oweals/openssl.git
19 years agoMove the definition of DEVRANDOM for DJGPP from Configure to e_os.h.
Richard Levitte [Sat, 18 Jun 2005 04:42:24 +0000 (04:42 +0000)]
Move the definition of DEVRANDOM for DJGPP from Configure to e_os.h.
That should solve the issues with propagating it through the Makefiles.

PR: 1110

19 years agoOnly define ZLIB_SHARED if it hasn't already been defined (on the command
Richard Levitte [Sat, 18 Jun 2005 04:32:12 +0000 (04:32 +0000)]
Only define ZLIB_SHARED if it hasn't already been defined (on the command
line, for example).

PR: 1112

19 years agoHave pod2man.pl accept '=for comment ...' before the '=head1 NAME' line.
Richard Levitte [Sat, 18 Jun 2005 04:27:06 +0000 (04:27 +0000)]
Have pod2man.pl accept '=for comment ...' before the '=head1 NAME' line.

PR: 1113

19 years agoclear dso pointer in case of an error
Nils Larsch [Fri, 17 Jun 2005 21:26:36 +0000 (21:26 +0000)]
clear dso pointer in case of an error

PR: 816

19 years agoupdate for the cswift engine:
Nils Larsch [Fri, 17 Jun 2005 20:27:41 +0000 (20:27 +0000)]
update for the cswift engine:
- fix the problem described in bug report 825
- fix a segfault when the engine fails to initialize
- let the engine switch to software when keysize > 2048

PR: 825, 826
Submitted by: Frédéric Giudicelli

19 years agoDo not undefine _XOPEN_SOURCE. This is currently experimental, and
Richard Levitte [Thu, 16 Jun 2005 22:20:55 +0000 (22:20 +0000)]
Do not undefine _XOPEN_SOURCE.  This is currently experimental, and
will be firmed up as soon as it's been verified not to break anything.

19 years ago0.9.8-beta5 works on Gentoo/arml but not /armb, and works on Linux AMD64
Richard Levitte [Tue, 14 Jun 2005 05:42:52 +0000 (05:42 +0000)]
0.9.8-beta5 works on Gentoo/arml but not /armb, and works on Linux AMD64

19 years agoData about which Cygwin versions 0.9.8-beta5 work on
Richard Levitte [Mon, 13 Jun 2005 17:10:03 +0000 (17:10 +0000)]
Data about which Cygwin versions 0.9.8-beta5 work on

19 years ago0.9.8-beta5 works on SuSE 9.3
Richard Levitte [Mon, 13 Jun 2005 17:03:13 +0000 (17:03 +0000)]
0.9.8-beta5 works on SuSE 9.3

19 years ago0.9.8-beta5 works on Cygwin
Richard Levitte [Mon, 13 Jun 2005 17:00:18 +0000 (17:00 +0000)]
0.9.8-beta5 works on Cygwin

19 years agoupdate FAQ
Nils Larsch [Mon, 13 Jun 2005 08:38:02 +0000 (08:38 +0000)]
update FAQ

19 years ago0.9.8-beta5 works on VMS/Alpha
Richard Levitte [Mon, 13 Jun 2005 04:17:12 +0000 (04:17 +0000)]
0.9.8-beta5 works on VMS/Alpha

19 years agoStatus update
Richard Levitte [Mon, 13 Jun 2005 03:36:58 +0000 (03:36 +0000)]
Status update

19 years agoNetware patch submitted by Verdon Walker" <VWalker@novell.com> in PR
Richard Levitte [Mon, 13 Jun 2005 03:23:50 +0000 (03:23 +0000)]
Netware patch submitted by Verdon Walker" <VWalker@novell.com> in PR
1107.  He says:

This is a followup to the NetWare patch that was applied to beta3.  It
does the following:

- Fixes a problem in the CLib build with undefined symbols.

- Adds the ability to use BSD sockets as the default for the OpenSSL
  socket BIO.  NetWare supports 2 flavors of sockets and our Apache
  developers need BSD sockets as a configurable option when building
  OpenSSL.  This adds that for them.

- Updates to the INSTALL.NW file to explain new options.

