Bodo Möller [Fri, 27 May 2005 15:39:24 +0000 (15:39 +0000)]
Use BN_with_flags() in a cleaner way.
Dr. Stephen Henson [Thu, 26 May 2005 21:29:08 +0000 (21:29 +0000)]
file fips_standalone_sha1.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:23 +0000
Dr. Stephen Henson [Thu, 26 May 2005 21:29:06 +0000 (21:29 +0000)]
file fips_shatest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:23 +0000
Dr. Stephen Henson [Thu, 26 May 2005 21:29:04 +0000 (21:29 +0000)]
file fips_sha1_selftest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:23 +0000
Dr. Stephen Henson [Thu, 26 May 2005 21:29:02 +0000 (21:29 +0000)]
file Makefile was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:23 +0000
Dr. Stephen Henson [Thu, 26 May 2005 21:29:00 +0000 (21:29 +0000)]
file .cvsignore was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:23 +0000
Bodo Möller [Thu, 26 May 2005 04:40:57 +0000 (04:40 +0000)]
make sure DSA signing exponentiations really are constant-time
Bodo Möller [Thu, 26 May 2005 04:30:48 +0000 (04:30 +0000)]
check BN_copy() return value
Andy Polyakov [Wed, 25 May 2005 21:37:18 +0000 (21:37 +0000)]
Some assemblers are too rudimentary to understand dynamic labels.
Geoff Thorpe [Wed, 25 May 2005 02:52:44 +0000 (02:52 +0000)]
Handle differences between engine IDs and their dynamic library names (and
source files, for that matter) by tolerating the alternatives. It would be
preferable to also change the generated shared library names, but that will
be taken up separately.
Richard Levitte [Tue, 24 May 2005 03:57:12 +0000 (03:57 +0000)]
Forgot to change the version number itself.
Richard Levitte [Tue, 24 May 2005 03:50:30 +0000 (03:50 +0000)]
Tagging is done, we continue on beta3, which is planned to be released
on Sunday May 29th.
Richard Levitte [Tue, 24 May 2005 03:42:49 +0000 (03:42 +0000)]
Time to release the next beta.
The tag will be OpenSSL_0_9_8-beta2.
Richard Levitte [Tue, 24 May 2005 03:39:37 +0000 (03:39 +0000)]
make update
Richard Levitte [Tue, 24 May 2005 03:39:10 +0000 (03:39 +0000)]
It seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512
was still active when it came down to the functions. mkdef.pl should really
be corrected, but that'll be another day...
Richard Levitte [Tue, 24 May 2005 03:27:57 +0000 (03:27 +0000)]
Typo correction
Richard Levitte [Tue, 24 May 2005 03:22:56 +0000 (03:22 +0000)]
DEC C complains about bad subscript, but we know better, so let's shut it up.
Dr. Stephen Henson [Mon, 23 May 2005 00:32:55 +0000 (00:32 +0000)]
Fix WIN32+KRB5 issues.
Andy Polyakov [Sun, 22 May 2005 10:26:47 +0000 (10:26 +0000)]
Be more consistent with OPENSSL_NO_SHA256.
Andy Polyakov [Sun, 22 May 2005 09:13:30 +0000 (09:13 +0000)]
Disseminate BUILDENV even further.
Andy Polyakov [Sun, 22 May 2005 08:52:12 +0000 (08:52 +0000)]
OPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to
make no-sha512 more effective on platforms, which don't support 64-bit
integer type of *any* kind.
Andy Polyakov [Sat, 21 May 2005 17:51:12 +0000 (17:51 +0000)]
Still SEGV trouble in .init segment under Solaris x86...
Richard Levitte [Sat, 21 May 2005 17:39:53 +0000 (17:39 +0000)]
When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in
http://www.opengroup.org/onlinepubs/
007908799/xsh/compilation.html.
Notified by David Wolfe <dwolfe5272@yahoo.com>
Andy Polyakov [Sat, 21 May 2005 16:52:30 +0000 (16:52 +0000)]
Default to no-sse2 on selected platforms.
Richard Levitte [Sat, 21 May 2005 16:37:41 +0000 (16:37 +0000)]
Patches for Cygwin, provided by Corinna Vinschen <vinschen@redhat.com>
Andy Polyakov [Sat, 21 May 2005 13:19:46 +0000 (13:19 +0000)]
Move _WIN32_WINNT definition from command line to e_os.h [from HEAD].
