oweals/openssl.git
16 years agox86_64-xlate.pl to support MacOS X and mingw64.
Andy Polyakov [Wed, 12 Nov 2008 08:05:58 +0000 (08:05 +0000)]
x86_64-xlate.pl to support MacOS X and mingw64.

16 years agoRevert commit #17603, it should have been part of #17617.
Andy Polyakov [Wed, 12 Nov 2008 07:27:36 +0000 (07:27 +0000)]
Revert commit #17603, it should have been part of #17617.

16 years agoRevert the size_t modifications from HEAD that had led to more
Geoff Thorpe [Wed, 12 Nov 2008 03:58:08 +0000 (03:58 +0000)]
Revert the size_t modifications from HEAD that had led to more
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.

16 years agoTolerate -----BEGIN PKCS #7 SIGNED DATA----- header lines as used by some
Dr. Stephen Henson [Tue, 11 Nov 2008 12:38:25 +0000 (12:38 +0000)]
Tolerate -----BEGIN PKCS #7 SIGNED DATA----- header lines as used by some
implementations.

16 years agoUpdate from stable branch.
Dr. Stephen Henson [Tue, 11 Nov 2008 12:23:18 +0000 (12:23 +0000)]
Update from stable branch.

16 years agoUpdate from stable branch.
Dr. Stephen Henson [Tue, 11 Nov 2008 10:17:54 +0000 (10:17 +0000)]
Update from stable branch.

16 years agosymbol deobnoxification
Bodo Möller [Tue, 11 Nov 2008 07:08:59 +0000 (07:08 +0000)]
symbol deobnoxification

16 years agoMake -DKSSL_DEBUG work again.
Dr. Stephen Henson [Mon, 10 Nov 2008 19:08:37 +0000 (19:08 +0000)]
Make -DKSSL_DEBUG work again.

16 years agoClarify (non-)blocking behavior of EGD socket interface used by RAND_egd().
Lutz Jänicke [Mon, 10 Nov 2008 11:26:44 +0000 (11:26 +0000)]
Clarify (non-)blocking behavior of EGD socket interface used by RAND_egd().

16 years agoPR: 1777
Dr. Stephen Henson [Wed, 5 Nov 2008 23:14:32 +0000 (23:14 +0000)]
PR: 1777
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>
Approved by: steve@openssl.org

Fix some size_t issues.

16 years agoUpdate obsolete email address...
Dr. Stephen Henson [Wed, 5 Nov 2008 18:39:08 +0000 (18:39 +0000)]
Update obsolete email address...

16 years agoDon't use clobbered 'i' for checking UTCTime and GeneralizedTime length.
Dr. Stephen Henson [Wed, 5 Nov 2008 18:28:24 +0000 (18:28 +0000)]
Don't use clobbered 'i' for checking UTCTime and GeneralizedTime length.

16 years agoOnly one of these needs to be signed.
Ben Laurie [Tue, 4 Nov 2008 15:16:23 +0000 (15:16 +0000)]
Only one of these needs to be signed.

16 years agoFormatting.
Ben Laurie [Tue, 4 Nov 2008 12:06:09 +0000 (12:06 +0000)]
Formatting.

16 years agoAdd initial support for mingw64.
Andy Polyakov [Mon, 3 Nov 2008 21:15:07 +0000 (21:15 +0000)]
Add initial support for mingw64.
PR: 1693
Submitted by: Alon Bar-Lev

16 years agoMinor perlasm updates.
Andy Polyakov [Mon, 3 Nov 2008 08:46:07 +0000 (08:46 +0000)]
Minor perlasm updates.

16 years agoNot sure about this one... seems to be needed to make 64 bit release
Dr. Stephen Henson [Sun, 2 Nov 2008 18:29:27 +0000 (18:29 +0000)]
Not sure about this one... seems to be needed to make 64 bit release
builds work properly...

16 years agoFix prototypes.
Dr. Stephen Henson [Sun, 2 Nov 2008 18:12:36 +0000 (18:12 +0000)]
Fix prototypes.