I have tried very hard to make sure all the changes are in NetWare
specific files or guarded carefully to make sure they only impact
NetWare builds.  I have tested the Windows build to make sure it does
not break that since we have made changes to mk1mf.pl.

We are still working the gcc cross compile for NetWare issue and hope
to have a patch for that before beta 6 is released.

19 years agoShow what the offending target was.
Richard Levitte [Mon, 13 Jun 2005 02:39:05 +0000 (02:39 +0000)]
Show what the offending target was.

PR: 1108

19 years agoreplace the deprecated "-m486" gcc option with "-march=i486"
Nils Larsch [Sun, 12 Jun 2005 10:34:42 +0000 (10:34 +0000)]
replace the deprecated "-m486" gcc option with "-march=i486"

PR: 1049

19 years ago- let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an
Nils Larsch [Fri, 10 Jun 2005 19:55:26 +0000 (19:55 +0000)]
- let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an
  error if the cipher list is empty
- fix last commit in ssl_create_cipher_list
- clean up ssl_create_cipher_list

19 years agoEliminate gcc -pedantic warnings.
Andy Polyakov [Thu, 9 Jun 2005 21:41:44 +0000 (21:41 +0000)]
Eliminate gcc -pedantic warnings.

19 years agoAllow for dso load by explicit path on HP-UX.
Andy Polyakov [Thu, 9 Jun 2005 20:52:24 +0000 (20:52 +0000)]
Allow for dso load by explicit path on HP-UX.

19 years agoWhen the return type of the function is int, it's better to return an
Richard Levitte [Thu, 9 Jun 2005 17:28:53 +0000 (17:28 +0000)]
When the return type of the function is int, it's better to return an
in than NULL, especially when an error is signalled with a negative
value.

19 years agouse "=" instead of "|=", fix typo
Nils Larsch [Wed, 8 Jun 2005 22:22:33 +0000 (22:22 +0000)]
use "=" instead of "|=", fix typo

19 years agoAvoid endless loops. Really, we were using the same variable for two
Richard Levitte [Wed, 8 Jun 2005 21:59:47 +0000 (21:59 +0000)]
Avoid endless loops.  Really, we were using the same variable for two
different conditions...

19 years agossl_create_cipher_list should return an error if no cipher could be
Nils Larsch [Wed, 8 Jun 2005 21:19:14 +0000 (21:19 +0000)]
ssl_create_cipher_list should return an error if no cipher could be
collected (see SSL_CTX_set_cipher_list manpage). Fix handling of
"cipher1+cipher2" expressions in ssl_cipher_process_rulestr.

PR: 836 + 1005

19 years ago"Liberate" dtls from BN dependency. Fix bug in replay/update.
Andy Polyakov [Tue, 7 Jun 2005 22:21:14 +0000 (22:21 +0000)]
"Liberate" dtls from BN dependency. Fix bug in replay/update.

19 years agoFix for padding X9.31 padding check and zero padding bytes.
Dr. Stephen Henson [Mon, 6 Jun 2005 22:39:43 +0000 (22:39 +0000)]
Fix for padding X9.31 padding check and zero padding bytes.

19 years agoAllow BIO_s_file to open and sequentially access files larger than 2GB on
Andy Polyakov [Mon, 6 Jun 2005 11:58:31 +0000 (11:58 +0000)]
Allow BIO_s_file to open and sequentially access files larger than 2GB on
affected platforms.
PR: 973

19 years agoFAQ to mention no-sha512 as option for compilers without support for 64-bit
Andy Polyakov [Mon, 6 Jun 2005 09:32:01 +0000 (09:32 +0000)]
FAQ to mention no-sha512 as option for compilers without support for 64-bit
integer type.

19 years agoPass INSTALL_PREFIX in BUILDENV.
Richard Levitte [Mon, 6 Jun 2005 08:52:19 +0000 (08:52 +0000)]
Pass INSTALL_PREFIX in BUILDENV.

PR: 1100

19 years agoSkipping all tests just because one algorithm is disabled seems a bit harsch.
Richard Levitte [Mon, 6 Jun 2005 08:38:05 +0000 (08:38 +0000)]
Skipping all tests just because one algorithm is disabled seems a bit harsch.

