Commit graph

239 commits

Author SHA1 Message Date
Richard Levitte
04dc4edb44 If dynamically-loadable ENGINEs are linked against a shared-library version
of libcrypto, then it is possible that when they are loaded they will share
the same static data as the loading application/library. This means it will
be too late to set memory/ERR/ex_data/[etc] callbacks, but entirely
unnecessary to try.

This change (and a great part of this comment) was implemented in
0.9.8-dev a long time ago, but slightly differently.  In 0.9.8-dev, a
specific function that just returns a pointer to some static object is
used. For 0.9.7x, we couldn't do that, since the way we handle feature
freezes is, among other, to not add any more non-static functions.
Instead, we use the function ERR_get_implementation() and compare the
returned value with fns->err_fns, a member of fns that already is
there, and which therefore can safely be used in this manner.

What happens is that if the loaded ENGINE's return value from this
function matches the loading application/library's return value - they
share static data. If they don't match, the loaded ENGINE has its own
copy of libcrypto's static data and so the callbacks need to be set.
2003-11-27 16:41:26 +00:00
Lutz Jänicke
d161f5a9b2 Free "engine" resource in case of failure to prevent memory leak
PR: #778
Submitted by: George Mitchell <george@m5p.com>
2003-11-24 16:47:44 +00:00
Richard Levitte
732d1bf43a Add reference counting around the thread state hash table.
Unfortunately, this means that the dynamic ENGINE version just went up, and
isn't backward compatible.
PR: 678
2003-09-27 20:29:11 +00:00
Ben Laurie
75622f1ece Unfinished FIPS stuff for review/improvement. 2003-07-27 17:00:51 +00:00
Geoff Thorpe
bc63a2ee0e This memset() in the ubsec ENGINE is a bug. Zeroing out the result array
should not be necessary in any case, but more importantly the result and
input BIGNUMs could be the same, in which case this is clearly a problem.

Submitted by: Jonathan Hersch
Reviewed by: Joe Orton
Approved by: Geoff Thorpe
2003-06-06 17:53:24 +00:00
Geoff Thorpe
86a925b27e Fix a bone-head bug. This warrants a CHANGES entry because it could affect
applications if they were passing a bogus 'flags' parameter yet having
things work as they wanted anyway.
2003-03-13 20:23:19 +00:00
Richard Levitte
6d85cd36e2 Add the possibility to build without the ENGINE framework.
PR: 287
2003-01-30 17:37:49 +00:00
Richard Levitte
60d16c258a Missing 0 broke FreeBSD build.
PR: 470
2003-01-23 08:10:07 +00:00
Richard Levitte
0062e618f0 FreeBSD has /dev/crypto as well.
PR: 462
2003-01-16 18:29:34 +00:00
Lutz Jänicke
282382cc14 Armor against systems without ranlib...
Submitted by: Thierry Lelegard <thierry.lelegard@canal-plus.fr>

PR: 461
2003-01-16 17:21:15 +00:00
Geoff Thorpe
8d2563f136 The ampersand is not required in these constructs, and was giving AIX
warnings.

Reported by: Bernhard Simon.
2002-12-15 16:45:28 +00:00
Richard Levitte
5c72869563 Add a static lock called HWCRHK, for the case of having an application
that wants to use the hw_ncipher engine without having given any
callbacks for the dynamic type of locks.
2002-12-12 17:41:36 +00:00
Richard Levitte
ae0b7667a9 Make sure to implement the cryptodev engine only when /dev/crypto exists.
PR: 385
2002-12-05 10:17:08 +00:00
Richard Levitte
d9090acdfb If an application supports static locks, it MUST support dynamic locks as
well to be able to use the CHIL engine.
PR: 281
2002-12-05 00:57:20 +00:00
Richard Levitte
72951df799 Only check for a result buffer if the allocated string is a prompt string.
PR: 381
2002-12-05 00:04:40 +00:00
Richard Levitte
a9b41af71c Do not implement RC4 stuff if RC4 is disabled. Concequently, apply the same
rule for SHA stuff.
PR: 381
2002-12-04 22:54:13 +00:00
Richard Levitte
a067cba35b Windows CE updates, contributed by Steven Reddie <smr@essemer.com.au> 2002-12-03 14:21:32 +00:00
Richard Levitte
75e3026a14 Cleanse memory using the new OPENSSL_cleanse() function.
I've covered all the memset()s I felt safe modifying, but may have missed some.
2002-11-28 08:09:03 +00:00
Richard Levitte
29ca164513 WinCE patches 2002-11-15 22:44:08 +00:00
Richard Levitte
cd10ba9c39 When build as dynamic engines, the loading functions should be defined
static.
2002-11-13 15:29:01 +00:00
Geoff Thorpe
b963f807be - Remo Inverardi noticed that ENGINEs don't have an "up_ref" function in the
normal 'structural' case (ENGINE_init() satisfies this in the less normal
'functional' case). This change provides such a function.

