Dr. Stephen Henson
c679fb298e
Add new function X509_STORE_set_verify_cb and use it in apps
2009-10-18 14:42:27 +00:00
Dr. Stephen Henson
28418076b2
PR: 2069
...
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org
IPv6 support for DTLS.
2009-10-15 17:41:44 +00:00
Dr. Stephen Henson
ad187f8905
Fix unitialized warnings
2009-10-04 16:52:35 +00:00
Dr. Stephen Henson
2280f82fc6
Fix warnings about ignoring fgets return value
2009-10-04 16:43:21 +00:00
Dr. Stephen Henson
e6714faffb
Prevent ignored return value warning
2009-10-04 14:04:14 +00:00
Dr. Stephen Henson
af8f2bb174
Prevent aliasing warning
2009-10-04 14:02:03 +00:00
Dr. Stephen Henson
d7501c16bf
Yes it is a typo ;-)
2009-10-01 12:17:18 +00:00
Dr. Stephen Henson
50d70c01d6
PR: 2062
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BN_rand error handling in bntest.c
2009-10-01 00:21:55 +00:00
Dr. Stephen Henson
9fc601cfbb
PR: 2059
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct EVP_SealInit error handling in pem_seal.c
2009-10-01 00:17:35 +00:00
Dr. Stephen Henson
fed5333248
PR: 2056
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_wirte error handling in asn1_par.c
2009-10-01 00:11:49 +00:00
Dr. Stephen Henson
a3d5cdb07c
PR: 2063
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_write error handling in ocsp_prn.c
2009-09-30 23:59:16 +00:00
Dr. Stephen Henson
d99c0f6b4a
PR: 2057
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_write, BIO_printf, i2a_ASN1_INTEGER and i2a_ASN1_OBJECT
error handling in OCSP print routines.
2009-09-30 23:55:29 +00:00
Dr. Stephen Henson
43f21e62aa
PR: 2058
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct EVP_DigestVerifyFinal error handling.
2009-09-30 23:50:10 +00:00
Dr. Stephen Henson
0c690586e0
PR: 2064, 728
...
Submitted by: steve@openssl.org
Add support for custom headers in OCSP requests.
2009-09-30 21:41:53 +00:00
Dr. Stephen Henson
0cc0db32e3
PR: 2050
...
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org
Fix handling of ENOTCONN and EMSGSIZE for dgram BIOs.
2009-09-22 11:34:25 +00:00
Dr. Stephen Henson
d68f7641a3
PR: 2047
...
Submitted by: David Lee <live4thee@gmail.com>, steve@openssl.org
Approved by: steve@openssl.org
Fix for IPv6 handling in BIO_get_accept_socket().
2009-09-20 16:40:59 +00:00
Dr. Stephen Henson
5e56584285
Don't use __try+__except unless on VC++
2009-09-20 12:39:16 +00:00
Andy Polyakov
13eca7d782
cmll-x86_64.pl: small buglet in CBC subroutine [from HEAD].
...
PR: 2035
2009-09-17 19:35:49 +00:00
Dr. Stephen Henson
80afb40ae3
Submitted by: Julia Lawall <julia@diku.dk>
...
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
2009-09-13 11:27:27 +00:00
Dr. Stephen Henson
1a3914fe0c
Seed PRNG with DSA and ECDSA digests for additional protection against
...
possible PRNG state duplication.
2009-09-09 12:14:36 +00:00
Dr. Stephen Henson
6c29853bf2
PR: 1644
...
Submitted by: steve@openssl.org
Fix to make DHparams_dup() et al work in C++.
For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.
2009-09-06 15:49:12 +00:00
Dr. Stephen Henson
2e9802b7a7
PR: 2028
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix DTLS cookie management bugs.
2009-09-04 17:42:06 +00:00
Dr. Stephen Henson
4b4f249e0d
Oops, s can be NULL
2009-09-04 11:31:19 +00:00
Dr. Stephen Henson
2c11ec308b
PR: 2029
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org
Fix so that the legacy digest EVP_dss1() still works.
2009-09-02 15:51:28 +00:00
Dr. Stephen Henson
e5eb96c83a
PR: 2013
...
Submitted by: steve@openssl.org
Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.
Add error checking to CRL generation in ca utility when nextUpdate is being
set.
2009-09-02 13:55:22 +00:00
Dr. Stephen Henson
6d1741030b
Missing break.
2009-08-31 22:21:01 +00:00
Dr. Stephen Henson
b8dc932c05
PR: 2005
...
Submitted by: steve@openssl.org
Some systems have broken IPv6 headers and/or implementations. If
OPENSSL_USE_IPV6 is set to 0 IPv6 is not used, if it is set to 1 it is used
and if undefined an attempt is made to detect at compile time by checking
if AF_INET6 is set and excluding known problem platforms.
2009-08-26 15:13:43 +00:00
Richard Levitte
dde33ea9c3
Remove tmdiff.h from EXHEADERS as it doesn't exist.
...
Don't have separate installation directory variables for VAX and AXP.
Submitted by Zoltan Arpadffy <zoli@polarhome.com>
2009-08-25 07:28:12 +00:00
Richard Levitte
573c61dcde
Make it possible to compile non-assembler routines on AXP as well.
...
Submitted by Zoltan Arpadffy <arpadffy@polarhome.com>
2009-08-25 07:22:08 +00:00
Dr. Stephen Henson
5a96822f2c
Update default dependency flags.
...
Make error name discrepancies a fatal error.
Fix error codes.
make update
2009-08-12 17:08:44 +00:00
Dr. Stephen Henson
ff0945cbdc
PR: 2004
...
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Approved by: steve@openssl.org
Handle fractional seconds properly in ASN1_GENERALIZEDTIME_print
2009-08-10 14:57:11 +00:00
Dr. Stephen Henson
dc0aebabe6
Add COMP error strings.
2009-08-09 14:58:05 +00:00
Dr. Stephen Henson
ea904b4074
Update from HEAD.
2009-08-05 15:04:16 +00:00
Dr. Stephen Henson
ec6158d029
PR: 1996
...
Submitted by: steve@openssl.org
Change conflicting name "BLOCK" to "OPENSSL_BLOCK".
2009-07-27 21:21:25 +00:00
Dr. Stephen Henson
4386445c18
Change STRING to OPENSSL_STRING etc as common words such
...
as "STRING" cause conflicts with other headers/libraries.
2009-07-27 21:08:53 +00:00
Ben Laurie
a585aa6750
Fix warnings.
2009-07-26 12:26:38 +00:00
Dr. Stephen Henson
2475a52061
Update from 0.9.8-stable.
2009-07-24 13:47:52 +00:00
Dr. Stephen Henson
d069a4d15d
PR: 1990
...
Update from 0.9.8-stable.
2009-07-24 13:07:08 +00:00
Dr. Stephen Henson
0bd9d3a60e
Update from 0.9.8-stable.
