Commit graph

481 commits

Author SHA1 Message Date
Richard Levitte
cc79f06c0a Handle CT error macros separately
Because the default error macro generator assumes the header file with
error macros is in include/openssl and therefore generates a C file
with error texts that include <openssl/{name}.h>, we need to generate
the error macros and texts for CT separately, since the CT module
doesn't follow the default criteria.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-10-21 23:57:29 +02:00
Adam Eijdenberg
3149baf83c Initial commit for Certificate Transparency support
Original authors:
Rob Stradling <rob@comodo.com>
Dr. Stephen Henson <steve@openssl.org>

Reviewed-by: Emilia Kasper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-10-09 11:32:25 +02:00
Richard Levitte
0f539dc1a2 Fix the update target and remove duplicate file updates
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in.  This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.

This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-22 18:44:33 +02:00
Richard Levitte
a3aadb2d9c make depend
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:38:31 +02:00
Richard Levitte
b39fc56061 Identify and move common internal libcrypto header files
There are header files in crypto/ that are used by a number of crypto/
submodules.  Move those to crypto/include/internal and adapt the
affected source code and Makefiles.

The header files that got moved are:

crypto/cryptolib.h
crypto/md32_common.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:21:40 +02:00
Rich Salz
b4faea50c3 Use safer sizeof variant in malloc
For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-04 15:00:13 -04:00
Rich Salz
25aaa98aa2 free NULL cleanup -- coda
After the finale, the "real" final part. :)  Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-01 14:37:16 -04:00
Rich Salz
efa7dd6444 free NULL cleanup 11
Don't check for NULL before calling free functions. This gets:
        ERR_STATE_free
        ENGINE_free
        DSO_free
        CMAC_CTX_free
        COMP_CTX_free
        CONF_free
        NCONF_free NCONF_free_data _CONF_free_data
        A sk_free use within OBJ_sigid_free
        TS_TST_INFO_free (rest of TS_ API was okay)
        Doc update for UI_free (all uses were fine)
        X509V3_conf_free
        X509V3_section_free
        X509V3_string_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:15:18 -04:00
Rich Salz
b548a1f11c free null cleanup finale
Don't check for NULL before calling OPENSSL_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:02:07 -04:00
Rich Salz
2d29e2df0c realloc of NULL is like malloc
ANSI C, and OpenSSL's malloc wrapper do this, also.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 16:34:52 -04:00
Rich Salz
b196e7d936 remove malloc casts
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 15:28:14 -04:00
Rich Salz
3e47caff48 ERR_ cleanup
Remove ERR_[gs]et_implementation as they were not undocumented and
useless (the data structure was opaque).

Halve the number of lock/unlock calls in almost all ERR_
functions by letting the caller of get_hash or int_thread_set
able to lock.  Very useful when looping, such as adding errors,
or when getting the hash and immediately doing a lookup on it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 10:50:54 -04:00
Richard Levitte
a80e33b991 Remove EXHEADER, TEST, APPS, links:, install: and uninstall: where relevant
With no more symlinks, there's no need for those variables, or the links
target.  This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.

Also, removed METHTEST from test/Makefile.  It looks like an old test that's
forgotten...

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Richard Levitte
dee502be89 Stop symlinking, move files to intended directory
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.

Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.

Originally-by: Geoff Thorpe <geoff@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Rich Salz
10bf4fc2c3 Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC
Suggested by John Foley <foleyj@cisco.com>.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-11 09:29:37 -04:00
Rich Salz
a00ae6c46e OPENSSL_NO_xxx cleanup: many removals
The following compile options (#ifdef's) are removed:
    OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY
    OPENSSL_NO_EVP OPENSSL_NO_FIPS_ERR OPENSSL_NO_HASH_COMP
    OPENSSL_NO_LHASH OPENSSL_NO_OBJECT OPENSSL_NO_SPEED OPENSSL_NO_STACK
    OPENSSL_NO_X509 OPENSSL_NO_X509_VERIFY

This diff is big because of updating the indents on preprocessor lines.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 10:06:22 -05:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Rich Salz
4b618848f9 Cleanup OPENSSL_NO_xxx, part 1
OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160
OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO
Two typo's on #endif comments fixed:
	OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB
	OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-14 15:57:28 -05:00
Matt Caswell
53e95716f5 Change all instances of OPENSSL_NO_DEPRECATED to OPENSSL_USE_DEPRECATED
Introduce use of DECLARE_DEPRECATED

Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-12-18 19:57:14 +00:00
Dr. Stephen Henson
05417a3476 Remove FIPS error library from openssl.ec mkerr.pl
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
f072785eb4 Remove fipscanister build functionality from makefiles.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 13:23:45 +00:00
Kurt Roeckx
45f55f6a5b Remove SSLv2 support
The only support for SSLv2 left is receiving a SSLv2 compatible client hello.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 11:55:03 +01:00
Rich Salz
8cfe08b4ec Remove all .cvsignore files
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-11-28 18:32:43 -05:00
Bodo Moeller
0b382a8e8d Fix SSL_R naming inconsistency.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-15 14:48:14 +02:00
Bodo Moeller
cf6da05304 Support TLS_FALLBACK_SCSV.
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-15 04:03:28 +02:00
Veres Lajos
478b50cf67 misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
Dr. Stephen Henson
f20c673d0d Don't include comp.h if no-comp set. 2013-01-20 02:34:25 +00:00
Dr. Stephen Henson
c1faa8b5b2 make no-comp compile 2012-12-30 16:04:51 +00:00
Dr. Stephen Henson
a1644902eb add ssl_locl.h to err header files, rebuild ssl error strings 2012-07-19 14:45:36 +00:00
Bodo Möller
ae53b299fa make update 2011-09-05 09:46:15 +00:00
Dr. Stephen Henson
644ce07ecd Move function prototype to fips.h 2011-06-06 11:56:58 +00:00
Dr. Stephen Henson
4c8855b975 Add missing error code strings. 2011-04-06 18:17:05 +00:00
Richard Levitte
c6dbe90895 make update 2011-03-24 22:59:02 +00:00
Ben Laurie
edc032b5e3 Add SRP support. 2011-03-12 17:01:19 +00:00
Dr. Stephen Henson
a1e7883edb Add meaningful error codes to DRBG. 2011-03-08 14:16:30 +00:00
Dr. Stephen Henson
b7056b6414 Update dependencies. 2011-02-21 17:51:59 +00:00
Dr. Stephen Henson
14ae26f2e4 Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files
that use it.
2011-02-03 17:00:24 +00:00
Dr. Stephen Henson
cc5c772abd Include fips header file in err_all.c if needed. 2011-02-03 16:03:21 +00:00
Dr. Stephen Henson
65041aa27e Add FIPS error codes. 2011-02-03 15:58:43 +00:00
Dr. Stephen Henson
3dd9b31dc4 Provisional, experimental support for DSA2 parameter generation algorithm.
Not properly integrated or tested yet.
2011-01-31 19:44:09 +00:00
Dr. Stephen Henson
df6de39fe7 Change AR to ARX to allow exclusion of fips object modules 2011-01-26 16:08:08 +00:00
Dr. Stephen Henson
5ca9cb7cbd FIPS mode ERR changes. Redirect errors to tiny FIPS callbacks to avoid ERR
library dependencies.
2011-01-26 15:53:07 +00:00
Dr. Stephen Henson
78c4572296 add va_list version of ERR_add_error_data 2011-01-14 15:13:37 +00:00
Dr. Stephen Henson
19674b5a1d PR: 2253
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Check callback return value when outputting errors.
2010-05-15 00:34:06 +00:00
Dr. Stephen Henson
a0778bfae5 Add COMP error strings. 2009-08-09 14:58:37 +00:00
Bodo Möller
7a76219774 Implement Configure option pattern "experimental-foo"
(specifically, "experimental-jpake").
2008-12-02 01:21:39 +00:00
Dr. Stephen Henson
79bd20fd17 Update from stable-branch. 2008-11-24 17:27:08 +00:00
Dr. Stephen Henson
ed551cddf7 Update from stable branch. 2008-11-12 17:28:18 +00:00
Ben Laurie
6caa4edd3e Add JPAKE. 2008-10-26 18:40:52 +00:00
Geoff Thorpe
4c3296960d Remove the dual-callback scheme for numeric and pointer thread IDs,
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).

Thanks to Bodo, for invaluable review and feedback.
2008-08-06 15:54:15 +00:00
Geoff Thorpe
5f834ab123 Revert my earlier CRYPTO_THREADID commit, I will commit a reworked
version some time soon.
2008-07-03 19:59:25 +00:00
Dr. Stephen Henson
a01a351cc2 Update from stable branch. 2008-06-16 15:51:48 +00:00
Dr. Stephen Henson
ab3eafd5b5 Stop warning about extra ';' outside of function. 2008-05-31 19:17:25 +00:00
Ben Laurie
3c1d6bbc92 LHASH revamp. make depend. 2008-05-26 11:24:29 +00:00
Dr. Stephen Henson
e45641bd17 Fix typo and add header files to err library. 2008-04-06 15:53:29 +00:00
Geoff Thorpe
f7ccba3edf There was a need to support thread ID types that couldn't be reliably cast
to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed
version was added but it required portable code to check *both* modes to
determine equality. This commit maintains the availability of both thread
ID types, but deprecates the type-specific accessor APIs that invoke the
callbacks - instead a single type-independent API is used.  This simplifies
software that calls into this interface, and should also make it less
error-prone - as forgetting to call and compare *both* thread ID accessors
could have led to hard-to-debug/infrequent bugs (that might only affect
certain platforms or thread implementations). As the CHANGES note says,
there were corresponding deprecations and replacements in the
thread-related functions for BN_BLINDING and ERR too.
2008-03-28 02:49:43 +00:00
Dr. Stephen Henson
fe591284be Update dependencies. 2008-03-22 18:52:03 +00:00
Dr. Stephen Henson
8931b30d84 And so it begins...
Initial support for CMS.

Add zlib compression BIO.

Add AES key wrap implementation.

