Ben Laurie
801fea5f11
Constification.
2005-03-23 08:21:30 +00:00
Dr. Stephen Henson
da26bcb5de
Update CHANGES, opensslv.h
2005-03-22 21:27:36 +00:00
Dr. Stephen Henson
5c1fd5e316
Update files ready for release.
2005-03-22 18:17:23 +00:00
Dr. Stephen Henson
f42a82777d
make update
2005-03-22 18:15:56 +00:00
Ulf Möller
6d2a7098d6
Cygwin randomness
2005-03-19 11:40:41 +00:00
Andy Polyakov
b43b9de9e4
Real Bourne shell doesn't accept ! as in "if ! grep ..." Fix this in
...
crypto/Makefile and make Makefile.org and fips/Makefile more discreet.
2005-03-15 09:46:14 +00:00
Andy Polyakov
9d14506f29
Cygwin to use DSO_FLFCN and mingw to use DSO_WIN32 (required for FIPS).
2005-03-12 11:28:22 +00:00
Andy Polyakov
2cf68c0b1a
Avoid re-build avalanches with HP-UX make.
2005-03-12 09:13:15 +00:00
Bodo Möller
97d49cdd6f
fix potential memory leak when allocation fails
...
PR: 801
Submitted by: Nils Larsch
2005-03-11 09:00:59 +00:00
Lutz Jänicke
e22e6bf0be
Fix hang in EGD/PRNGD query when communication socket is closed
...
prematurely by EGD/PRNGD.
PR: 1014
Submitted by: Darren Tucker <dtucker@zip.com.au>
2005-02-19 10:17:26 +00:00
Dr. Stephen Henson
2ecf923286
Avoid possible memory leak.
2005-02-14 21:54:29 +00:00
Dr. Stephen Henson
66d68327cb
Avoid memory leak.
2005-01-31 01:40:39 +00:00
Dr. Stephen Henson
7cfcca8ba3
Further FIPS algorithm blocking.
...
Fixes to cipher blocking and enabling code.
Add option -non-fips-allow to 'enc' and update testenc.
2005-01-28 14:03:54 +00:00
Richard Levitte
0cae19f5ef
The first argument to load_iv should really be a char ** instead of an
...
unsigned char **, since it points at text.
Thanks to Nils Larsch <nils.larsch@cybertrust.com> for pointing out
the inelegance of our code :-)
2005-01-27 11:42:25 +00:00
Dr. Stephen Henson
6be00c7e16
More FIPS algorithm blocking.
...
Catch attempted use of non FIPS algorithms with HMAC.
Give an assertion error for applications that ignore FIPS digest errors.
Make -non-fips-allow work with dgst and HMAC.
2005-01-27 01:49:42 +00:00
Richard Levitte
532d936be8
Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might
...
cause a segfault... This was uncovered because EVP_VerifyInit() may fail
in FIPS mode if the wrong algorithm is chosen...
2005-01-27 01:49:23 +00:00
Richard Levitte
d88edf1447
Get rid if the annoying warning
2005-01-27 01:47:27 +00:00
Dr. Stephen Henson
f60fc19a69
make update
2005-01-26 20:05:46 +00:00
Dr. Stephen Henson
d0edffc7da
FIPS algorithm blocking.
...
Non FIPS algorithms are not normally allowed in FIPS mode.
Any attempt to use them via high level functions will return an error.
The low level non-FIPS algorithm functions cannot return errors so they
produce assertion failures. HMAC also has to give an assertion error because
it (erroneously) can't return an error either.
There are exceptions (such as MD5 in TLS and non cryptographic use of
algorithms) and applications can override the blocking and use non FIPS
algorithms anyway.
For low level functions the override is perfomed by prefixing the algorithm
initalization function with "private_" for example private_MD5_Init().
For high level functions an override is performed by setting a flag in
the context.
2005-01-26 20:00:40 +00:00
Andy Polyakov
134d6a44ec
Don't zap AES CBC IV, when decrypting truncated content in place.
2005-01-18 00:24:55 +00:00
Dr. Stephen Henson
420eb6a306
PKCS7_verify() performance optimization. When the content is large and a
...
memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots
of slow memory copies from the memory BIO by saving the content in a
temporary read only memory BIO.
