Bodo Möller [Mon, 21 Feb 2000 10:40:36 +0000 (10:40 +0000)]
More news.
Bodo Möller [Mon, 21 Feb 2000 10:16:30 +0000 (10:16 +0000)]
Move MAC computations for Finished from ssl3_read_bytes into
ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client.
Richard Levitte [Mon, 21 Feb 2000 03:01:23 +0000 (03:01 +0000)]
Blowfish docs.
Ulf Möller [Mon, 21 Feb 2000 00:55:45 +0000 (00:55 +0000)]
More compact Configure usage message.
Richard Levitte [Sun, 20 Feb 2000 23:43:02 +0000 (23:43 +0000)]
Move the registration of callback functions to special functions
designed for that. This removes the potential error to mix data and
function pointers.
Please note that I'm a little unsure how incorrect calls to the old
ctrl functions should be handled, in som cases. I currently return 0
and that's it, but it may be more correct to generate a genuine error
in those cases.
Bodo Möller [Sun, 20 Feb 2000 23:40:01 +0000 (23:40 +0000)]
Workaround for irrelevant problem.
Bodo Möller [Sun, 20 Feb 2000 23:35:31 +0000 (23:35 +0000)]
ignore Client Hellos when we're in handshake anyway
Bodo Möller [Sun, 20 Feb 2000 23:04:06 +0000 (23:04 +0000)]
Tolerate fragmentation and interleaving in the SSL 3/TLS record layer.
Ulf Möller [Sun, 20 Feb 2000 21:00:22 +0000 (21:00 +0000)]
Document OPENSSL_VERSION_NUMBER
Ulf Möller [Sun, 20 Feb 2000 20:59:21 +0000 (20:59 +0000)]
Fix gcc warnings.
Dr. Stephen Henson [Sun, 20 Feb 2000 18:27:23 +0000 (18:27 +0000)]
Change the 'other' structure in certificate aux info.
Bodo Möller [Sat, 19 Feb 2000 15:22:53 +0000 (15:22 +0000)]
Allow for higher granularity of entropy estimates by using 'double'
instead of 'unsigned' counters.
Seed PRNG in MacOS/GetHTTPS.src/GetHTTPS.cpp.
Partially submitted by Yoram Meroz <yoram@mail.idrive.com>.
Dr. Stephen Henson [Sat, 19 Feb 2000 00:46:02 +0000 (00:46 +0000)]
Add -clrext option to 'x509'
Bodo Möller [Fri, 18 Feb 2000 21:08:37 +0000 (21:08 +0000)]
Keep variable names consistent with corresponding pre-processor
symbols.
Ulf Möller [Fri, 18 Feb 2000 19:01:55 +0000 (19:01 +0000)]
Make excluded cipher entry in opensslconf.h a bit more descriptive.
Bodo Möller [Fri, 18 Feb 2000 11:51:58 +0000 (11:51 +0000)]
Change the example to show apr1 with an 8-character salt.
Bodo Möller [Fri, 18 Feb 2000 11:35:10 +0000 (11:35 +0000)]
Stay compatible to older Perl5 releases (see diff -r1.11 -r1.12).
Bodo Möller [Fri, 18 Feb 2000 11:15:32 +0000 (11:15 +0000)]
Avoid potential conflicts between #defines in opensslconf.h and
defines when compiling applications, and allow applications to
select what #defines to enable -- OPENSSL_EXLUCDE_DEFINES
enables the "#define NO_whatever" stuff only, which avoids
potential severe confusion caused by "#define _REENTRANT" when
opensslconf.h is not the first header file #included.
Bodo Möller [Fri, 18 Feb 2000 10:39:40 +0000 (10:39 +0000)]
add missing 'static'
Richard Levitte [Fri, 18 Feb 2000 09:11:37 +0000 (09:11 +0000)]
Make Configure add the configuration options that it was copmiled
with.
Currently, those defines are protected with a OPENSSL_EXCLUDED. That
may not be the best strategy, but it will do for now.
Richard Levitte [Fri, 18 Feb 2000 09:06:55 +0000 (09:06 +0000)]
Cosmetic change. No, openssl.h.in is not autogenerated :-)
Dr. Stephen Henson [Fri, 18 Feb 2000 00:54:21 +0000 (00:54 +0000)]
New functions and option to use NEW in certificate requests.
Bodo Möller [Thu, 17 Feb 2000 21:04:40 +0000 (21:04 +0000)]
Make sure the return value of by_file_ctrl(..., X509_L_FILE_LOAD, ...)
aka X509_LOOKUP_load_file(...) is always 0 or 1, not the counter
returned from the recently introduced function X509_load_cert_crl_file.
