oweals/openssl.git
23 years agoupdate FAQ from main branch
Bodo Möller [Tue, 13 Nov 2001 08:57:58 +0000 (08:57 +0000)]
update FAQ from main branch

23 years agosynchronise with HEAD branch,
Bodo Möller [Mon, 12 Nov 2001 23:29:23 +0000 (23:29 +0000)]
synchronise with HEAD branch,
remove redundant name OpenUNIX for OpenUNIX-8 configuration

23 years agoinformation on 0.9.6c-engine
Bodo Möller [Mon, 12 Nov 2001 22:13:28 +0000 (22:13 +0000)]
information on 0.9.6c-engine

23 years agoorder entries as in main branch
Bodo Möller [Mon, 12 Nov 2001 15:25:17 +0000 (15:25 +0000)]
order entries as in main branch

23 years ago'make update'
Bodo Möller [Mon, 12 Nov 2001 15:15:46 +0000 (15:15 +0000)]
'make update'

23 years agoSync ia64.S in 0.9.6c-dev with ia64.S in 0.9.7 (some fixes had been
Mark J. Cox [Mon, 12 Nov 2001 14:08:49 +0000 (14:08 +0000)]
Sync ia64.S in 0.9.6c-dev with ia64.S in 0.9.7 (some fixes had been
applied since the initial patch was created)

Submitted by:
Reviewed by:
PR:

23 years agoAdd an entry for gcc on UnixWare
Mark J. Cox [Mon, 12 Nov 2001 13:22:14 +0000 (13:22 +0000)]
Add an entry for gcc on UnixWare
Submitted by: Gary Benson
Reviewed by: Mark Cox
PR:

23 years agoAdd assembler implementation for IA-64
Mark J. Cox [Mon, 12 Nov 2001 12:49:25 +0000 (12:49 +0000)]
Add assembler implementation for IA-64
Submitted by: Andy Polyakov
Reviewed by: Mark Cox
PR:

23 years agothe PRNG race conditions were mostly a theoretical issue, remove from NEWS
Bodo Möller [Mon, 12 Nov 2001 11:33:07 +0000 (11:33 +0000)]
the PRNG race conditions were mostly a theoretical issue, remove from NEWS

23 years agoadd changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c
Bodo Möller [Mon, 12 Nov 2001 11:27:34 +0000 (11:27 +0000)]
add changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c

23 years agosynchronize with HEAD branch
Bodo Möller [Mon, 12 Nov 2001 11:22:45 +0000 (11:22 +0000)]
synchronize with HEAD branch

23 years agoorder chronologically: move entry for recent s2_clnt.c/s2_srvr.c fixes to the top
Bodo Möller [Sat, 10 Nov 2001 15:09:47 +0000 (15:09 +0000)]
order chronologically: move entry for recent s2_clnt.c/s2_srvr.c fixes to the top

23 years agomake code a little more similar to what it looked like before the fixes
Bodo Möller [Sat, 10 Nov 2001 10:43:51 +0000 (10:43 +0000)]
make code a little more similar to what it looked like before the fixes

23 years agoremove incorrect 'callback' prototype
Bodo Möller [Sat, 10 Nov 2001 02:14:43 +0000 (02:14 +0000)]
remove incorrect 'callback' prototype

23 years agoimportant SSL 2.0 bugfixes
Bodo Möller [Sat, 10 Nov 2001 01:15:29 +0000 (01:15 +0000)]
important SSL 2.0 bugfixes

23 years agotypo
Bodo Möller [Fri, 9 Nov 2001 13:10:47 +0000 (13:10 +0000)]
typo

23 years agofix warning
Bodo Möller [Fri, 9 Nov 2001 13:03:12 +0000 (13:03 +0000)]
fix warning

23 years agocast to 'unsigned long' before using ~ if we need an unsigned long result
Bodo Möller [Fri, 9 Nov 2001 12:59:15 +0000 (12:59 +0000)]
cast to 'unsigned long' before using ~ if we need an unsigned long result

Submitted by: "Stefan Marxen" <stefan.marxen@gmx.net>

23 years agoclarify
Bodo Möller [Thu, 8 Nov 2001 14:52:40 +0000 (14:52 +0000)]
clarify

23 years agoDon't define _REENTRANT here in e_os.h. On systems where we need
Bodo Möller [Thu, 8 Nov 2001 14:36:49 +0000 (14:36 +0000)]
Don't define _REENTRANT here in e_os.h.  On systems where we need
_REENTRANT if threads support is enabled, the ./Configure entry must
define it so that it ends up in CFLAG.

