Bodo Möller [Thu, 12 Apr 2001 12:01:47 +0000 (12:01 +0000)]
update from 0.9.6a
Lutz Jänicke [Thu, 12 Apr 2001 11:45:42 +0000 (11:45 +0000)]
Typo (Jun-ichiro itojun Hagino <itojun@iijlab.net>)
Richard Levitte [Wed, 11 Apr 2001 14:14:54 +0000 (14:14 +0000)]
Correct typo.
Richard Levitte [Wed, 11 Apr 2001 14:11:55 +0000 (14:11 +0000)]
Add -keyform.
Richard Levitte [Wed, 11 Apr 2001 13:04:20 +0000 (13:04 +0000)]
Show an example of moving the emailAddress object from the subkect DN
to subjectAltName when signing a certificate.
Richard Levitte [Wed, 11 Apr 2001 12:55:06 +0000 (12:55 +0000)]
Make it possible to move the emailAddress object to the subjectAltName
extension instead of just copying it. That makes a certificate comply
even more with PKIX recommendations according to RFC 2459.
Bodo Möller [Wed, 11 Apr 2001 10:35:38 +0000 (10:35 +0000)]
Add information on 0.9.6a (in a form such that the list can be
verified by looking at 'diff -u ../openssl-0.9.6a/CHANGES CHANGES')
Richard Levitte [Wed, 11 Apr 2001 10:06:02 +0000 (10:06 +0000)]
NetBSD and OpenBSD use TOD as well
Bodo Möller [Tue, 10 Apr 2001 07:59:43 +0000 (07:59 +0000)]
Mention automatically queried EGD sockets (OpenSSL 0.9.7).
0.9.5 is obsolete, so we don't have to discuss its 'openssl rsa'
seeding bug.
Lutz Jänicke [Mon, 9 Apr 2001 16:01:38 +0000 (16:01 +0000)]
Some clarifications about $RANDFILE usage.
Lutz Jänicke [Mon, 9 Apr 2001 15:55:58 +0000 (15:55 +0000)]
OpenSSH 1.2.2p1 is dead and gone. Errors detecting the OpenSSL library
are however still common and are solved by checking config.log.
Richard Levitte [Mon, 9 Apr 2001 14:17:26 +0000 (14:17 +0000)]
Correct info in the FAQ.
Bodo Möller [Mon, 9 Apr 2001 09:28:24 +0000 (09:28 +0000)]
Adjust BN_mod_inverse algorithm selection according to experiments on
Ultra-Sparcs (both 32-bit and 64-bit compilations)
Bodo Möller [Mon, 9 Apr 2001 07:15:16 +0000 (07:15 +0000)]
update (0.9.6a)
Bodo Möller [Sun, 8 Apr 2001 18:47:23 +0000 (18:47 +0000)]
comment
Bodo Möller [Sun, 8 Apr 2001 18:41:35 +0000 (18:41 +0000)]
code documentation
Bodo Möller [Sun, 8 Apr 2001 18:23:44 +0000 (18:23 +0000)]
binary algorithm for modular inversion
Bodo Möller [Sun, 8 Apr 2001 18:22:53 +0000 (18:22 +0000)]
avoid '||' since Ultrix apparently doesn't understand it
Bodo Möller [Sun, 8 Apr 2001 13:49:45 +0000 (13:49 +0000)]
'||', '&&' and 'test -x' apparently don't work on Ultrix;
also 'test' appears to be available as '[' only in 'if' conditions.
Bodo Möller [Sun, 8 Apr 2001 13:47:51 +0000 (13:47 +0000)]
Avoid assert() in the library.
Lutz Jänicke [Sun, 8 Apr 2001 10:51:14 +0000 (10:51 +0000)]
Add forgotten "-passin" option to smime.c usage help.
Richard Levitte [Sun, 8 Apr 2001 05:41:42 +0000 (05:41 +0000)]
Resize a local buffer to accomodate the size requirements of AES.
Protect against future mistakes with an assert().
Richard Levitte [Sun, 8 Apr 2001 04:35:58 +0000 (04:35 +0000)]
Add the possibility to have AES removed in Windows as well.
Spotted by Harald Koch <chk@pobox.com>
Bodo Möller [Thu, 5 Apr 2001 11:40:16 +0000 (11:40 +0000)]
Don't use 'tt' uninitialized when reporting an error
(we don't have an ASN1_TEMPLATE to complain about at this stage,
so errtt == NULL should be OK)
Richard Levitte [Thu, 5 Apr 2001 10:19:12 +0000 (10:19 +0000)]
Fix couple of memory leaks in PKCS7_dataDecode().
(provided by Stephen)
Richard Levitte [Thu, 5 Apr 2001 10:09:53 +0000 (10:09 +0000)]
Unixware config.