PR: 1089

19 years agoChange mention of Makefile.ssl to Makefile.
Andy Polyakov [Mon, 6 Jun 2005 08:35:49 +0000 (08:35 +0000)]
Change mention of Makefile.ssl to Makefile.

19 years ago_GNU_SOURCE needs to be defined before any standard header.
Richard Levitte [Mon, 6 Jun 2005 00:50:52 +0000 (00:50 +0000)]
_GNU_SOURCE needs to be defined before any standard header.

19 years agoUpdate from 0.9.8-stable.
Richard Levitte [Mon, 6 Jun 2005 00:42:24 +0000 (00:42 +0000)]
Update from 0.9.8-stable.

19 years agoFurther change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER
Richard Levitte [Mon, 6 Jun 2005 00:32:11 +0000 (00:32 +0000)]
Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER
and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true),
depending on which is true.  Use those flags everywhere else to provide
the correct implementation for handling certain operations in q PQ_64BIT.

19 years agoDocument the change and update the version number (d'oh!).
Richard Levitte [Sun, 5 Jun 2005 23:25:29 +0000 (23:25 +0000)]
Document the change and update the version number (d'oh!).

19 years agoRemove the incorrect installation of '%{openssldir}/lib'.
Richard Levitte [Sun, 5 Jun 2005 23:15:03 +0000 (23:15 +0000)]
Remove the incorrect installation of '%{openssldir}/lib'.

PR: 1074

19 years agoChange pq_compat.h to trust the macros defined by bn.h a bit more, and thereby
Richard Levitte [Sun, 5 Jun 2005 22:42:58 +0000 (22:42 +0000)]
Change pq_compat.h to trust the macros defined by bn.h a bit more, and thereby
provide better generic support for environments that do not have 64-bit
integers.  Among others, this should solve PR 1086

19 years agogcc 2.95.3 on Ultrix supports long long.
Richard Levitte [Sun, 5 Jun 2005 22:19:24 +0000 (22:19 +0000)]
gcc 2.95.3 on Ultrix supports long long.

PR: 1091

19 years agoCorrect typo ia64.o -> bn-ia64.o.
Richard Levitte [Sun, 5 Jun 2005 22:09:10 +0000 (22:09 +0000)]
Correct typo ia64.o -> bn-ia64.o.

PR: 1094

19 years agoAdd support for the new Intel compiler, icc.
Richard Levitte [Sun, 5 Jun 2005 22:01:18 +0000 (22:01 +0000)]
Add support for the new Intel compiler, icc.
Submitted by Keith Thompson <kst@sdsc.edu>

PR: 1095

19 years agoOld typo...
Richard Levitte [Sun, 5 Jun 2005 21:54:48 +0000 (21:54 +0000)]
Old typo...

PR: 1097

19 years agoUpdated support for NetWare, submitted by Verdon Walker <VWalker@novell.com>.
Richard Levitte [Sun, 5 Jun 2005 21:47:19 +0000 (21:47 +0000)]
Updated support for NetWare, submitted by Verdon Walker <VWalker@novell.com>.

PR: 1098

19 years agoNew function, DSO_pathbyaddr, to find pathname for loaded shared object
Andy Polyakov [Sun, 5 Jun 2005 18:13:38 +0000 (18:13 +0000)]
New function, DSO_pathbyaddr, to find pathname for loaded shared object
by an address within it. Tested on Linux, Solaris, IRIX, Tru64, Darwin,
HP-UX, Win32, few BSD flavors...

19 years agoUnify BSDi target.
Andy Polyakov [Sun, 5 Jun 2005 18:10:19 +0000 (18:10 +0000)]
Unify BSDi target.

19 years ago./PROBLEMS to mention workarounds for ULTRIX build problems.
Andy Polyakov [Sun, 5 Jun 2005 18:03:37 +0000 (18:03 +0000)]
./PROBLEMS to mention workarounds for ULTRIX build problems.
PR: 1092

19 years agoThe macro THREADS was changed to OPENSSL_THREADS a long time ago.
Richard Levitte [Sat, 4 Jun 2005 08:44:02 +0000 (08:44 +0000)]
The macro THREADS was changed to OPENSSL_THREADS a long time ago.

