oweals/openssl.git
22 years ago(almost) recent changes from 0.9.6-stable.
Richard Levitte [Fri, 15 Nov 2002 11:19:28 +0000 (11:19 +0000)]
(almost) recent changes from 0.9.6-stable.

22 years agoRecent changes from 0.9.6-stable.
Richard Levitte [Wed, 13 Nov 2002 12:47:23 +0000 (12:47 +0000)]
Recent changes from 0.9.6-stable.

22 years agoRecent changes from 0.9.6-stable.
Richard Levitte [Sat, 9 Nov 2002 23:32:54 +0000 (23:32 +0000)]
Recent changes from 0.9.6-stable.

22 years agoRecent changes from 0.9.6-stable.
Richard Levitte [Wed, 6 Nov 2002 17:45:24 +0000 (17:45 +0000)]
Recent changes from 0.9.6-stable.

22 years agoAddapt hw_ubsec.c to OpenSSL 0.9.6x [engine].
Richard Levitte [Wed, 6 Nov 2002 07:08:38 +0000 (07:08 +0000)]
Addapt hw_ubsec.c to OpenSSL 0.9.6x [engine].

22 years agoRecent changes from 0.9.6-stable.
Richard Levitte [Wed, 30 Oct 2002 12:15:30 +0000 (12:15 +0000)]
Recent changes from 0.9.6-stable.

22 years agoAdd a HISTORY section to the man page to mention the new flags.
Geoff Thorpe [Tue, 29 Oct 2002 18:07:07 +0000 (18:07 +0000)]
Add a HISTORY section to the man page to mention the new flags.

22 years agoCorrect another inconsistency in my recent commits.
Geoff Thorpe [Tue, 29 Oct 2002 17:46:12 +0000 (17:46 +0000)]
Correct another inconsistency in my recent commits.

22 years agoCorrect and enhance the behaviour of "internal" session caching as it
Geoff Thorpe [Tue, 29 Oct 2002 00:16:56 +0000 (00:16 +0000)]
Correct and enhance the behaviour of "internal" session caching as it
relates to SSL_CTX flags and the use of "external" session caching. The
existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is
supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE".
The bitwise OR of the two flags is also defined as
"SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most
applications wanting to implement session caching *entirely* by its own
provided callbacks. As the documented behaviour contradicted actual
behaviour up until recently, and since that point behaviour has itself been
inconsistent anyway, this change should not introduce any compatibility
problems. I've adjusted the relevant documentation to elaborate about how
this works.

Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these
anomalies and testing this patch for correctness.

PR: 311

22 years agoCorrect some "read" locks that should actually be "write" locks.
Geoff Thorpe [Wed, 16 Oct 2002 01:37:07 +0000 (01:37 +0000)]
Correct some "read" locks that should actually be "write" locks.

22 years agoMerge in latest changes from 0.9.6-stable.
Richard Levitte [Fri, 11 Oct 2002 20:54:03 +0000 (20:54 +0000)]
Merge in latest changes from 0.9.6-stable.

22 years agoThis commit was manufactured by cvs2svn to create branch 'OpenSSL-engine-
cvs2svn [Wed, 9 Oct 2002 13:57:56 +0000 (13:57 +0000)]
This commit was manufactured by cvs2svn to create branch 'OpenSSL-engine-
0_9_6-stable'.

22 years agoDon't fuss with the demo binaries
Richard Levitte [Wed, 9 Oct 2002 13:57:55 +0000 (13:57 +0000)]
Don't fuss with the demo binaries

22 years agoAdd a few more VxWorks targets.
Richard Levitte [Wed, 9 Oct 2002 13:40:48 +0000 (13:40 +0000)]
Add a few more VxWorks targets.
Correct misspelled VXWORKS macros.
Add VXWORKS identifying macros to e_os2.h.
Add required inclusions and mappings for VxWorks in e_os.h.
A few small modifications to make OpenSSL build and work on VxWorks.
PR: 253, except for the  change that was handled in an earlier
         commit, and a request for easy build of just parts of OpenSSL.

22 years agoUse double dashes so makedepend doesn't misunderstand the flags we
Richard Levitte [Wed, 9 Oct 2002 13:25:12 +0000 (13:25 +0000)]
Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.

