oweals/openssl.git
21 years agoDocument the AES_cbc_encrypt() change
Richard Levitte [Tue, 10 Jun 2003 04:42:38 +0000 (04:42 +0000)]
Document the AES_cbc_encrypt() change

21 years agoThe output from AES_cbc_encrypt() should be exact multiple blocks when encrypting
Richard Levitte [Tue, 10 Jun 2003 04:11:42 +0000 (04:11 +0000)]
The output from AES_cbc_encrypt() should be exact multiple blocks when encrypting

21 years agoTypo
Richard Levitte [Mon, 9 Jun 2003 07:56:18 +0000 (07:56 +0000)]
Typo

21 years agoThis memset() in the ubsec ENGINE is a bug. Zeroing out the result array
Geoff Thorpe [Fri, 6 Jun 2003 17:51:34 +0000 (17:51 +0000)]
This memset() in the ubsec ENGINE is a bug. Zeroing out the result array
should not be necessary in any case, but more importantly the result and
input BIGNUMs could be the same, in which case this is clearly a problem.

Submitted by: Jonathan Hersch
Reviewed by: Joe Orton
Approved by: Geoff Thorpe

21 years agoMake sure the sigaction structure and fileno function are properly declared with...
Richard Levitte [Wed, 4 Jun 2003 09:13:19 +0000 (09:13 +0000)]
Make sure the sigaction structure and fileno function are properly declared with an ANSI compiler on Solaris (and possibly others).

21 years agoRemove extra ;
Richard Levitte [Wed, 4 Jun 2003 09:11:44 +0000 (09:11 +0000)]
Remove extra ;

21 years agoMake sure the function definitions match their declaration.
Richard Levitte [Wed, 4 Jun 2003 09:11:15 +0000 (09:11 +0000)]
Make sure the function definitions match their declaration.

21 years agoMake sure that size_t matches size_t.
Richard Levitte [Wed, 4 Jun 2003 09:10:43 +0000 (09:10 +0000)]
Make sure that size_t matches size_t.

21 years agoMake sure debug-solaris-sparcv9-gcc is consistent with solaris-sparcv9-gcc.
Richard Levitte [Wed, 4 Jun 2003 09:10:11 +0000 (09:10 +0000)]
Make sure debug-solaris-sparcv9-gcc is consistent with solaris-sparcv9-gcc.

21 years agoReally get X509_CRL_CHECK_ALL right this time...
Dr. Stephen Henson [Wed, 4 Jun 2003 00:40:05 +0000 (00:40 +0000)]
Really get X509_CRL_CHECK_ALL right this time...

21 years agoClarify return value of SSL_connect() and SSL_accept() in case of the
Lutz Jänicke [Tue, 3 Jun 2003 09:59:44 +0000 (09:59 +0000)]
Clarify return value of SSL_connect() and SSL_accept() in case of the
WANT_READ and WANT_WRITE conditions.

21 years agoUpdate CHANGES to reflect base64 fix added to 0.9.7
Dr. Stephen Henson [Tue, 3 Jun 2003 00:16:47 +0000 (00:16 +0000)]
Update CHANGES to reflect base64 fix added to 0.9.7

21 years agoOnly count 'LF' as EOL in pk7_mime.c, this avoids incorrect
Dr. Stephen Henson [Mon, 2 Jun 2003 17:53:42 +0000 (17:53 +0000)]
Only count 'LF' as EOL in pk7_mime.c, this avoids incorrect
results if CR+LF straddles the line buffer.

21 years agoStop checking for CRLF when start of buffer is reached.
Dr. Stephen Henson [Mon, 2 Jun 2003 01:12:01 +0000 (01:12 +0000)]
Stop checking for CRLF when start of buffer is reached.

Add rest of long line fix which got missed before

21 years agoVarious S/MIME bug and compatibility fixes.
Dr. Stephen Henson [Sun, 1 Jun 2003 20:51:58 +0000 (20:51 +0000)]
Various S/MIME bug and compatibility fixes.