2005-01-14 17:53:16 +00:00
Andy Polyakov
ea28f93c2d
Rely on e_os.h to appropriately define str[n]casecmp in non-POSIX
...
environments.
2005-01-14 16:22:02 +00:00
Andy Polyakov
adeb20b6b7
O_NOFOLLOW is not appropriate when opening /dev/* entries on Solaris.
...
PR: 998
2005-01-14 16:19:47 +00:00
Richard Levitte
086b64d0d3
make update
2005-01-14 00:16:31 +00:00
Richard Levitte
47c88d7413
Correct a faulty address assignment, and add a length check (not
...
really needed now, but may be needed in the future, who knows?).
2005-01-12 09:51:31 +00:00
Andy Polyakov
5cdf5e3308
Allow for ./config no-sha0.
...
PR: 993
2005-01-09 17:58:18 +00:00
Andy Polyakov
b58560b915
DJGPP update.
...
PR: 989
Submitted by: Doug Kaufman
2005-01-04 10:21:55 +00:00
Andy Polyakov
83f69163fd
Borrow #include <string[s].h> from e_os.h.
2004-12-31 00:01:23 +00:00
Andy Polyakov
5ca3a0aa86
Make whiny compilers stop complaining about missing prototype.
2004-12-30 23:39:06 +00:00
Andy Polyakov
702be727c0
AES CBC and CFB performance tune-up from HEAD.
2004-12-30 22:57:19 +00:00
Andy Polyakov
f709ffe832
Minor cygwin update.
...
PR: 949
2004-12-27 21:26:10 +00:00
Andy Polyakov
fb39cd850c
Improved PowerPC platform support.
2004-12-20 13:20:22 +00:00
Andy Polyakov
15bbc1574f
Backport of PPC BN module from HEAD.
2004-12-20 13:15:51 +00:00
Richard Levitte
37ece6156a
make update
2004-12-13 22:48:01 +00:00
Dr. Stephen Henson
965574039b
Remove duplicate lines.
2004-12-12 13:18:23 +00:00
Andy Polyakov
a661c1728f
Respect no-asm with fips option and disable FIPS DES assembler in
...
shared context [because it's not PIC].
2004-12-10 11:37:25 +00:00
Andy Polyakov
13e387c3fe
olaris x86 perlasm update [from HEAD].
2004-12-10 11:27:09 +00:00
Andy Polyakov
3dd16fb7fd
Eliminate false dependency on 386 config option is FIPS context.
...
At the same time limit assembler support to ELF platforms [that's
what is there, ELF modules].
2004-12-09 22:43:29 +00:00
Andy Polyakov
ab09133881
Engage SHA1 IA64 assembler on IA64 platforms [from HEAD].
2004-12-09 21:05:14 +00:00
Andy Polyakov
bd5a2195de
Postpone linking of shared libcrypto in FIPS build.
2004-12-09 18:03:23 +00:00
Dr. Stephen Henson
a4c9668f3c
Automatically mark the CRL cached encoding as invalid when some operations
...
are performed.
2004-12-09 13:34:41 +00:00
cvs2svn
f1ca15dd69
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_7-stable'.
2004-12-09 11:57:39 +00:00
Andy Polyakov
b4e0ce5165
SHA1 assembler for IA-64.
2004-12-09 11:57:38 +00:00
Andy Polyakov
17f0e916db
Extend RC4 test.
2004-12-07 11:55:56 +00:00
Dr. Stephen Henson
41c70d47d7
Remaing bits of PR:620 relevant to 0.9.8.
2004-12-05 01:50:56 +00:00
Dr. Stephen Henson
ec46cd8bb8
Remaining parts of PR:620
2004-12-05 01:46:03 +00:00
Dr. Stephen Henson
da8534693c
Add lots of checks for memory allocation failure, error codes to indicate
...
failure and freeing up memory if a failure occurs.
PR:620
2004-12-05 01:04:44 +00:00
Dr. Stephen Henson
a0e7c8eede
Add lots of checks for memory allocation failure, error codes to indicate
...
failure and freeing up memory if a failure occurs.
PR:620
2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
c98175bf88
In by_file.c check last error for no start line, not first error.
2004-12-04 21:26:11 +00:00
Dr. Stephen Henson
3e66ee9f01
In by_file.c check last error for no start line, not first error.
2004-12-04 21:25:51 +00:00