22 years agoPKCS12_parse manual page.
Dr. Stephen Henson [Wed, 9 Oct 2002 13:10:23 +0000 (13:10 +0000)]
PKCS12_parse manual page.

22 years agoPKCS12_create manual page
Dr. Stephen Henson [Wed, 9 Oct 2002 12:06:58 +0000 (12:06 +0000)]
PKCS12_create manual page

22 years agoMore man pages.
Dr. Stephen Henson [Wed, 9 Oct 2002 12:06:12 +0000 (12:06 +0000)]
More man pages.

22 years agoAdd missing LF
Richard Levitte [Wed, 9 Oct 2002 06:35:47 +0000 (06:35 +0000)]
Add missing LF

22 years agoPKCS7_verify() docs.
Dr. Stephen Henson [Tue, 8 Oct 2002 00:40:58 +0000 (00:40 +0000)]
PKCS7_verify() docs.

22 years agoMore docs.
Dr. Stephen Henson [Mon, 7 Oct 2002 17:31:00 +0000 (17:31 +0000)]
More docs.

22 years agoMore d2i/i2d manual pages.
Dr. Stephen Henson [Mon, 7 Oct 2002 13:07:00 +0000 (13:07 +0000)]
More d2i/i2d manual pages.

22 years agoDocument "0" and "1" naming convention.
Dr. Stephen Henson [Sun, 6 Oct 2002 12:59:25 +0000 (12:59 +0000)]
Document "0" and "1" naming convention.

22 years agoUpdate docs.
Dr. Stephen Henson [Sun, 6 Oct 2002 12:40:31 +0000 (12:40 +0000)]
Update docs.

22 years agoUpdate docs.
Dr. Stephen Henson [Sun, 6 Oct 2002 12:34:06 +0000 (12:34 +0000)]
Update docs.

22 years agoUpdate DH parameter docs.
Dr. Stephen Henson [Sun, 6 Oct 2002 12:24:09 +0000 (12:24 +0000)]
Update DH parameter docs.

22 years agoVarious Win32 fixes.
Dr. Stephen Henson [Sun, 6 Oct 2002 12:14:55 +0000 (12:14 +0000)]
Various Win32 fixes.

Resolve signed/unsigned conflicts

Make dso_win32.c compile.

22 years agoOops, remove old comment out debugging printf...
Dr. Stephen Henson [Sun, 6 Oct 2002 12:10:35 +0000 (12:10 +0000)]
Oops, remove old comment out debugging printf...

22 years agoSince crypt() isn't defined anywhere, define it locally in destest.c
Richard Levitte [Sun, 6 Oct 2002 00:41:12 +0000 (00:41 +0000)]
Since crypt() isn't defined anywhere, define it locally in destest.c

22 years agoPlease do not use C++ comments in C code.
Richard Levitte [Sun, 6 Oct 2002 00:33:23 +0000 (00:33 +0000)]
Please do not use C++ comments in C code.

22 years agoDo not define crypt(). The supported function is DES_crypt() (an des_crypt()
Richard Levitte [Sun, 6 Oct 2002 00:23:28 +0000 (00:23 +0000)]
Do not define crypt().  The supported function is DES_crypt() (an des_crypt()
when backward compatibility is desired).

22 years agoUpdate RSAPublicKey manual page...
Dr. Stephen Henson [Sun, 6 Oct 2002 00:03:20 +0000 (00:03 +0000)]
Update RSAPublicKey manual page...

22 years agoSome docs relating to X509 ASN1 functions.
Dr. Stephen Henson [Sat, 5 Oct 2002 23:30:10 +0000 (23:30 +0000)]
Some docs relating to X509 ASN1 functions.

Many other ASN1 functions are identical other
than the actual structure being handled.

22 years agoFor some reason, the random number support removed the destructor
Richard Levitte [Sat, 5 Oct 2002 20:54:09 +0000 (20:54 +0000)]
For some reason, the random number support removed the destructor

22 years agoTypo.
Dr. Stephen Henson [Sat, 5 Oct 2002 01:38:58 +0000 (01:38 +0000)]
Typo.