Bodo Möller [Wed, 4 Apr 2001 16:26:31 +0000 (16:26 +0000)]
don't use shell functions
Richard Levitte [Wed, 4 Apr 2001 16:03:00 +0000 (16:03 +0000)]
Correct a typo. linux != linus.
Richard Levitte [Wed, 4 Apr 2001 15:50:30 +0000 (15:50 +0000)]
Incorporate some changes that make OpenSSL compilable in CygWin.
Richard Levitte [Wed, 4 Apr 2001 13:52:56 +0000 (13:52 +0000)]
Since vms.mar handles 32-bit integers, do not use it on Alpha, that's
just a slowdown.
Richard Levitte [Wed, 4 Apr 2001 13:51:35 +0000 (13:51 +0000)]
OpenVMS/Alpha should use 64 bits. If nothing else, there's
performance to gain.
Richard Levitte [Wed, 4 Apr 2001 04:24:24 +0000 (04:24 +0000)]
Make do_bsd-gcc-shared depend on do_gnu-shared instead of the non-existent linux-shared
Bodo Möller [Tue, 3 Apr 2001 14:03:47 +0000 (14:03 +0000)]
Fix warnings.
Bodo Möller [Tue, 3 Apr 2001 14:03:19 +0000 (14:03 +0000)]
Make sure OPENSSL_SYS_... is defined when we need it.
Bodo Möller [Tue, 3 Apr 2001 13:50:30 +0000 (13:50 +0000)]
This change should be suitable as a workaround for the Solaris x86
compiler bug reported in <
01032110293775.22278@weba3.iname.net>
(the '++seq[i]' condition is evaluated as 256 rather than 0
when the previous value is 255).
Richard Levitte [Tue, 3 Apr 2001 09:42:36 +0000 (09:42 +0000)]
Plug a memory leak. Spotted by "Shijin" <shijin@comex.com>
Richard Levitte [Tue, 3 Apr 2001 09:02:07 +0000 (09:02 +0000)]
Reports on Windows, DG-UX and older OpenVMS.
Richard Levitte [Tue, 3 Apr 2001 08:31:39 +0000 (08:31 +0000)]
libfisdef.h and LIB do not exist on older VMS versions
Richard Levitte [Tue, 3 Apr 2001 08:05:03 +0000 (08:05 +0000)]
Remove a typo in dgux-R4-gcc.
Geoff Thorpe [Mon, 2 Apr 2001 17:47:16 +0000 (17:47 +0000)]
ENGINE_load_[private|public]_key had error handling that could return
without releasing a lock. This is the same fix as applied to
OpenSSL-engine-0_9_6-stable, minus the ENGINE_ctrl() change - the HEAD
already had that fixed.
Geoff Thorpe [Mon, 2 Apr 2001 17:21:36 +0000 (17:21 +0000)]
Actually there were two error cases that could return without releasing the
lock - stupidly, my last change addressed only one of them.
Geoff Thorpe [Mon, 2 Apr 2001 17:06:36 +0000 (17:06 +0000)]
Don't return an error until the global lock is released.
Richard Levitte [Mon, 2 Apr 2001 14:39:20 +0000 (14:39 +0000)]
Reports on VMS.
Dr. Stephen Henson [Mon, 2 Apr 2001 00:59:19 +0000 (00:59 +0000)]
Rewrite CHOICE field setting code to properly handle
combine in CHOICE options.
This was causing d2i_DSAPublicKey() to misbehave.
Richard Levitte [Sun, 1 Apr 2001 15:18:35 +0000 (15:18 +0000)]
A few more reports.
Richard Levitte [Sat, 31 Mar 2001 14:03:09 +0000 (14:03 +0000)]
Note reports.
Bodo Möller [Sat, 31 Mar 2001 07:48:07 +0000 (07:48 +0000)]
avoid buffer overflow
Ulf Möller [Sat, 31 Mar 2001 01:23:10 +0000 (01:23 +0000)]
Note the Alpha asm change
Richard Levitte [Fri, 30 Mar 2001 21:43:06 +0000 (21:43 +0000)]
linux-elf verified.
Richard Levitte [Fri, 30 Mar 2001 20:54:12 +0000 (20:54 +0000)]
Beta 3 has been released and announced.
Bodo Möller [Fri, 30 Mar 2001 14:55:50 +0000 (14:55 +0000)]
this time *really* fix the /../ check ...
Bodo Möller [Fri, 30 Mar 2001 10:47:21 +0000 (10:47 +0000)]
For -WWW, fix test for ".." directory references (and avoid warning for
index -1).
Bodo Möller [Fri, 30 Mar 2001 10:46:15 +0000 (10:46 +0000)]
News for 0.9.6a.
