Richard Levitte [Tue, 31 Oct 2000 23:26:32 +0000 (23:26 +0000)]
Improvements to openssl.spec.
Submitted by Damien Miller <djm@mindrot.org>
This change has been CC:ed to crypt@bxa.doc.gov
Richard Levitte [Tue, 31 Oct 2000 23:14:19 +0000 (23:14 +0000)]
Add configuration option to build on Linux on both big-endian and
little-endian MIPS.
Submitted by Ralf Baechle <ralf@uni-koblenz.de>
Richard Levitte [Tue, 31 Oct 2000 11:58:56 +0000 (11:58 +0000)]
Make flag variables int instead of char. This avoids getting into trouble on systems where char is unsigned by default
Ulf Möller [Mon, 30 Oct 2000 20:14:27 +0000 (20:14 +0000)]
_lrotl() is a call to the C runtime library!
Geoff Thorpe [Mon, 30 Oct 2000 18:47:27 +0000 (18:47 +0000)]
DSO_load() should also work when it is passed a NULL - a new DSO is created
automatically, however some code was still referring to the original
pointer rather than the internal one (and thus to NULL instead of the
created pointer).
Richard Levitte [Sat, 28 Oct 2000 22:44:03 +0000 (22:44 +0000)]
Document the change.
Richard Levitte [Sat, 28 Oct 2000 22:40:40 +0000 (22:40 +0000)]
Add the possibility to use keys handled by engines in more
applications.
Richard Levitte [Sat, 28 Oct 2000 22:21:04 +0000 (22:21 +0000)]
Small documentation change
Ulf Möller [Fri, 27 Oct 2000 20:43:18 +0000 (20:43 +0000)]
-engine is gone.
Richard Levitte [Fri, 27 Oct 2000 20:28:37 +0000 (20:28 +0000)]
NetBSD doesn't use ftime().
Richard Levitte [Fri, 27 Oct 2000 11:22:17 +0000 (11:22 +0000)]
Document the OCSP addition.
Richard Levitte [Fri, 27 Oct 2000 11:09:52 +0000 (11:09 +0000)]
make update
Richard Levitte [Fri, 27 Oct 2000 11:05:35 +0000 (11:05 +0000)]
The majority of the OCSP code from CertCo.
Ulf Möller [Thu, 26 Oct 2000 22:24:49 +0000 (22:24 +0000)]
.
Richard Levitte [Thu, 26 Oct 2000 21:07:28 +0000 (21:07 +0000)]
Merge the engine branch into the main trunk. All conflicts resolved.
At the same time, add VMS support for Rijndael.
Geoff Thorpe [Thu, 26 Oct 2000 20:02:33 +0000 (20:02 +0000)]
Add a note about the recent DSO changes in CHANGES.
Richard Levitte [Thu, 26 Oct 2000 18:42:35 +0000 (18:42 +0000)]
On HP-UX, at least when shl_* are used, the libraries have the
extension .sl instead of .so.
Richard Levitte [Thu, 26 Oct 2000 18:30:34 +0000 (18:30 +0000)]
For the operating systems where it matters, it is sometimes good to
translate library names by only adding ".so" to them without
prepending them with "lib". Add the flag DSO_FLAG_NAME_TRANSLATION_EXT_ONLY
for that purpose.
Geoff Thorpe [Thu, 26 Oct 2000 17:38:59 +0000 (17:38 +0000)]
This changes the behaviour of the DSO mechanism for determining an
appropriate filename translation on the host system. Apart from this point,
users should also note that there's a slight change in the API functions
too. The DSO now contains its own to-be-converted filename
("dso->filename"), and at the time the DSO loads the "dso->loaded_filename"
value is set to the translated form. As such, this also provides an impicit
way of determining if the DSO is currently loaded or not. Except, perhaps,
VMS .... :-)
The various DSO_METHODs have been updated for this mechanism except VMS
which is deliberately broken for now, Richard is going to look at how to
fit it in (the source comments in there explain "the issue").
