oweals/openssl.git
22 years agoharmonize with 0.9.7 tree
Bodo Möller [Thu, 14 Nov 2002 12:17:47 +0000 (12:17 +0000)]
harmonize with 0.9.7 tree

22 years agoFix to build better with DJGPP.
Richard Levitte [Thu, 14 Nov 2002 11:22:01 +0000 (11:22 +0000)]
Fix to build better with DJGPP.
PR: 338

Here's the description, submitted by Gisle Vanem <giva@bgnett.no>:

1. sock_init() renamed to ssl_sock_init() in ./apps/s_socket.c due
   to name-clash with Watt-32.

2. rand() renamed to Rand() in ./crypto/bn/divtest.c due to name-clash
   with <stdlib.h>

3. Added calls to dbug_init()/sock_init() in some demo programs.

4. Changed cflags/lflags in configure. Watt-32 install root now taken
   from $WATT_ROOT.

22 years agoDon't declare 2 WARNINGS sections
Lutz Jänicke [Thu, 14 Nov 2002 11:13:01 +0000 (11:13 +0000)]
Don't declare 2 WARNINGS sections
Submitted by:
Reviewed by:
PR:

22 years agoOpportunistic change to work around pod2latex bug: rename NAME OPTIONS
Lutz Jänicke [Thu, 14 Nov 2002 11:09:07 +0000 (11:09 +0000)]
Opportunistic change to work around pod2latex bug: rename NAME OPTIONS
section to SUBJECT AND ISSUER NAME OPTIONS
Submitted by:
Reviewed by:
PR: 333

22 years agoCorrect reference to section name.
Lutz Jänicke [Thu, 14 Nov 2002 11:03:30 +0000 (11:03 +0000)]
Correct reference to section name.
Submitted by:
Reviewed by:
PR:

22 years agofix output
Bodo Möller [Thu, 14 Nov 2002 10:57:45 +0000 (10:57 +0000)]
fix output

Submitted by: Nils Larsch

22 years agouse new BIO_indent() function here as well
Bodo Möller [Thu, 14 Nov 2002 10:56:59 +0000 (10:56 +0000)]
use new BIO_indent() function here as well

Submitted by: Nils Larsch

22 years agoMissing =back
Lutz Jänicke [Thu, 14 Nov 2002 10:51:54 +0000 (10:51 +0000)]
Missing =back
Submitted by:
Reviewed by:
PR:

22 years agoThe directory 'rijndael' doesn't exist any more, let's check the aes
Richard Levitte [Thu, 14 Nov 2002 08:23:32 +0000 (08:23 +0000)]
The directory 'rijndael' doesn't exist any more, let's check the aes
directory instead (this should have been done long ago...).

22 years agoWhen AES is skipped because the option 'no-rijndael' was given,
Richard Levitte [Thu, 14 Nov 2002 08:20:40 +0000 (08:20 +0000)]
When AES is skipped because the option 'no-rijndael' was given,
make sure it's skipped from SDIRS as well.

22 years agoMake the Windows test scripts consistent in their echoing
Richard Levitte [Thu, 14 Nov 2002 08:08:55 +0000 (08:08 +0000)]
Make the Windows test scripts consistent in their echoing

22 years agoHandle last lines that aren't properly terminated.
Richard Levitte [Thu, 14 Nov 2002 06:51:18 +0000 (06:51 +0000)]
Handle last lines that aren't properly terminated.
PR: 308

22 years agoFix get_email: 0 is a valid return value
Dr. Stephen Henson [Thu, 14 Nov 2002 00:46:11 +0000 (00:46 +0000)]
Fix get_email: 0 is a valid return value

22 years agoConstification needed.
Richard Levitte [Wed, 13 Nov 2002 23:47:31 +0000 (23:47 +0000)]
Constification needed.
PR: 241

22 years agofree() -> OPENSSL_free()
Richard Levitte [Wed, 13 Nov 2002 20:25:47 +0000 (20:25 +0000)]
free() -> OPENSSL_free()

22 years agoMerge from 0.9.7-stable.
Richard Levitte [Wed, 13 Nov 2002 18:10:30 +0000 (18:10 +0000)]
Merge from 0.9.7-stable.

