wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7315 commits 20 branches 302 tags 153 MiB
Commit graph

1029 commits

Author SHA1 Message Date
Richard Levitte
6c9f57d629 Cut'n'paste mistake. All tested OK now... 2004-11-11 19:36:08 +00:00
Richard Levitte
382342ce1d Whoops, syntactic mistake... 2004-11-11 18:58:01 +00:00
Richard Levitte
69c922f5d2 Some find it confusing that environment variables are set when shared 
libraries aren't built or used.  I can see the point, so I'm
reorganising a little for clarity.
 2004-11-11 18:18:43 +00:00
Dr. Stephen Henson
10c8505734 Use the default_md config file value when signing CRLs. 
PR:662
 2004-11-11 13:47:06 +00:00
Dr. Stephen Henson
10f92aac33 Don't return an error with crl -noout. 
PR:917
Sumbmitted by: Michael Konietzka <konietzka@schlund.de>
 2004-11-11 02:13:08 +00:00
Richard Levitte
8de69cf2c6 Make sure LD_PRELOAD is only set when we build shared libraries (and 
therefore link with them).  Add LD_PRELOAD setting code where it was
still missing.

PR: 966
 2004-11-05 09:12:10 +00:00
Geoff Thorpe
58ae65cd1a Update ECDSA and ECDH for OPENSSL_NO_ENGINE. 
Reported by: Maxim Masiutin
Submitted by: Nils Larsch
 2004-10-21 00:06:14 +00:00
Richard Levitte
d813ff2ac1 make update 2004-09-10 10:30:33 +00:00
Dr. Stephen Henson
c431798e82 Reformat smime utility. 
Add support for policy checking in verify utility.
 2004-09-07 18:38:46 +00:00
Dr. Stephen Henson
fb80794568 Don't use 'explicit' for variable name. 2004-09-07 00:31:08 +00:00
Dr. Stephen Henson
4ec3d785e5 Reformat smime.c 2004-09-07 00:28:17 +00:00
Dr. Stephen Henson
5d7c222db8 New X509_VERIFY_PARAM structure and associated functionality. 
This tidies up verify parameters and adds support for integrated policy
checking.

Add support for policy related command line options. Currently only in smime
application.

WARNING: experimental code subject to change.
 2004-09-06 18:43:01 +00:00
Richard Levitte
2549564009 On systems that use case-insensitive symbol names (i.e. they're all 
converted to upper case or something like that), the application-
level bio_dump_cb() has a name clash with the new library function
BIO_dump_cb().  The easiest fix is to rename the function at the
application level.
 2004-08-12 08:58:55 +00:00
Dr. Stephen Henson
b5a93e2250 Call setup_engine after autoconfig. 2004-08-06 12:44:34 +00:00
Dr. Stephen Henson
c128bb0fa2 Don't ignore return value of EVP_DigestInit_ex() in md BIOs and dgst utility. 2004-08-05 18:09:50 +00:00
Andy Polyakov
c88f8f76b5 'apps/openssl dgst -help' update and minor apps/speed.c update. 2004-07-25 18:57:35 +00:00
Dr. Stephen Henson
0efea28dcb Don't try to parse non string types. 2004-07-01 18:15:33 +00:00
Richard Levitte
28a8003467 Changes for VOS, submitted by Paul Green <Paul.Green@stratus.com>. 
PR: 499
 2004-06-28 22:01:37 +00:00
Richard Levitte
563cd0f2b0 Make the tests of EVP operations without padding. As a consequence, 
there's no need for a larger BUFSIZE any more...

PR: 904
 2004-06-28 16:32:12 +00:00
Richard Levitte
3ac0f28837 Make sure that the buffers are large enough to contain padding. 
PR: 904
 2004-06-28 12:23:35 +00:00
Richard Levitte
47c1735acd NetWare fixes provided by Verdon Walker for OpenSSL 0.9.8-dev. 
The changes have been mailed to <crypt@bis.doc.gov> as well.