23 years agoAddapt VMS scripts to the newer disk layout system ODS-5, which allows more than...
Richard Levitte [Mon, 29 Oct 2001 13:06:29 +0000 (13:06 +0000)]
Addapt VMS scripts to the newer disk layout system ODS-5, which allows more than one period and mixed size characters in file names

23 years agotypo
Bodo Möller [Fri, 26 Oct 2001 14:03:51 +0000 (14:03 +0000)]
typo

23 years agodisable caching in BIO_gethostbyname
Bodo Möller [Fri, 26 Oct 2001 13:03:28 +0000 (13:03 +0000)]
disable caching in BIO_gethostbyname

23 years ago'make update'
Bodo Möller [Thu, 25 Oct 2001 08:36:22 +0000 (08:36 +0000)]
'make update'

23 years agoConsistency with s2_... and s23_... variants (no real functional
Bodo Möller [Thu, 25 Oct 2001 08:18:56 +0000 (08:18 +0000)]
Consistency with s2_... and s23_... variants (no real functional
change)

23 years agoOops
Bodo Möller [Thu, 25 Oct 2001 08:18:36 +0000 (08:18 +0000)]
Oops

23 years agoAssume TLS 1.0 if ClientHello fragment is too short.
Bodo Möller [Thu, 25 Oct 2001 06:06:50 +0000 (06:06 +0000)]
Assume TLS 1.0 if ClientHello fragment is too short.

23 years agoFix SSL handshake functions and SSL_clear() such that SSL_clear()
Bodo Möller [Wed, 24 Oct 2001 19:05:26 +0000 (19:05 +0000)]
Fix SSL handshake functions and SSL_clear() such that SSL_clear()
never resets s->method to s->ctx->method when called from within one
of the SSL handshake functions.

23 years agoIn ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
Bodo Möller [Sat, 20 Oct 2001 17:52:40 +0000 (17:52 +0000)]
In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.

23 years agoTypo.
Dr. Stephen Henson [Sat, 20 Oct 2001 16:23:18 +0000 (16:23 +0000)]
Typo.

23 years agoFlush buffers to prevent mixed output (Adam Back <adam@cypherspace.org>).
Lutz Jänicke [Tue, 16 Oct 2001 14:25:27 +0000 (14:25 +0000)]
Flush buffers to prevent mixed output (Adam Back <adam@cypherspace.org>).

23 years agomake sure .rnd exists
Bodo Möller [Mon, 15 Oct 2001 17:57:27 +0000 (17:57 +0000)]
make sure .rnd exists

23 years agoFix ssl3_get_message to handle message fragmentation correctly.
Bodo Möller [Mon, 15 Oct 2001 17:42:43 +0000 (17:42 +0000)]
Fix ssl3_get_message to handle message fragmentation correctly.

23 years agothe previous commit accidentily removed 'ret = 1' from the SSL_ST_OK
Bodo Möller [Mon, 15 Oct 2001 17:40:22 +0000 (17:40 +0000)]
the previous commit accidentily removed 'ret = 1' from the SSL_ST_OK
case of ssl3_accept

23 years agoopenbsd-x86 macros
Ulf Möller [Sun, 14 Oct 2001 00:58:32 +0000 (00:58 +0000)]
openbsd-x86 macros

Submitted by: Toomas Kiisk <vix@cyber.ee>

23 years agoUpdate information as a partial response to the post
Lutz Jänicke [Fri, 12 Oct 2001 12:29:57 +0000 (12:29 +0000)]
Update information as a partial response to the post
  From: "Chris D. Peterson" <cpeterson@aventail.com>
  Subject: Implementation Issues with OpenSSL
  To: openssl-users@openssl.org
  Date: Wed, 22 Aug 2001 16:13:17 -0700
The patch included in the original post may improve the internal session
list handling (and is therefore worth a seperate investigation).
No change to the list handling will however solve the problems of incorrect
SSL_SESSION_free() calls. The session list is only one possible point of
failure, dangling pointers would also occur for SSL object currently
using the session. The correct solution is to only use SSL_SESSION_free()
when applicable!