22 years agoThis didn't get to the 0.9.8-dev thread...
Richard Levitte [Wed, 13 Nov 2002 18:09:27 +0000 (18:09 +0000)]
This didn't get to the 0.9.8-dev thread...

22 years agoCorrect support for SunOS 4.1.3_U1.
Richard Levitte [Wed, 13 Nov 2002 16:11:14 +0000 (16:11 +0000)]
Correct support for SunOS 4.1.3_U1.
PR: 227

22 years agoSecurity fixes brought forward from 0.9.7.
Ben Laurie [Wed, 13 Nov 2002 15:43:43 +0000 (15:43 +0000)]
Security fixes brought forward from 0.9.7.

22 years agoWhen build as dynamic engines, the loading functions should be defined
Richard Levitte [Wed, 13 Nov 2002 15:30:25 +0000 (15:30 +0000)]
When build as dynamic engines, the loading functions should be defined
static.

22 years agoMake internal functions static.
Richard Levitte [Wed, 13 Nov 2002 14:34:53 +0000 (14:34 +0000)]
Make internal functions static.

22 years agoName the flag files correctly.
Richard Levitte [Wed, 13 Nov 2002 14:31:34 +0000 (14:31 +0000)]
Name the flag files correctly.

22 years agoTypo
Dr. Stephen Henson [Wed, 13 Nov 2002 14:07:37 +0000 (14:07 +0000)]
Typo

22 years agodisable weird assert()s
Bodo Möller [Wed, 13 Nov 2002 14:01:34 +0000 (14:01 +0000)]
disable weird assert()s

22 years agoremove unused old directory crypto/rijndael (superseded by crypto/aes)
Bodo Möller [Wed, 13 Nov 2002 13:55:41 +0000 (13:55 +0000)]
remove unused old directory crypto/rijndael (superseded by crypto/aes)

22 years agoUpdate docs
Dr. Stephen Henson [Wed, 13 Nov 2002 13:18:14 +0000 (13:18 +0000)]
Update docs

22 years agoFix warnings, makefile cockup.
Ben Laurie [Wed, 13 Nov 2002 11:59:48 +0000 (11:59 +0000)]
Fix warnings, makefile cockup.

22 years agoPut NAME in right place, fix typo
Dr. Stephen Henson [Wed, 13 Nov 2002 01:20:43 +0000 (01:20 +0000)]
Put NAME in right place, fix typo

22 years agoOnly accept exact match for modifier or tag name
Dr. Stephen Henson [Wed, 13 Nov 2002 00:57:41 +0000 (00:57 +0000)]
Only accept exact match for modifier or tag name

22 years agoAdd header ctype.h
Dr. Stephen Henson [Wed, 13 Nov 2002 00:42:11 +0000 (00:42 +0000)]
Add header ctype.h

22 years agoFix memory leak in s2i_ASN_INTEGER and return an error
Dr. Stephen Henson [Wed, 13 Nov 2002 00:40:51 +0000 (00:40 +0000)]
Fix memory leak in s2i_ASN_INTEGER and return an error
if any invalid characters are present.

22 years agoUpdate docs
Dr. Stephen Henson [Wed, 13 Nov 2002 00:14:15 +0000 (00:14 +0000)]
Update docs

22 years agoInitial ASN1 generation documentation.
Dr. Stephen Henson [Tue, 12 Nov 2002 18:20:28 +0000 (18:20 +0000)]
Initial ASN1 generation documentation.

22 years agoSynchronise...
Richard Levitte [Tue, 12 Nov 2002 13:55:20 +0000 (13:55 +0000)]
Synchronise...

22 years agoInitial ASN1 generation code. This can construct
Dr. Stephen Henson [Tue, 12 Nov 2002 13:34:51 +0000 (13:34 +0000)]
Initial ASN1 generation code. This can construct
arbitrary encodings from strings and config files.

Documentation to follow...