PR: 1096

19 years agoFrom 0.9.8-stable:
Richard Levitte [Sat, 4 Jun 2005 04:18:26 +0000 (04:18 +0000)]
From 0.9.8-stable:

handshake_write_seq is an unsigned short, so treat it like one

19 years agoUse correct name for config file env variable.
Dr. Stephen Henson [Thu, 2 Jun 2005 23:19:56 +0000 (23:19 +0000)]
Use correct name for config file env variable.

19 years agoTypo.
Dr. Stephen Henson [Thu, 2 Jun 2005 20:29:32 +0000 (20:29 +0000)]
Typo.

19 years agoUpdate CHANGES.
Dr. Stephen Henson [Thu, 2 Jun 2005 20:11:16 +0000 (20:11 +0000)]
Update CHANGES.

19 years agoFix inconsistensy between 8 and HEAD.
Andy Polyakov [Thu, 2 Jun 2005 18:28:27 +0000 (18:28 +0000)]
Fix inconsistensy between 8 and HEAD.

19 years agoPSS update [from 0.9.7].
Andy Polyakov [Thu, 2 Jun 2005 18:25:36 +0000 (18:25 +0000)]
PSS update [from 0.9.7].

19 years agocheck return value
Nils Larsch [Wed, 1 Jun 2005 22:35:01 +0000 (22:35 +0000)]
check return value

19 years agoUpdate from 0.9.7-stable.
Dr. Stephen Henson [Wed, 1 Jun 2005 22:14:04 +0000 (22:14 +0000)]
Update from 0.9.7-stable.

19 years agoSynchronise yet a little more with the Unixly build
Richard Levitte [Wed, 1 Jun 2005 16:24:15 +0000 (16:24 +0000)]
Synchronise yet a little more with the Unixly build

19 years agoclear error queue on success and return NULL if no cert could be read
Nils Larsch [Wed, 1 Jun 2005 08:38:44 +0000 (08:38 +0000)]
clear error queue on success and return NULL if no cert could be read

PR: 1088

19 years agofix assertion
Nils Larsch [Tue, 31 May 2005 20:39:16 +0000 (20:39 +0000)]
fix assertion

19 years agoSynchronise more with the Unix build.
Richard Levitte [Tue, 31 May 2005 20:28:41 +0000 (20:28 +0000)]
Synchronise more with the Unix build.

19 years agochanges from 0.9.8
Nils Larsch [Tue, 31 May 2005 18:22:53 +0000 (18:22 +0000)]
changes from 0.9.8

19 years agoinclude opensslconf.h if OPENSSL_NO_* is used
Nils Larsch [Tue, 31 May 2005 17:36:06 +0000 (17:36 +0000)]
include opensslconf.h if OPENSSL_NO_* is used

19 years ago"Show" more respect to no-sha* config options.
Andy Polyakov [Tue, 31 May 2005 16:36:27 +0000 (16:36 +0000)]
"Show" more respect to no-sha* config options.
PR: 1086

19 years agoMention more GCC bugs in ./PROBLEMS.
Andy Polyakov [Tue, 31 May 2005 12:39:54 +0000 (12:39 +0000)]
Mention more GCC bugs in ./PROBLEMS.

19 years agoMissing sparcv8.o rule.
Andy Polyakov [Tue, 31 May 2005 12:17:35 +0000 (12:17 +0000)]
Missing sparcv8.o rule.
PR: 1082

19 years agoFix typo in ./config.
Andy Polyakov [Tue, 31 May 2005 11:34:33 +0000 (11:34 +0000)]
Fix typo in ./config.

19 years agoPlatform update from 8-stable.
Andy Polyakov [Tue, 31 May 2005 11:07:27 +0000 (11:07 +0000)]
Platform update from 8-stable.

19 years agoPlatform update from 8-stable.
Andy Polyakov [Tue, 31 May 2005 09:39:03 +0000 (09:39 +0000)]
Platform update from 8-stable.

