Andy Polyakov
33c3ecf741
Build-n-link new IA-64 modules on Linux and HP-UX.
2004-07-23 23:27:10 +00:00
Andy Polyakov
5bd4c26057
Various IA-64 assembler fix-ups.
2004-07-23 22:54:18 +00:00
Andy Polyakov
afe67fb28e
Adapt rc4-amd64.pl for Win64/AMD64 assembler.
2004-07-23 17:51:17 +00:00
Richard Levitte
f744f92adb
From LPlib:
...
Apparently, the length *including* the NUL byte should be used.
Contributed by Andy Polyakov <appro@fy.chalmers.se>
2004-07-22 18:34:06 +00:00
Richard Levitte
75f134c077
From LPlib:
...
Make a nicer comment, as we don't really know for sure that it's
really needed, and just want to play on the safe side.
Suggest by Andy Polyakov <appro@fy.chalmers.se>
2004-07-22 13:00:14 +00:00
Andy Polyakov
f1bdf1d518
#include <limits.h> is required at least on HP-UX and IRIX. And what's
...
with HP-UX offering 14 for NAME_MAX?
2004-07-22 10:53:26 +00:00
Andy Polyakov
d58caee734
EVP_Digest is size_t-fied, clean up test programs accordingly.
2004-07-22 10:25:52 +00:00
Andy Polyakov
e39c2548f5
Run SHA-256/-512 tests through EVP...
2004-07-22 10:21:13 +00:00
Andy Polyakov
8169dd73f9
All SIXTY_FOUR_BIT platforms (mind the difference between SIXTY_FOUR_BIT and
...
SIXTY_FOUR_BIT_LONG) were failing to pass 'cd test; make test_bn'.
2004-07-22 09:32:11 +00:00
Richard Levitte
765e231a7c
From LPlib:
...
Some code beautification.
Change the macro CP_THREAD_ACP to CP_ACP, because the latter is more
widely defined.
Add a conditional macro definition in case FindFirstFile and
FindNextFile aren't properly defined (might happen on WinCE).
Suggested by Andy Polyakov <appro@fy.chalmers.se>
2004-07-21 21:16:21 +00:00
Dr. Stephen Henson
43894f9c0d
When in FIPS mode write private keys in PKCS#8 and PBES2 format to
...
avoid use of prohibited MD5 algorithm.
2004-07-21 17:41:26 +00:00
Andy Polyakov
c6e27dcf31
Make rand_win.c UNICODE savvy. "Backport" from HEAD.
2004-07-21 17:18:53 +00:00
Andy Polyakov
89c53672c2
Make rand_win.c UNICODE savvy.
2004-07-21 17:17:30 +00:00
Richard Levitte
64ba6cf222
From LPlib:
...
Windows changes that detects if multibyte characters are available and
deals with them properly.
Contributed by Andy Polyakov <appro@fy.chalmers.se>
2004-07-20 21:24:43 +00:00
Richard Levitte
210a4f78ae
Imported from LPlib, making sure the entry name (at least on Unix) is
...
NUL-teminated at all times, and that we don't make unneeded calls to
free().
2004-07-19 16:36:28 +00:00
Richard Levitte
334ef04949
Since version 7.0, The C RTL in VMS handles time in terms of UTC
...
instead of local time.
2004-07-19 07:50:43 +00:00
Richard Levitte
a47e836efe
Since version 7.0, The C RTL in VMS handles time in terms of UTC
...
instead of local time.
2004-07-19 07:49:47 +00:00
Andy Polyakov
859ceeeb51
Anchor AES and SHA-256/-512 assembler from C.
2004-07-18 17:26:01 +00:00
Andy Polyakov
d0590fe6b2
Add anchors for AES, SHA-256/-512 assembler modules and SSE2 code pathes.
...
I also used this opportunity to clean up some out-of-date targets and
re-group targets by OS.
2004-07-18 16:19:34 +00:00
Andy Polyakov
370358dfb4
Sync with HEAD. Up to >20% overall performance improvement.
2004-07-17 13:27:38 +00:00
Andy Polyakov
2232b10f5a
Add licensing terms.
2004-07-17 13:24:58 +00:00
Andy Polyakov
e34794dd1b
IA-64 is intolerant to misaligned access. It was a problem on Win64 as
...
we were mislead by _MSC_VER macro, which is defined by *all* Windows
Microsoft compilers.
2004-07-17 12:55:55 +00:00
Andy Polyakov
a77b16abd4
IA-64 is intolerant to misaligned access. It was a problem on Win64 as
...
we were mislead by _MSC_VER macro, which is defined by *all* Windows
Microsoft compilers.
2004-07-17 12:54:54 +00:00
Geoff Thorpe
0210065bbd
Quick fix.
...
Submitted by: Nils Larsch
2004-07-16 03:24:51 +00:00
Geoff Thorpe
7f5b4dd1e8
Using Horner's algorithm to evaluate the ec polynomial
...
(suggested by Adam Young <ayoung@cigital.com>)
Submitted by: Nils Larsch
2004-07-16 03:24:19 +00:00
Richard Levitte
901959c945
I think it could be a good thing to know what went wrong with the tests...
2004-07-12 12:25:56 +00:00
Richard Levitte
5906e8d5fe
I think it could be a good thing to know what went wrong with the tests...
2004-07-12 12:25:54 +00:00
Richard Levitte
2b002273f3
'SSL_add_dir_cert_subjects_to_stack' is longer than 31 characters.
...
Lucky me, I had prepared for this :-).
2004-07-11 20:22:37 +00:00
Richard Levitte
15d155e45a
o_dir needs to be compiler with the warnings about dollar signs in
...
identities disabled.
2004-07-11 20:21:56 +00:00
Richard Levitte
b0841348b6
In some cases, EVMSERR isn't visible (that's fairly new...).
...
Don't have a constant that you're going to assign to, that's just
plain stupid (I was the stupidhead here...).
2004-07-11 20:21:19 +00:00
Andy Polyakov
090e81d4aa
Integration of RC4 AMD64 module.
2004-07-11 16:49:09 +00:00
Andy Polyakov
e4528e48e3
RC4 tune-up for AMD64. Performance improvement of 2.22x is measured for
...
linux-x86_64 target.
2004-07-11 16:44:07 +00:00
Richard Levitte
a2400fcab8
Copy a few files from LPlib (a new project of mine), add a wrapper.
...
Now we have directory reading capabilities for VMS as well, and all
of it in a fairly general manner.
2004-07-10 13:16:02 +00:00
Richard Levitte
5358bc44f4
o_str.c: Windows doesn't have <strings.h>, and since we use _strnicmp() and
...
_stricmp() on that platform, use the appropriate header file for it,
<string.h>.
o_str.h: we only want to get size_t, which is defined in <stddef.h>.
Philippe Bougeret <philippe.bougeret@freesbee.fr> notified us about Windows
not having a <strings.h>
2004-07-08 08:32:51 +00:00
Richard Levitte
dc56eb5079
o_str.c: Windows doesn't have <strings.h>, and since we use _strnicmp() and
...
_stricmp() on that platform, use the appropriate header file for it,
<string.h>.
o_str.h: we only want to get size_t, which is defined in <stddef.h>.
Philippe Bougeret <philippe.bougeret@freesbee.fr> notified us about Windows
not having a <strings.h>
2004-07-08 08:32:48 +00:00
Dr. Stephen Henson
a7f14cb4c6
Delta CRL support in extension code.
2004-07-06 17:26:33 +00:00
Dr. Stephen Henson
531b538df5
Ooops, missed part of PKCS#8 patch.
2004-07-06 17:25:11 +00:00
Dr. Stephen Henson
637ff35ef6
Delta CRL support in extension code.