2009-07-24 11:24:45 +00:00
Dr. Stephen Henson
b4c81fb6db
Update from 0.9.8-stable
2009-07-24 11:15:55 +00:00
Dr. Stephen Henson
f97a8149cd
Update from HEAD.
2009-07-16 09:54:49 +00:00
Dr. Stephen Henson
7dfae89768
Handle OSX ".dynlib" DSO extension.
2009-07-15 17:58:57 +00:00
Dr. Stephen Henson
d41ca3f0e2
Update for next beta.
2009-07-15 12:08:35 +00:00
Dr. Stephen Henson
65fc4c55be
Preparation for beta3 release.
2009-07-15 11:37:45 +00:00
Dr. Stephen Henson
2202edeff0
PR: 1980
...
Submitted by: Victor Wagner <vitus@wagner.pp.ru>
Approved by: steve@openssl.org
Fix memory leaks.
2009-07-15 11:01:40 +00:00
Dr. Stephen Henson
affffaed3d
Update from HEAD.
2009-07-11 22:30:02 +00:00
Dr. Stephen Henson
0c644f1462
PR: 1985
...
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Approved by: steve@openssl.org
Initialise flags.
2009-07-11 21:42:47 +00:00
Dr. Stephen Henson
a2da5c7daa
Make update.
2009-07-08 09:13:24 +00:00
Dr. Stephen Henson
c155d83f5b
Delete MD2 from algorithm tables and default compilation.
2009-07-08 08:50:53 +00:00
Dr. Stephen Henson
15401859b5
PR: 1976
...
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org
Cleanup some compile time warnings/magic numbers.
2009-07-01 15:46:43 +00:00
Dr. Stephen Henson
6f24165170
PR: 1974(partial)
...
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org
Cryptodev digest support.
2009-07-01 15:42:38 +00:00
Dr. Stephen Henson
a8afd9382c
192, 256 bit AES and RC4 support for cryptodev.
2009-07-01 15:36:55 +00:00
Dr. Stephen Henson
caddf00d78
PR: 1974(partial)
...
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org
Fix up RSA API compliance for rsa_nocrt_mod_exp method.
2009-07-01 15:25:17 +00:00
Dr. Stephen Henson
e105098b3f
PR: 1974 (partial)
...
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org
If -DHAVE_CRYPTODEV is set enable cryptodev support
2009-07-01 14:55:59 +00:00
Dr. Stephen Henson
b855560192
PR: 1970
...
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Reviewed by: steve@openssl.org
Fix unused variable "words" and uninitialised data "b".
2009-07-01 11:39:59 +00:00
Dr. Stephen Henson
f2f50efea3
PR: 1965
...
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org
Make sure defines to remove SHA are correct.
2009-07-01 11:35:46 +00:00
Dr. Stephen Henson
1fd43fd86e
PR: 1969
...
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org
Don't use repeating key when testing algs.
2009-06-30 15:21:48 +00:00
Dr. Stephen Henson
3e70c81ed9
PR: 1967
...
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org
Don't go past end of params array.
2009-06-30 15:10:54 +00:00
Dr. Stephen Henson
43ea53a04a
Inherit parameters properly in SSL contexts: any parameters set should
...
replace those in the current list.
2009-06-30 11:21:00 +00:00
Dr. Stephen Henson
8549a8a5dc
Fix from 0.9.8-stable
2009-06-26 23:14:11 +00:00
Dr. Stephen Henson
710c1c34d1
Allow checking of self-signed certifictes if a flag is set.
2009-06-26 11:28:52 +00:00
Dr. Stephen Henson
e16818108f
Fix from HEAD.
2009-06-25 17:11:48 +00:00
Dr. Stephen Henson
0cb76e79df
PR: 1748
...
Fix nasty SSL BIO pop bug. Since this changes the behaviour of SSL BIOs and
will break applications that worked around the bug only included in 1.0.0 and
later.
2009-06-25 11:26:45 +00:00
Dr. Stephen Henson
6178da0142
Update from HEAD.
2009-06-17 12:05:51 +00:00
Dr. Stephen Henson
27713e3fc2
Check t too.
2009-06-17 11:47:54 +00:00
Dr. Stephen Henson
8280b43a62
Update from HEAD.
2009-06-17 11:26:09 +00:00
Dr. Stephen Henson
bfd502f027
Updates from HEAD.
2009-06-16 16:39:20 +00:00
Dr. Stephen Henson
f1ed5fa827
Update from 0.9.8-stable.
2009-06-15 15:00:19 +00:00
Dr. Stephen Henson
5bb9e1b4d4
Update from HEAD.
2009-06-15 11:23:33 +00:00
Ben Laurie
7de819237d
Two digits is not wide enough.
2009-06-14 10:23:29 +00:00
Ben Laurie
6cfab29b71
Make depend.
2009-06-14 02:37:22 +00:00
Dr. Stephen Henson
4e63da0669
PR: 1950
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve@openssl.org
DTLS fragment retransmission bug.
2009-06-05 14:46:49 +00:00
Ben Laurie
15b0a5651c
Not always used.
2009-06-05 08:35:54 +00:00
Dr. Stephen Henson
524e5b844b
Update from HEAD.
2009-06-01 12:14:15 +00:00
Dr. Stephen Henson
f16411ccfd
Ensure canonical encodings of X509_NAME structures are valid.
2009-05-30 18:10:59 +00:00
Dr. Stephen Henson
2bbcd45b05
Update from HEAD.
2009-05-29 18:58:59 +00:00
Dr. Stephen Henson
431aad3c15
Delete line which should have gone with PR#1922.
2009-05-18 16:11:58 +00:00
Dr. Stephen Henson
0454f2c490
PR: 1929
...
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org
Updated DTLS MTU bug fix.
2009-05-17 16:04:21 +00:00
Dr. Stephen Henson
5f911774bf
Revert previous MTU patch from PR#1929
2009-05-17 15:57:51 +00:00
Richard Levitte
6a419388fc
Stupid typo
2009-05-17 07:22:15 +00:00
Dr. Stephen Henson
88b48dc680
PR: 1930
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Limit size of DTLS record buffer queue.
2009-05-16 16:17:46 +00:00
Dr. Stephen Henson
f99c9daa39
Make the stuff compile again, fix missing prototype warnings.
2009-05-16 11:14:55 +00:00
Dr. Stephen Henson
019b3f3e5a
Update from HEAD.
2009-05-15 23:07:41 +00:00
Dr. Stephen Henson
d6584eba8c
PR: 1922
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS Timer bug fix.
2009-05-15 22:58:13 +00:00
Richard Levitte
006c7c6bb1
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
...
