Lutz Jänicke [Mon, 1 Oct 2001 14:43:47 +0000 (14:43 +0000)]
Typos (Chris Pepper <pepper@mail.reppep.com>)
Richard Levitte [Fri, 28 Sep 2001 10:34:48 +0000 (10:34 +0000)]
Change HZ in speed to rely on sysconf() if the clock tick is available
that way. Synchronise s_time with these changes.
Geoff Thorpe [Fri, 28 Sep 2001 02:25:14 +0000 (02:25 +0000)]
ENGINE_register_all_complete() will register all implementations of all
algorithms present in all loaded ENGINEs. The result is that if any of
those ENGINEs successfully initialises, and the ENGINE_TABLE_FLAG_NOINIT
flag isn't set, then they will always be used (and cached as defaults) in
preference to software implementations. Ie. accidental auto-detection of
acceleration hardware :-)
This change stops all implementations being automatically registered in
"openssl" sub-commands, so that the "setup_engine()" handler in apps.c
controls which ENGINEs are registered for use. A special case has been
added that will revert to this "auto-detect" logic, ie. if the "-engine"
switch is used as;
-engine auto
Dr. Stephen Henson [Fri, 28 Sep 2001 01:48:34 +0000 (01:48 +0000)]
Modernise and fix (ancient) "maurice" demos.
Dr. Stephen Henson [Fri, 28 Sep 2001 01:47:36 +0000 (01:47 +0000)]
Constify EVP_SealInit, EVP_OpenInit
Dr. Stephen Henson [Fri, 28 Sep 2001 00:47:36 +0000 (00:47 +0000)]
Make (ancient) sign.c demo compile again.
Dr. Stephen Henson [Fri, 28 Sep 2001 00:44:44 +0000 (00:44 +0000)]
Support fractional seconds in GeneralizedTime
Richard Levitte [Thu, 27 Sep 2001 16:07:36 +0000 (16:07 +0000)]
Synchronise with Unixly build.
Richard Levitte [Thu, 27 Sep 2001 15:43:55 +0000 (15:43 +0000)]
Stop thinking arguments starting with - are algorithm identifiers.
Show timing parameters and timing functions used.
It looks like some Linuxen have very weird settings for CLK_TCK. I'm
very unsure about this change and will investigate further.
Richard Levitte [Thu, 27 Sep 2001 15:41:34 +0000 (15:41 +0000)]
Apparently, Linux is identified with __linux__ as well.
Richard Levitte [Wed, 26 Sep 2001 15:23:14 +0000 (15:23 +0000)]
'make update'
Richard Levitte [Wed, 26 Sep 2001 15:18:32 +0000 (15:18 +0000)]
The #error message must match a very specific regexp (see mkdef.pl,
currently line 470).
Ben Laurie [Wed, 26 Sep 2001 15:15:03 +0000 (15:15 +0000)]
Don't clean up stuff twice.
Ben Laurie [Wed, 26 Sep 2001 15:14:10 +0000 (15:14 +0000)]
Fixes.
Richard Levitte [Wed, 26 Sep 2001 15:06:45 +0000 (15:06 +0000)]
Two changes:
1. if there are several symbols with the same entry number, sort those
symbols in ASCII order.
2. Do not stop reading the header files when "BEGIN ERROR CODES" is
found, since mkerr.pl will add a function declaration after that
comment. Instead, trigger on "Error codes for the \w+ function",
which is the actual start of the error code macros.
Additionally, a few more debugging printouts that helped.
Ben Laurie [Wed, 26 Sep 2001 11:38:57 +0000 (11:38 +0000)]
Fix warning.
Geoff Thorpe [Tue, 25 Sep 2001 21:52:39 +0000 (21:52 +0000)]
"FALLBACK" handling was a hack that was thrown out long ago in the
ENGINE redevelopment. The idea had been that "-1" could be used as a
special "ask me later" 'nid' rather than specifying supported cipher and
digest 'nid's up front. However the idea turned out to be pretty broken.
Geoff Thorpe [Tue, 25 Sep 2001 21:47:27 +0000 (21:47 +0000)]
Make update to bring in all the cipher/digest-related ENGINE changes.
NB: It looks like mkdef.pl is causing certain cvs wars by continually
flipping the order of some definitions ...
