Richard Levitte [Thu, 18 Jul 2002 14:19:26 +0000 (14:19 +0000)]
Merge in the latest chanegs from 0.9.6-stable.
cvs2svn [Wed, 17 Jul 2002 11:16:24 +0000 (11:16 +0000)]
This commit was manufactured by cvs2svn to create branch 'OpenSSL-engine-
0_9_6-stable'.
Richard Levitte [Wed, 17 Jul 2002 11:16:22 +0000 (11:16 +0000)]
If OpenSSL is built with shared library support on MacOS X,
everything works fine. Note: this is only true for 0.9.7 and on
Richard Levitte [Wed, 17 Jul 2002 11:09:44 +0000 (11:09 +0000)]
On MacOS X, the shared library editor uses DYLD_LIBRARY_PATH
Richard Levitte [Wed, 17 Jul 2002 08:20:27 +0000 (08:20 +0000)]
On MacOS X, you're not allowed to have common objects in shared libraries
Richard Levitte [Wed, 17 Jul 2002 07:48:39 +0000 (07:48 +0000)]
Add the usually recommended solution to the linking problem entry for MacOS X
Richard Levitte [Tue, 16 Jul 2002 11:07:42 +0000 (11:07 +0000)]
We had some experimental options in the Darwin entries. They are no longer needed
Richard Levitte [Tue, 16 Jul 2002 10:46:00 +0000 (10:46 +0000)]
The default C compiler on MacOS X doesn't like empty object files
Richard Levitte [Tue, 16 Jul 2002 10:20:06 +0000 (10:20 +0000)]
Actually, the "bug" is really documented in the man-page for ld, so
it's really a misfeature according to the jargon file (4.0.0)
definition:
":misfeature: /mis-fee'chr/ or /mis'fee`chr/ /n./ A feature
that eventually causes lossage, possibly because it is not adequate
for a new situation that has evolved. Since it results from a
deliberate and properly implemented feature, a misfeature is not a
bug."
Richard Levitte [Tue, 16 Jul 2002 10:04:40 +0000 (10:04 +0000)]
There are problems on certain platforms, and possible answers on how to (temporarly) solve them.
Richard Levitte [Tue, 16 Jul 2002 09:19:37 +0000 (09:19 +0000)]
For those wanting to build for several platforms with the same source
directory, making a separate directory tree with lots of symbolic links
seems to be the solution. Unfortunately, Configure doesn't take appropriate
steps to support this solution (as in removing a file that's going to be
rewritten). This change corrects that situation. Now I just have to
find all other places where there's lack of support for this.
Richard Levitte [Tue, 16 Jul 2002 08:53:32 +0000 (08:53 +0000)]
For those wanting to build for several platforms with the same source
directory, making a separate directory tree with lots of symbolic links
seems to be the solution. Unfortunatelt, Configure doesn't take appropriate
steps to support this solution (as in removing a file that's going to be
rewritten). This change corrects that situation. Now I just have to
find all other places where there's lack of support for this.
Richard Levitte [Tue, 16 Jul 2002 08:02:31 +0000 (08:02 +0000)]
Some older code (never committed) wasn't converted to the new format.
Corrected.
Richard Levitte [Tue, 16 Jul 2002 07:06:48 +0000 (07:06 +0000)]
Let's not forget the second -Wtraditional
Richard Levitte [Tue, 16 Jul 2002 06:53:45 +0000 (06:53 +0000)]
Using -Wtraditional took it a little far. After all, we expect ANSI C, so
we don't need to care about traditional compilers
Richard Levitte [Tue, 16 Jul 2002 06:52:03 +0000 (06:52 +0000)]
Set up the engine before doing anything random-related, since engine randomness
is only used for seeding and doing it in the wrong order will mean seeding
is done before the engine randomness is hooked in.
Notified by Frederic DONNAT <frederic.donnat@zencod.com>
Richard Levitte [Mon, 15 Jul 2002 15:35:40 +0000 (15:35 +0000)]
There's an ongoing project to bring some kind of path selection
mechanism to the ENGINE framework. This means there there are going
to be new functionality for the DSO part, and ultimately some way of
merging two file specifications together.
This commit places the merging code into the repository. It's
currently not used anywhere, and hasn't been tested at all. It may be
full of errors, including syntactical ones. Those will be fixed as
promptly as possible.
Bodo Möller [Sun, 14 Jul 2002 16:54:31 +0000 (16:54 +0000)]
Replace 'ecdsaparam' commandline utility by 'ecparam'
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.
Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.
