From 47dc5a132191c01536610063c5a4979e09319912 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 24 Sep 2000 16:04:36 +0000 Subject: [PATCH] Merge from main trunk. --- CHANGES | 8 +- FAQ | 2 +- INSTALL.W32 | 4 +- NEWS | 4 +- README | 2 +- README.ENGINE | 9 +++ STATUS | 143 +++------------------------------- TABLE | 2 +- crypto/opensslv.h | 4 +- doc/crypto/EVP_OpenInit.pod | 2 +- doc/crypto/EVP_SealInit.pod | 2 +- doc/crypto/EVP_VerifyInit.pod | 1 + doc/crypto/blowfish.pod | 2 +- doc/ssl/ssl.pod | 11 ++- ms/mingw32.bat | 2 + openssl.spec | 18 ++--- util/pl/BC-32.pl | 2 +- util/pl/Mingw32.pl | 4 +- util/pl/Mingw32f.pl | 4 +- util/pl/VC-32.pl | 4 +- 20 files changed, 63 insertions(+), 167 deletions(-) diff --git a/CHANGES b/CHANGES index b041211314..87853c3b29 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,7 @@ OpenSSL CHANGES _______________ - Changes between 0.9.5a and 0.9.6 [xx XXX 2000] + Changes between 0.9.5a and 0.9.6 [24 Sep 2000] *) In ssl23_get_client_hello, generate an error message when faced with an initial SSL 3.0/TLS record that is too small to contain the @@ -14,6 +14,9 @@ by the Finished messages. [Bodo Moeller] + *) More robust randomness gathering functions for Windows. + [Jeffrey Altman ] + *) For compatibility reasons if the flag X509_V_FLAG_ISSUER_CHECK is not set then we don't setup the error code for issuer check errors to avoid possibly overwriting other errors which the callback does @@ -63,6 +66,7 @@ *) New BIO_shutdown_wr macro, which invokes the BIO_C_SHUTDOWN_WR BIO_ctrl (for BIO pairs). + [Bodo Möller] *) Add DSO method for VMS. [Richard Levitte] @@ -296,7 +300,7 @@ [Steve Henson] *) Changes needed for Tandem NSK. - [Scott Uroff scott@xypro.com] + [Scott Uroff ] *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in RSA_padding_check_SSLv23(), special padding was never detected diff --git a/FAQ b/FAQ index f0d768916a..29acc8afdf 100644 --- a/FAQ +++ b/FAQ @@ -32,7 +32,7 @@ OpenSSL - Frequently Asked Questions * Which is the current version of OpenSSL? The current version is available from . -OpenSSL 0.9.5a was released on April 1st, 2000. +OpenSSL 0.9.6 was released on September 24th, 2000. In addition to the current stable release, you can also access daily snapshots of the OpenSSL development version at . GNU make is at + Mingw32 is available from . GNU make is at . Install both of them in C:\egcs-1.1.2 and run C:\egcs-1.1.2\mingw32.bat to set the PATH. diff --git a/NEWS b/NEWS index ce1ba34436..7cf95cfb0b 100644 --- a/NEWS +++ b/NEWS @@ -14,8 +14,8 @@ o New 'rsautl' application, low level RSA utility. o MD4 now included. o Bugfix for SSL rollback padding check. - o Support for external crypto device[1]. - o Enhanced EVP interafce. + o Support for external crypto devices [1]. + o Enhanced EVP interface. [1] The support for external crypto devices is currently a separate distribution. See the file README.ENGINE. diff --git a/README b/README index 3a2f54110a..2435de10ca 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.6-beta3 [engine] (Final beta) 21 Sep 2000 + OpenSSL 0.9.6 [engine] 24 Sep 2000 Copyright (c) 1998-2000 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/README.ENGINE b/README.ENGINE index b30206c0ed..3d88ed152f 100644 --- a/README.ENGINE +++ b/README.ENGINE @@ -52,3 +52,12 @@ device, or the built-in crypto routines will be used, just as in the default OpenSSL distribution. + + PROBLEMS + ======== + + It seems like the ENGINE part doesn't work too well with Cryptoswift on + Win32. A quick test done right before the release showed that trying + "openssl speed -engine cswift" generated errors. If the DSO gets enabled, + an attempt is made to write at memory address 0x00000002. + diff --git a/STATUS b/STATUS index 0dca957fa5..3212503723 100644 --- a/STATUS +++ b/STATUS @@ -1,142 +1,17 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2000/09/24 09:50:28 $ + ______________ $Date: 2000/09/24 16:04:33 $ DEVELOPMENT STATE - o OpenSSL 0.9.6: Under development (in