23 years agoIn certain cases, no encoding has been set up for the b64 filter. In
Richard Levitte [Thu, 11 Oct 2001 19:43:45 +0000 (19:43 +0000)]
In certain cases, no encoding has been set up for the b64 filter.  In
such cases, a flush should *not* attempt to finalise the encoding, as
the EVP_ENCODE_CTX structure will only be filled with garbage.  For
the same reason, do the same check when a wpending is performed.

23 years agoMake sure the macro PEDANTIC is defined when we compile with
Richard Levitte [Thu, 11 Oct 2001 07:59:25 +0000 (07:59 +0000)]
Make sure the macro PEDANTIC is defined when we compile with
-pedantic, or some parts of the source will raise complaints from the
compiler.

23 years ago'make update'
Richard Levitte [Wed, 10 Oct 2001 21:52:27 +0000 (21:52 +0000)]
'make update'

23 years agoAdd support for md4WithRSAEncryption.
Richard Levitte [Wed, 10 Oct 2001 21:51:00 +0000 (21:51 +0000)]
Add support for md4WithRSAEncryption.

23 years agoA few more OIDs, contributed by Peter Sylvester <Peter.Sylvester@EdelWeb.fr>
Richard Levitte [Wed, 10 Oct 2001 06:15:42 +0000 (06:15 +0000)]
A few more OIDs, contributed by Peter Sylvester <Peter.Sylvester@EdelWeb.fr>

23 years agoSmall documentation fixes (Howard Lum <howard@pumpkin.canada.sun.com>)
Lutz Jänicke [Mon, 8 Oct 2001 08:38:12 +0000 (08:38 +0000)]
Small documentation fixes (Howard Lum <howard@pumpkin.canada.sun.com>)

23 years agoTypos (Chris Pepper <pepper@mail.reppep.com>)
Lutz Jänicke [Mon, 1 Oct 2001 14:39:23 +0000 (14:39 +0000)]
Typos (Chris Pepper <pepper@mail.reppep.com>)

23 years agoIn case of memory problems, the va_start() wasn't cleaned with a va_end().
Richard Levitte [Mon, 24 Sep 2001 15:06:44 +0000 (15:06 +0000)]
In case of memory problems, the va_start() wasn't cleaned with a va_end().
Noticed by Thomas Klausner <wiz@danbala.ifoer.tuwien.ac.at>.

23 years agocomment
Bodo Möller [Mon, 24 Sep 2001 07:57:20 +0000 (07:57 +0000)]
comment

23 years agocrypto/idea was missing in the list of directories that may have been deleted
Bodo Möller [Sat, 22 Sep 2001 01:37:36 +0000 (01:37 +0000)]
crypto/idea was missing in the list of directories that may have been deleted

23 years agobugfix: handle HelloRequest received during handshake correctly
Bodo Möller [Fri, 21 Sep 2001 11:19:26 +0000 (11:19 +0000)]
bugfix: handle HelloRequest received during handshake correctly

23 years agoDisable session related stuff in SSL_ST_OK case of ssl3_accept if we
Bodo Möller [Fri, 21 Sep 2001 07:01:04 +0000 (07:01 +0000)]
Disable session related stuff in SSL_ST_OK case of ssl3_accept if we
just sent a HelloRequest.

