Richard Levitte [Wed, 18 Dec 2002 10:24:04 +0000 (10:24 +0000)]
Update the current status
Andy Polyakov [Wed, 18 Dec 2002 09:02:07 +0000 (09:02 +0000)]
Fix for RT#405, Solaris refuses to invoke preprocessor if egrep returns 1.
Linux for example doesn't exhibit this behaviour, but I add "exit 0" to all
potentially affected rules, just to be on the safe side.
Richard Levitte [Tue, 17 Dec 2002 14:48:24 +0000 (14:48 +0000)]
Move on to beta7 (hopefully, that will never appear)
Richard Levitte [Tue, 17 Dec 2002 14:24:51 +0000 (14:24 +0000)]
Time to release OpenSSL 0.9.7 beta6.
The tag will be OpenSSL_0_9_7-beta6.
Richard Levitte [Tue, 17 Dec 2002 14:21:55 +0000 (14:21 +0000)]
A few more NEWS items.
Andy Polyakov [Tue, 17 Dec 2002 08:01:28 +0000 (08:01 +0000)]
Make "perl des-586.pl a.out" work, see RT#402
Andy Polyakov [Mon, 16 Dec 2002 18:59:05 +0000 (18:59 +0000)]
Some of Sun compiler drivers (well, one of those I have) collect all
options specified with -Wl in the beginnig of the ld command line which
kind of obsoletes the idea as it's -z defaultextract that will be
closest to lib*.a and not -z allextract:-(
Andy Polyakov [Mon, 16 Dec 2002 18:17:24 +0000 (18:17 +0000)]
This is rollback to 0.9.6h bn_mul.c to address problem reported in RT#272.
Richard Levitte [Mon, 16 Dec 2002 06:06:06 +0000 (06:06 +0000)]
Protect loading routines with a lock.
PR: 373
Geoff Thorpe [Sun, 15 Dec 2002 21:20:25 +0000 (21:20 +0000)]
"=head3" tags only work with recent versions of the pod tools and 0.9.7
should cooperate with older environments. This replaces them with "I<..>"
tags.
Geoff Thorpe [Sun, 15 Dec 2002 16:45:28 +0000 (16:45 +0000)]
The ampersand is not required in these constructs, and was giving AIX
warnings.
Reported by: Bernhard Simon.
Andy Polyakov [Sun, 15 Dec 2002 16:00:26 +0000 (16:00 +0000)]
Always forget this one...
Andy Polyakov [Sun, 15 Dec 2002 15:27:53 +0000 (15:27 +0000)]
Another Solaris shared build clean-up. This is not actually needed if one
uses WorkShop C. It's gcc driver that brings copy of libgcc.a into .so
otherwise. In case you wonder what it's -Wl,-z... and not just -z. Problem
is that gcc driver apparently omits all -z options but -z text. Don't ask
me why. I'm not committing corresponding workaround into the HEAD as
Makefile.shared reportedly needs even more work...
Andy Polyakov [Sun, 15 Dec 2002 10:05:29 +0000 (10:05 +0000)]
DES PIC-ification. "Cygwin" companion. Problem was that preprocessor macro
is not expanded if prepended with a $-sign.
Richard Levitte [Sun, 15 Dec 2002 06:45:46 +0000 (06:45 +0000)]
Make sure manual pages are properly linked to on systems that have case
insensitive file names, as well as those that do not have symlinks.
Incidently, both these cases apply on DOS/Windows...
Richard Levitte [Sun, 15 Dec 2002 06:00:29 +0000 (06:00 +0000)]
Update the make system for installations:
- define a HERE variable to indicate where the source tree is (not
used right now)
- make more use of copying and making attribute changes to {file}.new,
and then move it to {file}
- use 'mv -f' to avoid all those questions to the user when the file
in question doesn't have write attributes for that user.
Richard Levitte [Sun, 15 Dec 2002 05:54:58 +0000 (05:54 +0000)]
Don't define macros in terms of asm() when __STRICT_ANSI is defined.
Andy Polyakov [Sun, 15 Dec 2002 00:44:00 +0000 (00:44 +0000)]
Ooops! No ROTATE on some platforms after x86_64 performance patch...
Andy Polyakov [Sat, 14 Dec 2002 23:13:19 +0000 (23:13 +0000)]
As you might have noticed I tried to change for . prefix, because it's
the one to be used to denote local labels in single function scope.
Problem is that SHA uses same label set across functions, therefore I
have to switch back to $ prefix.
