oweals/openssl.git
19 years agoRemove some more entries that are false positives, or have been
Bodo Möller [Mon, 25 Apr 2005 23:06:15 +0000 (23:06 +0000)]
Remove some more entries that are false positives, or have been
resolved by recent commits.

19 years agoSort out changes in FIPS and other changes, collected in separate files.
Bodo Möller [Mon, 25 Apr 2005 22:55:24 +0000 (22:55 +0000)]
Sort out changes in FIPS and other changes, collected in separate files.
(Also remove another "make update".)

19 years agoremove some more false positives
Bodo Möller [Mon, 25 Apr 2005 22:08:13 +0000 (22:08 +0000)]
remove some more false positives

19 years agoremove some more false positives
Bodo Möller [Mon, 25 Apr 2005 22:02:34 +0000 (22:02 +0000)]
remove some more false positives

19 years agoremove some more changes that came from HEAD
Bodo Möller [Mon, 25 Apr 2005 21:54:14 +0000 (21:54 +0000)]
remove some more changes that came from HEAD

19 years agofix editing error, and remove a false positive
Bodo Möller [Mon, 25 Apr 2005 21:53:08 +0000 (21:53 +0000)]
fix editing error, and remove a false positive

19 years agoupdate
Bodo Möller [Mon, 25 Apr 2005 21:42:14 +0000 (21:42 +0000)]
update

19 years agoremove extra whitespace; fix link
Bodo Möller [Mon, 25 Apr 2005 21:36:56 +0000 (21:36 +0000)]
remove extra whitespace; fix link

19 years agoremove some false positives
Bodo Möller [Mon, 25 Apr 2005 21:32:52 +0000 (21:32 +0000)]
remove some false positives

19 years agoadd recent changes; now this file is up-to-date
Bodo Möller [Mon, 25 Apr 2005 21:25:48 +0000 (21:25 +0000)]
add recent changes; now this file is up-to-date

19 years agobring up-to-date
Bodo Möller [Mon, 25 Apr 2005 21:22:08 +0000 (21:22 +0000)]
bring up-to-date

19 years agofirst step to melt down ChangeLog.0_9_7-stable_not-in-head :-)
Bodo Möller [Mon, 25 Apr 2005 21:06:05 +0000 (21:06 +0000)]
first step to melt down ChangeLog.0_9_7-stable_not-in-head :-)

19 years agoThis is a collection of those CVS change log entries for the 0.9.7
Bodo Möller [Mon, 25 Apr 2005 21:01:31 +0000 (21:01 +0000)]
This is a collection of those CVS change log entries for the 0.9.7
branch (OpenSSL_0_9_7-stable) that do not appear similarly in
0.9.8-dev (CVS head).

Some obvious false positives have been eliminated: e.g., we do not
care about a simple "make update"; and we don't care about changes
identified to the 0.9.7 branch that were explicitly identified as
backports from head.

Eliminating all other entries (and finally this file), either as false
positives or as things that should go into 0.9.8, remains to be done.

19 years agoAvoid L1 cache aliasing even between key and S-boxes.
Andy Polyakov [Sun, 24 Apr 2005 21:09:20 +0000 (21:09 +0000)]
Avoid L1 cache aliasing even between key and S-boxes.

19 years agoFlag changes in Configure and config, too.
Ben Laurie [Sun, 24 Apr 2005 12:02:49 +0000 (12:02 +0000)]
Flag changes in Configure and config, too.

Update dependencies.

19 years agoupdate
Nils Larsch [Sun, 24 Apr 2005 09:17:48 +0000 (09:17 +0000)]
update

19 years agoOops...
Dr. Stephen Henson [Sun, 24 Apr 2005 02:24:53 +0000 (02:24 +0000)]
Oops...

19 years agoRecognize zlib and krb5 options in mk1mf.pl
Dr. Stephen Henson [Sun, 24 Apr 2005 02:21:02 +0000 (02:21 +0000)]
Recognize zlib and krb5 options in mk1mf.pl

19 years agomake asn.1 field names const
Nils Larsch [Sat, 23 Apr 2005 13:45:49 +0000 (13:45 +0000)]
make asn.1 field names const

19 years agochange prototype of the ecdh KDF: make input parameter const and the outlen argument...
Nils Larsch [Sat, 23 Apr 2005 10:11:16 +0000 (10:11 +0000)]
change prototype of the ecdh KDF: make input parameter const and the outlen argument  more flexible

19 years agoAdd debug target, remove cast, note possible bug.
Ben Laurie [Sat, 23 Apr 2005 06:05:24 +0000 (06:05 +0000)]
Add debug target, remove cast, note possible bug.

