oweals/openssl.git
24 years agoanother faq.
Ulf Möller [Wed, 23 Feb 2000 19:26:59 +0000 (19:26 +0000)]
another faq.

24 years agothreads mapage.
Ulf Möller [Wed, 23 Feb 2000 18:10:42 +0000 (18:10 +0000)]
threads mapage.

24 years agominor docs changes (added links is the openssl(1) text)
Ulf Möller [Wed, 23 Feb 2000 17:09:50 +0000 (17:09 +0000)]
minor docs changes (added links is the openssl(1) text)

24 years agoFrequently asked questions.
Ulf Möller [Wed, 23 Feb 2000 17:03:06 +0000 (17:03 +0000)]
Frequently asked questions.

24 years agoAdd PBE algorithms with ciphers, not digests.
Dr. Stephen Henson [Wed, 23 Feb 2000 14:27:47 +0000 (14:27 +0000)]
Add PBE algorithms with ciphers, not digests.

24 years agoAllow ADH to be used but not present in the default cipher
Dr. Stephen Henson [Wed, 23 Feb 2000 01:11:01 +0000 (01:11 +0000)]
Allow ADH to be used but not present in the default cipher
list.

Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.

24 years agoMake pkcs8 work again.
Dr. Stephen Henson [Tue, 22 Feb 2000 18:45:11 +0000 (18:45 +0000)]
Make pkcs8 work again.

Make EVP_CIPHER_type() return NID_undef if the cipher has no
ASN1 OID, modify code to handle this.

24 years agoUpdate docs.
Dr. Stephen Henson [Tue, 22 Feb 2000 14:16:23 +0000 (14:16 +0000)]
Update docs.

24 years agowarning.
Ulf Möller [Tue, 22 Feb 2000 12:53:59 +0000 (12:53 +0000)]
warning.

24 years agoDon't list prototypes for internal functions.
Ulf Möller [Tue, 22 Feb 2000 12:01:50 +0000 (12:01 +0000)]
Don't list prototypes for internal functions.

24 years agoCheck tlen size in all padding_check functions. As called within the rsa
Ulf Möller [Tue, 22 Feb 2000 11:34:01 +0000 (11:34 +0000)]
Check tlen size in all padding_check functions. As called within the rsa
library, the output buffer always is large enough, but if the tlen
parameter is there, it should be checked in the interest of clarity,
as proposed by David Sacerdote <das33@cornell.edu>.

24 years agoCorrection to RSA_padding_check_xxx() docs (this time for real).
Ulf Möller [Tue, 22 Feb 2000 11:16:41 +0000 (11:16 +0000)]
Correction to RSA_padding_check_xxx() docs (this time for real).

24 years agoCorrection for RSA_padding_check_xxx() documentation.
Ulf Möller [Tue, 22 Feb 2000 11:11:41 +0000 (11:11 +0000)]
Correction for RSA_padding_check_xxx() documentation.

24 years agoChange EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md for
Dr. Stephen Henson [Tue, 22 Feb 2000 02:59:26 +0000 (02:59 +0000)]
Change EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md for
the old functionality.

Various warning fixes.

Initial EVP symmetric cipher docs.

24 years agoWorkarounds to make broken programs happy (such as s_client and s_server).
Bodo Möller [Mon, 21 Feb 2000 17:46:20 +0000 (17:46 +0000)]
Workarounds to make broken programs happy (such as s_client and s_server).

24 years agoFix some bugs and document others
Bodo Möller [Mon, 21 Feb 2000 17:09:54 +0000 (17:09 +0000)]
Fix some bugs and document others

24 years agoMove ssl3_do_write from s3_pkt.c to s3_both.c.
Bodo Möller [Mon, 21 Feb 2000 11:14:40 +0000 (11:14 +0000)]
Move ssl3_do_write from s3_pkt.c to s3_both.c.

24 years agoMore news.
Bodo Möller [Mon, 21 Feb 2000 10:40:36 +0000 (10:40 +0000)]
More news.