Andy Polyakov [Sat, 14 Dec 2002 21:51:23 +0000 (21:51 +0000)]
Solaris shared build fix-ups. See RT#238,239 for details.
Andy Polyakov [Sat, 14 Dec 2002 20:45:39 +0000 (20:45 +0000)]
x86_64 performance patch.
cvs2svn [Sat, 14 Dec 2002 20:42:08 +0000 (20:42 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_7-stable'.
Andy Polyakov [Sat, 14 Dec 2002 20:42:05 +0000 (20:42 +0000)]
x86_64 performance patch.
Andy Polyakov [Sat, 14 Dec 2002 17:54:30 +0000 (17:54 +0000)]
DES PIC-ification. Windows companion.
Andy Polyakov [Sat, 14 Dec 2002 17:52:35 +0000 (17:52 +0000)]
DES PIC-ification. Windows companion.
Geoff Thorpe [Fri, 13 Dec 2002 22:01:46 +0000 (22:01 +0000)]
The ampersand is not required in these constructs, and was giving AIX
warnings.
Reported by: Bernhard Simon.
Andy Polyakov [Fri, 13 Dec 2002 17:56:14 +0000 (17:56 +0000)]
IA-32 assembler modules (primarily DES) PIC-ification. Idea is to keep
shared libraries shared.
Andy Polyakov [Fri, 13 Dec 2002 17:31:01 +0000 (17:31 +0000)]
IA-32 assembler modules (primarily DES) PIC-ification. Idea is to keep
shared libraries shared.
Richard Levitte [Fri, 13 Dec 2002 07:30:59 +0000 (07:30 +0000)]
OK, there's at least one application author who has provided dynamic locking
callbacks
Richard Levitte [Fri, 13 Dec 2002 07:30:53 +0000 (07:30 +0000)]
OK, there's at least one application author who has provided dynamic locking
callbacks
Richard Levitte [Thu, 12 Dec 2002 22:12:04 +0000 (22:12 +0000)]
BIO_new_bio_pair() was unnecessarily described in it's own page as well as in
BIO_s_bio.pod. The most logical is to move everything needed from
BIO_new_bio_pair.pod to BIO_s_bio.pod (including the nice example)
and toss BIO_new_bio_pair.pod. I hope I got all the info over properly.
PR: 370
Richard Levitte [Thu, 12 Dec 2002 22:12:02 +0000 (22:12 +0000)]
BIO_new_bio_pair() was unnecessarily described in it's own page as well as in
BIO_s_bio.pod. The most logical is to move everything needed from
BIO_new_bio_pair.pod to BIO_s_bio.pod (including the nice example)
and toss BIO_new_bio_pair.pod. I hope I got all the info over properly.
PR: 370
Richard Levitte [Thu, 12 Dec 2002 22:08:52 +0000 (22:08 +0000)]
BIO_set_nbio() is enumerated, but not explained. Remove it from enumeration
since it's both enumerated and explained in BIO_s_connect.pod.
PR: 370
Richard Levitte [Thu, 12 Dec 2002 22:08:49 +0000 (22:08 +0000)]
BIO_set_nbio() is enumerated, but not explained. Remove it from enumeration
since it's both enumerated and explained in BIO_s_connect.pod.
PR: 370
Richard Levitte [Thu, 12 Dec 2002 19:40:55 +0000 (19:40 +0000)]
I forgot one item I intend to work on.
Richard Levitte [Thu, 12 Dec 2002 18:43:32 +0000 (18:43 +0000)]
Skip DH-specific tests when no-dh has been configured.
PR: 353
Richard Levitte [Thu, 12 Dec 2002 18:43:10 +0000 (18:43 +0000)]
Skip DH-specific tests when no-dh has been configured.
PR: 353
Richard Levitte [Thu, 12 Dec 2002 17:41:36 +0000 (17:41 +0000)]
Add a static lock called HWCRHK, for the case of having an application
that wants to use the hw_ncipher engine without having given any
callbacks for the dynamic type of locks.
Richard Levitte [Thu, 12 Dec 2002 17:40:15 +0000 (17:40 +0000)]
Document the modifications in 0.9.7 that will make the hw_ncipher.c
engine work properly even in bad situations.
Geoff Thorpe [Wed, 11 Dec 2002 19:07:03 +0000 (19:07 +0000)]
Make 'tunala' link with zlib if possible (so it works if openssl was
configured with zlib support).
Richard Levitte [Wed, 11 Dec 2002 08:56:42 +0000 (08:56 +0000)]
In CRYPTO_lock(), check that the application cares about locking (provided
callbacks) before attempting to lock.