21 years agoClarify ordering of certificates when using certificate chains
Lutz Jänicke [Fri, 30 May 2003 07:45:07 +0000 (07:45 +0000)]
Clarify ordering of certificates when using certificate chains

21 years agoInclude openssl/e_os.h so OPENSSL_SYSNAME_ULTRASPARC and other configuration
Richard Levitte [Thu, 29 May 2003 22:22:30 +0000 (22:22 +0000)]
Include openssl/e_os.h so OPENSSL_SYSNAME_ULTRASPARC and other configuration
macros get properly defined.

21 years agoHave ASFLAGS be defined the same way as CFLAGS
Richard Levitte [Thu, 29 May 2003 22:20:47 +0000 (22:20 +0000)]
Have ASFLAGS be defined the same way as CFLAGS

21 years agoPR: 630
Richard Levitte [Thu, 29 May 2003 20:59:38 +0000 (20:59 +0000)]
PR: 630

Avoid looking outside the key_data array.

21 years agoAdd minimum POP3 STLS hack to s_client.c (as was provided for STARTTLS before)
Lutz Jänicke [Wed, 28 May 2003 20:24:57 +0000 (20:24 +0000)]
Add minimum POP3 STLS hack to s_client.c (as was provided for STARTTLS before)
Submitted by: dg@sunet.ru (Daniel Ginsburg)

PR: #613

21 years agoMove header file inclusion to prevent irritation of users forgetting to
Lutz Jänicke [Wed, 28 May 2003 19:56:46 +0000 (19:56 +0000)]
Move header file inclusion to prevent irritation of users forgetting to
call "make depend" after enabling or disabling ciphers...
Submitted by: Tal Mozes <talm@cyber-ark.com>

PR: #628

21 years agoPR: 627
Dr. Stephen Henson [Wed, 28 May 2003 17:28:11 +0000 (17:28 +0000)]
PR: 627

Allocate certificatePolicies correctly if CPS field is absent.

Fix various memory leaks in certificatePolicies.

21 years agoPR: 631
Dr. Stephen Henson [Wed, 28 May 2003 16:57:08 +0000 (16:57 +0000)]
PR: 631
Submitted by: Doug Sauder <dws+001@hunnysoft.com>

Fix bug in X509V3_get_d2i() when idx in not NULL.

21 years agoMake sure to compare unsigned against unsigned.
Richard Levitte [Wed, 28 May 2003 10:34:29 +0000 (10:34 +0000)]
Make sure to compare unsigned against unsigned.

21 years agoBrackets are now allowed, after a small hack in the processing of the
Richard Levitte [Fri, 23 May 2003 09:08:59 +0000 (09:08 +0000)]
Brackets are now allowed, after a small hack in the processing of the
docs-on-web.

21 years agoFix sign bugs.
Richard Levitte [Wed, 21 May 2003 14:29:13 +0000 (14:29 +0000)]
Fix sign bugs.
PR: 621

21 years agoCorrect signedness
Richard Levitte [Wed, 21 May 2003 14:21:26 +0000 (14:21 +0000)]
Correct signedness

21 years agoMake sure EC_window_bits_for_scalar_size() returns a size_t
Richard Levitte [Wed, 21 May 2003 08:40:06 +0000 (08:40 +0000)]
Make sure EC_window_bits_for_scalar_size() returns a size_t

21 years agoI have no idea how I cut away that piece of text...
Richard Levitte [Wed, 21 May 2003 06:50:51 +0000 (06:50 +0000)]
I have no idea how I cut away that piece of text...

21 years agoI don't remember what my thinking was with str_compat.h. Maybe it'll
Richard Levitte [Tue, 20 May 2003 09:00:59 +0000 (09:00 +0000)]
I don't remember what my thinking was with str_compat.h.  Maybe it'll
come back to me...

21 years agomake update
Richard Levitte [Tue, 20 May 2003 08:59:37 +0000 (08:59 +0000)]
make update

21 years agoMisspelled functions.
Richard Levitte [Tue, 20 May 2003 08:50:18 +0000 (08:50 +0000)]
Misspelled functions.

21 years agoSome misspelled function names.
Richard Levitte [Tue, 20 May 2003 08:49:12 +0000 (08:49 +0000)]
Some misspelled function names.