16 years agoUse stddef.h to pick up size_t def.
Dr. Stephen Henson [Sun, 2 Nov 2008 16:56:13 +0000 (16:56 +0000)]
Use stddef.h to pick up size_t def.

16 years agoFix prototypes.
Dr. Stephen Henson [Sun, 2 Nov 2008 16:13:19 +0000 (16:13 +0000)]
Fix prototypes.

16 years agoUpdate HMAC functions to return an error where relevant.
Dr. Stephen Henson [Sun, 2 Nov 2008 16:00:39 +0000 (16:00 +0000)]
Update HMAC functions to return an error where relevant.

16 years agoFix warnings: printf format mismatches on 64 bit platforms.
Dr. Stephen Henson [Sun, 2 Nov 2008 15:41:30 +0000 (15:41 +0000)]
Fix warnings: printf format mismatches on 64 bit platforms.
Change assert to OPENSSL_assert().
Fix e_padlock prototype.

16 years agoFix asserts. Fix incorrect dependency.
Ben Laurie [Sun, 2 Nov 2008 13:15:06 +0000 (13:15 +0000)]
Fix asserts. Fix incorrect dependency.

16 years agoFix warnings about mismatched prototypes, undefined size_t and value computed
Dr. Stephen Henson [Sun, 2 Nov 2008 12:50:48 +0000 (12:50 +0000)]
Fix warnings about mismatched prototypes, undefined size_t and value computed
not used.

16 years agoFix warnings.
Ben Laurie [Sun, 2 Nov 2008 09:22:29 +0000 (09:22 +0000)]
Fix warnings.

16 years agoFix warning.
Ben Laurie [Sun, 2 Nov 2008 09:00:25 +0000 (09:00 +0000)]
Fix warning.

16 years agoFix bss_log.c on Windows.
Andy Polyakov [Sat, 1 Nov 2008 21:09:54 +0000 (21:09 +0000)]
Fix bss_log.c on Windows.

16 years agoMore size_tification.
Ben Laurie [Sat, 1 Nov 2008 16:40:37 +0000 (16:40 +0000)]
More size_tification.

16 years agosize_tification.
Ben Laurie [Sat, 1 Nov 2008 14:37:00 +0000 (14:37 +0000)]
size_tification.

16 years agoFix SHA512 and optimize BN for mingw64.
Andy Polyakov [Sat, 1 Nov 2008 12:46:18 +0000 (12:46 +0000)]
Fix SHA512 and optimize BN for mingw64.

16 years agoFix warnings after commit#17578.
Andy Polyakov [Fri, 31 Oct 2008 20:20:54 +0000 (20:20 +0000)]
Fix warnings after commit#17578.

16 years agosize_t-fy EVP_CIPHER. Note that being size_t-fied it doesn't require
Andy Polyakov [Fri, 31 Oct 2008 19:48:25 +0000 (19:48 +0000)]
size_t-fy EVP_CIPHER. Note that being size_t-fied it doesn't require
underlying cipher to be size_t-fied, it allows for size_t, signed and
unsigned long. It maintains source and even binary compatibility.

16 years agosize_t-fy AES, Camellia and RC4.
Andy Polyakov [Fri, 31 Oct 2008 19:30:11 +0000 (19:30 +0000)]
size_t-fy AES, Camellia and RC4.

16 years agoAdd install target to crypto/jpake/Makefile
Dr. Stephen Henson [Fri, 31 Oct 2008 12:06:25 +0000 (12:06 +0000)]
Add install target to crypto/jpake/Makefile

16 years agoFix warning.
Ben Laurie [Wed, 29 Oct 2008 05:10:09 +0000 (05:10 +0000)]
Fix warning.

16 years agorandfile.c: .rnd can become orphaned on VMS.
Andy Polyakov [Tue, 28 Oct 2008 16:25:47 +0000 (16:25 +0000)]
randfile.c: .rnd can become orphaned on VMS.