19 years agoAdd prototypes.
Ben Laurie [Fri, 22 Apr 2005 23:57:46 +0000 (23:57 +0000)]
Add prototypes.

19 years agomore const
Nils Larsch [Fri, 22 Apr 2005 21:57:36 +0000 (21:57 +0000)]
more const

19 years agomake update
Nils Larsch [Fri, 22 Apr 2005 20:17:17 +0000 (20:17 +0000)]
make update

19 years ago- use BN_set_negative and BN_is_negative instead of BN_set_sign
Nils Larsch [Fri, 22 Apr 2005 20:02:44 +0000 (20:02 +0000)]
- use BN_set_negative and BN_is_negative instead of BN_set_sign
  and BN_get_sign
- implement BN_set_negative as a function
- always use "#define BN_is_zero(a) ((a)->top == 0)"

19 years agoAvoid aliasing between stack frames and S-boxes. Compress prefetch code.
Andy Polyakov [Fri, 22 Apr 2005 11:49:32 +0000 (11:49 +0000)]
Avoid aliasing between stack frames and S-boxes. Compress prefetch code.

19 years agothe pointer to the message digest is const
Nils Larsch [Thu, 21 Apr 2005 09:43:09 +0000 (09:43 +0000)]
the pointer to the message digest is const

19 years agoProvide a default OPENSSL_ia32cap_loc for non-Intel platforms where
Richard Levitte [Thu, 21 Apr 2005 09:10:19 +0000 (09:10 +0000)]
Provide a default OPENSSL_ia32cap_loc for non-Intel platforms where
util/libeay.num is important when building shared libraries, like
VMS.

19 years agoDon't use standard kerberos library locations in MK1MF builds.
Dr. Stephen Henson [Thu, 21 Apr 2005 00:46:28 +0000 (00:46 +0000)]
Don't use standard kerberos library locations in MK1MF builds.

Fix typo in mk1mf.pl

19 years agoMake kerberos ciphersuite code compile again.
Dr. Stephen Henson [Wed, 20 Apr 2005 21:48:48 +0000 (21:48 +0000)]
Make kerberos ciphersuite code compile again.

Avoid more shadow warnings.

19 years agoRename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts.
Dr. Stephen Henson [Wed, 20 Apr 2005 21:48:06 +0000 (21:48 +0000)]
Rename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts.

Remove more bogus shadow warnings.

19 years agoStop compiler warnings about deprecated lvalue casts.
Dr. Stephen Henson [Wed, 20 Apr 2005 21:39:13 +0000 (21:39 +0000)]
Stop compiler warnings about deprecated lvalue casts.

19 years agoStop bogus shadowing warning.
Dr. Stephen Henson [Wed, 20 Apr 2005 21:34:29 +0000 (21:34 +0000)]
Stop bogus shadowing warning.

19 years agoProcess MINFO file earlier in mk1mf.pl so it can modify variables like CFLAGS.
Dr. Stephen Henson [Wed, 20 Apr 2005 16:22:58 +0000 (16:22 +0000)]
Process MINFO file earlier in mk1mf.pl so it can modify variables like CFLAGS.

Process kerberos include and library options.

19 years agoHandle similar mk1mf.pl options with a hash table.
Dr. Stephen Henson [Wed, 20 Apr 2005 16:01:50 +0000 (16:01 +0000)]
Handle similar mk1mf.pl options with a hash table.

19 years agosigned vs. unsigned.
Richard Levitte [Wed, 20 Apr 2005 13:21:10 +0000 (13:21 +0000)]
signed vs. unsigned.

19 years agoMake sure id2_func is properly cast as well...
Richard Levitte [Wed, 20 Apr 2005 13:17:42 +0000 (13:17 +0000)]
Make sure id2_func is properly cast as well...

19 years agosigned vs. unsigned.
Richard Levitte [Wed, 20 Apr 2005 13:12:33 +0000 (13:12 +0000)]
signed vs. unsigned.

19 years agoAvoid compiler complaint about mismatched function signatures
Richard Levitte [Wed, 20 Apr 2005 13:09:46 +0000 (13:09 +0000)]
Avoid compiler complaint about mismatched function signatures
(void * != char *)

19 years agoResolve signed vs. unsigned.
Richard Levitte [Wed, 20 Apr 2005 12:55:15 +0000 (12:55 +0000)]
Resolve signed vs. unsigned.

