Richard Levitte [Thu, 5 Dec 2002 21:51:57 +0000 (21:51 +0000)]
Merge in relevant changes from the OpenSSL 0.9.6h release.
Richard Levitte [Thu, 5 Dec 2002 21:07:35 +0000 (21:07 +0000)]
SSL_CERT_FILE should be used in place of the system default file, not as
a first alternative to try
Richard Levitte [Thu, 5 Dec 2002 20:50:52 +0000 (20:50 +0000)]
Corrected DJGPP patch
Richard Levitte [Thu, 5 Dec 2002 10:17:08 +0000 (10:17 +0000)]
Make sure to implement the cryptodev engine only when /dev/crypto exists.
PR: 385
Richard Levitte [Thu, 5 Dec 2002 01:55:24 +0000 (01:55 +0000)]
make update
Richard Levitte [Thu, 5 Dec 2002 01:35:09 +0000 (01:35 +0000)]
Allow users to modify /MD to /MT.
PR: 380
Richard Levitte [Thu, 5 Dec 2002 01:20:59 +0000 (01:20 +0000)]
Make sure using SSL_CERT_FILE actually works, and has priority over system defaults.
PR: 376
Richard Levitte [Thu, 5 Dec 2002 00:57:20 +0000 (00:57 +0000)]
If an application supports static locks, it MUST support dynamic locks as
well to be able to use the CHIL engine.
PR: 281
Richard Levitte [Thu, 5 Dec 2002 00:04:40 +0000 (00:04 +0000)]
Only check for a result buffer if the allocated string is a prompt string.
PR: 381
Richard Levitte [Wed, 4 Dec 2002 22:54:13 +0000 (22:54 +0000)]
Do not implement RC4 stuff if RC4 is disabled. Concequently, apply the same
rule for SHA stuff.
PR: 381
Richard Levitte [Wed, 4 Dec 2002 22:48:10 +0000 (22:48 +0000)]
gethostname() is more a BSD feature than an XOPEN one.
PR: 379
Richard Levitte [Wed, 4 Dec 2002 19:13:49 +0000 (19:13 +0000)]
Correct a few typos that I introduced after applying DJGPP patches.
Lutz Jänicke [Wed, 4 Dec 2002 13:29:14 +0000 (13:29 +0000)]
Missing "("
Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com>
Reviewed by:
PR:
Richard Levitte [Wed, 4 Dec 2002 09:54:31 +0000 (09:54 +0000)]
DJGPP patches.
PR: 347
Richard Levitte [Wed, 4 Dec 2002 09:17:54 +0000 (09:17 +0000)]
Add support for x86_64.
PR: 348
Richard Levitte [Wed, 4 Dec 2002 08:24:28 +0000 (08:24 +0000)]
A gcc 3.0 bug is triggered by our code. Add a section about it in PROBLEMS.
PR: 375
Dr. Stephen Henson [Wed, 4 Dec 2002 00:50:20 +0000 (00:50 +0000)]
Make ASN1_TYPE_get() work for V_ASN1_NULL type.
Dr. Stephen Henson [Wed, 4 Dec 2002 00:14:00 +0000 (00:14 +0000)]
Typo in X509v3_get_ext_by_critical
Dr. Stephen Henson [Tue, 3 Dec 2002 23:49:12 +0000 (23:49 +0000)]
In asn1_d2i_read_bio, don't assume BIO_read will
return the requested number of bytes when reading
content.
Richard Levitte [Tue, 3 Dec 2002 16:34:28 +0000 (16:34 +0000)]
EXIT() may mean return(). That's confusing, so let's have it really mean
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)
Richard Levitte [Tue, 3 Dec 2002 16:07:03 +0000 (16:07 +0000)]
Make CRYPTO_cleanse() independent of endianness.
Richard Levitte [Tue, 3 Dec 2002 14:21:32 +0000 (14:21 +0000)]
Windows CE updates, contributed by Steven Reddie <smr@essemer.com.au>
Richard Levitte [Mon, 2 Dec 2002 22:56:43 +0000 (22:56 +0000)]
Merge from HEAD
Richard Levitte [Mon, 2 Dec 2002 22:49:12 +0000 (22:49 +0000)]
define USE_SOCKETS so sys/param.h gets included (and thusly, MAXHOSTNAMELEN
gets defined).
PR: 371
Richard Levitte [Mon, 2 Dec 2002 02:40:42 +0000 (02:40 +0000)]
Merge from HEAD
Richard Levitte [Sun, 1 Dec 2002 02:17:30 +0000 (02:17 +0000)]
Small bugfix: even when r == d, we need to adjust r and q.
PR: 366
Richard Levitte [Sun, 1 Dec 2002 01:23:39 +0000 (01:23 +0000)]
EXIT() needs to be in a function that returns int.
