Dr. Stephen Henson [Sat, 4 Feb 2006 23:05:40 +0000 (23:05 +0000)]
Update/hack mkdef.pl to recognize and add SHA2 algorithms when OPENSSL_FIPS
is defined.
Dr. Stephen Henson [Sat, 4 Feb 2006 01:50:41 +0000 (01:50 +0000)]
Fix from HEAD.
Dr. Stephen Henson [Sat, 4 Feb 2006 01:27:52 +0000 (01:27 +0000)]
Fix from HEAD.
Dr. Stephen Henson [Fri, 3 Feb 2006 23:55:26 +0000 (23:55 +0000)]
Use getcwd() because it works under MSYS but `pwd` doesn't.
Dr. Stephen Henson [Fri, 3 Feb 2006 18:42:24 +0000 (18:42 +0000)]
Update CHANGES/NEWS.
Dr. Stephen Henson [Fri, 3 Feb 2006 18:27:13 +0000 (18:27 +0000)]
Updated fips_test_suite.
Nils Larsch [Thu, 2 Feb 2006 22:29:55 +0000 (22:29 +0000)]
fix if statement: call conn_state() if the BIO is not in the BIO_CONN_S_OK state
Dr. Stephen Henson [Thu, 2 Feb 2006 15:10:50 +0000 (15:10 +0000)]
Add fips_test_suite.c to TEST
Andy Polyakov [Wed, 1 Feb 2006 22:22:40 +0000 (22:22 +0000)]
Spotted divergence between CVS and submitted tar-ball.
Andy Polyakov [Wed, 1 Feb 2006 22:21:13 +0000 (22:21 +0000)]
Remove files erroneously added in catalog rename.
Dr. Stephen Henson [Tue, 31 Jan 2006 18:38:06 +0000 (18:38 +0000)]
Fix from head.
Dr. Stephen Henson [Mon, 30 Jan 2006 18:51:36 +0000 (18:51 +0000)]
Update some scripts to use fips-1.0
Dr. Stephen Henson [Mon, 30 Jan 2006 18:15:29 +0000 (18:15 +0000)]
Change fips directory to fips-1.0
Lutz Jänicke [Mon, 30 Jan 2006 17:07:54 +0000 (17:07 +0000)]
Typo
Submitted by: Girish Venkatachalam <girish1729@gmail.com>
Dr. Stephen Henson [Mon, 30 Jan 2006 13:49:59 +0000 (13:49 +0000)]
Backport of other fixes to keep VC++ happy.
Dr. Stephen Henson [Mon, 30 Jan 2006 13:14:20 +0000 (13:14 +0000)]
Backport of changes to support later versions of VC++.
Dr. Stephen Henson [Sat, 28 Jan 2006 13:34:27 +0000 (13:34 +0000)]
Sample FIPS object file integrity checking script.
Dr. Stephen Henson [Sat, 28 Jan 2006 13:33:31 +0000 (13:33 +0000)]
Update to VC++ static build.
Dr. Stephen Henson [Thu, 26 Jan 2006 17:48:13 +0000 (17:48 +0000)]
Move certs to right place.
Dr. Stephen Henson [Thu, 26 Jan 2006 17:34:57 +0000 (17:34 +0000)]
FIPS related updates for Windows build. Only build fipscanister.o from the
GMAKE target. Use precompiled fipscanister.o from other targets.
Update fipslink.pl script to check fipscanister.o and fips_premain.c hashes.
Dr. Stephen Henson [Wed, 25 Jan 2006 13:40:55 +0000 (13:40 +0000)]
Make sure stanadlong SHA1 checker is built.
Dr. Stephen Henson [Wed, 25 Jan 2006 13:26:11 +0000 (13:26 +0000)]
Add VC++ using GNU (or other U*ix like make) target for mk1mf.pl
Autodetect VC++ in config script and generate Makefile
Add source hash checking to mk1mf.pl for VC++.
Dr. Stephen Henson [Sun, 22 Jan 2006 00:04:39 +0000 (00:04 +0000)]
Fix static VC++ build for FIPS.
Dr. Stephen Henson [Sat, 21 Jan 2006 22:14:07 +0000 (22:14 +0000)]
Update to VC++ in-core fingerprinting support.
Dr. Stephen Henson [Sat, 21 Jan 2006 21:28:26 +0000 (21:28 +0000)]
Support for VC++ build with in-core hashing.
Andy Polyakov [Sat, 21 Jan 2006 14:01:30 +0000 (14:01 +0000)]
Replace detached signature with in-core fingerprinting.