21 years agoMake the function STORE_new_engine() public.
Richard Levitte [Mon, 19 May 2003 23:06:09 +0000 (23:06 +0000)]
Make the function STORE_new_engine() public.

21 years agoRemove certain functions
Richard Levitte [Mon, 19 May 2003 23:03:43 +0000 (23:03 +0000)]
Remove certain functions

21 years agoThe square brackets in BIO_s_bio.pod for some
Dr. Stephen Henson [Mon, 19 May 2003 21:28:49 +0000 (21:28 +0000)]
The square brackets in BIO_s_bio.pod for some
reason cause wml to bomb out with the error
message:

** Slice:Error: Some slices were not closed:
** WML:Break: Error in Pass 9 (rc=1).
** WMK:Error: Error in WML (rc=256)

As a workaround delete them for now.

21 years agoFix docs.
Dr. Stephen Henson [Sun, 18 May 2003 23:10:46 +0000 (23:10 +0000)]
Fix docs.

21 years agoAdd correct DN entry for serialNumber.
Dr. Stephen Henson [Wed, 7 May 2003 23:20:58 +0000 (23:20 +0000)]
Add correct DN entry for serialNumber.

21 years agoDefine the two authentication parameter types for passphrase and
Richard Levitte [Wed, 7 May 2003 21:17:30 +0000 (21:17 +0000)]
Define the two authentication parameter types for passphrase and
Kerberos 5 authentications.

21 years agoAdd the possibility to hand execution parameters (for example
Richard Levitte [Wed, 7 May 2003 21:06:15 +0000 (21:06 +0000)]
Add the possibility to hand execution parameters (for example
authentication material) to the STORE functions.
Suggested by Götz Babin-Ebell <babin-ebell@trustcenter.de>.

21 years ago/usr/lib/pkgconfig/openssl.pc was never installed in the RPM.
Richard Levitte [Wed, 7 May 2003 12:02:31 +0000 (12:02 +0000)]
/usr/lib/pkgconfig/openssl.pc was never installed in the RPM.
Notified by Bennett Todd <bet@rahul.net>.

21 years agoDO NOT constify RSA* in RSA_sign() and RSA_verify(), since there are function
Richard Levitte [Wed, 7 May 2003 11:38:10 +0000 (11:38 +0000)]
DO NOT constify RSA* in RSA_sign() and RSA_verify(), since there are function
called downstream that need it to be non-const.  The fact that the RSA_METHOD
functions take the RSA* as a const doesn't matter, it just expresses that
*they* won't touch it.
PR: 602

21 years agoAdd the possibility to store arbitrary data in a STORE.
Richard Levitte [Tue, 6 May 2003 08:02:14 +0000 (08:02 +0000)]
Add the possibility to store arbitrary data in a STORE.
Suggested by Götz Babin-Ebell <babin-ebell@trustcenter.de>.

21 years agoConstify RSA_sign() and RSA_verify().
Richard Levitte [Mon, 5 May 2003 13:55:18 +0000 (13:55 +0000)]
Constify RSA_sign() and RSA_verify().
PR: 602

21 years agoYeah, right, an object file ending with .c, that'll work!
Richard Levitte [Sat, 3 May 2003 06:58:08 +0000 (06:58 +0000)]
Yeah, right, an object file ending with .c, that'll work!

21 years agoMake DER option work again.
Dr. Stephen Henson [Fri, 2 May 2003 11:41:40 +0000 (11:41 +0000)]
Make DER option work again.

Fix typo.

21 years agoIt's usually best if the function name matches everywhere...
Richard Levitte [Fri, 2 May 2003 07:25:54 +0000 (07:25 +0000)]
It's usually best if the function name matches everywhere...

21 years agoSTORE was created 2003, darnit!
Richard Levitte [Thu, 1 May 2003 20:44:20 +0000 (20:44 +0000)]
STORE was created 2003, darnit!

21 years agoGet the year right...
Richard Levitte [Thu, 1 May 2003 20:15:35 +0000 (20:15 +0000)]
Get the year right...

21 years agoProvide some extra comments about the STORE_Memory STORE method.
Richard Levitte [Thu, 1 May 2003 04:31:12 +0000 (04:31 +0000)]
Provide some extra comments about the STORE_Memory STORE method.

