wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3393 commits 20 branches 302 tags 153 MiB
Commit graph

552 commits

Author SHA1 Message Date
Bodo Möller
daf4e53e86 spelling 2000-03-07 15:10:08 +00:00
Dr. Stephen Henson
068fdce877 New compatability trust and purpose settings. 2000-03-07 14:04:29 +00:00
Dr. Stephen Henson
48fe0eec67 Fix the PKCS#8 DSA code so it works again. All the 
broken formats worked but the valid didn't :-(
 2000-03-07 01:03:33 +00:00
Ulf Möller
4c4d87f95f bug fix release planned 2000-03-06 14:24:25 +00:00
Bodo Möller
59fc2b0fc2 Preserve reason strings in automatically build tables. 2000-03-05 00:19:36 +00:00
Bodo Möller
0a150c5c9f Generate correct error reasons strings for SYSerr. 2000-03-04 01:36:53 +00:00
Bodo Möller
41918458c0 New '-dsaparam' option for 'openssl dhparam', and related fixes. 2000-03-03 22:18:19 +00:00
Dr. Stephen Henson
d9c88a3902 Move the 'file scope' argument in set_label to 
the third argument: the second was being used
already.
 2000-03-03 00:06:40 +00:00
Bodo Möller
84d14408bf Use RAND_pseudo_bytes, not RAND_bytes, for IVs/salts. 2000-03-02 22:44:55 +00:00
Bodo Möller
5eb8ca4d92 Use RAND_METHOD for implementing RAND_status. 2000-03-02 14:34:58 +00:00
Ulf Möller
7a2dfc2a20 Note bug fix for the DSA infinite loop 2000-03-01 19:07:58 +00:00
Bodo Möller
55f7d65db0 Document the 'rand' application. 2000-03-01 07:57:25 +00:00
Ralf S. Engelschall
010712ff23 Added configuration support for Linux/IA64 
Submitted by: Rolf Haberrecker <rolf@suse.de>
 2000-02-29 15:29:02 +00:00
Ulf Möller
2da0c11926 Support assembler for Mingw32. 2000-02-28 19:16:41 +00:00
Ulf Möller
a4709b3d88 Shared library support for Solaris and HPUX 
by Lutz Behnke and by Lutz Jaenicke.

Hopefully we'll have a unified way of handling shared libraries when
we move to autoconf...
 2000-02-28 19:14:46 +00:00
Bodo Möller
865874f2dd Switch to 0.9.6, and finally remove the annoying message 
about renamed header files.
 2000-02-28 18:03:16 +00:00
Dr. Stephen Henson
82b931860a Ouch! PKCS7_encrypt() was heading MIME text headers twice 
because it added them manually and as part of SMIME_crlf_copy().
Removed the manual add.
 2000-02-28 14:11:19 +00:00
Richard Levitte
74cdf6f73a Time for a release 2000-02-28 11:59:02 +00:00
Dr. Stephen Henson
587bb0e02e Don't call BN_rand with zero bits in bntest.c 2000-02-27 17:34:30 +00:00
Andy Polyakov
a5770be6ae Statement that it fails only on 32-bit architectures isn't true. 2000-02-27 02:34:37 +00:00
Ulf Möller
688938fbb4 Bug fix! 2000-02-27 02:05:39 +00:00
Dr. Stephen Henson
94de04192d Fix so Win32 assembly language works with MASM. 
Add info about where to get MASM.
 2000-02-27 01:15:25 +00:00
Dr. Stephen Henson
0202197dbf Make ASN1 types real typedefs. 
Rebuild error files.
 2000-02-26 19:25:31 +00:00
Bodo Möller
6d0d5431d4 More get0 et al. changes. Also provide fgrep targets in CHANGES 
where the new functions are mentioned.
 2000-02-26 08:36:46 +00:00
Ulf Möller
234b5e9611 Make clear which naming convention is meant. 2000-02-26 02:24:16 +00:00
Dr. Stephen Henson
c7cb16a8ff Rename functions for new convention. 2000-02-26 01:55:33 +00:00
Dr. Stephen Henson
fbb41ae0ad Allow code which calls RSA temp key callback to cope 
with a failure.