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)
2009-05-15 16:37:08 +00:00
Richard Levitte
17ae5e9f13
Add a comment about libeay.num and ssleay.num
2009-05-15 16:00:08 +00:00
Andy Polyakov
baa5f52422
x86[_64]cpuid.pl: update from HEAD.
2009-05-14 18:25:29 +00:00
Dr. Stephen Henson
756d2074b8
PR: 1924
...
Submitted by: "Green, Paul" <Paul.Green@stratus.com>
Approved by: steve@openssl.org
Fix _POSIX_C_SOURCE usage.
2009-05-13 11:32:24 +00:00
Dr. Stephen Henson
d8646dab14
Don't use -D_CRT_NONSTDC_NO_DEPRECATE, fix bio_lcl.h instead.
2009-05-06 10:23:39 +00:00
Andy Polyakov
27c7e53882
ec_mult.c: update from HEAD (Win64 compile warnings).
2009-05-05 19:23:45 +00:00
Andy Polyakov
b2b28803fb
cryptlib.c: update from HEAD.
2009-05-05 19:23:14 +00:00
Andy Polyakov
8e92b1b9ce
perlasm: update from HEAD.
2009-05-05 19:21:12 +00:00
Richard Levitte
c44544a1d7
Update from HEAD
2009-05-05 08:46:30 +00:00
Dr. Stephen Henson
376bbb5887
PR: 1914
...
Make safestack work with C++.
2009-04-28 21:56:04 +00:00
Richard Levitte
2c8275409e
Update from HEAD.
2009-04-28 13:00:50 +00:00
Andy Polyakov
892582b541
v3_alt.c: otherName parsing fix from HEAD.
...
Submitted by: Love Hoernquist Aastrand
2009-04-27 19:37:23 +00:00
Andy Polyakov
f0f00f9272
sha*-s390x.pl: minor update from HEAD.
2009-04-27 19:31:30 +00:00
Andy Polyakov
a243c68736
rc4-x86_64.pl: Win64 SEH update from HEAD.
2009-04-27 19:31:04 +00:00
Andy Polyakov
467d9f2a34
b_sock.c: readability update from HEAD.
2009-04-27 19:30:36 +00:00
Dr. Stephen Henson
4f44677a41
This at least break WIN32 which doesn't have sys/time.h might need to make
...
this a bit more generous later...
2009-04-26 14:53:58 +00:00
Richard Levitte
5409414eff
Updates from HEAD
2009-04-26 11:35:58 +00:00
Dr. Stephen Henson
7134507de0
Make no-rsa, no-dsa and no-dh compile again.
2009-04-23 17:16:40 +00:00
Dr. Stephen Henson
fe41d9853c
Make no-ec work
2009-04-23 16:25:00 +00:00
Dr. Stephen Henson
82ae57136b
Some no-ec fixes (not complete yet).
2009-04-23 15:24:27 +00:00
Dr. Stephen Henson
30baeaaeab
CryptoAPI engine only exists on WIN32.
2009-04-22 17:36:45 +00:00
Dr. Stephen Henson
346b1001eb
PR: 1903
...
Submitted by: "Paul Smedley" <pauldespam@despamsmedley.id.au>
Approved by: steve@openssl.org
OS/2 fixes (excludes Makefile.shared patch for now).
2009-04-22 16:21:20 +00:00
Dr. Stephen Henson
461be68b75
Change version to beta3-dev
2009-04-21 22:27:41 +00:00
Dr. Stephen Henson
71d3eaf358
make update.
2009-04-21 15:02:20 +00:00
Dr. Stephen Henson
ef6b25be63
Beta 2 preparation.
2009-04-21 14:58:57 +00:00
Dr. Stephen Henson
52891f832f
Fix error header files and error files too.
2009-04-19 17:58:01 +00:00
Dr. Stephen Henson
9990cb75c1
PR: 1894
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org
Fix various typos and stuff.
2009-04-16 17:22:51 +00:00
Dr. Stephen Henson
268e78c305
PR: 1899
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org
Check for <= 0 when verifying CRL issuers.
2009-04-15 15:07:09 +00:00
Dr. Stephen Henson
10acacb3bf
Fix typo and stop WIN32 warnings.
2009-04-14 15:13:35 +00:00
Dr. Stephen Henson
aab790a656
PR: 1829
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS Timer Bug fix.
2009-04-14 14:33:12 +00:00
Dr. Stephen Henson
0f17424918
PR: 1786
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org
Add missing IMPLEMENT.
2009-04-13 11:36:19 +00:00
Dr. Stephen Henson
55ed10db21
PR: 1785
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org
Properly handle malloc failure.
2009-04-13 11:31:22 +00:00
Dr. Stephen Henson
19ae090787
Print out registered digest names in dgst utility instead of hard
...
coding them. Modify EVP_MD_do_all() to include registered digest name.
This is a modified version of part of PR#1887.
2009-04-10 10:30:27 +00:00
Dr. Stephen Henson
db3076621b
PR: 1892
...
Fix memory leak when email:move option used.
2009-04-08 15:58:07 +00:00
Dr. Stephen Henson
0048464449
Use basename of objxref.pl not whole path in generated header.
2009-04-06 16:16:23 +00:00
Dr. Stephen Henson
b422166ce0
Updates from HEAD.
2009-04-06 16:02:51 +00:00
Dr. Stephen Henson
8681c66eec
PR: 1890
...
Submitted by: "Green, Paul" <Paul.Green@stratus.com>
Approved by: steve@openssl.org
Fixes to --with-zlib-include and --with-zlib-lib and init PRNG for VOS.
2009-04-06 14:31:36 +00:00
Dr. Stephen Henson
69a0034e50
PR: 1899
...
Submitted by: Doug Kaufman <dkaufman@rahul.net>
Approved by: steve@openssl.org
Mingw fixes.
2009-04-06 14:25:02 +00:00
Dr. Stephen Henson
c9a1778134
Fix error codes.
2009-04-05 11:54:34 +00:00
Ben Laurie
3042945ac8
Fix warning.
2009-04-04 13:39:48 +00:00
Dr. Stephen Henson
da29b0d335
Fix for VC++ 6 which chokes on the empty argument.
2009-04-04 11:44:48 +00:00
Dr. Stephen Henson
25f6c7fd8b
Update from 0.9.8-stable.
2009-04-03 16:54:37 +00:00
Dr. Stephen Henson
1cf3571ea4
PR: 1888
...
Submitted by: Tim Rice <tim@multitalents.net>
Approved by: steve@openssl.org
Allow SOCKLEN_T type to be overridden at config time e.g.
./config -DSOCKLEN_T=int
2009-04-03 16:44:40 +00:00
Dr. Stephen Henson
d769e7a58c
PR: 1613
...
Submitted by: "Jean Rebiffe" <jrebiffe@gmail.com>
Approved by: steve@openssl.org
Free section.
2009-04-03 16:21:01 +00:00
Dr. Stephen Henson
fa3619f233
Update version info, fix typo.
