Bodo Möller [Fri, 15 Jun 2001 18:06:06 +0000 (18:06 +0000)]
pay attention to blocksize before attempting decryption
Ulf Möller [Fri, 8 Jun 2001 14:17:12 +0000 (14:17 +0000)]
as in head
Lutz Jänicke [Thu, 7 Jun 2001 17:22:01 +0000 (17:22 +0000)]
ERR_peek_error() returns "unsigned long".
Richard Levitte [Thu, 7 Jun 2001 04:45:55 +0000 (04:45 +0000)]
Use memmove() instead of memcpy() on areas that may overlap.
Spotted by Nalin Dahyabhai <nalin@redhat.com>
Bodo Möller [Wed, 6 Jun 2001 21:44:48 +0000 (21:44 +0000)]
OAEP fix
Bodo Möller [Wed, 6 Jun 2001 18:48:57 +0000 (18:48 +0000)]
when checking OAEP, signal just a single kind of 'decoding error'
Ulf Möller [Wed, 6 Jun 2001 17:24:03 +0000 (17:24 +0000)]
as in head
Ulf Möller [Wed, 6 Jun 2001 17:15:47 +0000 (17:15 +0000)]
make sure we don't write to seed[-1]
Richard Levitte [Mon, 4 Jun 2001 16:34:39 +0000 (16:34 +0000)]
Accept digits in symbol names. Spotted by Brian Havard <brianh@kheldar.apana.org.au>
Bodo Möller [Fri, 1 Jun 2001 09:43:23 +0000 (09:43 +0000)]
Fix Bleichenbacher PKCS #1 1.5 countermeasure.
(The attack against SSL 3.1 and TLS 1.0 is impractical anyway,
otherwise this would be a security relevant patch.)
Bodo Möller [Fri, 1 Jun 2001 08:39:02 +0000 (08:39 +0000)]
increase DEFAULT_BUFFER_SIZE (4K instead of just 1K)
Richard Levitte [Fri, 1 Jun 2001 05:36:44 +0000 (05:36 +0000)]
From revision 1.25, 2001/05/31 22:25:30 by levitte
Don't decrement the reference counter twice when destroying dynamic
links.
Dr. Stephen Henson [Thu, 24 May 2001 23:00:46 +0000 (23:00 +0000)]
Add missing variable length cipher flag for Blowfish.
Only use trust settings if either trust or reject settings
are present, otherwise use compatibility mode. This stops
root CAs being rejected if they have alias of keyid set.
Dr. Stephen Henson [Thu, 24 May 2001 22:33:16 +0000 (22:33 +0000)]
Fix for missing DSA parameters.
Richard Levitte [Tue, 22 May 2001 12:48:14 +0000 (12:48 +0000)]
VMS doesn't support more than on period in a file name
Richard Levitte [Thu, 17 May 2001 05:03:47 +0000 (05:03 +0000)]
Add development tools to the requirements
Lutz Jänicke [Wed, 16 May 2001 09:46:47 +0000 (09:46 +0000)]
Add missing item SSL_ERROR_WANT_CONNECT.
Lutz Jänicke [Mon, 14 May 2001 09:57:03 +0000 (09:57 +0000)]
Typos.
Lutz Jänicke [Mon, 14 May 2001 09:03:35 +0000 (09:03 +0000)]
One more point to clarify, pointed out by "Greg Stark" <ghstark@pobox.com>
Lutz Jänicke [Sat, 12 May 2001 09:49:46 +0000 (09:49 +0000)]
Clarify behaviour with respect to SSL/TLS records.
Lutz Jänicke [Fri, 11 May 2001 09:54:20 +0000 (09:54 +0000)]
Clarify behaviour of SSL_write() by mentioning SSL_MODE_ENABLE_PARTIAL_WRITE
flag as discussed on the mailing list.
