oweals/openssl.git
15 years agoPR: 1854
Dr. Stephen Henson [Mon, 9 Mar 2009 13:59:07 +0000 (13:59 +0000)]
PR: 1854
Submitted by: Oliver Martin <oliver@volatilevoid.net>
Reviewed by: steve@openssl.org

Support GeneralizedTime in ca utility.

15 years agoUpdate from stable branch.
Dr. Stephen Henson [Mon, 9 Mar 2009 13:08:04 +0000 (13:08 +0000)]
Update from stable branch.

15 years agoUpdate from stable branch.
Dr. Stephen Henson [Mon, 9 Mar 2009 12:30:10 +0000 (12:30 +0000)]
Update from stable branch.

15 years agoUpdate from stable branch.
Dr. Stephen Henson [Mon, 9 Mar 2009 12:21:19 +0000 (12:21 +0000)]
Update from stable branch.

15 years agoTypo.
Dr. Stephen Henson [Sun, 8 Mar 2009 12:01:20 +0000 (12:01 +0000)]
Typo.

15 years agoPrint IPv6 all 0s correctly (Rob Austein).
Ben Laurie [Sun, 8 Mar 2009 10:54:45 +0000 (10:54 +0000)]
Print IPv6 all 0s correctly (Rob Austein).

15 years agoUpdate from stable branch.
Dr. Stephen Henson [Sat, 7 Mar 2009 17:00:23 +0000 (17:00 +0000)]
Update from stable branch.

15 years agoDon't ask for -iv for ciphers that need no IV.
Ben Laurie [Tue, 3 Mar 2009 15:14:33 +0000 (15:14 +0000)]
Don't ask for -iv for ciphers that need no IV.

15 years agoUse the right length (reported by Quanhong Wang).
Ben Laurie [Tue, 3 Mar 2009 15:12:56 +0000 (15:12 +0000)]
Use the right length (reported by Quanhong Wang).

15 years agoSubmitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
Dr. Stephen Henson [Wed, 25 Feb 2009 11:55:15 +0000 (11:55 +0000)]
Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
Approved by: steve

Recognise "enable-zlib" in mkdef.pl to handle "zlib" option when passed
to Configure.

15 years agoFix memory leak.
Ben Laurie [Mon, 23 Feb 2009 16:40:59 +0000 (16:40 +0000)]
Fix memory leak.

15 years agoMake STORE an experimental feature.
Richard Levitte [Thu, 19 Feb 2009 09:43:18 +0000 (09:43 +0000)]
Make STORE an experimental feature.

15 years agoMake it possible to disable STORE.
Richard Levitte [Thu, 19 Feb 2009 09:42:51 +0000 (09:42 +0000)]
Make it possible to disable STORE.

15 years agoReference bug.
Richard Levitte [Thu, 19 Feb 2009 09:42:32 +0000 (09:42 +0000)]
Reference bug.

15 years agoPR: 1778
Dr. Stephen Henson [Mon, 16 Feb 2009 23:23:21 +0000 (23:23 +0000)]
PR: 1778

Increase default verify depth to 100.

15 years agoSubmitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
Dr. Stephen Henson [Mon, 16 Feb 2009 21:52:01 +0000 (21:52 +0000)]
Submitted by:  "Victor B. Wagner" <vitus@cryptocom.ru>
Reviewed by: steve@openssl.org

Change default Gost parameter set to id_Gost28147_89_CryptoPro_A_ParamSet

15 years agoPR: 1843
Dr. Stephen Henson [Mon, 16 Feb 2009 21:42:48 +0000 (21:42 +0000)]
PR: 1843
Use correct array size for SHA1 hash.

15 years agoData not initialised.
Richard Levitte [Mon, 16 Feb 2009 15:17:24 +0000 (15:17 +0000)]
Data not initialised.
Notified by Gerardo Ganis <gerardo.ganis@cern.ch>

15 years agoStop warning about use of *printf() without a format.
Dr. Stephen Henson [Sun, 15 Feb 2009 15:29:59 +0000 (15:29 +0000)]
Stop warning about use of *printf() without a format.