Fix ec_asn1.c (take into account the desired conversion form).
'make update'.
Submitted by: Nils Larsch
Lutz Jänicke [Fri, 12 Jul 2002 15:26:37 +0000 (15:26 +0000)]
Rewording: some algorithms are also patented in Europe, so choose more
defensive phrases...
Richard Levitte [Thu, 11 Jul 2002 09:12:29 +0000 (09:12 +0000)]
In UI_UTIL_read_pw(), we should look at the size parameter, not at BUFSIZ.
Submitted by Götz Babin-Ebell <babinebell@trustcenter.de>
Lutz Jänicke [Wed, 10 Jul 2002 19:48:51 +0000 (19:48 +0000)]
Discussion about Redhat's specialties for the FAQ.
Submitted by: John.Airey@rnib.org.uk
Reviewed by:
PR: 128
Lutz Jänicke [Wed, 10 Jul 2002 19:35:54 +0000 (19:35 +0000)]
Typos in links between manual pages
Submitted by: Richard.Koenning@fujitsu-siemens.com
Reviewed by:
PR: 129
Lutz Jänicke [Wed, 10 Jul 2002 17:52:03 +0000 (17:52 +0000)]
Sun's official statement with respect to /dev/random support.
Submitted by: Garrett Anderson garrett@dirsec.com
Reviewed by:
PR: 120
Lutz Jänicke [Wed, 10 Jul 2002 17:34:54 +0000 (17:34 +0000)]
Minor typos
Submitted by: jufi@nerdnet.de
Reviewed by:
PR: 138
Bodo Möller [Wed, 10 Jul 2002 08:39:05 +0000 (08:39 +0000)]
remove obsolete comment
Lutz Jänicke [Wed, 10 Jul 2002 07:01:54 +0000 (07:01 +0000)]
Reorder inclusion of header files:
des_old.h redefines crypt:
#define crypt(b,s)\
DES_crypt((b),(s))
This scheme leads to failure, if header files with the OS's true definition
of crypt() are processed _after_ des_old.h was processed. This is e.g. the
case on HP-UX with unistd.h.
As evp.h now again includes des.h (which includes des_old.h), this problem
only came up after this modification.
Solution: move header files (indirectly) including e_os.h before the header
files (indirectly) including evp.h.
Submitted by:
Reviewed by:
PR:
Lutz Jänicke [Wed, 10 Jul 2002 06:41:55 +0000 (06:41 +0000)]
Ciphers with NULL encryption were not properly handled because they were
not covered by the strength bit mask.
Submitted by:
Reviewed by:
PR: 130
Bodo Möller [Tue, 9 Jul 2002 10:51:25 +0000 (10:51 +0000)]
fix synopsis
Submitted by: Nils Larsch
Bodo Möller [Tue, 9 Jul 2002 08:49:09 +0000 (08:49 +0000)]
emtpy fragments are not necessary for SSL_eNULL
(but noone uses it anyway)
fix t1_enc.c: use OPENSSL_NO_RC4, not NO_RC4
Geoff Thorpe [Mon, 8 Jul 2002 15:16:10 +0000 (15:16 +0000)]
oops, there were other cases of "ENGINE_ID" to change too.
Geoff Thorpe [Mon, 8 Jul 2002 14:57:09 +0000 (14:57 +0000)]
Correct an error in the README.ENGINE file.
Submitted by: Jan Tschirschwitz <Jan.Tschirschwitz@cluster-labs.de>
Bodo Möller [Thu, 4 Jul 2002 08:51:09 +0000 (08:51 +0000)]
AES cipher suites are now official (RFC3268)
Lutz Jänicke [Sun, 30 Jun 2002 19:40:18 +0000 (19:40 +0000)]
README and INSTALL should contain information about the request tracker
(noted by Jonathan Louie <jlouie@recourse.com>).
Richard Levitte [Sat, 29 Jun 2002 22:04:09 +0000 (22:04 +0000)]
Do not define crypt() on OpenBSD. Notified by Bob Beck of OpenBSD.
Richard Levitte [Thu, 27 Jun 2002 17:19:55 +0000 (17:19 +0000)]
opensslconf.h doesn't define what we want, e_os2.h does.
PR 123
Richard Levitte [Thu, 27 Jun 2002 17:06:28 +0000 (17:06 +0000)]
Try to avoid double declaration of ERR_load_PEM_strings().
PR 71
Richard Levitte [Thu, 27 Jun 2002 16:56:30 +0000 (16:56 +0000)]
A few changes to BC-32.pl didn't get properly applied.
