Bodo Möller [Thu, 18 Apr 2002 09:26:24 +0000 (09:26 +0000)]
harmonize with other Makefiles in crypto/*/
Richard Levitte [Wed, 17 Apr 2002 12:52:33 +0000 (12:52 +0000)]
Merge in the latest changes from 0.9.6-stable, including the version
updates.
The tags will be OpenSSL_0_9_6d-beta1 and OpenSSL-engine-0_9_6d-beta1.
Richard Levitte [Wed, 17 Apr 2002 07:53:56 +0000 (07:53 +0000)]
surewarehk_dh_ex_free() isn't used, so do not compile it.
Richard Levitte [Wed, 17 Apr 2002 07:52:56 +0000 (07:52 +0000)]
Avoid variable shadowing.
Richard Levitte [Wed, 17 Apr 2002 07:52:21 +0000 (07:52 +0000)]
Make sure strdup() gets properly declared.
Richard Levitte [Wed, 17 Apr 2002 07:51:46 +0000 (07:51 +0000)]
Change the engine variable from engine_id to engine to avoid shadowing
warnings.
Richard Levitte [Wed, 17 Apr 2002 07:51:07 +0000 (07:51 +0000)]
Change the engine variable from e to eng to avoid shadowing warnings.
Richard Levitte [Wed, 17 Apr 2002 07:02:47 +0000 (07:02 +0000)]
Merge in the latest changes from 0.9.6d-stable.
Bodo Möller [Fri, 12 Apr 2002 13:44:34 +0000 (13:44 +0000)]
synchronize with OpenSSL_0_9_6-stable
Richard Levitte [Sat, 6 Apr 2002 20:44:00 +0000 (20:44 +0000)]
Merge in recent changes from 0.9.6-stable.
Richard Levitte [Sat, 6 Apr 2002 19:48:58 +0000 (19:48 +0000)]
Merge in recent changes from 0.9.6-stable.
make update.
Richard Levitte [Wed, 3 Apr 2002 15:00:41 +0000 (15:00 +0000)]
Forgot one of the casts
Richard Levitte [Wed, 3 Apr 2002 14:57:40 +0000 (14:57 +0000)]
HW_aep was a little too constified for this version of OpenSSL.
Richard Levitte [Wed, 3 Apr 2002 14:55:41 +0000 (14:55 +0000)]
The rest of the OpenSSL files include openssl/e_os.h. There's no
reason to treat conf_api.c differently in this version.
Richard Levitte [Wed, 3 Apr 2002 14:47:23 +0000 (14:47 +0000)]
Cast the pointers to the BIGNUM data to unsigned long *. This would be
harmful if we didn't also pass the exact number of bytes of that data
Richard Levitte [Wed, 3 Apr 2002 14:11:58 +0000 (14:11 +0000)]
Keyclient forgotten on VMS.
Richard Levitte [Wed, 3 Apr 2002 13:52:51 +0000 (13:52 +0000)]
A couple of typos.
Discovered and submitted by Diarmuid O'Neill <Diarmuid.ONeill@aep.ie>
Richard Levitte [Sat, 30 Mar 2002 23:36:17 +0000 (23:36 +0000)]
Merge in changes from 0.9.6-stable. This should definitely be done a
little more often.
Richard Levitte [Thu, 7 Mar 2002 19:40:55 +0000 (19:40 +0000)]
AEPRAND it is...
Richard Levitte [Thu, 7 Mar 2002 19:39:44 +0000 (19:39 +0000)]
Synchronise the AEP engine in all branches. For 0.9.6-stable [engine], implement software fallback
Richard Levitte [Thu, 7 Mar 2002 16:28:34 +0000 (16:28 +0000)]
Changes from 0.9.6-stable.
Bodo Möller [Fri, 1 Mar 2002 13:59:22 +0000 (13:59 +0000)]
fix prototype
Submitted by: Oscar Jacobsson <oscar@jacobsson.org>
Richard Levitte [Thu, 28 Feb 2002 15:57:21 +0000 (15:57 +0000)]
make update
Richard Levitte [Thu, 28 Feb 2002 14:47:33 +0000 (14:47 +0000)]
Merge in changes from the 0.9.6-stable branch.
Richard Levitte [Thu, 28 Feb 2002 13:45:55 +0000 (13:45 +0000)]
Back port of the latest updates of the AEP engine.
