0000)]
Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev
PR: 1552
Submitted by: Roumen Petrov <openssl@roumenpetrov.info>, "Alon Bar-Lev" <alon.barlev@gmail.com>

16 years agoFurther synchronisation with Unix build. I hadn't noticed pq_compat.h
Richard Levitte [Sat, 12 Apr 2008 08:41:05 +0000 (08:41 +0000)]
Further synchronisation with Unix build.  I hadn't noticed pq_compat.h
was gone...

16 years agoProvide other forms for symbols that are too long or that clash with others
Richard Levitte [Sat, 12 Apr 2008 08:40:01 +0000 (08:40 +0000)]
Provide other forms for symbols that are too long or that clash with others

16 years agoDetached encrypt/decrypt example, fix decrypt sample.
Dr. Stephen Henson [Fri, 11 Apr 2008 23:52:26 +0000 (23:52 +0000)]
Detached encrypt/decrypt example, fix decrypt sample.

16 years agoCorrect argument order for CMS_decrypt() in docs.
Dr. Stephen Henson [Fri, 11 Apr 2008 23:49:03 +0000 (23:49 +0000)]
Correct argument order for CMS_decrypt() in docs.

16 years agoFix prototype for CMS_decrypt(), don't free up detached content.
Dr. Stephen Henson [Fri, 11 Apr 2008 23:45:52 +0000 (23:45 +0000)]
Fix prototype for CMS_decrypt(), don't free up detached content.

16 years agoRevert argument swap change... oops CMS_uncompress() was consistent...
Dr. Stephen Henson [Fri, 11 Apr 2008 23:23:18 +0000 (23:23 +0000)]
Revert argument swap change... oops CMS_uncompress() was consistent...

16 years agoFix comments.
Dr. Stephen Henson [Fri, 11 Apr 2008 17:50:20 +0000 (17:50 +0000)]
Fix comments.

16 years agoMake CMS_uncompress() argument order consistent with other functions.
Dr. Stephen Henson [Fri, 11 Apr 2008 17:34:13 +0000 (17:34 +0000)]
Make CMS_uncompress() argument order consistent with other functions.

16 years agoCMS compressed data examples.
Dr. Stephen Henson [Fri, 11 Apr 2008 17:33:29 +0000 (17:33 +0000)]
CMS compressed data examples.

16 years agoFix for compression and updated CMS_final().
Dr. Stephen Henson [Fri, 11 Apr 2008 17:07:01 +0000 (17:07 +0000)]
Fix for compression and updated CMS_final().

16 years agoPKCS#7 examples converted to CMS.
Dr. Stephen Henson [Fri, 11 Apr 2008 16:52:45 +0000 (16:52 +0000)]
PKCS#7 examples converted to CMS.

16 years agoSynchronise with Unix build
Richard Levitte [Fri, 11 Apr 2008 01:53:16 +0000 (01:53 +0000)]
Synchronise with Unix build

16 years agoReformat, fix typos and clarify CMS API docs.
Dr. Stephen Henson [Thu, 10 Apr 2008 23:28:25 +0000 (23:28 +0000)]
Reformat, fix typos and clarify CMS API docs.

16 years agoCorrect HISTORY reference.
Dr. Stephen Henson [Thu, 10 Apr 2008 15:59:40 +0000 (15:59 +0000)]
Correct HISTORY reference.

16 years agoTypo.
Dr. Stephen Henson [Thu, 10 Apr 2008 15:56:27 +0000 (15:56 +0000)]
Typo.

16 years agoAdd docs for CMS_final() and BIO_new_CMS().
Dr. Stephen Henson [Thu, 10 Apr 2008 11:55:57 +0000 (11:55 +0000)]
Add docs for CMS_final() and BIO_new_CMS().

16 years agoAdd additional parameter to CMS_final() to handle detached content.
Dr. Stephen Henson [Thu, 10 Apr 2008 11:22:14 +0000 (11:22 +0000)]
Add additional parameter to CMS_final() to handle detached content.

16 years agoIgnore nonsensical flags for signed receipts.
Dr. Stephen Henson [Thu, 10 Apr 2008 11:12:42 +0000 (11:12 +0000)]
Ignore nonsensical flags for signed receipts.