Dr. Stephen Henson [Thu, 19 Jan 2006 17:19:43 +0000 (17:19 +0000)]
Correctly encode FALSE for BOOL in ASN1_TYPE.
Dr. Stephen Henson [Sun, 15 Jan 2006 13:54:42 +0000 (13:54 +0000)]
Typo.
Richard Levitte [Wed, 11 Jan 2006 18:55:19 +0000 (18:55 +0000)]
Forgot to initialize CC6DISABLEWARNINGS properly...
Richard Levitte [Wed, 11 Jan 2006 13:31:12 +0000 (13:31 +0000)]
Typo...
Richard Levitte [Mon, 9 Jan 2006 19:22:51 +0000 (19:22 +0000)]
Disable the Mixed Linkage warning for some selected modules. This is
because the Compaq C compiler will not accept that a variable be
declared extern then defined static without a warning.
Bodo Möller [Sun, 8 Jan 2006 19:33:31 +0000 (19:33 +0000)]
Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)
Bodo Möller [Fri, 30 Dec 2005 23:52:20 +0000 (23:52 +0000)]
Rewrite timeout computation in a way that is less prone to overflow.
(Problem reported by Peter Sylvester.)
Dr. Stephen Henson [Sun, 11 Dec 2005 19:12:57 +0000 (19:12 +0000)]
Update Makefile.org for zlib fix backport.
Dr. Stephen Henson [Sat, 10 Dec 2005 13:36:13 +0000 (13:36 +0000)]
Backport of zlib fixes to 0.9.7.
Andy Polyakov [Tue, 15 Nov 2005 08:04:42 +0000 (08:04 +0000)]
bn/asm/sparcv8plus.S update from HEAD.
Andy Polyakov [Wed, 19 Oct 2005 19:09:50 +0000 (19:09 +0000)]
Fix erroneous omission in solaris-sparcv8-cc target.
PR: 1225
Submitted by: Sergio Gelato
Andy Polyakov [Wed, 19 Oct 2005 18:38:50 +0000 (18:38 +0000)]
util/pl/OS2-EMX.pl sync [from HEAD].
Submitted by: Stefan Neis, Brian Havard
Mark J. Cox [Wed, 19 Oct 2005 10:49:39 +0000 (10:49 +0000)]
One time CAN->CVE- renumbering
Richard Levitte [Fri, 14 Oct 2005 22:43:18 +0000 (22:43 +0000)]
After release.
Richard Levitte [Fri, 14 Oct 2005 22:15:53 +0000 (22:15 +0000)]
Time for release of 0.9.7i.
The tag will be OpenSSL_0_9_7i
Andy Polyakov [Wed, 12 Oct 2005 20:39:22 +0000 (20:39 +0000)]
Fix typo in evp.h.
Andy Polyakov [Tue, 11 Oct 2005 20:20:55 +0000 (20:20 +0000)]
Typo in darwin-shared rule.
Andy Polyakov [Tue, 11 Oct 2005 19:12:24 +0000 (19:12 +0000)]
Retain binary compatibility between 0.9.7h and 0.9.7g.
Mark J. Cox [Tue, 11 Oct 2005 10:15:04 +0000 (10:15 +0000)]
Don't forget to bump README too
Mark J. Cox [Tue, 11 Oct 2005 10:14:27 +0000 (10:14 +0000)]
Bump after tagging for 0.9.7h release
Mark J. Cox [Tue, 11 Oct 2005 10:10:05 +0000 (10:10 +0000)]
Add fixes for CAN-2005-2969
Bump release ready for OpenSSL_0_9_7h tag
Nils Larsch [Fri, 30 Sep 2005 16:46:29 +0000 (16:46 +0000)]
successfully updating the db shouldn't result in an error message
Richard Levitte [Wed, 28 Sep 2005 18:02:52 +0000 (18:02 +0000)]
Change a comment so it corresponds to reality. Put back a character that
was previously replaced with a NUL for parsing purposes. This seems to
fix a very weird parsing bug involving two variable references in the same
value.
Dr. Stephen Henson [Wed, 21 Sep 2005 00:58:48 +0000 (00:58 +0000)]
Update from HEAD.
Andy Polyakov [Tue, 20 Sep 2005 07:14:38 +0000 (07:14 +0000)]
BC-32.pl updates [from HEAD].
Submitted by: Old Wolf, Jon Bright
Andy Polyakov [Tue, 20 Sep 2005 06:21:39 +0000 (06:21 +0000)]
Proper solution to nasm compilation problems in Borland context.