2004-07-06 17:16:40 +00:00
Geoff Thorpe
ace3ebd661
Improve error handling if decompression of an ec point fails, and cleanup
...
ec_curve.c (unify comments, etc).
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller, Geoff Thorpe
2004-07-06 15:50:04 +00:00
Dr. Stephen Henson
eea674567c
Delete non-POSIX header file.
2004-07-04 16:48:27 +00:00
Dr. Stephen Henson
c39c32dd65
PKCS#8 fixes from stable branch.
2004-07-04 16:44:52 +00:00
Dr. Stephen Henson
49ede900fa
Fix memory leak.
2004-07-04 16:36:58 +00:00
Andy Polyakov
80bbc9ceaf
Minor (+12% on P4) performance tweak for sha512_block_sse2.
2004-07-01 11:29:00 +00:00
Andy Polyakov
51ce5230cd
AES assembler implementation for IA-64. Note that there is no anchor from
...
C code yet...
2004-07-01 11:15:23 +00:00
Andy Polyakov
b6d8ba11e9
New SHA algorithms assembler implementation for IA-64. Note that despite
...
module name both SHA-256 and SHA-512 are supported.
2004-07-01 11:13:44 +00:00
Andy Polyakov
e2f2a9af2c
New scalable bn_mul_add_words loop, which provides up to >20% overall
...
performance improvement. Make module more gcc friendly and clarify
copyright issues for division routine.
2004-07-01 11:10:38 +00:00
Richard Levitte
28a8003467
Changes for VOS, submitted by Paul Green <Paul.Green@stratus.com>.
...
PR: 499
2004-06-28 22:01:37 +00:00
Richard Levitte
83f22920c2
Changes for VOS, submitted by Paul Green <Paul.Green@stratus.com>.
...
PR: 499
2004-06-28 22:01:07 +00:00
Richard Levitte
47c1735acd
NetWare fixes provided by Verdon Walker for OpenSSL 0.9.8-dev.
...
The changes have been mailed to <crypt@bis.doc.gov> as well.
PR: 903
2004-06-28 11:55:28 +00:00
Dr. Stephen Henson
fee38dcb9a
Return an error if an attempt is made to encode or decode
...
cipher ASN1 parameters and the cipher doesn't support it.
2004-06-24 12:31:48 +00:00
Geoff Thorpe
d459e39012
Tidy up, including;
...
- Remove unused and unuseful debug cruft.
- Remove unnecessary 'top' fudging from BN_copy().
- Fix a potential memory leak and simplify the expansion logic in
BN_bin2bn().
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-06-20 04:16:12 +00:00
Ben Laurie
b5e4469150
The version that was actually submitted for FIPS testing.
2004-06-19 13:15:35 +00:00
Geoff Thorpe
340f5856ec
Incomplete initial sweep over the engine code. Mainly reducing some
...
comment-noise to managable levels and inverting the sense of the "uptodate"
boolean (which was counter-intuitive the way I'd left it).
2004-06-19 03:58:42 +00:00
Geoff Thorpe
df11e1e921
Deprecate unused cruft, and "make update".
2004-06-17 23:50:25 +00:00
Geoff Thorpe
1275c4569e
Minor change to group like functions together.
2004-06-17 23:35:45 +00:00
Geoff Thorpe
afbe74d386
Actually, that last change to BN_get_word() was a little too simple.
2004-06-17 22:05:40 +00:00
Geoff Thorpe
f18ea6cae9
Get rid of signed/unsigned warnings, and teach CVS about new things to
...
ignore.
2004-06-17 20:28:28 +00:00
Geoff Thorpe
9088d5f24f
As Nils put it;
...
Yet another question: some time ago you changed BN_set_word.
Why didn't you change BN_get_word as well?
Quite. I'm also removing the older commented-out implementations to improve
readability. This complex stuff seems to date from a time when the types
didn't match up well.
Submitted by: Nils Larsch, Geoff Thorpe
2004-06-17 20:13:50 +00:00
Geoff Thorpe
cf9056cfda
BN_div_word() was breaking when called from BN_bn2dec() (actually, this is
...
the only function that uses it) because it would trip up an assertion in
bn_div_words() when first invoked. This also adds BN_div_word() testing to
bntest.
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-06-17 20:03:56 +00:00
Richard Levitte
f7fc4ca1dd
Making some values explicitely unsigned was derived from ongoing work
...
that isn't yet committed. It wasn't meant to be committed already, so
I'm removing it for now.
2004-06-15 12:52:26 +00:00
Richard Levitte
3e00d6c4bb
Typo, setting the first element of nids[] to NULL instead of setting
...
*cnids.
2004-06-15 11:46:06 +00:00
Richard Levitte
132fc53223
Typo, setting the first element of nids[] to NULL instead of setting
...
*cnids.
2004-06-15 11:45:42 +00:00
Geoff Thorpe
b3b6720944
Correct the return codes for ecdsatest.
...
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-06-14 23:37:32 +00:00
Andy Polyakov
385c8e89f4
SHA fails to compile on x86_64 if compiled with custom flags, without
...
recommended -DMD32_REG_T=int in particular.
PR: 893
Submitted by: Michal Ludvig <michal-list@logix.cz>
2004-06-11 17:50:57 +00:00
Geoff Thorpe
9081980565
This fixes the installation target for dynamic engines, which was trying to
...
install to a different location than it had created. (BTW, VMS will need a
matching fix in eng_list.c.) Note, these aren't ssl-specific, so I'm
putting "engines/" into the libs directory rather than at the "--prefix"
level or inside "ssl/".
2004-06-01 03:18:58 +00:00
Andy Polyakov
057cfaf2f8
Extend HMAC_MAX_MD_CBLOCK to accomodate SHA-512.
2004-05-31 13:28:23 +00:00
Richard Levitte
914d36ba19
make update
2004-05-31 13:16:08 +00:00
Andy Polyakov
31c2ac1cdc
EVP bindings to new SHA algorithms.
2004-05-31 13:14:08 +00:00
Andy Polyakov
6bca8e3886
objects.txt update for SHA-224/-256/-384/-512. SHA-224 ids still appear
...
"draft," but we have to start somewhere...
Submitted by: Nils Larsch <nlarsch@compuserve.de>
2004-05-31 13:07:19 +00:00
Andy Polyakov
31e9b9b2e9
Typo in commentary section.
2004-05-31 12:30:41 +00:00
Andy Polyakov
7997b13aa3
Final SHA-256/-512 touches. Extra md_len field in SHA[256|512]_CTX
...
reserves for truncated hash function output mode and makes SHA224
thread-safe. Next stop is integration with EVP and we're done...
2004-05-31 12:26:18 +00:00
Andy Polyakov
a2eb9688a4
Kill unused macro and reimplement it for that single context it can
...
actually be used, namely x86* platforms [because they don't bomb on
unaligned access]. This resulted in 30-40% [depending on message
length] improvement for SHA-256 compiled with gcc and running on P4.
In the lack of assembler implementation I give the compiler all the
help it can possibly get:-)
2004-05-31 12:06:27 +00:00
Richard Levitte
af2bf07404
SHA224_Update() and SHA224_Final() aren't implemented, and since
...
SHA224() uses SHA256_Update() and SHA256_Final() instead, let's just
create aliases in form of macros.
make update
2004-05-30 16:58:33 +00:00
Andy Polyakov
8d9fb0f04a
gcc -Wcast-qual clean-up.
2004-05-29 19:11:29 +00:00
Andy Polyakov
674ee8b72d
Make sure we return 0 if test passed.
2004-05-28 21:42:40 +00:00
Andy Polyakov
1809e858bb
Eliminate compiler warnings and throw in performance table.
2004-05-28 10:15:58 +00:00
Andy Polyakov
da8348e938
SHA-224 test vectors added.
2004-05-27 19:46:07 +00:00
Richard Levitte
ef16f45081
Since num is now a size_t, it's not necssary to check for less than 0,
...