2009-04-03 11:50:59 +00:00
Dr. Stephen Henson
a414cbcad3
Update from 0.9.8-stable.
2009-04-03 11:37:47 +00:00
Dr. Stephen Henson
5d48762647
Make PKCS12_parse() handle some PKCS#12 files which have their own ideas
...
about settings for local key id...
2009-04-02 17:44:50 +00:00
Dr. Stephen Henson
a6b03f4138
Make update fixing duplicate ASN1 error codes.
2009-04-01 08:55:54 +00:00
Dr. Stephen Henson
809fa4cc59
Update for first beta.
2009-04-01 08:47:28 +00:00
Dr. Stephen Henson
5cd0cf8cce
Fix other read call too.
2009-03-31 21:57:26 +00:00
Dr. Stephen Henson
49cb959494
Use OPENSSL_SYS_WIN32 instead of _WIN32
2009-03-31 21:45:29 +00:00
Dr. Stephen Henson
783a73c47f
Oops.
2009-03-31 21:39:54 +00:00
Dr. Stephen Henson
99bf516908
Add update from 0.9.8-stable branch.
2009-03-31 21:35:55 +00:00
Dr. Stephen Henson
a26c372cfc
Fix shlib version.
2009-03-31 21:21:42 +00:00
Dr. Stephen Henson
ed5ac22e5b
Correct version.
2009-03-31 21:19:17 +00:00
Dr. Stephen Henson
64ecdaeca9
HEAD is now 1.1.0
...
The 1.0.0 branch is now OpenSSL_1_0_0-stable
2009-03-31 10:38:37 +00:00
Dr. Stephen Henson
093f5d2c15
Nothing to see here... move along....
2009-03-28 17:12:51 +00:00
Dr. Stephen Henson
ddcfc25a6d
Update from stable branch.
2009-03-25 19:02:22 +00:00
Dr. Stephen Henson
73ba116e96
Update from stable branch.
2009-03-25 12:54:14 +00:00
Dr. Stephen Henson
80b2ff978d
Update from stable branch.
2009-03-25 12:53:50 +00:00
Dr. Stephen Henson
7ce8c95d58
Update from stable branch.
2009-03-25 12:53:26 +00:00
Dr. Stephen Henson
e4e949192b
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
...
Reviewed by: steve@openssl.org
Check return codes properly in md BIO and dgst command.
2009-03-18 18:53:08 +00:00
Andy Polyakov
4e52b9845e
aes-390x.pl: commentary update.
2009-03-17 20:04:11 +00:00
Andy Polyakov
e22b864846
Make SPARC assembler modules *really* Purify-friendly.
2009-03-17 18:31:08 +00:00
Andy Polyakov
57db09906b
Excuse myself from integrating sha1-sparcv9a.pl into build system, but
...
make it Purify-friendly...
2009-03-16 13:48:42 +00:00
Andy Polyakov
4c78bc05c4
Make SPARC assembler Pirify-friendly (Purify can't cope with certain
...
PIC constructs).
2009-03-16 13:32:38 +00:00
Dr. Stephen Henson
ef8e772805
Use OPENSSL_assert() instead of assert.
2009-03-15 14:04:42 +00:00
Dr. Stephen Henson
54571ba004
Use correct ctx name.
2009-03-15 14:03:47 +00:00
Dr. Stephen Henson
237d7b6cae
Fix from stable branch.
2009-03-15 13:37:34 +00:00
Dr. Stephen Henson
854a225a27
Update from stable branch.
2009-03-14 18:33:49 +00:00
Dr. Stephen Henson
e39acc1c90
PR: 1864
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Reviewed by: steve@openssl.org
Check return value.
2009-03-14 12:39:05 +00:00
Dr. Stephen Henson
a0b76569b2
Update from stable branch.
2009-03-14 12:26:48 +00:00
Dr. Stephen Henson
33ab2e31f3
PR: 1854
...
Submitted by: Oliver Martin <oliver@volatilevoid.net>
Reviewed by: steve@openssl.org
Support GeneralizedTime in ca utility.
2009-03-09 13:59:07 +00:00
Dr. Stephen Henson
bb7ccdfbe2
Update from stable branch.
2009-03-09 13:08:04 +00:00
Dr. Stephen Henson
c836f8ef73
Update from stable branch.
2009-03-09 12:30:10 +00:00
Dr. Stephen Henson
4df100935f
Update from stable branch.
2009-03-09 12:21:19 +00:00
Ben Laurie
c2a548a884
Print IPv6 all 0s correctly (Rob Austein).
2009-03-08 10:54:45 +00:00
Dr. Stephen Henson
77202a85a0
Update from stable branch.
2009-03-07 17:00:23 +00:00
Ben Laurie
2121f15daf
Use the right length (reported by Quanhong Wang).
2009-03-03 15:12:56 +00:00
Richard Levitte
605b04f661
Make it possible to disable STORE.
2009-02-19 09:42:51 +00:00
Richard Levitte
97132a0f8e
Reference bug.
2009-02-19 09:42:32 +00:00
Dr. Stephen Henson
30e5e39a3d
PR: 1778
...
Increase default verify depth to 100.
2009-02-16 23:23:21 +00:00
Dr. Stephen Henson
b5d5c0a21f
PR: 1843
...
Use correct array size for SHA1 hash.
2009-02-16 21:42:48 +00:00
Richard Levitte
f8ea4757cc
Data not initialised.
...
Notified by Gerardo Ganis <gerardo.ganis@cern.ch>
2009-02-16 15:17:24 +00:00
Dr. Stephen Henson
a63bf2c53c
Make no-engine work again.
2009-02-15 15:28:18 +00:00
Ben Laurie
b3f3407850
Use new common flags and fix resulting warnings.
2009-02-15 14:08:51 +00:00
Dr. Stephen Henson
477fd4596f
PR: 1835
...
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org
Fix various typos.
2009-02-14 21:49:38 +00:00
Andy Polyakov
c558c99fd8
rc4-s390x.pl: allow for older assembler and optimize character loop.
2009-02-12 14:48:49 +00:00
Andy Polyakov
13c3a1defa
RC4 for s390x.
2009-02-11 10:01:36 +00:00
Dr. Stephen Henson
aaa29f9e83
Add error checking to obj_xref.pl and add command line support for data
...
file locations.
2009-02-10 13:03:31 +00:00
Dr. Stephen Henson
ede6ef5e08
Submitted by: Peter Sylvester <Peter.Sylvester@edelweb.fr>
...
Reviewed by: steve
If tagging is universal and SET or SEQUENCE set constructed bit.
2009-02-10 12:13:08 +00:00
Andy Polyakov
0f529cbdc3
s390x-mont.pl: optimize prologue.
2009-02-10 08:46:48 +00:00
Andy Polyakov
eb55b9fc19
linux-s390x failed link after assembler pack update.