19 years agoType mismatch detected by DEC C compiler. void* != void**
Richard Levitte [Wed, 20 Apr 2005 12:53:50 +0000 (12:53 +0000)]
Type mismatch detected by DEC C compiler.  void* != void**

19 years agoAvoid compiler complaint about mismatched function signatures
Richard Levitte [Wed, 20 Apr 2005 10:02:16 +0000 (10:02 +0000)]
Avoid compiler complaint about mismatched function signatures
(void * != RSA *)

19 years agoFix logic in mkdef.pl function is_valid.
Dr. Stephen Henson [Tue, 19 Apr 2005 23:54:44 +0000 (23:54 +0000)]
Fix logic in mkdef.pl function is_valid.

Update symbols

19 years agoStop perl warning.
Dr. Stephen Henson [Tue, 19 Apr 2005 18:57:17 +0000 (18:57 +0000)]
Stop perl warning.

19 years agoNew "algorithm define" OPENSSL_NO_GMP. Update mkdef.pl and Configure script
Dr. Stephen Henson [Tue, 19 Apr 2005 13:24:44 +0000 (13:24 +0000)]
New "algorithm define" OPENSSL_NO_GMP. Update mkdef.pl and Configure script
to use it.

19 years agoIgnore TYPEDEF_OF in mkdef.pl
Dr. Stephen Henson [Tue, 19 Apr 2005 11:49:25 +0000 (11:49 +0000)]
Ignore TYPEDEF_OF in mkdef.pl

19 years agoUpdate year.
Dr. Stephen Henson [Tue, 19 Apr 2005 00:15:18 +0000 (00:15 +0000)]
Update year.

19 years agoVarious Win32 and other fixes for warnings and compilation errors.
Dr. Stephen Henson [Tue, 19 Apr 2005 00:12:36 +0000 (00:12 +0000)]
Various Win32 and other fixes for warnings and compilation errors.

Fix Win32 build system to use 'Makefile' instead of 'Makefile.ssl'.

19 years agoThrow in x86_64 AT&T to MASM assembler converter to facilitate development
Andy Polyakov [Sun, 17 Apr 2005 21:05:57 +0000 (21:05 +0000)]
Throw in x86_64 AT&T to MASM assembler converter to facilitate development
of dual-ABI Unix/Win64 modules.

19 years agoFix from stable branch.
Dr. Stephen Henson [Sun, 17 Apr 2005 13:59:36 +0000 (13:59 +0000)]
Fix from stable branch.

19 years agoSynchronise with ec/Makefile.
Richard Levitte [Sun, 17 Apr 2005 09:07:37 +0000 (09:07 +0000)]
Synchronise with ec/Makefile.

19 years agoMitigate cache-timing attack in CBC mode. This is done by implementing
Andy Polyakov [Sat, 16 Apr 2005 15:23:21 +0000 (15:23 +0000)]
Mitigate cache-timing attack in CBC mode. This is done by implementing
compressed tables (2x compression factor) and by pre-fetching them into
processor cache prior every CBC en-/decryption pass. One can argue why
just CBC? Well, it's commonly used mode in real-life applications and
API allows us to amortize the prefetch costs for larger data chunks...

19 years agoconst fixes
Nils Larsch [Fri, 15 Apr 2005 18:29:33 +0000 (18:29 +0000)]
const fixes

19 years agoEVP_CIPHER_CTX_init is a void function + fix typo
Nils Larsch [Fri, 15 Apr 2005 16:01:35 +0000 (16:01 +0000)]
EVP_CIPHER_CTX_init is a void function + fix typo

PR: 1044 + 1045

19 years agoCheck return values of <Digest>_Init functions in low level digest calls.
Dr. Stephen Henson [Thu, 14 Apr 2005 22:58:44 +0000 (22:58 +0000)]
Check return values of <Digest>_Init functions in low level digest calls.

19 years agoPrototype mnemonics in padlock_verify_context for better portability
Andy Polyakov [Thu, 14 Apr 2005 07:47:10 +0000 (07:47 +0000)]
Prototype mnemonics in padlock_verify_context for better portability
[read support for Solaris assembler].

19 years agoFix for bug emerged in openvpn conext.
Andy Polyakov [Thu, 14 Apr 2005 07:41:29 +0000 (07:41 +0000)]
Fix for bug emerged in openvpn conext.

19 years agoFinal touch to mingw shared.
Andy Polyakov [Wed, 13 Apr 2005 23:54:28 +0000 (23:54 +0000)]
Final touch to mingw shared.

19 years agoMore cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...
Andy Polyakov [Wed, 13 Apr 2005 21:46:30 +0000 (21:46 +0000)]
More cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...