22 years agoAdd version info to Win32 DLLs.
Dr. Stephen Henson [Fri, 4 Oct 2002 21:22:47 +0000 (21:22 +0000)]
Add version info to Win32 DLLs.

We might want to edit the strings a bit...

Maybe add to 0.9.7 too?

22 years agomake update
Dr. Stephen Henson [Fri, 4 Oct 2002 21:16:58 +0000 (21:16 +0000)]
make update

22 years agoAdd declaration got PKCS#7 NDEF.
Dr. Stephen Henson [Fri, 4 Oct 2002 21:08:01 +0000 (21:08 +0000)]
Add declaration got PKCS#7 NDEF.

22 years agoUpdate mkdef.pl to handle new ASN1 macro
Dr. Stephen Henson [Fri, 4 Oct 2002 20:24:50 +0000 (20:24 +0000)]
Update mkdef.pl to handle new ASN1 macro

22 years agoInstalled libraries should not be overwritten, especially shared ones.
Richard Levitte [Fri, 4 Oct 2002 13:43:43 +0000 (13:43 +0000)]
Installed libraries should not be overwritten, especially shared ones.
Use mv to make sure the old copy is unlinked instead of overwritten.
PR: 273, and probably others...

22 years agoAdd random number generation capability to the cswift engine.
Richard Levitte [Fri, 4 Oct 2002 13:30:57 +0000 (13:30 +0000)]
Add random number generation capability to the cswift engine.
Should this be added to 0.9.6-stable as well?
PR: 275

22 years agoIf we're loading libz dynamically, and COMP_zlib() is called more than once,
Richard Levitte [Fri, 4 Oct 2002 13:04:37 +0000 (13:04 +0000)]
If we're loading libz dynamically, and COMP_zlib() is called more than once,
only the first call would provide the correct result.
PR: 277

22 years agoDocument should match reality :-).
Richard Levitte [Fri, 4 Oct 2002 12:59:00 +0000 (12:59 +0000)]
Document should match reality :-).
PR: 255

22 years agoAdd a small note saying the 'debug' option should come before the platform in
Richard Levitte [Fri, 4 Oct 2002 12:58:44 +0000 (12:58 +0000)]
Add a small note saying the 'debug' option should come before the platform in
the arguments to mk1mf.pl.
PR: 298

22 years agoVarious enhancements to PKCS#12 code, new
Dr. Stephen Henson [Thu, 3 Oct 2002 23:53:52 +0000 (23:53 +0000)]
Various enhancements to PKCS#12 code, new
medium level API, improved PKCS12_create
and additional functionality in pkcs12
utility.

22 years agoPreliminary streaming ASN1 encode support.
Dr. Stephen Henson [Thu, 3 Oct 2002 12:38:52 +0000 (12:38 +0000)]
Preliminary streaming ASN1 encode support.

22 years agoAn "else" forgotten.
Richard Levitte [Wed, 2 Oct 2002 15:05:58 +0000 (15:05 +0000)]
An "else" forgotten.

22 years agoRemoval missing
Richard Levitte [Wed, 2 Oct 2002 00:22:44 +0000 (00:22 +0000)]
Removal missing

22 years agoThe OpenBSD project has replaced the first implementation of the /dev/crypto
Richard Levitte [Wed, 2 Oct 2002 00:19:33 +0000 (00:19 +0000)]
The OpenBSD project has replaced the first implementation of the /dev/crypto
engine with something they claim is better.  I have nothing to compare to,
and I assume they know what they're talking about.  The interesting part with
this one is that it's loaded by default on OpenBSD systems.
This change was originally introduced in OpenBSD's tracking of OpenSSL.

22 years agofix more race conditions
Bodo Möller [Thu, 26 Sep 2002 15:52:34 +0000 (15:52 +0000)]
fix more race conditions

Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262

22 years agoAdd missing brackets.
Lutz Jänicke [Wed, 25 Sep 2002 20:19:04 +0000 (20:19 +0000)]
Add missing brackets.
Submitted by: "Chris Brook" <cbrook@v-one.com>

22 years agoreally fix race conditions
Bodo Möller [Wed, 25 Sep 2002 15:38:57 +0000 (15:38 +0000)]
really fix race conditions

Submitted by: "Patrick McCormick" <patrick@tellme.com>

PR: 262
PR: 291

22 years agoMerge in recent changes from 0.9.6-stable.
Richard Levitte [Wed, 25 Sep 2002 15:12:13 +0000 (15:12 +0000)]
Merge in recent changes from 0.9.6-stable.