release cycle)... - Proposed release date September 24, 2000 - 0.9.6-beta1 is available: - OpenBSD-x86 2.7 - failed - ftime not supported [FIXED] - hpux-parisc-cc 10.20 - passed - hpux-parisc-gcc 10.20 - passed - hpux-parisc-gcc 11.00 - passed - hpux-gcc - passed - hpux-brokengcc - failed - BN_sqr fails in test - linux-elf - passed - linux-sparcv7 - passed - linux-ppc - passed - Solaris [engine] - failed - speed cswift gives odd errors [FIXED] - solaris-sparcv8-gcc - passed - solaris-sparcv9-gcc - passed - solaris-sparcv9-cc - passed - solaris64-sparcv9-cc - passed - sco5-gcc - passed - sco5-cc - passed - FreeBSD - passed - Win32 VC++ - failed - PCURSORINFO not defined unless Win2000 [FIXED] - RAND_poll() problem on Win2000 [FIXED] - DSO method always DSO_METHOD_null [FIXED] - CygWin32 - test failed - MingW32 - failed - thelp32.h - aix-gcc (AIX 4.3.2) - passed - VMS/Alpha - failed - Some things were missing [FIXED] - 0.9.6-beta2 is available: - linux/openbsd (all platforms?) - mod_exp bug - sunos-gcc - passed - aix-gcc - passed - Win32 w/ VC6 or Mingw32 - failed - RAND_poll(), a few uninitialised vars [FIXED] - RAND_poll() should used LoadLibrary instead of - GetModuleHandle [FIXED] - Major compilation problem with VC6 on NT. - [FIXED] - Mingw32 says "175: parse error before `DWORD'" - [FIXED?] - Win32 w/ CygWin - success? - VMS/Alpha 7.1 (CPQ C 5.6-003, TCP/IP 5.0) - success - Just a small warning in dso_vms.c [FIXED] - VMS/Alpha 7.2-1 (CPQ 5.6-003, TCP/IP 5.0A) - success - VMS/VAX 7.2-1 (CPQ 5.2-003, TCP/IP 5.0) - success - hpux-parisc-cc (HP-UX B.11.00) - success - hpux-parisc2-cc (11.00) - success - hpux64-parisc2-cc (11.00) - success - hpux-parisc1_1-cc (11.00) - success - hpux-parisc-cc (10.20 w/ -ldld) - success - hpux-parisc-gcc (10.20 w/ -ldld) - success - hpux-parisc-cc [engine] (10.20 w/ -ldld)- success - hpux-parisc-gcc [endine] (10.20 w/ -ldld)- success - All hpux 10.20 targets succeeded provided -ldl - has been changed to -ldld. - solaris-sparcv9-gcc (2.6/ultra5) - success - [ solaris-sparcv9-cc (SunOS 5.7 SC3.0) - failed ] - [ Complaints about a number of -x parameters to ] - [ the compiler and failed to compile an ] - [ assembler file. Maybe a too old ] - [ compiler? (Yes, apparently:) ] - solaris-sparcv9-cc (SunOS 5.6 SC4.2) - success - FreeBSD (2.2.5-RELEASE) - success - alpha-cc [engine] (OSF1 5.0A) - success - irix-mips3-cc [engine] (Irix 6.2) - success - One has to do the same as for OpenBSD in - speed.c [FIXED] - aix-cc (3.2.5, cc 1.3.0.44) - success - aix-gcc (3.2.5, gcc 2.8.1) - success - Both first failed to compiled due to ftime(). - [FIXED] - alpha-cc (V4.0E) - success - alpha-gcc (V4.0E, gcc 2.8.1) - success - ultrix-cc (V4.5) - success - ultrix-gcc (V4.5, gcc 2.8.1) - success - 0.9.6-beta3 is available: - aix-cc (4.3) - success - aix-cc [engine] (4.3) - success - linux-elf (RedHat 5.2, gcc 2.7.2.3) - success - linux-elf (RedHat 6.2) - success - linux-elf [engine] (RedHat 6.2) - success - solaris-sparcv9-gcc (5.7, gcc 2.95.2) - success - solaris-sparcv9-gcc (5.6, gcc 2.95.2) - success - solaris-sparcv9-cc (5.6, SunWS C 4.2) - success - solaris-sparcv9-cc [engine] (5.6, SunWS C 4.2)- success - VC-WIN32 (NT4 SP6, VC6 SP2) - success - VC-WIN32 (NT4 SP6, Cygwin) - success - The files used for testing must have CR/LF - as line endings. - VC-WIN32 (NT4 SP6, Mingw32) - failed - mingw32a.mak contains a few lines that - generate an error. - VC-NT static libs (NT4 SP6, VC6 SP4) - failed - Complains about unresolved external symbol - __imp__RegQueryValueEx. This only - happens when building the static - libraries. Tests pass as soon as - you make sure advapi32.lib gets - linked in. [FIXED] - VC-NT dynamic libs (NT4 SP6, VC6 SP4) - success - VC-WIN32 (W2K Pro SP1, VC6 SP3, PSDK Jul2000)- success - hpux-parisc-gcc (B.10.20, gcc 2.95.2) - success - hpux-parisc-cc (B.10.20, cc A.10.32.30) - success - hpux-parisc-gcc [engine] (B.10.20, gcc 2.95.2)- success - hpux-parisc-cc [engine] (B.10.20, cc A.10.32.30)- success - hpux-parisc2-cc (B.11.11) - success - hpux64-parisc2-cc (B.11.11) - success - Kevin Steves also mentions that "All the new - targets look good on my end with hp-ux 11.0." - MPE/iX-gcc - success - FreeBSD (2.2.5) - failed - Only having USE_TOD made speed.c issue an - error. [FIXED] - FreeBSD-alpha (4.1, gcc 2.95.2) - success - The USE_TOD fix needed to be applied. - There were warnings about -O3 triggering - known optimizer bugs on that - platform. [FIXED] - OpenBSD-x86 (2.7, gcc 2.95.2) - success - alpha-cc (OSF1 V4.0) - success - solaris-x86-gcc (5.8, gcc 2.95.2) - success - o OpenSSL 0.9.5a: Released on April 1st, 2000 - o OpenSSL 0.9.5: Released on February 28th, 2000 - o OpenSSL 0.9.4: Released on August 09th, 1999 - o OpenSSL 0.9.3a: Released on May 29th, 1999 - o OpenSSL 0.9.3: Released on May 25th, 1999 - o OpenSSL 0.9.2b: Released on March 22th, 1999 - o OpenSSL 0.9.1c: Released on December 23th, 1998 + o OpenSSL 0.9.6: Released on September 24th, 2000 + o OpenSSL 0.9.5a: Released on April 1st, 2000 + o OpenSSL 0.9.5: Released on February 28th, 2000 + o OpenSSL 0.9.4: Released on August 09th, 1999 + o OpenSSL 0.9.3a: Released on May 29th, 1999 + o OpenSSL 0.9.3: Released on May 25th, 1999 + o OpenSSL 0.9.2b: Released on March 22th, 1999 + o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS diff --git a/TABLE b/TABLE index b272b927fa..f18080cfe7 100644 --- a/TABLE +++ b/TABLE @@ -102,7 +102,7 @@ $shared_cflag = *** FreeBSD-alpha $cc = gcc -$cflags = -DTERMIOS -O3 -fomit-frame-pointer +$cflags = -DTERMIOS -O -fomit-frame-pointer $unistd = $thread_cflag = (unknown) $lflags = diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 54220a87c0..6b5aedeea6 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,8 +25,8 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x00906003L -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6-beta3 [engine] 21 Sep 2000" +#define OPENSSL_VERSION_NUMBER 0x0090600fL +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6 [engine] 24 Sep 2000" #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/doc/crypto/EVP_OpenInit.pod b/doc/crypto/EVP_OpenInit.pod index 1a3f2e410d..2e710da945 100644 --- a/doc/crypto/EVP_OpenInit.pod +++ b/doc/crypto/EVP_OpenInit.pod @@ -54,7 +54,7 @@ EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success. =head1 SEE ALSO -L,L +L, L, L, L diff --git a/doc/crypto/EVP_SealInit.pod b/doc/crypto/EVP_SealInit.pod index f7f7613965..0451eb648a 100644 --- a/doc/crypto/EVP_SealInit.pod +++ b/doc/crypto/EVP_SealInit.pod @@ -67,7 +67,7 @@ with B set to NULL. =head1 SEE ALSO -L,L +L, L, L, L diff --git a/doc/crypto/EVP_VerifyInit.pod b/doc/crypto/EVP_VerifyInit.pod index 76d893b53b..736a0f4a82 100644 --- a/doc/crypto/EVP_VerifyInit.pod +++ b/doc/crypto/EVP_VerifyInit.pod @@ -57,6 +57,7 @@ might. =head1 SEE ALSO +L, L, L, L, L, L, L, diff --git a/doc/crypto/blowfish.pod b/doc/crypto/blowfish.pod index ba6cc368e8..65b8be388c 100644 --- a/doc/crypto/blowfish.pod +++ b/doc/crypto/blowfish.pod @@ -24,7 +24,7 @@ BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption void BF_encrypt(BF_LONG *data,const BF_KEY *key); void BF_decrypt(BF_LONG *data,const BF_KEY *key); - + =head1 DESCRIPTION This library implements the Blowfish cipher, which is invented and described diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod index 41d6114649..8ffe5904d5 100644 --- a/doc/ssl/ssl.pod +++ b/doc/ssl/ssl.pod @@ -625,12 +625,17 @@ connection defined in the B structure. L, L, L, L, -L, L, +L, L, +L, +L, L, L, +L, L, -L, L, +L, +L, +L, L, L, L, -L, +L, L, L, L, L, L diff --git a/ms/mingw32.bat b/ms/mingw32.bat index 1726c55bcd..db70b8580e 100644 --- a/ms/mingw32.bat +++ b/ms/mingw32.bat @@ -76,6 +76,8 @@ rem Create files -- this can be skipped if using the GNU file utilities make -f ms/mingw32f.mak echo You can ignore the error messages above +copy ms\tlhelp32.h outinc + echo Building the libraries make -f ms/mingw32a.mak if errorlevel 1 goto end diff --git a/openssl.spec