21 years agomake update
Richard Levitte [Thu, 1 May 2003 04:10:32 +0000 (04:10 +0000)]
make update

21 years agoAdd STORE support in ENGINE.
Richard Levitte [Thu, 1 May 2003 03:57:46 +0000 (03:57 +0000)]
Add STORE support in ENGINE.

21 years agoDefine a STORE type. For documentation, read the entry in CHANGES,
Richard Levitte [Thu, 1 May 2003 03:53:12 +0000 (03:53 +0000)]
Define a STORE type.  For documentation, read the entry in CHANGES,
crypto/store/README, crypto/store/store.h and crypto/store/str_locl.h.

21 years agoDefine a STORE lock (the STORE type will be committed later).
Richard Levitte [Thu, 1 May 2003 03:46:10 +0000 (03:46 +0000)]
Define a STORE lock (the STORE type will be committed later).

21 years agoDefine the OPENSSL_ITEM structure.
Richard Levitte [Thu, 1 May 2003 03:45:18 +0000 (03:45 +0000)]
Define the OPENSSL_ITEM structure.

21 years agomake update
Richard Levitte [Tue, 29 Apr 2003 22:24:17 +0000 (22:24 +0000)]
make update

21 years agoAdd BUF_strndup() and BUF_memdup(). Not currently used, but I've code
Richard Levitte [Tue, 29 Apr 2003 22:08:57 +0000 (22:08 +0000)]
Add BUF_strndup() and BUF_memdup().  Not currently used, but I've code
that uses them that I'll commit in a few days.

21 years agomake update
Richard Levitte [Tue, 29 Apr 2003 21:35:28 +0000 (21:35 +0000)]
make update

21 years agoInclude objects.h to get a correct declaration of OBJ_bsearch_ex(),
Richard Levitte [Tue, 29 Apr 2003 20:46:32 +0000 (20:46 +0000)]
Include objects.h to get a correct declaration of OBJ_bsearch_ex(),
not to mention the OBJ_BSEARCH_* macros.

21 years agoSome variables were uninitialised...
Richard Levitte [Tue, 29 Apr 2003 20:45:36 +0000 (20:45 +0000)]
Some variables were uninitialised...

21 years agoCorrect documentation. sk_find_ex() doesn't return a pointer, it
Richard Levitte [Tue, 29 Apr 2003 20:31:58 +0000 (20:31 +0000)]
Correct documentation.  sk_find_ex() doesn't return a pointer, it
returns an index.

21 years agoAdd an extended variant of sk_find() which returns a non-NULL pointer
Richard Levitte [Tue, 29 Apr 2003 20:30:55 +0000 (20:30 +0000)]
Add an extended variant of sk_find() which returns a non-NULL pointer
even if an exact match wasn't found.

21 years agoAdd an extended variant of OBJ_bsearch() that can be given a few
Richard Levitte [Tue, 29 Apr 2003 20:25:21 +0000 (20:25 +0000)]
Add an extended variant of OBJ_bsearch() that can be given a few
flags.

21 years agofix typo
Bodo Möller [Tue, 22 Apr 2003 08:29:21 +0000 (08:29 +0000)]
fix typo

Submitted by: Nils Larsch

21 years agoMake it possible to affect the extension of man pages.
Richard Levitte [Mon, 21 Apr 2003 22:00:36 +0000 (22:00 +0000)]
Make it possible to affect the extension of man pages.
PR: 578

21 years agoMemory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances.
Richard Levitte [Wed, 16 Apr 2003 06:25:21 +0000 (06:25 +0000)]
Memory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances.
Memory leak fix: RSA_blinding_on() would leave a dangling pointer in
                 rsa->blinding under certain circumstances.
Double definition fix: RSA_FLAG_NO_BLINDING was defined twice.

21 years agoMemory leak fix: local blinding structure not freed in rsa_eay_private_decrypt()
Richard Levitte [Tue, 15 Apr 2003 13:01:37 +0000 (13:01 +0000)]
Memory leak fix: local blinding structure not freed in rsa_eay_private_decrypt()

21 years agoinclude 'Changes between 0.9.6i and 0.9.6j'
Bodo Möller [Fri, 11 Apr 2003 15:03:12 +0000 (15:03 +0000)]
include 'Changes between 0.9.6i and 0.9.6j'

21 years agoAdd the 0.9.6j news.
Richard Levitte [Thu, 10 Apr 2003 20:38:24 +0000 (20:38 +0000)]
Add the 0.9.6j news.

