Commit graph

4399 commits

Author SHA1 Message Date
Richard Levitte
6da980e2b5 Make sure the source file is included among the dependencies. This is
the norm for 'gcc -M' but not for 'makedepend', and is merely
introduced here to avoid commit wars.
2001-07-31 17:02:44 +00:00
Lutz Jänicke
7ea0acc3ef Reworked manual pages with a lot of input from Bodo Moeller. 2001-07-31 15:06:43 +00:00
Lutz Jänicke
37f599bcec Reworked manual pages with a lot of input from Bodo Moeller. 2001-07-31 15:04:50 +00:00
Ben Laurie
8408f4fbc7 Document DES changes better. 2001-07-31 13:33:58 +00:00
Ben Laurie
534164ef90 Remove old unused stuff. 2001-07-31 12:03:26 +00:00
Lutz Jänicke
dd186f600d Only set the verify callback if there's one to set! 2001-07-31 10:20:53 +00:00
Lutz Jänicke
e32c852e1e Indent. 2001-07-31 10:19:20 +00:00
Richard Levitte
dbfc0f8c2b Vade retro C++ comments!
(Latin for "comments", anyone?)
2001-07-31 09:15:52 +00:00
Richard Levitte
3728974460 Make as sure as possible that gethostname() will be properly declared. 2001-07-31 08:50:20 +00:00
Richard Levitte
fdc2bbcacb Correct most of the unsigned vs. signed warnings (or int vs. size_t),
and rename some local variables to avoid name shadowing.
2001-07-31 08:45:40 +00:00
Richard Levitte
c2a3358b60 Whoops, my fault, a backslash got converted to a slash... 2001-07-31 08:44:28 +00:00
Richard Levitte
882e891284 More Kerberos SSL changes from Jeffrey Altman <jaltman@columbia.edu>
His comments are:

First, it corrects a problem introduced in the last patch where the
kssl_map_enc() would intentionally return NULL for valid ENCTYPE
values.  This was done to prevent verification of the kerberos 5
authenticator from being performed when Derived Key ciphers were
in use.  Unfortunately, the authenticator verification routine was
not the only place that function was used.  And it caused core dumps.

Second, it attempt to add to SSL_SESSION the Kerberos 5 Client
Principal Name.
2001-07-31 07:21:06 +00:00
Ben Laurie
05bbf78afd Remove //. 2001-07-31 06:47:23 +00:00
Richard Levitte
99ecb90a99 make update 2001-07-31 06:40:10 +00:00
Ben Laurie
dbad169019 Really add the EVP and all of the DES changes. 2001-07-30 23:57:25 +00:00
Ben Laurie
3ba5d1cf2e Make EVPs allocate context memory, thus making them extensible. Rationalise
DES's keyschedules.

I know these two should be separate, and I'll back out the DES changes if they
are deemed to be an error.