Geoff Thorpe [Tue, 25 Sep 2001 21:45:03 +0000 (21:45 +0000)]
Put the cipher info back into the "openssl engine" command.
Geoff Thorpe [Tue, 25 Sep 2001 21:44:12 +0000 (21:44 +0000)]
Fiddling.
Geoff Thorpe [Tue, 25 Sep 2001 21:43:08 +0000 (21:43 +0000)]
This change puts the original OpenBSD /dev/crypto support that was in
crypto/evp/ into the corresponding ENGINE. This code is currently untested.
Geoff Thorpe [Tue, 25 Sep 2001 21:41:20 +0000 (21:41 +0000)]
This change adds dummy RC4 and SHA1 support to the "openssl" ENGINE for
testing. Because of the recent changes (see crypto/engine/README), the
"openssl" ENGINE is no longer needed nor is it loaded automatically or by
ENGINE_load_builtin_engines(). So a explicit ENGINE_load_openssl() call is
required by applications or a modification to eng_all.c before this ENGINE
will be used. This change will send output to stderr as/when its
implementations are used.
Geoff Thorpe [Tue, 25 Sep 2001 21:37:02 +0000 (21:37 +0000)]
This changes EVP's cipher and digest code to hook via the ENGINE support.
See crypto/engine/README for details.
- it also removes openbsd_hw.c from the build (that functionality is
going to be available in the openbsd ENGINE in a upcoming commit)
- evp_test has had the extra initialisation added so it will use (if
possible) any ENGINEs supporting the algorithms required.
Geoff Thorpe [Tue, 25 Sep 2001 21:28:40 +0000 (21:28 +0000)]
This change adds cipher and digest support into ENGINE using the
ENGING_TABLE mechanism. The necessary hooks from crypto/evp/ to use this
will be committed shortly.
Geoff Thorpe [Tue, 25 Sep 2001 21:22:32 +0000 (21:22 +0000)]
indentation.
Geoff Thorpe [Tue, 25 Sep 2001 20:39:59 +0000 (20:39 +0000)]
"make update".
Geoff Thorpe [Tue, 25 Sep 2001 20:35:01 +0000 (20:35 +0000)]
Make necessary tweaks to apps/ files due to recent ENGINE surgery. See
crypto/engine/README for details.
Geoff Thorpe [Tue, 25 Sep 2001 20:23:40 +0000 (20:23 +0000)]
This commits changes to various parts of libcrypto required by the recent
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGINE. Previously their use of
"method" pointers was replaced by use of ENGINE references. See
crypto/engine/README for details.
Also, remove the ENGINE iterations from evp_test - even when the
cipher/digest code is committed in, this functionality would require a
different set of API calls.
Geoff Thorpe [Tue, 25 Sep 2001 20:17:15 +0000 (20:17 +0000)]
This commits the changes to STACK macros forced by recent ENGINE surgery.
Geoff Thorpe [Tue, 25 Sep 2001 20:00:51 +0000 (20:00 +0000)]
This change replaces the ENGINE's underlying mechanics with the new
ENGINE_TABLE-based stuff - as described in crypto/engine/README.
Associated miscellaneous changes;
- the previous cipher/digest hooks that hardwired directly to EVP's
OBJ_NAME-based storage have been backed out. New cipher/digest support
has been constructed and will be committed shortly.
- each implementation defines its own ENGINE_load_<name> function now.
- the "openssl" ENGINE isn't needed or loaded any more.
- core (not algorithm or class specific) ENGINE code has been split into
multiple files to increase readability and decrease linker bloat.
- ENGINE_cpy() has been removed as it wasn't really a good idea in the
first place and now, because of registration issues, can't be
meaningfully defined any more.
- BN_MOD_EXP[_CRT] support is removed as per the README.
- a bug in enginetest.c has been fixed.
NB: This commit almost certainly breaks compilation until subsequent
changes are committed.
Geoff Thorpe [Tue, 25 Sep 2001 19:31:30 +0000 (19:31 +0000)]
Some major restructuring changes to ENGINE, including integrated cipher and
digest support, are on their way. Rather than having gigantic commit log
messages and/or CHANGES entries, this change to the README will serve as an
outline of what it all is and how it all works.
