Dr. Stephen Henson [Mon, 24 Mar 2003 17:06:25 +0000 (17:06 +0000)]
make update
Dr. Stephen Henson [Mon, 24 Mar 2003 17:04:44 +0000 (17:04 +0000)]
Support for name constraints.
Dr. Stephen Henson [Mon, 24 Mar 2003 00:56:09 +0000 (00:56 +0000)]
Name Constraints OID.
Lutz Jänicke [Sun, 23 Mar 2003 10:18:05 +0000 (10:18 +0000)]
Add SCO5 shared library scripts.
Upate SVR5 scripts for the upcoming 0.9.7b.
Submitted by: Boyd Lynn Gerber <gerberb@zenez.com>
Richard Levitte [Sat, 22 Mar 2003 22:33:52 +0000 (22:33 +0000)]
To define OPENSSL_NO_FP_API for all MSDOS type targets was unfair
against DJGPP, and much more restricted than previous definitions.
Dr. Stephen Henson [Fri, 21 Mar 2003 16:28:29 +0000 (16:28 +0000)]
make update
Dr. Stephen Henson [Fri, 21 Mar 2003 16:26:20 +0000 (16:26 +0000)]
Support for policy constraints.
Bodo Möller [Fri, 21 Mar 2003 13:11:14 +0000 (13:11 +0000)]
remove patch ID (which is supposed to appear in patched variants of
old OpenSSL releases, but not in new releases)
Richard Levitte [Fri, 21 Mar 2003 00:05:14 +0000 (00:05 +0000)]
Define COMP method function prototypes properly.
Richard Levitte [Fri, 21 Mar 2003 00:04:14 +0000 (00:04 +0000)]
Make sure to declare mem*() properly.
Richard Levitte [Thu, 20 Mar 2003 23:54:33 +0000 (23:54 +0000)]
make update
Richard Levitte [Thu, 20 Mar 2003 23:52:41 +0000 (23:52 +0000)]
Don't put configuration macro definitions on the command line, we're
just fooling ourselves and then screwing up for other applications.
Richard Levitte [Thu, 20 Mar 2003 23:51:35 +0000 (23:51 +0000)]
Sometimes, we have partial comments on the same line as other stuff we
parse. Make sure to read in the whole comment, so it can be entirely
removed.
Richard Levitte [Thu, 20 Mar 2003 23:34:28 +0000 (23:34 +0000)]
Make sure we get the definition of OPENSSL_NO_RSA.
Richard Levitte [Thu, 20 Mar 2003 23:34:08 +0000 (23:34 +0000)]
Make sure we get the definition of OPENSSL_NO_HMAC and OPENSSL_NO_SHA.
Richard Levitte [Thu, 20 Mar 2003 23:32:16 +0000 (23:32 +0000)]
Make sure we get the definition of OPENSSL_NO_SHA.
Richard Levitte [Thu, 20 Mar 2003 23:31:56 +0000 (23:31 +0000)]
Make sure we get the definition of OPENSSL_NO_RIPEMD.
Richard Levitte [Thu, 20 Mar 2003 23:31:44 +0000 (23:31 +0000)]
Make sure we get the definition of OPENSSL_NO_MDC2.
Richard Levitte [Thu, 20 Mar 2003 23:31:34 +0000 (23:31 +0000)]
Make sure we get the definition of OPENSSL_NO_MD5.
Richard Levitte [Thu, 20 Mar 2003 23:31:24 +0000 (23:31 +0000)]
Make sure we get the definition of OPENSSL_NO_MD4.
Richard Levitte [Thu, 20 Mar 2003 23:30:04 +0000 (23:30 +0000)]
Make sure we get the definition of OPENSSL_NO_MD2.
Richard Levitte [Thu, 20 Mar 2003 23:29:38 +0000 (23:29 +0000)]
Make sure we get the definition of OPENSSL_NO_DES.
Richard Levitte [Thu, 20 Mar 2003 23:29:26 +0000 (23:29 +0000)]
Make sure we get the definition of OPENSSL_NO_RC5.
Richard Levitte [Thu, 20 Mar 2003 23:29:17 +0000 (23:29 +0000)]
Make sure we get the definition of OPENSSL_NO_RC4.
Richard Levitte [Thu, 20 Mar 2003 23:29:06 +0000 (23:29 +0000)]
Make sure we get the definition of OPENSSL_NO_RC2.
Richard Levitte [Thu, 20 Mar 2003 23:28:55 +0000 (23:28 +0000)]
Make sure we get the definition of OPENSSL_NO_IDEA.
Richard Levitte [Thu, 20 Mar 2003 23:28:27 +0000 (23:28 +0000)]
Make sure we get the definition of OPENSSL_NO_CAST.