Nils Larsch [Fri, 20 May 2005 23:01:31 +0000 (23:01 +0000)]
fix typo, add prototype
Nils Larsch [Thu, 19 May 2005 22:11:22 +0000 (22:11 +0000)]
fix potential memory leak
Submitted by: Goetz Babin-Ebell
Nils Larsch [Thu, 19 May 2005 20:54:22 +0000 (20:54 +0000)]
update ecdsa doc
Andy Polyakov [Thu, 19 May 2005 19:57:27 +0000 (19:57 +0000)]
FAQ to mention no-sse2.
Richard Levitte [Thu, 19 May 2005 19:45:53 +0000 (19:45 +0000)]
Tagging of 0.9.8-beta1 is done, time to update the version numbers to
the next beta (beta2).
Richard Levitte [Thu, 19 May 2005 19:42:04 +0000 (19:42 +0000)]
Update version information.
Richard Levitte [Thu, 19 May 2005 19:31:53 +0000 (19:31 +0000)]
'make update' with a default configuration.
Richard Levitte [Thu, 19 May 2005 19:12:36 +0000 (19:12 +0000)]
Added news items for OpenSSL 0.9.8.
Nils Larsch [Thu, 19 May 2005 11:59:35 +0000 (11:59 +0000)]
fix "dereferencing type-punned pointer will break strict-aliasing rules"
warning when using gcc 4.0
Dr. Stephen Henson [Thu, 19 May 2005 11:51:43 +0000 (11:51 +0000)]
Recognize new macros.
Andy Polyakov [Thu, 19 May 2005 02:13:10 +0000 (02:13 +0000)]
Propogate BUILDENV even in ./engines.
Andy Polyakov [Thu, 19 May 2005 02:08:01 +0000 (02:08 +0000)]
Stringify substitutions [some shells require it].
Andy Polyakov [Thu, 19 May 2005 01:48:46 +0000 (01:48 +0000)]
SysV make [or least some of them] don't propogate command line macros to
recursively called make. So let's pass down BUILDENV as value too...
Nils Larsch [Wed, 18 May 2005 22:29:17 +0000 (22:29 +0000)]
make the type parameter const when ID2_OF_const() is used
Andy Polyakov [Wed, 18 May 2005 13:37:20 +0000 (13:37 +0000)]
FAQ update to mention Applink [from HEAD].
Andy Polyakov [Wed, 18 May 2005 08:45:21 +0000 (08:45 +0000)]
Don't emit SSE2 instructions unless were asked to [from HEAD].
PR: 1073
Andy Polyakov [Wed, 18 May 2005 08:17:29 +0000 (08:17 +0000)]
Engage Applink in mingw. [from HEAD]
Richard Levitte [Wed, 18 May 2005 04:14:22 +0000 (04:14 +0000)]
OpenSSL 0.9.8 has just entered beta status. Not quite releasing yet,
since I need to write a NEWS entry.
This means we're in feature freeze. HEAD is now 0.9.9-dev.
cvs2svn [Tue, 17 May 2005 16:50:47 +0000 (16:50 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_8-stable'.
Andy Polyakov [Tue, 17 May 2005 16:50:46 +0000 (16:50 +0000)]
Engage Applink for VC builds.
Andy Polyakov [Tue, 17 May 2005 13:51:36 +0000 (13:51 +0000)]
Keep disclaming 16-bit support.
Nils Larsch [Tue, 17 May 2005 12:23:16 +0000 (12:23 +0000)]
simplify EC_KEY_dup
Andy Polyakov [Tue, 17 May 2005 06:57:45 +0000 (06:57 +0000)]
mdc2test is not built by default anymore.
Bodo Möller [Tue, 17 May 2005 05:52:24 +0000 (05:52 +0000)]
fix memory leak (BIO_free_all needs pointer to first BIO)
PR: 1070
Andy Polyakov [Tue, 17 May 2005 00:08:28 +0000 (00:08 +0000)]
OPENSSL_Applink update.
Andy Polyakov [Tue, 17 May 2005 00:07:13 +0000 (00:07 +0000)]
Disclaim 16-bit support.
Andy Polyakov [Tue, 17 May 2005 00:01:48 +0000 (00:01 +0000)]
Move cryptlib.h prior bio.h. Actually it makes sense to include cryptlib.h
first everywhere in crypto and skip stdio.h and string.h [because it
includes them].