22 years agoMake sure that the signal storage is regarded as volatile.
Richard Levitte [Wed, 25 Sep 2002 14:14:11 +0000 (14:14 +0000)]
Make sure that the signal storage is regarded as volatile.
This correction was originally introduced in OpenBSD's tracking of OpenSSL.

22 years agoIt makes more sense to refer to specific function manuals than the concept
Richard Levitte [Wed, 25 Sep 2002 13:33:28 +0000 (13:33 +0000)]
It makes more sense to refer to specific function manuals than the concept
manual when the specific function is refered to in the current manual text.
This correction was originally introduced in OpenBSD's tracking of OpenSSL.

22 years agoRemove *all* references to RSA_PKCS1_RSAref, since it doesn't exist any more.
Richard Levitte [Wed, 25 Sep 2002 13:26:36 +0000 (13:26 +0000)]
Remove *all* references to RSA_PKCS1_RSAref, since it doesn't exist any more.
This correction was originally introduced in OpenBSD's tracking of OpenSSL.

22 years agoRemove reference to RSA_PKCS1_RSAref, since it doesn't exist any more.
Richard Levitte [Wed, 25 Sep 2002 13:25:44 +0000 (13:25 +0000)]
Remove reference to RSA_PKCS1_RSAref, since it doesn't exist any more.
This correction was originally introduced in OpenBSD's tracking of OpenSSL.

22 years agoIt makes more sense to refer to specific function manuals than the concept
Richard Levitte [Wed, 25 Sep 2002 13:11:12 +0000 (13:11 +0000)]
It makes more sense to refer to specific function manuals than the concept
manual when the specific function is refered to in the current manual text.
This correction was originally introduced in OpenBSD's tracking of OpenSSL.

22 years agoIncorrect argument order to memset()
Richard Levitte [Wed, 25 Sep 2002 12:52:13 +0000 (12:52 +0000)]
Incorrect argument order to memset()

22 years agoMissing ;
Richard Levitte [Wed, 25 Sep 2002 12:49:40 +0000 (12:49 +0000)]
Missing ;

22 years ago-elapsed is also useful when using gettimeofday
Richard Levitte [Wed, 25 Sep 2002 12:41:59 +0000 (12:41 +0000)]
-elapsed is also useful when using gettimeofday

22 years agoreally fix race condition
Bodo Möller [Mon, 23 Sep 2002 14:25:07 +0000 (14:25 +0000)]
really fix race condition

PR: 262

22 years agouse OPENSSL_SYS_MSDOS rather than __DJGPP__ to disable egd, this is not
Ulf Möller [Sun, 22 Sep 2002 08:49:22 +0000 (08:49 +0000)]
use OPENSSL_SYS_MSDOS rather than __DJGPP__ to disable egd, this is not
compiler specific

22 years agoThis commit was manufactured by cvs2svn to create branch 'OpenSSL-engine-
cvs2svn [Sun, 22 Sep 2002 08:44:04 +0000 (08:44 +0000)]
This commit was manufactured by cvs2svn to create branch 'OpenSSL-engine-
0_9_6-stable'.

22 years agomake files didn't work on case insensitive filesystems
Ulf Möller [Sun, 22 Sep 2002 08:44:03 +0000 (08:44 +0000)]
make files didn't work on case insensitive filesystems

22 years agothere is no minimum length for session IDs
Bodo Möller [Thu, 19 Sep 2002 11:44:07 +0000 (11:44 +0000)]
there is no minimum length for session IDs

PR: 274

22 years agofix race condition
Bodo Möller [Thu, 19 Sep 2002 11:26:45 +0000 (11:26 +0000)]
fix race condition