X509_STORE_load_locations expects X509_LOOKUP_load_file to return 1 on
success, and possibly there's other software that relies on this too.
Bodo Möller [Thu, 17 Feb 2000 18:36:21 +0000 (18:36 +0000)]
Casts now unnecessary because of changed prototype.
Ben Laurie [Thu, 17 Feb 2000 09:39:22 +0000 (09:39 +0000)]
Get rid of evil cast.
Ben Laurie [Thu, 17 Feb 2000 09:39:01 +0000 (09:39 +0000)]
Reflect API changes.
Dr. Stephen Henson [Thu, 17 Feb 2000 00:41:43 +0000 (00:41 +0000)]
Add -pass argument to 'enc'.
Fix to make Win32 compile work again.
Dr. Stephen Henson [Wed, 16 Feb 2000 23:16:01 +0000 (23:16 +0000)]
Pass phrase reorganisation.
Ben Laurie [Wed, 16 Feb 2000 22:15:39 +0000 (22:15 +0000)]
Add support for Compaq Atalla crypto accelerator.
Andy Polyakov [Wed, 16 Feb 2000 13:24:06 +0000 (13:24 +0000)]
Move primes to read-only segment.
Ben Laurie [Wed, 16 Feb 2000 12:09:17 +0000 (12:09 +0000)]
Fix signed/unsigned warnings.
Ulf Möller [Tue, 15 Feb 2000 18:34:46 +0000 (18:34 +0000)]
Install manpages below OPENSSLDIR (I think it was meant to be this way?).
New variable for man directory.
Ulf Möller [Tue, 15 Feb 2000 18:21:33 +0000 (18:21 +0000)]
Create the man directories where the manpages will be put.
Andy Polyakov [Tue, 15 Feb 2000 17:43:12 +0000 (17:43 +0000)]
Move initial key to read-only segment.
Andy Polyakov [Tue, 15 Feb 2000 17:37:44 +0000 (17:37 +0000)]
Move CAST_S_tables to read-only segment.
Andy Polyakov [Tue, 15 Feb 2000 17:31:12 +0000 (17:31 +0000)]
Avoid GNU C assembler templates under Solaris x86.
Andy Polyakov [Tue, 15 Feb 2000 17:20:52 +0000 (17:20 +0000)]
New NO_INLINE_ASM macro. Primary target for the moment is Solaris x86
which can't stand GNU C assembler templates.
Dr. Stephen Henson [Tue, 15 Feb 2000 14:19:44 +0000 (14:19 +0000)]
Fix for Netscape "hang" bug.
Andy Polyakov [Tue, 15 Feb 2000 13:50:02 +0000 (13:50 +0000)]
test_mont was exercising 100-bit multiplication modulus X*I-bit, where
X is 5120 on 32-bit and 151552 on 64-bit architectures and I varies
from 0 to 4. As result the test was *unreasonably* slow and virtually
impossible to complete on 64-bit architectures (e.g. IRIX bc couldn't
even swallow such long lines).
Richard Levitte [Tue, 15 Feb 2000 09:44:54 +0000 (09:44 +0000)]
Remove the access() call altogether for VMS, since it doesn't quite
work for directory specifications (this will be reported as a bug to
DEC^H^H^HCompaq). It could as well be removed for all others as well,
since stat() and open() will return appropriate errors as well, but I
leave that to someone else to decide.
Richard Levitte [Mon, 14 Feb 2000 16:58:40 +0000 (16:58 +0000)]
Time ran away...
Richard Levitte [Mon, 14 Feb 2000 16:55:23 +0000 (16:55 +0000)]
Add a couple of forgotten $(PERL), and make the code to run pod2html a
tad more readable.
Dr. Stephen Henson [Sun, 13 Feb 2000 00:28:26 +0000 (00:28 +0000)]
Modernise 'selfsign.c' to use new X509_NAME code
and add example of extension aliasing. Also fix
the extension aliasing because it didn't work :-)
Andy Polyakov [Sat, 12 Feb 2000 23:33:01 +0000 (23:33 +0000)]
HP-UX tune-up: new unified configs, HP C compiler bug workaround.
Dr. Stephen Henson [Sat, 12 Feb 2000 03:03:04 +0000 (03:03 +0000)]
Make pkcs12 and smime applications seed random number
generator (otherwise they don't work) and add -rand
option. Update docs.
Richard Levitte [Fri, 11 Feb 2000 18:12:47 +0000 (18:12 +0000)]
A hack to make sure access() will give us the correct answer about the
accessability of an "empty" directory. Thsi *is* weird, and a better
solution will be provided in apps/ca.c, when I get time to hack at it.
Bodo Möller [Fri, 11 Feb 2000 17:18:50 +0000 (17:18 +0000)]
Corrections.
