Commit graph

56 commits

Author SHA1 Message Date
Dr. Stephen Henson
fb64e17555 Update dependencies. 2005-05-02 23:02:19 +00:00
Dr. Stephen Henson
89234b1eed Pick up definition of FIPS_mode() in fips.h to avoid warnings. 2005-04-18 13:02:19 +00:00
Richard Levitte
9addd9b6fb Add emacs cache files to .cvsignore. 2005-04-11 14:18:14 +00:00
Dr. Stephen Henson
f60fc19a69 make update 2005-01-26 20:05:46 +00:00
Dr. Stephen Henson
d0edffc7da FIPS algorithm blocking.
Non FIPS algorithms are not normally allowed in FIPS mode.

Any attempt to use them via high level functions will return an error.

The low level non-FIPS algorithm functions cannot return errors so they
produce assertion failures. HMAC also has to give an assertion error because
it (erroneously) can't return an error either.

There are exceptions (such as MD5 in TLS and non cryptographic use of
algorithms) and applications can override the blocking and use non FIPS
algorithms anyway.

For low level functions the override is perfomed by prefixing the algorithm
initalization function with "private_" for example private_MD5_Init().

For high level functions an override is performed by setting a flag in
the context.
2005-01-26 20:00:40 +00:00
Richard Levitte
a2617f727d Don't use $(EXHEADER) directly in for loops, as most shells will break
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:53:31 +00:00
Ben Laurie
3642f632d3 Pull FIPS back into stable. 2004-05-11 12:46:24 +00:00
Richard Levitte
cc056d6395 Use sh explicitely to run point.sh
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:00:24 +00:00
Richard Levitte
9fa15b6ff8 Have all tests use EXIT() to exit rather than exit(), since the latter doesn't
always give the expected result on some platforms.
2002-11-28 18:57:30 +00:00
Richard Levitte
ff90d659e6 Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:21:33 +00:00
Richard Levitte
ca55c617e5 Pass CFLAG to dependency makers, so non-standard system include paths are
handled properly.
Part of PR 75
2002-06-27 16:44:52 +00:00
Richard Levitte
710e5d5639 make update 2001-07-31 17:07:24 +00:00
Ben Laurie
dbad169019 Really add the EVP and all of the DES changes. 2001-07-30 23:57:25 +00:00
Bodo Möller
4e20b1a656 Instead of telling both 'make' and the user that ranlib
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
2001-03-09 14:01:42 +00:00
Richard Levitte
70d70a3c81 Code for better build under Darwin (MacOS X).
Submitted by Brad Dominy <jdominy@darwinuser.org>
2001-03-07 10:04:00 +00:00
Richard Levitte
bc36ee6227 Use new-style system-id macros everywhere possible. I hope I haven't
missed any.