This completes PR 123
Richard Levitte [Thu, 27 Jun 2002 16:39:25 +0000 (16:39 +0000)]
Pass CFLAG to dependency makers, so non-standard system include paths are
handled properly.
Part of PR 75
Richard Levitte [Thu, 27 Jun 2002 16:32:04 +0000 (16:32 +0000)]
DJGPP has some needed header files that other MSDOS/Windows compilers don't have.
Part of PR 75
Richard Levitte [Thu, 27 Jun 2002 16:29:46 +0000 (16:29 +0000)]
Update the information on Cygwin.
Part of PR 75
Richard Levitte [Thu, 27 Jun 2002 16:28:04 +0000 (16:28 +0000)]
Forgot to change the second $ENV{DJDIR} to /dev/env/DJDIR.
Part of PR 75
Richard Levitte [Thu, 27 Jun 2002 15:10:57 +0000 (15:10 +0000)]
The new stuff is for Borland Bulider 5, so document it appropriately
Richard Levitte [Thu, 27 Jun 2002 15:07:27 +0000 (15:07 +0000)]
Document the new way of building with Borland Builder.
This concludes the changes from PR 123
Richard Levitte [Thu, 27 Jun 2002 14:57:54 +0000 (14:57 +0000)]
Use underscores instead of dashes in temporary file names.
This is due to weird Borland compilers.
Part of PR 123
Richard Levitte [Thu, 27 Jun 2002 14:55:52 +0000 (14:55 +0000)]
When compiling for Windows, make sure we have the windows definitions declared.
Part of PR 123
Richard Levitte [Thu, 27 Jun 2002 14:54:34 +0000 (14:54 +0000)]
Use 32-bit sections instead of the default, 16-bit ones.
Part of PR 123
Richard Levitte [Thu, 27 Jun 2002 10:26:40 +0000 (10:26 +0000)]
have 'openssl pkcs7' exit with code 1 on error instead of 0.
PR: 119
Richard Levitte [Thu, 27 Jun 2002 10:19:17 +0000 (10:19 +0000)]
gcc requires -m64 to link 64-bit shared libraries on Solaris.
PR: 117
Richard Levitte [Thu, 27 Jun 2002 09:54:07 +0000 (09:54 +0000)]
Use bg instead of bag as argument to macros, to avoid clashes with
structure field names.
PR: 112
Richard Levitte [Thu, 27 Jun 2002 09:18:45 +0000 (09:18 +0000)]
There is no RSAREF any more, so do not ty to install it.
PR: 106
Richard Levitte [Thu, 27 Jun 2002 09:13:44 +0000 (09:13 +0000)]
The general debug target must specify that it doesn't use assembler routines.
PR: 105
Richard Levitte [Thu, 27 Jun 2002 05:38:00 +0000 (05:38 +0000)]
Recent changes from 0.9.6-stable.
Richard Levitte [Thu, 27 Jun 2002 05:03:00 +0000 (05:03 +0000)]
A number of includes were removed from evp.h some time ago. The reason
was that they weren't really needed any more for EVP itself. However,
it seems like soma applications (I know about OpenSSH, but there may
be more) used evp.h as the 'load all' header file, which makes sense
since we try our best to promote the use of EVP instead of the lower
level crypto algorithms. Therefore, I put the inclusions back so
the application authors don't get too shocked by all the errors they
would otherwise get.
Thanks to Theo de Raadt for making us aware of this.
Bodo Möller [Wed, 26 Jun 2002 14:28:41 +0000 (14:28 +0000)]
Make sure buffers are large enough even for weird parameters
Submitted by: Nils Larsch
Bodo Möller [Wed, 26 Jun 2002 14:21:16 +0000 (14:21 +0000)]
update an entry on EVP changes
Richard Levitte [Tue, 25 Jun 2002 11:40:49 +0000 (11:40 +0000)]
For some reason, we need to return the full path to perl
Richard Levitte [Tue, 25 Jun 2002 11:20:49 +0000 (11:20 +0000)]
Recent changes from 0.9.6-stable.
Geoff Thorpe [Fri, 21 Jun 2002 02:38:08 +0000 (02:38 +0000)]
Make sure any ENGINE control commands make local copies of string
pointers passed to them whenever necessary. Otherwise it is possible the
caller may have overwritten (or deallocated) the original string data
when a later ENGINE operation tries to use the stored values.
Submitted by: Götz Babin-Ebell <babinebell@trustcenter.de>
Reviewed by: Geoff Thorpe
PR: 98
Lutz Jänicke [Thu, 20 Jun 2002 20:49:27 +0000 (20:49 +0000)]
<sys/select.h> is included for AIX, when USE_SOCKETS is defined.