19 years agoAddenum to http://cvs.openssl.org/chngview?cn=13054.
Andy Polyakov [Wed, 13 Apr 2005 21:10:07 +0000 (21:10 +0000)]
Addenum to cvs.openssl.org/chngview?cn=13054.

19 years agoFinal(?) touches to mingw shared support.
Andy Polyakov [Wed, 13 Apr 2005 21:08:39 +0000 (21:08 +0000)]
Final(?) touches to mingw shared support.

19 years agoZap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL.
Andy Polyakov [Wed, 13 Apr 2005 20:51:42 +0000 (20:51 +0000)]
Zap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL.

19 years agoMakefile.ssl -> Makefile
Nils Larsch [Wed, 13 Apr 2005 19:09:43 +0000 (19:09 +0000)]
Makefile.ssl -> Makefile

19 years agoFix typos.
Andy Polyakov [Wed, 13 Apr 2005 15:41:11 +0000 (15:41 +0000)]
Fix typos.

19 years agoIntroduce OPENSSL_NONPIC_relocated to denote relocated DLLs.
Andy Polyakov [Wed, 13 Apr 2005 08:46:35 +0000 (08:46 +0000)]
Introduce OPENSSL_NONPIC_relocated to denote relocated DLLs.

19 years agoParameterize do_solaris rules in Makefile.shared.
Andy Polyakov [Wed, 13 Apr 2005 07:22:41 +0000 (07:22 +0000)]
Parameterize do_solaris rules in Makefile.shared.

19 years agoMinor cryptlib.c update: compiler warnings in OPENSSL_showfatal and
Andy Polyakov [Wed, 13 Apr 2005 06:55:42 +0000 (06:55 +0000)]
Minor cryptlib.c update: compiler warnings in OPENSSL_showfatal and
OPENSSL_stderr stub.

19 years agoUpdate FAQ.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:38:00 +0000 (16:38 +0000)]
Update FAQ.

19 years agoMore overwritten stuff...
Dr. Stephen Henson [Tue, 12 Apr 2005 16:36:36 +0000 (16:36 +0000)]
More overwritten stuff...

19 years agoReplace overwritten lines before error codes.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:17:53 +0000 (16:17 +0000)]
Replace overwritten lines before error codes.

19 years agoRebuild error codes.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:15:22 +0000 (16:15 +0000)]
Rebuild error codes.

19 years agoInclude error library value in C error source files instead of fixing up
Dr. Stephen Henson [Tue, 12 Apr 2005 13:31:14 +0000 (13:31 +0000)]
Include error library value in C error source files instead of fixing up
at runtime.

19 years agoinclude limits.h for UINT_MAX etc.
Nils Larsch [Mon, 11 Apr 2005 20:59:58 +0000 (20:59 +0000)]
include limits.h for UINT_MAX etc.

19 years agoAdd a NEWS item for 0.9.7g.
Richard Levitte [Mon, 11 Apr 2005 15:05:45 +0000 (15:05 +0000)]
Add a NEWS item for 0.9.7g.

19 years agoAdd emacs cache files to .cvsignore.
Richard Levitte [Mon, 11 Apr 2005 14:17:07 +0000 (14:17 +0000)]
Add emacs cache files to .cvsignore.

19 years agoMove allow_proxy_certs declaration to start of function.
Dr. Stephen Henson [Sun, 10 Apr 2005 23:41:09 +0000 (23:41 +0000)]
Move allow_proxy_certs declaration to start of function.

19 years agoMake kerberos ciphersuite code work with newer header files
Dr. Stephen Henson [Sat, 9 Apr 2005 23:55:55 +0000 (23:55 +0000)]
Make kerberos ciphersuite code work with newer header files

19 years agoAdded restrictions on the use of proxy certificates, as they may pose
Richard Levitte [Sat, 9 Apr 2005 16:07:12 +0000 (16:07 +0000)]
Added restrictions on the use of proxy certificates, as they may pose
a security threat on unexpecting applications.  Document and test.