Fix typos in some error codes.
 2000-02-25 00:23:48 +00:00
Ulf Möller
505b5a0ee0 BIO_printf() change 2000-02-24 22:57:42 +00:00
Ulf Möller
4ec2d4d2b3 Support EGD. 2000-02-24 02:51:47 +00:00
Ulf Möller
cdf20e0839 add missing names. 2000-02-23 21:57:22 +00:00
Dr. Stephen Henson
3142c86d65 Allow ADH to be used but not present in the default cipher 
list.

Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.
 2000-02-23 01:11:01 +00:00
Dr. Stephen Henson
72b60351f1 Change EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md for 
the old functionality.

Various warning fixes.

Initial EVP symmetric cipher docs.
 2000-02-22 02:59:26 +00:00
Bodo Möller
745c70e565 Move MAC computations for Finished from ssl3_read_bytes into 
ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client.
 2000-02-21 10:16:30 +00:00
Bodo Möller
b35e9050f2 Tolerate fragmentation and interleaving in the SSL 3/TLS record layer. 2000-02-20 23:04:06 +00:00
Dr. Stephen Henson
d754b3850f Change the 'other' structure in certificate aux info. 2000-02-20 18:27:23 +00:00
Bodo Möller
853f757ece Allow for higher granularity of entropy estimates by using 'double' 
instead of 'unsigned' counters.
Seed PRNG in MacOS/GetHTTPS.src/GetHTTPS.cpp.

Partially submitted by Yoram Meroz <yoram@mail.idrive.com>.
 2000-02-19 15:22:53 +00:00
Dr. Stephen Henson
8a208cba97 New functions and option to use NEW in certificate requests. 2000-02-18 00:54:21 +00:00
Dr. Stephen Henson
a3fe382e2d Pass phrase reorganisation. 2000-02-16 23:16:01 +00:00
Ben Laurie
bd03b99b9b Add support for Compaq Atalla crypto accelerator. 2000-02-16 22:15:39 +00:00
Dr. Stephen Henson
de469ef21e Fix for Netscape "hang" bug. 2000-02-15 14:19:44 +00:00
Andy Polyakov
bcba6cc60f HP-UX tune-up: new unified configs, HP C compiler bug workaround. 2000-02-12 23:33:01 +00:00
Dr. Stephen Henson
d13e4eb0b5 Make pkcs12 and smime applications seed random number 
generator (otherwise they don't work) and add -rand
option. Update docs.
 2000-02-12 03:03:04 +00:00
Bodo Möller
3ebf0be142 Corrections. 2000-02-11 17:18:50 +00:00
Bodo Möller
bb325c7d6a 'passwd' tool. 2000-02-10 21:50:52 +00:00
Dr. Stephen Henson
f07fb9b24b Add command line password options to the reamining utilities, 
amend docs.
 2000-02-08 01:34:59 +00:00
Ulf Möller
cae55bfc68 Improve bntest slightly, and fix another bug in the BN library. 2000-02-06 15:56:59 +00:00
Andy Polyakov
0fad6cb7e7 Support for MacOS X (Rhapsody) is added. Also get rid of volatile 
qualifier in asm definitions as it prevents compiler from moving
the instruction(s) during optimization pass.
 2000-02-06 11:15:20 +00:00
Ulf Möller
4a6222d71b BN_div bugfix. The q-- loop should not be entered in the n0==d0 case. 2000-02-06 00:25:39 +00:00
Dr. Stephen Henson
66430207a4 Add support for some broken PKCS#8 formats. 2000-02-05 21:07:56 +00:00
Ulf Möller
9b141126d4 New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access 
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
 2000-02-05 14:17:32 +00:00
Dr. Stephen Henson
af57d84312 Rename SSLeay_add_all_algorithms() et al to 
OpenSSL_add_all_algorithms(). Move these into
separate files so they work properly.
 2000-02-04 14:01:38 +00:00
Dr. Stephen Henson
82fc1d9c28 Add new -notext option to 'ca', -pubkey option to spkac. 
Remove some "WTF??" casts from applications.

