oweals/openssl.git
18 years agoUpdate/hack mkdef.pl to recognize and add SHA2 algorithms when OPENSSL_FIPS
Dr. Stephen Henson [Sat, 4 Feb 2006 23:05:40 +0000 (23:05 +0000)]
Update/hack mkdef.pl to recognize and add SHA2 algorithms when OPENSSL_FIPS
is defined.

18 years agoFix from HEAD.
Dr. Stephen Henson [Sat, 4 Feb 2006 01:50:41 +0000 (01:50 +0000)]
Fix from HEAD.

18 years agoFix from HEAD.
Dr. Stephen Henson [Sat, 4 Feb 2006 01:27:52 +0000 (01:27 +0000)]
Fix from HEAD.

18 years agoUse getcwd() because it works under MSYS but `pwd` doesn't.
Dr. Stephen Henson [Fri, 3 Feb 2006 23:55:26 +0000 (23:55 +0000)]
Use getcwd() because it works under MSYS but `pwd` doesn't.

18 years agoUpdate CHANGES/NEWS.
Dr. Stephen Henson [Fri, 3 Feb 2006 18:42:24 +0000 (18:42 +0000)]
Update CHANGES/NEWS.

18 years agoUpdated fips_test_suite.
Dr. Stephen Henson [Fri, 3 Feb 2006 18:27:13 +0000 (18:27 +0000)]
Updated fips_test_suite.

18 years agofix if statement: call conn_state() if the BIO is not in the BIO_CONN_S_OK state
Nils Larsch [Thu, 2 Feb 2006 22:29:55 +0000 (22:29 +0000)]
fix if statement: call conn_state() if the BIO is not in the BIO_CONN_S_OK state

18 years agoAdd fips_test_suite.c to TEST
Dr. Stephen Henson [Thu, 2 Feb 2006 15:10:50 +0000 (15:10 +0000)]
Add fips_test_suite.c to TEST

18 years agoSpotted divergence between CVS and submitted tar-ball.
Andy Polyakov [Wed, 1 Feb 2006 22:22:40 +0000 (22:22 +0000)]
Spotted divergence between CVS and submitted tar-ball.

18 years agoRemove files erroneously added in catalog rename.
Andy Polyakov [Wed, 1 Feb 2006 22:21:13 +0000 (22:21 +0000)]
Remove files erroneously added in catalog rename.

18 years agoFix from head.
Dr. Stephen Henson [Tue, 31 Jan 2006 18:38:06 +0000 (18:38 +0000)]
Fix from head.

18 years agoUpdate some scripts to use fips-1.0
Dr. Stephen Henson [Mon, 30 Jan 2006 18:51:36 +0000 (18:51 +0000)]
Update some scripts to use fips-1.0

18 years agoChange fips directory to fips-1.0
Dr. Stephen Henson [Mon, 30 Jan 2006 18:15:29 +0000 (18:15 +0000)]
Change fips directory to fips-1.0

18 years agoTypo
Lutz Jänicke [Mon, 30 Jan 2006 17:07:54 +0000 (17:07 +0000)]
Typo

Submitted by: Girish Venkatachalam <girish1729@gmail.com>

18 years agoBackport of other fixes to keep VC++ happy.
Dr. Stephen Henson [Mon, 30 Jan 2006 13:49:59 +0000 (13:49 +0000)]
Backport of other fixes to keep VC++ happy.

18 years agoBackport of changes to support later versions of VC++.
Dr. Stephen Henson [Mon, 30 Jan 2006 13:14:20 +0000 (13:14 +0000)]
Backport of changes to support later versions of VC++.

18 years agoSample FIPS object file integrity checking script.
Dr. Stephen Henson [Sat, 28 Jan 2006 13:34:27 +0000 (13:34 +0000)]
Sample FIPS object file integrity checking script.

18 years agoUpdate to VC++ static build.
Dr. Stephen Henson [Sat, 28 Jan 2006 13:33:31 +0000 (13:33 +0000)]
Update to VC++ static build.