Bodo Möller [Tue, 8 May 2001 12:46:33 +0000 (12:46 +0000)]
fix an old entry
Bodo Möller [Thu, 3 May 2001 09:28:19 +0000 (09:28 +0000)]
.rnd issues
Bodo Möller [Thu, 3 May 2001 08:50:32 +0000 (08:50 +0000)]
bctest changes for Ultrix (don't return 1 from bctest, otherwise make aborts)
Richard Levitte [Thu, 3 May 2001 07:50:39 +0000 (07:50 +0000)]
Some platforms (most notably Windows) do not have a $HOME by default.
For those, unless the environment variables RANDFILE or HOME are
defined (the default case!), RAND_file_name() will return NULL.
This change adds a default HOME for those platforms.
To add a default HOME for any platform, just define DEFAULT_HOME in
the proper place, wrapped in appropriate #ifdef..#endif, in e_os.h.
Richard Levitte [Thu, 3 May 2001 06:15:05 +0000 (06:15 +0000)]
Add support for Sun C on Solaris x86. Contributed by Ben <mouring@etoh.eviladmin.org>
Richard Levitte [Wed, 2 May 2001 07:10:42 +0000 (07:10 +0000)]
Merge in the following changes (from the main trunk log):
>----------------------------
>revision 1.24
>date: 2001/04/29 16:30:59; author: steve; state: Exp; lines: +5 -1
>Win32 fixes:
>
>define LLONG properly for VC++.
>
>stop compiler complaining about signed/unsigned mismatch in apps/engine.c
>----------------------------
>revision 1.22
>date: 2001/02/27 23:59:18; author: ulf; state: Exp; lines: +1 -1
>%f conversion bug fix
>Submitted by: Henrik Eriksson <henrik.eriksson@axis.com>
>----------------------------
>revision 1.21
>date: 2000/10/22 12:44:12; author: levitte; state: Exp; lines: +3 -3
>On some operating systems, MAX is defined. Call ours OSSL_MAX instead
Lutz Jänicke [Wed, 25 Apr 2001 15:25:39 +0000 (15:25 +0000)]
Typo (Petr Lancaric <Petr.Lancaric@ips-ag.cz>).
Bodo Möller [Wed, 18 Apr 2001 15:12:26 +0000 (15:12 +0000)]
typo
Bodo Möller [Wed, 18 Apr 2001 15:08:19 +0000 (15:08 +0000)]
fix md_rand.c locking bugs
Lutz Jänicke [Tue, 17 Apr 2001 13:20:05 +0000 (13:20 +0000)]
Clarify request of client certificates. This is a FAQ.
Lutz Jänicke [Sun, 15 Apr 2001 10:30:01 +0000 (10:30 +0000)]
-1 cannot work on platforms with unsigned char
(Jun-ichiro itojun Hagino <itojun@iijlab.net>).
Lutz Jänicke [Sat, 14 Apr 2001 14:48:44 +0000 (14:48 +0000)]
Don't make half work when constifying...
Lutz Jänicke [Sat, 14 Apr 2001 14:42:28 +0000 (14:42 +0000)]
Constify "salt" (Jason Molenda <jason@molenda.com>)
Lutz Jänicke [Thu, 12 Apr 2001 21:12:30 +0000 (21:12 +0000)]
Missing link ("Greg Stark" <gstark@ethentica.com>)
Lutz Jänicke [Thu, 12 Apr 2001 16:03:28 +0000 (16:03 +0000)]
Fix wrong information with respect to CAs listed to the client
(follows from technical discussion with Amit Chopra <amitc@pspl.co.in>).
Bodo Möller [Thu, 12 Apr 2001 12:09:07 +0000 (12:09 +0000)]
some updates from 0.9.7-dev
Lutz Jänicke [Thu, 12 Apr 2001 11:46:23 +0000 (11:46 +0000)]
Typo (Jun-ichiro itojun Hagino <itojun@iijlab.net>)
Richard Levitte [Wed, 11 Apr 2001 10:12:13 +0000 (10:12 +0000)]
The changes that I just commited on this file is a mistake. Go back. This never happened :-)
Richard Levitte [Wed, 11 Apr 2001 10:06:44 +0000 (10:06 +0000)]
NetBSD and OpenBSD use TOD as well
Lutz Jänicke [Mon, 9 Apr 2001 15:00:31 +0000 (15:00 +0000)]
Typo (was already fixed in 0.9.7-dev).
