Commit graph

3306 commits

Author SHA1 Message Date
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Dr. Stephen Henson
b392e52050 Move allow_proxy_certs declaration to start of function. 2005-04-10 23:41:09 +00:00
Richard Levitte
d9bfe4f97c Added restrictions on the use of proxy certificates, as they may pose
a security threat on unexpecting applications.  Document and test.
2005-04-09 16:07:12 +00:00
Nils Larsch
f763e0b5ae make sure error queue is totally emptied
PR: 359
2005-04-07 22:53:35 +00:00
Andy Polyakov
9f2027e56d Implement OPENSSL_showfatal and make it Win32 GUI and service aware
[meaning that it will detect in which context application is running
and either write message to stderr, post a dialog or log an event].
2005-04-07 18:39:45 +00:00
Andy Polyakov
e1d51de41f Harmonize cygwin/mingw and VC targets. 2005-04-07 15:51:55 +00:00
Andy Polyakov
81ee80ab88 +45% RC4 performance boost on Intel EM64T core. Unrolled loop providing
further +35% will follow...

Submitted by: Zou Nanhai
2005-04-06 09:45:42 +00:00
Nils Larsch
70f34a5841 some const fixes and cleanup 2005-04-05 10:29:43 +00:00
Nils Larsch
c2e40d0f9a remove unused recp method 2005-04-04 18:15:59 +00:00
Andy Polyakov
0abfd60604 Extend Solaris x86 support to amd64. 2005-04-04 17:10:53 +00:00
Andy Polyakov
e5dbccc182 Solaris x86 linker erroneously pads .init segment with zeros instead of
nops, which causes SEGV at startup. So I don't align anymore.
2005-04-04 17:07:16 +00:00
Andy Polyakov
f8fa22d826 Some non-GNU compilers (such as Sun C) define __i386. 2005-04-04 17:05:06 +00:00
Andy Polyakov
60fd574cdf Make bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially
introduced for a reason [like bug in initial gcc port], but proposed
=&r is treated correctly by senior 3.2, so we can assume it's safe now.
PR: 1031
2005-04-03 18:53:29 +00:00
Ben Laurie
73705abc34 If input is bad, we still need to clear the buffer. 2005-04-03 16:38:22 +00:00
Dr. Stephen Henson
7bdf8eed69 Typo 2005-04-01 21:56:15 +00:00
Ben Laurie
8bb826ee53 Consistency. 2005-03-31 13:57:54 +00:00
Ben Laurie
45d10efc35 Simplicate and add lightness. 2005-03-31 10:55:55 +00:00
Ben Laurie
41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Nils Larsch
fea4280a8b fix header 2005-03-30 21:38:29 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Ben Laurie
0821bcd4de Constification. 2005-03-30 10:26:02 +00:00
Nils Larsch
c01d2b974e when building with OPENSSL_NO_DEPRECATED defined BN_zero is a macro
which cannot be evaluated in an if statement
2005-03-28 15:06:29 +00:00
Ulf Möller
7a8c728860 undo Cygwin change 2005-03-24 00:14:59 +00:00
Nils Larsch
41e455bfc4 test, remove unnecessary const cast 2005-03-22 17:55:18 +00:00
Ulf Möller
130db968b8 Use Windows randomness code on Cygwin 2005-03-19 11:39:17 +00:00
Ulf Möller
8d274837e5 fix breakage for Perl versions that do boolean operations on long words 2005-03-19 11:13:30 +00:00
Bodo Möller
9f6715d4bb "make depend". This takes into account the algorithms that are now
disabled by default (MDC2 and RC5), which until now were skipped
by "make links" and yet supposedly required by some of the Makefiles,
meaning that the recent snapshots failed to compile.

