oweals/openssl.git
22 years agoThis change was only made in 0.9.7-stable. Synchronise
Richard Levitte [Sun, 3 Mar 2002 01:25:21 +0000 (01:25 +0000)]
This change was only made in 0.9.7-stable.  Synchronise

22 years agoRemove the perl/ subdirectory. It hasn't been worked on for ages, is
Richard Levitte [Thu, 28 Feb 2002 22:07:50 +0000 (22:07 +0000)]
Remove the perl/ subdirectory.  It hasn't been worked on for ages, is
very broken, and there are working modules in CPAN, which makes our
module even more moot.

22 years agomake update
Richard Levitte [Thu, 28 Feb 2002 20:29:20 +0000 (20:29 +0000)]
make update

22 years agouse ERR_peek_last_error() instead of ERR_peek_error()
Bodo Möller [Thu, 28 Feb 2002 14:07:37 +0000 (14:07 +0000)]
use ERR_peek_last_error() instead of ERR_peek_error()

22 years agouse ERR_peek_last_error() instead of ERR_peek_error() to ignore
Bodo Möller [Thu, 28 Feb 2002 14:05:13 +0000 (14:05 +0000)]
use ERR_peek_last_error() instead of ERR_peek_error() to ignore
any other errors that may be left in the error queue

Submitted by: Jeffrey Altman

22 years agoVMS addaptation, including a few more long names that needed hacking.
Richard Levitte [Thu, 28 Feb 2002 13:17:40 +0000 (13:17 +0000)]
VMS addaptation, including a few more long names that needed hacking.

22 years agoMake sure aep_close_connection() is declared and has a prototype that's
Richard Levitte [Thu, 28 Feb 2002 12:58:43 +0000 (12:58 +0000)]
Make sure aep_close_connection() is declared and has a prototype that's
consistent with the rest of the AEP functions

22 years agoIncrease internal security when using strncpy, by making sure the resulting string...
Richard Levitte [Thu, 28 Feb 2002 12:42:19 +0000 (12:42 +0000)]
Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated

22 years agoUpdated AEP engine, submitted by Diarmuid O'Neill <Diarmuid.ONeill@aep.ie>
Richard Levitte [Thu, 28 Feb 2002 11:36:38 +0000 (11:36 +0000)]
Updated AEP engine, submitted by Diarmuid O'Neill <Diarmuid.ONeill@aep.ie>

22 years agoDocument the added modes for AES
Richard Levitte [Thu, 28 Feb 2002 11:29:55 +0000 (11:29 +0000)]
Document the added modes for AES

22 years agoAdd 'void *' argument to app_verify_callback.
Bodo Möller [Thu, 28 Feb 2002 10:52:56 +0000 (10:52 +0000)]
Add 'void *' argument to app_verify_callback.

Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller

22 years agodisable '#ifdef DEBUG' sections
Bodo Möller [Thu, 28 Feb 2002 10:51:56 +0000 (10:51 +0000)]
disable '#ifdef DEBUG' sections

22 years agoThis adds a new ENGINE to support IBM 4758 cards, contributed by Maurice
Geoff Thorpe [Wed, 27 Feb 2002 22:55:28 +0000 (22:55 +0000)]
This adds a new ENGINE to support IBM 4758 cards, contributed by Maurice
Gittens.

22 years agoFix the fix (Yoram Zahavi)...
Lutz Jänicke [Wed, 27 Feb 2002 11:23:05 +0000 (11:23 +0000)]
Fix the fix (Yoram Zahavi)...

22 years agoSSL_clear != SSL_free/SSL_new
Lutz Jänicke [Wed, 27 Feb 2002 08:08:57 +0000 (08:08 +0000)]
SSL_clear != SSL_free/SSL_new

22 years agoMake sure to remove bad sessions in SSL_clear() (found by Yoram Zahavi).
Lutz Jänicke [Tue, 26 Feb 2002 21:40:09 +0000 (21:40 +0000)]
Make sure to remove bad sessions in SSL_clear() (found by Yoram Zahavi).

22 years agoAlways init ctx_tmp in PKCS7_dataFinal since it is always cleaned up.
Dr. Stephen Henson [Tue, 26 Feb 2002 19:33:24 +0000 (19:33 +0000)]
Always init ctx_tmp in PKCS7_dataFinal since it is always cleaned up.