Lutz Jänicke [Sun, 8 Apr 2001 10:53:27 +0000 (10:53 +0000)]
Add forgotten "-passin" option to smime.c usage help.
Richard Levitte [Thu, 5 Apr 2001 21:08:33 +0000 (21:08 +0000)]
A small change that only went to the engine-0.9.6 branch...
This change will be part of 0.9.6a.
Richard Levitte [Thu, 5 Apr 2001 17:59:14 +0000 (17:59 +0000)]
Tagging has been done, move on to development of 0.9.6b.
(Hopefully, it will never be needed)
Richard Levitte [Thu, 5 Apr 2001 17:42:00 +0000 (17:42 +0000)]
Forgot to update the STATUS file. This will be part of 0.9.6a
Richard Levitte [Thu, 5 Apr 2001 16:43:07 +0000 (16:43 +0000)]
Release OpenSSL 0.9.6a.
The tag will be OpenSSL_0_9_6a
Richard Levitte [Thu, 5 Apr 2001 16:36:00 +0000 (16:36 +0000)]
make update
Dr. Stephen Henson [Wed, 4 Apr 2001 22:30:26 +0000 (22:30 +0000)]
Fix couple of memory leaks in PKCS7_dataDecode().
Ulf Möller [Wed, 4 Apr 2001 19:20:33 +0000 (19:20 +0000)]
Unixware config.
Submitted by: Tim Rice <tim@multitalents.net>
Bodo Möller [Wed, 4 Apr 2001 16:27:44 +0000 (16:27 +0000)]
don't use shell functions
Richard Levitte [Wed, 4 Apr 2001 15:51:36 +0000 (15:51 +0000)]
Incorporate some changes that make OpenSSL compilable in CygWin.
Richard Levitte [Wed, 4 Apr 2001 04:30:39 +0000 (04:30 +0000)]
We're still just developping beta4 (or final release)
Richard Levitte [Wed, 4 Apr 2001 04:24:35 +0000 (04:24 +0000)]
Make do_bsd-gcc-shared depend on do_gnu-shared instead of the non-existent linux-shared
Bodo Möller [Tue, 3 Apr 2001 15:20:22 +0000 (15:20 +0000)]
As in the main branch, ignore the bctest exit value.
(I thought I had done this change before ...)
Bodo Möller [Tue, 3 Apr 2001 13:46:36 +0000 (13:46 +0000)]
This change should be suitable as a workaround for the Solaris x86
compiler bug reported in <
01032110293775.22278@weba3.iname.net>
(the '++seq[i]' condition is evaluated as 256 rather than 0
when the previous value is 255).
Richard Levitte [Tue, 3 Apr 2001 09:42:49 +0000 (09:42 +0000)]
Plug a memory leak. Spotted by "Shijin" <shijin@comex.com>
Richard Levitte [Tue, 3 Apr 2001 08:31:45 +0000 (08:31 +0000)]
libfisdef.h and LIB do not exist on older VMS versions
Richard Levitte [Tue, 3 Apr 2001 08:27:53 +0000 (08:27 +0000)]
Remove a typo in dgux-R4-gcc.
Richard Levitte [Mon, 2 Apr 2001 09:10:59 +0000 (09:10 +0000)]
Compaq C on OpenVMS is a little picky around producing empty object
files...
Bodo Möller [Sat, 31 Mar 2001 07:47:32 +0000 (07:47 +0000)]
avoid buffer overflow
Ulf Möller [Sat, 31 Mar 2001 01:19:42 +0000 (01:19 +0000)]
Note that alpha.s is no longer used.