24 years agoMove MAC computations for Finished from ssl3_read_bytes into
Bodo Möller [Mon, 21 Feb 2000 10:16:30 +0000 (10:16 +0000)]
Move MAC computations for Finished from ssl3_read_bytes into
ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client.

24 years agoBlowfish docs.
Richard Levitte [Mon, 21 Feb 2000 03:01:23 +0000 (03:01 +0000)]
Blowfish docs.

24 years agoMore compact Configure usage message.
Ulf Möller [Mon, 21 Feb 2000 00:55:45 +0000 (00:55 +0000)]
More compact Configure usage message.

24 years agoMove the registration of callback functions to special functions
Richard Levitte [Sun, 20 Feb 2000 23:43:02 +0000 (23:43 +0000)]
Move the registration of callback functions to special functions
designed for that.  This removes the potential error to mix data and
function pointers.

Please note that I'm a little unsure how incorrect calls to the old
ctrl functions should be handled, in som cases.  I currently return 0
and that's it, but it may be more correct to generate a genuine error
in those cases.

24 years agoWorkaround for irrelevant problem.
Bodo Möller [Sun, 20 Feb 2000 23:40:01 +0000 (23:40 +0000)]
Workaround for irrelevant problem.

24 years agoignore Client Hellos when we're in handshake anyway
Bodo Möller [Sun, 20 Feb 2000 23:35:31 +0000 (23:35 +0000)]
ignore Client Hellos when we're in handshake anyway

24 years agoTolerate fragmentation and interleaving in the SSL 3/TLS record layer.
Bodo Möller [Sun, 20 Feb 2000 23:04:06 +0000 (23:04 +0000)]
Tolerate fragmentation and interleaving in the SSL 3/TLS record layer.

24 years agoDocument OPENSSL_VERSION_NUMBER
Ulf Möller [Sun, 20 Feb 2000 21:00:22 +0000 (21:00 +0000)]
Document OPENSSL_VERSION_NUMBER

24 years agoFix gcc warnings.
Ulf Möller [Sun, 20 Feb 2000 20:59:21 +0000 (20:59 +0000)]
Fix gcc warnings.

24 years agoChange the 'other' structure in certificate aux info.
Dr. Stephen Henson [Sun, 20 Feb 2000 18:27:23 +0000 (18:27 +0000)]
Change the 'other' structure in certificate aux info.

24 years agoAllow for higher granularity of entropy estimates by using 'double'
Bodo Möller [Sat, 19 Feb 2000 15:22:53 +0000 (15:22 +0000)]
Allow for higher granularity of entropy estimates by using 'double'
instead of 'unsigned' counters.
Seed PRNG in MacOS/GetHTTPS.src/GetHTTPS.cpp.

Partially submitted by Yoram Meroz <yoram@mail.idrive.com>.

24 years agoAdd -clrext option to 'x509'
Dr. Stephen Henson [Sat, 19 Feb 2000 00:46:02 +0000 (00:46 +0000)]
Add -clrext option to 'x509'

24 years agoKeep variable names consistent with corresponding pre-processor
Bodo Möller [Fri, 18 Feb 2000 21:08:37 +0000 (21:08 +0000)]
Keep variable names consistent with corresponding pre-processor
symbols.

24 years agoMake excluded cipher entry in opensslconf.h a bit more descriptive.
Ulf Möller [Fri, 18 Feb 2000 19:01:55 +0000 (19:01 +0000)]
Make excluded cipher entry in opensslconf.h a bit more descriptive.

24 years agoChange the example to show apr1 with an 8-character salt.
Bodo Möller [Fri, 18 Feb 2000 11:51:58 +0000 (11:51 +0000)]
Change the example to show apr1 with an 8-character salt.

24 years agoStay compatible to older Perl5 releases (see diff -r1.11 -r1.12).
Bodo Möller [Fri, 18 Feb 2000 11:35:10 +0000 (11:35 +0000)]
Stay compatible to older Perl5 releases (see diff -r1.11 -r1.12).