Andy Polyakov [Mon, 16 May 2005 21:05:09 +0000 (21:05 +0000)]
Improve shell portability of new rules in Makefile.shared.
Bodo Möller [Mon, 16 May 2005 19:14:34 +0000 (19:14 +0000)]
Change wording for BN_mod_exp_mont_consttime() entry
Andy Polyakov [Mon, 16 May 2005 16:55:47 +0000 (16:55 +0000)]
Further BUILDENV refinement, further fool-proofing of Makefiles and
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
Andy Polyakov [Mon, 16 May 2005 14:24:45 +0000 (14:24 +0000)]
Further BUILDENV clean-up, 'make depend' is operational again.
Nils Larsch [Mon, 16 May 2005 10:11:04 +0000 (10:11 +0000)]
ecc api cleanup; summary:
- hide the EC_KEY structure definition in ec_lcl.c + add
some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
Bodo Möller [Mon, 16 May 2005 01:43:31 +0000 (01:43 +0000)]
Implement fixed-window exponentiation to mitigate hyper-threading
timing attacks.
BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
Bodo Möller [Mon, 16 May 2005 00:29:29 +0000 (00:29 +0000)]
rebuild to synchronize with additions to 0.9.7 branch
Bodo Möller [Mon, 16 May 2005 00:27:37 +0000 (00:27 +0000)]
make update
Andy Polyakov [Mon, 16 May 2005 00:01:49 +0000 (00:01 +0000)]
Make Makefile.shared quiet again.
Andy Polyakov [Sun, 15 May 2005 23:59:04 +0000 (23:59 +0000)]
Simplify shared rules, link run-path into applications only.
Andy Polyakov [Sun, 15 May 2005 23:53:34 +0000 (23:53 +0000)]
Consolidate BUILDENV [idea is to keep all variables in one place].
Andy Polyakov [Sun, 15 May 2005 22:43:00 +0000 (22:43 +0000)]
+20% performance improvement of P4-specific RC4_CHAR loop.
Andy Polyakov [Sun, 15 May 2005 22:23:26 +0000 (22:23 +0000)]
Fool-proofing Makefiles
Dr. Stephen Henson [Sun, 15 May 2005 00:56:47 +0000 (00:56 +0000)]
Make update.
Dr. Stephen Henson [Sun, 15 May 2005 00:54:45 +0000 (00:54 +0000)]
Make -CSP option work again in pkcs12 utility by checking for
attribute in EVP_PKEY structure.
Dr. Stephen Henson [Sat, 14 May 2005 12:58:20 +0000 (12:58 +0000)]
openssl_fcast should always be defined, not just with DEBUG_SAFESTACK
Dr. Stephen Henson [Thu, 12 May 2005 23:01:44 +0000 (23:01 +0000)]
Some C compilers produce warnings or compilation errors if an attempt
is made to directly cast a function of one type to what it considers and
incompatible type. In particular gcc 3.4.2.
Add new openssl_fcast macro to place functions into a form where the compiler
will allow them to be cast.
The current version achives this by casting to: void function(void).
Dr. Stephen Henson [Thu, 12 May 2005 22:40:19 +0000 (22:40 +0000)]
Avoid warnings.
Dr. Stephen Henson [Thu, 12 May 2005 22:39:42 +0000 (22:39 +0000)]
Fix from stable branch.
Dr. Stephen Henson [Thu, 12 May 2005 17:28:53 +0000 (17:28 +0000)]
Typo.
Bodo Möller [Thu, 12 May 2005 06:24:25 +0000 (06:24 +0000)]
fix msg_callback() arguments for SSL 2.0 compatible client hello
(previous revision got this wrong)
Bodo Möller [Wed, 11 May 2005 18:36:47 +0000 (18:36 +0000)]
Move another item into ChangeLog.0_9_7-stable_not-in-head_FIPS
Bodo Möller [Wed, 11 May 2005 18:25:49 +0000 (18:25 +0000)]
Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled
with the SSL_OP_NO_SSLv2 option.
Ben Laurie [Wed, 11 May 2005 16:39:05 +0000 (16:39 +0000)]
There must be an explicit way to build the .o!
Bodo Möller [Wed, 11 May 2005 03:54:21 +0000 (03:54 +0000)]
Move some entries from ChangeLog.0_9_7-stable_not-in-head
to ChangeLog.0_9_7-stable_not-in-head_FIPS.