22 years agomake update, after moving around symbols in libeay.num to match
Richard Levitte [Tue, 26 Feb 2002 14:41:29 +0000 (14:41 +0000)]
make update, after moving around symbols in libeay.num to match
0.9.7-stable.

22 years agoFix new -aes command argument handling
Dr. Stephen Henson [Tue, 26 Feb 2002 13:46:55 +0000 (13:46 +0000)]
Fix new -aes command argument handling

22 years agoMake the engine config module always add dynamic ENGINEs
Dr. Stephen Henson [Sun, 24 Feb 2002 16:20:50 +0000 (16:20 +0000)]
Make the engine config module always add dynamic ENGINEs
to the list using dynamic_path. This stops ENGINEs which
don't supply any default algorithms being automatically
freed (because they have no references) and allows them
to be accessed by id.

Alternative dynamic loading behaviour can be achieved by
issuing the dynamic ENGINE ctrls separately in the config file.

22 years agoUpdates from stable branch.
Dr. Stephen Henson [Sat, 23 Feb 2002 13:50:29 +0000 (13:50 +0000)]
Updates from stable branch.

22 years agoNew OPENSSL_LOAD_CONF define to load openssl.cnf
Dr. Stephen Henson [Sat, 23 Feb 2002 01:00:44 +0000 (01:00 +0000)]
New OPENSSL_LOAD_CONF define to load openssl.cnf
when OpenSSL_add_all_algorithms() is called.

22 years agoFix for AIX.
Dr. Stephen Henson [Fri, 22 Feb 2002 21:26:25 +0000 (21:26 +0000)]
Fix for AIX.

Submitted by Dawn Whiteside <dwhitesi@tiercel.uwaterloo.ca>

22 years agonon-Monolith fixes.
Dr. Stephen Henson [Fri, 22 Feb 2002 21:21:18 +0000 (21:21 +0000)]
non-Monolith fixes.

Submitted by Andrew W. Gray <agray@iconsinc.com>

22 years agomake errors
Dr. Stephen Henson [Fri, 22 Feb 2002 21:17:31 +0000 (21:17 +0000)]
make errors

22 years agoUpdate from stable branch.
Dr. Stephen Henson [Fri, 22 Feb 2002 14:07:35 +0000 (14:07 +0000)]
Update from stable branch.

22 years agoConfig code updates.
Dr. Stephen Henson [Fri, 22 Feb 2002 14:01:21 +0000 (14:01 +0000)]
Config code updates.

CONF_modules_unload() now calls CONF_modules_finish()
automatically.

Default use of section openssl_conf moved to
CONF_modules_load()

Load config file in several openssl utilities.

Most utilities now load modules from the config file,
though in a few (such as version) this isn't done
because it couldn't be used for anything.

In the case of ca and req the config file used is
the same as the utility itself: that is the -config
command line option can be used to specify an
alternative file.

22 years agoWe have AES support in openssl speed
Richard Levitte [Thu, 21 Feb 2002 17:23:04 +0000 (17:23 +0000)]
We have AES support in openssl speed

22 years agodisable '#ifdef DEBUG' sections
Bodo Möller [Thu, 21 Feb 2002 13:07:44 +0000 (13:07 +0000)]
disable '#ifdef DEBUG' sections

22 years agoConfig file updates from stable branch
Dr. Stephen Henson [Thu, 21 Feb 2002 00:54:54 +0000 (00:54 +0000)]
Config file updates from stable branch

22 years agoAdd AES support in the applications that support -des and -des3.
Richard Levitte [Wed, 20 Feb 2002 18:03:07 +0000 (18:03 +0000)]
Add AES support in the applications that support -des and -des3.

22 years agoAdd comfy aliases for AES in CBC mode.
Richard Levitte [Wed, 20 Feb 2002 17:59:49 +0000 (17:59 +0000)]
Add comfy aliases for AES in CBC mode.

22 years agoStop assuming the IV is 8 bytes long, use the real size instead.
Richard Levitte [Wed, 20 Feb 2002 17:55:08 +0000 (17:55 +0000)]
Stop assuming the IV is 8 bytes long, use the real size instead.
This is especially important for AES that has a 16 bytes IV.