Richard Levitte [Thu, 20 Mar 2003 23:28:16 +0000 (23:28 +0000)]
Make sure we get the definition of OPENSSL_NO_BF.
Richard Levitte [Thu, 20 Mar 2003 23:28:03 +0000 (23:28 +0000)]
Make sure we get the definition of OPENSSL_NO_AES.
Richard Levitte [Thu, 20 Mar 2003 23:27:17 +0000 (23:27 +0000)]
Make sure we get the definition of a number of OPENSSL_NO_* macros.
Richard Levitte [Thu, 20 Mar 2003 23:26:46 +0000 (23:26 +0000)]
Make sure we get the definition of OPENSSL_NO_BIO.
Richard Levitte [Thu, 20 Mar 2003 23:26:32 +0000 (23:26 +0000)]
Include e_os.h correctly.
Richard Levitte [Thu, 20 Mar 2003 23:24:59 +0000 (23:24 +0000)]
Make sure we get the definition of OPENSSL_NO_MD2.
Richard Levitte [Thu, 20 Mar 2003 23:24:47 +0000 (23:24 +0000)]
Make sure we get the definition of OPENSSL_NO_FP_API.
Richard Levitte [Thu, 20 Mar 2003 23:24:32 +0000 (23:24 +0000)]
Make sure we get the definition of OPENSSL_NO_IDEA and IDEA_INT.
Richard Levitte [Thu, 20 Mar 2003 23:23:43 +0000 (23:23 +0000)]
Make sure we get the definition of OPENSSL_NO_HMAC.
Richard Levitte [Thu, 20 Mar 2003 23:22:31 +0000 (23:22 +0000)]
Make sure we get the definition of OPENSSL_NO_ECDSA.
Richard Levitte [Thu, 20 Mar 2003 23:22:17 +0000 (23:22 +0000)]
Make sure we get the definition of OPENSSL_NO_ECDH.
Richard Levitte [Thu, 20 Mar 2003 23:22:06 +0000 (23:22 +0000)]
Make sure we get the definition of OPENSSL_NO_EC.
Richard Levitte [Thu, 20 Mar 2003 23:21:51 +0000 (23:21 +0000)]
Make sure we get the definition of OPENSSL_NO_DSA and OPENSSL_NO_SHA.
Richard Levitte [Thu, 20 Mar 2003 23:21:27 +0000 (23:21 +0000)]
Make sure we get the definition of OPENSSL_NO_DH.
Richard Levitte [Thu, 20 Mar 2003 23:21:10 +0000 (23:21 +0000)]
Make sure we get the definition of OPENSSL_EXTERN, OPENSSL_NO_DES,
DES_LONG and OPENSSL_NO_DESCBCM.
Richard Levitte [Thu, 20 Mar 2003 23:20:15 +0000 (23:20 +0000)]
Make sure we get the definition of OPENSSL_NO_CAST.
Richard Levitte [Thu, 20 Mar 2003 23:19:41 +0000 (23:19 +0000)]
Make sure we get the definition of OPENSSL_NO_ERR.
Richard Levitte [Thu, 20 Mar 2003 23:18:32 +0000 (23:18 +0000)]
Make sure we get the definition of OPENSSL_NO_SOCK.
Richard Levitte [Thu, 20 Mar 2003 23:17:23 +0000 (23:17 +0000)]
Make sure we get the definition of OPENSSL_NO_FP_API.
Richard Levitte [Thu, 20 Mar 2003 23:17:04 +0000 (23:17 +0000)]
Make sure we get the definition of OPENSSL_NO_BF.
Richard Levitte [Thu, 20 Mar 2003 23:16:45 +0000 (23:16 +0000)]
Make sure we get the definition of OPENSSL_NO_BIO and OPENSSL_NO_RSA.
Richard Levitte [Thu, 20 Mar 2003 23:15:51 +0000 (23:15 +0000)]
Make sure we get the definition of OPENSSL_NO_AES.
Richard Levitte [Thu, 20 Mar 2003 23:14:49 +0000 (23:14 +0000)]
Because it may be needed in public header files, move the definition
of OPENSSL_NO_FP_API on existence of OPENSSL_SYS_MSDOS to e_os2.h.
Dr. Stephen Henson [Thu, 20 Mar 2003 17:59:39 +0000 (17:59 +0000)]
make update
Dr. Stephen Henson [Thu, 20 Mar 2003 17:58:33 +0000 (17:58 +0000)]
New ASN1 macros to just implement and declare the new and free functions
and changes to mkdef.pl so it recognises them.
Use these in policyMappings extension.