Submitted by: David North

16 years ago.cvsignore update: ignore all flavors of shared objects.
Andy Polyakov [Tue, 28 Oct 2008 15:29:25 +0000 (15:29 +0000)]
.cvsignore update: ignore all flavors of shared objects.

16 years agoFix typo in ./config.
Andy Polyakov [Tue, 28 Oct 2008 15:09:06 +0000 (15:09 +0000)]
Fix typo in ./config.

Submitted by: Sander Temme

16 years agoec2_mult.c readability update.
Andy Polyakov [Tue, 28 Oct 2008 13:53:51 +0000 (13:53 +0000)]
ec2_mult.c readability update.

16 years agoMinor clean-up in bn_lib.c: constification and optimization.
Andy Polyakov [Tue, 28 Oct 2008 13:52:51 +0000 (13:52 +0000)]
Minor clean-up in bn_lib.c: constification and optimization.

16 years agoFix crash in BN_rshift.
Andy Polyakov [Tue, 28 Oct 2008 13:46:14 +0000 (13:46 +0000)]
Fix crash in BN_rshift.
PR: 1663

16 years agoHarmonize Camellia API with version 1.x.
Andy Polyakov [Tue, 28 Oct 2008 12:13:52 +0000 (12:13 +0000)]
Harmonize Camellia API with version 1.x.

16 years agoCamellia update. Quoting camellia.c:
Andy Polyakov [Tue, 28 Oct 2008 08:47:24 +0000 (08:47 +0000)]
Camellia update. Quoting camellia.c:

/*
 * This release balances code size and performance. In particular key
 * schedule setup is fully unrolled, because doing so *significantly*
 * reduces amount of instructions per setup round and code increase is
 * justifiable. In block functions on the other hand only inner loops
 * are unrolled, as full unroll gives only nominal performance boost,
 * while code size grows 4 or 7 times. Also, unlike previous versions
 * this one "encourages" compiler to keep intermediate variables in
 * registers, which should give better "all round" results, in other
 * words reasonable performance even with not so modern compilers.
 */

16 years agox86_64-xlate.pl update: refine SEH support.
Andy Polyakov [Tue, 28 Oct 2008 08:40:07 +0000 (08:40 +0000)]
x86_64-xlate.pl update: refine SEH support.

16 years agoWin32 fixes... add new directory to build system. Fix warnings.
Dr. Stephen Henson [Mon, 27 Oct 2008 12:31:13 +0000 (12:31 +0000)]
Win32 fixes... add new directory to build system. Fix warnings.

16 years agoFix warnings and various issues.
Dr. Stephen Henson [Mon, 27 Oct 2008 12:02:52 +0000 (12:02 +0000)]
Fix warnings and various issues.

C++ style comments.
Signed/unsigned warning in apps.c
Missing targets in jpake/Makefile

16 years agoAdd JPAKE.
Ben Laurie [Sun, 26 Oct 2008 18:40:52 +0000 (18:40 +0000)]
Add JPAKE.

16 years agoAdd support for -crlnumber option in crl utility.
Dr. Stephen Henson [Wed, 22 Oct 2008 19:54:55 +0000 (19:54 +0000)]
Add support for -crlnumber option in crl utility.

16 years agoAdd permanentIdentifier OID.
Dr. Stephen Henson [Wed, 22 Oct 2008 18:48:11 +0000 (18:48 +0000)]
Add permanentIdentifier OID.

16 years agoCreate function of the form OBJ_bsearch_xxx() in bsearch typesafe macros
Dr. Stephen Henson [Wed, 22 Oct 2008 15:43:01 +0000 (15:43 +0000)]
Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.

This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()

16 years agoApparently '__top' is also risky, obfuscate further. (All this to
Geoff Thorpe [Wed, 22 Oct 2008 12:00:15 +0000 (12:00 +0000)]
Apparently '__top' is also risky, obfuscate further. (All this to
avoid inlines...)