22 years agoIncluding openssl/e_os.h in the OpenSSL 0.9.6 branch is legal, since
Richard Levitte [Wed, 20 Feb 2002 14:07:07 +0000 (14:07 +0000)]
Including openssl/e_os.h in the OpenSSL 0.9.6 branch is legal, since
it's exported.  Changing that is a BIG step, which has been done in
0.9.7-dev.

22 years agogcc figures that the format specifier %2x means unsigned int, so let's
Richard Levitte [Wed, 20 Feb 2002 13:50:36 +0000 (13:50 +0000)]
gcc figures that the format specifier %2x means unsigned int, so let's
make n unsigned.

22 years agoInstead of casting a lvalue, let's constify meth.
Richard Levitte [Wed, 20 Feb 2002 13:49:17 +0000 (13:49 +0000)]
Instead of casting a lvalue, let's constify meth.

22 years agoUpdate the status on 64-bit thingy.
Richard Levitte [Wed, 20 Feb 2002 13:19:59 +0000 (13:19 +0000)]
Update the status on 64-bit thingy.

22 years agosimplifications
Bodo Möller [Wed, 20 Feb 2002 13:08:17 +0000 (13:08 +0000)]
simplifications

Submitted by: Nils Larsch

22 years agotypo
Bodo Möller [Wed, 20 Feb 2002 12:38:00 +0000 (12:38 +0000)]
typo

22 years agoAdd reports on checked 64-bit platforms and make space to add platforms that need...
Richard Levitte [Wed, 20 Feb 2002 12:31:23 +0000 (12:31 +0000)]
Add reports on checked 64-bit platforms and make space to add platforms that need to be checked

22 years agoWith Compaq make, it seems like # inside an action becomes part of the command, not...
Richard Levitte [Wed, 20 Feb 2002 12:16:17 +0000 (12:16 +0000)]
With Compaq make, it seems like # inside an action becomes part of the command, not a comment at all

22 years agoInstead of just checking for OpenVMS, check if DEC C is used, since it's as
Richard Levitte [Wed, 20 Feb 2002 12:01:24 +0000 (12:01 +0000)]
Instead of just checking for OpenVMS, check if DEC C is used, since it's as
picky on all platforms

22 years agobugfix: allocate sufficiently large buffer
Bodo Möller [Wed, 20 Feb 2002 11:59:42 +0000 (11:59 +0000)]
bugfix: allocate sufficiently large buffer

Submitted by: Nils Larsch

22 years agoComparing a pointer (data) with 0 using > is incorrect. The changed
Richard Levitte [Wed, 20 Feb 2002 11:57:33 +0000 (11:57 +0000)]
Comparing a pointer (data) with 0 using > is incorrect.  The changed
comparison doesn't look right, but at least it compiles.  It would be nice
if the one who knows what this is supposed to do changed it to do it correctly

22 years agoWith Compaq make, it seems like # inside an action becomes part of the command, not...
Richard Levitte [Wed, 20 Feb 2002 11:43:40 +0000 (11:43 +0000)]
With Compaq make, it seems like # inside an action becomes part of the command, not a comment at all

22 years agoDon't shadow already defined variables
Richard Levitte [Wed, 20 Feb 2002 11:42:42 +0000 (11:42 +0000)]
Don't shadow already defined variables

22 years agomake update
Geoff Thorpe [Wed, 20 Feb 2002 08:33:55 +0000 (08:33 +0000)]
make update

22 years agoA rough little self-test for tunala. This runs through all cipher-suite /
Geoff Thorpe [Wed, 20 Feb 2002 05:12:45 +0000 (05:12 +0000)]
A rough little self-test for tunala. This runs through all cipher-suite /
SSL/TLS version combinations looking for mishaps.

22 years agoMake the "ungunk" logic a little more robust.
Geoff Thorpe [Wed, 20 Feb 2002 05:09:22 +0000 (05:09 +0000)]
Make the "ungunk" logic a little more robust.

22 years ago- Add support for cipher suites that require a temporary RSA key for
Geoff Thorpe [Wed, 20 Feb 2002 05:02:50 +0000 (05:02 +0000)]
- Add support for cipher suites that require a temporary RSA key for
  key-agreement.
- Tolerate signal interruptions of select().