Bodo Möller [Fri, 30 Mar 2001 09:19:18 +0000 (09:19 +0000)]
Fix bctest, and add a workaround that should solve the problem with
FreeBSD's /bin/sh.
Richard Levitte [Fri, 30 Mar 2001 07:26:54 +0000 (07:26 +0000)]
Complete the des_encrypt to des_encrypt1 rename in the main
development line as well.
Richard Levitte [Thu, 29 Mar 2001 20:30:23 +0000 (20:30 +0000)]
One des_encrypt to des_encrypt1 I forgot to commit...
Richard Levitte [Thu, 29 Mar 2001 15:15:10 +0000 (15:15 +0000)]
Stress the news about the name change.
Richard Levitte [Thu, 29 Mar 2001 10:49:27 +0000 (10:49 +0000)]
I forgot to rename des_encrypt to des_encrypt1 in libeay.num.
Richard Levitte [Thu, 29 Mar 2001 07:45:37 +0000 (07:45 +0000)]
Since there has been reports of clashes between OpenSSL's
des_encrypt() and des_encrypt() defined on some systems (Solaris and
Unixware and maybe others), we rename des_encrypt() to des_encrypt1().
This should have very little impact on external software unless
someone has written a mode of DES, since that's all des_encrypt() is
meant for.
Richard Levitte [Wed, 28 Mar 2001 13:36:13 +0000 (13:36 +0000)]
Add news section for OpenSSL 0.9.6a. Please add what's missing
Ulf Möller [Wed, 28 Mar 2001 05:10:38 +0000 (05:10 +0000)]
check CRT
Ulf Möller [Wed, 28 Mar 2001 04:56:58 +0000 (04:56 +0000)]
check CRT
Ulf Möller [Wed, 28 Mar 2001 02:41:02 +0000 (02:41 +0000)]
mips
Richard Levitte [Tue, 27 Mar 2001 23:42:36 +0000 (23:42 +0000)]
Restore asm/mips3.s to be compiled and linked in, since the bug has
(at least hopefully :-)) been fixed.
Andy Polyakov [Tue, 27 Mar 2001 22:30:46 +0000 (22:30 +0000)]
The IRIX fix. Asm recap and corresponding declation.
Submitted by:
Reviewed by:
PR:
Richard Levitte [Tue, 27 Mar 2001 18:34:04 +0000 (18:34 +0000)]
Include bn.h so we get BN_LLONG properly defined. Otherwise, we can forget things like %lld
Richard Levitte [Tue, 27 Mar 2001 09:13:03 +0000 (09:13 +0000)]
Reports seem to show that asm/mips3.s has faults. To be investigated, but let's avoid using it in the mean time
Richard Levitte [Mon, 26 Mar 2001 16:16:12 +0000 (16:16 +0000)]
For mips3 and alpha, put the assembler file directives in separate
variables and disable the Alpha assembler for now, since it has been
shown to fail.
The Alpha failure can be shown by adding the following numbers:
FFFFFFFFFFFFFF0000FF2E00000000EBFFFFFF0000D1
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF46FFE0FFFF0000
The result is:
1FFFFFFFFFFFEFF0000FF2E0000000032FFE0FEFF00D1
The result should really be:
1FFFFFFFFFFFFFF0000FF2E0000000032FFE0FEFF00D1
Richard Levitte [Sat, 24 Mar 2001 12:39:59 +0000 (12:39 +0000)]
make update
Richard Levitte [Sat, 24 Mar 2001 12:31:11 +0000 (12:31 +0000)]
When using the native tools on Solaris, make damn sure the native ld
is used, even if the user has GNU ld earlier in his $PATH.
Richard Levitte [Sat, 24 Mar 2001 12:29:21 +0000 (12:29 +0000)]
gcc uses collect2, not ld, to link things. Therefore, when using gcc
there's no need fooling ourselves, it's the gnu-shared method that we
should use. Do it for Solaris to begin with.
Richard Levitte [Sat, 24 Mar 2001 11:45:57 +0000 (11:45 +0000)]
ln on Solaris expects -f to come before -s.
The linux-shared method is actually gcc-specific, so call it
gnu-shared as well.
Richard Levitte [Thu, 22 Mar 2001 22:13:16 +0000 (22:13 +0000)]
Small AIX problems solved.
Richard Levitte [Thu, 22 Mar 2001 21:32:26 +0000 (21:32 +0000)]
A lot of reports.
Richard Levitte [Thu, 22 Mar 2001 21:20:54 +0000 (21:20 +0000)]
We really have no need for PEX_LIBS, so empty it.
Bodo Möller [Thu, 22 Mar 2001 15:06:19 +0000 (15:06 +0000)]
Add missing '#ifndef OPENSSL_NO_DSA'.
Richard Levitte [Thu, 22 Mar 2001 12:14:37 +0000 (12:14 +0000)]
Remove redundant operations and update version info.
