Richard Levitte [Wed, 29 May 2002 08:31:45 +0000 (08:31 +0000)]
There is a chance that the input string is larger than size, and on VMS,
this wasn't checked and could possibly be exploitable (slim chance, but still)
Lutz Jänicke [Tue, 28 May 2002 17:48:12 +0000 (17:48 +0000)]
Remove item listed twice <kromJx@crosswinds.net>.
Submitted by:
Reviewed by:
PR:
Ulf Möller [Mon, 27 May 2002 19:54:41 +0000 (19:54 +0000)]
as in main branch
Bodo Möller [Fri, 24 May 2002 20:41:07 +0000 (20:41 +0000)]
Change as in main branch:
Use assembler implementations with Cygwin.
This also fixes the bn_sub_part_word problem.
Richard Levitte [Thu, 23 May 2002 23:32:30 +0000 (23:32 +0000)]
Recover from errors
Richard Levitte [Thu, 23 May 2002 15:27:21 +0000 (15:27 +0000)]
Avoid loops when linking doesn't work
Richard Levitte [Thu, 23 May 2002 15:25:27 +0000 (15:25 +0000)]
Forgot this file.
Richard Levitte [Wed, 22 May 2002 11:37:02 +0000 (11:37 +0000)]
Allow the use of the TCP/IP stack keyword TCPIP and NONE
Richard Levitte [Wed, 22 May 2002 11:35:41 +0000 (11:35 +0000)]
Use OPENSSL_SYS_VMS instead of just VMS
Richard Levitte [Wed, 22 May 2002 07:58:02 +0000 (07:58 +0000)]
Update copyright years.
This has already been applied in the main branch.
Richard Levitte [Wed, 22 May 2002 07:56:38 +0000 (07:56 +0000)]
Use 0 instead of NULL when casting to function pointers, to avoid
warnings from compilers when NULL is defined as '((void *)0)'.
This has already been applied in the main branch.
Richard Levitte [Wed, 22 May 2002 07:55:03 +0000 (07:55 +0000)]
Remove warnings about uninitialised variables.
This has already been applied in the main branch.
Richard Levitte [Wed, 22 May 2002 07:53:53 +0000 (07:53 +0000)]
Remove warnings about unused symbols when configured with no-rsa.
Richard Levitte [Wed, 22 May 2002 07:49:37 +0000 (07:49 +0000)]
This file was removed long ago. Why it's still in this branch is a
mystery to me.
Bodo Möller [Tue, 21 May 2002 09:00:54 +0000 (09:00 +0000)]
accept NULL in 'free' functions
Dr. Stephen Henson [Sun, 19 May 2002 16:32:21 +0000 (16:32 +0000)]
Reorganise -subj option code, fix buffer overrun.
Dr. Stephen Henson [Sun, 19 May 2002 12:00:46 +0000 (12:00 +0000)]
Fix Mingw32 asm build: use the Unix
bignum assembly method of bn-586.pl
and co-586.pl which (for some reason)
VC++ doesn't use.
Dr. Stephen Henson [Sat, 18 May 2002 23:42:20 +0000 (23:42 +0000)]
Add missing EVP_CIPHER_CTX_init call.
Lutz Jänicke [Thu, 16 May 2002 17:44:50 +0000 (17:44 +0000)]
Fix incorrect =over 4 location.
Submitted by: David Waitzman <djw@bbn.com>
Reviewed by: Lutz Jaenicke
PR: [openssl.org #38]
Bodo Möller [Thu, 16 May 2002 12:53:34 +0000 (12:53 +0000)]
fix EVP_dsa_sha macro
Submitted by: Nils Larsch
Lutz Jänicke [Thu, 16 May 2002 10:00:16 +0000 (10:00 +0000)]
Use the indirect way to the actual request tracker, so that people
also are informed about the credentials required for guest access
and the operation instructions.
Submitted by:
Reviewed by:
PR:
Bodo Möller [Thu, 16 May 2002 09:31:27 +0000 (09:31 +0000)]
update
Dr. Stephen Henson [Wed, 15 May 2002 18:23:07 +0000 (18:23 +0000)]
Oops, forgot CHANGES entry and description:
Allow reuse of cipher contexts by removing
automatic cleanup in EVP_*Final().
Dr. Stephen Henson [Wed, 15 May 2002 17:52:19 +0000 (17:52 +0000)]
Zero cipher_data in EVP_CIPHER_CTX_cleanup
Add cleanup calls to evp_test.c
Bodo Möller [Tue, 14 May 2002 19:03:12 +0000 (19:03 +0000)]
make b_print.c consistent with the rest of OpenSSL:
disable assert() except for debug builds
Bodo Möller [Tue, 14 May 2002 17:19:26 +0000 (17:19 +0000)]
apply mingw32 patches from main branch
Lutz Jänicke [Sun, 12 May 2002 20:36:49 +0000 (20:36 +0000)]
Add missing '"'
Submitted by: Boyd Gerber <gerberb@zenez.com>
Reviewed by:
PR:
Lutz Jänicke [Sun, 12 May 2002 19:44:19 +0000 (19:44 +0000)]
Recognize PPC64 target.