18 years agoMove certs to right place.
Dr. Stephen Henson [Thu, 26 Jan 2006 17:48:13 +0000 (17:48 +0000)]
Move certs to right place.

18 years agoFIPS related updates for Windows build. Only build fipscanister.o from the
Dr. Stephen Henson [Thu, 26 Jan 2006 17:34:57 +0000 (17:34 +0000)]
FIPS related updates for Windows build. Only build fipscanister.o from the
GMAKE target. Use precompiled fipscanister.o from other targets.

Update fipslink.pl script to check fipscanister.o and fips_premain.c hashes.

18 years agoMake sure stanadlong SHA1 checker is built.
Dr. Stephen Henson [Wed, 25 Jan 2006 13:40:55 +0000 (13:40 +0000)]
Make sure stanadlong SHA1 checker is built.

18 years agoAdd VC++ using GNU (or other U*ix like make) target for mk1mf.pl
Dr. Stephen Henson [Wed, 25 Jan 2006 13:26:11 +0000 (13:26 +0000)]
Add VC++ using GNU (or other U*ix like make) target for mk1mf.pl

Autodetect VC++ in config script and generate Makefile

Add source hash checking to mk1mf.pl for VC++.

18 years agoFix static VC++ build for FIPS.
Dr. Stephen Henson [Sun, 22 Jan 2006 00:04:39 +0000 (00:04 +0000)]
Fix static VC++ build for FIPS.

18 years agoUpdate to VC++ in-core fingerprinting support.
Dr. Stephen Henson [Sat, 21 Jan 2006 22:14:07 +0000 (22:14 +0000)]
Update to VC++ in-core fingerprinting support.

18 years agoSupport for VC++ build with in-core hashing.
Dr. Stephen Henson [Sat, 21 Jan 2006 21:28:26 +0000 (21:28 +0000)]
Support for VC++ build with in-core hashing.

18 years agoReplace detached signature with in-core fingerprinting.
Andy Polyakov [Sat, 21 Jan 2006 14:01:30 +0000 (14:01 +0000)]
Replace detached signature with in-core fingerprinting.

18 years agoCorrectly encode FALSE for BOOL in ASN1_TYPE.
Dr. Stephen Henson [Thu, 19 Jan 2006 17:19:43 +0000 (17:19 +0000)]
Correctly encode FALSE for BOOL in ASN1_TYPE.

18 years agoTypo.
Dr. Stephen Henson [Sun, 15 Jan 2006 13:54:42 +0000 (13:54 +0000)]
Typo.

18 years agoForgot to initialize CC6DISABLEWARNINGS properly...
Richard Levitte [Wed, 11 Jan 2006 18:55:19 +0000 (18:55 +0000)]
Forgot to initialize CC6DISABLEWARNINGS properly...

18 years agoTypo...
Richard Levitte [Wed, 11 Jan 2006 13:31:12 +0000 (13:31 +0000)]
Typo...

18 years agoDisable the Mixed Linkage warning for some selected modules. This is
Richard Levitte [Mon, 9 Jan 2006 19:22:51 +0000 (19:22 +0000)]
Disable the Mixed Linkage warning for some selected modules.  This is
because the Compaq C compiler will not accept that a variable be
declared extern then defined static without a warning.

18 years agoSome error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)
Bodo Möller [Sun, 8 Jan 2006 19:33:31 +0000 (19:33 +0000)]
Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)

18 years agoRewrite timeout computation in a way that is less prone to overflow.
Bodo Möller [Fri, 30 Dec 2005 23:52:20 +0000 (23:52 +0000)]
Rewrite timeout computation in a way that is less prone to overflow.

(Problem reported by Peter Sylvester.)

18 years agoUpdate Makefile.org for zlib fix backport.
Dr. Stephen Henson [Sun, 11 Dec 2005 19:12:57 +0000 (19:12 +0000)]
Update Makefile.org for zlib fix backport.

18 years agoBackport of zlib fixes to 0.9.7.
Dr. Stephen Henson [Sat, 10 Dec 2005 13:36:13 +0000 (13:36 +0000)]
Backport of zlib fixes to 0.9.7.