24 years agoAvoid potential conflicts between #defines in opensslconf.h and
Bodo Möller [Fri, 18 Feb 2000 11:15:32 +0000 (11:15 +0000)]
Avoid potential conflicts between #defines in opensslconf.h and
defines when compiling applications, and allow applications to
select what #defines to enable -- OPENSSL_EXLUCDE_DEFINES
enables the "#define NO_whatever" stuff only, which avoids
potential severe confusion caused by "#define _REENTRANT" when
opensslconf.h is not the first header file #included.

24 years agoadd missing 'static'
Bodo Möller [Fri, 18 Feb 2000 10:39:40 +0000 (10:39 +0000)]
add missing 'static'

24 years agoMake Configure add the configuration options that it was copmiled
Richard Levitte [Fri, 18 Feb 2000 09:11:37 +0000 (09:11 +0000)]
Make Configure add the configuration options that it was copmiled
with.

Currently, those defines are protected with a OPENSSL_EXCLUDED.  That
may not be the best strategy, but it will do for now.

24 years agoCosmetic change. No, openssl.h.in is not autogenerated :-)
Richard Levitte [Fri, 18 Feb 2000 09:06:55 +0000 (09:06 +0000)]
Cosmetic change.  No, openssl.h.in is not autogenerated :-)

24 years agoNew functions and option to use NEW in certificate requests.
Dr. Stephen Henson [Fri, 18 Feb 2000 00:54:21 +0000 (00:54 +0000)]
New functions and option to use NEW in certificate requests.

24 years agoMake sure the return value of by_file_ctrl(..., X509_L_FILE_LOAD, ...)
Bodo Möller [Thu, 17 Feb 2000 21:04:40 +0000 (21:04 +0000)]
Make sure the return value of by_file_ctrl(..., X509_L_FILE_LOAD, ...)
aka X509_LOOKUP_load_file(...) is always 0 or 1, not the counter
returned from the recently introduced function X509_load_cert_crl_file.
X509_STORE_load_locations expects X509_LOOKUP_load_file to return 1 on
success, and possibly there's other software that relies on this too.

24 years agoCasts now unnecessary because of changed prototype.
Bodo Möller [Thu, 17 Feb 2000 18:36:21 +0000 (18:36 +0000)]
Casts now unnecessary because of changed prototype.

24 years agoGet rid of evil cast.
Ben Laurie [Thu, 17 Feb 2000 09:39:22 +0000 (09:39 +0000)]
Get rid of evil cast.

24 years agoReflect API changes.
Ben Laurie [Thu, 17 Feb 2000 09:39:01 +0000 (09:39 +0000)]
Reflect API changes.

24 years agoAdd -pass argument to 'enc'.
Dr. Stephen Henson [Thu, 17 Feb 2000 00:41:43 +0000 (00:41 +0000)]
Add -pass argument to 'enc'.
Fix to make Win32 compile work again.

24 years agoPass phrase reorganisation.
Dr. Stephen Henson [Wed, 16 Feb 2000 23:16:01 +0000 (23:16 +0000)]
Pass phrase reorganisation.

24 years agoAdd support for Compaq Atalla crypto accelerator.
Ben Laurie [Wed, 16 Feb 2000 22:15:39 +0000 (22:15 +0000)]
Add support for Compaq Atalla crypto accelerator.

24 years agoMove primes to read-only segment.
Andy Polyakov [Wed, 16 Feb 2000 13:24:06 +0000 (13:24 +0000)]
Move primes to read-only segment.

24 years agoFix signed/unsigned warnings.
Ben Laurie [Wed, 16 Feb 2000 12:09:17 +0000 (12:09 +0000)]
Fix signed/unsigned warnings.

24 years agoInstall manpages below OPENSSLDIR (I think it was meant to be this way?).
Ulf Möller [Tue, 15 Feb 2000 18:34:46 +0000 (18:34 +0000)]
Install manpages below OPENSSLDIR (I think it was meant to be this way?).
New variable for man directory.