Basically, the new callback scheme allows the filename conversion to
(a) be turned off altogether through the use of the
DSO_FLAG_NO_NAME_TRANSLATION flag,
(b) be handled in the default way using the default DSO_METHOD's converter
(c) overriden per-DSO by setting the override callback
(d) a mix of (b) and (c) - eg. implement an override callback that;
(i) checks if we're win32 "if(strstr(dso->meth->name, "win32"))..."
and if so, convert "blah" into "blah32.dll" (the default is
otherwise to make it "blah.dll").
(ii) default to the normal behaviour - eg. we're not on win32, so
finish with (return dso->meth->dso_name_converter(dso,NULL)).
(e) be retried a number of times by writing a new DSO_METHOD where the
"dso_load()" handler will call the converter repeatedly. Then the
custom converter could use state information in the DSO to suggest
different conversions or paths each time it is invoked.
Bodo Möller [Thu, 26 Oct 2000 12:05:57 +0000 (12:05 +0000)]
rsautl.c requires RSA.
Ulf Möller [Mon, 23 Oct 2000 19:13:35 +0000 (19:13 +0000)]
s_server not s_client
Bodo Möller [Mon, 23 Oct 2000 14:36:18 +0000 (14:36 +0000)]
Cert chain verification is useable by now.
Whether Steve is still working on 'proper' verification is up to
him to decide ...
Ulf Möller [Mon, 23 Oct 2000 14:02:02 +0000 (14:02 +0000)]
Correction from Tani Hosokawa <unknown@riverstyx.net>
Bodo Möller [Mon, 23 Oct 2000 08:01:41 +0000 (08:01 +0000)]
internal_verify now does know about extensions
Bodo Möller [Mon, 23 Oct 2000 07:37:03 +0000 (07:37 +0000)]
Don't ever set 'seeded' if RAND_status() returned 0
(although maybe this static variable should be abolished totally,
it was introduced before RAND_status existed).
Richard Levitte [Sun, 22 Oct 2000 21:37:39 +0000 (21:37 +0000)]
When building shared libraries on HP-UX 10.20 and HP-UX 11.00 (32bit),
ld warns that -Fl "may not be supported in future releases". We know
that, and are doing things in HP-UX 11 (64bit), so turn off that
warning with +vnocompatwarnings.
Richard Levitte [Sun, 22 Oct 2000 16:46:47 +0000 (16:46 +0000)]
It seems like grep isn't as capable as I thought on some Unix systems.
Use egrep instead.
Richard Levitte [Sun, 22 Oct 2000 12:47:01 +0000 (12:47 +0000)]
Pointer error corrected
Richard Levitte [Sun, 22 Oct 2000 12:45:33 +0000 (12:45 +0000)]
If the functions get_dh*() are declared static, they should be defined the same way
Richard Levitte [Sun, 22 Oct 2000 12:44:12 +0000 (12:44 +0000)]
On some operating systems, MAX is defined. Call ours OSSL_MAX instead
Richard Levitte [Sat, 21 Oct 2000 22:53:32 +0000 (22:53 +0000)]
Document
Richard Levitte [Sat, 21 Oct 2000 22:43:07 +0000 (22:43 +0000)]
There's no reason why app_RAND_load_file() should return 0 when
RAND_status() hasn't.
Reported by Dale Stimson <dale@accentre.com>.
Richard Levitte [Sat, 21 Oct 2000 22:18:52 +0000 (22:18 +0000)]
Krister Walfridsson <cato@df.lth.se> tells us sysctl lives in /sbin
since NetBSD 1.5.
Richard Levitte [Sat, 21 Oct 2000 22:05:03 +0000 (22:05 +0000)]
FreeBSD-elf can do threads. However, there seems to be confusion if
you should defined _THREAD_SAFE (I found that in an include file, and
that's what everybody tells me) or _THREADSAFE (that's what the gcc
manual says in the FreeBSD-specific section), so I defined both, just
to be safe.
Richard Levitte [Sat, 21 Oct 2000 21:24:11 +0000 (21:24 +0000)]
Add what's needed to get shared libraries on HP-UX.