Richard Levitte [Wed, 11 Dec 2002 08:56:35 +0000 (08:56 +0000)]
In CRYPTO_lock(), check that the application cares about locking (provided
callbacks) before attempting to lock.
Richard Levitte [Wed, 11 Dec 2002 08:33:37 +0000 (08:33 +0000)]
sk_*_push() returns the number of items on the stack, not the index of the
pushed item. The index is the number of items - 1. And if a NULL item was
found, actually use it.
Finally, provide a little bit of safety in CRYPTO_lock() by asserting the a
requested dynamic lock really must exist, instead of just being silent about it
Richard Levitte [Wed, 11 Dec 2002 08:33:31 +0000 (08:33 +0000)]
sk_*_push() returns the number of items on the stack, not the index of the
pushed item. The index is the number of items - 1. And if a NULL item was
found, actually use it.
Finally, provide a little bit of safety in CRYPTO_lock() by asserting the a
requested dynamic lock really must exist, instead of just being silent about it
Richard Levitte [Wed, 11 Dec 2002 07:37:57 +0000 (07:37 +0000)]
Let's not forget the other places where HEADER_DES_H and HEADER_DES_OLD_H
were defined.
Richard Levitte [Wed, 11 Dec 2002 07:37:54 +0000 (07:37 +0000)]
Let's not forget the other places where HEADER_DES_H and HEADER_DES_OLD_H
were defined.
Richard Levitte [Wed, 11 Dec 2002 07:24:47 +0000 (07:24 +0000)]
Let's not forget the other places where HEADER_DES_H and HEADER_DES_OLD_H
were defined.
Richard Levitte [Wed, 11 Dec 2002 07:24:43 +0000 (07:24 +0000)]
Let's not forget the other places where HEADER_DES_H and HEADER_DES_OLD_H
were defined.
Richard Levitte [Wed, 11 Dec 2002 06:59:49 +0000 (06:59 +0000)]
Since HEADER_DES_H has been the protector of des.h since libdes
(before SSLeay, maybe?), it's better to have that macro protect
the compatibility header des_old.h. In the new des.h, let's use
a slightly different protecting macro.
The rationale is that there are application that might include (via
other header files, perhaps) both an old libdes des.h and OpenSSL's
des.h. Whichever comes first would overshadow the other because of
the clash in protecting macro. This fix solves that problem.
Richard Levitte [Wed, 11 Dec 2002 06:59:16 +0000 (06:59 +0000)]
Since HEADER_DES_H has been the protector of des.h since libdes
(before SSLeay, maybe?), it's better to have that macro protect
the compatibility header des_old.h. In the new des.h, let's use
a slightly different protecting macro.
The rationale is that there are application that might include (via
other header files, perhaps) both an old libdes des.h and OpenSSL's
des.h. Whichever comes first would overshadow the other because of
the clash in protecting macro. This fix solves that problem.
Geoff Thorpe [Wed, 11 Dec 2002 03:34:26 +0000 (03:34 +0000)]
This stops a compiler warning from -Wmissing-prototypes.
(Noticed by Nils Larsch)
Lutz Jänicke [Tue, 10 Dec 2002 18:48:14 +0000 (18:48 +0000)]
Update -Olimit setting.
Submitted by: Bernhard Simon <simon@zid.tuwien.ac.at>
Reviewed by:
PR:
Lutz Jänicke [Tue, 10 Dec 2002 18:47:31 +0000 (18:47 +0000)]
Update -Olimit setting.
Submitted by: Bernhard Simon <simon@zid.tuwien.ac.at>
Reviewed by:
PR:
Ralf S. Engelschall [Tue, 10 Dec 2002 12:01:39 +0000 (12:01 +0000)]
test commit (just removing tailing blanks) #2 after migration
Ralf S. Engelschall [Tue, 10 Dec 2002 10:51:18 +0000 (10:51 +0000)]
test commit (removing trailing blanks) after migration
Ralf S. Engelschall [Tue, 10 Dec 2002 10:49:22 +0000 (10:49 +0000)]
test blank-line commit after migration -- just ignore
Richard Levitte [Tue, 10 Dec 2002 08:26:10 +0000 (08:26 +0000)]
A memset() too many got converted into a OPENSSL_cleanse().
PR: 393
Richard Levitte [Tue, 10 Dec 2002 08:26:05 +0000 (08:26 +0000)]
A memset() too many got converted into a OPENSSL_cleanse().
PR: 393
Andy Polyakov [Mon, 9 Dec 2002 13:43:38 +0000 (13:43 +0000)]
BN_sqr test failure entry.
