Richard Levitte
75e3026a14
Cleanse memory using the new OPENSSL_cleanse() function.
...
I've covered all the memset()s I felt safe modifying, but may have missed some.
2002-11-28 08:09:03 +00:00
Richard Levitte
b193f29a9b
free() -> OPENSSL_free()
2002-11-13 20:25:56 +00:00
Ben Laurie
9831d941ca
Many security improvements (CHATS) and a warning fix.
2002-11-12 13:23:40 +00:00
Dr. Stephen Henson
8d699c8c93
Check for NULL ASN1_ITEM when initializeing
...
boolean option in ASN1_TYPE.
2002-11-05 13:49:04 +00:00
Richard Levitte
f6733ae577
makedepend complains when a header file is included more than once in
...
the same source file.
2002-10-14 09:53:46 +00:00
Richard Levitte
ff90d659e6
Use double dashes so makedepend doesn't misunderstand the flags we
...
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:21:33 +00:00
Dr. Stephen Henson
a98beb3a2d
Apply -nameopt patches to 0.9.7
2002-08-30 18:26:26 +00:00
Dr. Stephen Henson
f627c159b1
Fix ASN1_STRING_to_UTF8: remove non sensical !*out test.
2002-08-30 17:17:45 +00:00
Dr. Stephen Henson
a69d50b02d
Reinstate the check for invalid length BIT STRINGS,
...
which was effectively bypassed in the ASN1 changed.
2002-08-23 00:00:54 +00:00
Dr. Stephen Henson
f1e1d6d6af
Fix typo
2002-08-02 19:03:41 +00:00
Dr. Stephen Henson
b012127a99
Fix the ASN1 sanity check: correct header length
...
calculation and check overflow against LONG_MAX.
2002-08-02 18:42:40 +00:00
Lutz Jänicke
bca9dc2a51
OpenSSL Security Advisory [30 July 2002]
...
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Submitted by:
Reviewed by:
PR:
2002-07-30 11:21:19 +00:00
Lutz Jänicke
3720ea24f0
"make update"
...
Submitted by:
Reviewed by:
PR:
2002-07-30 07:18:03 +00:00
Richard Levitte
ca55c617e5
Pass CFLAG to dependency makers, so non-standard system include paths are
...
handled properly.
Part of PR 75
2002-06-27 16:44:52 +00:00
Bodo Möller
1c45b1fef3
Make sure buffers are large enough even for weird parameters
...
Submitted by: Nils Larsch
2002-06-26 14:29:10 +00:00
Lutz Jänicke
4673461789
Some more prototype fixes.
...
Use DECLARE macros in asn1* instead of direct declaration.
Submitted by: Goetz Babin-Ebell <babinebell@trustcenter.de>
Reviewed by:
PR: 89
2002-06-14 18:59:53 +00:00
Richard Levitte
573a568dd0
Add support for DJGPP.
...
PR: 75
2002-06-13 20:40:49 +00:00
Lutz Jänicke
7d210e5194
Add missing prototypes.
...
Submitted by: Goetz Babin-Ebell <babinebell@trustcenter.de>
Reviewed by:
PR: 89
2002-06-13 17:38:58 +00:00
Richard Levitte
2cddcd1dbb
It's not good to have a pointer point at something in an inner block.
...
PR: 66
2002-06-05 13:47:15 +00:00
Ben Laurie
74c467f9f2
Fix warnings.
2002-05-31 14:28:30 +00:00
Richard Levitte
c4ac954c59
Check the return values where memory allocation failures may happen.
...
PR: 49
2002-05-30 16:50:38 +00:00
Dr. Stephen Henson
3a4b0bed49
Make i2c_ASN1_BIT_STRING return the correct length.
2002-05-29 23:11:55 +00:00
Richard Levitte
18cc99ac17
Remove warnings about uninitialised variables.
...
This has already been applied in the main branch.
2002-05-22 07:55:03 +00:00
Dr. Stephen Henson
ace2ca484b
Add missing EVP_CIPHER_CTX_init call.
2002-05-18 23:42:20 +00:00
Bodo Möller
dfc5336975
Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
...
encoded as NULL) with id-dsa-with-sha1.
Submitted by: Nils Larsch
2002-04-26 08:29:18 +00:00
Dr. Stephen Henson
e50baf58ab
Fix various warnings when compiling with KRB5 code.
2002-03-12 03:00:59 +00:00
Dr. Stephen Henson
d7fb66aa82
Remove old comment
2002-02-23 13:43:07 +00:00
Dr. Stephen Henson
834d37ed86
Don't call finish function if it isn't set.