22 years agoMake it possible to run individual tests even when linked with libcrypto.so and libssl.so
Richard Levitte [Tue, 12 Nov 2002 11:25:23 +0000 (11:25 +0000)]
Make it possible to run individual tests even when linked with libcrypto.so and libssl.so

22 years agoMake the CBC mode od AES accept lengths that aren't multiples of 16.
Richard Levitte [Tue, 12 Nov 2002 11:00:25 +0000 (11:00 +0000)]
Make the CBC mode od AES accept lengths that aren't multiples of 16.
PR: 330

22 years agoVariables on the stack must be initialized or we can't depend on any
Richard Levitte [Mon, 11 Nov 2002 21:34:21 +0000 (21:34 +0000)]
Variables on the stack must be initialized or we can't depend on any
initial value.  For errline/errorline, we did depend on that, erroneously

22 years agoMake the programs link against the static library on MacOS X.
Richard Levitte [Mon, 11 Nov 2002 20:46:52 +0000 (20:46 +0000)]
Make the programs link against the static library on MacOS X.
PR: 335

22 years agoTypo.
Lutz Jänicke [Mon, 11 Nov 2002 11:19:15 +0000 (11:19 +0000)]
Typo.
Submitted by: assar <assar@kth.se>
Reviewed by:
PR:

22 years agodo tests with all built-in curves
Bodo Möller [Mon, 11 Nov 2002 10:25:12 +0000 (10:25 +0000)]
do tests with all built-in curves

Submitted by: Nils Larsch

22 years agocorrections to built-in curves
Bodo Möller [Mon, 11 Nov 2002 10:24:52 +0000 (10:24 +0000)]
corrections to built-in curves

Submitted by: Nils Larsch

22 years agoMake sure permissions are friendly when building release tar file.
Lutz Jänicke [Mon, 11 Nov 2002 08:57:04 +0000 (08:57 +0000)]
Make sure permissions are friendly when building release tar file.
Submitted by:
Reviewed by:
PR: 171

22 years agoMore information to the important issue of seeding the PRNG
Lutz Jänicke [Mon, 11 Nov 2002 08:33:10 +0000 (08:33 +0000)]
More information to the important issue of seeding the PRNG
Submitted by:
Reviewed by:
PR: 285

22 years agoX509_NAME_cmp() now compares PrintableString and emailAddress with a value of type
Richard Levitte [Sat, 9 Nov 2002 21:52:20 +0000 (21:52 +0000)]
X509_NAME_cmp() now compares PrintableString and emailAddress with a value of type
ia5String correctly.
PR: 244

22 years agoTypo
Dr. Stephen Henson [Sat, 9 Nov 2002 18:05:33 +0000 (18:05 +0000)]
Typo

22 years ago-CAserial does take a filename argument.
Richard Levitte [Fri, 8 Nov 2002 21:53:54 +0000 (21:53 +0000)]
-CAserial does take a filename argument.
PR: 332

22 years ago-CAcreateserial doesn't take a filename argument.
Richard Levitte [Fri, 8 Nov 2002 21:51:09 +0000 (21:51 +0000)]
-CAcreateserial doesn't take a filename argument.
PR: 332

22 years agoWindows doesn't know sys/file.h
Richard Levitte [Thu, 7 Nov 2002 21:40:06 +0000 (21:40 +0000)]
Windows doesn't know sys/file.h

22 years agoTypo in OCSP ASN1 module
Dr. Stephen Henson [Thu, 7 Nov 2002 17:42:59 +0000 (17:42 +0000)]
Typo in OCSP ASN1 module

22 years agoKeep on using ${CC}, since gcc may act in disguise.
Richard Levitte [Wed, 6 Nov 2002 23:39:03 +0000 (23:39 +0000)]
Keep on using ${CC}, since gcc may act in disguise.

22 years agoGenerate openssl.pc so pkg-config can return proper data.
Richard Levitte [Wed, 6 Nov 2002 23:35:00 +0000 (23:35 +0000)]
Generate openssl.pc so pkg-config can return proper data.
PR: 163

22 years agoStupid bug fixes. I've forgotten my DCL...
Richard Levitte [Wed, 6 Nov 2002 17:27:11 +0000 (17:27 +0000)]
Stupid bug fixes.  I've forgotten my DCL...

22 years agoprint less output (no details unless a test failed)
Bodo Möller [Wed, 6 Nov 2002 11:48:09 +0000 (11:48 +0000)]
print less output (no details unless a test failed)

Submitted by: Nils Larsch

22 years agosome people just can't read the instructions
Richard Levitte [Wed, 6 Nov 2002 06:02:05 +0000 (06:02 +0000)]
some people just can't read the instructions

22 years agoCRL reason code docs.
Dr. Stephen Henson [Wed, 6 Nov 2002 01:28:55 +0000 (01:28 +0000)]
CRL reason code docs.