Problem reported by Nils Larsch.
2005-03-13 19:49:47 +00:00
Andy Polyakov
1642000707 Cygwin to use DSO_FLFCN and mingw to use DSO_WIN32. 2005-03-12 11:28:41 +00:00
Andy Polyakov
f7f2125522 Avoid re-build avalanches with HP-UX make. 2005-03-12 09:12:44 +00:00
Bodo Möller
2b61034b0b fix potential memory leak when allocation fails
PR: 801
Submitted by: Nils Larsch
2005-03-11 09:01:24 +00:00
Bodo Möller
80c808b90b Fix typo
PR: 1017
Submitted by: ciresh@yahoo.com
Reviewed by: Nils Larsch
2005-03-09 19:08:02 +00:00
Lutz Jänicke
f69a8aebab Fix hang in EGD/PRNGD query when communication socket is closed
prematurely by EGD/PRNGD.
PR: 1014
Submitted by: Darren Tucker <dtucker@zip.com.au>
2005-02-19 10:19:07 +00:00
Dr. Stephen Henson
9d10b15ef9 Fix possible memory leak. 2005-02-14 21:53:24 +00:00
Andy Polyakov
da30c74a27 Remove unused assembler modules. 2005-02-06 13:43:02 +00:00
Andy Polyakov
67ea999d4a This patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF
and GNU binutils, but kept BSD make... And I took the opportunity to
unify other targets to this common least denominator...
2005-02-06 13:23:34 +00:00
Richard Levitte
8c3c570134 The first argument to load_iv should really be a char ** instead of an
unsigned char **, since it points at text.

Thanks to Nils Larsch <nils.larsch@cybertrust.com> for pointing out
the inelegance of our code :-)
2005-01-27 11:42:28 +00:00
Richard Levitte
bf746f0f46 Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might
cause a segfault...  This was uncovered because EVP_VerifyInit() may fail
in FIPS mode if the wrong algorithm is chosen...
2005-01-27 01:49:25 +00:00
Richard Levitte
a229e3038e Get rid if the annoying warning 2005-01-27 01:47:31 +00:00
Andy Polyakov
fbdce13e5a Please BSD make... 2005-01-25 22:09:11 +00:00
Andy Polyakov
e532a6c449 FreeBSD 5 refuses to #include <malloc.h>. Fix compiler warning after
http://cvs.openssl.org/chngview?cn=12843.
2005-01-25 22:07:22 +00:00
Andy Polyakov
8359421d90 Default to AES u32 being unsinged int and not long. This improves cache
locality on 64-bit platforms (and fixes IA64 assembler-empowered build:-).
The choice is guarded by newly introduced AES_LONG macro, which needs
to be defined only on 16-bit platforms which we don't support (not that
I know of). Meaning that one could as well skip long option altogether.
2005-01-24 14:22:05 +00:00
Andy Polyakov
efde5230f1 Improve ECB performance (48+14*rounds -> 18+13*rounds) and reserve for
hand-coded zero-copy AES_cbc_encrypt.
2005-01-24 14:14:53 +00:00
Andy Polyakov
bac252a5e3 Bug-fix in CBC encrypt tail processing and commentary section update. 2005-01-20 10:33:37 +00:00
Andy Polyakov
addb6e16a8 Throw in AES CBC assembler, up to +40% on aes-128-cbc benchmark. 2005-01-18 01:04:41 +00:00
Andy Polyakov
ed65fab910 Reserve for AES CBC assembler implementation... 2005-01-18 00:43:32 +00:00
Andy Polyakov
90cc40911b Don't zap AES CBC IV, when decrypting truncated content in place. 2005-01-18 00:26:52 +00:00
Richard Levitte
a7201e9a1b Changes concering RFC 3820 (proxy certificates) integration:
- Enforce that there should be no policy settings when the language
   is one of id-ppl-independent or id-ppl-inheritAll.
 - Add functionality to ssltest.c so that it can process proxy rights
   and check that they are set correctly.  Rights consist of ASCII
   letters, and the condition is a boolean expression that includes
   letters, parenthesis, &, | and ^.
 - Change the proxy certificate configurations so they get proxy
   rights that are understood by ssltest.c.
 - Add a script that tests proxy certificates with SSL operations.

Other changes:

 - Change the copyright end year in mkerr.pl.
 - make update.
2005-01-17 17:06:58 +00:00
Dr. Stephen Henson
fcd5cca418 PKCS7_verify() performance optimization. When the content is large and a
memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots
of slow memory copies from the memory BIO by saving the content in a
temporary read only memory BIO.
2005-01-14 17:52:24 +00:00
Andy Polyakov
e6d27baf52 Rely on e_os.h to appropriately define str[n]casecmp in non-POSIX
environments.
2005-01-13 15:46:09 +00:00
Andy Polyakov
e7e1150706 "Monolithic" x86 assembler replacement for aes_core.c. Up to +15% better
performance on recent microarchitectures.
2005-01-13 15:35:44 +00:00