15 years agoMake no-engine work again.
Dr. Stephen Henson [Sun, 15 Feb 2009 15:28:18 +0000 (15:28 +0000)]
Make no-engine work again.

15 years agoUse new common flags and fix resulting warnings.
Ben Laurie [Sun, 15 Feb 2009 14:08:51 +0000 (14:08 +0000)]
Use new common flags and fix resulting warnings.

15 years agoPR: 1835
Dr. Stephen Henson [Sat, 14 Feb 2009 21:49:38 +0000 (21:49 +0000)]
PR: 1835
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org

Fix various typos.

15 years agoReturn correct exit code.
Dr. Stephen Henson [Thu, 12 Feb 2009 18:06:11 +0000 (18:06 +0000)]
Return correct exit code.

15 years agoAvoid leaks in pkcs8 app, tidy code up.
Dr. Stephen Henson [Thu, 12 Feb 2009 18:02:47 +0000 (18:02 +0000)]
Avoid leaks in pkcs8 app, tidy code up.

15 years agorc4-s390x.pl: allow for older assembler and optimize character loop.
Andy Polyakov [Thu, 12 Feb 2009 14:48:49 +0000 (14:48 +0000)]
rc4-s390x.pl: allow for older assembler and optimize character loop.

15 years agoRC4 for s390x.
Andy Polyakov [Wed, 11 Feb 2009 10:01:36 +0000 (10:01 +0000)]
RC4 for s390x.

15 years agoAdd error checking to obj_xref.pl and add command line support for data
Dr. Stephen Henson [Tue, 10 Feb 2009 13:03:31 +0000 (13:03 +0000)]
Add error checking to obj_xref.pl and add command line support for data
file locations.

15 years agoSubmitted by: Peter Sylvester <Peter.Sylvester@edelweb.fr>
Dr. Stephen Henson [Tue, 10 Feb 2009 12:13:08 +0000 (12:13 +0000)]
Submitted by: Peter Sylvester <Peter.Sylvester@edelweb.fr>
Reviewed by: steve

If tagging is universal and SET or SEQUENCE set constructed bit.

15 years agos390x-mont.pl: optimize prologue.
Andy Polyakov [Tue, 10 Feb 2009 08:46:48 +0000 (08:46 +0000)]
s390x-mont.pl: optimize prologue.

15 years agolinux-s390x failed link after assembler pack update.
Andy Polyakov [Tue, 10 Feb 2009 07:43:48 +0000 (07:43 +0000)]
linux-s390x failed link after assembler pack update.

15 years agosha1-sparcv9a.pl: fix bug in commentary section.
Andy Polyakov [Mon, 9 Feb 2009 16:03:33 +0000 (16:03 +0000)]
sha1-sparcv9a.pl: fix bug in commentary section.

15 years agos390x assembler pack update.
Andy Polyakov [Mon, 9 Feb 2009 15:42:04 +0000 (15:42 +0000)]
s390x assembler pack update.

15 years agoReserve for "multilib" suffix, the one allowing to perform multi-ABI
Andy Polyakov [Mon, 9 Feb 2009 15:11:22 +0000 (15:11 +0000)]
Reserve for "multilib" suffix, the one allowing to perform multi-ABI
installations. It's not enabled in Makefiles yet.

15 years agoJust to be awkward Ubuntu 8.10 doesn't like _XOPEN_SOURCE_EXTENDED...
Dr. Stephen Henson [Fri, 6 Feb 2009 16:43:52 +0000 (16:43 +0000)]
Just to be awkward Ubuntu 8.10 doesn't like _XOPEN_SOURCE_EXTENDED...

15 years agoFor -hex, print just one \n
Bodo Möller [Mon, 2 Feb 2009 00:40:29 +0000 (00:40 +0000)]
For -hex, print just one \n

15 years ago-hex option for openssl rand
Bodo Möller [Mon, 2 Feb 2009 00:01:28 +0000 (00:01 +0000)]
-hex option for openssl rand

PR: 1831
Submitted by: Damien Miller

15 years agoPut back a variable deleted by the previous revision,
Bodo Möller [Sun, 1 Feb 2009 01:08:13 +0000 (01:08 +0000)]
Put back a variable deleted by the previous revision,
but used in the code.