Andy Polyakov [Mon, 19 Sep 2005 14:45:20 +0000 (14:45 +0000)]
Visual Studio 2005 workaround from HEAD.
PR: 1183
Nils Larsch [Thu, 15 Sep 2005 19:11:41 +0000 (19:11 +0000)]
fix typos
PR: 1201
Nils Larsch [Fri, 9 Sep 2005 07:53:39 +0000 (07:53 +0000)]
bugfix: register engine as default engine in ENGINE_set_default_DSA
Submitted by: Jonathon Green
Nils Larsch [Fri, 2 Sep 2005 21:22:08 +0000 (21:22 +0000)]
fix typo in sbgp names
PR: 1194
Nils Larsch [Fri, 5 Aug 2005 14:39:11 +0000 (14:39 +0000)]
fix potential memory leak + improved error checking
PR: 1182
Dr. Stephen Henson [Wed, 6 Jul 2005 18:29:00 +0000 (18:29 +0000)]
Enable dss1 for FIPS mode.
Richard Levitte [Mon, 4 Jul 2005 21:44:19 +0000 (21:44 +0000)]
The private key should never have ended up in newreq.pem.
Now, it ends up in newkey.pem instead.
Andy Polyakov [Sun, 3 Jul 2005 13:18:47 +0000 (13:18 +0000)]
Fix bugs in bug-fix to x509/by_dir.c [from HEAD].
PR: 1131
Andy Polyakov [Sun, 3 Jul 2005 09:24:35 +0000 (09:24 +0000)]
Bugfix for bn_div_words PPC assembler implementation [from HEAD].
Nils Larsch [Fri, 1 Jul 2005 16:13:06 +0000 (16:13 +0000)]
initialize newly allocated data
PR: 1145
Dr. Stephen Henson [Thu, 30 Jun 2005 11:37:36 +0000 (11:37 +0000)]
Check PKCS7 structures in PKCS#12 files are of type data.
Richard Levitte [Tue, 28 Jun 2005 15:44:15 +0000 (15:44 +0000)]
asn1parse doesn't support any TXT format, so let's stop pretending
it does.
Andy Polyakov [Mon, 27 Jun 2005 22:08:58 +0000 (22:08 +0000)]
Move fips_test_suite rules from fips/Makefile to test/Makefile.
Andy Polyakov [Mon, 27 Jun 2005 21:14:15 +0000 (21:14 +0000)]
Eliminate dependency on UNICODE macro.
Andy Polyakov [Mon, 27 Jun 2005 16:00:57 +0000 (16:00 +0000)]
Fix typos in apps/apps.c.
Andy Polyakov [Sun, 26 Jun 2005 21:48:19 +0000 (21:48 +0000)]
Update fips_test_suite make rule.
Andy Polyakov [Sun, 26 Jun 2005 17:24:48 +0000 (17:24 +0000)]
Revert RC4 parameters on IA64 from back-ported ones to original to preserve
binary compatibility.
PR: 1114
Andy Polyakov [Sun, 26 Jun 2005 16:25:25 +0000 (16:25 +0000)]
IA64 RC4 update from HEAD [see commentary in HEAD for details].
PR: 1114
Dr. Stephen Henson [Fri, 24 Jun 2005 10:52:18 +0000 (10:52 +0000)]
Add Argen root CAs.
Richard Levitte [Fri, 24 Jun 2005 05:13:13 +0000 (05:13 +0000)]
Someone did some cutting and pasting and didn't quite finish the job :-).
Notified by Steffen Pankratz <kratz00@gmx.de>
Richard Levitte [Thu, 23 Jun 2005 21:15:06 +0000 (21:15 +0000)]
Change dir_ctrl to check for the environment variable before using the default
directory instead of the other way around.
PR: 1131
Dr. Stephen Henson [Wed, 22 Jun 2005 17:24:32 +0000 (17:24 +0000)]
OID database had a NULL entry for NID 666. Add a real OID in its place.
Richard Levitte [Mon, 20 Jun 2005 22:11:21 +0000 (22:11 +0000)]
Do no try to pretend we're at the end of anything unless we're at the end
of a 4-character block.
Richard Levitte [Mon, 20 Jun 2005 20:45:44 +0000 (20:45 +0000)]
Check for 'usage' and 'Usage'.
Submitted by Tim Rice <tim@multitalents.net>. His comment is:
I noticed "make report" didn't show the cc version on most of
my System V platforms. This patch corrects this.
Richard Levitte [Mon, 20 Jun 2005 04:29:54 +0000 (04:29 +0000)]
Add crypto/bn/bn_prime.h to the collection of generated files. In the
update target, place the dependency on depend last, so all necessary files
are generated *before* the dependencies are figured out.