PR: 262

22 years agomake sure 'neg' flag (which does not really matter for GF(2^m), but
Bodo Möller [Mon, 16 Sep 2002 13:52:48 +0000 (13:52 +0000)]
make sure 'neg' flag (which does not really matter for GF(2^m), but
could cause confusion for ECDSA) is set to zero

Submitted by: Sheueling Chang

22 years agoadd URL for Internet Draft
Bodo Möller [Mon, 16 Sep 2002 13:45:14 +0000 (13:45 +0000)]
add URL for Internet Draft

22 years ago1. switch from "-newkey ecdsa:..." to "-newkey ec:..."
Bodo Möller [Tue, 10 Sep 2002 07:36:52 +0000 (07:36 +0000)]
1. switch from "-newkey ecdsa:..." to "-newkey ec:..."
2. automatically create required sub-directories

Submitted by: Vipul Gupta <Vipul.Gupta@sun.com>

22 years agoLet 'openssl req' fail if an argument to '-newkey' is not
Bodo Möller [Tue, 10 Sep 2002 07:34:45 +0000 (07:34 +0000)]
Let 'openssl req' fail if an argument to '-newkey' is not
recognized instead of using RSA as a default.

22 years agoReally fix PKCS7_set_detached this time...
Dr. Stephen Henson [Sun, 8 Sep 2002 16:25:03 +0000 (16:25 +0000)]
Really fix PKCS7_set_detached this time...

22 years agoFix typos in PKCS#12 ASN1 code.
Dr. Stephen Henson [Sat, 7 Sep 2002 22:57:49 +0000 (22:57 +0000)]
Fix typos in PKCS#12 ASN1 code.

Make PKCS7_set_detached work again.

22 years agoConsequently use term URI instead of URL
Lutz Jänicke [Thu, 5 Sep 2002 07:52:05 +0000 (07:52 +0000)]
Consequently use term URI instead of URL
Submitted by: TJ Saunders <tj@castaglia.org>
Reviewed by:
PR: 268

22 years ago-nameopt fix has been moved to 0.9.7
Bodo Möller [Mon, 2 Sep 2002 14:22:51 +0000 (14:22 +0000)]
-nameopt fix has been moved to 0.9.7

22 years agomention EC_get_builtin_curves()
Bodo Möller [Mon, 2 Sep 2002 07:12:08 +0000 (07:12 +0000)]
mention EC_get_builtin_curves()

22 years agochange API for looking at the internal curve list
Bodo Möller [Mon, 2 Sep 2002 07:08:33 +0000 (07:08 +0000)]
change API for looking at the internal curve list

Submitted by: Nils Larsch

22 years agoFix ASN1_STRING_to_UTF8: remove non sensical !*out test.
Dr. Stephen Henson [Fri, 30 Aug 2002 17:18:22 +0000 (17:18 +0000)]
Fix ASN1_STRING_to_UTF8: remove non sensical !*out test.

22 years agodon't memset(data,0,...) if data is NULL
Bodo Möller [Thu, 29 Aug 2002 11:45:40 +0000 (11:45 +0000)]
don't memset(data,0,...) if data is NULL

Submitted by: anonymous
PR: 254

22 years agoFix a bug to allow the 4758 ENGINE to build as a DSO.
Geoff Thorpe [Wed, 28 Aug 2002 19:11:08 +0000 (19:11 +0000)]
Fix a bug to allow the 4758 ENGINE to build as a DSO.

22 years agodon't write beyond buffer
Bodo Möller [Tue, 27 Aug 2002 13:32:35 +0000 (13:32 +0000)]
don't write beyond buffer

Submitted by: Nils Larsch

22 years agochange 'usage' formatting
Bodo Möller [Tue, 27 Aug 2002 10:38:09 +0000 (10:38 +0000)]
change 'usage' formatting

22 years agoless specific interface for EC_GROUP_get_basis_type
Bodo Möller [Mon, 26 Aug 2002 18:08:53 +0000 (18:08 +0000)]
less specific interface for EC_GROUP_get_basis_type

Submitted by: Nils Larsch, Bodo Moeller

22 years agofix spacing
Bodo Möller [Mon, 26 Aug 2002 14:50:52 +0000 (14:50 +0000)]
fix spacing