15 years agoPrint out UTF8 and NumericString types in ASN1 parsing utility.
Dr. Stephen Henson [Wed, 28 Jan 2009 12:54:52 +0000 (12:54 +0000)]
Print out UTF8 and NumericString types in ASN1 parsing utility.

15 years agoUpdate from stable branch.
Dr. Stephen Henson [Wed, 28 Jan 2009 12:36:14 +0000 (12:36 +0000)]
Update from stable branch.

15 years agoTypo: just copy across an unknown type.
Dr. Stephen Henson [Wed, 28 Jan 2009 12:32:03 +0000 (12:32 +0000)]
Typo: just copy across an unknown type.

15 years agoBecause DEC C - sorry, HP C - is picky about features, we need to
Richard Levitte [Wed, 28 Jan 2009 07:38:14 +0000 (07:38 +0000)]
Because DEC C - sorry, HP C - is picky about features, we need to
define _XOPEN_SOURCE_EXTENDED to reach fd_set and timeval types and
functionality.

15 years agoHopefully resolve signed vs unsigned issue.
Richard Levitte [Wed, 28 Jan 2009 07:09:23 +0000 (07:09 +0000)]
Hopefully resolve signed vs unsigned issue.

15 years agoDo the Camellia part right
Richard Levitte [Wed, 28 Jan 2009 07:01:29 +0000 (07:01 +0000)]
Do the Camellia part right

15 years agoSynchronise with Unix build
Richard Levitte [Tue, 20 Jan 2009 05:39:24 +0000 (05:39 +0000)]
Synchronise with Unix build

15 years agoAllow CC to be overridden.
Ben Laurie [Sun, 18 Jan 2009 12:06:37 +0000 (12:06 +0000)]
Allow CC to be overridden.

15 years agoUpdate certificate hash line format to handle canonical format
Dr. Stephen Henson [Thu, 15 Jan 2009 13:22:39 +0000 (13:22 +0000)]
Update certificate hash line format to handle canonical format
and avoid MD5 dependency.

15 years agoMake PKCS#8 the standard write format for private keys, replacing the
Dr. Stephen Henson [Thu, 15 Jan 2009 12:52:38 +0000 (12:52 +0000)]
Make PKCS#8 the standard write format for private keys, replacing the
ancient SSLeay format.

15 years agoAdd CRYPTO_MDEBUG_ABORT to abort() is there are any memory leaks. This will
Dr. Stephen Henson [Sun, 11 Jan 2009 20:36:50 +0000 (20:36 +0000)]
Add CRYPTO_MDEBUG_ABORT to abort() is there are any memory leaks. This will
cause "make test" failures and make resource leaks more obvious.

15 years agoFix warnings properly this time ;-)
Dr. Stephen Henson [Sun, 11 Jan 2009 20:34:23 +0000 (20:34 +0000)]
Fix warnings properly this time ;-)

15 years agoFix missing prototype warnings then fix different prototype warnings ;-)
Dr. Stephen Henson [Sun, 11 Jan 2009 16:17:26 +0000 (16:17 +0000)]
Fix missing prototype warnings then fix different prototype warnings ;-)

15 years agoFix sign-compare warnings.
Dr. Stephen Henson [Sun, 11 Jan 2009 15:58:51 +0000 (15:58 +0000)]
Fix sign-compare warnings.

15 years agoAdd a set of standard gcc warning options which are designed to be the
Dr. Stephen Henson [Sun, 11 Jan 2009 15:56:32 +0000 (15:56 +0000)]
Add a set of standard gcc warning options which are designed to be the
minimum requirement for committed code. Added to debug-steve* config targets
for now.

15 years agoAdd missing entry.
Ben Laurie [Fri, 9 Jan 2009 12:48:02 +0000 (12:48 +0000)]
Add missing entry.