23 years agoBugfix: correct cleanup after sending a HelloRequest
Bodo Möller [Fri, 21 Sep 2001 00:03:00 +0000 (00:03 +0000)]
Bugfix: correct cleanup after sending a HelloRequest

23 years agofix ssl3_accept: don't call ssl_init_wbio_buffer() in HelloRequest case
Bodo Möller [Thu, 20 Sep 2001 21:36:39 +0000 (21:36 +0000)]
fix ssl3_accept: don't call ssl_init_wbio_buffer() in HelloRequest case

23 years agoFix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
Bodo Möller [Thu, 20 Sep 2001 18:34:36 +0000 (18:34 +0000)]
Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
reveal whether illegal block cipher padding was found or a MAC
verification error occured.

In ssl/s2_pkt.c, verify that the purported number of padding bytes is in
the legal range.

23 years agoadd comment
Bodo Möller [Fri, 14 Sep 2001 13:48:37 +0000 (13:48 +0000)]
add comment

23 years agoIncrease permissible ClientKeyExchange message length as in main
Bodo Möller [Fri, 14 Sep 2001 13:32:03 +0000 (13:32 +0000)]
Increase permissible ClientKeyExchange message length as in main
branch (revision 1.50, 2000-11-17)

23 years agoSynchronize typo corrections with 0.9.7-dev
Lutz Jänicke [Thu, 13 Sep 2001 15:19:39 +0000 (15:19 +0000)]
Synchronize typo corrections with 0.9.7-dev

23 years agoOne more manual page.
Lutz Jänicke [Thu, 13 Sep 2001 15:07:21 +0000 (15:07 +0000)]
One more manual page.

23 years agoThis commit was manufactured by cvs2svn to create branch
cvs2svn [Thu, 13 Sep 2001 15:05:43 +0000 (15:05 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.

23 years agoOne more manual page.
Lutz Jänicke [Thu, 13 Sep 2001 15:05:42 +0000 (15:05 +0000)]
One more manual page.

23 years agoRework section about return values another time (based on hints from
Lutz Jänicke [Thu, 13 Sep 2001 13:21:38 +0000 (13:21 +0000)]
Rework section about return values another time (based on hints from
Bodo Moeller).

23 years agoavoid "statement not reached" warning
Bodo Möller [Thu, 13 Sep 2001 13:02:59 +0000 (13:02 +0000)]
avoid "statement not reached" warning

23 years agoUpdated dependencies from "make update"
Geoff Thorpe [Wed, 12 Sep 2001 02:43:22 +0000 (02:43 +0000)]
Updated dependencies from "make update"

23 years agoReduce the header dependencies on engine.h in apps/.
Geoff Thorpe [Wed, 12 Sep 2001 02:39:06 +0000 (02:39 +0000)]
Reduce the header dependencies on engine.h in apps/.

23 years agoENGINE uses a very opaque design, so we can predeclare the structure type
Geoff Thorpe [Wed, 12 Sep 2001 02:34:20 +0000 (02:34 +0000)]
ENGINE uses a very opaque design, so we can predeclare the structure type
in "types.h" so that very few headers will need to include engine.h,
generally only C files using API functions will need it (reducing
the header dependencies quite a lot).

23 years agoENGINE files were renamed, and error strings are now in eng_err.c
Geoff Thorpe [Wed, 12 Sep 2001 01:54:17 +0000 (01:54 +0000)]
ENGINE files were renamed, and error strings are now in eng_err.c

23 years agoAdd certificate and request demos.
Dr. Stephen Henson [Wed, 12 Sep 2001 00:19:20 +0000 (00:19 +0000)]
Add certificate and request demos.

Fix X509V3 macro so they compile.

23 years agoMake maximum certifcate chain size accepted from the peer application
Lutz Jänicke [Tue, 11 Sep 2001 13:08:51 +0000 (13:08 +0000)]
Make maximum certifcate chain size accepted from the peer application
settable (proposed by "Douglas E. Engert" <deengert@anl.gov>).