Richard Levitte [Tue, 26 Feb 2002 14:25:39 +0000 (14:25 +0000)]
make update
Richard Levitte [Tue, 26 Feb 2002 13:41:19 +0000 (13:41 +0000)]
Merge from 0.9.6-stable.
cvs2svn [Fri, 15 Feb 2002 07:41:43 +0000 (07:41 +0000)]
This commit was manufactured by cvs2svn to create branch 'OpenSSL-engine-
0_9_6-stable'.
Lutz Jänicke [Fri, 15 Feb 2002 07:41:42 +0000 (07:41 +0000)]
Even though it is not really practical people should know about it.
Bodo Möller [Thu, 14 Feb 2002 16:08:55 +0000 (16:08 +0000)]
fix indentation
Richard Levitte [Thu, 14 Feb 2002 15:37:38 +0000 (15:37 +0000)]
Add the configuration target VxWorks.
Bodo Möller [Thu, 14 Feb 2002 14:41:13 +0000 (14:41 +0000)]
make it possible to disable memory checking for timings
Bodo Möller [Thu, 14 Feb 2002 14:30:20 +0000 (14:30 +0000)]
'-C' is still quite broken
Bodo Möller [Thu, 14 Feb 2002 14:25:33 +0000 (14:25 +0000)]
fix '-C'
Bodo Möller [Thu, 14 Feb 2002 14:21:49 +0000 (14:21 +0000)]
fix memory leak
Richard Levitte [Thu, 14 Feb 2002 14:15:45 +0000 (14:15 +0000)]
Merge in recent changes from 0.9.6-stable.
Bodo Möller [Thu, 14 Feb 2002 14:03:32 +0000 (14:03 +0000)]
move ECDSA test right after EC test
Bodo Möller [Thu, 14 Feb 2002 13:51:20 +0000 (13:51 +0000)]
don't call OPENSSL_config(), this does not make any sense during "make test"
Richard Levitte [Thu, 14 Feb 2002 13:51:04 +0000 (13:51 +0000)]
Make sure memset() is defined by including string.h
Notified by Oscar Jacobsson <oscar@jacobsson.org>
Richard Levitte [Thu, 14 Feb 2002 13:45:26 +0000 (13:45 +0000)]
For some reason, getting the topmost error was done the same way as
getting the bottommost one. I hope I understood correctly how this
should be done. It seems to work when running evp_test in an
environment where it can't find openssl.cnf.
Richard Levitte [Thu, 14 Feb 2002 13:43:30 +0000 (13:43 +0000)]
make update, with libeay.num remade to match the 0.9.7-stable one.
Richard Levitte [Thu, 14 Feb 2002 13:36:28 +0000 (13:36 +0000)]
The Cygwin shared extension was shifted.
Richard Levitte [Thu, 14 Feb 2002 12:28:24 +0000 (12:28 +0000)]
At Corinna Vinschen's request, change CygWin32 to Cygwin
Bodo Möller [Thu, 14 Feb 2002 10:23:20 +0000 (10:23 +0000)]
EC_GROUP_get_group_by_name() is now called EC_GROUP_new_by_name()
Ben Laurie [Thu, 14 Feb 2002 09:59:35 +0000 (09:59 +0000)]
Fix warnings.
Richard Levitte [Thu, 14 Feb 2002 02:20:34 +0000 (02:20 +0000)]
Correct sh, please
Bodo Möller [Wed, 13 Feb 2002 18:21:51 +0000 (18:21 +0000)]
ECDSA support
Submitted by: Nils Larsch <nla@trustcenter.de>
Bodo Möller [Wed, 13 Feb 2002 17:57:52 +0000 (17:57 +0000)]
some modifications to named curve support
Richard Levitte [Wed, 13 Feb 2002 17:46:38 +0000 (17:46 +0000)]
Modify the main trunk version to 0.9.8-dev.
0.9.7 now lives in the branch OpenSSL_0_9_7-stable.
Bodo Möller [Wed, 13 Feb 2002 17:25:27 +0000 (17:25 +0000)]
new locks
Bodo Möller [Wed, 13 Feb 2002 17:22:59 +0000 (17:22 +0000)]
add support for named curves
Submitted by: Nils Larsch <nla@trustcenter.de>
Richard Levitte [Wed, 13 Feb 2002 14:44:33 +0000 (14:44 +0000)]
Update the configuration of CygWin32 to use the new capabilities of
CygWin 1.3.x, which includes thread and shared library support.