Note that there is a memory leak lurking in SSL somewhere in this version.
2001-07-30 17:46:22 +00:00
Ben Laurie
be2e2c3297 Only set the verify callback if there's one to set! 2001-07-30 17:17:26 +00:00
Andy Polyakov
ed0015284b Just a "get to know your system" bit. 2001-07-30 16:46:37 +00:00
Andy Polyakov
6d03b73e35 Enhanced support for IA-64 Linux and HP-UX (as well as better support for
HP-UX in common in ./config). Note that for the moment of this writing
none of 64-bit platforms pass bntest. I'm committing this anyway as it's
too frustrating to patch snapshots over and over while 0.9.6 is known to
work.
2001-07-30 16:42:15 +00:00
Andy Polyakov
622d3d3592 Support for Intel and HP-UXi assemblers. 2001-07-30 15:54:13 +00:00
Ben Laurie
0e06354402 ANSIfication. 2001-07-30 15:33:46 +00:00
Andy Polyakov
62c271610b Typo in stty command lines. 2001-07-30 14:33:58 +00:00
Lutz Jänicke
01fc70323f Don't miss files... 2001-07-30 11:51:06 +00:00
Lutz Jänicke
db089ad60d Don't miss files... 2001-07-30 11:50:37 +00:00
Lutz Jänicke
03a70bad4f Fix inconsistent behaviour with respect to verify_callback handling. 2001-07-30 11:48:20 +00:00
Lutz Jänicke
1f0c9ad7e1 Fix inconsistent behaviour with respect to verify_callback handling. 2001-07-30 11:45:34 +00:00
Lutz Jänicke
7146221bbe Forgot to mention second fix. 2001-07-30 11:44:14 +00:00
Lutz Jänicke
06efc222f9 Forgot to mention second fix. 2001-07-30 11:33:53 +00:00
Bodo Möller
de3333bae4 length of secret exponent is needed only when we create one 2001-07-27 22:45:35 +00:00
Bodo Möller
80a8d1406b length of secret exponent is needed only when we create one 2001-07-27 22:45:19 +00:00
Bodo Möller
924875e53b Undo DH_generate_key() change: s3_srvr.c was using it correctly 2001-07-27 22:34:25 +00:00
Bodo Möller
1a76a85c93 Undo DH_generate_key() change: s3_srvr.c was using it correctly 2001-07-27 22:34:00 +00:00
Lutz Jänicke
cf1b34ad34 Another uninitialized static that may lead to problems on Solaris under some
circumstances.
2001-07-27 12:36:16 +00:00
Lutz Jänicke
3a64458217 Another uninitialized static that may lead to problems on Solaris under some
circumstances.
2001-07-27 12:35:27 +00:00
Richard Levitte
ea71c22731 Addapt VMS script to the latest changes in the makefiles. 2001-07-27 07:47:51 +00:00
Dr. Stephen Henson
dc706cd35f Make sure *outl is always initialized in EVP_EncryptUpdate(). 2001-07-27 02:24:47 +00:00
Dr. Stephen Henson
1241126adf More linker bloat reorganisation:
Split private key PEM and normal PEM handling. Private key
handling needs to link in stuff like PKCS#8.

Relocate the ASN1 *_dup() functions, to the relevant ASN1
modules using new macro IMPLEMENT_ASN1_DUP_FUNCTION. Previously
these were all in crypto/x509/x_all.c along with every ASN1
BIO/fp function which linked in *every* ASN1 function if
a single dup was used.

Move the authority key id ASN1 structure to a separate file.
This is used in the X509 routines and its previous location
linked in all the v3 extension code.

Also move ASN1_tag2bit to avoid linking in a_bytes.c which
is now largely obsolete.

So far under Linux stripped binary with single PEM_read_X509
is now 238K compared to 380K before these changes.
2001-07-27 02:22:42 +00:00
Dr. Stephen Henson
19da130053 First of several reorganisations to
reduce linker bloat. For example the
single line:

PEM_read_X509()

results in a binary of around 400K in Linux!

This first step separates some of the PEM functions and
avoids linking in some PKCS#7 and PKCS#12 code.
2001-07-26 22:34:45 +00:00
Lutz Jänicke
44d4b684f9 Fix problem occuring when used from OpenSSH on Solaris 8. 2001-07-26 09:03:42 +00:00
Lutz Jänicke
a75b191502 Fix problem occuring when used from OpenSSH on Solaris 8. 2001-07-26 09:02:44 +00:00
Bodo Möller
e5cb260365 DH key generation should not use a do ... while loop,
or bogus DH parameters can be used for launching DOS attacks
2001-07-25 17:48:51 +00:00
Bodo Möller
746142d672 DH key generation should not use a do ... while loop,
or bogus DH parameters can be used for launching DOS attacks
2001-07-25 17:48:40 +00:00
Bodo Möller
6aecef815c Don't preserve existing keys in DH_generate_key. 2001-07-25 17:20:34 +00:00
Bodo Möller
475e21bc7b Don't preserve existing keys in DH_generate_key. 2001-07-25 17:20:16 +00:00
Bodo Möller
5204726bfe md_rand.c thread safety 2001-07-25 17:18:02 +00:00
Bodo Möller
daba492c3a md_rand.c thread safety 2001-07-25 17:17:24 +00:00
Bodo Möller
27f3a1bd9c always reject data >= n 2001-07-25 17:03:22 +00:00
Bodo Möller
24cff6ced5 always reject data >= n 2001-07-25 17:02:58 +00:00
Andy Polyakov
ac7b42610f Support for 64-bit Solaris build with GCC 3.0 and later. It should be
explicitely noted that 64-bit SPARCv9 ABI is not officially supported
by GCC 3.0 (support is scheduled for 3.1 release), but it appears to
work, at the very least 'make test' passes...
2001-07-25 15:58:57 +00:00
Lutz Jänicke
b1a810571c Fix wrong information about SSL_set_connect_state(). 2001-07-25 12:13:46 +00:00