N.B.: This has not been tested at all, that's my next step.
Richard Levitte [Sat, 21 Oct 2000 20:15:46 +0000 (20:15 +0000)]
make update
Richard Levitte [Sat, 21 Oct 2000 20:01:34 +0000 (20:01 +0000)]
Document the change to NCONF.
Dr. Stephen Henson [Fri, 20 Oct 2000 00:36:45 +0000 (00:36 +0000)]
Fix for bug (?) in assembly language routines for SHA1. This
causes MASM to complain and not produce valid debug info.
Hopefully this wont break anything else...
Also fix typo in e_rd.c
Dr. Stephen Henson [Thu, 19 Oct 2000 23:16:47 +0000 (23:16 +0000)]
Move expired CA certificate.
Ulf Möller [Thu, 19 Oct 2000 22:02:21 +0000 (22:02 +0000)]
give pseudo prototypes instead of macro definitions for better clarity
Ulf Möller [Thu, 19 Oct 2000 19:40:35 +0000 (19:40 +0000)]
"DESCRIPTION" is required.
Ulf Möller [Thu, 19 Oct 2000 15:19:41 +0000 (15:19 +0000)]
correction from Lutz
Richard Levitte [Thu, 19 Oct 2000 08:29:27 +0000 (08:29 +0000)]
Keep binary backward compatibility by putting new method function
pointers at the end of the structure.
Richard Levitte [Thu, 19 Oct 2000 08:26:32 +0000 (08:26 +0000)]
Make it possible for methods to load from something other than a BIO,
by providing a function pointer that is given a name instead of a BIO.
For example, this could be used to load configuration data from an
LDAP server.
Richard Levitte [Thu, 19 Oct 2000 08:03:14 +0000 (08:03 +0000)]
NCONF_get_number() has no error checking at all. As a replacement,
NCONF_get_number_e() is defined (_e for "error checking") and is
promoted strongly. The old NCONF_get_number is kept around for
binary backward compatibility.
Ulf Möller [Wed, 18 Oct 2000 23:08:55 +0000 (23:08 +0000)]
Add short overview, move header files section further down.
Ulf Möller [Wed, 18 Oct 2000 22:51:34 +0000 (22:51 +0000)]
cosmetic changes
Ulf Möller [Wed, 18 Oct 2000 22:01:47 +0000 (22:01 +0000)]
cosmetic change
Richard Levitte [Wed, 18 Oct 2000 19:36:27 +0000 (19:36 +0000)]
John Denney <jdenney@ca.mdis.com> reports that we forgot to convert
Free to OPENSSL_free in the SSL demos.
Richard Levitte [Tue, 17 Oct 2000 16:16:12 +0000 (16:16 +0000)]
Two questions have been asked quite often lately.
Dr. Stephen Henson [Mon, 16 Oct 2000 22:56:10 +0000 (22:56 +0000)]
Update test server certificate in apps/server.pem (it was expired).
Ben Laurie [Mon, 16 Oct 2000 13:08:16 +0000 (13:08 +0000)]
Always return a value.
Submitted by:
Reviewed by:
PR:
Richard Levitte [Mon, 16 Oct 2000 06:01:41 +0000 (06:01 +0000)]
CRYPTO_get_ex_new_index would never return an error.
Dr. Stephen Henson [Sat, 14 Oct 2000 23:51:52 +0000 (23:51 +0000)]
Fix for typo in certificate directory lookup code.
Richard Levitte [Sat, 14 Oct 2000 20:09:54 +0000 (20:09 +0000)]
The experimental Rijndael code moved to the main trunk.
make update done.
Richard Levitte [Fri, 13 Oct 2000 16:04:20 +0000 (16:04 +0000)]
Even when you don't want to create shared libraries, it's a good idea
to have the full extension information, so residual shared libraries
can be removed so the applications and test programs do not get linked
against them by mistake...
Richard Levitte [Fri, 13 Oct 2000 15:25:06 +0000 (15:25 +0000)]
Rework the system to generate shared libraries:
- Make note of the expected extension for the shared libraries and
if there is a need for symbolic links from for example libcrypto.so.0
to libcrypto.so.0.9.7. There is extended info in Configure for
that.