Bodo Möller [Fri, 11 Feb 2000 16:31:04 +0000 (16:31 +0000)]
Update.
Bodo Möller [Fri, 11 Feb 2000 16:25:44 +0000 (16:25 +0000)]
Implement MD5-based "apr1" password hash.
Ben Laurie [Fri, 11 Feb 2000 16:08:40 +0000 (16:08 +0000)]
Correct time in seconds instead of minutes.
Ben Laurie [Fri, 11 Feb 2000 13:11:18 +0000 (13:11 +0000)]
Fix shadow.
Richard Levitte [Fri, 11 Feb 2000 11:21:50 +0000 (11:21 +0000)]
Add compilation of the new passwd utility.
Richard Levitte [Fri, 11 Feb 2000 11:21:01 +0000 (11:21 +0000)]
Add references to the new passwd utility.
Ralf S. Engelschall [Fri, 11 Feb 2000 09:47:18 +0000 (09:47 +0000)]
Make gcc 2.95.2 happy again, even under ``-Wall -Wshadow -Wpointer-arith -Wcast-align
-Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''.
Bodo Möller [Thu, 10 Feb 2000 21:50:52 +0000 (21:50 +0000)]
'passwd' tool.
Bodo Möller [Thu, 10 Feb 2000 21:47:06 +0000 (21:47 +0000)]
16 * 8 = 128.
Richard Levitte [Tue, 8 Feb 2000 23:40:20 +0000 (23:40 +0000)]
Move down the attributions
Bodo Möller [Tue, 8 Feb 2000 21:50:52 +0000 (21:50 +0000)]
Note about des_ncbc_encrypt.
Richard Levitte [Tue, 8 Feb 2000 14:19:14 +0000 (14:19 +0000)]
Constify
Dr. Stephen Henson [Tue, 8 Feb 2000 13:37:08 +0000 (13:37 +0000)]
Update docs.
Dr. Stephen Henson [Tue, 8 Feb 2000 01:34:59 +0000 (01:34 +0000)]
Add command line password options to the reamining utilities,
amend docs.
Richard Levitte [Mon, 7 Feb 2000 18:25:26 +0000 (18:25 +0000)]
des_modes is a section 7 manual, so let's make sure that's where it ends up
Richard Levitte [Mon, 7 Feb 2000 18:15:06 +0000 (18:15 +0000)]
First try at documenting the DES (and other algorithms) modes
Dr. Stephen Henson [Mon, 7 Feb 2000 01:17:22 +0000 (01:17 +0000)]
Rename the X509V3_*_d2i functions to X509_get_ext_d2i() etc.
This better reflects their behaviour.
Ulf Möller [Sun, 6 Feb 2000 23:33:06 +0000 (23:33 +0000)]
"print" is GNU bc specific.
Ulf Möller [Sun, 6 Feb 2000 23:26:31 +0000 (23:26 +0000)]
Refer to EVP_DigestInit() in the hash function descriptions.
Richard Levitte [Sun, 6 Feb 2000 22:01:10 +0000 (22:01 +0000)]
A proposed freeze and release time has come up.
Dr. Stephen Henson [Sun, 6 Feb 2000 17:44:54 +0000 (17:44 +0000)]
Document EVP digest operations.
Ulf Möller [Sun, 6 Feb 2000 16:35:59 +0000 (16:35 +0000)]
BN bug fixes
Ulf Möller [Sun, 6 Feb 2000 16:35:28 +0000 (16:35 +0000)]
put missing line back in.
Ulf Möller [Sun, 6 Feb 2000 15:56:59 +0000 (15:56 +0000)]
Improve bntest slightly, and fix another bug in the BN library.
Andy Polyakov [Sun, 6 Feb 2000 11:15:20 +0000 (11:15 +0000)]
Support for MacOS X (Rhapsody) is added. Also get rid of volatile
qualifier in asm definitions as it prevents compiler from moving
the instruction(s) during optimization pass.
Richard Levitte [Sun, 6 Feb 2000 10:07:32 +0000 (10:07 +0000)]
Typo corrected...
Bodo Möller [Sun, 6 Feb 2000 02:48:53 +0000 (02:48 +0000)]
Memory leak.
Ulf Möller [Sun, 6 Feb 2000 00:25:39 +0000 (00:25 +0000)]
BN_div bugfix. The q-- loop should not be entered in the n0==d0 case.
Bodo Möller [Sat, 5 Feb 2000 21:39:20 +0000 (21:39 +0000)]
Correction: openssl.c must get the long version of the apps_startup()
macro
Bodo Möller [Sat, 5 Feb 2000 21:28:09 +0000 (21:28 +0000)]
Cosmetic changes.