15 years agoUpdatde from stable branch.
Dr. Stephen Henson [Wed, 7 Jan 2009 23:44:27 +0000 (23:44 +0000)]
Updatde from stable branch.

15 years agoUpdate FAQ.
Dr. Stephen Henson [Wed, 7 Jan 2009 12:15:15 +0000 (12:15 +0000)]
Update FAQ.

15 years agoAdd UltraSPARC VIS-powered SHA1 block procedure.
Andy Polyakov [Mon, 5 Jan 2009 14:52:31 +0000 (14:52 +0000)]
Add UltraSPARC VIS-powered SHA1 block procedure.

15 years agoFix compilation with -no-comp by adding some more #ifndef OPENSSL_NO_COMP
Lutz Jänicke [Mon, 5 Jan 2009 14:43:05 +0000 (14:43 +0000)]
Fix compilation with -no-comp by adding some more #ifndef OPENSSL_NO_COMP

Some #include statements were not properly protected. This will go unnoted
on most systems as openssl/comp.h tends to be installed as a system header
file by default but may become visible when cross compiling.

15 years agoVMS stuff I forgot...
Richard Levitte [Sat, 3 Jan 2009 09:25:32 +0000 (09:25 +0000)]
VMS stuff I forgot...

15 years agosrvr_ecdh cannot be NULL at this point (Coverity ID 232).
Ben Laurie [Fri, 2 Jan 2009 12:49:07 +0000 (12:49 +0000)]
srvr_ecdh cannot be NULL at this point (Coverity ID 232).

15 years agoMakefile.shared: improve portability of commit#17753.
Andy Polyakov [Fri, 2 Jan 2009 09:02:27 +0000 (09:02 +0000)]
Makefile.shared: improve portability of commit#17753.

15 years agoCalculate offset correctly. (Coverity ID 233)
Ben Laurie [Thu, 1 Jan 2009 18:30:51 +0000 (18:30 +0000)]
Calculate offset correctly. (Coverity ID 233)

15 years agoStyling update to makefiles: eliminate redundant pipes.
Andy Polyakov [Tue, 30 Dec 2008 13:20:17 +0000 (13:20 +0000)]
Styling update to makefiles: eliminate redundant pipes.

15 years agoDocument dead code.
Ben Laurie [Tue, 30 Dec 2008 13:02:02 +0000 (13:02 +0000)]
Document dead code.

15 years agoStyling update to makefiles: $() to denote make substitutions and $${} -
Andy Polyakov [Mon, 29 Dec 2008 16:17:52 +0000 (16:17 +0000)]
Styling update to makefiles: $() to denote make substitutions and $${} -
shell ones.

15 years agoApparently s->ctx could be NULL. (Coverity ID 147).
Ben Laurie [Mon, 29 Dec 2008 16:15:27 +0000 (16:15 +0000)]
Apparently s->ctx could be NULL. (Coverity ID 147).

15 years agoApparently s->ctx could be NULL at this point (see earlier
Ben Laurie [Mon, 29 Dec 2008 16:13:49 +0000 (16:13 +0000)]
Apparently s->ctx could be NULL at this point (see earlier
test). (Coverity ID 148).

15 years agoIf we're going to return errors (no matter how stupid), then we should
Ben Laurie [Mon, 29 Dec 2008 16:11:58 +0000 (16:11 +0000)]
If we're going to return errors (no matter how stupid), then we should
test for them!

15 years agoMake sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash.
Ben Laurie [Mon, 29 Dec 2008 13:35:08 +0000 (13:35 +0000)]
Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash.
(Coverity ID 135).

15 years agobn_lib.c: [re-]fix Win64 compiler warning.
Andy Polyakov [Mon, 29 Dec 2008 12:44:33 +0000 (12:44 +0000)]
bn_lib.c: [re-]fix Win64 compiler warning.

15 years agoFix "possible loss of data" Win64 compiler warnings.
Andy Polyakov [Mon, 29 Dec 2008 12:35:49 +0000 (12:35 +0000)]
Fix "possible loss of data" Win64 compiler warnings.