Richard Levitte [Fri, 30 Mar 2001 16:22:44 +0000 (16:22 +0000)]
Tagging has been done, move on to develop beta 4 (hopefully not :-)).
Richard Levitte [Fri, 30 Mar 2001 15:59:57 +0000 (15:59 +0000)]
make update
Bodo Möller [Fri, 30 Mar 2001 14:55:19 +0000 (14:55 +0000)]
this time *really* fix the /../ check ...
Dr. Stephen Henson [Fri, 30 Mar 2001 13:42:32 +0000 (13:42 +0000)]
Fix asn1_GetSequence() for indefinite length sequences.
Richard Levitte [Fri, 30 Mar 2001 12:21:28 +0000 (12:21 +0000)]
Release beta 3 of OpenSSL 0.9.6a.
The tag will be OpenSSL_0_9_6a-beta3.
Bodo Möller [Fri, 30 Mar 2001 10:50:27 +0000 (10:50 +0000)]
Remove unused variable 'prev_slash' that I accidentily added.
Bodo Möller [Fri, 30 Mar 2001 10:47:56 +0000 (10:47 +0000)]
For -WWW, fix test for ".." directory references (and avoid warning for
index -1).
Bodo Möller [Fri, 30 Mar 2001 10:46:49 +0000 (10:46 +0000)]
News for 0.9.6a.
Bodo Möller [Fri, 30 Mar 2001 09:23:14 +0000 (09:23 +0000)]
Use enhanced bctest (as in main trunk), and add a workaround that
should solve the problems with FreeBSD's /bin/sh.
Richard Levitte [Fri, 30 Mar 2001 07:26:04 +0000 (07:26 +0000)]
Additionally, rename des_encrypt to des_encrypt1 in files that are
seldom used or read, but may still be...
Dr. Stephen Henson [Fri, 30 Mar 2001 02:14:29 +0000 (02:14 +0000)]
Change des_encrypt to des_encrypt1 in assembly language perl
scripts and des_opts #defines.
Dr. Stephen Henson [Fri, 30 Mar 2001 00:58:49 +0000 (00:58 +0000)]
Fix a bug caused by the 'fix' for empty X509_NAME encoding.
Richard Levitte [Thu, 29 Mar 2001 20:58:18 +0000 (20:58 +0000)]
Merge in the latest news
Richard Levitte [Thu, 29 Mar 2001 20:37:32 +0000 (20:37 +0000)]
One des_encrypt to des_encrypt1 I forgot to commit...
Richard Levitte [Thu, 29 Mar 2001 10:49:01 +0000 (10:49 +0000)]
I forgot to rename des_encrypt to des_encrypt1 in libeay.num.
Richard Levitte [Thu, 29 Mar 2001 07:45:01 +0000 (07:45 +0000)]
Since there has been reports of clashes between OpenSSL's
des_encrypt() and des_encrypt() defined on some systems (Solaris and
Unixware and maybe others), we rename des_encrypt() to des_encrypt1().
This should have very little impact on external software unless
someone has written a mode of DES, since that's all des_encrypt() is
meant for.
Richard Levitte [Wed, 28 Mar 2001 13:35:48 +0000 (13:35 +0000)]
Add news section for OpenSSL 0.9.6a. Please add what's missing
Ulf Möller [Wed, 28 Mar 2001 04:49:39 +0000 (04:49 +0000)]
check the CRT result.
Ulf Möller [Wed, 28 Mar 2001 02:39:22 +0000 (02:39 +0000)]
Note the MIPS assembler bug fix.
Richard Levitte [Tue, 27 Mar 2001 23:48:35 +0000 (23:48 +0000)]
Merge in the IRIX fix from the main development line.
Richard Levitte [Tue, 27 Mar 2001 09:12:51 +0000 (09:12 +0000)]
Reports seem to show that asm/mips3.s has faults. To be investigated, but let's avoid using it in the mean time
Richard Levitte [Mon, 26 Mar 2001 16:26:41 +0000 (16:26 +0000)]
For mips3 and alpha, put the assembler file directives in separate
variables and disable the Alpha assembler for now, since it has been
shown to fail.