22 years agoavoid Purify warnings
Bodo Möller [Tue, 5 Nov 2002 13:54:41 +0000 (13:54 +0000)]
avoid Purify warnings

Submitted by: Nils Larsch

22 years agoCheck for NULL ASN1_ITEM when initializeing
Dr. Stephen Henson [Tue, 5 Nov 2002 13:48:33 +0000 (13:48 +0000)]
Check for NULL ASN1_ITEM when initializeing
boolean option in ASN1_TYPE.

22 years agofix typo
Bodo Möller [Tue, 5 Nov 2002 10:54:40 +0000 (10:54 +0000)]
fix typo

22 years agoimplement and use new macros BN_get_sign(), BN_set_sign()
Bodo Möller [Mon, 4 Nov 2002 13:17:22 +0000 (13:17 +0000)]
implement and use new macros BN_get_sign(), BN_set_sign()

Submitted by: Nils Larsch

22 years agoOff-by-one-error corrected.
Richard Levitte [Mon, 4 Nov 2002 11:30:47 +0000 (11:30 +0000)]
Off-by-one-error corrected.
PR: 235

22 years agoCosmetic change
Richard Levitte [Mon, 4 Nov 2002 06:26:37 +0000 (06:26 +0000)]
Cosmetic change

22 years agoSince we're currently assuming VMS can deal with dynamic engines,
Richard Levitte [Mon, 4 Nov 2002 00:29:26 +0000 (00:29 +0000)]
Since we're currently assuming VMS can deal with dynamic engines,
don't include the static engine entry points in libcrypto.exe.

22 years agoDepend on OPENSSL_NO_STATIC_ENGINE rather than OPENSSL_NO_DYNAMIC_ENGINE.
Richard Levitte [Fri, 1 Nov 2002 12:37:22 +0000 (12:37 +0000)]
Depend on OPENSSL_NO_STATIC_ENGINE rather than OPENSSL_NO_DYNAMIC_ENGINE.
Make sure to include openssl/opensslconf.h to make sure we get the
definition of those macros.

22 years agoRemove all referenses to RSAref, since that's been gone for more than
Richard Levitte [Thu, 31 Oct 2002 16:46:52 +0000 (16:46 +0000)]
Remove all referenses to RSAref, since that's been gone for more than
a year.

22 years agoAdd all that is needed to build external engines on VMS.
Richard Levitte [Thu, 31 Oct 2002 15:43:38 +0000 (15:43 +0000)]
Add all that is needed to build external engines on VMS.
Currently, we simply assume that they shall always be built as
shareable images.

22 years agoAdd the command procedure to build external engines on VMS.
Richard Levitte [Thu, 31 Oct 2002 15:43:00 +0000 (15:43 +0000)]
Add the command procedure to build external engines on VMS.
Currently, we simply assume that they shall always be built as
shareable images.

22 years agoNew files have appeared, tell VMS.
Richard Levitte [Wed, 30 Oct 2002 09:46:21 +0000 (09:46 +0000)]
New files have appeared, tell VMS.

22 years agoPlug potential memory leak.
Richard Levitte [Wed, 30 Oct 2002 09:42:42 +0000 (09:42 +0000)]
Plug potential memory leak.
Identified by Goetz Babin-Ebell <babinebell@trustcenter.de>

22 years agoAdd a HISTORY section to the man page to mention the new flags.
Geoff Thorpe [Tue, 29 Oct 2002 18:05:16 +0000 (18:05 +0000)]
Add a HISTORY section to the man page to mention the new flags.

22 years agoThe recent CHANGES note between 0.9.6g and 0.9.6h needs copying into the
Geoff Thorpe [Tue, 29 Oct 2002 18:01:08 +0000 (18:01 +0000)]
The recent CHANGES note between 0.9.6g and 0.9.6h needs copying into the
other branches.

22 years agoThe last character of inconsistency in my recent commits is hereby
Geoff Thorpe [Tue, 29 Oct 2002 17:51:32 +0000 (17:51 +0000)]
The last character of inconsistency in my recent commits is hereby
squashed.