24 years agoCreate the man directories where the manpages will be put.
Ulf Möller [Tue, 15 Feb 2000 18:21:33 +0000 (18:21 +0000)]
Create the man directories where the manpages will be put.

24 years agoMove initial key to read-only segment.
Andy Polyakov [Tue, 15 Feb 2000 17:43:12 +0000 (17:43 +0000)]
Move initial key to read-only segment.

24 years agoMove CAST_S_tables to read-only segment.
Andy Polyakov [Tue, 15 Feb 2000 17:37:44 +0000 (17:37 +0000)]
Move CAST_S_tables to read-only segment.

24 years agoAvoid GNU C assembler templates under Solaris x86.
Andy Polyakov [Tue, 15 Feb 2000 17:31:12 +0000 (17:31 +0000)]
Avoid GNU C assembler templates under Solaris x86.

24 years agoNew NO_INLINE_ASM macro. Primary target for the moment is Solaris x86
Andy Polyakov [Tue, 15 Feb 2000 17:20:52 +0000 (17:20 +0000)]
New NO_INLINE_ASM macro. Primary target for the moment is Solaris x86
which can't stand GNU C assembler templates.

24 years agoFix for Netscape "hang" bug.
Dr. Stephen Henson [Tue, 15 Feb 2000 14:19:44 +0000 (14:19 +0000)]
Fix for Netscape "hang" bug.

24 years agotest_mont was exercising 100-bit multiplication modulus X*I-bit, where
Andy Polyakov [Tue, 15 Feb 2000 13:50:02 +0000 (13:50 +0000)]
test_mont was exercising 100-bit multiplication modulus X*I-bit, where
X is 5120 on 32-bit and 151552 on 64-bit architectures and I varies
from 0 to 4. As result the test was *unreasonably* slow and virtually
impossible to complete on 64-bit architectures (e.g. IRIX bc couldn't
even swallow such long lines).

24 years agoRemove the access() call altogether for VMS, since it doesn't quite
Richard Levitte [Tue, 15 Feb 2000 09:44:54 +0000 (09:44 +0000)]
Remove the access() call altogether for VMS, since it doesn't quite
work for directory specifications (this will be reported as a bug to
DEC^H^H^HCompaq).  It could as well be removed for all others as well,
since stat() and open() will return appropriate errors as well, but I
leave that to someone else to decide.

24 years agoTime ran away...
Richard Levitte [Mon, 14 Feb 2000 16:58:40 +0000 (16:58 +0000)]
Time ran away...

24 years agoAdd a couple of forgotten $(PERL), and make the code to run pod2html a
Richard Levitte [Mon, 14 Feb 2000 16:55:23 +0000 (16:55 +0000)]
Add a couple of forgotten $(PERL), and make the code to run pod2html a
tad more readable.

24 years agoModernise 'selfsign.c' to use new X509_NAME code
Dr. Stephen Henson [Sun, 13 Feb 2000 00:28:26 +0000 (00:28 +0000)]
Modernise 'selfsign.c' to use new X509_NAME code
and add example of extension aliasing. Also fix
the extension aliasing because it didn't work :-)

24 years agoHP-UX tune-up: new unified configs, HP C compiler bug workaround.
Andy Polyakov [Sat, 12 Feb 2000 23:33:01 +0000 (23:33 +0000)]
HP-UX tune-up: new unified configs, HP C compiler bug workaround.

24 years agoMake pkcs12 and smime applications seed random number
Dr. Stephen Henson [Sat, 12 Feb 2000 03:03:04 +0000 (03:03 +0000)]
Make pkcs12 and smime applications seed random number
generator (otherwise they don't work) and add -rand
option. Update docs.

24 years agoA hack to make sure access() will give us the correct answer about the
Richard Levitte [Fri, 11 Feb 2000 18:12:47 +0000 (18:12 +0000)]
A hack to make sure access() will give us the correct answer about the
accessability of an "empty" directory.  Thsi *is* weird, and a better
solution will be provided in apps/ca.c, when I get time to hack at it.