2009-02-10 07:43:48 +00:00
Andy Polyakov
7012d2a8fa
sha1-sparcv9a.pl: fix bug in commentary section.
2009-02-09 16:03:33 +00:00
Andy Polyakov
8626230a02
s390x assembler pack update.
2009-02-09 15:42:04 +00:00
Dr. Stephen Henson
57f39cc826
Print out UTF8 and NumericString types in ASN1 parsing utility.
2009-01-28 12:54:52 +00:00
Dr. Stephen Henson
6489573224
Update from stable branch.
2009-01-28 12:36:14 +00:00
Dr. Stephen Henson
079e00e646
Typo: just copy across an unknown type.
2009-01-28 12:32:03 +00:00
Richard Levitte
8bf5001612
Do the Camellia part right
2009-01-28 07:01:29 +00:00
Richard Levitte
6ed9dfb23a
Synchronise with Unix build
2009-01-20 05:39:24 +00:00
Dr. Stephen Henson
c2c99e2860
Update certificate hash line format to handle canonical format
...
and avoid MD5 dependency.
2009-01-15 13:22:39 +00:00
Dr. Stephen Henson
8125d9f99c
Make PKCS#8 the standard write format for private keys, replacing the
...
ancient SSLeay format.
2009-01-15 12:52:38 +00:00
Dr. Stephen Henson
8e6925b0cd
Add CRYPTO_MDEBUG_ABORT to abort() is there are any memory leaks. This will
...
cause "make test" failures and make resource leaks more obvious.
2009-01-11 20:36:50 +00:00
Dr. Stephen Henson
41b7619596
Fix missing prototype warnings then fix different prototype warnings ;-)
2009-01-11 16:17:26 +00:00
Dr. Stephen Henson
bab534057b
Updatde from stable branch.
2009-01-07 23:44:27 +00:00
Andy Polyakov
6de3683908
Add UltraSPARC VIS-powered SHA1 block procedure.
2009-01-05 14:52:31 +00:00
Richard Levitte
792bbc2374
VMS stuff I forgot...
2009-01-03 09:25:32 +00:00
Ben Laurie
23b973e600
Calculate offset correctly. (Coverity ID 233)
2009-01-01 18:30:51 +00:00
Andy Polyakov
a370537bde
Styling update to makefiles: $() to denote make substitutions and $${} -
...
shell ones.
2008-12-29 16:17:52 +00:00
Ben Laurie
0eab41fb78
If we're going to return errors (no matter how stupid), then we should
...
test for them!
2008-12-29 16:11:58 +00:00
Ben Laurie
8aa02e97a7
Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash.
...
(Coverity ID 135).
2008-12-29 13:35:08 +00:00
Andy Polyakov
a68c7b9171
bn_lib.c: [re-]fix Win64 compiler warning.
2008-12-29 12:44:33 +00:00
Andy Polyakov
5cabcf96e7
Fix "possible loss of data" Win64 compiler warnings.
2008-12-29 12:35:49 +00:00
Dr. Stephen Henson
2d1cbc85c8
Add standard .cvsignore file.
2008-12-29 00:27:06 +00:00
Andy Polyakov
e81695205e
x86_64-xlate.pl: support for binary constants, such as 0b1010101.
2008-12-27 14:00:37 +00:00
Andy Polyakov
fe150ac25d
Add modes/cts128.c, Ciphertext Stealing implementation.
2008-12-27 13:40:45 +00:00
Andy Polyakov
bec45a35bb
cmll-x86_64.pl: fix bug in cbc tail processing and comply with Win64 ABI spec.
2008-12-27 13:39:38 +00:00
Andy Polyakov
3b0ee0d2bf
Revisit RT#1801 and complete fix.
2008-12-27 13:32:21 +00:00
Ben Laurie
dde5b979d2
Remove dead code. (Coverity ID 2)
2008-12-27 02:36:24 +00:00
Ben Laurie
57a6ac7c4f
Check scalar->d before we use it (in BN_num_bits()). (Coverity ID 129)
2008-12-27 02:15:16 +00:00
Richard Levitte
4ded7b44a8
More synchronisation with Unix
2008-12-26 23:52:06 +00:00
Ben Laurie
1457619e13
Remove misleading dead code. Constify. (Coverity ID 142)
2008-12-26 17:17:21 +00:00
Ben Laurie
ccf529928f
!a && !a->b is clearly wrong! Changed to !a || !a->b (Coverity ID 145).
2008-12-26 15:32:59 +00:00
Ben Laurie
5ceb595dfa
pval must always be set when pk7_cb() does anything (Coverity ID 146).
2008-12-26 15:29:02 +00:00
Richard Levitte
44390fadc0
In BIO_write(), update the write statistics, not the read statistics.
...
PR: 1803
2008-12-25 22:24:17 +00:00
Richard Levitte
974d05a323
Further synchronisation with Unix
2008-12-25 22:04:42 +00:00
Andy Polyakov
0f76640fba
Windows-specific addenum to "engage crypto/modes" commit #17716 .
2008-12-23 15:15:44 +00:00
Andy Polyakov
a11974180f
Patch the omission from prvious commit #17716 .
2008-12-23 11:38:33 +00:00
Andy Polyakov
5d48a66a6a
Engage crypto/modes.
2008-12-23 11:33:01 +00:00
Andy Polyakov
63fc7f848d
crypto/modes: make modes.h selfsufficient and rename block_f to block128_t.
2008-12-23 11:18:45 +00:00
Andy Polyakov
830457ce4f
Optimize CAST for size on 64-bit platforms. For reference, CAST_LONG being
...
unsigned long must be attributed to 16-bit support. As we don't support
16-bit platoforms anymore, there is no reason to waste twice required
space on CAST S-boxes (16KB vs. 8KB) or key schedule.
2008-12-22 15:21:59 +00:00
Andy Polyakov
ea4d5005d9
cmll-x86_64.pl: Win64 SEH section to handle pushf/popf in CBC routine.
2008-12-22 14:15:11 +00:00
Andy Polyakov
9f03d0fc04
Optimize #undef DES_UNROLL for size.
2008-12-22 14:10:42 +00:00
Andy Polyakov
e527201f6b
This _WIN32-specific patch makes it possible to "wrap" OpenSSL in another
...
.DLL, in particular static build. The issue has been discussed in RT#1230
and later on openssl-dev, and mutually exclusive approaches were suggested.
This completes compromise solution suggested in RT#1230.
PR: 1230
2008-12-22 13:54:12 +00:00
Dr. Stephen Henson
70531c147c
Make no-engine work again.
2008-12-20 17:04:40 +00:00
Andy Polyakov
702e742515
cmll-x86_64.pl: bug fix and size optimization of Win64 SEH section.
2008-12-19 11:19:19 +00:00
Andy Polyakov
be01f79d3d
x86_64 assembler pack: add support for Win64 SEH.
