Commit graph

63 commits

Author SHA1 Message Date
Dr. Stephen Henson
92ad8e5c37 Remove defunct FIPS_allow_md5() and related functions. 2005-04-22 01:06:59 +00:00
Richard Levitte
630b9d70fb Use EXIT() instead of exit(). 2005-01-11 18:25:28 +00:00
Andy Polyakov
5868130e7a Eliminate dependency on UNICODE macro. 2004-12-09 18:00:26 +00:00
Richard Levitte
f27a152f69 Make sure the applications know when we are running in FIPS mode. We
can't use the variable in libcrypto, since it's supposedly unknown.

Note: currently only supported in MONOLITH mode.
2004-05-17 04:30:06 +00:00
Ben Laurie
3642f632d3 Pull FIPS back into stable. 2004-05-11 12:46:24 +00:00
Bodo Möller
9cc513a000 fix out-of-bounds check in lock_dbg_cb (was too lose to detect all
invalid cases)

PR: 674
2003-08-14 10:33:26 +00:00
Richard Levitte
6d85cd36e2 Add the possibility to build without the ENGINE framework.
PR: 287
2003-01-30 17:37:49 +00:00
Richard Levitte
27498a3330 EXIT() may mean return(). That's confusing, so let's have it really mean
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)
2002-12-03 16:34:28 +00:00
Bodo Möller
8f4a23e3b7 allocate bio_err before memory debugging is enabled to avoid memory leaks
(we can't release it before the CRYPTO_mem_leaks() call!)

Submitted by: Nils Larsch
2002-11-18 13:38:30 +00:00
Ben Laurie
9831d941ca Many security improvements (CHATS) and a warning fix. 2002-11-12 13:23:40 +00:00
Richard Levitte
4fd5e85a18 Make sure that the 'config' variable is correctly defined and declared
for monolithic as well as non-monolithic biuld.
More work is probably needed in this area.
PR: 144
2002-10-09 15:36:42 +00:00
Lutz Jänicke
7e8852c549 Reorder inclusion of header files:
des_old.h redefines crypt:
#define crypt(b,s)\
	DES_crypt((b),(s))

This scheme leads to failure, if header files with the OS's true definition
of crypt() are processed _after_ des_old.h was processed. This is e.g. the
case on HP-UX with unistd.h.
As evp.h now again includes des.h (which includes des_old.h), this problem
only came up after this modification.
Solution: move header files (indirectly) including e_os.h before the header
files (indirectly) including evp.h.
Submitted by:
Reviewed by:
PR:
2002-07-10 06:57:54 +00:00
Richard Levitte
cc3586028e Allow longer program names (VMS allows up to 39 characters).
Submitted by Compaq.
2002-04-06 18:59:57 +00:00
Dr. Stephen Henson
6ca487992b Stop spurious "unable to load config info" errors in req 2001-10-21 01:05:53 +00:00
Bodo Möller
a661b65357 New functions SSL[_CTX]_set_msg_callback().
New macros SSL[_CTX]_set_msg_callback_arg().

Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).

New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.


In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.

Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).

Add/update some OpenSSL copyright notices.
2001-10-20 17:56:36 +00:00
Geoff Thorpe
1372965e2e Reduce the header dependencies on engine.h in apps/. 2001-09-12 02:39:06 +00:00
Geoff Thorpe
16e819e1d8 Put all "common" initialisation in the apps_startup() and apps_shutdown()
macros in apps.h.
2001-09-10 21:04:14 +00:00
Bodo Möller
c2222c2ea2 restore previous revision -- memory leak should be fixed in mem.c 2001-09-10 18:47:33 +00:00
Bodo Möller
336da5642d fix memory leak 2001-09-10 18:13:16 +00:00
Bodo Möller
384eff877c Fix apps/openssl.c and ssl/ssltest.c so that they use
CRYPTO_set_mem_debug_options() instead of CRYPTO_dbg_set_options(),
which is the default implementation of the former and should usually
not be directly used by applications (at least if we assume that the
options accepted by the default implementation will also be meaningful
to any other implementations).

Also fix apps/openssl.c and ssl/ssltest such that environment variable
setting 'OPENSSL_DEBUG_MEMORY=off' actively disables the compiled-in
library defaults (i.e. such that CRYPTO_MDEBUG is ignored in this
case).
2001-09-10 09:50:30 +00:00
Dr. Stephen Henson
b7a26e6daf Modify apps to use NCONF code instead of old CONF code.
Add new extension functions which work with NCONF.

Tidy up extension config routines and remove redundant code.

Fix NCONF_get_number().

Todo: more testing of apps to see they still work...
2001-06-28 11:41:50 +00:00
Richard Levitte
870d986131 apps_startup() needs a corresponding apps_shutdown(). 2001-06-23 16:31:41 +00:00
Dr. Stephen Henson
2c7bc88d78 Fix UI leak in apps. 2001-06-23 12:48:46 +00:00
Richard Levitte
21023745e2 Clean up ENGINE before exiting. 2001-04-26 16:08:10 +00:00
Bodo Möller
10654d3a74 Forcibly enable memory leak checking during "make test" 2001-03-11 14:49:46 +00:00
Richard Levitte
bc36ee6227 Use new-style system-id macros everywhere possible. I hope I haven't
missed any.

This compiles and runs on Linux, and external applications have no
problems with it.  The definite test will be to build this on VMS.
2001-02-20 08:13:47 +00:00
Bodo Möller
3ac82faae5 Locking issues. 2000-12-15 16:40:35 +00:00
Richard Levitte
8d28d5f81b Constification of the data of a hash table. This means the callback
functions need to be constified, and therefore meant a number of easy
changes a little everywhere.