Submitted by: Bernhard Simon <bs@bsws.zid.tuwien.ac.at>
Reviewed by:
PR:
Lutz Jänicke [Thu, 20 Jun 2002 19:57:23 +0000 (19:57 +0000)]
HP-UX: shared libraries MUST be +x and SHOULD be -w.
Lutz Jänicke [Thu, 20 Jun 2002 19:49:39 +0000 (19:49 +0000)]
Fix path to find util/pod2man.pl from the execution directory.
Make sure to use the predefined PERL.
Submitted by: Bernhard Simon <bs@bsws.zid.tuwien.ac.at>
Reviewed by:
PR:
Geoff Thorpe [Thu, 20 Jun 2002 18:22:51 +0000 (18:22 +0000)]
This apparently fixes compilation on OSX that was failing in 0.9.7 betas.
Submitted by: Pieter Bowman <bowman@math.utah.edu>
Lutz Jänicke [Thu, 20 Jun 2002 17:32:04 +0000 (17:32 +0000)]
AIX (V3) requires <sys/select.h> (included via e_os.h) for fd_set.
Submitted by: Bernhard Simon <bs@bsws.zid.tuwien.ac.at>
Reviewed by:
PR:
Lutz Jänicke [Tue, 18 Jun 2002 17:44:56 +0000 (17:44 +0000)]
load_netscape_key is static.
Bodo Möller [Tue, 18 Jun 2002 09:36:02 +0000 (09:36 +0000)]
always include <string.h> (we do this in various other header files,
so it can't be bad)
Bodo Möller [Tue, 18 Jun 2002 09:35:43 +0000 (09:35 +0000)]
always include <string.h> (we do this in various other header files,
so it can't be bad)
PR: 102
Bodo Möller [Tue, 18 Jun 2002 08:38:59 +0000 (08:38 +0000)]
Implement handling of EC parameter seeds (new functions
EC_GROUP_set_seed(), EC_GROUP_get0_seed(), EC_GROUP_get_seed_len()).
New functions ECPKParameters_print(), ECPKParameters_print_fp().
Submitted by: Nils Larsch
Bodo Möller [Mon, 17 Jun 2002 13:59:12 +0000 (13:59 +0000)]
typo
Lutz Jänicke [Sun, 16 Jun 2002 18:20:28 +0000 (18:20 +0000)]
beta2, not beta1
Lutz Jänicke [Sun, 16 Jun 2002 11:33:59 +0000 (11:33 +0000)]
Roll out OpenSSL-0.9.7-beta2
Lutz Jänicke [Sun, 16 Jun 2002 10:31:17 +0000 (10:31 +0000)]
Use -dumpversion to obtain gcc's version.
Submitted by: ross.alexander@uk.neceur.com, allenh@eecs.berkeley.edu
Reviewed by:
PR: 96
Lutz Jänicke [Sun, 16 Jun 2002 10:18:25 +0000 (10:18 +0000)]
OpenSSL_add_all_algorithms has been replaced by configuration dependent
functions and is redirected by macros. Switch it off now, possible removal
later.
Lutz Jänicke [Fri, 14 Jun 2002 20:15:18 +0000 (20:15 +0000)]
Initial support for hpux64-parisc-gcc
Submitted by: ross.alexander@uk.neceur.com
Reviewed by:
PR: 96
Lutz Jänicke [Fri, 14 Jun 2002 19:01:52 +0000 (19:01 +0000)]
Some more prototype fixes.
Use DECLARE macros in asn1* instead of direct declaration.
Submitted by: Goetz Babin-Ebell <babinebell@trustcenter.de>
Reviewed by:
PR: 89
Bodo Möller [Fri, 14 Jun 2002 12:21:11 +0000 (12:21 +0000)]
New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC
vulnerability workaround (included in SSL_OP_ALL).
PR: #90
Richard Levitte [Thu, 13 Jun 2002 23:35:24 +0000 (23:35 +0000)]
make update (adapt libeay.num to the 0.9.7-stable branch)
Richard Levitte [Thu, 13 Jun 2002 21:44:23 +0000 (21:44 +0000)]
Tentatively add support for UWIN, a Unix-like environment on top of Windows.
PR: 62
Richard Levitte [Thu, 13 Jun 2002 21:11:41 +0000 (21:11 +0000)]
Make sure that any dash in the prefix before the version number is removed.