AND it avoids warnings on certain systems.
2004-05-27 09:20:42 +00:00
Richard Levitte
4d692e1ba0
Synchronise VMS with the Unixly Malefiles.
2004-05-26 17:05:51 +00:00
Richard Levitte
f2bfbcef76
make update
2004-05-25 09:41:00 +00:00
Andy Polyakov
63077bd40c
SHA-256/-512 update. A bug fix, SHA-512 tune-up for AMD64, hook for SSE2
...
code, Makefile update.
2004-05-20 21:24:41 +00:00
Andy Polyakov
df364f1b00
Stress collector/padding function.
2004-05-20 21:20:19 +00:00
Andy Polyakov
bc767216d9
Final API adaptation. Final, "all openssl" performance numbers [not mixture
...
of different implementations]. Real-life performance improvement is rated
at 2-3x, not 6x as preliminary announced.
2004-05-20 21:18:09 +00:00
Dr. Stephen Henson
eda52e175a
Delete obsolete and unimplemented function.
2004-05-19 17:05:02 +00:00
Richard Levitte
c4fc8b5bf4
X509_policy_lib_init is declared but not defined, so it raises havoc
...
when trying to build a shared library on VMS or Windows...
2004-05-19 14:19:51 +00:00
Richard Levitte
5affe206e1
Define FIPS_*_SIZE_T for AES, DSA and RSA as well, in preparation for
...
size_t-ification of those algorithms in future version of OpenSSL...
2004-05-19 14:16:33 +00:00
Geoff Thorpe
9c52d2cc75
After the latest round of header-hacking, regenerate the dependencies in
...
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
2004-05-17 19:26:06 +00:00
Geoff Thorpe
0f814687b9
Deprecate the recursive includes of bn.h from various API headers (asn1.h,
...
dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are
already declared in ossl_typ.h. Add explicit includes for bn.h in those C
files that need access to structure internals or API functions+macros.
2004-05-17 19:14:22 +00:00
Geoff Thorpe
298a2f9e58
Because of recent reductions in header interdependencies, these files need
...
to include crypto.h directly.
2004-05-17 19:01:15 +00:00
Geoff Thorpe
ac0d0a5ecd
I can't verify this directly, but recent changes will probably require that
...
the cryptodev implementation include bn.h directly (when building with
OPENSSL_NO_DEPRECATED that is).
2004-05-17 18:58:47 +00:00
Geoff Thorpe
508999fa7d
Deprecate some recursive includes from the store.h API header, and put back
...
required includes back via the internal header and str_lib.c.
2004-05-17 18:49:06 +00:00
Geoff Thorpe
210a21bc8d
Reduce dependencies on crypto.h by moving the opaque definition of
...
CRYPTO_EX_DATA and the new/free/dup callback prototypes to ossl_typ.h.
2004-05-17 18:39:00 +00:00
Geoff Thorpe
678c1e025b
Moving opaque definitions to ossl_typ.h lets us reduce header dependencies.
...
Deprecate inclusion of crypto.h from ui.h.
2004-05-17 18:01:28 +00:00
Andy Polyakov
1ab61a9179
Make reservations for FIPS code in HEAD branch, so that the moment FIPS
...
comes in we have required macros in place.
2004-05-17 15:49:13 +00:00
Andy Polyakov
1f4eccaaa5
Make reservations in FIPS code for upcoming size_t-fication of OpenSSL API.
...
And couple of bug-fixes in fips/rand code [return without lock release and
incorrect return value in fips_rand_bytes].
2004-05-17 15:37:26 +00:00
Geoff Thorpe
d6dda126b7
Make some more API types opaquely available from ossl_typ.h, meaning the
...
corresponding headers are only required for API functions or structure
details. This now includes the bignum types and BUF_MEM. Subsequent commits
will remove various dependencies on bn.h and buffer.h and update the
makefile dependencies.
2004-05-15 18:32:08 +00:00
Geoff Thorpe
7771b6c5b5
This file implements various functions that have since been redefined as
...
macros. I'm removing this from the NO_DEPRECATED build.
2004-05-15 18:26:15 +00:00
Ben Laurie
9ac9a29407
Fix self-tests, ban some things in FIPS mode, fix copyrights.
2004-05-15 17:51:26 +00:00
Andy Polyakov
9e0aad9fd6
size_t-fication of message digest APIs. We should size_t-fy more APIs...
2004-05-15 11:29:55 +00:00
Richard Levitte
1c7a0e2856
Reimplement old functions, so older software that link to libcrypto
...
don't crash and burn.
2004-05-14 17:56:30 +00:00
Richard Levitte
bac2e26a9e
Reimplement old functions, so older software that link to libcrypto
...
don't crash and burn.
2004-05-14 17:55:59 +00:00
Richard Levitte
dbf2ac31c9
Synchronise o_str.c between 0.9.8-dev and 0.9.7-stable.
2004-05-13 22:40:08 +00:00
Richard Levitte
abd23881c1
Synchronise o_str.c between 0.9.8-dev and 0.9.7-stable.
2004-05-13 22:39:56 +00:00
Andy Polyakov
c842261b1b
SHA-224/-256/-384/-512 implementation. This is just sheer code commit.
...
Makefile modifications, make test, etc. will appear later...
2004-05-13 13:48:33 +00:00
Ben Laurie
72d75ee206
Blow up in people's faces if they don't reseed.
2004-05-12 14:11:10 +00:00
Richard Levitte
49bc4c1023
make update
2004-05-12 10:17:15 +00:00
Richard Levitte
0e92f7738a
Forgot to update the Makefile with the o_str stuff...
2004-05-12 10:17:02 +00:00
Richard Levitte
d529f2a8f7
The functions OPENSSL_strcasen?cmp() were forgotten when merging the
...
FIPS branch into this. It's needed at least for certain OpenVMS
versions, and should really be used in a more general way.
2004-05-12 10:09:00 +00:00
Richard Levitte
90cce79346
Makefile.ssl changed name to Makefile.
2004-05-12 08:28:00 +00:00
Ben Laurie
3642f632d3
Pull FIPS back into stable.
2004-05-11 12:46:24 +00:00
Andy Polyakov
1e6bccc240
SSE2 SHA512_Transform implementation. No, it's not used anywhere yet and
...
is subject to change as C implementation is added...
2004-05-06 10:41:07 +00:00
Andy Polyakov
d3adc3d3ed
SSE2 accelerated bn_mul_add_words. Code is currently disabled till proper
...
config and run-time support is added.
PR: 788
Submitted by: <dean@arctic.org>
Reviewed by: <appro>
Obtained from: http://arctic.org/~dean/crypto/rsa.html
2004-05-06 10:36:49 +00:00
Andy Polyakov
10e7d6d526
Support for IA-32 SSE2 instruction set.
2004-05-06 10:31:09 +00:00
Richard Levitte
430d7afd80
When the pointer 'from' changes, it's stored length needs to change as
...
well.
Notified by Frank Kardel <kardel@acm.org> in PR 879.
2004-05-06 09:33:22 +00:00
Richard Levitte
3b8ba6b610
When the pointer 'from' changes, it's stored length needs to change as
...
well.
Notified by Frank Kardel <kardel@acm.org> in PR 879.
2004-05-06 09:31:31 +00:00
Geoff Thorpe
ca982e4870
Fix realloc usage in ec_curve.c
...
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-05-04 20:08:55 +00:00
Geoff Thorpe
08e1cbc62c
The new BN_CTX code makes this sort of abuse unnecessary.
2004-04-28 18:34:39 +00:00
Andy Polyakov
dd55880644
Improved PowerPC support. Proper ./config support for ppc targets,
...
especially for AIX. But most important BIGNUM assembler implementation
submitted by IBM.