19 years agobn/asm/sparcv8plus.S update from HEAD.
Andy Polyakov [Tue, 15 Nov 2005 08:04:42 +0000 (08:04 +0000)]
bn/asm/sparcv8plus.S update from HEAD.

19 years agoFix erroneous omission in solaris-sparcv8-cc target.
Andy Polyakov [Wed, 19 Oct 2005 19:09:50 +0000 (19:09 +0000)]
Fix erroneous omission in solaris-sparcv8-cc target.
PR: 1225
Submitted by: Sergio Gelato

19 years agoutil/pl/OS2-EMX.pl sync [from HEAD].
Andy Polyakov [Wed, 19 Oct 2005 18:38:50 +0000 (18:38 +0000)]
util/pl/OS2-EMX.pl sync [from HEAD].

Submitted by: Stefan Neis, Brian Havard

19 years agoOne time CAN->CVE- renumbering
Mark J. Cox [Wed, 19 Oct 2005 10:49:39 +0000 (10:49 +0000)]
One time CAN->CVE- renumbering

19 years agoAfter release.
Richard Levitte [Fri, 14 Oct 2005 22:43:18 +0000 (22:43 +0000)]
After release.

19 years agoTime for release of 0.9.7i. OpenSSL_0_9_7i
Richard Levitte [Fri, 14 Oct 2005 22:15:53 +0000 (22:15 +0000)]
Time for release of 0.9.7i.
The tag will be OpenSSL_0_9_7i

19 years agoFix typo in evp.h.
Andy Polyakov [Wed, 12 Oct 2005 20:39:22 +0000 (20:39 +0000)]
Fix typo in evp.h.

19 years agoTypo in darwin-shared rule.
Andy Polyakov [Tue, 11 Oct 2005 20:20:55 +0000 (20:20 +0000)]
Typo in darwin-shared rule.

19 years agoRetain binary compatibility between 0.9.7h and 0.9.7g.
Andy Polyakov [Tue, 11 Oct 2005 19:12:24 +0000 (19:12 +0000)]
Retain binary compatibility between 0.9.7h and 0.9.7g.

19 years agoDon't forget to bump README too
Mark J. Cox [Tue, 11 Oct 2005 10:15:04 +0000 (10:15 +0000)]
Don't forget to bump README too

19 years agoBump after tagging for 0.9.7h release
Mark J. Cox [Tue, 11 Oct 2005 10:14:27 +0000 (10:14 +0000)]
Bump after tagging for 0.9.7h release

19 years agoAdd fixes for CAN-2005-2969 OpenSSL_0_9_7h
Mark J. Cox [Tue, 11 Oct 2005 10:10:05 +0000 (10:10 +0000)]
Add fixes for CAN-2005-2969
Bump release ready for OpenSSL_0_9_7h tag

19 years agosuccessfully updating the db shouldn't result in an error message
Nils Larsch [Fri, 30 Sep 2005 16:46:29 +0000 (16:46 +0000)]
successfully updating the db shouldn't result in an error message

19 years agoChange a comment so it corresponds to reality. Put back a character that
Richard Levitte [Wed, 28 Sep 2005 18:02:52 +0000 (18:02 +0000)]
Change a comment so it corresponds to reality.  Put back a character that
was previously replaced with a NUL for parsing purposes.  This seems to
fix a very weird parsing bug involving two variable references in the same
value.

19 years agoUpdate from HEAD.
Dr. Stephen Henson [Wed, 21 Sep 2005 00:58:48 +0000 (00:58 +0000)]
Update from HEAD.

19 years agoBC-32.pl updates [from HEAD].
Andy Polyakov [Tue, 20 Sep 2005 07:14:38 +0000 (07:14 +0000)]
BC-32.pl updates [from HEAD].

Submitted by: Old Wolf, Jon Bright

19 years agoProper solution to nasm compilation problems in Borland context.
Andy Polyakov [Tue, 20 Sep 2005 06:21:39 +0000 (06:21 +0000)]
Proper solution to nasm compilation problems in Borland context.