Submitted by:
Reviewed by:
PR: 26
Dr. Stephen Henson [Sat, 11 May 2002 17:33:01 +0000 (17:33 +0000)]
EVP_SealFinal should return a value.
Dr. Stephen Henson [Sat, 11 May 2002 12:42:23 +0000 (12:42 +0000)]
closedir is not used on Win32.
Dr. Stephen Henson [Fri, 10 May 2002 22:57:29 +0000 (22:57 +0000)]
Add config entry debug-steve-linux-pseudo64. This sets the
SIXTY_FOUR bignum library option to use 64 bit operations
on the 32 bit linux platform.
This is very inefficient but it can be used to test some
of the 64 bit logic on a 32 bit platform.
Dr. Stephen Henson [Fri, 10 May 2002 22:22:55 +0000 (22:22 +0000)]
Fallback to normal multiply if n2 == 8 and dna or dnb is not zero
in bn_mul_recursive.
This is (hopefully) what was triggering bignum errors on 64 bit
platforms and causing the BN_mod_mul test to fail.
Dr. Stephen Henson [Fri, 10 May 2002 22:08:22 +0000 (22:08 +0000)]
Avoid gcc warning: BN_DEC_CONV when SIXTY_FOUR_BIT is defined is unsigned.
Richard Levitte [Thu, 9 May 2002 23:53:35 +0000 (23:53 +0000)]
Updating status for 0.9.6d
Richard Levitte [Thu, 9 May 2002 23:41:51 +0000 (23:41 +0000)]
Synchronise the FAQ
Richard Levitte [Thu, 9 May 2002 20:14:50 +0000 (20:14 +0000)]
Make the huge buffer smaller, so the size becomes reasonable for small-stack environments.
Notified by Verdon Walker <VWalker@novell.com>
Richard Levitte [Thu, 9 May 2002 18:27:56 +0000 (18:27 +0000)]
One place where VMS wasn't changed to OPENSSL_SYS_VMS...
Richard Levitte [Thu, 9 May 2002 18:19:45 +0000 (18:19 +0000)]
Move an assert() to avoid core dumps when a static buffer hasn't been given.
Notified by Verdon Walker <VWalker@novell.com>
Richard Levitte [Wed, 8 May 2002 15:20:33 +0000 (15:20 +0000)]
Small documentation fix for EVP_CipherFinal or EVP_CipherFinal_ex.
Notified by Stella Power <snpower@maths.tcd.ie>.
PR: 24
Ben Laurie [Wed, 8 May 2002 15:13:24 +0000 (15:13 +0000)]
Fix warning.
Richard Levitte [Wed, 8 May 2002 15:12:49 +0000 (15:12 +0000)]
Generate an error if rewinding wasn't possible.
Notified by Ken Hirsch <kenhirsch@myself.com>.
PR: 23
Lutz Jänicke [Tue, 7 May 2002 15:35:09 +0000 (15:35 +0000)]
Add missing ";" after fi
Submitted by: bryanh@giraffe-data.com
Reviewed by:
PR: [openssl.org #18]
Bodo Möller [Tue, 7 May 2002 08:36:01 +0000 (08:36 +0000)]
Fix ciphersuite list to enforce low priority for RC4.
Bodo Möller [Tue, 7 May 2002 07:59:05 +0000 (07:59 +0000)]
ensure that, for each strength, RC4 ciphers have least preference
in the default ciphersuite list
Bodo Möller [Tue, 7 May 2002 07:56:09 +0000 (07:56 +0000)]
refer to latest draft for AES ciphersuites
Bodo Möller [Mon, 6 May 2002 10:44:08 +0000 (10:44 +0000)]
fix warning
Bodo Möller [Sun, 5 May 2002 23:48:51 +0000 (23:48 +0000)]
update
Bodo Möller [Sun, 5 May 2002 23:47:09 +0000 (23:47 +0000)]
disable AES ciphersuites unless explicitly requested
Bodo Möller [Sun, 5 May 2002 23:01:02 +0000 (23:01 +0000)]
fix casts
Richard Levitte [Thu, 2 May 2002 08:05:52 +0000 (08:05 +0000)]
Make sure that date is run under the C locale, so dates are given in the
default format.