Submitted by: Peter Waltenberg <pwalten@au1.ibm.com>
Reviewed by: appro
2004-04-27 22:05:50 +00:00
Dr. Stephen Henson
bd1640bb01
Make ASN1 code work again...
2004-04-27 18:33:40 +00:00
Geoff Thorpe
081991ac01
With the new dynamic BN_CTX implementation, there should be no need for
...
additional contexts.
2004-04-27 13:24:51 +00:00
Geoff Thorpe
8a85c341fe
The problem of rsa key-generation getting stuck in a loop for (pointlessly)
...
small key sizes seems to result from the code continually regenerating the
same prime value once the range is small enough. From my tests, this change
fixes the problem by setting an escape velocity of 3 repeats for the second
of the two primes.
PR: 874
2004-04-26 15:38:44 +00:00
Geoff Thorpe
bcfea9fb25
Allow RSA key-generation to specify an arbitrary public exponent. Jelte
...
proposed the change and submitted the patch, I jiggled it slightly and
adjusted the other parts of openssl that were affected.
PR: 867
Submitted by: Jelte Jansen
Reviewed by: Geoff Thorpe
2004-04-26 15:31:35 +00:00
Dr. Stephen Henson
f3f52d7f45
More ASN1 reformat/tidy.
2004-04-25 12:46:39 +00:00
Dr. Stephen Henson
8845420f4e
Reformat/tidy some of the ASN1 code.
2004-04-24 17:02:48 +00:00
Dr. Stephen Henson
d735c64905
Fix leak.
...
PR:870
2004-04-22 12:37:16 +00:00
Dr. Stephen Henson
6e308baf5a
Fix memory leak.
...
PR:870
2004-04-22 12:33:03 +00:00
Geoff Thorpe
688791b22b
Extend the index parameter checking from sk_value to sk_set(). Also tidy up
...
some similar code elsewhere.
Thanks to Francesco Petruzzi for bringing this to my attention.
2004-04-21 15:09:25 +00:00
Geoff Thorpe
8c521c7a34
Extend the index parameter checking from sk_value to sk_set(). Also tidy up
...
some similar code elsewhere.
Thanks to Francesco Petruzzi for bringing this to my attention.
2004-04-21 15:08:56 +00:00
Richard Levitte
863d2b196f
Print the debug thingies on stderr instead of stdout. If for nothing
...
else then at least so bc doesn't have problems parsing the output from
bntest :-).
2004-04-20 10:57:07 +00:00
Geoff Thorpe
c57bc2dc51
make update
2004-04-19 18:33:41 +00:00
Geoff Thorpe
28ded31b97
More updates for the header cleanups (and apologies, again, for not having
...
consolidated these prior to committing).
2004-04-19 18:30:41 +00:00
Geoff Thorpe
60a938c6bc
(oops) Apologies all, that last header-cleanup commit was from the wrong
...
tree. This further reduces header interdependencies, and makes some
associated cleanups.
2004-04-19 18:09:28 +00:00
Geoff Thorpe
3a87a9b9db
Reduce header interdependencies, initially in engine.h (the rest of the
...
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
2004-04-19 17:46:04 +00:00
cvs2svn
462a286eeb
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_7-stable'.
2004-04-13 17:47:38 +00:00
Richard Levitte
a110d01771
Typo. "pa-rics2W" corrected to "pa-risc2W".
...
PR: 868
2004-04-02 12:39:54 +00:00
Geoff Thorpe
7ef7a1b3de
Avoid undefined results when the parameter is out of range.
2004-04-02 06:25:53 +00:00
Geoff Thorpe
2749276b95
Avoid undefined results when the parameter is out of range.
2004-04-02 06:25:11 +00:00
Dr. Stephen Henson
b6a5fdb8a7
Don't use C++ reserved word.
2004-04-01 22:23:46 +00:00
Dr. Stephen Henson
ecf139917d
New function X509_POLICY_NODE_print()
2004-03-31 12:17:24 +00:00
Richard Levitte
ab23d5ffda
Add symbol hacks for some long names.
...
make update
2004-03-29 08:13:49 +00:00
Andy Polyakov
1a979201d5
This is essentially Intel 32-bit compiler tune-up. To start with all
...
available compiler versions generated bogus machine code trying to
compile new crypto/des/cfb_enc.c. Secondly, 8th version defines
__GNUC__ macro, but fails to compile *some* inline assembler correctly.
Note that all versions of icc implement MSC-like _lrot[rl] intrinsic,
which is used now instead of offensive asm. Finally, unnecessary linker
dependencies are eliminated. Most notably dependency from libirc.a
caused trouble at application start-up, if libcrypto.so is linked with
-Bsymbolic (which it is).
2004-03-28 21:27:47 +00:00
Dr. Stephen Henson
216659eb87
Enhance EVP code to generate random symmetric keys of the
...
appropriate form, for example correct DES parity.
Update S/MIME code and EVP_SealInit to use new functions.
PR: 700
2004-03-28 17:38:00 +00:00
Dr. Stephen Henson
5d6383c83f
Make {i2v,v2i}_ASN1_BIT_STRING global.
...
make update
2004-03-28 12:40:11 +00:00
Dr. Stephen Henson
f36f469430
Obsolete files.
2004-03-28 12:29:53 +00:00
Dr. Stephen Henson
e07d3a021d
Remove obsolete files.
2004-03-28 12:29:05 +00:00
Dr. Stephen Henson
e1a27eb34a
Allow CRLs to be passed into X509_STORE_CTX. This is useful when the
...
verified structure can contain its own CRLs (such as PKCS#7 signedData).
Tidy up some of the verify code.
2004-03-27 22:49:28 +00:00
Dr. Stephen Henson
6446e0c3c8
Extend OID config module format.
2004-03-27 13:30:14 +00:00
Dr. Stephen Henson
beedea2fef
Free up BIO properly when using streaming S/MIME sign.
2004-03-26 00:24:38 +00:00
Richard Levitte
0020502a07
SSL_COMP_get_compression_method is a typo (a missing 's' at the end of
...
the symbol name).
2004-03-25 21:32:30 +00:00
Richard Levitte
b7e3c73d7c
Wrap code starting with a definition.
...
PR: 854
2004-03-25 20:01:08 +00:00
Richard Levitte
fd9fa844e2
Wrap code starting with a definition.
...
PR: 854
2004-03-25 20:01:01 +00:00
Richard Levitte
482c2acf02
Make prototypes for some callback pointers.
2004-03-25 16:21:42 +00:00
Richard Levitte
a481b4b52c
A couple more cases where RAND_add() gets an integer instead of a
...
doule as last argument.
2004-03-25 16:04:02 +00:00
Richard Levitte
a87228031f
RAND_add() wants a double as it's last argument.
2004-03-25 15:52:43 +00:00
Dr. Stephen Henson
b79c82eaab
Fix loads of warnings in policy code.
...
I'll remember to try to compile this with warnings enabled next time :-)
2004-03-25 13:45:58 +00:00
Dr. Stephen Henson
69d1d5e6ce
Fix ASN1 warnings.
2004-03-25 13:37:02 +00:00
Geoff Thorpe
c86f2054f3
Adjust various bignum functions to use BN_CTX for variables instead of
...
locally initialising their own.
NB: I've removed the "BN_clear_free()" loops for the exit-paths in some of
these functions, and that may be a major part of the performance
improvements we're seeing. The "free" part can be removed because we're
using BN_CTX. The "clear" part OTOH can be removed because BN_CTX
destruction automatically performs this task, so performing it inside
functions that may be called repeatedly is wasteful. This is currently safe
within openssl due to the fact that BN_CTX objects are never created for
longer than a single high-level operation. However, that is only because
there's currently no mechanism in openssl for thread-local storage. Beyond
that, this might be an issue for applications using the bignum API directly
and caching their own BN_CTX objects. The solution is to introduce a flag
to BN_CTX_start() that allows its variables to be automatically sanitised
on release during BN_CTX_end(). This way any higher-level function (and
perhaps the application) can specify this flag in its own
BN_CTX_start()/BN_CTX_end() pair, and this will cause inner-loop functions
specifying the flag to be ignored so that sanitisation is handled only once
back out at the higher level. I will be implementing this in the near
future.