...
Fix OID module.
2002-02-15 00:33:35 +00:00
Richard Levitte
b9a3ef4c6e
ASN1_BIT_STRING_set_bit() didn't clear previously set bits
2002-02-03 21:31:41 +00:00
Lutz Jänicke
866eedb936
Shut up compiler warnings for inconsistent declarations.
2002-01-29 17:14:50 +00:00
Ben Laurie
9dd5ae6553
Constification, add config to /dev/crypto.
2002-01-18 16:51:05 +00:00
Dr. Stephen Henson
bc37d996fc
Experimental configuration code.
...
Incomplete, largely untested and subject to change/deletion.
2002-01-05 01:37:16 +00:00
Bodo Möller
4d7072f4b5
remove redundant ERR_load_... declarations
2001-12-17 19:22:23 +00:00
Dr. Stephen Henson
322de0c8c1
NO_DSA, NO_RSA patches.
2001-12-01 22:41:39 +00:00
Richard Levitte
b476df64a1
make update
...
perl util/mkerr.pl -recurse -write -rebuild
2001-11-15 12:25:14 +00:00
Bodo Möller
b955dbd325
cast to 'unsigned long' before using ~ if we need an unsigned long result
...
Submitted by: "Stefan Marxen" <stefan.marxen@gmx.net>
2001-11-09 12:58:05 +00:00
Dr. Stephen Henson
581f1c8494
Modify EVP cipher behaviour in a similar way
...
to digests to retain compatibility.
2001-10-17 00:37:12 +00:00
Dr. Stephen Henson
20d2186c87
Retain compatibility of EVP_DigestInit() and EVP_DigestFinal()
...
with existing code.
Modify library to use digest *_ex() functions.
2001-10-16 01:24:29 +00:00
Richard Levitte
f8000b9345
'make update'
2001-10-04 07:49:09 +00:00
Richard Levitte
2aa9043ad3
Because there's chances we clash with the system's types.h, rename our
...
types.h to ossl_typ.h.
2001-10-04 07:32:46 +00:00
Dr. Stephen Henson
d46c1a8126
Support fractional seconds in GeneralizedTime
2001-09-28 00:44:44 +00:00
Geoff Thorpe
79aa04ef27
Make the necessary changes to work with the recent "ex_data" overhaul.
...
See the commit log message for that for more information.
NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
2001-09-01 20:02:13 +00:00
Geoff Thorpe
ceff5fec5a
gcc can't spot that 'derlst' is not used uninitialised, so appease it.
2001-08-26 21:04:21 +00:00
Geoff Thorpe
b7727ee616
The indexes returned by ***_get_ex_new_index() functions are used when
...
setting stack (actually, array) values in ex_data. So only increment the
global counters if the underlying CRYPTO_get_ex_new_index() call succeeds.
This change doesn't make "ex_data" right (see the comment at the head of
ex_data.c to know why), but at least makes the source code marginally less
frustrating.
2001-08-12 16:52:00 +00:00
Ben Laurie
d66ace9da5
Start to reduce some of the header bloat.
2001-08-05 18:02:16 +00:00
Ben Laurie
bb2297a41d
Header bloat reduction for EVP_PKEY.
2001-08-03 18:48:35 +00:00
Richard Levitte
710e5d5639
make update
2001-07-31 17:07:24 +00:00
Richard Levitte
dbfc0f8c2b
Vade retro C++ comments!
...
(Latin for "comments", anyone?)
2001-07-31 09:15:52 +00:00
Ben Laurie
dbad169019
Really add the EVP and all of the DES changes.
2001-07-30 23:57:25 +00:00
Dr. Stephen Henson
1241126adf
More linker bloat reorganisation:
...
Split private key PEM and normal PEM handling. Private key
handling needs to link in stuff like PKCS#8.
Relocate the ASN1 *_dup() functions, to the relevant ASN1
modules using new macro IMPLEMENT_ASN1_DUP_FUNCTION. Previously
these were all in crypto/x509/x_all.c along with every ASN1
BIO/fp function which linked in *every* ASN1 function if
a single dup was used.
Move the authority key id ASN1 structure to a separate file.
This is used in the X509 routines and its previous location
linked in all the v3 extension code.
Also move ASN1_tag2bit to avoid linking in a_bytes.c which
is now largely obsolete.
So far under Linux stripped binary with single PEM_read_X509
is now 238K compared to 380K before these changes.
2001-07-27 02:22:42 +00:00