Submitted by Corinna Vinschen <vinschen@redhat.com> and modified a
little bit.
Bodo Möller [Wed, 13 Feb 2002 10:21:25 +0000 (10:21 +0000)]
We should implement a countermeasure against the predictable-IV CBC
weakness in SSL/TLS
Richard Levitte [Wed, 13 Feb 2002 10:16:37 +0000 (10:16 +0000)]
Move teh silencer to the right place.
Richard Levitte [Wed, 13 Feb 2002 10:15:05 +0000 (10:15 +0000)]
Make link-shard a little bit more efficient. If there are no
extensions to link together, there's no point looping at all.
Lutz Jänicke [Sun, 10 Feb 2002 12:46:41 +0000 (12:46 +0000)]
Make removal from session cache more robust.
Bodo Möller [Sat, 9 Feb 2002 01:49:53 +0000 (01:49 +0000)]
add a wish
Lutz Jänicke [Fri, 8 Feb 2002 15:15:04 +0000 (15:15 +0000)]
Do not store unneeded data.
Richard Levitte [Thu, 7 Feb 2002 22:15:53 +0000 (22:15 +0000)]
Add notes on the added support for aep and sureware crypto cards in
0.9.7.
Richard Levitte [Thu, 7 Feb 2002 22:04:30 +0000 (22:04 +0000)]
A number of corrections of the aep engine implementation:
1. rnd_reference was a duplication of the work the the engine
framework does, and wasn't ever checked. Removed.
2. use the NO_ macros to disable appropriate algorithms.
3. Only implement the RNG stuff if AEPRAND is defined (default: not
defined, because the AEP people plan on having boards without it.
I'll see if I can device a more dynamic way of disabling this).
4. aep_finish() now closes all connections, and if that worked, does a
proper finalize.
5. proper AEP types are used to conform to the AEP definitions of
their own functions.
6. remake the use of thread locks. The use of CRYPTO_LOCK_DYNLOCK was
definitely inappropriate, and for random generator stuff, it's
better to use CRYPTO_LOCK_RAND.
Also, I applied certain changes that were provided by the AEP people.
Among others, BN_CTX_new() is not used to initialise a BN context
(this was never done before, and may have made things slower or not
working at all.
Richard Levitte [Thu, 7 Feb 2002 21:55:22 +0000 (21:55 +0000)]
Remove an unused variable.
Richard Levitte [Thu, 7 Feb 2002 21:49:21 +0000 (21:49 +0000)]
Oops, do not unlock CRYPTO_LOCK_DYNLOCK when we locked
CRYPTO_LOCK_RAND...
Richard Levitte [Thu, 7 Feb 2002 21:43:05 +0000 (21:43 +0000)]
I forgot to include the aep and sureware vendor header files.
Richard Levitte [Thu, 7 Feb 2002 21:12:08 +0000 (21:12 +0000)]
Because AEP and we used the same AEP_R_ prefix for error reasons,
lets change our prefix to AEPHK_R_. Otherwise, we get very mysterious
errors because we happen to redefine AEP_R_OK and AEP_R_GENERAL_ERROR.
Richard Levitte [Thu, 7 Feb 2002 20:44:14 +0000 (20:44 +0000)]
Add aep and sureware implementations and clean up some error reasons
that were never part of the engine framework.
The aep and sureware implementations are taken directly from 0.9.6c
[engine] and have been modified to fit the newer engine framework and
to be possible to build shared libraries of.
The aep implementation has gone through quite a bunch of tests and is
cleaned up (there were some misunderstandings in it about how to use
locks).
The sureware hasn't been tested at all in this incarnation and is
basically a quick hack to get it to compile properly.
Richard Levitte [Thu, 7 Feb 2002 20:37:55 +0000 (20:37 +0000)]
Certain reasons aren't really part of the engine framework, so let's
make them ubsec-specific in the ubsec implementation.
Richard Levitte [Thu, 7 Feb 2002 20:02:49 +0000 (20:02 +0000)]
Generate the individual engines' error strings and macros
automatically.
Richard Levitte [Thu, 7 Feb 2002 19:23:35 +0000 (19:23 +0000)]
If the intended header file doesn't exist, create it.