23 years agoadd 'release showstopper' entry
Bodo Möller [Tue, 11 Sep 2001 12:46:50 +0000 (12:46 +0000)]
add 'release showstopper' entry

23 years agoupdate
Bodo Möller [Tue, 11 Sep 2001 12:26:56 +0000 (12:26 +0000)]
update

23 years agoupdate from main branch
Bodo Möller [Tue, 11 Sep 2001 12:26:35 +0000 (12:26 +0000)]
update from main branch

23 years agoex_data situation is no longer that bad
Bodo Möller [Tue, 11 Sep 2001 12:20:20 +0000 (12:20 +0000)]
ex_data situation is no longer that bad

23 years agomake update
Geoff Thorpe [Mon, 10 Sep 2001 21:18:11 +0000 (21:18 +0000)]
make update

23 years agoPut all "common" initialisation in the apps_startup() and apps_shutdown()
Geoff Thorpe [Mon, 10 Sep 2001 21:04:14 +0000 (21:04 +0000)]
Put all "common" initialisation in the apps_startup() and apps_shutdown()
macros in apps.h.

23 years agoenginetest needs 'memset' defined.
Geoff Thorpe [Mon, 10 Sep 2001 21:02:06 +0000 (21:02 +0000)]
enginetest needs 'memset' defined.

23 years agomissed one file
Ulf Möller [Mon, 10 Sep 2001 20:16:31 +0000 (20:16 +0000)]
missed one file

23 years agoWhile ispell may not like it, "cancelling" may be spelt with two "l"s
Bodo Möller [Mon, 10 Sep 2001 18:59:53 +0000 (18:59 +0000)]
While ispell may not like it, "cancelling" may be spelt with two "l"s

23 years agofix memory leak (I think)
Bodo Möller [Mon, 10 Sep 2001 18:50:09 +0000 (18:50 +0000)]
fix memory leak (I think)

23 years agoremove an old comment
Bodo Möller [Mon, 10 Sep 2001 18:49:25 +0000 (18:49 +0000)]
remove an old comment

23 years agorestore previous revision -- memory leak should be fixed in mem.c
Bodo Möller [Mon, 10 Sep 2001 18:47:33 +0000 (18:47 +0000)]
restore previous revision -- memory leak should be fixed in mem.c

23 years agofix memory leak
Bodo Möller [Mon, 10 Sep 2001 18:13:16 +0000 (18:13 +0000)]
fix memory leak

23 years agoavoid warning ('const' discarded)
Bodo Möller [Mon, 10 Sep 2001 17:46:54 +0000 (17:46 +0000)]
avoid warning ('const' discarded)

23 years agoexclude disabled message digests
Bodo Möller [Mon, 10 Sep 2001 17:18:56 +0000 (17:18 +0000)]
exclude disabled message digests

23 years agoadd AES ciphers
Bodo Möller [Mon, 10 Sep 2001 17:12:31 +0000 (17:12 +0000)]
add AES ciphers

23 years agoUpdate so that progs.h can indeed be automatically generated
Bodo Möller [Mon, 10 Sep 2001 17:00:28 +0000 (17:00 +0000)]
Update so that progs.h can indeed be automatically generated

    (Working file: progs.h
     revision 1.24

     date: 2001/02/19 16:06:03;  author: levitte;  state: Exp;  lines: +59 -59
     Make all configuration macros available for application by making
     sure they are available in opensslconf.h, by giving them names starting
     with "OPENSSL_" to avoid conflicts with other packages and by making
     sure e_os2.h will cover all platform-specific cases together with
     opensslconf.h.

     [...])

23 years agotypo
Bodo Möller [Mon, 10 Sep 2001 16:57:06 +0000 (16:57 +0000)]
typo

23 years agocomments
Bodo Möller [Mon, 10 Sep 2001 15:03:08 +0000 (15:03 +0000)]
comments

23 years agoGet rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case
Bodo Möller [Mon, 10 Sep 2001 15:00:30 +0000 (15:00 +0000)]
Get rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case
distinction (which does not work well because if CRYPTO_MDEBUG is
defined at library compile time, it is not necessarily defined at
application compile time; and memory debugging now can be reconfigured
at run-time anyway).  To get the intended semantics, we could just use
the EVP_DigestInit_dbg unconditionally (which uses the caller's
__FILE__ and __LINE__ for memory leak debugging), but this would make
memory debugging inconsistent.  Instead, callers can use
CRYPTO_push_info() to track down memory leaks.