Generalize S/MIME MIME code to support CMS and/or PKCS7.
2008-03-12 21:14:28 +00:00
Dr. Stephen Henson
74633553a9 Experimental HMAC support via EVP_PKEY_METHOD. 2007-04-11 12:33:06 +00:00
Dr. Stephen Henson
5894b98f99 Update from 0.9.7-stable branch. 2006-12-07 13:29:08 +00:00
Bodo Möller
48fc582f66 New functions CRYPTO_set_idptr_callback(),
CRYPTO_get_idptr_callback(), CRYPTO_thread_idptr() for a 'void *' type
thread ID, since the 'unsigned long' type of the existing thread ID
does not always work well.
2006-06-23 15:21:36 +00:00
Bodo Möller
675f605d44 Thread-safety fixes 2006-06-14 08:55:23 +00:00
Ulf Möller
3b408d83fe make update 2006-02-12 23:21:56 +00:00
Ulf Möller
c7235be6e3 RFC 3161 compliant time stamp request creation, response generation
and response verification.

Submitted by: Zoltan Glozik <zglozik@opentsa.org>
Reviewed by: Ulf Moeller
2006-02-12 23:11:56 +00:00
Dr. Stephen Henson
15ac971681 Update filenames in makefiles. 2006-02-04 01:45:59 +00:00
Nils Larsch
8c5a2bd6bb add additional checks + cleanup
Submitted by: David Hartman <david_hartman@symantec.com>
2006-01-29 23:12:22 +00:00
Bodo Möller
739a543ea8 Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts) 2006-01-08 19:42:30 +00:00
Andy Polyakov
25a66ee3cb Move cryptlib.h prior bio.h. Actually it makes sense to include cryptlib.h
first everywhere in crypto and skip stdio.h and string.h [because it
includes them].
2005-05-17 00:01:48 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
2005-05-16 16:55:47 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
bc3cae7e7d Include error library value in C error source files instead of fixing up
at runtime.
2005-04-12 13:31:14 +00:00
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Nils Larsch
70f34a5841 some const fixes and cleanup 2005-04-05 10:29:43 +00:00
Ben Laurie
41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Richard Levitte
a2ac429da2 Don't use $(EXHEADER) directly in for loops, as most shells will break
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Dr. Stephen Henson
a25aca2943 Oops, wrong version... 2004-07-27 00:19:58 +00:00
Dr. Stephen Henson
48c524827b Add FIPS library name to error routines. 2004-07-27 00:19:18 +00:00
Geoff Thorpe
c57bc2dc51 make update 2004-04-19 18:33:41 +00:00
Geoff Thorpe
3a87a9b9db Reduce header interdependencies, initially in engine.h (the rest of the
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
2004-04-19 17:46:04 +00:00
Richard Levitte
a5e8bcfb7b We're passed p, so let's use p instead of making assumptions. 2004-01-24 01:16:02 +00:00
Richard Levitte
79b42e7654 Use sh explicitely to run point.sh
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:59:07 +00:00
Richard Levitte
d420ac2c7d Use BUF_strlcpy() instead of strcpy().
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:40:17 +00:00
Richard Levitte
11171f3c74 Add reference counting around the thread state hash table.
Unfortunately, this means that the dynamic ENGINE version just went up, and
isn't backward compatible.
PR: 678
2003-09-27 20:29:05 +00:00
Richard Levitte
c78b4f1d3d Remove unused variable 2003-06-11 21:47:21 +00:00
Richard Levitte
54f6451670 Add functionality to set marks on the error stack and to pop all errors to the next mark. 2003-06-11 20:49:58 +00:00
Richard Levitte
d1465bac90 make update 2003-05-01 04:10:32 +00:00
Richard Levitte
a5db6fa576 Define a STORE type. For documentation, read the entry in CHANGES,
crypto/store/README, crypto/store/store.h and crypto/store/str_locl.h.
2003-05-01 03:53:12 +00:00
Richard Levitte
08a54f6e6a Make sure we get the definition of OPENSSL_NO_FP_API. 2003-03-20 23:24:47 +00:00
Richard Levitte
758f942b88 Make the no-err option work properly 2003-02-18 12:14:57 +00:00
Richard Levitte
0b13e9f055 Add the possibility to build without the ENGINE framework.
PR: 287
2003-01-30 17:39:26 +00:00
Bodo Möller
365e14622a update error library for EC... changes
Submitted by: Nils Larsch
2003-01-15 11:47:28 +00:00
Richard Levitte
5e42f9ab46 make update 2002-12-29 01:38:15 +00:00
Richard Levitte
677532629d makedepend complains when a header file is included more than once in
the same source file.
2002-10-14 10:02:36 +00:00
Richard Levitte
001ab3abad Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:25:12 +00:00
Bodo Möller
74cc4903ef make update 2002-08-09 12:16:15 +00:00
Bodo Möller
e172d60ddb Add ECDH support.
Additional changes:
 - use EC_GROUP_get_degree() in apps/req.c
 - add ECDSA and ECDH to apps/speed.c
 - adds support for EC curves over binary fields to ECDSA
 - new function EC_KEY_up_ref() in crypto/ec/ec_key.c
 - reorganize crypto/ecdsa/ecdsatest.c
 - add engine support for ECDH
 - fix a few bugs in ECDSA engine support

Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-09 08:43:04 +00:00
Bodo Möller
819ff32dc4 New error code ERR_R_DISABLED
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-02 12:27:21 +00:00
Lutz Jänicke
3aecef7697 "make update" 2002-07-30 12:44:33 +00:00
Bodo Möller
5dbd3efce7 Replace 'ecdsaparam' commandline utility by 'ecparam'
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.

Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.

Fix ec_asn1.c (take into account the desired conversion form).

'make update'.

Submitted by: Nils Larsch
2002-07-14 16:54:31 +00:00
Richard Levitte
17085b022c Pass CFLAG to dependency makers, so non-standard system include paths are
handled properly.
Part of PR 75
2002-06-27 16:39:25 +00:00
Ben Laurie
d15711efc6 Handle read errors. 2002-06-11 12:41:37 +00:00
Lutz Jänicke
af9675e75a ERR_file_name is no longer being used. 2002-04-22 13:54:50 +00:00
Richard Levitte
016029c69f For some reason, getting the topmost error was done the same way as
getting the bottommost one.  I hope I understood correctly how this
should be done.  It seems to work when running evp_test in an
environment where it can't find openssl.cnf.
2002-02-14 13:45:26 +00:00
Bodo Möller
4d94ae00d5 ECDSA support
Submitted by: Nils Larsch <nla@trustcenter.de>
2002-02-13 18:21:51 +00:00
Bodo Möller
273db408a8 sort functions ... 2002-01-24 17:17:33 +00:00
Bodo Möller
a14e2d9dfe New functions
ERR_peek_last_error
    ERR_peek_last_error_line
    ERR_peek_last_error_line_data
(supersedes ERR_peek_top_error).

Rename OPENSSL_NO_OLD_DES_SUPPORT into OPENSSL_DISABLE_OLD_DES_SUPPORT
because OPENSSL_NO_... indicates disabled algorithms (according to
mkdef.pl).
2002-01-24 16:16:43 +00:00
Ben Laurie
0fc5cf0870 Make no config file not an error. Move /dev/crypto config to ctrl. 2002-01-22 22:29:58 +00:00
Richard Levitte
a92ae07091 And just for the sake of completeness, let's add some standard macros... 2001-12-21 01:12:29 +00:00
Richard Levitte
68809d3969 Better use the same number in all branches, to avoid confusion 2001-12-21 01:08:40 +00:00
Richard Levitte
f8000b9345 'make update' 2001-10-04 07:49:09 +00:00
Richard Levitte
98c2a26ea6 In case of memory problems, the va_start() wasn't cleaned with a va_end().
Noticed by Thomas Klausner <wiz@danbala.ifoer.tuwien.ac.at>.
2001-09-24 13:39:48 +00:00
Geoff Thorpe
409960491d ENGINE files were renamed, and error strings are now in eng_err.c 2001-09-12 01:54:17 +00:00
Bodo Möller
9f29ec4721 fix memory leak (I think) 2001-09-10 18:50:09 +00:00
Bodo Möller
b9a20b5057 remove an old comment 2001-09-10 18:49:25 +00:00
Bodo Möller
78f7923580 Totally get rid of CRYPTO_LOCK_ERR_HASH.
In err.c, flags int_error_hash_set and int_thread_hash_set
appear superfluous since we can just as well initialize
int_error_hash and int_thread_hash to NULL.

Change some of the err.c formatting to conform with the rest of
OpenSSL.
2001-09-06 12:37:36 +00:00
Bodo Möller
e4decc418a typo 2001-09-04 11:57:17 +00:00
Bodo Möller
cf5bfbfc21 Now that we have ERR_unload_strings(), ERR_load_ERR_strings() must
always load its strings because they might have been unloaded
since the 'init' flag was deleted.

But build_SYS_str_reasons() can use an 'init' flag.
2001-09-04 11:49:14 +00:00
Bodo Möller
567fef894e changing something requires a write lock, not a read lock 2001-09-04 11:15:55 +00:00
Geoff Thorpe
1738bb61e1 Add a new ERR function, "ERR_unload_strings", to complement the existing
"ERR_load_strings" function.
2001-09-03 18:24:56 +00:00
Geoff Thorpe
566bdf2bda This changes the "ERR" code to have all access to state (a hash table of
error strings and a hash table storing per-thread error state) go via an
ERR_FNS function table. The first time an ERR operation occurs, the
implementation that will be used (from then on) is set to the internal
"defaults" implementation if it has not already been set. The actual LHASH
tables are only accessed by this implementation.