2004-03-25 04:32:24 +00:00
Geoff Thorpe
5c98b2caf5
Replace the BN_CTX implementation with my current work. I'm leaving the
...
little TODO list in there as well as the debugging code (only enabled if
BN_CTX_DEBUG is defined).
I'd appreciate as much review and testing as can be spared for this. I'll
commit some changes to other parts of the bignum code shortly to make
better use of this implementation (no more fixed size limitations). Note
also that under identical optimisations, I'm seeing a noticable speed
increase over openssl-0.9.7 - so any feedback to confirm/deny this on other
systems would also be most welcome.
2004-03-25 04:16:14 +00:00
Geoff Thorpe
5148710994
Adds warnings about two curves and fixes the "seed" value for two other
...
curves.
Submitted by: Nils Larsch
2004-03-25 03:03:52 +00:00
Geoff Thorpe
ea77fc3380
... and this should likewise fix up those RSA implementations that weren't
...
already built and tested.
2004-03-25 02:55:17 +00:00
Geoff Thorpe
46ef873f0b
By adding a BN_CTX parameter to the 'rsa_mod_exp' callback, private key
...
operations no longer require two distinct BN_CTX structures. This may put
more "strain" on the current BN_CTX implementation (which has a fixed limit
to the number of variables it will hold), but so far this limit is not
triggered by any of the tests pass and I will be changing BN_CTX in the
near future to avoid this problem anyway.
This also changes the default RSA implementation code to use the BN_CTX in
favour of initialising some of its variables locally in each function.
2004-03-25 02:52:04 +00:00
Geoff Thorpe
2d2a5ba32a
Damn, I was a bit hasty with my fix and hadn't spotted the linker
...
dependency from asn1.
2004-03-25 02:41:35 +00:00
Geoff Thorpe
2bd4e3379f
Remove some warnings.
2004-03-25 02:24:38 +00:00
Geoff Thorpe
032c3ecb18
Protect against gcc's "warning: cast does not match function type".
2004-03-25 02:19:42 +00:00
Dr. Stephen Henson
a0cac0ff75
Make S/MIME encrypt work again.
2004-03-25 00:57:23 +00:00
Richard Levitte
817089b66d
Don't define fd for platforms that do not use it, as some may not declare fileno() properly
2004-03-24 10:55:50 +00:00
Richard Levitte
e703b46598
Don't define fd for platforms that do not use it, as some may not declare fileno() properly
2004-03-24 10:55:48 +00:00
Richard Levitte
0fa793bc7b
Correct constness problems.
2004-03-24 10:50:42 +00:00
Richard Levitte
5c42f62e48
Only build the PKCS#7 test applications if "pkcs7" is present in
...
SDIRS.
2004-03-24 10:48:50 +00:00
Richard Levitte
a08e05d1be
Add store.h among the exported headers on VMS.
2004-03-24 09:52:16 +00:00
Richard Levitte
a0b5ebeac6
Typo...
2004-03-24 09:40:59 +00:00
Richard Levitte
8ee18dd520
Make sure toupper() is properly declared.
2004-03-24 09:40:23 +00:00
Richard Levitte
e725a9660b
make update
2004-03-23 15:06:33 +00:00
Richard Levitte
d7eed1929b
Sync the VMS build with Unix.
2004-03-23 14:50:16 +00:00
Dr. Stephen Henson
4acc3e907d
Initial support for certificate policy checking and evaluation.
...
This is currently *very* experimental and needs to be more fully integrated
with the main verification code.
2004-03-23 14:14:35 +00:00
Richard Levitte
27bf518087
Remove a warning for conversion double->long. This has impacts on Windows.
...
PR: 849
2004-03-21 22:39:59 +00:00
Richard Levitte
ec5d8a54e9
Remove a warning for conversion double->long. This has impacts on Windows.
...
PR: 849
2004-03-21 22:39:52 +00:00
Richard Levitte
96a99d63c2
Make sure fd is defined where it should.
...
PR: 849
2004-03-21 22:36:30 +00:00
Richard Levitte
18a6333180
Make sure fd is defined where it should.
...
PR: 849
2004-03-21 22:36:27 +00:00
Geoff Thorpe
e042540f6b
Variety of belt-tightenings in the bignum code. (Please help test this!)
...
- Remove some unnecessary "+1"-like fudges. Sizes should be handled
exactly, as enlarging size parameters causes needless bloat and may just
make bugs less likely rather than fixing them: bn_expand() macro,
bn_expand_internal(), and BN_sqr().
- Deprecate bn_dup_expand() - it's new since 0.9.7, unused, and not that
useful.
- Remove unnecessary zeroing of unused bytes in bn_expand2().
- Rewrite BN_set_word() - it should be much simpler, the previous
complexities probably date from old mismatched type issues.
- Add missing bn_check_top() macros in bn_word.c
- Improve some degenerate case handling in BN_[add|sub]_word(), add
comments, and avoid a bignum expansion if an overflow isn't possible.
2004-03-17 17:36:54 +00:00
Mark J. Cox
494593845c
After tagging
2004-03-17 12:03:38 +00:00
Mark J. Cox
82d63d3028
Fix null-pointer assignment in do_change_cipher_spec() revealed
...
by using the Codenomicon TLS Test Tool (CAN-2004-0079)
Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
(CAN-2004-0112)
Ready for 0.9.7d build
Submitted by: Steven Henson
Reviewed by: Joe Orton
Approved by: Mark Cox
2004-03-17 12:01:19 +00:00
Richard Levitte
875a644a90
Constify d2i, s2i, c2i and r2i functions and other associated
...
functions and macros.
This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const. Those will be removed when this change has been
properly reviewed.
2004-03-15 23:15:26 +00:00
Richard Levitte
95475b1c7a
As in 0.9.8-dev, make sure we use unsigned constants, or some
...
compilers may complain.
2004-03-15 23:06:59 +00:00
Richard Levitte
ec37635c94
It was just pointed out to me that it's better to cast to double...
2004-03-15 23:02:55 +00:00
Richard Levitte
fd836aeee0
Make sure that the last argument to RAND_add() is a float, or some
...
compilers may complain.
2004-03-15 22:37:08 +00:00
Richard Levitte
560f7abb7e
Make sure we use unsigned constants, or come compilers may complain.
2004-03-15 22:33:19 +00:00
Geoff Thorpe
b6358c89a1
Convert openssl code not to assume the deprecated form of BN_zero().
...
Remove certain redundant BN_zero() initialisations, because BN_CTX_get(),
BN_init(), [etc] already initialise to zero.
Correct error checking in bn_sqr.c, and be less wishy-wash about how/why
the result's 'top' value is set (note also, 'max' is always > 0 at this
point).
2004-03-13 23:57:20 +00:00
Geoff Thorpe
5d735465d1
The efforts to eliminate the dual-representation of zero and to ensure
...
bignums are passed in and out of functions and APIs in a consistent form
has highlighted that zero-valued bignums don't need any allocated word
data. The use of BN_set_word() to initialise a bignum to zero causes
needless allocation and gives it a return value that must be checked. This
change converts BN_zero() to a self-contained macro that has no
return/expression value and does not cause any expansion of bignum data.
Note, it would be tempting to rewrite the deprecated version as a
success-valued comma expression, such as;
#define BN_zero(a) ((a)->top = (a)->neg = 0, 1)
However, this evaluates 'a' twice and would confuse initialisation loops
(eg. while(..) { BN_zero(bn++) } ). As such, the deprecated version
continues to use BN_set_word().