2008-12-19 11:17:29 +00:00
Andy Polyakov
bf785c9849
x86_64-xlate.pl: fix masm hexadecimal constants.
2008-12-19 11:14:38 +00:00
Andy Polyakov
4db4882402
perlasm/x86* update: support for 3 and 4 argument instructions.
2008-12-17 19:56:48 +00:00
Andy Polyakov
6786f52ada
SEGV in AES_cbc_encrypt in aes-x86_64 assembler module.
...
PR: 1801
Submitted by: Huang Ying
2008-12-17 14:11:30 +00:00
Richard Levitte
2e6a7b3efc
Constify where needed
2008-12-16 13:41:49 +00:00
Richard Levitte
63461b8db1
Remove extraneous semicolons
2008-12-16 10:56:05 +00:00
Richard Levitte
e77228ba11
Stack changes made dso_vms.c not compile properly.
2008-12-16 10:55:26 +00:00
Richard Levitte
5c60b1637a
A few more symbols that are a little bit long for VMS
2008-12-16 10:54:53 +00:00
Richard Levitte
26397d2e8c
Synchronise VMS build system with the Unixly one
2008-12-16 10:54:28 +00:00
Andy Polyakov
85b2c0ce7f
128-bit block cipher modes consolidation. As consolidated functions
...
rely on indirect call to block functions, they are not as fast as
non-consolidated routines. However, performance loss(*) is within
measurement error and consolidation advantages are considered to
outweigh it.
(*) actually one can observe performance *improvement* on e.g.
CBC benchmarks thanks to optimization, which also becomes
shared among ciphers.
2008-12-16 08:39:21 +00:00
Andy Polyakov
f826bf7798
SEED to support OPENSSL_SMALL_FOOTPRINT: ~2x size decrease on x86.
2008-12-16 07:41:21 +00:00
Andy Polyakov
3ebbe8853f
Bring C bn_mul_mont template closer to assembler.
2008-12-16 07:28:38 +00:00
Ben Laurie
1f6e9bce21
Missing return values (Coverity ID 204).
2008-12-13 17:19:40 +00:00
Dr. Stephen Henson
9d44cd1642
Oops should check zero_pos >= 0.
2008-12-08 19:13:06 +00:00
Dr. Stephen Henson
1d4e879106
Handle case where v6stat.zero_pos == 0 correctly.
...
Reported by: Kurt Roeckx <kurt@roeckx.be>, Tobias Ginzler <ginzler@fgan.de> (Debian bug #506111 )
2008-12-07 23:58:44 +00:00
Andy Polyakov
ae381fef5c
Add Camellia assembler x86 and x86_64 modules.
2008-12-03 09:22:51 +00:00
Bodo Möller
7a76219774
Implement Configure option pattern "experimental-foo"
...
(specifically, "experimental-jpake").
2008-12-02 01:21:39 +00:00
Dr. Stephen Henson
e9afa08cd1
Update from stable branch.
2008-11-30 16:09:04 +00:00
Geoff Thorpe
bcaa36fd11
Fix compilation with -DOPENSSL_NO_DEPRECATED.
2008-11-28 22:06:55 +00:00
Dr. Stephen Henson
79bd20fd17
Update from stable-branch.
2008-11-24 17:27:08 +00:00
Dr. Stephen Henson
d0c3628834
Set memory BIOs up properly when stripping text headers from S/MIME messages.
2008-11-21 18:18:13 +00:00
Ben Laurie
f3b7bdadbc
Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks.
2008-11-16 12:47:12 +00:00
Ben Laurie
ad7159ea84
Ignore generated ASM.
2008-11-16 12:32:14 +00:00
Andy Polyakov
93c4ba07d7
x86_64-xlate.pl update, engage x86_64 assembler in mingw64.
2008-11-14 16:40:37 +00:00
Ben Laurie
6c901ae8c1
Ignore saved Makefile.
2008-11-13 09:31:37 +00:00
Ben Laurie
90c65a9838
J-PAKE is not experimental in HEAD.
2008-11-13 09:31:08 +00:00
Dr. Stephen Henson
ed551cddf7
Update from stable branch.
2008-11-12 17:28:18 +00:00
Dr. Stephen Henson
5aca224ecd
Reinstate camellia header fix patch.
2008-11-12 17:02:40 +00:00
Andy Polyakov
1416aec60d
Update make rules for x86_64 assembler pack.
2008-11-12 08:19:04 +00:00
Andy Polyakov
aa8f38e49b
x86_64 assembler pack to comply with updated styling x86_64-xlate.pl rules.
2008-11-12 08:15:52 +00:00
Andy Polyakov
8525377265
x86_64-xlate.pl to support MacOS X and mingw64.
2008-11-12 08:05:58 +00:00
Andy Polyakov
2fbc8a2aad
Revert commit #17603 , it should have been part of #17617 .
2008-11-12 07:27:36 +00:00
Geoff Thorpe
6343829a39
Revert the size_t modifications from HEAD that had led to more
...
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2401debe83
Tolerate -----BEGIN PKCS #7 SIGNED DATA----- header lines as used by some
...
implementations.
2008-11-11 12:38:25 +00:00
Dr. Stephen Henson
5c61111bff
Update from stable branch.
2008-11-11 12:23:18 +00:00
Bodo Möller
0a8c9f7de1
symbol deobnoxification
2008-11-11 07:08:59 +00:00
Dr. Stephen Henson
7b808412c9
Make -DKSSL_DEBUG work again.
2008-11-10 19:08:37 +00:00
Dr. Stephen Henson
0afc9f5bc0
PR: 1777
...
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>
Approved by: steve@openssl.org
Fix some size_t issues.
2008-11-05 23:14:32 +00:00
Dr. Stephen Henson
2e5975285e
Update obsolete email address...
2008-11-05 18:39:08 +00:00
Dr. Stephen Henson
5947ca0409
Don't use clobbered 'i' for checking UTCTime and GeneralizedTime length.
2008-11-05 18:28:24 +00:00
Ben Laurie
d40a1b865f
Only one of these needs to be signed.
2008-11-04 15:16:23 +00:00
Ben Laurie
f80921b6a6
Formatting.
2008-11-04 12:06:09 +00:00
Andy Polyakov
8fe8bae15a
Minor perlasm updates.
2008-11-03 08:46:07 +00:00
Dr. Stephen Henson
f2c0230518
Not sure about this one... seems to be needed to make 64 bit release
...
builds work properly...
2008-11-02 18:29:27 +00:00
Dr. Stephen Henson
e6e0c9018c
Fix prototypes.
2008-11-02 18:12:36 +00:00
Dr. Stephen Henson
9619b730b4
Use stddef.h to pick up size_t def.
2008-11-02 16:56:13 +00:00
Dr. Stephen Henson
2766515fca
Fix prototypes.