24 years agoCorrections.
Bodo Möller [Fri, 11 Feb 2000 17:18:50 +0000 (17:18 +0000)]
Corrections.

24 years agoUpdate.
Bodo Möller [Fri, 11 Feb 2000 16:31:04 +0000 (16:31 +0000)]
Update.

24 years agoImplement MD5-based "apr1" password hash.
Bodo Möller [Fri, 11 Feb 2000 16:25:44 +0000 (16:25 +0000)]
Implement MD5-based "apr1" password hash.

24 years agoCorrect time in seconds instead of minutes.
Ben Laurie [Fri, 11 Feb 2000 16:08:40 +0000 (16:08 +0000)]
Correct time in seconds instead of minutes.

24 years agoFix shadow.
Ben Laurie [Fri, 11 Feb 2000 13:11:18 +0000 (13:11 +0000)]
Fix shadow.

24 years agoAdd compilation of the new passwd utility.
Richard Levitte [Fri, 11 Feb 2000 11:21:50 +0000 (11:21 +0000)]
Add compilation of the new passwd utility.

24 years agoAdd references to the new passwd utility.
Richard Levitte [Fri, 11 Feb 2000 11:21:01 +0000 (11:21 +0000)]
Add references to the new passwd utility.

24 years agoMake gcc 2.95.2 happy again, even under ``-Wall -Wshadow -Wpointer-arith -Wcast-align
Ralf S. Engelschall [Fri, 11 Feb 2000 09:47:18 +0000 (09:47 +0000)]
Make gcc 2.95.2 happy again, even under ``-Wall -Wshadow -Wpointer-arith -Wcast-align
-Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''.

24 years ago'passwd' tool.
Bodo Möller [Thu, 10 Feb 2000 21:50:52 +0000 (21:50 +0000)]
'passwd' tool.

24 years ago16 * 8 = 128.
Bodo Möller [Thu, 10 Feb 2000 21:47:06 +0000 (21:47 +0000)]
16 * 8 = 128.

24 years agoMove down the attributions
Richard Levitte [Tue, 8 Feb 2000 23:40:20 +0000 (23:40 +0000)]
Move down the attributions

24 years agoNote about des_ncbc_encrypt.
Bodo Möller [Tue, 8 Feb 2000 21:50:52 +0000 (21:50 +0000)]
Note about des_ncbc_encrypt.

24 years agoConstify
Richard Levitte [Tue, 8 Feb 2000 14:19:14 +0000 (14:19 +0000)]
Constify

24 years agoUpdate docs.
Dr. Stephen Henson [Tue, 8 Feb 2000 13:37:08 +0000 (13:37 +0000)]
Update docs.

24 years agoAdd command line password options to the reamining utilities,
Dr. Stephen Henson [Tue, 8 Feb 2000 01:34:59 +0000 (01:34 +0000)]
Add command line password options to the reamining utilities,
amend docs.

24 years agodes_modes is a section 7 manual, so let's make sure that's where it ends up
Richard Levitte [Mon, 7 Feb 2000 18:25:26 +0000 (18:25 +0000)]
des_modes is a section 7 manual, so let's make sure that's where it ends up

24 years agoFirst try at documenting the DES (and other algorithms) modes
Richard Levitte [Mon, 7 Feb 2000 18:15:06 +0000 (18:15 +0000)]
First try at documenting the DES (and other algorithms) modes

24 years agoRename the X509V3_*_d2i functions to X509_get_ext_d2i() etc.
Dr. Stephen Henson [Mon, 7 Feb 2000 01:17:22 +0000 (01:17 +0000)]
Rename the X509V3_*_d2i functions to X509_get_ext_d2i() etc.
This better reflects their behaviour.

24 years ago"print" is GNU bc specific.
Ulf Möller [Sun, 6 Feb 2000 23:33:06 +0000 (23:33 +0000)]
"print" is GNU bc specific.