19 years agoVisual Studio 2005 workaround from HEAD.
Andy Polyakov [Mon, 19 Sep 2005 14:45:20 +0000 (14:45 +0000)]
Visual Studio 2005 workaround from HEAD.
PR: 1183

19 years agofix typos
Nils Larsch [Thu, 15 Sep 2005 19:11:41 +0000 (19:11 +0000)]
fix typos

PR: 1201

19 years agobugfix: register engine as default engine in ENGINE_set_default_DSA
Nils Larsch [Fri, 9 Sep 2005 07:53:39 +0000 (07:53 +0000)]
bugfix: register engine as default engine in ENGINE_set_default_DSA

Submitted by: Jonathon Green

19 years agofix typo in sbgp names
Nils Larsch [Fri, 2 Sep 2005 21:22:08 +0000 (21:22 +0000)]
fix typo in sbgp names

PR: 1194

19 years agofix potential memory leak + improved error checking
Nils Larsch [Fri, 5 Aug 2005 14:39:11 +0000 (14:39 +0000)]
fix potential memory leak + improved error checking

PR: 1182

19 years agoEnable dss1 for FIPS mode.
Dr. Stephen Henson [Wed, 6 Jul 2005 18:29:00 +0000 (18:29 +0000)]
Enable dss1 for FIPS mode.

19 years agoThe private key should never have ended up in newreq.pem.
Richard Levitte [Mon, 4 Jul 2005 21:44:19 +0000 (21:44 +0000)]
The private key should never have ended up in newreq.pem.
Now, it ends up in newkey.pem instead.

19 years agoFix bugs in bug-fix to x509/by_dir.c [from HEAD].
Andy Polyakov [Sun, 3 Jul 2005 13:18:47 +0000 (13:18 +0000)]
Fix bugs in bug-fix to x509/by_dir.c [from HEAD].
PR: 1131

19 years agoBugfix for bn_div_words PPC assembler implementation [from HEAD].
Andy Polyakov [Sun, 3 Jul 2005 09:24:35 +0000 (09:24 +0000)]
Bugfix for bn_div_words PPC assembler implementation [from HEAD].

19 years agoinitialize newly allocated data
Nils Larsch [Fri, 1 Jul 2005 16:13:06 +0000 (16:13 +0000)]
initialize newly allocated data

PR: 1145

19 years agoCheck PKCS7 structures in PKCS#12 files are of type data.
Dr. Stephen Henson [Thu, 30 Jun 2005 11:37:36 +0000 (11:37 +0000)]
Check PKCS7 structures in PKCS#12 files are of type data.

19 years agoasn1parse doesn't support any TXT format, so let's stop pretending
Richard Levitte [Tue, 28 Jun 2005 15:44:15 +0000 (15:44 +0000)]
asn1parse doesn't support any TXT format, so let's stop pretending
it does.

19 years agoMove fips_test_suite rules from fips/Makefile to test/Makefile. FIPS_TEST_10
Andy Polyakov [Mon, 27 Jun 2005 22:08:58 +0000 (22:08 +0000)]
Move fips_test_suite rules from fips/Makefile to test/Makefile.

19 years agoEliminate dependency on UNICODE macro.
Andy Polyakov [Mon, 27 Jun 2005 21:14:15 +0000 (21:14 +0000)]
Eliminate dependency on UNICODE macro.

19 years agoFix typos in apps/apps.c.
Andy Polyakov [Mon, 27 Jun 2005 16:00:57 +0000 (16:00 +0000)]
Fix typos in apps/apps.c.

19 years agoUpdate fips_test_suite make rule.
Andy Polyakov [Sun, 26 Jun 2005 21:48:19 +0000 (21:48 +0000)]
Update fips_test_suite make rule.

19 years agoRevert RC4 parameters on IA64 from back-ported ones to original to preserve
Andy Polyakov [Sun, 26 Jun 2005 17:24:48 +0000 (17:24 +0000)]
Revert RC4 parameters on IA64 from back-ported ones to original to preserve
binary compatibility.
PR: 1114

19 years agoIA64 RC4 update from HEAD [see commentary in HEAD for details].
Andy Polyakov [Sun, 26 Jun 2005 16:25:25 +0000 (16:25 +0000)]
IA64 RC4 update from HEAD [see commentary in HEAD for details].
PR: 1114

19 years agoAdd Argen root CAs.
Dr. Stephen Henson [Fri, 24 Jun 2005 10:52:18 +0000 (10:52 +0000)]
Add Argen root CAs.