- Make as few rebuilds of the shared libraries as possible.
- Still avoid linking the OpenSSL programs with the shared libraries.
- When installing, install the shared libraries separately from the
static ones.
Richard Levitte [Fri, 13 Oct 2000 15:09:06 +0000 (15:09 +0000)]
Bump the shared library version (should have been done a while ago).
Richard Levitte [Fri, 13 Oct 2000 08:30:06 +0000 (08:30 +0000)]
Make the new conf implementatoin bug-compatible with the old one.
Actually, it's a feature that it goes looking at environment
variables. It's just a pity that it's at the cost of the error
checking... I'll see if I can come up with a better interface for
this.
Richard Levitte [Fri, 13 Oct 2000 08:27:00 +0000 (08:27 +0000)]
make update
Richard Levitte [Thu, 12 Oct 2000 09:56:36 +0000 (09:56 +0000)]
New docs and new facts in older docs.
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Dr. Stephen Henson [Thu, 12 Oct 2000 01:50:33 +0000 (01:50 +0000)]
Make non blocking I/O work for accept BIOs.
Ulf Möller [Wed, 11 Oct 2000 00:08:15 +0000 (00:08 +0000)]
fix problems in the selftest
Richard Levitte [Tue, 10 Oct 2000 15:08:30 +0000 (15:08 +0000)]
Do a favor to those who get weird compiles and report if RAND_pseudo_bytes
returns -1...
Richard Levitte [Tue, 10 Oct 2000 09:15:47 +0000 (09:15 +0000)]
A few small corrections to the SSL documentation.
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Bodo Möller [Mon, 9 Oct 2000 16:40:16 +0000 (16:40 +0000)]
BIO_sock_init() returns 1 for success and -1 for failure, not 0;
thus the condition '!BIO_sock_init()' doesn't make sense.
Geoff Thorpe [Mon, 9 Oct 2000 01:57:54 +0000 (01:57 +0000)]
DSO_ctrl() changes have removed a couple of DSO_METHOD-specific functions
so I've regenerated the error numbers and strings for the DSO functions.
Richard Levitte [Mon, 9 Oct 2000 00:50:04 +0000 (00:50 +0000)]
Make sure ranlib is only used on .a libraries.
Richard Levitte [Mon, 9 Oct 2000 00:48:30 +0000 (00:48 +0000)]
Make sure that shareable libraries are turned off if we don't know how
to make them...
Geoff Thorpe [Sun, 8 Oct 2000 22:36:49 +0000 (22:36 +0000)]
None of the DSO_METHOD's were handling anything except generic messages.
These are now processed inside DSO_ctrl() itself.
Geoff Thorpe [Sun, 8 Oct 2000 22:32:57 +0000 (22:32 +0000)]
Time to get rid of some rather silly code duplication - some DSO_ctrl()
commands are common to all DSO_METHODs, hence handle them at the top.
Richard Levitte [Sun, 8 Oct 2000 19:40:07 +0000 (19:40 +0000)]
Linux on Alpha with gcc knows about shared libraries.
Richard Levitte [Sun, 8 Oct 2000 19:38:28 +0000 (19:38 +0000)]
Linux on Alpha has the configuration name linux-alpha-gcc, not
linux-alpha.
Dr. Stephen Henson [Fri, 6 Oct 2000 11:51:47 +0000 (11:51 +0000)]
More code for X509_print_ex() support.
Dr. Stephen Henson [Wed, 4 Oct 2000 01:16:32 +0000 (01:16 +0000)]
Global DirectoryString mask fix.
Add support for X509_NAME_print_ex() in req.
Initial code for cutomizable X509 print routines.
Richard Levitte [Tue, 3 Oct 2000 22:02:28 +0000 (22:02 +0000)]
More SSL functions documented. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Richard Levitte [Sun, 1 Oct 2000 21:46:43 +0000 (21:46 +0000)]
Document...