This is primarily for modules that can be loaded at run-time and bound into
an application (or a shared-library version of OpenSSL). If the module has
its own statically-linked copy of OpenSSL code - this mechanism allows it
to *not* create and use ERR information in its own linked "ERR" code, but
instead to use and interact with the state stored in the loader
(application or shared library). The loader calls ERR_get_implementation()
and the return value is what the module should use when calling its own
copy of ERR_set_implementation().
2001-08-25 17:51:59 +00:00
Ben Laurie
d66ace9da5 Start to reduce some of the header bloat. 2001-08-05 18:02:16 +00:00
Richard Levitte
710e5d5639 make update 2001-07-31 17:07:24 +00:00
Ben Laurie
dbad169019 Really add the EVP and all of the DES changes. 2001-07-30 23:57:25 +00:00
Bodo Möller
6a184a6098 Translate into valid C (don't call functions with wrong prototypes). 2001-06-25 10:09:55 +00:00
Richard Levitte
55dcfa421c make update 2001-06-23 16:43:03 +00:00
Richard Levitte
8ada6e7705 New error printing function that gives the possibility to print the
errors through an arbitrary function.
2001-06-23 15:06:17 +00:00
Richard Levitte
7f657f342a Include the UI error strings. 2001-06-23 15:04:51 +00:00
Richard Levitte
2b49dd1e8f 'make update' 2001-06-05 20:32:36 +00:00
Richard Levitte
a63d5eaab2 Add a general user interface API. This is designed to replace things
like des_read_password and friends (backward compatibility functions
using this new API are provided).  The purpose is to remove prompting
functions from the DES code section as well as provide for prompting
through dialog boxes in a window system and the like.
2001-05-06 23:19:37 +00:00
Bodo Möller
5d8094143e More error_data memory leaks 2001-03-15 11:30:10 +00:00
Bodo Möller
d3ee37c5d9 Use err_clear_data macro 2001-03-13 07:02:59 +00:00
Bodo Möller
f51cf14b85 fix memory leak in err.c 2001-03-12 18:07:20 +00:00
Bodo Möller
4e20b1a656 Instead of telling both 'make' and the user that ranlib
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
2001-03-09 14:01:42 +00:00
Bodo Möller
b28ec12420 Fixes to make 'no-ec' work (it should not turn 'objects' into 'objts' for example) 2001-03-08 19:34:14 +00:00
Bodo Möller
3285076c8e Integrate ec_err.[co].
"make depend"
2001-03-08 12:30:12 +00:00
Bodo Möller
de10f6900d Sort openssl.ec, the configuration file for mkerr.pl.
Change mkerr.pl so that it puts the ERR_load_..._strings()
prototype in header files that it writes.
2001-03-08 12:14:25 +00:00
Bodo Möller
b576337e8b Order ERR_load_... calls like the stuff in err.h. 2001-03-08 11:59:03 +00:00
Bodo Möller
4de633dd5f Get rid of '#define ERR_file_name __FILE__', which is unnecessary indirection.
(It cannot possibly help to avoid duplicate 'name of file' strings
in object files because the preprocessor does not work at object file
level.)
2001-03-08 11:45:44 +00:00
Bodo Möller
5277d7cb7c Fix ERR_R_... problems. 2001-03-07 01:19:07 +00:00
Bodo Möller
65e8167079 Move ec.h to ec2.h because it is not compatible with what we will use.
Add EC vaporware: change relevant Makefiles and add some empty source
files.

"make update".
2001-03-05 20:13:37 +00:00
Richard Levitte
d88a26c489 make update
Note that all *_it variables are suddenly non-existant according to
libeay.num.  This is a bug that will be corrected.  Please be patient.
2001-02-26 10:54:08 +00:00
Richard Levitte
41d2a336ee e_os.h does not belong with the exported headers. Do not put it there
and make all files the depend on it include it without prefixing it
with openssl/.

This means that all Makefiles will have $(TOP) as one of the include
directories.
2001-02-22 14:45:02 +00:00
Richard Levitte
bc36ee6227 Use new-style system-id macros everywhere possible. I hope I haven't
missed any.

This compiles and runs on Linux, and external applications have no
problems with it.  The definite test will be to build this on VMS.
2001-02-20 08:13:47 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Ben Laurie
4978361212 Make depend. 2001-02-04 21:06:55 +00:00
Dr. Stephen Henson
8e96183506 Modify OCSP API to more closely reflect
application needs.

Add OCSP library name to error code.
2001-01-05 03:31:51 +00:00
Dr. Stephen Henson
a8312c0e24 Fix typo in OCSP nonce extension.
Set correct type in ASN1_STRING for
INTEGER and ENUMERATED types.

Make ASN1_INTEGER_get() and ASN1_ENUMERATED_get()
return -1 for invalid type rather than 0 (which is
often valid). -1 may also be valid but this is less
likely.

Load OCSP error strings in ERR_load_crypto_strings().
2001-01-04 19:53:48 +00:00
Richard Levitte
8d28d5f81b Constification of the data of a hash table. This means the callback
functions need to be constified, and therefore meant a number of easy
changes a little everywhere.

Now, if someone could explain to me why OBJ_dup() cheats...
2000-12-13 17:15:03 +00:00
Geoff Thorpe
d0fa136ce2 Next step in tidying up the LHASH code.
DECLARE/IMPLEMENT macros now exist to create type (and prototype) safe
wrapper functions that avoid the use of function pointer casting yet retain
type-safety for type-specific callbacks. However, most of the usage within
OpenSSL itself doesn't really require the extra function because the hash
and compare callbacks are internal functions declared only for use by the
hash table. So this change catches all those cases and reimplements the
functions using the base-level LHASH prototypes and does per-variable
casting inside those functions to convert to the appropriate item type.