22 years agoOh, and since config figures out that we run Cygwin and what versions,
Richard Levitte [Sat, 16 Feb 2002 22:31:16 +0000 (22:31 +0000)]
Oh, and since config figures out that we run Cygwin and what versions,
let's recommend running config instead of a manual Configure.

22 years agoSince Cygwin is the proper spelling, let's change to that everywhere.
Richard Levitte [Sat, 16 Feb 2002 22:28:31 +0000 (22:28 +0000)]
Since Cygwin is the proper spelling, let's change to that everywhere.
Also, with the change in Configure, it now knows on it's own if
threads are supported or not.

22 years agoCygwin target name has been changed!
Ulf Möller [Sat, 16 Feb 2002 16:53:25 +0000 (16:53 +0000)]
Cygwin target name has been changed!

22 years agoThe AES modes OFB and CFB are defined with 128 feedback bits. This
Richard Levitte [Sat, 16 Feb 2002 12:39:07 +0000 (12:39 +0000)]
The AES modes OFB and CFB are defined with 128 feedback bits.  This
deviates from the "standard" 64 bits of feedback that all other
algorithms are using.  Therefore, let's redo certain EVP macros to
accept different amounts of feedback bits for these modes.

Also, change e_aes.c to provide all usually available modes for AES.
CTR isn't included yet.

22 years agoAdd the modes OFB128, CFB128 and CTR128 to AES.
Richard Levitte [Sat, 16 Feb 2002 12:20:34 +0000 (12:20 +0000)]
Add the modes OFB128, CFB128 and CTR128 to AES.
Submitted by Stephen Sprunk <stephen@sprunk.org>

22 years agoAdjust the NID names for the AES modes OFB and CFB to contain the number
Richard Levitte [Sat, 16 Feb 2002 12:15:30 +0000 (12:15 +0000)]
Adjust the NID names for the AES modes OFB and CFB to contain the number
of feedback bits

22 years agoThe macro IMPLEMENT_ASN1_FUNCTIONS_const already contains an ending ;,
Richard Levitte [Sat, 16 Feb 2002 12:03:25 +0000 (12:03 +0000)]
The macro IMPLEMENT_ASN1_FUNCTIONS_const already contains an ending ;,
so do not add one after the expansion, since ANSI C doesn't allow ;;
at this level (or at least, so tells me gcc).

22 years agoLocal `time' shadows the global function `time()'. Rename the local
Richard Levitte [Sat, 16 Feb 2002 12:01:13 +0000 (12:01 +0000)]
Local `time' shadows the global function `time()'.  Rename the local
variable to `tim' (and, as a matter of consequence, `time_d' to `tim_d').

22 years agoMissing #endif
Richard Levitte [Sat, 16 Feb 2002 11:58:16 +0000 (11:58 +0000)]
Missing #endif

22 years agogcc chokes on C++ comments in C code.
Richard Levitte [Sat, 16 Feb 2002 11:57:25 +0000 (11:57 +0000)]
gcc chokes on C++ comments in C code.

22 years agoGive the linux-sparv9 target shared capability.
Richard Levitte [Fri, 15 Feb 2002 16:22:22 +0000 (16:22 +0000)]
Give the linux-sparv9 target shared capability.
Submitted by Ian Marsh <mushypea@dominion.net.uk>

22 years agoEven though it is not really practical people should know about it.
Lutz Jänicke [Fri, 15 Feb 2002 07:41:42 +0000 (07:41 +0000)]
Even though it is not really practical people should know about it.

22 years agofix indentation
Bodo Möller [Thu, 14 Feb 2002 16:08:55 +0000 (16:08 +0000)]
fix indentation

22 years agoAdd the configuration target VxWorks.
Richard Levitte [Thu, 14 Feb 2002 15:37:38 +0000 (15:37 +0000)]
Add the configuration target VxWorks.