2004-03-13 23:04:15 +00:00
Geoff Thorpe
9e051bac13
Document a change I'd already made, and at the same time, correct the
...
change to work properly; BN_zero() should set 'neg' to zero as well as
'top' to match the behaviour of BN_new().
2004-03-13 22:10:15 +00:00
Geoff Thorpe
93825dddad
static
2004-03-10 01:20:26 +00:00
Geoff Thorpe
a8aa764d3c
Minimise the amount of code dependent on BN_DEBUG_RAND. In particular,
...
redefine bn_clear_top2max() to be a NOP in the non-debugging case, and
remove some unnecessary usages in bn_nist.c.
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe, Ulf Möller
2004-03-09 03:53:40 +00:00
Geoff Thorpe
e7716b7a19
More changes coming out of the bignum auditing. BN_CTX_get() should ideally
...
return a "zero" bignum as BN_new() does - so reset 'top'. During
BN_CTX_end(), released bignums should be consistent so enforce this in
debug builds. Also, reduce the number of wasted BN_clear_free() calls from
BN_CTX_end() (typically by 75% or so).
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe, Ulf Möller
2004-03-09 03:47:35 +00:00
Dr. Stephen Henson
a4e3150f00
Fix policy constraints syntax.
2004-03-08 18:15:32 +00:00
Dr. Stephen Henson
edec614efd
Support for inhibitAnyPolicy extension.
2004-03-08 13:56:31 +00:00
Dr. Stephen Henson
5fa5eb71a4
Cleanup ASN1 OID module when it exits.
2004-03-05 23:47:56 +00:00
Dr. Stephen Henson
931a031916
Cleanup ASN1 OID module when it exits.
2004-03-05 23:47:39 +00:00
Dr. Stephen Henson
216ad9ef58
Memory leak fix.
2004-03-05 23:39:42 +00:00
Dr. Stephen Henson
ef3565aed2
Memory leak fix.
2004-03-05 23:39:12 +00:00
Dr. Stephen Henson
bc50157010
Various X509 fixes. Disable broken certificate workarounds
...
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in
CRL issuer certificates. Reject CRLs with unhandled (any)
critical extensions.
2004-03-05 17:16:35 +00:00
Dr. Stephen Henson
01fc051e8a
Various X509 fixes. Disable broken certificate workarounds
...
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in
CRL issuer certificates. Reject CRLs with unhandled (any)
critical extensions.
2004-03-05 17:16:06 +00:00
Dr. Stephen Henson
91180d45f9
Typos.
...
Reported by: Jose Castejon-Amenedo <Jose.Castejon-Amenedo@hp.com>
2004-03-04 21:44:39 +00:00
Dr. Stephen Henson
0902c559fb
Typos.
...
Reported by: Jose Castejon-Amenedo <Jose.Castejon-Amenedo@hp.com>
2004-03-04 21:41:59 +00:00
Richard Levitte
4d6b383680
Avoid a memory leak in OCSP_parse_url().
...
Notified by Paul Siegel <psiegel@corestreet.com>
2004-03-01 14:58:25 +00:00
Richard Levitte
4cfa4ae820
Avoid a memory leak in OCSP_parse_url().
...
Notified by Paul Siegel <psiegel@corestreet.com>
2004-03-01 14:58:22 +00:00
Richard Levitte
ee121033dc
Make sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also.
...
PR: 833
2004-02-26 22:07:47 +00:00
Richard Levitte
f727266ae8
Make sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also.
...
PR: 833
2004-02-26 22:07:45 +00:00
Geoff Thorpe
c6700d2746
A cleanup of the ecs_ossl.c code and some (doxygen) comments for ecdsa.h
...
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-02-22 19:32:53 +00:00
Geoff Thorpe
1b06804491
When adding positive elements, we can use BN_uadd() instead of BN_add().
...
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-02-22 19:30:41 +00:00
Dr. Stephen Henson
33ad6eca7a
Use an OCTET STRING for the encoding of an OCSP nonce value.
...
The old raw format can't be handled by some implementations
and updates to RFC2560 will make the OCTET STRING mandatory.
2004-02-19 18:17:35 +00:00
Dr. Stephen Henson
dc90f64d56
Use an OCTET STRING for the encoding of an OCSP nonce value.
...
The old raw format can't be handled by some implementations
and updates to RFC2560 will make this mandatory.
2004-02-19 18:16:38 +00:00
Geoff Thorpe
6c43032121
minor signed/unsigned warning fixes
2004-02-10 18:46:10 +00:00
Andy Polyakov
1751034669
Typo in crypto/bn/asm/x86_64.c, bn_div_words().
...
PR: 821
2004-02-07 09:51:28 +00:00
Andy Polyakov
ad55502092
Typo in crypto/bn/asm/x86_64.c, bn_div_words().
...
PR: 821
2004-02-07 09:46:47 +00:00
Dr. Stephen Henson
d4575825f1
Add flag to avoid continuous
...
memory allocate when calling EVP_MD_CTX_copy_ex().
Without this HMAC is several times slower than
< 0.9.7.
2004-02-01 13:39:51 +00:00
Dr. Stephen Henson
31edde3edc
Add flag to avoid continuous
...
memory allocate when calling EVP_MD_CTX_copy_ex().
Without this HMAC is several times slower than
< 0.9.7.
2004-02-01 13:37:56 +00:00
Andy Polyakov
d04b1b4656
Typo in PA-RISC 2 rules in crypto/bn/Makefile.ssl
2004-01-30 05:41:23 +00:00
Andy Polyakov
1247092776
HP/UX PA-RISC 2 targets update.
2004-01-29 22:16:08 +00:00
Richard Levitte
381a693c39
make update
2004-01-29 10:23:54 +00:00
Richard Levitte
86cb571e28
Have the declarations match the definitions.
2004-01-29 09:41:01 +00:00
Richard Levitte
319a2c5f65
Typo
2004-01-29 02:55:47 +00:00
Richard Levitte
61a88c31c0
Typo
2004-01-29 02:55:43 +00:00
Richard Levitte
9d0e895120
Make n unsigned, to avoid signed vs. unsigned conflicts.
2004-01-29 00:05:54 +00:00
Richard Levitte
5922128732
0.9.7-stable is in freeze. That means we do bug fixes only, not new
...
functionality. Therefore, I'm backing out most of the "CFB DES
sync-up with FIPS branch" commit (I'm keeping the corrections of
DES_cfb_encrypt()).
2004-01-28 23:31:20 +00:00
Richard Levitte
e5886a2388
make update
2004-01-28 19:07:41 +00:00
Richard Levitte
8d1ebe0bd1
Add the missing parts for DES CFB1 and CFB8.
...
Add the corresponding AES parts while I'm at it.
make update
2004-01-28 19:05:35 +00:00
Richard Levitte
1fb724449d
make update
2004-01-28 18:38:33 +00:00
Richard Levitte
cb37947a71
Unsigned vs. signed problem removed
2004-01-28 08:48:15 +00:00
Richard Levitte
721a5e83f9
Unsigned vs. signed problem removed
2004-01-28 08:48:11 +00:00
Andy Polyakov
6df617a59d
#undef _POSIX_C_SOURCE in ui_openssl.c ruined IRIX builds. Comment on why
...
_POSIX_C_SOURCE needed in first place.
2004-01-27 22:06:48 +00:00
Andy Polyakov
8c6336b0aa
CFB DES sync-up with FIPS branch.
2004-01-27 21:47:35 +00:00
Andy Polyakov
4668056fc9
CFB DES sync-up with FIPS branch.
2004-01-27 21:46:19 +00:00
Richard Levitte
87203dc99a
Avoid signed vs. unsigned warnings (which are treated like errors on
...