The exception so far is in ssl_lib.c where the hash and compare callbacks
are not static - they're exposed in ssl.h so their prototypes should not be
changed. In this last case, the IMPLEMENT_LHASH_*** macros have been left
intact.
2000-12-08 20:02:01 +00:00
Geoff Thorpe
97b1719583 Make the remaining LHASH macro changes. This should leave no remaining
cases of function pointer casting in lh_new() calls - and leave only the
lh_doall and lh_doall_arg cases to be finished.
2000-12-04 03:02:44 +00:00
Geoff Thorpe
385d81380c First step in tidying up the LHASH code. The callback prototypes (and
casts) used in the lhash code are about as horrible and evil as they can
be. For starters, the callback prototypes contain empty parameter lists.
Yuck.

This first change defines clearer prototypes - including "typedef"'d
function pointer types to use as "hash" and "compare" callbacks, as well as
the callbacks passed to the lh_doall and lh_doall_arg iteration functions.
Now at least more explicit (and clear) casting is required in all of the
dependant code - and that should be included in this commit.

The next step will be to hunt down and obliterate some of the function
pointer casting being used when it's not necessary - a particularly evil
variant exists in the implementation of lh_doall.
2000-12-01 20:31:52 +00:00
Ulf Möller
6a8ba34f9d in some new file names the first 8 characters were not unique 2000-11-12 22:32:18 +00:00
Richard Levitte
ccb9643f02 Remove references to RSAref. The glue library is but a memory to fade
away now...
2000-11-08 17:51:37 +00:00
Richard Levitte
eb64730b9c The majority of the OCSP code from CertCo. 2000-10-27 11:05:35 +00:00
Richard Levitte
5270e7025e Merge the engine branch into the main trunk. All conflicts resolved.
At the same time, add VMS support for Rijndael.
2000-10-26 21:07:28 +00:00
Richard Levitte
3ab5651112 The experimental Rijndael code moved to the main trunk.
make update done.
2000-10-14 20:09:54 +00:00
Richard Levitte
4e20a4e688 'ranlib' doesn't always run on some systems. That's actually
acceptable, since all that happens if it fails is a library with
an index, which makes linking slower, but still working correctly.
2000-09-25 08:53:15 +00:00
Richard Levitte
62ab514e98 'make update' 2000-09-07 08:46:51 +00:00
Ben Laurie
065866b28d Use the passed buffer in ERR_error_string! 2000-08-28 10:57:01 +00:00
Richard Levitte
3009458e2f MD4 implemented. Assar Westerlund provided the digest code itself and the test utility, I added the bits to get a EVP interface, the command line utility and the speed test 2000-08-14 14:05:53 +00:00
Dr. Stephen Henson
033d001e90 Fix warnings.
In crypto/err/err.c need to initialise p to
NULL in case thread_hash is NULL. Otherwise
p will be uninitialized.
2000-07-26 01:39:23 +00:00
Richard Levitte
34f0fe9de0 Avoid a race condition if another thread happens to remove the error
state at the same time.
2000-07-25 16:56:39 +00:00
Bodo Möller
2d789604b8 Bugfix: use write locks, not just read locks 2000-07-21 15:07:56 +00:00
Richard Levitte
c2bbf9cf6c I got sick and tired of having to keep track of NIDs when such a thing
could be done automagically, much like the numbering in libeay.num and
ssleay.num.  The solution works as follows:

  - New object identifiers are inserted in objects.txt, following the
    syntax given in objects.README.
  - objects.pl is used to process obj_mac.num and create a new
    obj_mac.h.
  - obj_dat.pl is used to create a new obj_dat.h, using the data in
    obj_mac.h.

This is currently kind of a hack, and the perl code in objects.pl
isn't very elegant, but it works as I intended.  The simplest way to
check that it worked correctly is to look in obj_dat.h and check the
array nid_objs and make sure the objects haven't moved around (this is
important!).  Additions are OK, as well as consistent name changes.
2000-07-05 02:45:36 +00:00
Richard Levitte
ef33b97050 Using checks of the existence of HEADER_{foo}_H in other header files
was a really bad idea.  For example, the following:

	#include <x509.h>
	#include <bio.h>
	#include <asn1.h>

would make sure that things like ASN1_UTCTIME_print() wasn't defined
unless you moved the inclusion of bio.h to above the inclusion of
x509.h.  The reason is that x509.h includes asn1.h, and the
declaration of ASN1_UTCTIME_print() depended on the definition of
HEADER_BIO_H.  That's what I call an obscure bug.