This compiles and runs on Linux, and external applications have no
problems with it.  The definite test will be to build this on VMS.
2001-02-20 08:13:47 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Richard Levitte
4e20a4e688 'ranlib' doesn't always run on some systems. That's actually
acceptable, since all that happens if it fails is a library with
an index, which makes linking slower, but still working correctly.
2000-09-25 08:53:15 +00:00
Ben Laurie
1921eaad64 EVP constification. 2000-06-03 14:13:58 +00:00
Richard Levitte
82271cee5b In Message-ID: <003201bfb332$14a07520$0801a8c0@janm.transactionsite.com>,
"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order.  Thusly fixed.
2000-05-02 12:16:01 +00:00
Bodo Möller
24aaff588a Remove "Makefile.uni" files and some related stuff.
This was meant for building individual ciphers separately;
but nothing of this is maintained, it does not work
because we rely on central configuration by the Configure
utility with <openssl/opensslconf.h> etc., so the files
are only wasting space and time.
2000-03-14 13:56:00 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Bodo Möller
e766a681aa Some pre-POSIX systems don't have unistd.h (but e.g. lib.c).
Allow configuring the name of that header file.
1999-06-09 13:23:38 +00:00
Ulf Möller
7de82c29c8 Missed one line. 1999-05-13 17:55:08 +00:00
Ulf Möller
5c83b4c93f Remove redundant ifdef. 1999-05-13 13:29:41 +00:00
Ulf Möller
7d7d2cbcb0 VMS support.
Submitted by: Richard Levitte <richard@levitte.org>
1999-05-13 11:37:32 +00:00
Bodo Möller
0494855723 ignore Makefile.save
Submitted by:
Reviewed by:
PR:
1999-04-29 21:54:11 +00:00
Bodo Möller
e5f3045fbf Support INSTALL_PREFIX for packagers.
Submitted by:
Reviewed by:
PR:
1999-04-29 21:52:08 +00:00
Bodo Möller
1314c344ac Obey $(PERL) when running util/mklink.pl.
Submitted by:
Reviewed by:
PR:
1999-04-29 12:46:59 +00:00
Bodo Möller
6e6acfd4b9 Use util/mklink.pl instead of util/mklink.sh.
Submitted by:
Reviewed by:
PR:
1999-04-28 22:33:54 +00:00
Ulf Möller
dd500770e2 Autogenerated files. 1999-04-28 22:24:08 +00:00
Ulf Möller
f5d7a031a3 New Configure option no-<cipher> (rsa, idea, rc5, ...). 1999-04-27 01:14:46 +00:00
Ulf Möller
a9be3af5ad Remove NOPROTO definitions and error code comments. 1999-04-26 16:43:10 +00:00
Dr. Stephen Henson
6d31193858 Complete rewrite of the error code generation script. It now runs as a single
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
1999-04-24 00:15:18 +00:00
Bodo Möller
bf57da0717 "make depend"
Submitted by:
Reviewed by:
PR:
1999-04-23 22:50:50 +00:00
Bodo Möller
ec577822f9 Change #include filenames from <foo.h> to <openssl.h>.
Submitted by:
Reviewed by:
PR:
1999-04-23 22:13:45 +00:00
Ben Laurie
61f5b6f338 Work with -pedantic! 1999-04-23 15:01:15 +00:00
Ulf Möller
169cc7a112 Remove references to .org header file names. 1999-04-22 20:10:06 +00:00
Ulf Möller
8e10f2b3ac Move all autogenerated header file parts to crypto/opensslconf.h. 1999-04-21 17:31:05 +00:00
Ulf Möller
6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Ben Laurie
e778802f53 Massive constification. 1999-04-17 21:25:43 +00:00
Ulf Möller
99aab1619f New Makefile variables $(RANLIB) and $(PERL). 1999-04-01 12:34:33 +00:00
Ben Laurie
b4cadc6e13 Fix security hole. 1999-03-22 12:22:14 +00:00
Ben Laurie
6242bb9c63 Put the dependencies back. 1999-03-06 14:32:48 +00:00
Ralf S. Engelschall
bb8f3c5879 General source tree makefile cleanups: Made `making xxx in yyy...' display
consistent in the source tree and replaced `/bin/rm' by `rm'.  Additonally
cleaned up the `make links' target: Remove unnecessary semicolons, subsequent
redundant removes, inline point.sh into mklink.sh to speed processing and no
longer clutter the display with confusing stuff. Instead only the actually
done links are displayed.
1999-03-06 12:32:06 +00:00
Ben Laurie
6f93539970 This time, get it right. 1999-01-19 23:25:22 +00:00
Ben Laurie
8039257dbc Finally lay dependencies to rest (I hope!). 1999-01-19 21:36:31 +00:00
Ralf S. Engelschall
4c7b481b4c More .cvsignore stuff to make CVS quiet on our generated files. 1999-01-03 13:17:47 +00:00
Ralf S. Engelschall
9cb0969f65 Fix version stuff:
1. The already released version was 0.9.1c and not 0.9.1b

2. The next release should be 0.9.2 and not 0.9.1d, because
   first the changes are already too large, second we should avoid any more
   0.9.1x confusions and third, the Apache version semantics of
   VERSION.REVISION.PATCHLEVEL for the version string is reasonable (and here
   .2 is already just a patchlevel and not major change).
tVS: ----------------------------------------------------------------------
1998-12-31 09:36:40 +00:00
Ben Laurie
8d7ed6ff90 Deal with generated files. 1998-12-28 21:58:19 +00:00