Now, if someone could explain to me why OBJ_dup() cheats...
2000-12-13 17:15:03 +00:00
Geoff Thorpe
d0fa136ce2 Next step in tidying up the LHASH code.
DECLARE/IMPLEMENT macros now exist to create type (and prototype) safe
wrapper functions that avoid the use of function pointer casting yet retain
type-safety for type-specific callbacks. However, most of the usage within
OpenSSL itself doesn't really require the extra function because the hash
and compare callbacks are internal functions declared only for use by the
hash table. So this change catches all those cases and reimplements the
functions using the base-level LHASH prototypes and does per-variable
casting inside those functions to convert to the appropriate item type.

The exception so far is in ssl_lib.c where the hash and compare callbacks
are not static - they're exposed in ssl.h so their prototypes should not be
changed. In this last case, the IMPLEMENT_LHASH_*** macros have been left
intact.
2000-12-08 20:02:01 +00:00
Ben Laurie
b0dc680f71 Fix warnings. 2000-12-03 10:04:22 +00:00
Geoff Thorpe
35a99b6380 Use the new LHASH macros to declare type-safe wrapper functions that can
be used as the hash/compare callbacks without function pointer casting.

For now, this is just happening in the apps/ directory whilst a few people
check the approach. The rest of the library will be moved across to the
same idea if there's no problems with this.
2000-12-02 23:16:54 +00:00
Geoff Thorpe
385d81380c First step in tidying up the LHASH code. The callback prototypes (and
casts) used in the lhash code are about as horrible and evil as they can
be. For starters, the callback prototypes contain empty parameter lists.
Yuck.

This first change defines clearer prototypes - including "typedef"'d
function pointer types to use as "hash" and "compare" callbacks, as well as
the callbacks passed to the lh_doall and lh_doall_arg iteration functions.
Now at least more explicit (and clear) casting is required in all of the
dependant code - and that should be included in this commit.

The next step will be to hunt down and obliterate some of the function
pointer casting being used when it's not necessary - a particularly evil
variant exists in the implementation of lh_doall.
2000-12-01 20:31:52 +00:00
Richard Levitte
e7ef1a561a Make all engines available in the openssl application. 2000-11-06 22:03:00 +00:00
Richard Levitte
645749ef98 On VMS, stdout may very well lead to a file that is written to in a
record-oriented fashion.  That means that every write() will write a
separate record, which will be read separately by the programs trying
to read from it.  This can be very confusing.

The solution is to put a BIO filter in the way that will buffer text
until a linefeed is reached, and then write everything a line at a
time, so every record written will be an actual line, not chunks of
lines and not (usually doesn't happen, but I've seen it once) several
lines in one record.  Voila, BIO_f_linebuffer() is born.

Since we're so close to release time, I'm making this VMS-only for
now, just to make sure no code is needlessly broken by this.  After
the release, this BIO method will be enabled on all other platforms as
well.
2000-09-20 13:55:50 +00:00
Richard Levitte
ee087bb8eb Make it so we can dynamically enable memory allocation debugging through the
environment variable OPENSSL_DEBUG_MEMORY (existence is sufficient).  At the
same time, it makes sure that CRYPTO_malloc_debug_init() gets expanded some-
where and thereby tested for compilation.
2000-08-01 17:15:36 +00:00
Richard Levitte
26a3a48d65 There have been a number of complaints from a number of sources that names
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.
2000-06-01 22:19:21 +00:00
Bodo Möller
6e22639f46 Eliminate memory leaks in mem_dbg.c. 2000-03-18 15:18:27 +00:00
Richard Levitte
1f515cfe09 e_os.h: don't do double work with status codes.
openssl.c: make damn sure e_os.h knows about OPENSSL_C
2000-03-18 09:09:31 +00:00
Bodo Möller
46c4647e3c "openssl no-..." commands for avoiding the need to grep
"openssl list-standard-commands".
2000-03-13 20:31:46 +00:00
Bodo Möller
863fe2ecac cleaning up a little 2000-03-12 23:27:14 +00:00
Bodo Möller
e290c7d4e0 Correction: openssl.c must get the long version of the apps_startup()
macro
2000-02-05 21:39:20 +00:00
Bodo Möller
29a28ee503 Cosmetic changes. 2000-02-05 21:28:09 +00:00
Ulf Möller
9d1a01be8f Source code cleanups: Use void * rather than char * in lhash,
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
2000-01-30 22:20:28 +00:00
Bodo Möller
4fd2ead09d Enable memory checking earlier (we correctly free everything
except for the BIO through which we print the memory leak list,
and the leak printing function ignores this one block).
2000-01-15 03:08:52 +00:00
Bodo Möller
2b6313d0da Rename
CRYPTO_add_info    => CRYPTO_push_info
   CRYPTO_remove_info => CRYPTO_pop_info
in the hope that these names are more descriptive;
and "make update".
1999-12-18 13:51:47 +00:00
Bodo Möller
75acc288ca fix typos and other little errors ... 1999-12-18 13:25:45 +00:00
Bodo Möller
03c48fa07b Avoid shadowing p to make the compiler happy. 1999-12-18 05:16:30 +00:00
Bodo Möller
e8f48dbacc Add missing semicolon to make compiler happy, and switch back
from MemCheck_start() to CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
because that is what applications should use
(MemCheck_start/stop never really worked for applications
unless CRYPTO_MDEBUG was defined both when compiling the library
and when compiling the application, so probably we should
get rid of it).
1999-12-18 00:28:21 +00:00
Richard Levitte
1ad9bdf253 Use MemCheck_start() instead of CRYPTO_mem_ctrl(), and generate a small leak to test (conditional) 1999-12-17 12:50:06 +00:00
Bodo Möller
777ab7e611 Fix memory checking. 1999-07-09 16:27:30 +00:00