22 years agomove EC_GROUP_get_basis_type() from ec_lib.c to ec_asn1.c
Bodo Möller [Mon, 26 Aug 2002 11:33:13 +0000 (11:33 +0000)]
move EC_GROUP_get_basis_type() from ec_lib.c to ec_asn1.c

22 years agoASN1 for binary curves
Bodo Möller [Mon, 26 Aug 2002 11:25:54 +0000 (11:25 +0000)]
ASN1 for binary curves

Submitted by: Nils Larsch

22 years agofix offsets
Bodo Möller [Mon, 26 Aug 2002 11:25:14 +0000 (11:25 +0000)]
fix offsets

Submitted by: Nils Larsch

22 years agoecdsa => ec
Bodo Möller [Mon, 26 Aug 2002 11:20:50 +0000 (11:20 +0000)]
ecdsa => ec

Submitted by: Nils Larsch

22 years agoReinstate the check for invalid length BIT STRINGS,
Dr. Stephen Henson [Fri, 23 Aug 2002 00:02:11 +0000 (00:02 +0000)]
Reinstate the check for invalid length BIT STRINGS,
which was effectively bypassed in the ASN1 changed.

22 years agoMake -nameopt work in req and add support for -reqopt
Dr. Stephen Henson [Thu, 22 Aug 2002 23:43:48 +0000 (23:43 +0000)]
Make -nameopt work in req and add support for -reqopt

22 years agoChange C++ style comments
Dr. Stephen Henson [Thu, 22 Aug 2002 23:03:04 +0000 (23:03 +0000)]
Change C++ style comments

22 years ago#if out unused function to shut the compiler up.
Dr. Stephen Henson [Thu, 22 Aug 2002 23:00:54 +0000 (23:00 +0000)]
#if out unused function to shut the compiler up.

22 years agoFix crahses and leaks in pkcs12 utility -chain option
Dr. Stephen Henson [Thu, 22 Aug 2002 21:54:51 +0000 (21:54 +0000)]
Fix crahses and leaks in pkcs12 utility -chain option

22 years agoTypo, I assigned the variable ld instead of my_ld...
Richard Levitte [Sun, 18 Aug 2002 21:32:19 +0000 (21:32 +0000)]
Typo, I assigned the variable ld instead of my_ld...

22 years agoSo, I discovered that if you have your $PATH set so a ld different from
Richard Levitte [Sat, 17 Aug 2002 13:46:42 +0000 (13:46 +0000)]
So, I discovered that if you have your $PATH set so a ld different from
GNU ld comes first, checking the usage of collect2 gives that instead of
GNU ld, even if GNU ld would be the one that would get used if we link using
gcc.  It's much better, apparently, to ask gcc directly what the path to
GNU ld is (provided it's there at all and gcc knows about it), and ask
the result if it's a GNU or not.  The bonus is that our GNU ld detection
mechanism got shorter and easier to understand...

22 years agoReorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb().
Lutz Jänicke [Fri, 16 Aug 2002 17:04:04 +0000 (17:04 +0000)]
Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb().
Submitted by:
Reviewed by:
PR: 212

22 years agotypo
Bodo Möller [Fri, 16 Aug 2002 11:19:59 +0000 (11:19 +0000)]
typo

Submitted by: Nils Larsch

22 years ago'EC' vs. 'ECDSA'
Bodo Möller [Fri, 16 Aug 2002 11:19:07 +0000 (11:19 +0000)]
'EC' vs. 'ECDSA'

Submitted by: Nils Larsch

22 years agoisalist was less trustable than I thought (or rather, one can trust it to
Richard Levitte [Fri, 16 Aug 2002 09:41:14 +0000 (09:41 +0000)]
isalist was less trustable than I thought (or rather, one can trust it to
come up with all kinds of names we don't have in our targets).
Besides, our sparcv9 targets currently generate sparcv8 code, I'm told.

22 years agoAdd -lz to the ld flags when the user has chosen to link in zlib *statically*.
Richard Levitte [Fri, 16 Aug 2002 06:15:41 +0000 (06:15 +0000)]
Add -lz to the ld flags when the user has chosen to link in zlib *statically*.
Notified by Doug Kaufman <dkaufman@rahul.net>