15 years agoDie earlier if hash is NULL. (Coverity IDs 137 & 138).
Ben Laurie [Mon, 29 Dec 2008 11:54:56 +0000 (11:54 +0000)]
Die earlier if hash is NULL. (Coverity IDs 137 & 138).

15 years agoReverse incorrect earlier fix.
Ben Laurie [Mon, 29 Dec 2008 11:47:08 +0000 (11:47 +0000)]
Reverse incorrect earlier fix.

15 years agoDie earlier if we have no hash function.
Ben Laurie [Mon, 29 Dec 2008 11:46:44 +0000 (11:46 +0000)]
Die earlier if we have no hash function.

15 years agoAdd standard .cvsignore file.
Dr. Stephen Henson [Mon, 29 Dec 2008 00:27:06 +0000 (00:27 +0000)]
Add standard .cvsignore file.

15 years agoUpdate steve-debug* options.
Dr. Stephen Henson [Mon, 29 Dec 2008 00:25:54 +0000 (00:25 +0000)]
Update steve-debug* options.

15 years agox86_64-xlate.pl: support for binary constants, such as 0b1010101.
Andy Polyakov [Sat, 27 Dec 2008 14:00:37 +0000 (14:00 +0000)]
x86_64-xlate.pl: support for binary constants, such as 0b1010101.

15 years agoAdd modes/cts128.c, Ciphertext Stealing implementation.
Andy Polyakov [Sat, 27 Dec 2008 13:40:45 +0000 (13:40 +0000)]
Add modes/cts128.c, Ciphertext Stealing implementation.

15 years agocmll-x86_64.pl: fix bug in cbc tail processing and comply with Win64 ABI spec.
Andy Polyakov [Sat, 27 Dec 2008 13:39:38 +0000 (13:39 +0000)]
cmll-x86_64.pl: fix bug in cbc tail processing and comply with Win64 ABI spec.

15 years agoRevisit RT#1801 and complete fix.
Andy Polyakov [Sat, 27 Dec 2008 13:32:21 +0000 (13:32 +0000)]
Revisit RT#1801 and complete fix.

15 years agoRemove dead code. (Coverity ID 2)
Ben Laurie [Sat, 27 Dec 2008 02:36:24 +0000 (02:36 +0000)]
Remove dead code. (Coverity ID 2)

15 years agoCheck scalar->d before we use it (in BN_num_bits()). (Coverity ID 129)
Ben Laurie [Sat, 27 Dec 2008 02:15:16 +0000 (02:15 +0000)]
Check scalar->d before we use it (in BN_num_bits()). (Coverity ID 129)

15 years agoDeal with the unlikely event that EVP_MD_CTX_size() returns an error.
Ben Laurie [Sat, 27 Dec 2008 02:09:24 +0000 (02:09 +0000)]
Deal with the unlikely event that EVP_MD_CTX_size() returns an error.
(Coverity ID 140).

15 years agoHandle the unlikely event that BIO_get_mem_data() returns -ve.
Ben Laurie [Sat, 27 Dec 2008 02:00:38 +0000 (02:00 +0000)]
Handle the unlikely event that BIO_get_mem_data() returns -ve.

15 years agoMore synchronisation with Unix
Richard Levitte [Fri, 26 Dec 2008 23:52:06 +0000 (23:52 +0000)]
More synchronisation with Unix

15 years agoRemove misleading dead code. Constify. (Coverity ID 142)
Ben Laurie [Fri, 26 Dec 2008 17:17:21 +0000 (17:17 +0000)]
Remove misleading dead code. Constify. (Coverity ID 142)

15 years ago!a && !a->b is clearly wrong! Changed to !a || !a->b (Coverity ID 145).
Ben Laurie [Fri, 26 Dec 2008 15:32:59 +0000 (15:32 +0000)]
!a && !a->b is clearly wrong! Changed to !a || !a->b (Coverity ID 145).