PR: 96
Richard Levitte [Thu, 13 Jun 2002 20:44:49 +0000 (20:44 +0000)]
Add support for DJGPP.
Richard Levitte [Thu, 13 Jun 2002 20:42:35 +0000 (20:42 +0000)]
Add support for DJGPP.
PR: 75
Richard Levitte [Thu, 13 Jun 2002 20:08:29 +0000 (20:08 +0000)]
Recent changes from 0.9.6-stable.
Richard Levitte [Thu, 13 Jun 2002 19:59:40 +0000 (19:59 +0000)]
Check for the executable $openssl, not just the file.
Part of PR: 75
Richard Levitte [Thu, 13 Jun 2002 19:50:37 +0000 (19:50 +0000)]
Parse directory using both slashes and backslashes as separators.
Do file copying in term of perl statements instead of using cp.
Part of PR: 75
Richard Levitte [Thu, 13 Jun 2002 19:42:37 +0000 (19:42 +0000)]
Making a softlink from crypto/des/asm/perlasm to crypto/perlasm isn't
strictly necessary, so let's not do that.
Lutz Jänicke [Thu, 13 Jun 2002 17:40:27 +0000 (17:40 +0000)]
Add missing prototypes.
Submitted by: Goetz Babin-Ebell <babinebell@trustcenter.de>
PR: 89
Dr. Stephen Henson [Thu, 13 Jun 2002 12:56:27 +0000 (12:56 +0000)]
Fix ext_dat.h extension ordering.
Reinstate -reqout code.
Avoid coredump in ocsp if setup_verify
fails.
Fix typo in ocsp usage message.
Lutz Jänicke [Thu, 13 Jun 2002 11:52:56 +0000 (11:52 +0000)]
Add OIDs for Secure Electronic Transactions (SET)
Submitted by: Vadim Fedukovich <vf@unity.net>
Reviewed by: Lutz Jaenicke
PR: 80
Lutz Jänicke [Thu, 13 Jun 2002 08:53:42 +0000 (08:53 +0000)]
Clarify formulation (proposed by Bodo Moeller).
Dr. Stephen Henson [Thu, 13 Jun 2002 00:43:27 +0000 (00:43 +0000)]
The new ASN1 code automatically allocates
structures for fields that are not OPTIONAL.
However in the AUTHORITY_INFO_ACCESS case
the 'location' field was set to NULL in
the old code.
So in 0.9.7+ we should free up the field before
overwriting it in v2i_AUTHORITY_INFO_ACCESS.
Lutz Jänicke [Wed, 12 Jun 2002 20:46:38 +0000 (20:46 +0000)]
Make change uniqueIdentifier -> x500UniqueIdentifier clearly visible.
Submitted by:
Reviewed by:
PR: 82
Lutz Jänicke [Wed, 12 Jun 2002 20:15:18 +0000 (20:15 +0000)]
Correct wrong usage information.
PR: 95
Bodo Möller [Wed, 12 Jun 2002 14:19:01 +0000 (14:19 +0000)]
typo
Bodo Möller [Wed, 12 Jun 2002 14:01:17 +0000 (14:01 +0000)]
simplify asn1_flag
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
Lutz Jänicke [Wed, 12 Jun 2002 12:26:34 +0000 (12:26 +0000)]
Support building the distribution .tar file on platforms with limited
argument list length. This requires Gnu-tar. As we use the non-standard
"tardy" software anyway, it doesn't hurt too much to require Gnu-tar.
"make dist" will probably only be used by team-members anyway.
Ben Laurie [Tue, 11 Jun 2002 12:41:37 +0000 (12:41 +0000)]
Handle read errors.
Ben Laurie [Tue, 11 Jun 2002 12:03:51 +0000 (12:03 +0000)]
Fix warnings.
Bodo Möller [Mon, 10 Jun 2002 12:41:18 +0000 (12:41 +0000)]
move ECC ASN1 that is not specific to ECDSA into crypto/ec/,
and make some appropriate changes to the EC library.
Submitted by: Nils Larsch
Bodo Möller [Mon, 10 Jun 2002 12:18:21 +0000 (12:18 +0000)]
move ECC ASN1 that is not specific to ECDSA into crypto/ec/,
and make some appropriate changes to the EC library.
Submitted by: Nils Larsch
Bodo Möller [Mon, 10 Jun 2002 11:46:32 +0000 (11:46 +0000)]
fix for 'make update'
Bodo Möller [Mon, 10 Jun 2002 11:02:55 +0000 (11:02 +0000)]
remove unnecessary calls to EC_POINT_copy()