Windows).
2004-01-27 01:16:38 +00:00
Richard Levitte
de23af982a
Avoid signed vs. unsigned warnings (which are treated like errors on
...
Windows).
2004-01-27 01:16:09 +00:00
Richard Levitte
3a5a176ea0
S_IFBLK and S_IFCHR may not exist in some places (like Windows), so
...
let's check for those macros, and if they aren't defined, let's assume
there aren't Unixly devices on this platform.
2004-01-26 23:46:03 +00:00
Richard Levitte
4de65cbc06
S_IFBLK and S_IFCHR may not exist in some places (like Windows), so
...
let's check for those macros, and if they aren't defined, let's assume
there aren't Unixly devices on this platform.
2004-01-26 23:45:32 +00:00
Andy Polyakov
27b2b78f90
Even though C specification explicitly says that constant type "stretches"
...
automatically to accomodate the value, some compilers fail to do so. Most
notably 0x0123456789ABCDEF should come out as long long in 32-bit context,
but HP compiler truncates it to 32-bit value. Which in turn breaks GF(2^m)
arithmetics in hpux-parisc2-cc build. Therefore this fix...
2004-01-25 10:53:43 +00:00
Andy Polyakov
7f24b1c3e9
Get rid of bogus warning when compiling with Sun vendor compiler.
2004-01-24 16:31:21 +00:00
Richard Levitte
a5e8bcfb7b
We're passed p, so let's use p instead of making assumptions.
2004-01-24 01:16:02 +00:00
Richard Levitte
a1d37a96df
Typo...
2004-01-22 22:36:48 +00:00
Richard Levitte
9d5c3c1939
Typo...
2004-01-22 22:36:46 +00:00
Andy Polyakov
d435752b0a
Proper support for HP-UX64 gcc build.
...
PR: 772
2004-01-21 09:58:18 +00:00
Andy Polyakov
c8b14ca177
SHA-1 assembler tune-up for Intel P4
2004-01-21 08:19:36 +00:00
Andy Polyakov
30cb9ec715
SHA-1 assembler tune-up for Intel P4
2004-01-21 08:17:08 +00:00
Richard Levitte
af6dab9b00
Adding a slash between the directoryt and the file is a problem with
...
VMS. The C RTL can handle it well if the "directory" is a logical
name with no colon, therefore ending being 'logname/file'. However,
if the given logical names actually has a colon, or if you use a full
VMS-syntax directory, you end up with 'logname:/file' or
'dev:[dir1.dir2]/file', and that isn't handled in any good way.
So, on VMS, we need to check if the directory string ends with a
separator (one of ':', ']' or '>' (< and > can be used instead [ and
])), and handle that by not inserting anything between the directory
spec and the file name. In all other cases, it's assumed the
directory spec is a logical name, so we need to place a colon between
it and the file.
Notified by Kevin Greaney <kevin.greaney@hp.com>.
2004-01-10 18:04:38 +00:00
Richard Levitte
8ba5c63de9
Adding a slash between the directoryt and the file is a problem with
...
VMS. The C RTL can handle it well if the "directory" is a logical
name with no colon, therefore ending being 'logname/file'. However,
if the given logical names actually has a colon, or if you use a full
VMS-syntax directory, you end up with 'logname:/file' or
'dev:[dir1.dir2]/file', and that isn't handled in any good way.
So, on VMS, we need to check if the directory string ends with a
separator (one of ':', ']' or '>' (< and > can be used instead [ and
])), and handle that by not inserting anything between the directory
spec and the file name. In all other cases, it's assumed the
directory spec is a logical name, so we need to place a colon between
it and the file.
Notified by Kevin Greaney <kevin.greaney@hp.com>.
2004-01-10 18:04:36 +00:00
cvs2svn
7f36acd8fe
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_7-stable'.
2004-01-04 18:59:15 +00:00
Lutz Jänicke
09d7c42a7c
Update URI
...
Submitted by: Gertjan van Oosten <gertjan@West.NL>
PR: #804
2004-01-04 18:06:51 +00:00
Lutz Jänicke
c0017a5a65
Update URI
...
Submitted by: Gertjan van Oosten <gertjan@West.NL>
PR: #804
2004-01-04 18:05:50 +00:00
Richard Levitte
075521725d
Fix Perl problems on sparc64.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:13:18 +00:00
Richard Levitte
faa9c5cbdc
Fix Perl problems on sparc64.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:13:16 +00:00
Richard Levitte
f28e8bd300
Only use environment variables if uid and gid are the same as euid and egid.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:07:20 +00:00
Richard Levitte
3e786f4b0d
Only use environment variables if uid and gid are the same as euid and egid.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:07:18 +00:00
Richard Levitte
de02ec2767
Check if a random "file" is really a device file, and treat it
...
specially if it is.
Add a few OpenBSD-specific cases.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:02:22 +00:00
Richard Levitte
4b66e713de
Check if a random "file" is really a device file, and treat it
...
specially if it is.
Add a few OpenBSD-specific cases.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:01:52 +00:00
Richard Levitte
90dd4d34bb
Correct documentation typos.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:05:26 +00:00
Richard Levitte
112341031b
Correct documentation typos.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:04:54 +00:00
Richard Levitte
7cf803230b
OpenBSD-internal changes.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:02:56 +00:00
Richard Levitte
2d6452cdf9
OpenBSD-internal changes.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:02:54 +00:00
Richard Levitte
cc056d6395
Use sh explicitely to run point.sh
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:00:24 +00:00
Richard Levitte
79b42e7654
Use sh explicitely to run point.sh
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:59:07 +00:00
Richard Levitte
f0c5db92f7
Include strings.h so strcasecmp() and strncasecmp() get properly declared.
2003-12-27 14:54:48 +00:00
Richard Levitte
394178c94c
Use BUF_strlcpy() instead of strcpy().
...
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:40:57 +00:00
Richard Levitte
d420ac2c7d
Use BUF_strlcpy() instead of strcpy().
...
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:40:17 +00:00
Richard Levitte
ec2a595627
Change 'exp' to something else, as 'exp' is predefined by GNU C. This
...
was already done in HEAD, but not in this branch (I wonder why...).
2003-12-27 14:24:20 +00:00
Richard Levitte
ffe966b0fa
To figure out if we're going outside the buffer, use the size of the buffer,
...
not the size of the integer used to index in said buffer.
PR: 794
Notified by: Rhett Garber <rhett_garber@hp.com>
2003-12-11 18:01:06 +00:00
Richard Levitte
a2b0de98af
To figure out if we're going outside the buffer, use the size of the buffer,
...
not the size of the integer used to index in said buffer.
PR: 794
Notified by: Rhett Garber <rhett_garber@hp.com>
2003-12-11 18:01:03 +00:00
Ulf Möller
380e145daf
Add "dif" variable to clean up the loop implementations.
...
Submitted by: Nils Larsch
2003-12-06 11:55:46 +00:00
Ulf Möller
a9f2330f43
Skip a curve with generator of non-prime order.
...
Submitted by: Nils Larsch
2003-12-06 11:41:22 +00:00
Ulf Möller
ce38bb1a8c
Avoid segfault if ret==0.
...
Submitted by: Nils Larsch
2003-12-06 11:39:37 +00:00
Lutz Jänicke
919f8bcd21
Restructure make targets to allow parallel make.
...
Submitted by: Witold Filipczyk <witekfl@poczta.gazeta.pl>
PR: #513
2003-12-03 16:29:41 +00:00
Lutz Jänicke
325829a9bc
Restructure make targets to allow parallel make.
...
Submitted by: Witold Filipczyk <witekfl@poczta.gazeta.pl>
PR: #513
2003-12-03 16:29:16 +00:00
Geoff Thorpe
2bfd2c74d2
Incremental cleanups to bn_lib.c.
...