15 years agopval must always be set when pk7_cb() does anything (Coverity ID 146).
Ben Laurie [Fri, 26 Dec 2008 15:29:02 +0000 (15:29 +0000)]
pval must always be set when pk7_cb() does anything (Coverity ID 146).

15 years agoIn BIO_write(), update the write statistics, not the read statistics.
Richard Levitte [Thu, 25 Dec 2008 22:24:17 +0000 (22:24 +0000)]
In BIO_write(), update the write statistics, not the read statistics.
PR: 1803

15 years agoFurther synchronisation with Unix
Richard Levitte [Thu, 25 Dec 2008 22:04:42 +0000 (22:04 +0000)]
Further synchronisation with Unix

15 years agoWindows-specific addenum to "engage crypto/modes" commit #17716.
Andy Polyakov [Tue, 23 Dec 2008 15:15:44 +0000 (15:15 +0000)]
Windows-specific addenum to "engage crypto/modes" commit #17716.

15 years agoPatch the omission from prvious commit #17716.
Andy Polyakov [Tue, 23 Dec 2008 11:38:33 +0000 (11:38 +0000)]
Patch the omission from prvious commit #17716.

15 years agoEngage crypto/modes.
Andy Polyakov [Tue, 23 Dec 2008 11:33:01 +0000 (11:33 +0000)]
Engage crypto/modes.

15 years agocrypto/modes: make modes.h selfsufficient and rename block_f to block128_t.
Andy Polyakov [Tue, 23 Dec 2008 11:18:45 +0000 (11:18 +0000)]
crypto/modes: make modes.h selfsufficient and rename block_f to block128_t.

15 years agoOptimize CAST for size on 64-bit platforms. For reference, CAST_LONG being
Andy Polyakov [Mon, 22 Dec 2008 15:21:59 +0000 (15:21 +0000)]
Optimize CAST for size on 64-bit platforms. For reference, CAST_LONG being
unsigned long must be attributed to 16-bit support. As we don't support
16-bit platoforms anymore, there is no reason to waste twice required
space on CAST S-boxes (16KB vs. 8KB) or key schedule.

15 years agocmll-x86_64.pl: Win64 SEH section to handle pushf/popf in CBC routine.
Andy Polyakov [Mon, 22 Dec 2008 14:15:11 +0000 (14:15 +0000)]
cmll-x86_64.pl: Win64 SEH section to handle pushf/popf in CBC routine.

15 years agoOptimize #undef DES_UNROLL for size.
Andy Polyakov [Mon, 22 Dec 2008 14:10:42 +0000 (14:10 +0000)]
Optimize #undef DES_UNROLL for size.

15 years agoIncidentally http://cvs.openssl.org/chngview?cn=17710 also made it possible
Andy Polyakov [Mon, 22 Dec 2008 14:05:42 +0000 (14:05 +0000)]
Incidentally cvs.openssl.org/chngview?cn=17710 also made it possible
to build the library without -D_CRT_NONSTDC_NO_DEPRECATE. This commit
expands it even to apps catalog and actually omits the macro in question
from Configure.

15 years agoThis _WIN32-specific patch makes it possible to "wrap" OpenSSL in another
Andy Polyakov [Mon, 22 Dec 2008 13:54:12 +0000 (13:54 +0000)]
This _WIN32-specific patch makes it possible to "wrap" OpenSSL in another
.DLL, in particular static build. The issue has been discussed in RT#1230
and later on openssl-dev, and mutually exclusive approaches were suggested.
This completes compromise solution suggested in RT#1230.
PR: 1230

15 years agoMake no-engine work again.
Dr. Stephen Henson [Sat, 20 Dec 2008 17:04:40 +0000 (17:04 +0000)]
Make no-engine work again.

15 years agomake depend to work with cross-gcc, compensate for msys glitch.
Andy Polyakov [Fri, 19 Dec 2008 13:35:09 +0000 (13:35 +0000)]
make depend to work with cross-gcc, compensate for msys glitch.
PR: 1753
Submitted by: Alon Bar-Lev