Commit graph

8727 commits

Author SHA1 Message Date
Andy Polyakov
122396f2db Fix SHA512 and optimize BN for mingw64. 2008-11-01 12:46:18 +00:00
Andy Polyakov
09a60c9833 Fix warnings after commit#17578. 2008-10-31 20:20:54 +00:00
Andy Polyakov
b444ac3e6f size_t-fy EVP_CIPHER. Note that being size_t-fied it doesn't require
underlying cipher to be size_t-fied, it allows for size_t, signed and
unsigned long. It maintains source and even binary compatibility.
2008-10-31 19:48:25 +00:00
Andy Polyakov
f768be81d8 size_t-fy AES, Camellia and RC4. 2008-10-31 19:30:11 +00:00
Dr. Stephen Henson
91173829db Add install target to crypto/jpake/Makefile 2008-10-31 12:06:25 +00:00
Ben Laurie
bfaead2b12 Fix warning. 2008-10-29 05:10:09 +00:00
Andy Polyakov
e6b4578540 randfile.c: .rnd can become orphaned on VMS.
Submitted by: David North
2008-10-28 16:25:47 +00:00
Andy Polyakov
0dd4850ee0 .cvsignore update: ignore all flavors of shared objects. 2008-10-28 15:29:25 +00:00
Andy Polyakov
c650168a4f Fix typo in ./config.
Submitted by: Sander Temme
2008-10-28 15:09:06 +00:00
Andy Polyakov
ea71ec1b11 ec2_mult.c readability update. 2008-10-28 13:53:51 +00:00
Andy Polyakov
f1455b3063 Minor clean-up in bn_lib.c: constification and optimization. 2008-10-28 13:52:51 +00:00
Andy Polyakov
b764f82c64 Fix crash in BN_rshift.
PR: 1663
2008-10-28 13:46:14 +00:00
Andy Polyakov
436bdcff4e Harmonize Camellia API with version 1.x. 2008-10-28 12:13:52 +00:00
Andy Polyakov
27f864e8ac Camellia update. Quoting camellia.c:
/*
 * This release balances code size and performance. In particular key
 * schedule setup is fully unrolled, because doing so *significantly*
 * reduces amount of instructions per setup round and code increase is
 * justifiable. In block functions on the other hand only inner loops
 * are unrolled, as full unroll gives only nominal performance boost,
 * while code size grows 4 or 7 times. Also, unlike previous versions
 * this one "encourages" compiler to keep intermediate variables in
 * registers, which should give better "all round" results, in other
 * words reasonable performance even with not so modern compilers.
 */
2008-10-28 08:47:24 +00:00
Andy Polyakov
80aa9cc985 x86_64-xlate.pl update: refine SEH support. 2008-10-28 08:40:07 +00:00
Dr. Stephen Henson
ab7e09f59b Win32 fixes... add new directory to build system. Fix warnings. 2008-10-27 12:31:13 +00:00
Dr. Stephen Henson
e9eda23ae6 Fix warnings and various issues.
C++ style comments.
Signed/unsigned warning in apps.c
Missing targets in jpake/Makefile
2008-10-27 12:02:52 +00:00
Ben Laurie
6caa4edd3e Add JPAKE. 2008-10-26 18:40:52 +00:00
Dr. Stephen Henson
ac786241a2 Add support for -crlnumber option in crl utility. 2008-10-22 19:54:55 +00:00
Dr. Stephen Henson
df0681e554 Add permanentIdentifier OID. 2008-10-22 18:48:11 +00:00
Dr. Stephen Henson
e19106f5fb Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.