19 years agoSomeone did some cutting and pasting and didn't quite finish the job :-).
Richard Levitte [Fri, 24 Jun 2005 05:13:13 +0000 (05:13 +0000)]
Someone did some cutting and pasting and didn't quite finish the job :-).

Notified by Steffen Pankratz <kratz00@gmx.de>

19 years agoChange dir_ctrl to check for the environment variable before using the default
Richard Levitte [Thu, 23 Jun 2005 21:15:06 +0000 (21:15 +0000)]
Change dir_ctrl to check for the environment variable before using the default
directory instead of the other way around.

PR: 1131

19 years agoOID database had a NULL entry for NID 666. Add a real OID in its place.
Dr. Stephen Henson [Wed, 22 Jun 2005 17:24:32 +0000 (17:24 +0000)]
OID database had a NULL entry for NID 666. Add a real OID in its place.

19 years agoDo no try to pretend we're at the end of anything unless we're at the end
Richard Levitte [Mon, 20 Jun 2005 22:11:21 +0000 (22:11 +0000)]
Do no try to pretend we're at the end of anything unless we're at the end
of a 4-character block.

19 years agoCheck for 'usage' and 'Usage'.
Richard Levitte [Mon, 20 Jun 2005 20:45:44 +0000 (20:45 +0000)]
Check for 'usage' and 'Usage'.
Submitted by Tim Rice <tim@multitalents.net>.  His comment is:

I noticed "make report" didn't show the cc version on most of
my System V platforms. This patch corrects this.

19 years agoAdd crypto/bn/bn_prime.h to the collection of generated files. In the
Richard Levitte [Mon, 20 Jun 2005 04:29:54 +0000 (04:29 +0000)]
Add crypto/bn/bn_prime.h to the collection of generated files.  In the
update target, place the dependency on depend last, so all necessary files
are generated *before* the dependencies are figured out.

PR: 1121

19 years agoWith DJGPP, it seems like the return code from grep, even when in the
Richard Levitte [Sun, 19 Jun 2005 20:31:22 +0000 (20:31 +0000)]
With DJGPP, it seems like the return code from grep, even when in the
middle of a pipe, is noted.  Counter that by forcing a true return code
when the return code has no importance.

PR: 1085

19 years agoUndefine DECRANDOM before redefining it.
Richard Levitte [Sun, 19 Jun 2005 20:20:29 +0000 (20:20 +0000)]
Undefine DECRANDOM before redefining it.

PR: 1110

19 years agoDon't put C++ comments in a C file.
Richard Levitte [Sun, 19 Jun 2005 20:00:47 +0000 (20:00 +0000)]
Don't put C++ comments in a C file.

19 years agoAdd better documentation on how id_function() should be defined and what
Richard Levitte [Sat, 18 Jun 2005 05:52:20 +0000 (05:52 +0000)]
Add better documentation on how id_function() should be defined and what
issues there are.

PR: 1096

19 years agoMove the definition of DEVRANDOM for DJGPP from Configure to e_os.h.
Richard Levitte [Sat, 18 Jun 2005 04:42:29 +0000 (04:42 +0000)]
Move the definition of DEVRANDOM for DJGPP from Configure to e_os.h.
That should solve the issues with propagating it through the Makefiles.

PR: 1110

19 years agoOnly define ZLIB_SHARED if it hasn't already been defined (on the command
Richard Levitte [Sat, 18 Jun 2005 04:32:18 +0000 (04:32 +0000)]
Only define ZLIB_SHARED if it hasn't already been defined (on the command
line, for example).

PR: 1112

19 years agoHave pod2man.pl accept '=for comment ...' before the '=head1 NAME' line.
Richard Levitte [Sat, 18 Jun 2005 04:27:11 +0000 (04:27 +0000)]
Have pod2man.pl accept '=for comment ...' before the '=head1 NAME' line.