Dr. Stephen Henson [Tue, 25 Sep 2001 13:49:58 +0000 (13:49 +0000)]
Fix AES CBC mode EVP_CIPHER structures: the IV length is always
16.
Bodo Möller [Tue, 25 Sep 2001 11:01:14 +0000 (11:01 +0000)]
'openssl rsa' etc. should include AES support in addition to DES
Bodo Möller [Tue, 25 Sep 2001 10:30:15 +0000 (10:30 +0000)]
'openssl speed' does not include AES support yet
Geoff Thorpe [Mon, 24 Sep 2001 17:42:35 +0000 (17:42 +0000)]
"make update"
Richard Levitte [Mon, 24 Sep 2001 13:39:48 +0000 (13:39 +0000)]
In case of memory problems, the va_start() wasn't cleaned with a va_end().
Noticed by Thomas Klausner <wiz@danbala.ifoer.tuwien.ac.at>.
Bodo Möller [Mon, 24 Sep 2001 07:56:45 +0000 (07:56 +0000)]
comment
Bodo Möller [Mon, 24 Sep 2001 07:56:02 +0000 (07:56 +0000)]
ignore binary
Bodo Möller [Mon, 24 Sep 2001 07:54:11 +0000 (07:54 +0000)]
avoid everything resembling a magic trigraph
Bodo Möller [Sat, 22 Sep 2001 01:40:47 +0000 (01:40 +0000)]
The 'no-rijndael' option must define OPENSSL_NO_AES because that is
what we look for in crypto/evp.
Bodo Möller [Sat, 22 Sep 2001 01:39:51 +0000 (01:39 +0000)]
crypto/idea and crypto/rijndael were missing in the list of
directories that may have been deleted
Bodo Möller [Fri, 21 Sep 2001 11:18:40 +0000 (11:18 +0000)]
bugfix: handle HelloRequest received during handshake correctly
Bodo Möller [Fri, 21 Sep 2001 07:01:25 +0000 (07:01 +0000)]
Disable session related stuff in SSL_ST_OK case of ssl3_accept if we
just sent a HelloRequest.
Bodo Möller [Fri, 21 Sep 2001 00:04:15 +0000 (00:04 +0000)]
Bugfix: correct cleanup after sending a HelloRequest
Bodo Möller [Thu, 20 Sep 2001 22:54:09 +0000 (22:54 +0000)]
New function SSL_renegotiate_pending().
New option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION.
Bodo Möller [Thu, 20 Sep 2001 22:52:19 +0000 (22:52 +0000)]
make update
Bodo Möller [Thu, 20 Sep 2001 21:37:13 +0000 (21:37 +0000)]
fix ssl3_accept: don't call ssl_init_wbio_buffer() in HelloRequest case
Bodo Möller [Thu, 20 Sep 2001 18:35:52 +0000 (18:35 +0000)]
Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
reveal whether illegal block cipher padding was found or a MAC
verification error occured.
In ssl/s2_pkt.c, verify that the purported number of padding bytes is in
the legal range.
Bodo Möller [Thu, 20 Sep 2001 15:41:34 +0000 (15:41 +0000)]
comments
Bodo Möller [Tue, 18 Sep 2001 09:15:40 +0000 (09:15 +0000)]
Change Makefile so that it works without any additional changes
at least on Solaris
Bodo Möller [Mon, 17 Sep 2001 19:07:00 +0000 (19:07 +0000)]
Another demo.
Geoff Thorpe [Fri, 14 Sep 2001 18:31:57 +0000 (18:31 +0000)]
Some of the ENGINE file names were changed for 8.3 filename uniqueness
recently. So comments including file names have been fixed, and copyright
notices brought up to "2001" at the same time.
Geoff Thorpe [Fri, 14 Sep 2001 18:23:31 +0000 (18:23 +0000)]
Fix a typo in the preprocessor logic in eng_list.c that had left RSA, DSA,
and DH all conditional upon OPENSSL_NO_RSA.
Geoff Thorpe [Fri, 14 Sep 2001 18:21:36 +0000 (18:21 +0000)]
Add a SHA1 test to evptests.txt - only the MD5 hash algorithm was being
tested previously.
Geoff Thorpe [Fri, 14 Sep 2001 18:20:44 +0000 (18:20 +0000)]
'evp_test' needs to initialise and cleanup EVP_CIPHER_CTX structures. Also,
fix a typo and add cleanup operations. This also switches on memory leak
checking (which is how the rest was found).