22 years agomake it possible to disable memory checking for timings
Bodo Möller [Thu, 14 Feb 2002 14:41:13 +0000 (14:41 +0000)]
make it possible to disable memory checking for timings

22 years ago'-C' is still quite broken
Bodo Möller [Thu, 14 Feb 2002 14:30:20 +0000 (14:30 +0000)]
'-C' is still quite broken

22 years agofix '-C'
Bodo Möller [Thu, 14 Feb 2002 14:25:33 +0000 (14:25 +0000)]
fix '-C'

22 years agofix memory leak
Bodo Möller [Thu, 14 Feb 2002 14:21:49 +0000 (14:21 +0000)]
fix memory leak

22 years agomove ECDSA test right after EC test
Bodo Möller [Thu, 14 Feb 2002 14:03:32 +0000 (14:03 +0000)]
move ECDSA test right after EC test

22 years agodon't call OPENSSL_config(), this does not make any sense during "make test"
Bodo Möller [Thu, 14 Feb 2002 13:51:20 +0000 (13:51 +0000)]
don't call OPENSSL_config(), this does not make any sense during "make test"

22 years agoMake sure memset() is defined by including string.h
Richard Levitte [Thu, 14 Feb 2002 13:51:04 +0000 (13:51 +0000)]
Make sure memset() is defined by including string.h
Notified by Oscar Jacobsson <oscar@jacobsson.org>

22 years agoFor some reason, getting the topmost error was done the same way as
Richard Levitte [Thu, 14 Feb 2002 13:45:26 +0000 (13:45 +0000)]
For some reason, getting the topmost error was done the same way as
getting the bottommost one.  I hope I understood correctly how this
should be done.  It seems to work when running evp_test in an
environment where it can't find openssl.cnf.

22 years agomake update, with libeay.num remade to match the 0.9.7-stable one.
Richard Levitte [Thu, 14 Feb 2002 13:43:30 +0000 (13:43 +0000)]
make update, with libeay.num remade to match the 0.9.7-stable one.

22 years agoThe Cygwin shared extension was shifted.
Richard Levitte [Thu, 14 Feb 2002 13:36:28 +0000 (13:36 +0000)]
The Cygwin shared extension was shifted.

22 years agoAt Corinna Vinschen's request, change CygWin32 to Cygwin
Richard Levitte [Thu, 14 Feb 2002 12:28:24 +0000 (12:28 +0000)]
At Corinna Vinschen's request, change CygWin32 to Cygwin

22 years agoEC_GROUP_get_group_by_name() is now called EC_GROUP_new_by_name()
Bodo Möller [Thu, 14 Feb 2002 10:23:20 +0000 (10:23 +0000)]
EC_GROUP_get_group_by_name() is now called EC_GROUP_new_by_name()

22 years agoFix warnings.
Ben Laurie [Thu, 14 Feb 2002 09:59:35 +0000 (09:59 +0000)]
Fix warnings.

22 years agoCorrect sh, please
Richard Levitte [Thu, 14 Feb 2002 02:20:34 +0000 (02:20 +0000)]
Correct sh, please

22 years agoECDSA support
Bodo Möller [Wed, 13 Feb 2002 18:21:51 +0000 (18:21 +0000)]
ECDSA support

Submitted by: Nils Larsch <nla@trustcenter.de>

22 years agosome modifications to named curve support
Bodo Möller [Wed, 13 Feb 2002 17:57:52 +0000 (17:57 +0000)]
some modifications to named curve support

22 years agoModify the main trunk version to 0.9.8-dev.
Richard Levitte [Wed, 13 Feb 2002 17:46:38 +0000 (17:46 +0000)]
Modify the main trunk version to 0.9.8-dev.
0.9.7 now lives in the branch OpenSSL_0_9_7-stable.

22 years agonew locks
Bodo Möller [Wed, 13 Feb 2002 17:25:27 +0000 (17:25 +0000)]
new locks

22 years agoadd support for named curves
Bodo Möller [Wed, 13 Feb 2002 17:22:59 +0000 (17:22 +0000)]
add support for named curves

Submitted by: Nils Larsch <nla@trustcenter.de>

22 years agoUpdate the configuration of CygWin32 to use the new capabilities of
Richard Levitte [Wed, 13 Feb 2002 14:44:33 +0000 (14:44 +0000)]
Update the configuration of CygWin32 to use the new capabilities of
CygWin 1.3.x, which includes thread and shared library support.