21 years agomake update
Richard Levitte [Thu, 10 Apr 2003 20:11:09 +0000 (20:11 +0000)]
make update

21 years agoNew NEWS
Richard Levitte [Thu, 10 Apr 2003 19:33:09 +0000 (19:33 +0000)]
New NEWS

21 years agoRemove all those infernal stupid CR characters
Richard Levitte [Thu, 10 Apr 2003 19:11:32 +0000 (19:11 +0000)]
Remove all those infernal stupid CR characters

21 years agoThere's a problem building shared libraries on the sco5-gcc target. However,
Richard Levitte [Thu, 10 Apr 2003 18:36:31 +0000 (18:36 +0000)]
There's a problem building shared libraries on the sco5-gcc target.  However,
it's time for a release, so I'm just adding an enty in PROBLEMS, and will
hopefully solve this for a later release

21 years agoExplicitely tell the compiler we're mips3 for the target irix-mips3-cc.
Richard Levitte [Thu, 10 Apr 2003 05:46:51 +0000 (05:46 +0000)]
Explicitely tell the compiler we're mips3 for the target irix-mips3-cc.

21 years agoTypo.
Dr. Stephen Henson [Thu, 10 Apr 2003 00:04:02 +0000 (00:04 +0000)]
Typo.

21 years agoInclude rand.h, so RAND_status() and friends get properly declared.
Richard Levitte [Tue, 8 Apr 2003 11:07:05 +0000 (11:07 +0000)]
Include rand.h, so RAND_status() and friends get properly declared.

21 years agoCorrect a few typos.
Richard Levitte [Tue, 8 Apr 2003 09:27:43 +0000 (09:27 +0000)]
Correct a few typos.

It seems that svr3 and svr5 differ, after all.

21 years agoA single quote too many.
Richard Levitte [Tue, 8 Apr 2003 08:58:56 +0000 (08:58 +0000)]
A single quote too many.

21 years agoI forgot to continuation mark.
Richard Levitte [Tue, 8 Apr 2003 08:57:23 +0000 (08:57 +0000)]
I forgot to continuation mark.

21 years agoIt seems like OpenUnix's ld uses LD_LIBRARY_PATH to search for
Richard Levitte [Tue, 8 Apr 2003 08:36:20 +0000 (08:36 +0000)]
It seems like OpenUnix's ld uses LD_LIBRARY_PATH to search for
libraries.  What's worse, the directories given in LD_LIBRARY_PATH are
checked first!  Therefore, we need a hack to prepend all the
directories we give with -L to the current value of LD_LIBRARY_PATH,
thereby temporarly forming a hacked value.

Only copy LIBEXTRAS if they are given.

Svr5 doesn't use -z allextract...

21 years agoFix ordering of compare functions: strncmp() must be used first, a
Lutz Jänicke [Tue, 8 Apr 2003 06:31:36 +0000 (06:31 +0000)]
Fix ordering of compare functions: strncmp() must be used first, a
the cipher name in the list is not guaranteed to be at least "buflen"
long.
PR: 567
Submitted by: "Matt Harren" <matth@cs.berkeley.edu>

21 years agoWe seem to carry some rests of the 0.9.6 [engine] ENGINE framework, here in
Richard Levitte [Tue, 8 Apr 2003 06:01:55 +0000 (06:01 +0000)]
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework, here in
form of unneeded direct calls through the engine pointer..

21 years agoWe seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form
Richard Levitte [Tue, 8 Apr 2003 06:00:05 +0000 (06:00 +0000)]
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form
of unneeded includes of openssl/engine.h.

21 years agoRSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function
Richard Levitte [Mon, 7 Apr 2003 19:15:25 +0000 (19:15 +0000)]
RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function
pointers should be used.  It doesn't necessarely mean it should go through
the ENGINE framework.