Bodo Möller [Thu, 20 Mar 2003 17:31:30 +0000 (17:31 +0000)]
make sure RSA blinding works when the PRNG is not properly seeded;
enable it automatically for the built-in engine
Dr. Stephen Henson [Thu, 20 Mar 2003 17:26:44 +0000 (17:26 +0000)]
Support for policyMappings
Dr. Stephen Henson [Thu, 20 Mar 2003 17:14:27 +0000 (17:14 +0000)]
Typo: OID should be policyMappings
Dr. Stephen Henson [Thu, 20 Mar 2003 17:09:46 +0000 (17:09 +0000)]
Avoid warning.
Richard Levitte [Thu, 20 Mar 2003 16:34:27 +0000 (16:34 +0000)]
Add documentation for -starttls (s_client) and -id_prefix (s_server).
PR: 542
Dr. Stephen Henson [Thu, 20 Mar 2003 14:21:36 +0000 (14:21 +0000)]
make update
Richard Levitte [Thu, 20 Mar 2003 11:44:28 +0000 (11:44 +0000)]
Some shells (ksh in this case) don't say 'command not found'.
PR: 540
Richard Levitte [Thu, 20 Mar 2003 11:41:59 +0000 (11:41 +0000)]
Spelling errors.
PR: 538
Richard Levitte [Thu, 20 Mar 2003 11:37:47 +0000 (11:37 +0000)]
Make sure that all the library paths are modified in prepend mode, not
replace mode.
PR: 528
Richard Levitte [Thu, 20 Mar 2003 11:15:12 +0000 (11:15 +0000)]
hinv may generate more than one line (1 line per CPU).
PR: 520
Richard Levitte [Thu, 20 Mar 2003 10:57:09 +0000 (10:57 +0000)]
Shut up an ANSI compiler about uninitialised variables.
PR: 517
Richard Levitte [Thu, 20 Mar 2003 10:50:36 +0000 (10:50 +0000)]
Add the target linux-ia64-ecc, suggested by Keith Thompson <kst@sdsc.edu>.
PR: 516
Bodo Möller [Wed, 19 Mar 2003 19:19:53 +0000 (19:19 +0000)]
countermeasure against new Klima-Pokorny-Rosa atack
Dr. Stephen Henson [Wed, 19 Mar 2003 13:55:48 +0000 (13:55 +0000)]
Fix Certificate and CRL adding in X509_load_cert_crl_file:
an X509_INFO structure can contain more than one object,
for example a certififcate and a CRL.
Bodo Möller [Tue, 18 Mar 2003 12:52:02 +0000 (12:52 +0000)]
fix formatting
Dr. Stephen Henson [Sat, 15 Mar 2003 01:28:55 +0000 (01:28 +0000)]
Fix for no-ec on Windows.
Dr. Stephen Henson [Fri, 14 Mar 2003 23:38:34 +0000 (23:38 +0000)]
Don't give an error if response reason absent in OCSP HTTP.
Dr. Stephen Henson [Fri, 14 Mar 2003 01:44:42 +0000 (01:44 +0000)]
Add entry for domainComponent so it is treated correctly.
Add table order test to end of a_strnid.c
Dr. Stephen Henson [Thu, 13 Mar 2003 23:37:55 +0000 (23:37 +0000)]
Add some OIDs.
Dr. Stephen Henson [Thu, 13 Mar 2003 21:28:03 +0000 (21:28 +0000)]
Fix PEDANTIC stuff...
Geoff Thorpe [Thu, 13 Mar 2003 20:28:42 +0000 (20:28 +0000)]
Fix a bone-head bug. This warrants a CHANGES entry because it could affect
applications if they were passing a bogus 'flags' parameter yet having
things work as they wanted anyway.
Dr. Stephen Henson [Thu, 13 Mar 2003 14:13:53 +0000 (14:13 +0000)]
Return an error if gmtime returns NULL.
Dr. Stephen Henson [Wed, 12 Mar 2003 02:38:57 +0000 (02:38 +0000)]
Avoid warnings for no-engine and PEDANTIC
Dr. Stephen Henson [Wed, 12 Mar 2003 02:31:40 +0000 (02:31 +0000)]
Fixes for EVP_DigestInit_ex() and OPENSSL_NO_ENGINE.
Geoff Thorpe [Tue, 11 Mar 2003 01:49:21 +0000 (01:49 +0000)]
The default implementation of DSA_METHOD has an interdependence on the
dsa_mod_exp() and bn_mod_exp() handlers from dsa_do_verify() and
dsa_sign_setup(). When another DSA_METHOD implementation does not define
these lower-level handlers, it becomes impossible to do a fallback to
software on errors using a simple DSA_OpenSSL()->fn(key).
This change allows the default DSA_METHOD to function in such circumstances
by only using dsa_mod_exp() and bn_mod_exp() handlers if they exist,
otherwise using BIGNUM implementations directly (which is what those
handlers did before this change). There should be no noticable difference
for the software case, or indeed any custom case that didn't already
segfault, except perhaps that there is now one less level of indirection in
all cases.