19 years agoMerge from 0.9.8-stable.
Richard Levitte [Mon, 30 May 2005 23:26:04 +0000 (23:26 +0000)]
Merge from 0.9.8-stable.

19 years agoMerge in the new news from 0.9.8-stable.
Richard Levitte [Mon, 30 May 2005 22:51:28 +0000 (22:51 +0000)]
Merge in the new news from 0.9.8-stable.

19 years agoDJGPP changes. Contributed by Doug Kaufman <dkaufman@rahul.net>
Richard Levitte [Mon, 30 May 2005 22:37:44 +0000 (22:37 +0000)]
DJGPP changes.  Contributed by Doug Kaufman <dkaufman@rahul.net>

19 years agopqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't
Richard Levitte [Mon, 30 May 2005 22:34:37 +0000 (22:34 +0000)]
pqueue and dtls uses 64-bit values.  Unfortunately, OpenSSL doesn't
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.

Contributed by nagendra modadugu <nagendra@cs.stanford.edu>

19 years agoSynchronise with Unixly build
Richard Levitte [Mon, 30 May 2005 22:26:30 +0000 (22:26 +0000)]
Synchronise with Unixly build

19 years agoChange all relevant occurences of 'ncipher' to 'chil'. That's what nCipher always...
Richard Levitte [Mon, 30 May 2005 05:17:02 +0000 (05:17 +0000)]
Change all relevant occurences of 'ncipher' to 'chil'.  That's what nCipher always wanted...

19 years agoUpdate from stable branch.
Dr. Stephen Henson [Mon, 30 May 2005 00:29:16 +0000 (00:29 +0000)]
Update from stable branch.

19 years agoChange the source and output paths for 'chil' and '4758cca' engines so that
Geoff Thorpe [Sun, 29 May 2005 19:14:21 +0000 (19:14 +0000)]
Change the source and output paths for 'chil' and '4758cca' engines so that
dynamic loading is consistent with respect to engine ids.

19 years agoWe have some source with \r\n as line ends. DEC C informs about that,
Richard Levitte [Sun, 29 May 2005 12:13:51 +0000 (12:13 +0000)]
We have some source with \r\n as line ends.  DEC C informs about that,
and I really can't be bothered...

19 years agoTypo
Richard Levitte [Sun, 29 May 2005 12:11:50 +0000 (12:11 +0000)]
Typo

19 years agoAdd pss/x931 files.
Dr. Stephen Henson [Sat, 28 May 2005 20:44:37 +0000 (20:44 +0000)]
Add pss/x931 files.

19 years agoUpdate from 0.9.7-stable. Also repatch and rebuild error codes.
Dr. Stephen Henson [Sat, 28 May 2005 20:44:02 +0000 (20:44 +0000)]
Update from 0.9.7-stable. Also repatch and rebuild error codes.

19 years agoUse BN_with_flags() in a cleaner way.
Bodo Möller [Fri, 27 May 2005 15:38:53 +0000 (15:38 +0000)]
Use BN_with_flags() in a cleaner way.

19 years agoAssing check_{cert,crl}_time to 'ok' variable so it returns errors on
Dr. Stephen Henson [Fri, 27 May 2005 13:19:25 +0000 (13:19 +0000)]
Assing check_{cert,crl}_time to 'ok' variable so it returns errors on
expiry.

19 years agomake sure DSA signing exponentiations really are constant-time
Bodo Möller [Thu, 26 May 2005 04:40:52 +0000 (04:40 +0000)]
make sure DSA signing exponentiations really are constant-time

19 years agocheck BN_copy() return value
Bodo Möller [Thu, 26 May 2005 04:30:49 +0000 (04:30 +0000)]
check BN_copy() return value

19 years agoHandle differences between engine IDs and their dynamic library names (and
Geoff Thorpe [Wed, 25 May 2005 02:54:28 +0000 (02:54 +0000)]
Handle differences between engine IDs and their dynamic library names (and
source files, for that matter) by tolerating the alternatives. It would be
preferable to also change the generated shared library names, but that will
be taken up separately.