19 years agoadd support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()
Nils Larsch [Fri, 8 Apr 2005 22:52:42 +0000 (22:52 +0000)]
add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()
and SSL_use_PrivateKey_file()

PR: 1035
Submitted by: Walter Goulet
Reviewed by:  Nils Larsch

19 years agoimprove docu of SSL_CTX_use_PrivateKey()
Nils Larsch [Fri, 8 Apr 2005 22:49:57 +0000 (22:49 +0000)]
improve docu of SSL_CTX_use_PrivateKey()

19 years agoget rid of very buggy and very imcomplete DH cert support
Nils Larsch [Thu, 7 Apr 2005 23:19:17 +0000 (23:19 +0000)]
get rid of very buggy and very imcomplete DH cert support

Reviewed by: Bodo Moeller

19 years agomake sure error queue is totally emptied
Nils Larsch [Thu, 7 Apr 2005 22:53:35 +0000 (22:53 +0000)]
make sure error queue is totally emptied

PR: 359

19 years agoconst fixes
Nils Larsch [Thu, 7 Apr 2005 22:48:33 +0000 (22:48 +0000)]
const fixes

19 years agoRecognize MSYS/MINGW environment.
Andy Polyakov [Thu, 7 Apr 2005 20:24:29 +0000 (20:24 +0000)]
Recognize MSYS/MINGW environment.

19 years agoImplement OPENSSL_showfatal and make it Win32 GUI and service aware
Andy Polyakov [Thu, 7 Apr 2005 18:39:45 +0000 (18:39 +0000)]
Implement OPENSSL_showfatal and make it Win32 GUI and service aware
[meaning that it will detect in which context application is running
and either write message to stderr, post a dialog or log an event].

19 years agoHarmonize cygwin/mingw and VC targets.
Andy Polyakov [Thu, 7 Apr 2005 15:51:55 +0000 (15:51 +0000)]
Harmonize cygwin/mingw and VC targets.

19 years ago+45% RC4 performance boost on Intel EM64T core. Unrolled loop providing
Andy Polyakov [Wed, 6 Apr 2005 09:45:42 +0000 (09:45 +0000)]
+45% RC4 performance boost on Intel EM64T core. Unrolled loop providing
further +35% will follow...

Submitted by: Zou Nanhai

19 years agosome const fixes
Nils Larsch [Tue, 5 Apr 2005 19:11:19 +0000 (19:11 +0000)]
some const fixes

19 years agoupdate progs.pl to reflect changes in progs.h
Nils Larsch [Tue, 5 Apr 2005 18:17:13 +0000 (18:17 +0000)]
update progs.pl to reflect changes in progs.h

19 years agofix example in docu
Nils Larsch [Tue, 5 Apr 2005 11:17:03 +0000 (11:17 +0000)]
fix example in docu

PR: 800

19 years agosome const fixes and cleanup
Nils Larsch [Tue, 5 Apr 2005 10:29:43 +0000 (10:29 +0000)]
some const fixes and cleanup

19 years agoremove unused recp method
Nils Larsch [Mon, 4 Apr 2005 18:15:59 +0000 (18:15 +0000)]
remove unused recp method

19 years agoExtend Solaris x86 support to amd64.
Andy Polyakov [Mon, 4 Apr 2005 17:10:53 +0000 (17:10 +0000)]
Extend Solaris x86 support to amd64.

19 years agoSolaris x86 linker erroneously pads .init segment with zeros instead of
Andy Polyakov [Mon, 4 Apr 2005 17:07:16 +0000 (17:07 +0000)]
Solaris x86 linker erroneously pads .init segment with zeros instead of
nops, which causes SEGV at startup. So I don't align anymore.

19 years agoSome non-GNU compilers (such as Sun C) define __i386.
Andy Polyakov [Mon, 4 Apr 2005 17:05:06 +0000 (17:05 +0000)]
Some non-GNU compilers (such as Sun C) define __i386.

19 years agoHISTORY section: point out change of default digest
Bodo Möller [Sun, 3 Apr 2005 23:53:48 +0000 (23:53 +0000)]
HISTORY section: point out change of default digest

19 years agoMake bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially
Andy Polyakov [Sun, 3 Apr 2005 18:53:29 +0000 (18:53 +0000)]
Make bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially
introduced for a reason [like bug in initial gcc port], but proposed
=&r is treated correctly by senior 3.2, so we can assume it's safe now.
PR: 1031

19 years agoIf input is bad, we still need to clear the buffer.
Ben Laurie [Sun, 3 Apr 2005 16:38:22 +0000 (16:38 +0000)]
If input is bad, we still need to clear the buffer.

19 years agouse SHA-1 as the default digest for the apps/openssl commands
Nils Larsch [Sat, 2 Apr 2005 09:29:15 +0000 (09:29 +0000)]
use SHA-1 as the default digest for the apps/openssl commands

19 years agoTypo
Dr. Stephen Henson [Fri, 1 Apr 2005 21:56:15 +0000 (21:56 +0000)]
Typo