- Correct some "read" locks that should actually be "write" locks.

- make update.
2002-10-16 01:32:46 +00:00
Richard Levitte
f6733ae577 makedepend complains when a header file is included more than once in
the same source file.
2002-10-14 09:53:46 +00:00
Richard Levitte
88de74ad83 make update 2002-10-11 12:23:49 +00:00
cvs2svn
b1d495b2c4 This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_7-stable'.
2002-10-09 13:57:58 +00:00
Richard Levitte
001ab3abad Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:25:12 +00:00
Richard Levitte
ff90d659e6 Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:21:33 +00:00
Richard Levitte
8f841c70c4 The dissapearing destroy callback reappears 2002-10-09 12:19:13 +00:00
Dr. Stephen Henson
74e3931f84 Various Win32 fixes.
Resolve signed/unsigned conflicts

Make dso_win32.c compile.
2002-10-06 12:14:55 +00:00
Richard Levitte
6fed88113b For some reason, the random number support removed the destructor 2002-10-05 20:54:09 +00:00
Dr. Stephen Henson
04ad43af9e Win32 fix (signed/unsigned compare error). 2002-10-05 11:59:51 +00:00
Dr. Stephen Henson
3d840c827f make update 2002-10-04 21:16:58 +00:00
Richard Levitte
b0165ce439 Add random number generation capability to the cswift engine.
Should this be added to 0.9.6-stable as well?
PR: 275
2002-10-04 13:31:06 +00:00
Richard Levitte
0638ced5cc Add random number generation capability to the cswift engine.
Should this be added to 0.9.6-stable as well?
PR: 275
2002-10-04 13:30:57 +00:00
Richard Levitte
20b33a015f Removal missing 2002-10-02 00:22:44 +00:00
Richard Levitte
293d5082c7 The OpenBSD project has replaced the first implementation of the /dev/crypto
engine with something they claim is better.  I have nothing to compare to,
and I assume they know what they're talking about.  The interesting part with
this one is that it's loaded by default on OpenBSD systems.
This change was originally introduced in OpenBSD's tracking of OpenSSL.
2002-10-02 00:19:33 +00:00
Richard Levitte
fc0ab2eac2 The OpenBSD project has replaced the first implementation of the /dev/crypto
engine with something they claim is better.  I have nothing to compare to,
and I assume they know what they're talking about.  The interesting part with
this one is that it's loaded by default on OpenBSD systems.
This change was originally introduced in OpenBSD's tracking of OpenSSL.
2002-10-02 00:18:59 +00:00
Richard Levitte
6319853811 Incorrect argument order to memset() 2002-09-25 12:52:23 +00:00
Richard Levitte
cd98ab6491 Incorrect argument order to memset() 2002-09-25 12:52:13 +00:00
Richard Levitte
6b3a385f85 Missing ; 2002-09-25 12:49:45 +00:00
Richard Levitte
b3823ac64b Missing ; 2002-09-25 12:49:40 +00:00
Geoff Thorpe
3a00964dd3 Fix a bug to allow the 4758 ENGINE to build as a DSO. 2002-08-28 19:11:59 +00:00
Geoff Thorpe
41cc7096b8 Fix a bug to allow the 4758 ENGINE to build as a DSO. 2002-08-28 19:11:08 +00:00
Dr. Stephen Henson
e88479243c Change C++ style comments 2002-08-22 23:03:04 +00:00
Dr. Stephen Henson
ed7443661c Fix C++ style comments. 2002-08-22 23:00:05 +00:00
Bodo Möller
74cc4903ef make update 2002-08-09 12:16:15 +00:00
Bodo Möller
56939728b7 ECDH engine support
Submitted by: Douglas Stebila
2002-08-09 09:39:11 +00:00
Bodo Möller
e172d60ddb Add ECDH support.
Additional changes:
 - use EC_GROUP_get_degree() in apps/req.c
 - add ECDSA and ECDH to apps/speed.c
 - adds support for EC curves over binary fields to ECDSA
 - new function EC_KEY_up_ref() in crypto/ec/ec_key.c
 - reorganize crypto/ecdsa/ecdsatest.c
 - add engine support for ECDH
 - fix a few bugs in ECDSA engine support

Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-09 08:43:04 +00:00
Richard Levitte
c578208d63 Certain flag macros were tested with #if instead if #ifdef... 2002-08-02 11:13:55 +00:00
Richard Levitte
ba8fb52183 Certain flag macros were tested with #if instead if #ifdef... 2002-08-02 11:13:37 +00:00
Lutz Jänicke
c046fffa16 OpenSSL Security Advisory [30 July 2002]
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
2002-07-30 13:04:04 +00:00