23 years agoGet rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case
Bodo Möller [Mon, 10 Sep 2001 14:59:17 +0000 (14:59 +0000)]
Get rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case
distinction (which does not work well because if CRYPTO_MDEBUG is
defined at library compile time, it is not necessarily defined at
application compile time; and memory debugging now can be reconfigured
at run-time anyway).  To get the intended semantics, we could just use
the EVP_DigestInit_dbg unconditionally (which uses the caller's
__FILE__ and __LINE__ for memory leak debugging), but this would make
memory debugging inconsistent.  Instead, callers can use
CRYPTO_push_info() to track down memory leaks.

Also fix indentation, and add OpenSSL copyright.

23 years agocopyright
Bodo Möller [Mon, 10 Sep 2001 14:51:45 +0000 (14:51 +0000)]
copyright

23 years agocopyright
Bodo Möller [Mon, 10 Sep 2001 14:51:19 +0000 (14:51 +0000)]
copyright

23 years agoDelete pointless casts
Bodo Möller [Mon, 10 Sep 2001 14:10:10 +0000 (14:10 +0000)]
Delete pointless casts

23 years agoFix apps/openssl.c and ssl/ssltest.c so that they use
Bodo Möller [Mon, 10 Sep 2001 09:50:30 +0000 (09:50 +0000)]
Fix apps/openssl.c and ssl/ssltest.c so that they use
CRYPTO_set_mem_debug_options() instead of CRYPTO_dbg_set_options(),
which is the default implementation of the former and should usually
not be directly used by applications (at least if we assume that the
options accepted by the default implementation will also be meaningful
to any other implementations).

Also fix apps/openssl.c and ssl/ssltest such that environment variable
setting 'OPENSSL_DEBUG_MEMORY=off' actively disables the compiled-in
library defaults (i.e. such that CRYPTO_MDEBUG is ignored in this
case).

23 years agoFix typo.
Lutz Jänicke [Sun, 9 Sep 2001 07:43:12 +0000 (07:43 +0000)]
Fix typo.

23 years agoReplace old (and invalid) copyright notice.
Dr. Stephen Henson [Sat, 8 Sep 2001 12:16:24 +0000 (12:16 +0000)]
Replace old (and invalid) copyright notice.

23 years agoReplace old (and invalid) copyright notice.
Dr. Stephen Henson [Sat, 8 Sep 2001 12:15:09 +0000 (12:15 +0000)]
Replace old (and invalid) copyright notice.

23 years agoThe various hash #includes in rand_lcl.h *are* needed despite
Bodo Möller [Fri, 7 Sep 2001 23:55:15 +0000 (23:55 +0000)]
The various hash #includes in rand_lcl.h *are* needed despite
<openssl/evp.h> is now used (MD_DIGEST_LENGTH definitions!).
No need to include such headers directly in md_rand.c.

23 years agoSupport for OpenUNIX-8 (Boyd Lynn Gerber <gerberb@zenez.com>)
Lutz Jänicke [Fri, 7 Sep 2001 13:22:41 +0000 (13:22 +0000)]
Support for OpenUNIX-8 (Boyd Lynn Gerber <gerberb@zenez.com>)

23 years agoRecognize OpenUNIX
Lutz Jänicke [Fri, 7 Sep 2001 12:16:52 +0000 (12:16 +0000)]
Recognize OpenUNIX

23 years agoRecognize OpenUNIX-8 with compiler
Lutz Jänicke [Fri, 7 Sep 2001 12:13:10 +0000 (12:13 +0000)]
Recognize OpenUNIX-8 with compiler

23 years agoAdd a cleanup function for MDs.
Ben Laurie [Fri, 7 Sep 2001 12:03:24 +0000 (12:03 +0000)]
Add a cleanup function for MDs.

23 years agoLook up MD5 by name.
Ben Laurie [Fri, 7 Sep 2001 11:45:42 +0000 (11:45 +0000)]
Look up MD5 by name.

23 years agoRemove duplication.
Ben Laurie [Fri, 7 Sep 2001 11:44:59 +0000 (11:44 +0000)]
Remove duplication.