The Alpha failure can be shown by adding the following numbers:
FFFFFFFFFFFFFF0000FF2E00000000EBFFFFFF0000D1
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF46FFE0FFFF0000
The result is:
1FFFFFFFFFFFEFF0000FF2E0000000032FFE0FEFF00D1
The result should really be:
1FFFFFFFFFFFFFF0000FF2E0000000032FFE0FEFF00D1
Richard Levitte [Sat, 24 Mar 2001 12:45:11 +0000 (12:45 +0000)]
make update
Richard Levitte [Sat, 24 Mar 2001 12:37:32 +0000 (12:37 +0000)]
Bring in the following changes:
ln on Solaris expects -f to come before -s.
The linux-shared method is actually gcc-specific, so call it
gnu-shared as well.
When using the native tools on Solaris, make damn sure the native ld
is used, even if the user has GNU ld earlier in his $PATH.
Richard Levitte [Sat, 24 Mar 2001 12:35:41 +0000 (12:35 +0000)]
Bring in the following change:
gcc uses collect2, not ld, to link things. Therefore, when using gcc
there's no need fooling ourselves, it's the gnu-shared method that we
should use. Do it for Solaris to begin with.
Richard Levitte [Sat, 24 Mar 2001 12:26:03 +0000 (12:26 +0000)]
Bring in the rest of the corrections for shared libraries from the
main trunk.
Richard Levitte [Thu, 22 Mar 2001 22:06:27 +0000 (22:06 +0000)]
For AIX 4.3 or above, allow the use of dlfcn.
Richard Levitte [Thu, 22 Mar 2001 21:21:09 +0000 (21:21 +0000)]
We really have no need for PEX_LIBS, so empty it.
Dr. Stephen Henson [Thu, 22 Mar 2001 18:03:22 +0000 (18:03 +0000)]
Oops... fix PKCS#7 bug properly this time.
Lutz Jänicke [Thu, 22 Mar 2001 15:52:26 +0000 (15:52 +0000)]
Fix error caused by typo (len->strlen) and warning caused by long<->int
for HP-UX shl_* (32bit dynamic loading) interface.
Bodo Möller [Thu, 22 Mar 2001 15:15:58 +0000 (15:15 +0000)]
solaris64-sparcv9-cc still works
Bodo Möller [Thu, 22 Mar 2001 15:13:43 +0000 (15:13 +0000)]
Add missing '#ifndef NO_DSA'.
Submitted by: "Hellan,Kim KHE" <KHE@kmd.dk>
Bodo Möller [Thu, 22 Mar 2001 15:05:23 +0000 (15:05 +0000)]
Add missing '#ifndef NO_DSA'.
Submitted by: "Hellan,Kim KHE" <KHE@kmd.dk>
Bodo Möller [Thu, 22 Mar 2001 15:00:45 +0000 (15:00 +0000)]
backport the comment (here it's NO_DH, not OPENSSL_NO_DH ...)
Bodo Möller [Thu, 22 Mar 2001 14:59:18 +0000 (14:59 +0000)]
Avoid compiler warning for NO_DH as in the main trunk.
Bodo Möller [Thu, 22 Mar 2001 14:56:55 +0000 (14:56 +0000)]
Add another "[This change does not apply to 0.9.7.]" line so
that we can combine the CHANGES files later on.
Richard Levitte [Thu, 22 Mar 2001 14:56:04 +0000 (14:56 +0000)]
Got one positive report.
Richard Levitte [Thu, 22 Mar 2001 14:42:24 +0000 (14:42 +0000)]
Remove redundant operations and update version info.
Dr. Stephen Henson [Thu, 22 Mar 2001 13:49:15 +0000 (13:49 +0000)]
Fix bug in PKCS#7 decode routines when indefinite length
encoding is used inside definite length encoding.