19 years agoIt seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512
Richard Levitte [Tue, 24 May 2005 03:39:08 +0000 (03:39 +0000)]
It seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512
was still active when it came down to the functions.  mkdef.pl should really
be corrected, but that'll be another day...

19 years agoTypo correction
Richard Levitte [Tue, 24 May 2005 03:27:15 +0000 (03:27 +0000)]
Typo correction

19 years agoDEC C complains about bad subscript, but we know better, so let's shut it up.
Richard Levitte [Tue, 24 May 2005 03:22:53 +0000 (03:22 +0000)]
DEC C complains about bad subscript, but we know better, so let's shut it up.

19 years agoBe more consistent with OPENSSL_NO_SHA256.
Andy Polyakov [Sun, 22 May 2005 10:27:59 +0000 (10:27 +0000)]
Be more consistent with OPENSSL_NO_SHA256.

19 years agoOPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to
Andy Polyakov [Sun, 22 May 2005 08:55:15 +0000 (08:55 +0000)]
OPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to
make no-sha512 more effective on platforms, which don't support 64-bit
integer type of *any* kind.

19 years agoStill SEGV trouble in .init segment under Solaris x86...
Andy Polyakov [Sat, 21 May 2005 17:49:10 +0000 (17:49 +0000)]
Still SEGV trouble in .init segment under Solaris x86...

19 years agoWhen _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in
Richard Levitte [Sat, 21 May 2005 17:39:43 +0000 (17:39 +0000)]
When _XOPEN_SOURCE is defined, make sure it's defined to 500.  Required in
http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html.

Notified by David Wolfe <dwolfe5272@yahoo.com>

19 years agoDefault to no-sse2 on selected platforms.
Andy Polyakov [Sat, 21 May 2005 16:50:27 +0000 (16:50 +0000)]
Default to no-sse2 on selected platforms.

19 years agoPatches for Cygwin, provided by Corinna Vinschen <vinschen@redhat.com>
Richard Levitte [Sat, 21 May 2005 16:41:34 +0000 (16:41 +0000)]
Patches for Cygwin, provided by Corinna Vinschen <vinschen@redhat.com>

19 years agoPropagate BUILDENV into subdirectories.
Ben Laurie [Sat, 21 May 2005 16:13:36 +0000 (16:13 +0000)]
Propagate BUILDENV into subdirectories.

19 years agoMove _WIN32_WINNT definition from command line to e_os.h. The change is
Andy Polyakov [Sat, 21 May 2005 13:19:27 +0000 (13:19 +0000)]
Move _WIN32_WINNT definition from command line to e_os.h. The change is
inspired by VC6 failure report. In addition abstain from taking screen
snapshots when running in NT service context.

19 years agofix typo, add prototype
Nils Larsch [Fri, 20 May 2005 22:55:10 +0000 (22:55 +0000)]
fix typo, add prototype

19 years agofix potential memory leak
Nils Larsch [Thu, 19 May 2005 22:10:40 +0000 (22:10 +0000)]
fix potential memory leak

Submitted by: Goetz Babin-Ebell

19 years agoupdate ecdsa doc
Nils Larsch [Thu, 19 May 2005 20:54:30 +0000 (20:54 +0000)]
update ecdsa doc

19 years agoFAQ to mention no-sse2.
Andy Polyakov [Thu, 19 May 2005 19:54:49 +0000 (19:54 +0000)]
FAQ to mention no-sse2.

19 years agoUpdate status information
Richard Levitte [Thu, 19 May 2005 19:43:28 +0000 (19:43 +0000)]
Update status information

19 years agofix "dereferencing type-punned pointer will break strict-aliasing rules"
Nils Larsch [Thu, 19 May 2005 12:01:51 +0000 (12:01 +0000)]
fix "dereferencing type-punned pointer will break strict-aliasing rules"
warning when using gcc 4.0

19 years agomake the type parameter const when ID2_OF_const() is used
Nils Larsch [Wed, 18 May 2005 22:30:38 +0000 (22:30 +0000)]
make the type parameter const when ID2_OF_const() is used