Richard Levitte [Sun, 1 Dec 2002 00:49:45 +0000 (00:49 +0000)]
Redo the VAX assembler version of bn_div_words().
PR: 366
Richard Levitte [Fri, 29 Nov 2002 15:18:28 +0000 (15:18 +0000)]
Remove incorrect assert.
PR: 360
Richard Levitte [Fri, 29 Nov 2002 15:01:12 +0000 (15:01 +0000)]
Make it so all names mentioned in the NAME section of each manpage becomes a
symlink to said manpage.
PR: 242
cvs2svn [Fri, 29 Nov 2002 15:01:01 +0000 (15:01 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_7-stable'.
Richard Levitte [Fri, 29 Nov 2002 15:00:58 +0000 (15:00 +0000)]
Make it so all names mentioned in the NAME section of each manpage becomes a
symlink to said manpage.
PR: 242
Richard Levitte [Fri, 29 Nov 2002 14:22:05 +0000 (14:22 +0000)]
Correct some names.
Richard Levitte [Fri, 29 Nov 2002 14:21:54 +0000 (14:21 +0000)]
Correct some names.
Richard Levitte [Fri, 29 Nov 2002 11:31:51 +0000 (11:31 +0000)]
A few more memset()s converted to OPENSSL_cleanse().
I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343
Richard Levitte [Fri, 29 Nov 2002 11:30:45 +0000 (11:30 +0000)]
A few more memset()s converted to OPENSSL_cleanse().
I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343
Richard Levitte [Thu, 28 Nov 2002 18:57:30 +0000 (18:57 +0000)]
Have all tests use EXIT() to exit rather than exit(), since the latter doesn't
always give the expected result on some platforms.
Richard Levitte [Thu, 28 Nov 2002 18:54:30 +0000 (18:54 +0000)]
Have all tests use EXIT() to exit rather than exit(), since the latter doesn't
always give the expected result on some platforms.
Richard Levitte [Thu, 28 Nov 2002 18:52:24 +0000 (18:52 +0000)]
Make sure EXIT() can always be used as one statement.
Richard Levitte [Thu, 28 Nov 2002 18:52:14 +0000 (18:52 +0000)]
Make sure EXIT() can always be used as one statement.
Richard Levitte [Thu, 28 Nov 2002 08:09:03 +0000 (08:09 +0000)]
Cleanse memory using the new OPENSSL_cleanse() function.
I've covered all the memset()s I felt safe modifying, but may have missed some.
Richard Levitte [Thu, 28 Nov 2002 08:04:36 +0000 (08:04 +0000)]
Cleanse memory using the new OPENSSL_cleanse() function.
I've covered all the memset()s I felt safe modifying, but may have missed some.
Richard Levitte [Wed, 27 Nov 2002 13:40:41 +0000 (13:40 +0000)]
Unused variable removed.
Richard Levitte [Wed, 27 Nov 2002 13:40:11 +0000 (13:40 +0000)]
Extra ; removed.
Richard Levitte [Wed, 27 Nov 2002 12:25:52 +0000 (12:25 +0000)]
Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler
and linker optimizations.
PR: 343
cvs2svn [Wed, 27 Nov 2002 12:24:10 +0000 (12:24 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_7-stable'.
Richard Levitte [Wed, 27 Nov 2002 12:24:05 +0000 (12:24 +0000)]
Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler
and linker optimizations.
PR: 343
Richard Levitte [Tue, 26 Nov 2002 15:27:05 +0000 (15:27 +0000)]
I forgot that @ in strings must be escaped in Perl
Richard Levitte [Tue, 26 Nov 2002 15:26:55 +0000 (15:26 +0000)]
I forgot that @ in strings must be escaped in Perl
Richard Levitte [Tue, 26 Nov 2002 11:14:45 +0000 (11:14 +0000)]
The logic in the main signing and verifying functions to check lengths was
incorrect. Fortunately, there is a second check that's correct, when adding
the pads.
PR: 355
Richard Levitte [Tue, 26 Nov 2002 11:14:32 +0000 (11:14 +0000)]
The logic in the main signing and verifying functions to check lengths was
incorrect. Fortunately, there is a second check that's correct, when adding
the pads.
PR: 355
Richard Levitte [Tue, 26 Nov 2002 10:11:58 +0000 (10:11 +0000)]
Heimdal isn't really supported right now. Say so, and offer a possibility
to force the use of Heimdal, and warn if that's used.
PR: 346
Richard Levitte [Tue, 26 Nov 2002 10:11:25 +0000 (10:11 +0000)]
Heimdal isn't really supported right now. Say so, and offer a possibility
to force the use of Heimdal, and warn if that's used.
PR: 346
Richard Levitte [Tue, 26 Nov 2002 10:09:36 +0000 (10:09 +0000)]
Small bugfixes to the KSSL implementation.