Lutz Jänicke [Mon, 9 Dec 2002 08:49:58 +0000 (08:49 +0000)]
Fix wrong URI.
Submitted by: assar@kth.se
Reviewed by:
PR: 390
Lutz Jänicke [Mon, 9 Dec 2002 08:49:35 +0000 (08:49 +0000)]
Fix wrong URI.
Submitted by: assar@kth.se
Reviewed by:
PR: 390
Richard Levitte [Mon, 9 Dec 2002 02:19:27 +0000 (02:19 +0000)]
make update
Richard Levitte [Mon, 9 Dec 2002 02:18:16 +0000 (02:18 +0000)]
Hmm, Geoff's change made things quite interesting. We can now give
users the option of disabling deprecated functions, which should of
course be reflected in libeay.num and .def files. Quite nice,
actually.
Geoff Thorpe [Sun, 8 Dec 2002 16:45:26 +0000 (16:45 +0000)]
Nils Larsch submitted;
- a patch to fix a memory leak in rsa_gen.c
- a note about compiler warnings with unions
- a note about improving structure element names
This applies his patch and implements a solution to the notes.
Richard Levitte [Sun, 8 Dec 2002 09:31:41 +0000 (09:31 +0000)]
Since it's defined in draft-ietf-tls-compression-04.txt, let's make
ZLIB a known compression method, with the identity 1.
Geoff Thorpe [Sun, 8 Dec 2002 05:38:44 +0000 (05:38 +0000)]
Undefine OPENSSL_NO_DEPRECATED inside openssl application code if we are
being built with it defined - it is not a symbol to affect how openssl
itself builds, but to alter the way openssl headers can be used from an API
point of view. The "deprecated" function wrappers will always remain inside
OpenSSL at least as long as they're still being used internally. :-)
The exception is dsaparam which has been updated to the BN_GENCB-based
functions to test the new functionality. If GENCB_TEST is defined, dsaparam
will support a "-timebomb <n>" switch to cancel parameter-generation if it
gets as far as 'n' seconds without completion.
Geoff Thorpe [Sun, 8 Dec 2002 05:24:31 +0000 (05:24 +0000)]
This is a first-cut at improving the callback mechanisms used in
key-generation and prime-checking functions. Rather than explicitly passing
callback functions and caller-defined context data for the callbacks, a new
structure BN_GENCB is defined that encapsulates this; a pointer to the
structure is passed to all such functions instead.
This wrapper structure allows the encapsulation of "old" and "new" style
callbacks - "new" callbacks return a boolean result on the understanding
that returning FALSE should terminate keygen/primality processing. The
BN_GENCB abstraction will allow future callback modifications without
needing to break binary compatibility nor change the API function
prototypes. The new API functions have been given names ending in "_ex" and
the old functions are implemented as wrappers to the new ones. The
OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined,
declaration of the older functions will be skipped. NB: Some
openssl-internal code will stick with the older callbacks for now, so
appropriate "#undef" logic will be put in place - this is in case the user
is *building* openssl (rather than *including* its headers) with this
symbol defined.
There is another change in the new _ex functions; the key-generation
functions do not return key structures but operate on structures passed by
the caller, the return value is a boolean. This will allow for a smoother
transition to having key-generation as "virtual function" in the various
***_METHOD tables.
Geoff Thorpe [Sun, 8 Dec 2002 05:19:43 +0000 (05:19 +0000)]
Fix a warning, and do some constification as a lucky side-effect :-)
Richard Levitte [Sun, 8 Dec 2002 02:41:11 +0000 (02:41 +0000)]
Since it's defined in draft-ietf-tls-compression-04.txt, let's make
ZLIB a known compression method, with the identity 1.
Richard Levitte [Sun, 8 Dec 2002 02:39:38 +0000 (02:39 +0000)]
Implement a stateful variant if the ZLIB compression method. The old
stateless variant is kept, but isn't used anywhere.
Richard Levitte [Sat, 7 Dec 2002 20:03:42 +0000 (20:03 +0000)]
Forgot one.
Richard Levitte [Sat, 7 Dec 2002 20:02:20 +0000 (20:02 +0000)]
Add a few items I intend to work on for 0.9.8 and on.
Richard Levitte [Sat, 7 Dec 2002 19:59:54 +0000 (19:59 +0000)]
I haven't worked on OCSP at all for a long time, and my KRB5 work will
be concentrated on Heimdal support.
Andy Polyakov [Fri, 6 Dec 2002 17:18:10 +0000 (17:18 +0000)]
Workaround for GCC-ia64 compiler bug.