PR: 1121
Richard Levitte [Sun, 19 Jun 2005 20:31:22 +0000 (20:31 +0000)]
With DJGPP, it seems like the return code from grep, even when in the
middle of a pipe, is noted. Counter that by forcing a true return code
when the return code has no importance.
PR: 1085
Richard Levitte [Sun, 19 Jun 2005 20:20:29 +0000 (20:20 +0000)]
Undefine DECRANDOM before redefining it.
PR: 1110
Richard Levitte [Sun, 19 Jun 2005 20:00:47 +0000 (20:00 +0000)]
Don't put C++ comments in a C file.
Richard Levitte [Sat, 18 Jun 2005 05:52:20 +0000 (05:52 +0000)]
Add better documentation on how id_function() should be defined and what
issues there are.
PR: 1096
Richard Levitte [Sat, 18 Jun 2005 04:42:29 +0000 (04:42 +0000)]
Move the definition of DEVRANDOM for DJGPP from Configure to e_os.h.
That should solve the issues with propagating it through the Makefiles.
PR: 1110
Richard Levitte [Sat, 18 Jun 2005 04:32:18 +0000 (04:32 +0000)]
Only define ZLIB_SHARED if it hasn't already been defined (on the command
line, for example).
PR: 1112
Richard Levitte [Sat, 18 Jun 2005 04:27:11 +0000 (04:27 +0000)]
Have pod2man.pl accept '=for comment ...' before the '=head1 NAME' line.
PR: 1113
Nils Larsch [Fri, 17 Jun 2005 21:14:35 +0000 (21:14 +0000)]
clear dso pointer in case of an error
PR: 816
Nils Larsch [Fri, 17 Jun 2005 20:26:07 +0000 (20:26 +0000)]
update for the cswift engine:
- fix the problem described in bug report 825
- fix a segfault when the engine fails to initialize
- let the engine switch to software when keysize > 2048
PR: 825, 826
Submitted by: Frédéric Giudicelli
Richard Levitte [Thu, 16 Jun 2005 22:21:39 +0000 (22:21 +0000)]
Do not undefine _XOPEN_SOURCE. This is currently experimental, and
will be firmed up as soon as it's been verified not to break anything.
Andy Polyakov [Tue, 14 Jun 2005 12:29:34 +0000 (12:29 +0000)]
Make sure detached fingerprints are installed [as well as minor cygwin
and hpux updates].
Andy Polyakov [Tue, 14 Jun 2005 12:18:47 +0000 (12:18 +0000)]
Make human-readable error messages more human-friendly.
Nils Larsch [Mon, 13 Jun 2005 08:38:29 +0000 (08:38 +0000)]
update FAQ
Richard Levitte [Mon, 13 Jun 2005 02:38:07 +0000 (02:38 +0000)]
Show what the offending target was.
PR: 1108
Ben Laurie [Fri, 10 Jun 2005 20:49:10 +0000 (20:49 +0000)]
Default sensibly when in FIPS mode.
Nils Larsch [Fri, 10 Jun 2005 20:00:39 +0000 (20:00 +0000)]
- let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an
error if the cipher list is empty
- fix last commit in ssl_create_cipher_list
- clean up ssl_create_cipher_list
Dr. Stephen Henson [Fri, 10 Jun 2005 00:41:25 +0000 (00:41 +0000)]
Remove CRs from files.
Andy Polyakov [Thu, 9 Jun 2005 21:37:30 +0000 (21:37 +0000)]
Eliminate gcc -pedantic warnings.
Andy Polyakov [Thu, 9 Jun 2005 20:47:41 +0000 (20:47 +0000)]
Allow for dso load by explicit path on HP-UX.
Nils Larsch [Wed, 8 Jun 2005 22:24:27 +0000 (22:24 +0000)]
use "=" instead of "|=", fix typo
Richard Levitte [Wed, 8 Jun 2005 21:59:51 +0000 (21:59 +0000)]
Avoid endless loops. Really, we were using the same variable for two
different conditions...
Andy Polyakov [Wed, 8 Jun 2005 21:27:34 +0000 (21:27 +0000)]
Fix couple gcc 4 warnings, reformat comment.
Nils Larsch [Wed, 8 Jun 2005 21:16:32 +0000 (21:16 +0000)]
ssl_create_cipher_list should return an error if no cipher could be
collected (see SSL_CTX_set_cipher_list manpage). Fix handling of
"cipher1+cipher2" expressions in ssl_cipher_process_rulestr.
PR: 836 + 1005