PR: 16
Dr. Stephen Henson [Wed, 1 May 2002 20:06:24 +0000 (20:06 +0000)]
Add apps_startup and bio_err init code to smime.c
Lutz Jänicke [Tue, 30 Apr 2002 12:10:10 +0000 (12:10 +0000)]
Fix escaping when using the -subj option of "openssl req", document
'hidden' -nameopt support. (Robert Joop <joop@fokus.gmd.de>)
Submitted by:
Reviewed by:
PR: #2
Lutz Jänicke [Mon, 29 Apr 2002 16:02:38 +0000 (16:02 +0000)]
Add information about -nameopt option for x509.
Submitted by:
Reviewed by:
PR:
Bodo Möller [Mon, 29 Apr 2002 11:03:38 +0000 (11:03 +0000)]
undo nonsense patch (r *is* signed or we have signedness mismatches elsewhere)
Richard Levitte [Mon, 29 Apr 2002 10:30:34 +0000 (10:30 +0000)]
Fix unsigned vs. signed clash
Bodo Möller [Fri, 26 Apr 2002 08:29:18 +0000 (08:29 +0000)]
Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
encoded as NULL) with id-dsa-with-sha1.
Submitted by: Nils Larsch
Lutz Jänicke [Thu, 25 Apr 2002 18:00:13 +0000 (18:00 +0000)]
Added generationQualifier OID (proposed by Fiel Cabral).
Submitted by:
Reviewed by:
PR:
Richard Levitte [Thu, 25 Apr 2002 10:11:08 +0000 (10:11 +0000)]
Potential memory leak removed. Notified by <threaded@totalise.co.uk>
Bodo Möller [Thu, 25 Apr 2002 07:51:51 +0000 (07:51 +0000)]
new items for 0.9.7
Bodo Möller [Thu, 25 Apr 2002 07:46:55 +0000 (07:46 +0000)]
oops
Bodo Möller [Thu, 25 Apr 2002 06:29:31 +0000 (06:29 +0000)]
AlgorithmIdentifier bugs
Bodo Möller [Tue, 23 Apr 2002 13:55:56 +0000 (13:55 +0000)]
fix usage (no 'key')
Richard Levitte [Tue, 23 Apr 2002 13:15:27 +0000 (13:15 +0000)]
Uhmmm, if we use && after having tested for the presence of the certificate,
we just *might* stand a certain chance of actually getting it written
to file...
Lutz Jänicke [Mon, 22 Apr 2002 13:55:37 +0000 (13:55 +0000)]
ERR_file_name is no longer being used.
Submitted by:
Reviewed by:
PR:
Lutz Jänicke [Sun, 21 Apr 2002 17:54:53 +0000 (17:54 +0000)]
Add cygwin build script (Corinna Vinschen <vinschen@redhat.com>).
Submitted by:
Reviewed by:
PR:
cvs2svn [Sun, 21 Apr 2002 17:54:06 +0000 (17:54 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_7-stable'.
Lutz Jänicke [Sun, 21 Apr 2002 17:54:03 +0000 (17:54 +0000)]
Add cygwin build script (Corinna Vinschen <vinschen@redhat.com>).
Richard Levitte [Sat, 20 Apr 2002 10:25:19 +0000 (10:25 +0000)]
Make sure ec is properly handled in Windows.
Richard Levitte [Sat, 20 Apr 2002 10:23:56 +0000 (10:23 +0000)]
Make sure ec and ecdsa is properly handled in Windows.
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
Richard Levitte [Sat, 20 Apr 2002 10:23:19 +0000 (10:23 +0000)]
Signedness mismatch.
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
Richard Levitte [Sat, 20 Apr 2002 10:22:42 +0000 (10:22 +0000)]
The callback must have (void) as argument list.
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
Richard Levitte [Sat, 20 Apr 2002 10:22:01 +0000 (10:22 +0000)]
No point constifying an int.
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
Richard Levitte [Sat, 20 Apr 2002 10:19:20 +0000 (10:19 +0000)]
Do not free p if it hasn't been used yet.
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
Richard Levitte [Thu, 18 Apr 2002 16:20:21 +0000 (16:20 +0000)]
Make sure the opened directory is closed on exit.
Notified by Lorinczy Zsigmond <lzsiga@mail.ahiv.hu>
Richard Levitte [Thu, 18 Apr 2002 16:20:13 +0000 (16:20 +0000)]
Make sure the opened directory is closed on exit.
Notified by Lorinczy Zsigmond <lzsiga@mail.ahiv.hu>
Lutz Jänicke [Thu, 18 Apr 2002 12:47:50 +0000 (12:47 +0000)]
Missing "Configure" entry (Jean-Marc Desperrier <jean-marc.desperrier@certplus.com>).