Instead, this change makes sure that whatever header files are needed
for the correct process of one header file are included automagically,
and that the definitions of, for example, BIO-related things are
dependent on the absence of the NO_{foo} macros.  This is also
consistent with the way parts of OpenSSL can be excluded at will.
2000-06-09 10:41:35 +00:00
Richard Levitte
823d8a6eb1 According to Gordon Atwood <gordon@cs.ualberta.ca>, stdlib.h is
needed, or size_t won't be defined on SunOS 4.1.4.
2000-06-04 07:12:20 +00:00
Richard Levitte
26a3a48d65 There have been a number of complaints from a number of sources that names
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.
2000-06-01 22:19:21 +00:00
Dr. Stephen Henson
b4b41f48d1 Add DSA library string. Workaround for IIS .key file invalid
ASN1 encoding.
2000-05-24 13:09:59 +00:00
Richard Levitte
aa9fb57b99 Initialise. 2000-05-02 13:38:11 +00:00
Richard Levitte
82271cee5b In Message-ID: <003201bfb332$14a07520$0801a8c0@janm.transactionsite.com>,
"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order.  Thusly fixed.
2000-05-02 12:16:01 +00:00
Bodo Möller
dcba2534fa Avoid leaking memory in thread_hash (and enable memory leak detection
for it).
2000-04-29 23:58:05 +00:00
Bodo Möller
e5c84d5152 New function ERR_error_string_n. 2000-04-14 23:36:15 +00:00
Richard Levitte
7a807ad8a7 "make update" 2000-04-09 12:52:40 +00:00
Geoff Thorpe
9ec0126ed2 This commit ties the new DSO code (crypto/dso/) into the build for a
variety of platforms. A few are missing, and they will be added in
eventually, but as this is new stuff, it was better to not break lots of
platforms in one go that we can't easily test. The changes to "Configure"
should illustrate how to add support to other systems if you feel like
having a go.

NB: I'll add something shortly to allow you to add "dlfcn.h" support on
those platforms that don't have (or need) a dlfcn.h header file. (The
symbol for Configure will probably by "dlfcn_no_h").

Thanks to Richard Levitte, who is responsible for the dso_dl.c support,
understanding the trickier aspects of the build process, and giving great
feedback on everything else.

[Don't use this stuff if you're easily offended by changes to the
interface or behaviour - it's still work in progress.]

PR:
2000-04-04 22:32:19 +00:00
Bodo Möller
0a150c5c9f Generate correct error reasons strings for SYSerr. 2000-03-04 01:36:53 +00:00
Dr. Stephen Henson
fbb41ae0ad Allow code which calls RSA temp key callback to cope
with a failure.