Fixes to keep VC++ happy and avoid warnings.

Docs tidy.
 2000-02-03 02:56:48 +00:00
Bodo Möller
e74231ed9e rndsort{Miller, Rabin} primality test. 2000-02-02 21:20:44 +00:00
Bodo Möller
2c5fe5b12a Change log entry completed. 2000-02-01 07:50:42 +00:00
Ulf Möller
8efb60144d EBCDIC support. 
Submitted by: Martin Kraemer <martin.kraemer@mch.sni.de>
 2000-02-01 02:21:16 +00:00
Ulf Möller
98d0b2e375 Note changes. 2000-01-30 23:34:33 +00:00
Bodo Möller
cdd43b5ba5 Documentation for BN_is_prime_fasttest. 2000-01-30 11:05:39 +00:00
Bodo Möller
1baa94907c Make output of "openssl dsaparam 1024" more interesting :-) 2000-01-30 03:32:28 +00:00
Bodo Möller
7865b871c0 Tiny changes to previous patch (the log message was meant to be 
"Make DSA_generate_parameters faster").
 2000-01-30 02:40:38 +00:00
Bodo Möller
a87030a1ed Make DSA_generate_parameters, and fix a couple of bug 
(including another problem in the s3_srvr.c state machine).
 2000-01-30 02:23:03 +00:00
Dr. Stephen Henson
e1314b5716 Fix CRL encoding bug. 2000-01-29 00:00:26 +00:00
Bodo Möller
07e6dbde66 more information on 0.9.5 2000-01-28 21:26:30 +00:00
Dr. Stephen Henson
90644dd74d New -pkcs12 option to CA.pl. 
Document CA.pl script.
Initialise and free up the extra DH fields
(nothing uses them yet though).
 2000-01-28 01:35:31 +00:00
Ulf Möller
38e33cef15 Document DSA and SHA. 
New function BN_pseudo_rand().
Use BN_prime_checks_size(BN_num_bits(w)) rounds of Miller-Rabin when
generating DSA primes (why not use BN_is_prime()?)
 2000-01-27 19:31:26 +00:00
Ulf Möller
e93f9a3284 Run ispell. 
Clean up bn_mont.c.
 2000-01-27 01:50:42 +00:00
Bodo Möller
2557eaeac8 Avoid a race condition. 2000-01-24 17:57:56 +00:00
Bodo Möller
a46faa2bfd Improve clarity. 2000-01-24 16:02:29 +00:00
Bodo Möller
aabbb7451b Document RAND_load_file change. 2000-01-24 14:42:26 +00:00
Dr. Stephen Henson
dd9d233e2a Tidy up CRYPTO_EX_DATA structures. 2000-01-23 23:41:49 +00:00
Dr. Stephen Henson
fabce04122 Make s_server, s_client check cipher list return codes. 
Update docs.
 2000-01-23 02:28:08 +00:00
Ulf Möller
4486d0cd7a Document the DH library, and make some minor changes along the way. 2000-01-22 20:05:23 +00:00
Dr. Stephen Henson
09483c58e3 Add new program dhparam and update docs. 2000-01-22 13:58:29 +00:00
Dr. Stephen Henson
bda70ed430 Gets Lutz Jaenicke's name right this time :-) 
Apologies to both concerned.
 2000-01-22 12:49:48 +00:00
Dr. Stephen Henson
018e57c74d Apply Lutz Behnke's 56 bit cipher patch with a few 
minor changes.

Docs haven't been added at this stage. They are probably
best included in the 'ciphers' program docs.
 2000-01-22 03:17:06 +00:00
Dr. Stephen Henson
8100490a72 Make -CAcreateserial start from 1 instead of 0 for 
serial numbers.
 2000-01-21 02:42:14 +00:00
Ulf Möller
e7f97e2d22 Check RAND_bytes() return value or use RAND_pseudo_bytes(). 2000-01-21 01:15:56 +00:00
Dr. Stephen Henson
6e6bc352b1 Finish off the X509_ATTRIBUTE string stuff. 2000-01-20 01:37:17 +00:00
Dr. Stephen Henson
77b47b9036 Rename X509_att*() stuff to X509at_*(), add X509_REQ wrappers. 2000-01-19 01:02:13 +00:00
Ulf Möller
aa82db4fb4 Add missing #ifndefs that caused missing symbols when building libssl 
as a shared library without RSA.  Use #ifndef NO_SSL2 instead of
NO_RSA in ssl/s2*.c.