PR: 349
Richard Levitte [Tue, 26 Nov 2002 10:09:28 +0000 (10:09 +0000)]
Small bugfixes to the KSSL implementation.
PR: 349
Richard Levitte [Tue, 26 Nov 2002 09:19:17 +0000 (09:19 +0000)]
Heimdal isn't really supported right now. Say so, and offer a possibility
to force the use of Heimdal, and warn if that's used.
PR: 346
Richard Levitte [Tue, 26 Nov 2002 09:19:06 +0000 (09:19 +0000)]
Heimdal isn't really supported right now. Say so, and offer a possibility
to force the use of Heimdal, and warn if that's used.
PR: 346
Bodo Möller [Sat, 23 Nov 2002 18:16:09 +0000 (18:16 +0000)]
rename some functions to improve consistency
Submitted by: Sheueling Chang
Bodo Möller [Fri, 22 Nov 2002 09:25:35 +0000 (09:25 +0000)]
add a comment
Richard Levitte [Fri, 22 Nov 2002 08:45:20 +0000 (08:45 +0000)]
Disable this module if OPENSSL_NO_SOCK is defined.
Richard Levitte [Fri, 22 Nov 2002 08:40:34 +0000 (08:40 +0000)]
Typo. OPENSSL_NO_ECDH, not NO_OPENSSL_ECDH
Richard Levitte [Thu, 21 Nov 2002 22:39:25 +0000 (22:39 +0000)]
Mention a current showstopper
Richard Levitte [Thu, 21 Nov 2002 22:39:08 +0000 (22:39 +0000)]
Mention a current showstopper
Bodo Möller [Wed, 20 Nov 2002 14:14:45 +0000 (14:14 +0000)]
avoid uninitialized memory read
Submitted by: Nils Larsch
Bodo Möller [Wed, 20 Nov 2002 10:55:27 +0000 (10:55 +0000)]
avoid uninitialized memory read
Submitted by: Nils Larsch
Bodo Möller [Wed, 20 Nov 2002 10:53:33 +0000 (10:53 +0000)]
Make ec_GFp_simple_point_get_affine_coordinates() faster
for Montgomery representations.
Submitted by: Sheueling Chang, Bodo Moeller
Lutz Jänicke [Wed, 20 Nov 2002 10:48:58 +0000 (10:48 +0000)]
Fix bug introduced by the attempt to fix client side external session
caching (#288): now internal caching failed (#351):
Make sure, that cipher_id is set before comparing.
Submitted by:
Reviewed by:
PR: 288 (and 351)
Lutz Jänicke [Wed, 20 Nov 2002 10:46:35 +0000 (10:46 +0000)]
Fix bug introduced by the attempt to fix client side external session
caching (#288): now internal caching failed (#351):
Make sure, that cipher_id is set before comparing.
Submitted by:
Reviewed by:
PR: 288 (and 351)
Bodo Möller [Tue, 19 Nov 2002 11:56:05 +0000 (11:56 +0000)]
allocate bio_err before memory debugging is enabled to avoid memory leaks
(we can't release it before the CRYPTO_mem_leaks() call!)
Submitted by: Nils Larsch
Bodo Möller [Tue, 19 Nov 2002 11:55:47 +0000 (11:55 +0000)]
allocate bio_err before memory debugging is enabled to avoid memory leaks
(we can't release it before the CRYPTO_mem_leaks() call!)
Submitted by: Nils Larsch
Richard Levitte [Tue, 19 Nov 2002 11:52:24 +0000 (11:52 +0000)]
It works on my laptop :-).
Richard Levitte [Tue, 19 Nov 2002 11:40:14 +0000 (11:40 +0000)]
make update
Richard Levitte [Tue, 19 Nov 2002 11:37:03 +0000 (11:37 +0000)]
We now work with the development of 0.9.7 beta 5.
Richard Levitte [Tue, 19 Nov 2002 11:28:28 +0000 (11:28 +0000)]
Fix an unsigned/signed mismatch.
Richard Levitte [Tue, 19 Nov 2002 09:34:38 +0000 (09:34 +0000)]
Update STATUS
Richard Levitte [Tue, 19 Nov 2002 09:34:34 +0000 (09:34 +0000)]
Update STATUS
Richard Levitte [Tue, 19 Nov 2002 09:34:29 +0000 (09:34 +0000)]
Time to release 0.9.7-beta4.
The tag will be OpenSSL_0_9_7-beta4
Richard Levitte [Tue, 19 Nov 2002 08:55:06 +0000 (08:55 +0000)]
make update
Richard Levitte [Mon, 18 Nov 2002 23:58:33 +0000 (23:58 +0000)]
Add news items for 0.9.6h and expand on the 0.9.7 news as well.