PR: 507
Bodo Möller [Fri, 28 Feb 2003 15:37:10 +0000 (15:37 +0000)]
- new ECDH_compute_key interface (KDF is no longer a fixed built-in)
- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary
Bodo Möller [Fri, 28 Feb 2003 15:17:45 +0000 (15:17 +0000)]
memset problem has been handled
PR: 343
Bodo Möller [Fri, 28 Feb 2003 15:07:10 +0000 (15:07 +0000)]
use tabs for indentation, not spaces
Dr. Stephen Henson [Thu, 27 Feb 2003 14:07:59 +0000 (14:07 +0000)]
Encryption BIOs misbehave when used with non blocking I/O.
Two fixes:
1. If BIO_write() fails inside enc_write() it should return the
total number of bytes successfully written.
2. If BIO_write() fails during BIO_flush() it should return immediately
with the error code: previously it would fall through to the final
encrypt, corrupting the buffer.
Dr. Stephen Henson [Thu, 27 Feb 2003 13:02:46 +0000 (13:02 +0000)]
Typo.
Bodo Möller [Thu, 27 Feb 2003 12:25:35 +0000 (12:25 +0000)]
add Certicom licensing e-mail address
Dr. Stephen Henson [Thu, 27 Feb 2003 01:54:11 +0000 (01:54 +0000)]
Support for dirName from config files in GeneralName extensions.
Dr. Stephen Henson [Tue, 25 Feb 2003 19:03:31 +0000 (19:03 +0000)]
Fix indefinite length encoding so EOC correctly updates
the buffer pointer.
Rename PKCS7_PARTSIGN to PKCS7_STREAM.
Guess what that's for :-)
Bodo Möller [Mon, 24 Feb 2003 17:18:01 +0000 (17:18 +0000)]
year 2003
Bodo Möller [Mon, 24 Feb 2003 17:15:28 +0000 (17:15 +0000)]
include OpenSSL license (in addition to EAY license)
Ulf Möller [Sat, 22 Feb 2003 23:03:42 +0000 (23:03 +0000)]
Add instructions for building the MinGW target in Cygwin, and
rearrange some of the other text for better readability.
Ulf Möller [Sat, 22 Feb 2003 22:19:48 +0000 (22:19 +0000)]
Copy rather than symlink the test data.
This is needed because Windows doesn't support symlinks.
The Cygwin/MinGW build now passes "make test".
Ulf Möller [Sat, 22 Feb 2003 22:15:31 +0000 (22:15 +0000)]
remove some more useless code. The mingw target can now be built
under cygwin.
Ulf Möller [Sat, 22 Feb 2003 18:00:14 +0000 (18:00 +0000)]
more mingw related cleanups.
Richard Levitte [Sat, 22 Feb 2003 15:04:03 +0000 (15:04 +0000)]
Remove duplication and have clean depend on libclean
Richard Levitte [Sat, 22 Feb 2003 14:41:34 +0000 (14:41 +0000)]
Allow building applications against static libraries with Makefile.shared.
Dr. Stephen Henson [Sat, 22 Feb 2003 02:12:52 +0000 (02:12 +0000)]
Base64 bio fixes. The base64 bio was seriously broken
when reading from a non blocking BIO.
It would incorrectly interpret retries as EOF, incorrectly
buffer initial data and have no buffering at all after initial
data (data would be sent one byte at a time to EVP_DecodeUpdate).
Ulf Möller [Sat, 22 Feb 2003 01:20:55 +0000 (01:20 +0000)]
add test
Ulf Möller [Fri, 21 Feb 2003 23:19:50 +0000 (23:19 +0000)]
avoid duplicate definiton of bn_sub_part_words
Ulf Möller [Fri, 21 Feb 2003 22:59:20 +0000 (22:59 +0000)]
clean up MinGW build. MinGW make now supports the Windows path name
conventions.
Ulf Möller [Fri, 21 Feb 2003 22:09:52 +0000 (22:09 +0000)]
update mingw info
Bodo Möller [Fri, 21 Feb 2003 16:06:39 +0000 (16:06 +0000)]
treat 'out' like i2d functions do; cf. asn1_item_flags_i2d (crypto/asn/tasn_enc.c)
Bodo Möller [Fri, 21 Feb 2003 13:58:23 +0000 (13:58 +0000)]
ECPublicKey_set_octet_string and ECPublicKey_get_octet_string
behaviour was not quite consistent with the conventions
for d2i and i2d functions as far as handling of the 'out'
or 'in' pointer is concerned.
This patch changes this behaviour, and renames the functions to
o2i_ECPublicKey and i2o_ECPublicKey (not 'd2i' and 'i2d' because the
external encoding is just a raw object string without any DER icing).
Submitted by: Nils Larsch