2008-11-02 16:13:19 +00:00
Dr. Stephen Henson
87d52468aa
Update HMAC functions to return an error where relevant.
2008-11-02 16:00:39 +00:00
Dr. Stephen Henson
70d71f6185
Fix warnings: printf format mismatches on 64 bit platforms.
...
Change assert to OPENSSL_assert().
Fix e_padlock prototype.
2008-11-02 15:41:30 +00:00
Ben Laurie
5ee92a5ec1
Fix asserts. Fix incorrect dependency.
2008-11-02 13:15:06 +00:00
Dr. Stephen Henson
c76fd290be
Fix warnings about mismatched prototypes, undefined size_t and value computed
...
not used.
2008-11-02 12:50:48 +00:00
Ben Laurie
d0a20cafa1
Fix warnings.
2008-11-02 09:22:29 +00:00
Ben Laurie
8da07655ee
Fix warning.
2008-11-02 09:00:25 +00:00
Andy Polyakov
befe1fbc29
Fix bss_log.c on Windows.
2008-11-01 21:09:54 +00:00
Ben Laurie
5e4430e70d
More size_tification.
2008-11-01 16:40:37 +00:00
Ben Laurie
4d6e1e4f29
size_tification.
2008-11-01 14:37:00 +00:00
Andy Polyakov
122396f2db
Fix SHA512 and optimize BN for mingw64.
2008-11-01 12:46:18 +00:00
Andy Polyakov
09a60c9833
Fix warnings after commit#17578.
2008-10-31 20:20:54 +00:00
Andy Polyakov
b444ac3e6f
size_t-fy EVP_CIPHER. Note that being size_t-fied it doesn't require
...
underlying cipher to be size_t-fied, it allows for size_t, signed and
unsigned long. It maintains source and even binary compatibility.
2008-10-31 19:48:25 +00:00
Andy Polyakov
f768be81d8
size_t-fy AES, Camellia and RC4.
2008-10-31 19:30:11 +00:00
Dr. Stephen Henson
91173829db
Add install target to crypto/jpake/Makefile
2008-10-31 12:06:25 +00:00
Andy Polyakov
e6b4578540
randfile.c: .rnd can become orphaned on VMS.
...
Submitted by: David North
2008-10-28 16:25:47 +00:00
Andy Polyakov
ea71ec1b11
ec2_mult.c readability update.
2008-10-28 13:53:51 +00:00
Andy Polyakov
f1455b3063
Minor clean-up in bn_lib.c: constification and optimization.
2008-10-28 13:52:51 +00:00
Andy Polyakov
b764f82c64
Fix crash in BN_rshift.
...
PR: 1663
2008-10-28 13:46:14 +00:00
Andy Polyakov
436bdcff4e
Harmonize Camellia API with version 1.x.
2008-10-28 12:13:52 +00:00
Andy Polyakov
27f864e8ac
Camellia update. Quoting camellia.c:
...
/*
* This release balances code size and performance. In particular key
* schedule setup is fully unrolled, because doing so *significantly*
* reduces amount of instructions per setup round and code increase is
* justifiable. In block functions on the other hand only inner loops
* are unrolled, as full unroll gives only nominal performance boost,
* while code size grows 4 or 7 times. Also, unlike previous versions
* this one "encourages" compiler to keep intermediate variables in
* registers, which should give better "all round" results, in other
* words reasonable performance even with not so modern compilers.
*/
2008-10-28 08:47:24 +00:00
Andy Polyakov
80aa9cc985
x86_64-xlate.pl update: refine SEH support.
2008-10-28 08:40:07 +00:00
Dr. Stephen Henson
ab7e09f59b
Win32 fixes... add new directory to build system. Fix warnings.
2008-10-27 12:31:13 +00:00
Dr. Stephen Henson
e9eda23ae6
Fix warnings and various issues.
...
C++ style comments.
Signed/unsigned warning in apps.c
Missing targets in jpake/Makefile
2008-10-27 12:02:52 +00:00
Ben Laurie
6caa4edd3e
Add JPAKE.
2008-10-26 18:40:52 +00:00
Dr. Stephen Henson
df0681e554
Add permanentIdentifier OID.
2008-10-22 18:48:11 +00:00
Dr. Stephen Henson
e19106f5fb
Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros
...
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.
This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
2008-10-22 15:43:01 +00:00
Geoff Thorpe
ae7ec4c71d
Apparently '__top' is also risky, obfuscate further. (All this to
...
avoid inlines...)
2008-10-22 12:00:15 +00:00
Geoff Thorpe
3fdc6c11aa
Use of a 'top' var creates "shadow variable" warnings.
2008-10-22 01:25:45 +00:00
Dr. Stephen Henson
dcf6b3e9b6
Reinstate obj_xref.h as it is not auto generated on all platforms.
2008-10-20 15:12:48 +00:00
Dr. Stephen Henson
606f6c477a
Fix a shed load or warnings:
...
Duplicate const.
Use of ; outside function.
2008-10-20 15:12:00 +00:00
Ben Laurie
0d6f9c7181
Constification.
2008-10-19 22:51:27 +00:00
Dr. Stephen Henson
111a6e2a23
Fix multiple ; warning.
2008-10-18 15:02:59 +00:00
Ben Laurie
d764e7edb8
Fix warning a different way.
2008-10-18 12:12:34 +00:00
Andy Polyakov
aff8259510
Fix argument order in BN_nnmod call and implement rigorous boundary
...
condition check.
2008-10-16 07:54:41 +00:00
Andy Polyakov
256b3e9c5f
Optimize bn_correct_top.
2008-10-15 10:48:52 +00:00
Andy Polyakov
762a2e3cab
Remove redundant BN_ucmp, fix boundary condition in BN_nist_mod_224 and
...
reimplement BN_nist_mod_521.
2008-10-15 10:47:48 +00:00
Ben Laurie
28b6d5020e
Set comparison function in v3_add_canonize().
2008-10-14 19:27:07 +00:00
Dr. Stephen Henson
0f7efbc859
Ooops... remove code accidentally commited from FIPS version.
2008-10-14 15:44:14 +00:00
Dr. Stephen Henson
a7ae4abfd9
Add missing lock definitions...
2008-10-14 15:24:49 +00:00
Dr. Stephen Henson
30661b1b01
Add missing lock definitions.
2008-10-14 15:22:11 +00:00
Ben Laurie
1ea6472e60
Type-safe OBJ_bsearch_ex.
2008-10-14 08:10:52 +00:00
Ben Laurie
babb379849
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
Dr. Stephen Henson
87d3a0cd90
Experimental new date handling routines. These fix issues with X509_time_adj()
...
and should avoid any OS date limitations such as the year 2038 bug.
2008-10-07 22:55:27 +00:00
Lutz Jänicke
1e369b375e
Fix incorrect command for assember file generation on IA64
...