22 years agosynchronise util/libeay.num with the 0.9.7-stable variant (guys, this
Richard Levitte [Tue, 29 Oct 2002 14:48:57 +0000 (14:48 +0000)]
synchronise util/libeay.num with the 0.9.7-stable variant (guys, this
is something we really need to keep track of!).
make update

22 years agoavoid warnings ('index' shadows global declaration)
Bodo Möller [Tue, 29 Oct 2002 11:50:20 +0000 (11:50 +0000)]
avoid warnings ('index' shadows global declaration)

Submitted by: Nils Larsch

22 years agoSun has agreed to removing the covenant language from most files.
Bodo Möller [Tue, 29 Oct 2002 10:59:32 +0000 (10:59 +0000)]
Sun has agreed to removing the covenant language from most files.

Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>

22 years ago'covenant HOWTO' (what to do about the Sun covenant if you modify the code)
Bodo Möller [Tue, 29 Oct 2002 10:58:07 +0000 (10:58 +0000)]
'covenant HOWTO' (what to do about the Sun covenant if you modify the code)

Submitted by: Bodo Moeller

22 years agoThe #else part of the conditionals have two statements, so they need
Richard Levitte [Tue, 29 Oct 2002 09:42:59 +0000 (09:42 +0000)]
The #else part of the conditionals have two statements, so they need
to be surrounded with braces, or the surrounding if..else will fail
miserably in case the #else part is compiled.

22 years agoRevert, that was an incorrect change.
Richard Levitte [Tue, 29 Oct 2002 04:34:43 +0000 (04:34 +0000)]
Revert, that was an incorrect change.
PR: 156

22 years agoA small detail: since 0.9.7, DH_new_method() and DSA_new_method()
Richard Levitte [Tue, 29 Oct 2002 04:31:46 +0000 (04:31 +0000)]
A small detail: since 0.9.7, DH_new_method() and DSA_new_method()
don't take an ENGINE* as parameter any more.
PR: 156

22 years agoCorrect and enhance the behaviour of "internal" session caching as it
Geoff Thorpe [Tue, 29 Oct 2002 00:33:04 +0000 (00:33 +0000)]
Correct and enhance the behaviour of "internal" session caching as it
relates to SSL_CTX flags and the use of "external" session caching. The
existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is
supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE".
The bitwise OR of the two flags is also defined as
"SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most
applications wanting to implement session caching *entirely* by its own
provided callbacks. As the documented behaviour contradicted actual
behaviour up until recently, and since that point behaviour has itself been
inconsistent anyway, this change should not introduce any compatibility
problems. I've adjusted the relevant documentation to elaborate about how
this works.

Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these
anomalies and testing this patch for correctness.

PR: 311

22 years agoincrease permissible message length so that we can handle
Bodo Möller [Mon, 28 Oct 2002 15:45:51 +0000 (15:45 +0000)]
increase permissible message length so that we can handle
CertificateVerify for 4096 bit RSA signatures

22 years ago'broken' PKCS #8 format does not apply to ECDSA
Bodo Möller [Mon, 28 Oct 2002 14:13:38 +0000 (14:13 +0000)]
'broken' PKCS #8 format does not apply to ECDSA

Submitted by: Nils Larsch

22 years agoclean up new code for NIST primes
Bodo Möller [Mon, 28 Oct 2002 14:02:19 +0000 (14:02 +0000)]
clean up new code for NIST primes

create new lock CRYPTO_LOCK_BN to avoid race condition

22 years agofast reduction for NIST curves
Bodo Möller [Mon, 28 Oct 2002 13:23:24 +0000 (13:23 +0000)]
fast reduction for NIST curves

Submitted by: Nils Larsch

22 years agoremove superfluous code
Bodo Möller [Mon, 28 Oct 2002 13:19:08 +0000 (13:19 +0000)]
remove superfluous code

Submitted by: Nils Larsch

22 years agoMake sure toupper() is declared
Richard Levitte [Fri, 25 Oct 2002 09:51:45 +0000 (09:51 +0000)]
Make sure toupper() is declared

22 years agoExternal engines aren't in crypto/engine/ any more, so don't try to
Richard Levitte [Thu, 24 Oct 2002 19:15:30 +0000 (19:15 +0000)]
External engines aren't in crypto/engine/ any more, so don't try to
build them there.