Richard Levitte [Tue, 5 Feb 2002 17:34:58 +0000 (17:34 +0000)]
'make update'
Richard Levitte [Tue, 5 Feb 2002 17:15:18 +0000 (17:15 +0000)]
With the changed des_old API, let's complete the work by renaming the
functions in ui_compat. This gave reason to rework that part more
thoroughly, so here are the changes made:
1. Add DES_read_password() and DES_read_2passwords() with the same
functionality as the corresponding old des_ functions, as a
convenience to the users.
2. Add UI_UTIL_read_pw_string() and UI_UTIL_read_pw() with the
functionality from des_read_pw_string() and des_read_pw(), again as
a concenience to the users.
3. Rename des_read_password(), des_read_2passwords(),
des_read_pw_string() and des_read_pw() by changing des_ to
_ossl_old_des_, and add the usual mapping macros.
4. Move the implementation of des_read_password() and
des_read_2passwords() to the des directory, since they are tightly
tied to DES anyway.
This change was inspired by a patch from Assar Westerlund <assar@sics.se>:
There are some functions that didn't get the kick-away-old-des-and-
replace-des-with-DES action. Here's a patch that adds DES_ and des_
(in des_old.h) versions of des_read_pw_string et al. This patch
includes some of the first des_old.h semi-colon macro fixes that I've
already sent.
Richard Levitte [Tue, 5 Feb 2002 15:05:42 +0000 (15:05 +0000)]
Apply one patch from Assar Westerlund <assar@sics.se>:
The following patch makes sure that string2key does not use weak DES
keys (then making them non-weak by xor:ing with 0xF0).
Richard Levitte [Tue, 5 Feb 2002 06:02:58 +0000 (06:02 +0000)]
Apply three patches from Assar Westerlund <assar@kth.se>:
This patch makes the macros in des_old.h actually pretend to be
functions.
There's no reason not to define _ossl_old_crypt when using
PERL5/FreeBSD/darwin/Next, since it makes using crypt and including
des.h break. Here's a trivial patch.
This patch fixes some of the typos used in macro names in des_old.h
and the number of arguments for some of them.
Richard Levitte [Sun, 3 Feb 2002 21:31:41 +0000 (21:31 +0000)]
ASN1_BIT_STRING_set_bit() didn't clear previously set bits
Dr. Stephen Henson [Sat, 2 Feb 2002 13:19:27 +0000 (13:19 +0000)]
#undef some things that cause a conflict under Win32 when
wincrypt.h is included.
Richard Levitte [Wed, 30 Jan 2002 16:45:22 +0000 (16:45 +0000)]
Add missing declaration of ERR_load_SSL_strings().
Richard Levitte [Wed, 30 Jan 2002 15:48:01 +0000 (15:48 +0000)]
Merge in the latest changes from 0.9.6-stable.
Lutz Jänicke [Tue, 29 Jan 2002 17:14:50 +0000 (17:14 +0000)]
Shut up compiler warnings for inconsistent declarations.
Lutz Jänicke [Tue, 29 Jan 2002 16:32:40 +0000 (16:32 +0000)]
HP-UX 32bit:
* When linking against shared libraries, the absolute path is remembered.
- When linking against -L.., '..' is remembered inside the executable,
so it will fail after "make install" or when not called from inside the
"apps/" subdirectory of the build tree.
- When using the "+cdp" option of "ld", the ".." information can be
exchanged against $(INSTALL_TOP)/lib. In this case the executable
will however refuse to work before "make install" has been called.
This makes testing the 'openssl' executable a problem.
* Solution 1:
Relink the "openssl" executable, when "make install" is called.
This would however require significant changes to the toplevel Makefile
and the apps/ Makefile.
* Solution 2:
Statically link against libssl and libcrypto, so that the "openssl"
executable is no longer dependant on the openssl shared libraries.
Select option 2 for HP-UX 32bit, as this requires the smallest change.
Lutz Jänicke [Tue, 29 Jan 2002 16:20:08 +0000 (16:20 +0000)]
Make SHLIB_TARGET available in subdirs (here: apps/)
Richard Levitte [Tue, 29 Jan 2002 12:36:01 +0000 (12:36 +0000)]
Apply patch from Toomas Kiisk <vix@cyber.ee> and complete it.
Lutz Jänicke [Mon, 28 Jan 2002 16:30:06 +0000 (16:30 +0000)]
Superflous '\' messes up with HP-UX make.
Bodo Möller [Sun, 27 Jan 2002 17:41:12 +0000 (17:41 +0000)]
Undo previous change, X509_check_issued() was correct.