b/openssl.spec index fc5e5c5829..1c8f4e9d81 100644 --- a/openssl.spec +++ b/openssl.spec @@ -22,9 +22,9 @@ BuildRoot: /var/tmp/%{name}-%{version}-root The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) -protocols with full-strength cryptography world-wide. The project is -managed by a worldwide community of volunteers that use the Internet to -communicate, plan, and develop the OpenSSL tookit and its related +protocols as well as a full-strength general purpose cryptography library. +The project is managed by a worldwide community of volunteers that use the +Internet to communicate, plan, and develop the OpenSSL tookit and its related documentation. OpenSSL is based on the excellent SSLeay library developed from Eric A. @@ -43,9 +43,9 @@ Requires: openssl-engine The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) -protocols with full-strength cryptography world-wide. The project is -managed by a worldwide community of volunteers that use the Internet to -communicate, plan, and develop the OpenSSL tookit and its related +protocols as well as a full-strength general purpose cryptography library. +The project is managed by a worldwide community of volunteers that use the +Internet to communicate, plan, and develop the OpenSSL tookit and its related documentation. OpenSSL is based on the excellent SSLeay library developed from Eric A. @@ -64,9 +64,9 @@ Requires: openssl-engine The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) -protocols with full-strength cryptography world-wide. The project is -managed by a worldwide community of volunteers that use the Internet to -communicate, plan, and develop the OpenSSL tookit and its related +protocols as well as a full-strength general purpose cryptography library. +The project is managed by a worldwide community of volunteers that use the +Internet to communicate, plan, and develop the OpenSSL tookit and its related documentation. OpenSSL is based on the excellent SSLeay library developed from Eric A. diff --git a/util/pl/BC-32.pl b/util/pl/BC-32.pl index 7f57809a16..20cb3a9c50 100644 --- a/util/pl/BC-32.pl +++ b/util/pl/BC-32.pl @@ -19,7 +19,7 @@ $out_def="out32"; $tmp_def="tmp32"; $inc_def="inc32"; #enable max error messages, disable most common warnings -$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl -c -tWC -tWM -DWINDOWS -DWIN32 -DL_ENDIAN "; +$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl -c -tWC -tWM -DWINDOWS -DWIN32 -DL_ENDIAN -DDSO_WIN32 "; if ($debug) { $cflags.="-Od -y -v -vi- -D_DEBUG"; diff --git a/util/pl/Mingw32.pl b/util/pl/Mingw32.pl index c687d9b118..37f36126f3 100644 --- a/util/pl/Mingw32.pl +++ b/util/pl/Mingw32.pl @@ -17,9 +17,9 @@ $mkdir='gmkdir'; $cc='gcc'; if ($debug) - { $cflags="-DL_ENDIAN -g2 -ggdb"; } + { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; } else - { $cflags="-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall"; } + { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -m486 -Wall"; } if ($gaswin and !$no_asm) { diff --git a/util/pl/Mingw32f.pl b/util/pl/Mingw32f.pl index a53c537646..44f5673d7a 100644 --- a/util/pl/Mingw32f.pl +++ b/util/pl/Mingw32f.pl @@ -11,9 +11,9 @@ $rm='del'; $cc='gcc'; if ($debug) - { $cflags="-g2 -ggdb"; } + { $cflags="-g2 -ggdb -DDSO_WIN32"; } else - { $cflags="-O3 -fomit-frame-pointer"; } + { $cflags="-O3 -fomit-frame-pointer -DDSO_WIN32"; } $obj='.o'; $ofile='-o '; diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl index 6978104234..7c6674b971 100644 --- a/util/pl/VC-32.pl +++ b/util/pl/VC-32.pl @@ -12,7 +12,7 @@ $rm='del'; # C compiler stuff $cc='cl'; -$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN'; +$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; $lflags="/nologo /subsystem:console /machine:I386 /opt:ref"; $mlflags=''; @@ -22,7 +22,7 @@ $inc_def="inc32"; if ($debug) { - $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG"; + $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32"; $lflags.=" /debug"; $mlflags.=' /debug'; } -- 2.25.1