Bodo Möller [Wed, 11 May 2005 03:45:39 +0000 (03:45 +0000)]
Fix more error codes.
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
Nils Larsch [Tue, 10 May 2005 11:55:28 +0000 (11:55 +0000)]
use 'p' as conversion specifier for printf to avoid truncation of
pointers on 64 bit platforms. Patch supplied by Daniel Gryniewicz
via Mike Frysinger <vapier@gentoo.org>.
PR: 1064
Nils Larsch [Tue, 10 May 2005 11:37:47 +0000 (11:37 +0000)]
give EC_GROUP_new_by_nid a more meanigful name:
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
Nils Larsch [Tue, 10 May 2005 09:51:29 +0000 (09:51 +0000)]
improve command line argument checking
PR: 1061
Andy Polyakov [Mon, 9 May 2005 21:48:01 +0000 (21:48 +0000)]
Comply with optimization manual (no data should share cache-line with code).
Andy Polyakov [Mon, 9 May 2005 21:27:40 +0000 (21:27 +0000)]
Allow for 64-bit cache-line alignments in code segment.
Dr. Stephen Henson [Mon, 9 May 2005 19:22:15 +0000 (19:22 +0000)]
file fips_hmac_selftest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:17 +0000
Bodo Möller [Mon, 9 May 2005 00:27:37 +0000 (00:27 +0000)]
Update util/ck_errf.pl script, and have it run automatically
during "make errors" and thus during "make update".
Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.
Bodo Möller [Mon, 9 May 2005 00:22:02 +0000 (00:22 +0000)]
rebuild (starting with state from 0.9.7-stable branch) to avoid clutter
Bodo Möller [Mon, 9 May 2005 00:06:54 +0000 (00:06 +0000)]
improve comment readability
Bodo Möller [Mon, 9 May 2005 00:05:17 +0000 (00:05 +0000)]
give EC_GROUP_*_nid functions a more meaningful name
EC_GROUP_get_nid -> EC_GROUP_get_curve_name
EC_GROUP_set_nid -> EC_GROUP_set_curve_name
Nils Larsch [Sun, 8 May 2005 22:09:12 +0000 (22:09 +0000)]
give EC_GROUP_*_nid functions a more meaningful name
EC_GROUP_get_nid -> EC_GROUP_get_curve_name
EC_GROUP_set_nid -> EC_GROUP_set_curve_name
Andy Polyakov [Sun, 8 May 2005 19:54:33 +0000 (19:54 +0000)]
Eliminate "statement with no effect" warning when OPENSSL_assert macro
is used with constant assertion.
Dr. Stephen Henson [Sat, 7 May 2005 22:06:43 +0000 (22:06 +0000)]
file fips_rngvs.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:18 +0000
Dr. Stephen Henson [Sat, 7 May 2005 22:06:41 +0000 (22:06 +0000)]
file fips_rand_selftest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:18 +0000
Richard Levitte [Sat, 7 May 2005 21:21:17 +0000 (21:21 +0000)]
I was incorrect about VMS/Alpha. Defining BN_LLONG with
SIXTY_FOUR_BIT could cause havoc, so don't (it's lucky bn.h undefines
BN_LLONG when SIXTY_FOUR_BIT is defined).
Dr. Stephen Henson [Sat, 7 May 2005 12:50:26 +0000 (12:50 +0000)]
file fips_rsastest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:22 +0000
Andy Polyakov [Sat, 7 May 2005 08:13:51 +0000 (08:13 +0000)]
x86_64 assembler translator update.
Andy Polyakov [Sat, 7 May 2005 08:11:50 +0000 (08:11 +0000)]
Fix constants.
PR: 1059
Richard Levitte [Fri, 6 May 2005 13:34:35 +0000 (13:34 +0000)]
Since BN_LLONG will only be defined for Alpha/VMS and not VAX/VMS,
there's no need to undefine it here. Then, let's get a bit paranoid
and not define BN_ULLONG on THIRTY_TWO_BIT machines when BN_LLONG
isn't defined.
Richard Levitte [Fri, 6 May 2005 13:33:16 +0000 (13:33 +0000)]
Actually, C on VMS/Alpha knows very well what a long long is, and
knows how to make use of it. So let's stop pretending the Alpha
doesn't know long long...
Dr. Stephen Henson [Thu, 5 May 2005 21:46:28 +0000 (21:46 +0000)]
file fips_rsavtest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:22 +0000