Submitted by Corinna Vinschen <vinschen@redhat.com> and modified a
little bit.

22 years agoWe should implement a countermeasure against the predictable-IV CBC
Bodo Möller [Wed, 13 Feb 2002 10:21:25 +0000 (10:21 +0000)]
We should implement a countermeasure against the predictable-IV CBC
weakness in SSL/TLS

22 years agoMove teh silencer to the right place.
Richard Levitte [Wed, 13 Feb 2002 10:16:37 +0000 (10:16 +0000)]
Move teh silencer to the right place.

22 years agoMake link-shard a little bit more efficient. If there are no
Richard Levitte [Wed, 13 Feb 2002 10:15:05 +0000 (10:15 +0000)]
Make link-shard a little bit more efficient.  If there are no
extensions to link together, there's no point looping at all.

22 years agoMake removal from session cache more robust.
Lutz Jänicke [Sun, 10 Feb 2002 12:46:41 +0000 (12:46 +0000)]
Make removal from session cache more robust.

22 years agoadd a wish
Bodo Möller [Sat, 9 Feb 2002 01:49:53 +0000 (01:49 +0000)]
add a wish

22 years agoDo not store unneeded data.
Lutz Jänicke [Fri, 8 Feb 2002 15:15:04 +0000 (15:15 +0000)]
Do not store unneeded data.

22 years agoAdd notes on the added support for aep and sureware crypto cards in
Richard Levitte [Thu, 7 Feb 2002 22:15:53 +0000 (22:15 +0000)]
Add notes on the added support for aep and sureware crypto cards in
0.9.7.

22 years agoRemove an unused variable.
Richard Levitte [Thu, 7 Feb 2002 21:55:22 +0000 (21:55 +0000)]
Remove an unused variable.

22 years agoOops, do not unlock CRYPTO_LOCK_DYNLOCK when we locked
Richard Levitte [Thu, 7 Feb 2002 21:49:21 +0000 (21:49 +0000)]
Oops, do not unlock CRYPTO_LOCK_DYNLOCK when we locked
CRYPTO_LOCK_RAND...

22 years agoI forgot to include the aep and sureware vendor header files.
Richard Levitte [Thu, 7 Feb 2002 21:43:05 +0000 (21:43 +0000)]
I forgot to include the aep and sureware vendor header files.

22 years agoBecause AEP and we used the same AEP_R_ prefix for error reasons,
Richard Levitte [Thu, 7 Feb 2002 21:12:08 +0000 (21:12 +0000)]
Because AEP and we used the same AEP_R_ prefix for error reasons,
lets change our prefix to AEPHK_R_.  Otherwise, we get very mysterious
errors because we happen to redefine AEP_R_OK and AEP_R_GENERAL_ERROR.

22 years agoAdd aep and sureware implementations and clean up some error reasons
Richard Levitte [Thu, 7 Feb 2002 20:44:14 +0000 (20:44 +0000)]
Add aep and sureware implementations and clean up some error reasons
that were never part of the engine framework.

The aep and sureware implementations are taken directly from 0.9.6c
[engine] and have been modified to fit the newer engine framework and
to be possible to build shared libraries of.

The aep implementation has gone through quite a bunch of tests and is
cleaned up (there were some misunderstandings in it about how to use
locks).

The sureware hasn't been tested at all in this incarnation and is
basically a quick hack to get it to compile properly.

22 years agoCertain reasons aren't really part of the engine framework, so let's
Richard Levitte [Thu, 7 Feb 2002 20:37:55 +0000 (20:37 +0000)]
Certain reasons aren't really part of the engine framework, so let's
make them ubsec-specific in the ubsec implementation.

22 years agoGenerate the individual engines' error strings and macros
Richard Levitte [Thu, 7 Feb 2002 20:02:49 +0000 (20:02 +0000)]
Generate the individual engines' error strings and macros
automatically.

22 years agoIf the intended header file doesn't exist, create it.
Richard Levitte [Thu, 7 Feb 2002 19:23:35 +0000 (19:23 +0000)]
If the intended header file doesn't exist, create it.

22 years ago'make update'
Richard Levitte [Tue, 5 Feb 2002 17:34:58 +0000 (17:34 +0000)]
'make update'