Bodo Möller [Fri, 14 Sep 2001 13:47:25 +0000 (13:47 +0000)]
add comment
Bodo Möller [Fri, 14 Sep 2001 09:31:07 +0000 (09:31 +0000)]
Get rid of junk (deleted/renamed function) by rebuilding
based on 0.9.6 tree.
Bodo Möller [Fri, 14 Sep 2001 08:45:43 +0000 (08:45 +0000)]
add details
Lutz Jänicke [Thu, 13 Sep 2001 15:18:51 +0000 (15:18 +0000)]
Typo.
Lutz Jänicke [Thu, 13 Sep 2001 15:05:42 +0000 (15:05 +0000)]
One more manual page.
Lutz Jänicke [Thu, 13 Sep 2001 13:21:38 +0000 (13:21 +0000)]
Rework section about return values another time (based on hints from
Bodo Moeller).
Bodo Möller [Thu, 13 Sep 2001 13:02:59 +0000 (13:02 +0000)]
avoid "statement not reached" warning
Geoff Thorpe [Wed, 12 Sep 2001 02:43:22 +0000 (02:43 +0000)]
Updated dependencies from "make update"
Geoff Thorpe [Wed, 12 Sep 2001 02:39:06 +0000 (02:39 +0000)]
Reduce the header dependencies on engine.h in apps/.
Geoff Thorpe [Wed, 12 Sep 2001 02:34:20 +0000 (02:34 +0000)]
ENGINE uses a very opaque design, so we can predeclare the structure type
in "types.h" so that very few headers will need to include engine.h,
generally only C files using API functions will need it (reducing
the header dependencies quite a lot).
Geoff Thorpe [Wed, 12 Sep 2001 01:54:17 +0000 (01:54 +0000)]
ENGINE files were renamed, and error strings are now in eng_err.c
Dr. Stephen Henson [Wed, 12 Sep 2001 00:19:20 +0000 (00:19 +0000)]
Add certificate and request demos.
Fix X509V3 macro so they compile.
Lutz Jänicke [Tue, 11 Sep 2001 13:08:51 +0000 (13:08 +0000)]
Make maximum certifcate chain size accepted from the peer application
settable (proposed by "Douglas E. Engert" <deengert@anl.gov>).
Bodo Möller [Tue, 11 Sep 2001 12:46:50 +0000 (12:46 +0000)]
add 'release showstopper' entry
Bodo Möller [Tue, 11 Sep 2001 12:26:56 +0000 (12:26 +0000)]
update
Bodo Möller [Tue, 11 Sep 2001 12:20:20 +0000 (12:20 +0000)]
ex_data situation is no longer that bad
Geoff Thorpe [Mon, 10 Sep 2001 21:18:11 +0000 (21:18 +0000)]
make update
Geoff Thorpe [Mon, 10 Sep 2001 21:04:14 +0000 (21:04 +0000)]
Put all "common" initialisation in the apps_startup() and apps_shutdown()
macros in apps.h.
Geoff Thorpe [Mon, 10 Sep 2001 21:02:06 +0000 (21:02 +0000)]
enginetest needs 'memset' defined.
Ulf Möller [Mon, 10 Sep 2001 20:16:31 +0000 (20:16 +0000)]
missed one file
Bodo Möller [Mon, 10 Sep 2001 18:59:53 +0000 (18:59 +0000)]
While ispell may not like it, "cancelling" may be spelt with two "l"s
Bodo Möller [Mon, 10 Sep 2001 18:50:09 +0000 (18:50 +0000)]
fix memory leak (I think)
Bodo Möller [Mon, 10 Sep 2001 18:49:25 +0000 (18:49 +0000)]
remove an old comment
Bodo Möller [Mon, 10 Sep 2001 18:47:33 +0000 (18:47 +0000)]
restore previous revision -- memory leak should be fixed in mem.c
Bodo Möller [Mon, 10 Sep 2001 18:13:16 +0000 (18:13 +0000)]
fix memory leak
Bodo Möller [Mon, 10 Sep 2001 17:46:54 +0000 (17:46 +0000)]
avoid warning ('const' discarded)
Bodo Möller [Mon, 10 Sep 2001 17:18:56 +0000 (17:18 +0000)]
exclude disabled message digests
Bodo Möller [Mon, 10 Sep 2001 17:12:31 +0000 (17:12 +0000)]
add AES ciphers
Bodo Möller [Mon, 10 Sep 2001 17:00:28 +0000 (17:00 +0000)]
Update so that progs.h can indeed be automatically generated
(Working file: progs.h
revision 1.24
date: 2001/02/19 16:06:03; author: levitte; state: Exp; lines: +59 -59
Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
[...])