24 years agoRefer to EVP_DigestInit() in the hash function descriptions.
Ulf Möller [Sun, 6 Feb 2000 23:26:31 +0000 (23:26 +0000)]
Refer to EVP_DigestInit() in the hash function descriptions.

24 years agoA proposed freeze and release time has come up.
Richard Levitte [Sun, 6 Feb 2000 22:01:10 +0000 (22:01 +0000)]
A proposed freeze and release time has come up.

24 years agoDocument EVP digest operations.
Dr. Stephen Henson [Sun, 6 Feb 2000 17:44:54 +0000 (17:44 +0000)]
Document EVP digest operations.

24 years agoBN bug fixes
Ulf Möller [Sun, 6 Feb 2000 16:35:59 +0000 (16:35 +0000)]
BN bug fixes

24 years agoput missing line back in.
Ulf Möller [Sun, 6 Feb 2000 16:35:28 +0000 (16:35 +0000)]
put missing line back in.

24 years agoImprove bntest slightly, and fix another bug in the BN library.
Ulf Möller [Sun, 6 Feb 2000 15:56:59 +0000 (15:56 +0000)]
Improve bntest slightly, and fix another bug in the BN library.

24 years agoSupport for MacOS X (Rhapsody) is added. Also get rid of volatile
Andy Polyakov [Sun, 6 Feb 2000 11:15:20 +0000 (11:15 +0000)]
Support for MacOS X (Rhapsody) is added. Also get rid of volatile
qualifier in asm definitions as it prevents compiler from moving
the instruction(s) during optimization pass.

24 years agoTypo corrected...
Richard Levitte [Sun, 6 Feb 2000 10:07:32 +0000 (10:07 +0000)]
Typo corrected...

24 years agoMemory leak.
Bodo Möller [Sun, 6 Feb 2000 02:48:53 +0000 (02:48 +0000)]
Memory leak.

24 years agoBN_div bugfix. The q-- loop should not be entered in the n0==d0 case.
Ulf Möller [Sun, 6 Feb 2000 00:25:39 +0000 (00:25 +0000)]
BN_div bugfix. The q-- loop should not be entered in the n0==d0 case.

24 years agoCorrection: openssl.c must get the long version of the apps_startup()
Bodo Möller [Sat, 5 Feb 2000 21:39:20 +0000 (21:39 +0000)]
Correction: openssl.c must get the long version of the apps_startup()
macro

24 years agoCosmetic changes.
Bodo Möller [Sat, 5 Feb 2000 21:28:09 +0000 (21:28 +0000)]
Cosmetic changes.

24 years agoAdd support for some broken PKCS#8 formats.
Dr. Stephen Henson [Sat, 5 Feb 2000 21:07:56 +0000 (21:07 +0000)]
Add support for some broken PKCS#8 formats.

24 years agoCommit patch to bn.h that CVS decided to throw away during 'cvs update',
Bodo Möller [Sat, 5 Feb 2000 20:39:26 +0000 (20:39 +0000)]
Commit patch to bn.h that CVS decided to throw away during 'cvs update',
and initialize too_many because memset(..., 0, ...) is not used here.

24 years agoGenerate just one error code if iterated SSL_CTX_get() fails.
Bodo Möller [Sat, 5 Feb 2000 19:29:00 +0000 (19:29 +0000)]
Generate just one error code if iterated SSL_CTX_get() fails.
Avoid enabled 'assert()' in production library.

24 years agoUse MONT_WORD macro to control if the word-based or the bignum
Ulf Möller [Sat, 5 Feb 2000 18:23:05 +0000 (18:23 +0000)]
Use MONT_WORD macro to control if the word-based or the bignum
algorithm is used.

24 years agoNew functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access
Ulf Möller [Sat, 5 Feb 2000 14:17:32 +0000 (14:17 +0000)]
New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.

24 years agomd2 is documented in the md5 page. lets see if this works...
Ulf Möller [Sat, 5 Feb 2000 10:43:03 +0000 (10:43 +0000)]
md2 is documented in the md5 page. lets see if this works...