Bodo Möller [Thu, 22 Mar 2001 10:59:41 +0000 (10:59 +0000)]
Harmonize CHANGES and STATUS files between the 0.9.6a branch and
the trunk to keep diffs small.
Richard Levitte [Wed, 21 Mar 2001 18:43:12 +0000 (18:43 +0000)]
Use stdlib.h to get size_t.
Bodo Möller [Wed, 21 Mar 2001 15:25:56 +0000 (15:25 +0000)]
Update docs.
Richard Levitte [Wed, 21 Mar 2001 12:34:34 +0000 (12:34 +0000)]
Since they aren't implemented yet, EC_GFp_{recp,nist}_method() need to
be "#if 0"'d, or they will (re)appear as existing functions in
util/libeay.num.
Bodo Möller [Wed, 21 Mar 2001 09:58:57 +0000 (09:58 +0000)]
Tag EC_GFp_{nist,recp}_method as "NOEXIST" because they have
not yet been implemented.
Richard Levitte [Tue, 20 Mar 2001 15:36:59 +0000 (15:36 +0000)]
avoid linking problems when OpenSSL is built with no-dsa. Spotted by Hellan,Kim KHE <khe@kmd.dk>
Bodo Möller [Tue, 20 Mar 2001 11:16:12 +0000 (11:16 +0000)]
Increase boundaries in EC_window_bits_for_scalar_size table.
Bodo Möller [Mon, 19 Mar 2001 22:38:24 +0000 (22:38 +0000)]
Table for window sizes.
Bodo Möller [Mon, 19 Mar 2001 22:38:01 +0000 (22:38 +0000)]
Update.
Richard Levitte [Sun, 18 Mar 2001 14:25:01 +0000 (14:25 +0000)]
New cofiguration for Unixwre and SCO,with slightly better granularity. Contributed by Tim Rice <tim@multitalents.net>
Dr. Stephen Henson [Sun, 18 Mar 2001 02:11:42 +0000 (02:11 +0000)]
Fix PKCS#12 key generation bug.
Bodo Möller [Sat, 17 Mar 2001 09:51:25 +0000 (09:51 +0000)]
Explicitly ignore the exit code of ./bctest. Usually the shell
ignores it anyway in command substitution, but Ultrix reportedly
aborted the test when bctest returned 1.
Richard Levitte [Fri, 16 Mar 2001 10:30:10 +0000 (10:30 +0000)]
Correct a typo which might have lead to a dump.
Noted by Martin Kraemer <Martin.Kraemer@Fujitsu-Siemens.com>
Richard Levitte [Fri, 16 Mar 2001 09:13:11 +0000 (09:13 +0000)]
An enhanced bctest submitted by Tim Rice <tim@multitalents.net>.
It now looks along $PATH for a working bc and returns the absolute
path to one that does work.
Dr. Stephen Henson [Fri, 16 Mar 2001 02:04:17 +0000 (02:04 +0000)]
Add copy_extensions option to 'ca' utility.
Dr. Stephen Henson [Thu, 15 Mar 2001 22:45:20 +0000 (22:45 +0000)]
Add 'align' option to nameopt.
Add default values for display by the 'ca' utility
to openssl.cnf
Update docs.
Richard Levitte [Thu, 15 Mar 2001 22:10:07 +0000 (22:10 +0000)]
Minimise the amount of -L. when linking the shared libraries. It
seems like some Unixen (SCO) have opinions about too many -L.
Richard Levitte [Thu, 15 Mar 2001 20:48:27 +0000 (20:48 +0000)]
bsdi-elf needs to link with -ldl.
Richard Levitte [Thu, 15 Mar 2001 20:23:22 +0000 (20:23 +0000)]
For AIX 4.3 or above, allow the use of dlfcn.
Dr. Stephen Henson [Thu, 15 Mar 2001 19:13:40 +0000 (19:13 +0000)]
Overhaul the display of certificate details in
the 'ca' utility. This can now be extensively
customised in the configuration file and handles
multibyte strings and extensions properly.
This is required when extensions copying from
certificate requests is supported: the user
must be able to view the extensions before
allowing a certificate to be issued.
Bodo Möller [Thu, 15 Mar 2001 18:17:40 +0000 (18:17 +0000)]
Completely remove mont2 stuff.
It does not appear to be faster than the current Montgomery code
except for very small moduli (somewhere between 192 and 224 bits
in a 64-bit Sun environment, and even less than 192 bits
on 32 bit systems).
Lutz Jänicke [Thu, 15 Mar 2001 12:42:04 +0000 (12:42 +0000)]
Forgot "cvs add", so only the surrounding changes made it... sigh.
Bodo Möller [Thu, 15 Mar 2001 11:31:37 +0000 (11:31 +0000)]
avoid infinite loop