Bodo Möller [Mon, 10 Sep 2001 16:57:06 +0000 (16:57 +0000)]
typo
Bodo Möller [Mon, 10 Sep 2001 15:00:30 +0000 (15:00 +0000)]
Get rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case
distinction (which does not work well because if CRYPTO_MDEBUG is
defined at library compile time, it is not necessarily defined at
application compile time; and memory debugging now can be reconfigured
at run-time anyway). To get the intended semantics, we could just use
the EVP_DigestInit_dbg unconditionally (which uses the caller's
__FILE__ and __LINE__ for memory leak debugging), but this would make
memory debugging inconsistent. Instead, callers can use
CRYPTO_push_info() to track down memory leaks.
Bodo Möller [Mon, 10 Sep 2001 14:59:17 +0000 (14:59 +0000)]
Get rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case
distinction (which does not work well because if CRYPTO_MDEBUG is
defined at library compile time, it is not necessarily defined at
application compile time; and memory debugging now can be reconfigured
at run-time anyway). To get the intended semantics, we could just use
the EVP_DigestInit_dbg unconditionally (which uses the caller's
__FILE__ and __LINE__ for memory leak debugging), but this would make
memory debugging inconsistent. Instead, callers can use
CRYPTO_push_info() to track down memory leaks.
Also fix indentation, and add OpenSSL copyright.
Bodo Möller [Mon, 10 Sep 2001 14:51:19 +0000 (14:51 +0000)]
copyright
Bodo Möller [Mon, 10 Sep 2001 14:10:10 +0000 (14:10 +0000)]
Delete pointless casts
Bodo Möller [Mon, 10 Sep 2001 09:50:30 +0000 (09:50 +0000)]
Fix apps/openssl.c and ssl/ssltest.c so that they use
CRYPTO_set_mem_debug_options() instead of CRYPTO_dbg_set_options(),
which is the default implementation of the former and should usually
not be directly used by applications (at least if we assume that the
options accepted by the default implementation will also be meaningful
to any other implementations).
Also fix apps/openssl.c and ssl/ssltest such that environment variable
setting 'OPENSSL_DEBUG_MEMORY=off' actively disables the compiled-in
library defaults (i.e. such that CRYPTO_MDEBUG is ignored in this
case).
Dr. Stephen Henson [Sat, 8 Sep 2001 12:15:09 +0000 (12:15 +0000)]
Replace old (and invalid) copyright notice.
Bodo Möller [Fri, 7 Sep 2001 23:55:15 +0000 (23:55 +0000)]
The various hash #includes in rand_lcl.h *are* needed despite
<openssl/evp.h> is now used (MD_DIGEST_LENGTH definitions!).
No need to include such headers directly in md_rand.c.
Lutz Jänicke [Fri, 7 Sep 2001 12:13:10 +0000 (12:13 +0000)]
Recognize OpenUNIX-8 with compiler
Ben Laurie [Fri, 7 Sep 2001 12:03:24 +0000 (12:03 +0000)]
Add a cleanup function for MDs.
Ben Laurie [Fri, 7 Sep 2001 11:45:42 +0000 (11:45 +0000)]
Look up MD5 by name.
Ben Laurie [Fri, 7 Sep 2001 11:44:59 +0000 (11:44 +0000)]
Remove duplication.
Ben Laurie [Fri, 7 Sep 2001 11:44:17 +0000 (11:44 +0000)]
Now need sha.h for some reason.
Ben Laurie [Fri, 7 Sep 2001 11:43:30 +0000 (11:43 +0000)]
Redo type-safety fix.
Ulf Möller [Fri, 7 Sep 2001 06:39:38 +0000 (06:39 +0000)]
ispell
Ulf Möller [Fri, 7 Sep 2001 06:13:40 +0000 (06:13 +0000)]
ispell