21 years agoWhat was I smoking? EVP_PKEY_cmp() should return with 0 if
Richard Levitte [Mon, 7 Apr 2003 10:15:32 +0000 (10:15 +0000)]
What was I smoking?  EVP_PKEY_cmp() should return with 0 if
EVP_PKEY_cmp_parameters() returned 0, otherwise it should
go on processing the public key component.  Thia has nothing
to do with the proper handling of EC parameters or not.

21 years agoCorrect a typo.
Richard Levitte [Mon, 7 Apr 2003 10:09:44 +0000 (10:09 +0000)]
Correct a typo.
Have EVP_PKEY_cmp() call EVP_PKEY_cmp_parameters(), and make a note
about the lack of parameter comparison for EC.

21 years agoConstify
Richard Levitte [Sun, 6 Apr 2003 15:31:18 +0000 (15:31 +0000)]
Constify

21 years agoDo not call ENGINE_setup_bsd_cryptodev() when OPENSSL_NO_ENGINE is defined.
Richard Levitte [Sat, 5 Apr 2003 21:21:26 +0000 (21:21 +0000)]
Do not call ENGINE_setup_bsd_cryptodev() when OPENSSL_NO_ENGINE is defined.
PR: 564

21 years agoConvert save_serial() to work like save_index(), and add a
Richard Levitte [Fri, 4 Apr 2003 15:10:35 +0000 (15:10 +0000)]
Convert save_serial() to work like save_index(), and add a
rotate_serial() that works like rotate_index().

21 years agoAdd documentation on the added functionality in 'openssl ca'.
Richard Levitte [Fri, 4 Apr 2003 14:39:44 +0000 (14:39 +0000)]
Add documentation on the added functionality in 'openssl ca'.

21 years agomake update
Richard Levitte [Fri, 4 Apr 2003 14:19:15 +0000 (14:19 +0000)]
make update

21 years agoThere's no need to check for __attribute__ with ANSI functions, since
Richard Levitte [Fri, 4 Apr 2003 14:19:00 +0000 (14:19 +0000)]
There's no need to check for __attribute__ with ANSI functions, since
we only check to the opening parenthesis anyway...

21 years agoCorrect a lot of printing calls. Remove extra arguments...
Richard Levitte [Thu, 3 Apr 2003 23:39:48 +0000 (23:39 +0000)]
Correct a lot of printing calls.  Remove extra arguments...

21 years agoMake %p and %# work properly, at least with pointers and floats.
Richard Levitte [Thu, 3 Apr 2003 23:35:14 +0000 (23:35 +0000)]
Make %p and %# work properly, at least with pointers and floats.

21 years agoAdd GCC attributes when compiled with gcc. This helps find out if
Richard Levitte [Thu, 3 Apr 2003 23:06:05 +0000 (23:06 +0000)]
Add GCC attributes when compiled with gcc.  This helps find out if
we're using the printing functions correctly or not.

I used the corresponding attributes found in the header files of my
Linux installation.

21 years agoCounter for GCC attributes.
Richard Levitte [Thu, 3 Apr 2003 23:04:48 +0000 (23:04 +0000)]
Counter for GCC attributes.

21 years agoOne more debug line to conditionalise.
Richard Levitte [Thu, 3 Apr 2003 23:01:20 +0000 (23:01 +0000)]
One more debug line to conditionalise.

21 years agoAdd a CA section, to make sure the test will work with the changes in
Richard Levitte [Thu, 3 Apr 2003 22:38:31 +0000 (22:38 +0000)]
Add a CA section, to make sure the test will work with the changes in
CA.sh.

21 years agoImplement self-signing in 'openssl ca'. This makes it easier to have
Richard Levitte [Thu, 3 Apr 2003 22:33:59 +0000 (22:33 +0000)]
Implement self-signing in 'openssl ca'.  This makes it easier to have
the CA certificate part of the CA database, and combined with
'unique_subject=no', it should make operations like CA certificate
roll-over easier.

21 years agoAdd functionality to help making self-signed certificate.
Richard Levitte [Thu, 3 Apr 2003 22:27:24 +0000 (22:27 +0000)]
Add functionality to help making self-signed certificate.