This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
2008-10-22 15:43:01 +00:00
Geoff Thorpe
ae7ec4c71d Apparently '__top' is also risky, obfuscate further. (All this to
avoid inlines...)
2008-10-22 12:00:15 +00:00
Lutz Jänicke
020d67fb89 Allow detection of input EOF in quiet mode by adding -no_ign_eof option
to s_client application.
PR: #1761
Submitted by: David Woodhouse <dwmw2@infradead.org>
2008-10-22 06:46:14 +00:00
Geoff Thorpe
3fdc6c11aa Use of a 'top' var creates "shadow variable" warnings. 2008-10-22 01:25:45 +00:00
Dr. Stephen Henson
dcf6b3e9b6 Reinstate obj_xref.h as it is not auto generated on all platforms. 2008-10-20 15:12:48 +00:00
Dr. Stephen Henson
606f6c477a Fix a shed load or warnings:
Duplicate const.
Use of ; outside function.
2008-10-20 15:12:00 +00:00
Lutz Jänicke
1581f82243 Add missing "-d" to option list of openssl version.
Submitted by: Alex Chen <alex_chen@filemaker.com>
2008-10-20 12:53:36 +00:00
Ben Laurie
0d6f9c7181 Constification. 2008-10-19 22:51:27 +00:00
Dr. Stephen Henson
640b86cb24 Fix Warning... 2008-10-19 17:22:34 +00:00
Dr. Stephen Henson
111a6e2a23 Fix multiple ; warning. 2008-10-18 15:02:59 +00:00
Ben Laurie
d764e7edb8 Fix warning a different way. 2008-10-18 12:12:34 +00:00
Andy Polyakov
aff8259510 Fix argument order in BN_nnmod call and implement rigorous boundary
condition check.
2008-10-16 07:54:41 +00:00
Andy Polyakov
256b3e9c5f Optimize bn_correct_top. 2008-10-15 10:48:52 +00:00
Andy Polyakov
762a2e3cab Remove redundant BN_ucmp, fix boundary condition in BN_nist_mod_224 and
reimplement BN_nist_mod_521.
2008-10-15 10:47:48 +00:00
Ben Laurie
28b6d5020e Set comparison function in v3_add_canonize(). 2008-10-14 19:27:07 +00:00
Ben Laurie
d5bbead449 Add XMPP STARTTLS support. 2008-10-14 19:11:26 +00:00
Dr. Stephen Henson
0f7efbc859 Ooops... remove code accidentally commited from FIPS version. 2008-10-14 15:44:14 +00:00
Dr. Stephen Henson
a7ae4abfd9 Add missing lock definitions... 2008-10-14 15:24:49 +00:00
Dr. Stephen Henson
30661b1b01 Add missing lock definitions. 2008-10-14 15:22:11 +00:00
Ben Laurie
1ea6472e60 Type-safe OBJ_bsearch_ex. 2008-10-14 08:10:52 +00:00
Lutz Jänicke
b8dfde2a36 Remove the DTLS1_BAD_VER thing from 0.9.9-dev. It is present in 0.9.8
but has been omitted from HEAD (0.9.9), see commit
  http://cvs.openssl.org/chngview?cn=16627
by appro.
2008-10-13 06:45:59 +00:00
Lutz Jänicke
570006f3a2 Half of the commit for 0.9.8 as the bitmap handling has changed.
(Firstly... ommitted)

Secondly, it wasn't even _dropping_ the offending packets, in the
non-blocking case. It was just returning garbage instead.
PR: #1752
Submitted by: David Woodhouse <dwmw2@infradead.org>
2008-10-13 06:43:03 +00:00
Ben Laurie
babb379849 Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
Ben Laurie
6665ef303e Add missing DTLS1_BAD_VER (hope I got the value right). 2008-10-12 14:04:34 +00:00
Lutz Jänicke
7e7af0bc51 When the underlying BIO_write() fails to send a datagram, we leave the
offending record queued as 'pending'. The DTLS code doesn't expect this,
and we end up hitting an OPENSSL_assert() in do_dtls1_write().

The simple fix is just _not_ to leave it queued. In DTLS, dropping
packets is perfectly acceptable -- and even preferable. If we wanted a
service with retries and guaranteed delivery, we'd be using TCP.
PR: #1703
Submitted by: David Woodhouse <dwmw2@infradead.org>
2008-10-10 10:41:35 +00:00
Dr. Stephen Henson
87d3a0cd90 Experimental new date handling routines. These fix issues with X509_time_adj()
and should avoid any OS date limitations such as the year 2038 bug.
2008-10-07 22:55:27 +00:00
Lutz Jänicke
1e369b375e Fix incorrect command for assember file generation on IA64
Submitted by: Amadeu A. Barbosa Jr <amadeu@tecgraf.puc-rio.br>
2008-10-06 10:34:49 +00:00
Andy Polyakov
6bf24568bc Fix EC_KEY_check_key. 2008-09-23 17:33:11 +00:00
Bodo Möller
837f2fc7a4 Make sure that SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG can't
enable disabled ciphersuites.
2008-09-22 21:22:47 +00:00
Bodo Möller
1a489c9af1 From branch OpenSSL_0_9_8-stable: Allow soft-loading engines.
Also, fix CHANGES (consistency with stable branch).
2008-09-15 20:41:24 +00:00