Dr. Stephen Henson [Sat, 5 Feb 2000 21:07:56 +0000 (21:07 +0000)]
Add support for some broken PKCS#8 formats.
Bodo Möller [Sat, 5 Feb 2000 20:39:26 +0000 (20:39 +0000)]
Commit patch to bn.h that CVS decided to throw away during 'cvs update',
and initialize too_many because memset(..., 0, ...) is not used here.
Bodo Möller [Sat, 5 Feb 2000 19:29:00 +0000 (19:29 +0000)]
Generate just one error code if iterated SSL_CTX_get() fails.
Avoid enabled 'assert()' in production library.
Ulf Möller [Sat, 5 Feb 2000 18:23:05 +0000 (18:23 +0000)]
Use MONT_WORD macro to control if the word-based or the bignum
algorithm is used.
Ulf Möller [Sat, 5 Feb 2000 14:17:32 +0000 (14:17 +0000)]
New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
Ulf Möller [Sat, 5 Feb 2000 10:43:03 +0000 (10:43 +0000)]
md2 is documented in the md5 page. lets see if this works...
Ulf Möller [Sat, 5 Feb 2000 10:41:05 +0000 (10:41 +0000)]
Document RC4.
Ulf Möller [Sat, 5 Feb 2000 10:39:54 +0000 (10:39 +0000)]
Replace ridiculous libdes PRNG with RAND_bytes. These functions are not
used anywhere in OpenSSL, but might be used by libdes applications.
Andy Polyakov [Fri, 4 Feb 2000 15:16:22 +0000 (15:16 +0000)]
New xcbc_ok test vector is required after the parity bits in cbc2_key
were fixed up. The catch is that in the DESX test the cbc2_key is used
as whitening key where *all* 64 bits are significant.
Dr. Stephen Henson [Fri, 4 Feb 2000 14:01:38 +0000 (14:01 +0000)]
Rename SSLeay_add_all_algorithms() et al to
OpenSSL_add_all_algorithms(). Move these into
separate files so they work properly.
Bodo Möller [Fri, 4 Feb 2000 11:21:18 +0000 (11:21 +0000)]
Report progress as in dsatest.c when creating a DHE key.
Bodo Möller [Fri, 4 Feb 2000 00:56:09 +0000 (00:56 +0000)]
Use correct, not American spelling.
Bodo Möller [Fri, 4 Feb 2000 00:42:21 +0000 (00:42 +0000)]
Correct spelling as it was done in the source.
Ulf Möller [Thu, 3 Feb 2000 23:38:55 +0000 (23:38 +0000)]
*** empty log message ***
Ulf Möller [Thu, 3 Feb 2000 23:23:57 +0000 (23:23 +0000)]
a short page for "speed"
Ulf Möller [Thu, 3 Feb 2000 23:23:24 +0000 (23:23 +0000)]
ispell (and minor modifications)
Ulf Möller [Thu, 3 Feb 2000 18:22:01 +0000 (18:22 +0000)]
Document hash functions.
Dr. Stephen Henson [Thu, 3 Feb 2000 02:56:48 +0000 (02:56 +0000)]
Add new -notext option to 'ca', -pubkey option to spkac.
Remove some "WTF??" casts from applications.
Fixes to keep VC++ happy and avoid warnings.
Docs tidy.
Bodo Möller [Thu, 3 Feb 2000 01:26:07 +0000 (01:26 +0000)]
Some 'const's for BNs.
Bodo Möller [Wed, 2 Feb 2000 23:30:32 +0000 (23:30 +0000)]
Include OpenSSL license.
Bodo Möller [Wed, 2 Feb 2000 22:18:01 +0000 (22:18 +0000)]
Tolerate negative numbers in BN_is_prime.
Bodo Möller [Wed, 2 Feb 2000 21:20:44 +0000 (21:20 +0000)]
rndsort{Miller, Rabin} primality test.
Andy Polyakov [Wed, 2 Feb 2000 16:18:12 +0000 (16:18 +0000)]
Support for "multiply high" instruction, see BN_UMULT_HIGH comment in
crypto/bn/bn_lcl.h for further details. It should be noted that for
the moment of this writing the code was tested only on Alpha. If
compiled with DEC C the C implementation exhibits 12% performance
improvement over the crypto/bn/asm/alpha.s (on EV56 box running
AlphaLinux). GNU C is (unfortunately) 8% behind the assembler
implementation. But it's OpenVMS Alpha users who *may* benefit most
as 'apps/openssl speed rsa' exhibits 6 (six) times performance
improvement over the original VMS bignum implementation. Where "*may*"
means "as soon as code is enabled though #define SIXTY_FOUR_BIT and
crypto/bn/asm/vms.mar is skipped."