[See
Message-ID: <
3BB07999.
30432AD2@celocom.com>
Date: Tue, 25 Sep 2001 13:33:29 +0100
From: Dr S N Henson <drh@celocom.com>
To: openssl-dev@openssl.org
Subject: Re: Error in v3_purp.c
]
Richard Levitte [Sun, 27 Jan 2002 17:13:35 +0000 (17:13 +0000)]
For the sake of DOS and Windows, provide a different way to get a
pid_t.
Richard Levitte [Sun, 27 Jan 2002 16:12:27 +0000 (16:12 +0000)]
Spelling correction.
Richard Levitte [Sun, 27 Jan 2002 16:03:40 +0000 (16:03 +0000)]
Correct the number of colons for the targets aix43-cc, aix43-gcc,
alpha-cc, alpha-cc-rpath, alpha-gcc, alpha164-cc and alphaold-cc.
Richard Levitte [Sun, 27 Jan 2002 15:58:34 +0000 (15:58 +0000)]
Detect one-step shifts of the dso_scheme.
Richard Levitte [Sun, 27 Jan 2002 15:52:37 +0000 (15:52 +0000)]
I got some reports that some targets have weird dso_schemes.
Therefore, I've added a sanity checker.
Note that it can be combined with almost any other argument (the other
arguments will be completely ignored), with "reconf" as the blatant
exception, since it also has the behavior of ignoring all following
command line arguments. If --test-sanity and reconf are both used on
the command line, the first one wins.
Lutz Jänicke [Sat, 26 Jan 2002 15:24:38 +0000 (15:24 +0000)]
Remove blanks at begin of empty lines irritating epv_test.c
Richard Levitte [Sat, 26 Jan 2002 05:24:05 +0000 (05:24 +0000)]
Update SCO5 targets.
Richard Levitte [Sat, 26 Jan 2002 05:08:31 +0000 (05:08 +0000)]
Apply a small patch from Dan Lanz <lanz@zolera.com> to get shared
libraries with debug-linux-elf.
Richard Levitte [Sat, 26 Jan 2002 04:50:41 +0000 (04:50 +0000)]
Apply a small patch from Oscar Jacobsson <oscar@jacobsson.org> that
makes things more compilable with VC++.
Richard Levitte [Sat, 26 Jan 2002 04:45:37 +0000 (04:45 +0000)]
It looks like I didn't remove everything that has to do with the
non-existant aestest.c.
Richard Levitte [Sat, 26 Jan 2002 04:25:16 +0000 (04:25 +0000)]
Apply a small patch from Diego R. Lopez <diego.lopez@rediris.es>,
making X509_check_issued() properly match an issuer that's found in a
Authority Key Identifier.
Richard Levitte [Sat, 26 Jan 2002 03:57:41 +0000 (03:57 +0000)]
GCC uses __i386__.
Richard Levitte [Sat, 26 Jan 2002 03:17:27 +0000 (03:17 +0000)]
Add old patch from Robert Dahlem <Robert.Dahlem@ffm2.siemens.de> to
make it possible to produce shared libraries on ReliantUNIX.
Richard Levitte [Sat, 26 Jan 2002 01:18:50 +0000 (01:18 +0000)]
Merge in the latest changes from the 0.9.6-stable branch.
Richard Levitte [Sat, 26 Jan 2002 01:14:09 +0000 (01:14 +0000)]
I got a request to make the "old des" symbols more closely tied to
OpenSSL. Adding '_ossl' in the name seems to be a good way to do
this.
Richard Levitte [Fri, 25 Jan 2002 22:06:59 +0000 (22:06 +0000)]
Apply Neale Ferguson's patch to add a configuration target for linux-s390x
Richard Levitte [Fri, 25 Jan 2002 19:43:52 +0000 (19:43 +0000)]
Apply the following changes by Toomas Kiisk <vix@cyber.ee>:
* make openssl rsa work with -engine chil
* misc changes, including debug-linux-ppro Configure target
and FORMAT_NETSCAPE-aware load_{,pub}key()
This completes the application of his changes.
Richard Levitte [Fri, 25 Jan 2002 19:28:32 +0000 (19:28 +0000)]
Apply a change by Toomas Kiisk <vix@cyber.ee>:
* Fix a crashbug and a logic bug in hwcrhk_load_pubkey()