Lutz Jänicke [Thu, 18 Apr 2002 12:46:41 +0000 (12:46 +0000)]
Missing "Configure" entry (Jean-Marc Desperrier <jean-marc.desperrier@certplus.com>).
Submitted by:
Reviewed by:
PR:
Lutz Jänicke [Thu, 18 Apr 2002 11:54:06 +0000 (11:54 +0000)]
Optimize: better shortcut evaluation ("Howard Chu" <hyc@highlandsun.com>).
Lutz Jänicke [Thu, 18 Apr 2002 11:53:35 +0000 (11:53 +0000)]
Optimize: better shortcut evaluation ("Howard Chu" <hyc@highlandsun.com>).
Submitted by:
Reviewed by:
PR:
Lutz Jänicke [Thu, 18 Apr 2002 08:11:31 +0000 (08:11 +0000)]
Handle headings uniformly to allow automatic processing.
Lutz Jänicke [Thu, 18 Apr 2002 08:09:59 +0000 (08:09 +0000)]
Handle headings uniformly to allow automatic processing.
Submitted by:
Reviewed by:
PR:
Bodo Möller [Wed, 17 Apr 2002 11:35:52 +0000 (11:35 +0000)]
'version' is not optional in the encoding
Submitted by: Nils Larsch
Bodo Möller [Wed, 17 Apr 2002 11:31:20 +0000 (11:31 +0000)]
'version' is not optional in the encoding
Submitted by: Nils Larsch
Bodo Möller [Wed, 17 Apr 2002 09:31:34 +0000 (09:31 +0000)]
check return values
Submitted by: Nils Larsch
Bodo Möller [Wed, 17 Apr 2002 09:31:02 +0000 (09:31 +0000)]
check return values
Submitted by: Nils Larsch
Bodo Möller [Mon, 15 Apr 2002 15:29:43 +0000 (15:29 +0000)]
get rid of some assignments that have become obsolete
Lutz Jänicke [Mon, 15 Apr 2002 14:18:30 +0000 (14:18 +0000)]
Document OID changes.
Lutz Jänicke [Mon, 15 Apr 2002 14:17:20 +0000 (14:17 +0000)]
Document OID changes.
Submitted by:
Reviewed by:
PR:
Lutz Jänicke [Mon, 15 Apr 2002 13:30:41 +0000 (13:30 +0000)]
Use the "mail" short name according to RFC2798 (Michael Bell
<michael.bell@rz.hu-berlin.de>).
Lutz Jänicke [Mon, 15 Apr 2002 13:28:53 +0000 (13:28 +0000)]
Use the "mail" short name according to RFC2798 (Michael Bell
<michael.bell@rz.hu-berlin.de>).
Submitted by:
Reviewed by:
PR:
Lutz Jänicke [Mon, 15 Apr 2002 10:41:38 +0000 (10:41 +0000)]
Some more OID enhancements.
Lutz Jänicke [Mon, 15 Apr 2002 10:38:37 +0000 (10:38 +0000)]
Some more OID enhancements.
Submitted by:
Reviewed by:
PR:
Lutz Jänicke [Mon, 15 Apr 2002 09:55:40 +0000 (09:55 +0000)]
Fix CRLF problem in BASE64 decode.
Lutz Jänicke [Mon, 15 Apr 2002 09:53:47 +0000 (09:53 +0000)]
Fix CRLF problem in BASE64 decode.
Submitted by:
Reviewed by:
PR:
Bodo Möller [Sun, 14 Apr 2002 13:28:41 +0000 (13:28 +0000)]
remove disabled code
Bodo Möller [Sun, 14 Apr 2002 13:28:17 +0000 (13:28 +0000)]
remove disabled code
Bodo Möller [Sun, 14 Apr 2002 13:05:15 +0000 (13:05 +0000)]
fix length field we create when converting SSL 2.0 format into SSL 3.0/TLS 1.0 format
(the bug was introduced with message callback support)
Bodo Möller [Sun, 14 Apr 2002 13:04:58 +0000 (13:04 +0000)]
fix length field we create when converting SSL 2.0 format into SSL 3.0/TLS 1.0 format
(the bug was introduced with message callback support)
Bodo Möller [Sat, 13 Apr 2002 22:51:26 +0000 (22:51 +0000)]
Implement known-IV countermeasure.
Fix length checks in ssl3_get_client_hello().
Use s->s3->in_read_app_data differently to fix ssl3_read_internal().
Bodo Möller [Sat, 13 Apr 2002 22:47:20 +0000 (22:47 +0000)]
Implement known-IV countermeasure.
Fix length checks in ssl3_get_client_hello().
Use s->s3->in_read_app_data differently to fix ssl3_read_internal().