Richard Levitte [Mon, 18 Nov 2002 23:58:24 +0000 (23:58 +0000)]
Add news items for 0.9.6h and expand on the 0.9.7 news as well.
Richard Levitte [Mon, 18 Nov 2002 23:56:15 +0000 (23:56 +0000)]
Document the addition of certificate pairs.
Richard Levitte [Mon, 18 Nov 2002 23:54:27 +0000 (23:54 +0000)]
Add the ASN.1 structures and functions for CertificatePair, which is
defined as follows (according to X.509_4thEditionDraftV6.pdf):
CertificatePair ::= SEQUENCE {
forward [0] Certificate OPTIONAL,
reverse [1] Certificate OPTIONAL,
-- at least one of the pair shall be present -- }
The only thing I'm not sure about is if it's implicit or explicit tags
that I should count on. For now, I'm thinking explicit, but will
gladly stand corrected.
Also implement the PEM functions to read and write certificate pairs,
and defined the PEM tag as "CERTIFICATE PAIR".
This needed to be defined, mostly for the sake of the LDAP attribute
crossCertificatePair, but may prove useful elsewhere as well.
Richard Levitte [Mon, 18 Nov 2002 23:06:46 +0000 (23:06 +0000)]
Determine HZ exactly as in apps/speed.c.
Richard Levitte [Mon, 18 Nov 2002 23:06:36 +0000 (23:06 +0000)]
Determine HZ exactly as in apps/speed.c.
Richard Levitte [Mon, 18 Nov 2002 23:05:50 +0000 (23:05 +0000)]
Make sure sysconf exists (it doesn't in the VMS C RTL lesser than version 7).
Richard Levitte [Mon, 18 Nov 2002 23:05:39 +0000 (23:05 +0000)]
Make sure sysconf exists (it doesn't in the VMS C RTL lesser than version 7).
Bodo Möller [Mon, 18 Nov 2002 14:37:35 +0000 (14:37 +0000)]
remove redundant functions
Bodo Möller [Mon, 18 Nov 2002 14:33:39 +0000 (14:33 +0000)]
use consistent order of function definitions
Bodo Möller [Mon, 18 Nov 2002 14:01:24 +0000 (14:01 +0000)]
fix memory leak in memory debuggin code ...
Submitted by: Nils Larsch
Bodo Möller [Mon, 18 Nov 2002 14:00:42 +0000 (14:00 +0000)]
fix memory leak in memory debuggin code ...
Submitted by: Nils Larsch
Bodo Möller [Mon, 18 Nov 2002 13:38:30 +0000 (13:38 +0000)]
allocate bio_err before memory debugging is enabled to avoid memory leaks
(we can't release it before the CRYPTO_mem_leaks() call!)
Submitted by: Nils Larsch
Bodo Möller [Mon, 18 Nov 2002 13:37:40 +0000 (13:37 +0000)]
allocate bio_err before memory debugging is enabled to avoid memory leaks
(we can't release it before the CRYPTO_mem_leaks() call!)
Submitted by: Nils Larsch
Richard Levitte [Mon, 18 Nov 2002 13:04:29 +0000 (13:04 +0000)]
A variable of type time_t is supposed to be a time measurement starting at
Epoch. offset isn't such a measurement, so let's stop pretend it is.
Richard Levitte [Mon, 18 Nov 2002 13:04:08 +0000 (13:04 +0000)]
A variable of type time_t is supposed to be a time measurement starting at
Epoch. offset isn't such a measurement, so let's stop pretend it is.
Lutz Jänicke [Mon, 18 Nov 2002 08:15:45 +0000 (08:15 +0000)]
Better workaround to the "=head1 NAME OPTIONS" pod2latex problem:
NAME OPTIONS are a subset of OPTIONS, so just make it =head2!
Submitted by:
Reviewed by:
PR: 333
Lutz Jänicke [Mon, 18 Nov 2002 08:14:20 +0000 (08:14 +0000)]
Better workaround to the "=head1 NAME OPTIONS" pod2latex problem:
NAME OPTIONS are a subset of OPTIONS, so just make it =head2!
Submitted by:
Reviewed by:
PR: 333
Richard Levitte [Sun, 17 Nov 2002 19:48:34 +0000 (19:48 +0000)]
Make it possible to build for more than one CPU.
Clarify what the CE tests do.
Richard Levitte [Sun, 17 Nov 2002 19:48:19 +0000 (19:48 +0000)]
Make it possible to build for more than one CPU.
Clarify what the CE tests do.
Richard Levitte [Sun, 17 Nov 2002 08:07:12 +0000 (08:07 +0000)]
Ignore openssl.pc. This way, there's no risk that I'll add it again :-).
Richard Levitte [Sun, 17 Nov 2002 08:07:08 +0000 (08:07 +0000)]
Ignore openssl.pc. This way, there's no risk that I'll add it again :-).