Richard Levitte [Sun, 1 Oct 2000 21:28:07 +0000 (21:28 +0000)]
Remove what was described by someone as "an EAY hack for compiling
SSLeay with Colin Plumb's MD5 implementation instead of his one".
Richard Levitte [Fri, 29 Sep 2000 20:14:57 +0000 (20:14 +0000)]
Include arpa/inet.h, since that's where htons() and friends are
supposed to be defined according to XPG4.2.
Found by Evan <n2xjk@ulster.net> for the MVS platform.
Ulf Möller [Wed, 27 Sep 2000 21:45:20 +0000 (21:45 +0000)]
The des_modes manpage is in section 7.
Richard Levitte [Wed, 27 Sep 2000 13:54:28 +0000 (13:54 +0000)]
A compiler warning removed. Thanks to the folks at HP!
Bodo Möller [Tue, 26 Sep 2000 12:23:55 +0000 (12:23 +0000)]
Verbose output when installing manual pages so that you see that
something is going on (and what).
Bodo Möller [Tue, 26 Sep 2000 12:15:53 +0000 (12:15 +0000)]
Add BUGS section.
Bodo Möller [Tue, 26 Sep 2000 11:39:37 +0000 (11:39 +0000)]
Note read_ahead-flag related fixes.
Bodo Möller [Tue, 26 Sep 2000 11:38:05 +0000 (11:38 +0000)]
Set s->read_ahead in SSL_new because SSL_clear no longer modifies it.
Bodo Möller [Tue, 26 Sep 2000 11:30:59 +0000 (11:30 +0000)]
Don't modify s->read_ahead in SSL_clear, which is called from
accept/connect functions; those should not change the
read_ahead setting of the SSL structure.
Bodo Möller [Tue, 26 Sep 2000 11:25:44 +0000 (11:25 +0000)]
Fix SSL_CTX_set_read_ahead macro.
Submitted by: Anders Gertz <gertz@epact.se>
Richard Levitte [Mon, 25 Sep 2000 11:12:27 +0000 (11:12 +0000)]
Document the change.
Richard Levitte [Mon, 25 Sep 2000 10:22:39 +0000 (10:22 +0000)]
Update
Richard Levitte [Mon, 25 Sep 2000 10:21:23 +0000 (10:21 +0000)]
When creating a .def file, be a bit more selective so disabled
algorithms do not get in...
Richard Levitte [Mon, 25 Sep 2000 09:30:32 +0000 (09:30 +0000)]
echo=off works on NT, but not on W2K.
Richard Levitte [Mon, 25 Sep 2000 08:53:15 +0000 (08:53 +0000)]
'ranlib' doesn't always run on some systems. That's actually
acceptable, since all that happens if it fails is a library with
an index, which makes linking slower, but still working correctly.
Richard Levitte [Mon, 25 Sep 2000 08:49:13 +0000 (08:49 +0000)]
Make the algorithm implementations depend on the corresponding
selection macros.
Ulf Möller [Mon, 25 Sep 2000 05:55:19 +0000 (05:55 +0000)]
typo
Richard Levitte [Sun, 24 Sep 2000 17:31:37 +0000 (17:31 +0000)]
Update the status and version number to 0.9.7-dev.
Richard Levitte [Sun, 24 Sep 2000 15:42:34 +0000 (15:42 +0000)]
Forgot to change the STATUS file...
Richard Levitte [Sun, 24 Sep 2000 15:21:30 +0000 (15:21 +0000)]
Time to build the release. Bump the version info accordingly.
Richard Levitte [Sun, 24 Sep 2000 14:54:31 +0000 (14:54 +0000)]
make update
Richard Levitte [Sun, 24 Sep 2000 14:48:51 +0000 (14:48 +0000)]
Change the Windows building scripts to enable DSO_WIN32.
Ulf Möller [Sat, 23 Sep 2000 19:24:06 +0000 (19:24 +0000)]
print the perlasm rule only for linux-elf (it seems it confuses some
version of make for Mingw32)
----------------------------------------------------------------------
----------------------------------------------------------------------