PR: 1113

19 years agoclear dso pointer in case of an error
Nils Larsch [Fri, 17 Jun 2005 21:14:35 +0000 (21:14 +0000)]
clear dso pointer in case of an error

PR: 816

19 years agoupdate for the cswift engine:
Nils Larsch [Fri, 17 Jun 2005 20:26:07 +0000 (20:26 +0000)]
update for the cswift engine:
- fix the problem described in bug report 825
- fix a segfault when the engine fails to initialize
- let the engine switch to software when keysize > 2048

PR: 825, 826
Submitted by: Frédéric Giudicelli

19 years agoDo not undefine _XOPEN_SOURCE. This is currently experimental, and
Richard Levitte [Thu, 16 Jun 2005 22:21:39 +0000 (22:21 +0000)]
Do not undefine _XOPEN_SOURCE.  This is currently experimental, and
will be firmed up as soon as it's been verified not to break anything.

19 years agoMake sure detached fingerprints are installed [as well as minor cygwin
Andy Polyakov [Tue, 14 Jun 2005 12:29:34 +0000 (12:29 +0000)]
Make sure detached fingerprints are installed [as well as minor cygwin
and hpux updates].

19 years agoMake human-readable error messages more human-friendly.
Andy Polyakov [Tue, 14 Jun 2005 12:18:47 +0000 (12:18 +0000)]
Make human-readable error messages more human-friendly.

19 years agoupdate FAQ
Nils Larsch [Mon, 13 Jun 2005 08:38:29 +0000 (08:38 +0000)]
update FAQ

19 years agoShow what the offending target was.
Richard Levitte [Mon, 13 Jun 2005 02:38:07 +0000 (02:38 +0000)]
Show what the offending target was.

PR: 1108

19 years agoDefault sensibly when in FIPS mode.
Ben Laurie [Fri, 10 Jun 2005 20:49:10 +0000 (20:49 +0000)]
Default sensibly when in FIPS mode.

19 years ago- let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an
Nils Larsch [Fri, 10 Jun 2005 20:00:39 +0000 (20:00 +0000)]
- let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an
  error if the cipher list is empty
- fix last commit in ssl_create_cipher_list
- clean up ssl_create_cipher_list

19 years agoRemove CRs from files.
Dr. Stephen Henson [Fri, 10 Jun 2005 00:41:25 +0000 (00:41 +0000)]
Remove CRs from files.

19 years agoEliminate gcc -pedantic warnings.
Andy Polyakov [Thu, 9 Jun 2005 21:37:30 +0000 (21:37 +0000)]
Eliminate gcc -pedantic warnings.

19 years agoAllow for dso load by explicit path on HP-UX.
Andy Polyakov [Thu, 9 Jun 2005 20:47:41 +0000 (20:47 +0000)]
Allow for dso load by explicit path on HP-UX.

19 years agouse "=" instead of "|=", fix typo
Nils Larsch [Wed, 8 Jun 2005 22:24:27 +0000 (22:24 +0000)]
use "=" instead of "|=", fix typo

19 years agoAvoid endless loops. Really, we were using the same variable for two
Richard Levitte [Wed, 8 Jun 2005 21:59:51 +0000 (21:59 +0000)]
Avoid endless loops.  Really, we were using the same variable for two
different conditions...

19 years agoFix couple gcc 4 warnings, reformat comment.
Andy Polyakov [Wed, 8 Jun 2005 21:27:34 +0000 (21:27 +0000)]
Fix couple gcc 4 warnings, reformat comment.

19 years agossl_create_cipher_list should return an error if no cipher could be
Nils Larsch [Wed, 8 Jun 2005 21:16:32 +0000 (21:16 +0000)]
ssl_create_cipher_list should return an error if no cipher could be
collected (see SSL_CTX_set_cipher_list manpage). Fix handling of
"cipher1+cipher2" expressions in ssl_cipher_process_rulestr.

PR: 836 + 1005