- Add missing bn_check_top() calls and relocate some others
- Use BN_is_zero() where appropriate
- Remove assert()s that bn_check_top() is already covering
- Simplify the code in places (esp. bn_expand2())
- Only keep ambiguous zero handling if BN_STRICT isn't defined
- Remove some white-space and make some other aesthetic tweaks
2003-12-02 20:01:30 +00:00
Geoff Thorpe
82b2f57e30
Use the BN_is_odd() macro in place of code that (inconsistently) does much
...
the same thing.
Also, I have some stuff on the back-burner related to some BN_CTX notes
from Peter Gutmann about his cryptlib hacks to the bignum code. The BN_CTX
comments are there to remind me of some relevant points in the code.
2003-12-02 03:28:24 +00:00
Geoff Thorpe
2ae1ea3788
BN_FLG_FREE is of extremely dubious usefulness, and is only referred to
...
once in the source (where it is set for the benefit of no other code
whatsoever). I've deprecated the declaration in the header and likewise
made the use of the flag conditional in bn_lib.c. Note, this change also
NULLs the 'd' pointer in a BIGNUM when it is reset but not deallocated.
2003-12-02 03:16:56 +00:00
Geoff Thorpe
34066d741a
Declare the static BIGNUM "BN_value_one()" more carefully.
2003-12-01 23:13:17 +00:00
Geoff Thorpe
b74cc0776b
Add missing bn_check_top()s to bn_kron.c, remove some miscellaneous
...
white-space, and include extra headers to satisfy debugging builds.
2003-12-01 23:11:45 +00:00
Geoff Thorpe
e7e5fe4705
Add missing bn_check_top()s to bn_gf2m.c and remove some miscellaneous
...
white-space.
2003-12-01 23:10:21 +00:00
Geoff Thorpe
998ae048e7
The bn_set_max() macro is only "used" by the bn_set_[low|high]() macros
...
which, in turn, are used nowhere at all. This is a good thing because
bn_set_max() would currently generate code that wouldn't compile (BIGNUM
has no 'max' element).
The only apparent use for bn_set_[low|high] would be for implementing
windowing algorithms, and all of openssl's seem to use bn_***_words()
helpers instead (including the BN_div() that Nils fixed recently, which had
been using independently-coded versions of what these unused macros are
intended for). I'm therefore consigning these macros to cvs oblivion in the
name of readability.
2003-12-01 22:11:08 +00:00
Geoff Thorpe
e65c2b9872
bn_fix_top() exists for compatibility's sake and is mapped to
...
bn_correct_top() or bn_check_top() depending on debug settings. For
internal source, all bn_fix_top()s should be converted one way or the other
depending on whether the use of bn_correct_top() is justified.
For BN_div_recp(), these cases should not require correction if the other
bignum functions are doing their jobs properly, so convert to
bn_check_top().
2003-12-01 21:59:40 +00:00
Richard Levitte
b0ea8b160c
It was pointed out to me that if the requested size is 0, we shouldn't
...
ty to allocate anything at all. This will allow eNULL to still work.
PR: 751
Notified by: Lutz Jaenicke
2003-12-01 13:25:39 +00:00
Richard Levitte
2fe9ab8e20
It was pointed out to me that if the requested size is 0, we shouldn't
...
ty to allocate anything at all. This will allow eNULL to still work.
PR: 751
Notified by: Lutz Jaenicke
2003-12-01 13:25:37 +00:00
Richard Levitte
bb569f97b9
Check that OPENSSL_malloc() really returned some memory.
...
PR: 751
Notified by: meder@mcs.anl.gov
Reviewed by: Lutz Jaenicke, Richard Levitte
2003-12-01 12:11:57 +00:00
Richard Levitte
1145e03870
Check that OPENSSL_malloc() really returned some memory.
...
PR: 751
Notified by: meder@mcs.anl.gov
Reviewed by: Lutz Jaenicke, Richard Levitte
2003-12-01 12:11:55 +00:00
Richard Levitte
31670c94bc
CRYPTO_malloc(), CRYPTO_realloc() and variants of them should return NULL
...
if the give size is 0.
This is a thought that came up in PR 751.
2003-12-01 12:06:19 +00:00
Richard Levitte
6781efb92f
CRYPTO_malloc(), CRYPTO_realloc() and variants of them should return NULL
...
if the give size is 0.
This is a thought that came up in PR 751.
2003-12-01 12:06:15 +00:00
Lutz Jänicke
0bf1c1d80d
Some more ASFLAGS settings required
...
PR: #735
Submitted by: Tim Rice <tim@multitalents.net>
2003-12-01 08:12:47 +00:00
Lutz Jänicke
67e5d33dd7
Some more ASFLAGS settings required
...
PR: #735
Submitted by: Tim Rice <tim@multitalents.net>
2003-12-01 08:12:01 +00:00
Geoff Thorpe
6ed474ca66
Add more debugging to my Configure target, and "make update" to incorporate
...
this and a few other changes.
2003-11-30 23:29:27 +00:00
Geoff Thorpe
46cb8d3689
If BN_STRICT is defined, don't accept an ambiguous representation of zero
...
(ie. where top may be zero, or it may be one if the corresponding word is
set to zero). Note, this only affects the macros in bn.h, there are probably
similar corrections required in some c files.
Also, clarify the audit-related macros at the top of the header. Mental
note: I must not forget to clean all this out before 0.9.8 is released ...
2003-11-30 22:23:12 +00:00
Geoff Thorpe
23fc5ac646
Improve a couple of the bignum macros. Note, this doesn't eliminate
...
tolerance of ambiguous zero-representation, it just improves
BN_abs_is_word() and simplifies other macros that depend on it.
2003-11-30 22:02:10 +00:00
Geoff Thorpe
5734bebe05
Make BN_DEBUG_RAND less painfully slow by only consuming one byte of
...
pseudo-random data for each bn_pollute().
2003-11-30 21:21:30 +00:00
Geoff Thorpe
657a919598
This improves the placement of check_top() macros in a couple of bn_lib
...
functions.
2003-11-29 20:34:07 +00:00
Richard Levitte
b64614adfe
We're getting a clash with C++ because it has a type called 'list'.
...
Therefore, change all instances of the symbol 'list' to something else.
PR: 758
Submitted by: Frédéric Giudicelli <groups@newpki.org>
2003-11-29 10:25:42 +00:00
Richard Levitte
3822740ce3
We're getting a clash with C++ because it has a type called 'list'.
...
Therefore, change all instances of the symbol 'list' to something else.
PR: 758
Submitted by: Frédéric Giudicelli <groups@newpki.org>
2003-11-29 10:25:37 +00:00
Richard Levitte
0d78bc3356
Add IPSec/IKE/Oakley curves.
...
PR: 768
Submitted by: Vadim Fedukovich <vf@unity.net>
2003-11-29 09:25:59 +00:00
Richard Levitte
d87b79bf31
Damnit, I'm sick of having to do something special every time a module
...
that gets built before objects barfs all over the place because it
uses a new NID that hasn't had a chance of getting defined yet (in
this case, it was about a couple of new EC curves, and therefore a
couple of new corresponding NIDs).
I'm placing objects first in SDIRS! There.
2003-11-29 09:19:12 +00:00
Richard Levitte
753cbc2857
1024 is the export key bits limit according to current regulations, not 512.
...
PR: 771
Submitted by: c zhang <czhang2005@hotmail.com>
2003-11-28 22:39:23 +00:00
Richard Levitte
b727907ae8
1024 is the export key bits limit according to current regulations, not 512.
...
PR: 771
Submitted by: c zhang <czhang2005@hotmail.com>
2003-11-28 22:39:19 +00:00
Geoff Thorpe
444c3a8492
Get rid of some signed/unsigned comparison warnings.
2003-11-28 16:39:16 +00:00