16 years agoAllow detection of input EOF in quiet mode by adding -no_ign_eof option
Lutz Jänicke [Wed, 22 Oct 2008 06:46:14 +0000 (06:46 +0000)]
Allow detection of input EOF in quiet mode by adding -no_ign_eof option
to s_client application.
PR: #1761
Submitted by: David Woodhouse <dwmw2@infradead.org>

16 years agoUse of a 'top' var creates "shadow variable" warnings.
Geoff Thorpe [Wed, 22 Oct 2008 01:25:45 +0000 (01:25 +0000)]
Use of a 'top' var creates "shadow variable" warnings.

16 years agoReinstate obj_xref.h as it is not auto generated on all platforms.
Dr. Stephen Henson [Mon, 20 Oct 2008 15:12:48 +0000 (15:12 +0000)]
Reinstate obj_xref.h as it is not auto generated on all platforms.

16 years agoFix a shed load or warnings:
Dr. Stephen Henson [Mon, 20 Oct 2008 15:12:00 +0000 (15:12 +0000)]
Fix a shed load or warnings:

Duplicate const.
Use of ; outside function.

16 years agoAdd missing "-d" to option list of openssl version.
Lutz Jänicke [Mon, 20 Oct 2008 12:53:36 +0000 (12:53 +0000)]
Add missing "-d" to option list of openssl version.

Submitted by: Alex Chen <alex_chen@filemaker.com>

16 years agoConstification.
Ben Laurie [Sun, 19 Oct 2008 22:51:27 +0000 (22:51 +0000)]
Constification.

16 years agoFix Warning...
Dr. Stephen Henson [Sun, 19 Oct 2008 17:22:34 +0000 (17:22 +0000)]
Fix Warning...

16 years agoFix multiple ; warning.
Dr. Stephen Henson [Sat, 18 Oct 2008 15:02:59 +0000 (15:02 +0000)]
Fix multiple ; warning.

16 years agoFix warning a different way.
Ben Laurie [Sat, 18 Oct 2008 12:12:34 +0000 (12:12 +0000)]
Fix warning a different way.

16 years agoFix argument order in BN_nnmod call and implement rigorous boundary
Andy Polyakov [Thu, 16 Oct 2008 07:54:41 +0000 (07:54 +0000)]
Fix argument order in BN_nnmod call and implement rigorous boundary
condition check.

16 years agoOptimize bn_correct_top.
Andy Polyakov [Wed, 15 Oct 2008 10:48:52 +0000 (10:48 +0000)]
Optimize bn_correct_top.

16 years agoRemove redundant BN_ucmp, fix boundary condition in BN_nist_mod_224 and
Andy Polyakov [Wed, 15 Oct 2008 10:47:48 +0000 (10:47 +0000)]
Remove redundant BN_ucmp, fix boundary condition in BN_nist_mod_224 and
reimplement BN_nist_mod_521.

16 years agoSet comparison function in v3_add_canonize().
Ben Laurie [Tue, 14 Oct 2008 19:27:07 +0000 (19:27 +0000)]
Set comparison function in v3_add_canonize().

16 years agoAdd XMPP STARTTLS support.
Ben Laurie [Tue, 14 Oct 2008 19:11:26 +0000 (19:11 +0000)]
Add XMPP STARTTLS support.

16 years agoOoops... remove code accidentally commited from FIPS version.
Dr. Stephen Henson [Tue, 14 Oct 2008 15:44:14 +0000 (15:44 +0000)]
Ooops... remove code accidentally commited from FIPS version.

16 years agoAdd missing lock definitions...
Dr. Stephen Henson [Tue, 14 Oct 2008 15:24:49 +0000 (15:24 +0000)]
Add missing lock definitions...

16 years agoAdd missing lock definitions.
Dr. Stephen Henson [Tue, 14 Oct 2008 15:22:11 +0000 (15:22 +0000)]
Add missing lock definitions.

16 years agoType-safe OBJ_bsearch_ex.
Ben Laurie [Tue, 14 Oct 2008 08:10:52 +0000 (08:10 +0000)]
Type-safe OBJ_bsearch_ex.