Fix typos in some error codes.
2000-02-25 00:23:48 +00:00
Bodo Möller
29a28ee503 Cosmetic changes. 2000-02-05 21:28:09 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Ulf Möller
9d1a01be8f Source code cleanups: Use void * rather than char * in lhash,
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
2000-01-30 22:20:28 +00:00
Dr. Stephen Henson
dd9d233e2a Tidy up CRYPTO_EX_DATA structures. 2000-01-23 23:41:49 +00:00
Bodo Möller
a8eeb155b5 Avoid some warnings, and run "make update". 2000-01-14 17:28:48 +00:00
Ulf Möller
eb952088f0 Precautions against using the PRNG uninitialized: RAND_bytes() now
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
2000-01-13 20:59:17 +00:00
Bodo Möller
a40f6dce87 correct error signalling for opendir() failure 1999-07-30 10:43:34 +00:00
Bodo Möller
d9f0016bc5 typo in string 1999-07-12 16:46:28 +00:00
Bodo Möller
b1c4fe3625 Don't mix real tabs with tabs expanded as 8 spaces -- that's
a pain to read when using 4-space tabs.
1999-06-07 20:26:51 +00:00
Ulf Möller
a53955d8ab Support the EBCDIC character set and BS2000/OSD-POSIX (work in progress).
Submitted by: Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>
1999-06-04 21:35:58 +00:00
Bodo Möller
7e70181723 It was a very bad idea to use #include "../e_os.h" -- when this occurs
in cryptlib.h (which is often included as "../cryptlib.h"), then the
question remains relative to which directory this is to be interpreted.
gcc went one further directory up, as intended; but makedepend thinks
differently, and so probably do some C compilers.  So the ../ must go away;
thus e_os.h goes back into include/openssl (but I now use
#include "openssl/e_os.h" instead of <openssl/e_os.h> to make the point) --
and we have another huge bunch of dependency changes.  Argh.
1999-05-21 11:16:48 +00:00
Bodo Möller
d6847aed10 Add a kludge :-(
There were problems with putting e_os.h just into the top directory,
because the test programs are compiled within test/ in the "standard"
case in in their original directories in the makefile.one case;
and in the latter symlinks may not be available.
1999-05-20 22:18:49 +00:00
Bodo Möller
17e3dd1c62 Don't install e_os.h in include/openssl, use it only as a local
include file.
1999-05-20 21:59:20 +00:00
Bodo Möller
127640b449 Update dependencies. 1999-05-15 13:38:48 +00:00
Ben Laurie
2adca9cdc6 Update dependencies. 1999-05-13 17:33:27 +00:00
Ulf Möller
4565c3e36f Use ANSI stdarg. 1999-05-05 12:35:27 +00:00
Bodo Möller
e5f3045fbf Support INSTALL_PREFIX for packagers.
Submitted by:
Reviewed by:
PR:
1999-04-29 21:52:08 +00:00
Ulf Möller
d575d2924c Ignore Makefile.save
Submitted by: Anonymous
1999-04-29 16:04:54 +00:00
Bodo Möller
1314c344ac Obey $(PERL) when running util/mklink.pl.
Submitted by:
Reviewed by:
PR:
1999-04-29 12:46:59 +00:00
Bodo Möller
6e6acfd4b9 Use util/mklink.pl instead of util/mklink.sh.
Submitted by:
Reviewed by:
PR:
1999-04-28 22:33:54 +00:00
Ulf Möller
f5d7a031a3 New Configure option no-<cipher> (rsa, idea, rc5, ...). 1999-04-27 01:14:46 +00:00
Ulf Möller
a9be3af5ad Remove NOPROTO definitions and error code comments. 1999-04-26 16:43:10 +00:00
Dr. Stephen Henson
c74b3a6037 Various header consistency fixes. 1999-04-25 16:38:52 +00:00
Bodo Möller
a75b81ad95 Removed traces of cryptall.h, and did a "make depend".
Submitted by:
Reviewed by:
PR:
1999-04-25 09:21:05 +00:00
Bodo Möller
0b86eb3ea6 Fix header files so that any one can be included first.
Submitted by:
Reviewed by:
PR:
1999-04-24 18:50:40 +00:00
Ulf Möller
574e991aa5 Replaced by mkerr.pl 1999-04-24 17:49:02 +00:00
Dr. Stephen Henson
6d31193858 Complete rewrite of the error code generation script. It now runs as a single
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
1999-04-24 00:15:18 +00:00
Bodo Möller
ca20f59bd0 Submitted by:
Reviewed by:
PR:
1999-04-23 23:13:45 +00:00
Bodo Möller
bf57da0717 "make depend"
Submitted by:
Reviewed by:
PR:
1999-04-23 22:50:50 +00:00
Bodo Möller
ec577822f9 Change #include filenames from <foo.h> to <openssl.h>.
Submitted by:
Reviewed by:
PR:
1999-04-23 22:13:45 +00:00
Ben Laurie
61f5b6f338 Work with -pedantic! 1999-04-23 15:01:15 +00:00
Ulf Möller
6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Ben Laurie
e778802f53 Massive constification. 1999-04-17 21:25:43 +00:00
Ben Laurie
f73e07cf42 Add type-safe STACKs and SETs. 1999-04-12 17:23:57 +00:00
Ben Laurie
e709e485d7 Update dependencies. 1999-04-01 15:51:21 +00:00
Ulf Möller
99aab1619f New Makefile variables $(RANLIB) and $(PERL). 1999-04-01 12:34:33 +00:00
Dr. Stephen Henson
67d5ac039f Various PKCS#12 related tidies and fixes: it might even compile now :-) 1999-03-29 00:19:55 +00:00
Dr. Stephen Henson
8d8c7266d4 Yet more PKCS#12 integration: add lots of files under crypto/pkcs12 and add
them to the build environment.
1999-03-28 23:17:34 +00:00
Ben Laurie
b4cadc6e13 Fix security hole. 1999-03-22 12:22:14 +00:00
Ben Laurie
6242bb9c63 Put the dependencies back. 1999-03-06 14:32:48 +00:00
Ralf S. Engelschall
bb8f3c5879 General source tree makefile cleanups: Made `making xxx in yyy...' display
consistent in the source tree and replaced `/bin/rm' by `rm'.  Additonally
cleaned up the `make links' target: Remove unnecessary semicolons, subsequent
redundant removes, inline point.sh into mklink.sh to speed processing and no
longer clutter the display with confusing stuff. Instead only the actually
done links are displayed.
1999-03-06 12:32:06 +00:00
Ralf S. Engelschall
6013fa8395 Make sure latest Perl versions don't interpret some generated C array as Perl
array code in the crypto/err/err_genc.pl script.

Submitted by: Lars Weber <3weber@informatik.uni-hamburg.de>
Reviewed by: Ralf s. Engelschall
1999-02-14 13:21:52 +00:00
Ben Laurie
59ff713462 Break circular dependency between pem and err. 1999-01-30 13:40:34 +00:00
Ben Laurie
31df0990a1 Update dependencies. 1999-01-30 12:49:44 +00:00
Dr. Stephen Henson
834eeef995 Continuing adding X509 V3 support. This starts to integrate the code with
the main library, but only with printing at present. To see this try:
openssl x509 -in cert.pem -text
on a certificate with some extensions in it.
1999-01-24 17:50:32 +00:00
Ben Laurie
6f93539970 This time, get it right. 1999-01-19 23:25:22 +00:00
Ben Laurie
8039257dbc Finally lay dependencies to rest (I hope!). 1999-01-19 21:36:31 +00:00
Dr. Stephen Henson
6c8abdd744 New err_code.pl script to retain old error codes. This should allow the use
of 'make errors' without causing huge re-organisations of files when a new
code is added.
1999-01-18 22:18:38 +00:00
Ben Laurie
e03ddfae7e Accept NULL in *_free. 1999-01-07 19:15:59 +00:00
stephen
d97b4dd866 external error lib number now global and allow error lib to have a name 1998-12-30 18:42:02 +00:00
Ralf S. Engelschall
651d0aff98 Various cleanups and fixed by Marc and Ralf to start the OpenTLS project 1998-12-22 15:04:48 +00:00
Ralf S. Engelschall
dfeab0689f Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00