Submitted by: <appro>
Reviewed by:
PR:
Andy Polyakov [Fri, 6 Dec 2002 17:16:25 +0000 (17:16 +0000)]
Workaround for GCC-ia64 compiler bug.
Submitted by: <appro>
Reviewed by:
PR:
Andy Polyakov [Fri, 6 Dec 2002 16:45:11 +0000 (16:45 +0000)]
linux64-sparcv9 support
Submitted by: <appro>
Reviewed by:
PR:
Richard Levitte [Fri, 6 Dec 2002 08:50:25 +0000 (08:50 +0000)]
Some compilers are quite picky about non-void functions that don't return
anything.
Richard Levitte [Fri, 6 Dec 2002 08:50:06 +0000 (08:50 +0000)]
Some compilers are quite picky about non-void functions that don't return
anything.
Richard Levitte [Fri, 6 Dec 2002 08:44:24 +0000 (08:44 +0000)]
Apparently, bash is more forgiving than sh. To be backward
compatible, don't use ==, use = instead...
Richard Levitte [Fri, 6 Dec 2002 08:43:41 +0000 (08:43 +0000)]
Apparently, bash is more forgiving than sh. To be backward
compatible, don't use ==, use = instead...
Richard Levitte [Fri, 6 Dec 2002 00:39:03 +0000 (00:39 +0000)]
Keep NEWS in HEAD up to date.
Richard Levitte [Fri, 6 Dec 2002 00:37:20 +0000 (00:37 +0000)]
The news were not updated in time...
Richard Levitte [Thu, 5 Dec 2002 23:10:01 +0000 (23:10 +0000)]
Tagging has been done, time to move the branch to 0.9.7-beta6
development.
Richard Levitte [Thu, 5 Dec 2002 23:01:17 +0000 (23:01 +0000)]
Keep STATUS in HEAD up to date.
Richard Levitte [Thu, 5 Dec 2002 22:51:19 +0000 (22:51 +0000)]
Time to release 0.9.7-beta5.
The tag will be OpenSSL_0_9_7-beta5.
Richard Levitte [Thu, 5 Dec 2002 21:51:57 +0000 (21:51 +0000)]
Merge in relevant changes from the OpenSSL 0.9.6h release.
Richard Levitte [Thu, 5 Dec 2002 21:50:13 +0000 (21:50 +0000)]
Merge in relevant changes from the OpenSSL 0.9.6h release.
Richard Levitte [Thu, 5 Dec 2002 21:07:35 +0000 (21:07 +0000)]
SSL_CERT_FILE should be used in place of the system default file, not as
a first alternative to try
Richard Levitte [Thu, 5 Dec 2002 21:07:26 +0000 (21:07 +0000)]
SSL_CERT_FILE should be used in place of the system default file, not as
a first alternative to try
Richard Levitte [Thu, 5 Dec 2002 20:50:52 +0000 (20:50 +0000)]
Corrected DJGPP patch
Richard Levitte [Thu, 5 Dec 2002 20:50:25 +0000 (20:50 +0000)]
Corrected DJGPP patch
Andy Polyakov [Thu, 5 Dec 2002 13:17:52 +0000 (13:17 +0000)]
linux64-sparcv9 support finally debugged and tested.
Submitted by:
Reviewed by:
PR:
Richard Levitte [Thu, 5 Dec 2002 10:17:08 +0000 (10:17 +0000)]
Make sure to implement the cryptodev engine only when /dev/crypto exists.
PR: 385
Richard Levitte [Thu, 5 Dec 2002 10:16:28 +0000 (10:16 +0000)]
Make sure to implement the cryptodev engine only when /dev/crypto exists.
Richard Levitte [Thu, 5 Dec 2002 01:55:48 +0000 (01:55 +0000)]
make update
Richard Levitte [Thu, 5 Dec 2002 01:55:24 +0000 (01:55 +0000)]
make update
Richard Levitte [Thu, 5 Dec 2002 01:42:14 +0000 (01:42 +0000)]
Declare another general file.
Richard Levitte [Thu, 5 Dec 2002 01:35:09 +0000 (01:35 +0000)]
Allow users to modify /MD to /MT.
PR: 380
Richard Levitte [Thu, 5 Dec 2002 01:35:04 +0000 (01:35 +0000)]
Allow users to modify /MD to /MT.
PR: 380
Richard Levitte [Thu, 5 Dec 2002 01:20:59 +0000 (01:20 +0000)]
Make sure using SSL_CERT_FILE actually works, and has priority over system defaults.
PR: 376