Submitted by: Kris Kennaway <kris@hub.freebsd.org>
Modified by Ulf Möller
 2000-01-16 21:10:00 +00:00
Ulf Möller
373b575f5a New function RAND_pseudo_bytes() generated pseudorandom numbers that 
are not guaranteed to be unpredictable.
 2000-01-16 15:58:17 +00:00
Bodo Möller
0983760dfc note about things still to do with RAND_bytes 2000-01-13 21:20:26 +00:00
Bodo Möller
a873356c00 Use CRYPTO_push_info to find a memory leak in pkcs12.c. 2000-01-13 21:10:43 +00:00
Ulf Möller
eb952088f0 Precautions against using the PRNG uninitialized: RAND_bytes() now 
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
 2000-01-13 20:59:17 +00:00
Bodo Möller
76aa0ddc86 Turn BN_prime_checks into a macro. 
Primes p where (p-1)/2 is prime too are called "safe", not "strong".
 2000-01-12 11:57:30 +00:00
Richard Levitte
de73e397f8 Added a comment about Win32. 2000-01-11 22:32:37 +00:00
Richard Levitte
cbfa4c32c0 Add more info to the memory allocation change log. 
Suggested by Bodo.
 2000-01-11 22:16:12 +00:00
Bodo Möller
3cc6cdea0f The buffer in ss3_read_n cannot actually occur because it is never 
called with max > n when extend is set.
 2000-01-11 08:09:27 +00:00
Bodo Möller
c51ae173a6 Clean up some of the SSL server code. 2000-01-11 01:07:26 +00:00
Dr. Stephen Henson
25f923ddd1 New function X509_CTX_rget_chain(), make SSL_SESSION_print() display return code. 
Remove references to 'TXT' in -inform and -outform switches.
 2000-01-09 14:21:40 +00:00
Dr. Stephen Henson
dad666fbbe Add PKCS#12 manpage and use MAC iteration counts by default. 2000-01-08 03:16:04 +00:00
Ulf Möller
0f583f69f3 Honor the no-xxx Configure options when creating .DEF files. 2000-01-07 03:17:47 +00:00
Dr. Stephen Henson
35f4850ae0 More X509_ATTRIBUTE changes. 2000-01-07 00:55:54 +00:00
Dr. Stephen Henson
b38f9f66c3 Initial automation changes to 'req' and X509_ATTRIBUTE functions. 2000-01-06 01:26:48 +00:00
Bodo Möller
ca03109c3a New functions SSL_get_finished, SSL_get_peer_finished. 
Add short state string for MS SGC.
 2000-01-06 01:19:17 +00:00
Bodo Möller
f2d9a32cf4 Use separate arrays for certificate verify and for finished hashes. 2000-01-06 00:24:24 +00:00
Andy Polyakov
bdf5e18317 Enhanced support for Alpha Linux. See CHANGES for details. 2000-01-02 20:46:58 +00:00
Dr. Stephen Henson
3d14b9d04a Add support for MS "fast SGC". 2000-01-02 18:52:58 +00:00
Dr. Stephen Henson
20432eae41 Fix some of the command line password stuff. New function 
that can automatically determine the type of a DER encoded
"traditional" format private key and change some of the
d2i functions to use it instead of requiring the application
to work out the key type.
 2000-01-01 16:42:49 +00:00
Bodo Möller
47134b7864 Don't request client certificate in anonymous ciphersuites 
except when following the specs is bound to fail.
 1999-12-29 17:43:03 +00:00
Bodo Möller
45fd4dbb84 Fix SSL_CTX_add_session: When two SSL_SESSIONs have the same ID, 
they can sometimes be different memory structures.
 1999-12-29 14:29:32 +00:00