Submitted by: Amadeu A. Barbosa Jr <amadeu@tecgraf.puc-rio.br>
2008-10-06 10:34:49 +00:00
Andy Polyakov
6bf24568bc
Fix EC_KEY_check_key.
2008-09-23 17:33:11 +00:00
Bodo Möller
1a489c9af1
From branch OpenSSL_0_9_8-stable: Allow soft-loading engines.
...
Also, fix CHANGES (consistency with stable branch).
2008-09-15 20:41:24 +00:00
Andy Polyakov
d7235a9d68
Fix yesterday typos in bss_dgram.c.
2008-09-15 05:43:04 +00:00
Geoff Thorpe
fa0f834c20
Fix build warnings.
2008-09-15 04:02:37 +00:00
Andy Polyakov
b9790c1cd4
Winsock handles SO_RCVTIMEO in unique manner...
...
PR: 1648
2008-09-14 19:22:52 +00:00
Bodo Möller
db99c52509
Really get rid of unsafe double-checked locking.
...
Also, "CHANGES" clean-ups.
2008-09-14 13:51:44 +00:00
Bodo Möller
f8d6be3f81
Some precautions to avoid potential security-relevant problems.
2008-09-14 13:42:34 +00:00
Andy Polyakov
492279f6f3
AIX build updates.
2008-09-12 14:45:54 +00:00
Ben Laurie
43048d13c8
Fix warning.
2008-09-07 13:22:34 +00:00
Dr. Stephen Henson
d43c4497ce
Initial support for delta CRLs. If "use deltas" flag is set attempt to find
...
a delta CRL in addition to a full CRL. Check and search delta in addition to
the base.
2008-09-01 15:15:16 +00:00
Dr. Stephen Henson
4b96839f06
Add support for CRLs partitioned by reason code.
...
Tidy CRL scoring system.
Add new CRL path validation error.
2008-08-29 11:37:21 +00:00
Dr. Stephen Henson
249a77f5fb
Add support for freshest CRL extension.
2008-08-27 15:52:05 +00:00
Dr. Stephen Henson
d0fff69dc9
Initial indirect CRL support.
2008-08-20 16:42:19 +00:00
Dr. Stephen Henson
8c9bd89338
Support for certificateIssuer CRL entry extension.
2008-08-18 16:48:47 +00:00
Bodo Möller
2e415778f2
Don't use assertions to check application-provided arguments;
...
and don't unnecessarily fail on input size 0.
2008-08-14 21:37:51 +00:00
Dr. Stephen Henson
9d84d4ed5e
Initial support for CRL path validation. This supports distinct certificate
...
and CRL signing keys.
2008-08-13 16:00:11 +00:00
Dr. Stephen Henson
2e0c7db950
Initial code to support distinct certificate and CRL signing keys where the
...
CRL issuer is not part of the main path.
Not complete yet and not compiled in because the CRL issuer certificate is
not validated.
2008-08-12 16:07:52 +00:00
Dr. Stephen Henson
002e66c0e8
Support for policy mappings extension.
...
Delete X509_POLICY_REF code.
Fix handling of invalid policy extensions to return the correct error.
Add command line option to inhibit policy mappings.
2008-08-12 10:32:56 +00:00
Dr. Stephen Henson
e9746e03ee
Initial support for name constraints certificate extension.
...
TODO: robustness checking on name forms.
2008-08-08 15:35:29 +00:00
Geoff Thorpe
4c3296960d
Remove the dual-callback scheme for numeric and pointer thread IDs,
...
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).
Thanks to Bodo, for invaluable review and feedback.
2008-08-06 15:54:15 +00:00
Andy Polyakov
96826bfc84
sha1-armv4-large cosmetics.
2008-08-06 08:58:45 +00:00
Andy Polyakov
eb1aa135d8
sha1-armv4-large.pl performance improvement. On PXA255 it gives +10% on
...
8KB block, +60% on 1KB, +160% on 256B...
2008-08-06 08:47:07 +00:00
Dr. Stephen Henson
6d6c47980e
Correctly handle errors in CMS I/O code.
2008-08-05 15:55:53 +00:00
Dr. Stephen Henson
3e727a3b37
Add support for nameRelativeToCRLIssuer field in distribution point name
...
fields.
2008-08-04 15:34:27 +00:00
Dr. Stephen Henson
a9ff742e42
Make explicit_policy handling match expected RFC3280 behaviour.
2008-08-02 11:16:35 +00:00
Dr. Stephen Henson
5cbd203302
Initial support for alternative CRL issuing certificates.
...
Allow inibit any policy flag to be set in apps.
2008-07-30 15:49:12 +00:00
Dr. Stephen Henson
592a207b94
Policy validation fixes.
...
Inhibit any policy count should ignore self issued certificates.
Require explicit policy is the number certificate before an explict policy
is required.
2008-07-30 15:41:42 +00:00
Andy Polyakov
b94551e823
perlasm update: implement dataseg directive.
2008-07-22 08:44:31 +00:00
Andy Polyakov
9b634c9b37
x86_64-xlate.pl: implement indirect jump/calls, support for Win64 SEH.
2008-07-22 08:42:06 +00:00
Bodo Möller
5b331ab77a
We should check the eight bytes starting at p[-9] for rollback attack
...
detection, or the probability for an erroneous RSA_R_SSLV3_ROLLBACK_ATTACK
will be larger than necessary.
PR: 1695
2008-07-17 22:11:53 +00:00
Andy Polyakov
dd6f479ea8
mem_dbg.c: avoid compiler warnings.
...
PR: 1693
Submitted by: Stefan Neis
2008-07-17 13:58:21 +00:00
Andy Polyakov
87facba376
Remove junk argument to function_begin in sha/asm/*-586.pl.
...
PR: 1681
2008-07-17 09:50:56 +00:00
Andy Polyakov
e4662fdb62
x86masm.pl: harmonize functions' alignment.
2008-07-17 09:46:09 +00:00
Bodo Möller
efa73a77e4
Make sure not to read beyond end of buffer
2008-07-16 18:10:27 +00:00
Andy Polyakov
89778b7f3f
x86_64cpuid.pl cosmetics: harmonize $dir treatment with other modules.
2008-07-15 19:52:20 +00:00
Andy Polyakov
c79c5a256b
des-596.pl update: short-circuit reference to DES_SPtrans.
2008-07-15 13:24:16 +00:00
Andy Polyakov
9960bdc6fa
x86masm.pl cosmetics.
2008-07-15 13:16:42 +00:00
Andy Polyakov
23dcb447ff
x86nasm.pl update: use pre-defined macros and allow for /safeseh link.
2008-07-15 12:50:44 +00:00
Dr. Stephen Henson
34d05a4023
Zero is a valid value for any_skip and map_skip
2008-07-13 22:38:18 +00:00