16 years agoRemove the DTLS1_BAD_VER thing from 0.9.9-dev. It is present in 0.9.8
Lutz Jänicke [Mon, 13 Oct 2008 06:45:59 +0000 (06:45 +0000)]
Remove the DTLS1_BAD_VER thing from 0.9.9-dev. It is present in 0.9.8
but has been omitted from HEAD (0.9.9), see commit
  http://cvs.openssl.org/chngview?cn=16627
by appro.

16 years agoHalf of the commit for 0.9.8 as the bitmap handling has changed.
Lutz Jänicke [Mon, 13 Oct 2008 06:43:03 +0000 (06:43 +0000)]
Half of the commit for 0.9.8 as the bitmap handling has changed.
(Firstly... ommitted)

Secondly, it wasn't even _dropping_ the offending packets, in the
non-blocking case. It was just returning garbage instead.
PR: #1752
Submitted by: David Woodhouse <dwmw2@infradead.org>

16 years agoType-checked (and modern C compliant) OBJ_bsearch.
Ben Laurie [Sun, 12 Oct 2008 14:32:47 +0000 (14:32 +0000)]
Type-checked (and modern C compliant) OBJ_bsearch.

16 years agoAdd missing DTLS1_BAD_VER (hope I got the value right).
Ben Laurie [Sun, 12 Oct 2008 14:04:34 +0000 (14:04 +0000)]
Add missing DTLS1_BAD_VER (hope I got the value right).

16 years agoWhen the underlying BIO_write() fails to send a datagram, we leave the
Lutz Jänicke [Fri, 10 Oct 2008 10:41:35 +0000 (10:41 +0000)]
When the underlying BIO_write() fails to send a datagram, we leave the
offending record queued as 'pending'. The DTLS code doesn't expect this,
and we end up hitting an OPENSSL_assert() in do_dtls1_write().

The simple fix is just _not_ to leave it queued. In DTLS, dropping
packets is perfectly acceptable -- and even preferable. If we wanted a
service with retries and guaranteed delivery, we'd be using TCP.
PR: #1703
Submitted by: David Woodhouse <dwmw2@infradead.org>

16 years agoExperimental new date handling routines. These fix issues with X509_time_adj()
Dr. Stephen Henson [Tue, 7 Oct 2008 22:55:27 +0000 (22:55 +0000)]
Experimental new date handling routines. These fix issues with X509_time_adj()
and should avoid any OS date limitations such as the year 2038 bug.

16 years agoFix incorrect command for assember file generation on IA64
Lutz Jänicke [Mon, 6 Oct 2008 10:34:49 +0000 (10:34 +0000)]
Fix incorrect command for assember file generation on IA64

Submitted by: Amadeu A. Barbosa Jr <amadeu@tecgraf.puc-rio.br>

16 years agoFix EC_KEY_check_key.
Andy Polyakov [Tue, 23 Sep 2008 17:33:11 +0000 (17:33 +0000)]
Fix EC_KEY_check_key.

16 years agoMake sure that SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG can't
Bodo Möller [Mon, 22 Sep 2008 21:22:47 +0000 (21:22 +0000)]
Make sure that SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG can't
enable disabled ciphersuites.

16 years agoFrom branch OpenSSL_0_9_8-stable: Allow soft-loading engines.
Bodo Möller [Mon, 15 Sep 2008 20:41:24 +0000 (20:41 +0000)]
From branch OpenSSL_0_9_8-stable: Allow soft-loading engines.

Also, fix CHANGES (consistency with stable branch).

16 years agoAdd missing CHANGES entry.
Dr. Stephen Henson [Mon, 15 Sep 2008 20:30:58 +0000 (20:30 +0000)]
Add missing CHANGES entry.

16 years agofrom 0.9.8 branch
Bodo Möller [Mon, 15 Sep 2008 20:30:17 +0000 (20:30 +0000)]
from 0.9.8 branch

16 years agoUpdate FAQ.
Dr. Stephen Henson [Mon, 15 Sep 2008 11:27:58 +0000 (11:27 +0000)]
Update FAQ.