A command procedure to build the external engines is on it's way.

22 years agomake update
Richard Levitte [Thu, 24 Oct 2002 19:12:10 +0000 (19:12 +0000)]
make update

22 years agoFor the mkdef.pl to recognise if the "external" engines are inserted
Richard Levitte [Thu, 24 Oct 2002 19:09:03 +0000 (19:09 +0000)]
For the mkdef.pl to recognise if the "external" engines are inserted
into libcrypto, we need the "algorithm" STATIC_ENGINE.

22 years agoThere's a name clash between OpenSSL and RSAref. Since this engine handles
Richard Levitte [Thu, 24 Oct 2002 17:02:27 +0000 (17:02 +0000)]
There's a name clash between OpenSSL and RSAref.  Since this engine handles
RSAref data, pretend we don't care for OpenSSL's MD2 and MD5 structures or
implementation.
Remove all kinds of silly warning

22 years agoOn certain platforms, we redefine certain symbols using macros in
Richard Levitte [Thu, 24 Oct 2002 10:03:55 +0000 (10:03 +0000)]
On certain platforms, we redefine certain symbols using macros in
apps.h.  For those, it's better to include apps.h after the system
headers where those symbols may be defined, since there's otherwise a
chance that the C compiler will barf when it sees something that looks
like this after expansion:

int VMS_strcasecmp((str1),(str2))(const char *, const char *);

22 years agoSignal an error if the entered output password didn't match itself.
Richard Levitte [Wed, 23 Oct 2002 15:07:09 +0000 (15:07 +0000)]
Signal an error if the entered output password didn't match itself.
PR: 314

22 years agofix warnings, and harmonize indentation
Bodo Möller [Wed, 23 Oct 2002 13:11:38 +0000 (13:11 +0000)]
fix warnings, and harmonize indentation

22 years agoI don't like c-tab-always-indent ...
Bodo Möller [Wed, 23 Oct 2002 13:09:19 +0000 (13:09 +0000)]
I don't like c-tab-always-indent ...

22 years agoTypo: v3 is represented by 2.
Dr. Stephen Henson [Mon, 21 Oct 2002 00:10:10 +0000 (00:10 +0000)]
Typo: v3 is represented by 2.

22 years agoIn my extreme debug mode, gcc complains that 'static' doesn't come
Richard Levitte [Sun, 20 Oct 2002 20:38:18 +0000 (20:38 +0000)]
In my extreme debug mode, gcc complains that 'static' doesn't come
first.

22 years agoNew docs.
Dr. Stephen Henson [Sun, 20 Oct 2002 13:20:57 +0000 (13:20 +0000)]
New docs.

22 years agoMake pod2man happier.
Geoff Thorpe [Fri, 18 Oct 2002 22:04:26 +0000 (22:04 +0000)]
Make pod2man happier.

22 years agoIf dynamically-loadable ENGINEs are linked against a shared-library version
Geoff Thorpe [Fri, 18 Oct 2002 20:45:38 +0000 (20:45 +0000)]
If dynamically-loadable ENGINEs are linked against a shared-library version
of libcrypto, then it is possible that when they are loaded they will share
the same static data as the loading application/library. This means it will
be too late to set memory/ERR/ex_data/[etc] callbacks, but entirely
unnecessary to try. This change puts a static variable in the core ENGINE
code (contained in libcrypto) and a function returning a pointer to it. If
the loaded ENGINE's return value from this function matches the loading
application/library's return value - they share static data. If they don't
match, the loaded ENGINE has its own copy of libcrypto's static data and so
the callbacks need to be set.

Also, although 0.9.7 hasn't been released yet, it's clear this will
introduce a binary incompatibility between dynamic ENGINEs built for 0.9.7
and 0.9.8 (though others probably exist already from EC_*** hooks and
what-not) - so the version control values are correspondingly bumped.

22 years agoAnother ENGINE implementation dependant on string.h.
Geoff Thorpe [Fri, 18 Oct 2002 19:23:27 +0000 (19:23 +0000)]
Another ENGINE implementation dependant on string.h.