16 years agoFix yesterday typos in bss_dgram.c.
Andy Polyakov [Mon, 15 Sep 2008 05:43:04 +0000 (05:43 +0000)]
Fix yesterday typos in bss_dgram.c.

16 years agoFix build warnings.
Geoff Thorpe [Mon, 15 Sep 2008 04:02:37 +0000 (04:02 +0000)]
Fix build warnings.

16 years agoupdate comment
Bodo Möller [Sun, 14 Sep 2008 19:50:55 +0000 (19:50 +0000)]
update comment

16 years agoWinsock handles SO_RCVTIMEO in unique manner...
Andy Polyakov [Sun, 14 Sep 2008 19:22:52 +0000 (19:22 +0000)]
Winsock handles SO_RCVTIMEO in unique manner...
PR: 1648

16 years agooops
Bodo Möller [Sun, 14 Sep 2008 18:16:07 +0000 (18:16 +0000)]
oops

16 years agodtls1_write_bytes consumers expect amount of bytes written per call, not
Andy Polyakov [Sun, 14 Sep 2008 17:56:15 +0000 (17:56 +0000)]
dtls1_write_bytes consumers expect amount of bytes written per call, not
overall.
PR: 1604

16 years agoFix SSL state transitions.
Bodo Möller [Sun, 14 Sep 2008 14:02:07 +0000 (14:02 +0000)]
Fix SSL state transitions.

Submitted by: Nagendra Modadugu

16 years agoNote about CVS branch inconsistency.
Bodo Möller [Sun, 14 Sep 2008 13:53:18 +0000 (13:53 +0000)]
Note about CVS branch inconsistency.

16 years agoReally get rid of unsafe double-checked locking.
Bodo Möller [Sun, 14 Sep 2008 13:51:44 +0000 (13:51 +0000)]
Really get rid of unsafe double-checked locking.

Also, "CHANGES" clean-ups.

16 years agoSome precautions to avoid potential security-relevant problems.
Bodo Möller [Sun, 14 Sep 2008 13:42:34 +0000 (13:42 +0000)]
Some precautions to avoid potential security-relevant problems.

16 years agoDTLS didn't handle alerts correctly.
Andy Polyakov [Sat, 13 Sep 2008 18:24:38 +0000 (18:24 +0000)]
DTLS didn't handle alerts correctly.
PR: 1632

16 years agoAIX build updates.
Andy Polyakov [Fri, 12 Sep 2008 14:45:54 +0000 (14:45 +0000)]
AIX build updates.

16 years agoAdd SSL_FIPS flag for FIPS 140-2 approved ciphersuites and add a new
Dr. Stephen Henson [Wed, 10 Sep 2008 16:02:09 +0000 (16:02 +0000)]
Add SSL_FIPS flag for FIPS 140-2 approved ciphersuites and add a new
strength "FIPS" to represent all FIPS approved ciphersuites without NULL
encryption.

16 years agoIgnoring errors in makedepend can hide problems.
Ben Laurie [Tue, 9 Sep 2008 19:08:40 +0000 (19:08 +0000)]
Ignoring errors in makedepend can hide problems.

16 years agoFix warning.
Ben Laurie [Sun, 7 Sep 2008 13:22:34 +0000 (13:22 +0000)]
Fix warning.

16 years agoFix from stable branch.
Dr. Stephen Henson [Wed, 3 Sep 2008 22:17:11 +0000 (22:17 +0000)]
Fix from stable branch.

16 years agoDo not discard cached handshake records during resumed sessions:
Dr. Stephen Henson [Wed, 3 Sep 2008 12:36:16 +0000 (12:36 +0000)]
Do not discard cached handshake records during resumed sessions:
they are used for mac computation.

16 years agoMake no-tlsext compile.
Dr. Stephen Henson [Wed, 3 Sep 2008 12:29:57 +0000 (12:29 +0000)]
Make no-tlsext compile.