PR: 903
 2004-06-28 11:55:28 +00:00
Dr. Stephen Henson
8a60547896 Reformat pkcs8 source. 2004-06-24 13:10:54 +00:00
Andy Polyakov
bc1ca8605c Working on HP-UX shared support... 2004-05-31 14:50:19 +00:00
Andy Polyakov
63ba7e293f Make sha-256/-512 naming in speed.c consistent with their names as they 
will appear at EVP leyer.
 2004-05-31 12:40:22 +00:00
Andy Polyakov
46ceb15c39 SHA-256/-512 test and benchmark. 2004-05-20 21:49:38 +00:00
Geoff Thorpe
9c52d2cc75 After the latest round of header-hacking, regenerate the dependencies in 
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
 2004-05-17 19:26:06 +00:00
Geoff Thorpe
f0eae953e2 Remove some unnecessary recursive includes from the internal apps.h header, 
and include bn.h in those C files that need bignum functionality.
 2004-05-17 19:05:32 +00:00
Richard Levitte
d1739eb2d6 make update 2004-05-13 21:38:47 +00:00
Dr. Stephen Henson
df368ecce4 Make self signing option of 'x509' use random serial numbers too. 2004-05-12 18:20:37 +00:00
Geoff Thorpe
bcfea9fb25 Allow RSA key-generation to specify an arbitrary public exponent. Jelte 
proposed the change and submitted the patch, I jiggled it slightly and
adjusted the other parts of openssl that were affected.

PR: 867
Submitted by: Jelte Jansen
Reviewed by: Geoff Thorpe
 2004-04-26 15:31:35 +00:00
Dr. Stephen Henson
77475142ec New option to 'x509' -next_serial. This outputs the certificate 
serial number plus 1 to the output file. Its purpose is to allow
serial number files to be initialized when random serial numbers
are used.
 2004-04-21 12:46:20 +00:00
Dr. Stephen Henson
90fac84066 Use X509_get_serialNumber() instead of accessing internals in x509.c 2004-04-21 12:43:21 +00:00
Dr. Stephen Henson
64674bcc8c Reduce chances of issuer and serial number duplication by use of random 
initial serial numbers.

PR: 842
 2004-04-20 12:05:26 +00:00
Geoff Thorpe
c57bc2dc51 make update 2004-04-19 18:33:41 +00:00
Geoff Thorpe
823a67b0a9 header cleanup in apps/ 2004-04-19 18:13:07 +00:00
Dr. Stephen Henson
ae44fc1ec4 Clear error if unique_subject lookup fails. 2004-04-15 00:32:19 +00:00
Richard Levitte
d530017c00 Move the definition of Win32_rename(), since the macro rename gets undefined 
in the middle of the code on Windows, and that disrupts operations in functions
later that use rename()...
PR: 853
 2004-03-25 20:09:00 +00:00
Geoff Thorpe
5148710994 Adds warnings about two curves and fixes the "seed" value for two other 
curves.

Submitted by: Nils Larsch
 2004-03-25 03:03:52 +00:00
Richard Levitte
d342ec3335 o_str.h isn't a public header file, so make sure it will still be 
included.
 2004-03-24 09:43:03 +00:00
Richard Levitte
875a644a90 Constify d2i, s2i, c2i and r2i functions and other associated 
functions and macros.

This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const.  Those will be removed when this change has been
properly reviewed.
 2004-03-15 23:15:26 +00:00
Dr. Stephen Henson
3f39976da3 Call autoconfig code in pkcs7 utility. 2004-03-05 23:46:29 +00:00
Geoff Thorpe
6c43032121 minor signed/unsigned warning fixes 2004-02-10 18:46:10 +00:00
Dr. Stephen Henson
37ead9be0b Fix handling of -offset and -length in asn1parse tool. 
If -offset exceeds -length of data available exit with an error.

Don't read past end of total data available when -offset supplied.

If -length exceeds total available truncate it.
 2004-02-08 13:30:04 +00:00
Andy Polyakov
3a160f1dc6 Fix declaration inconsistency in ecparam.c. 2004-01-24 16:51:59 +00:00
Lutz Jänicke
cdb42bcf0c Cover all DSA setups when running tests 
PR: #748
Submitted by: Kirill Kochetkov <kochet@ixbt.com>
 2004-01-08 07:46:37 +00:00
Richard Levitte
79b42e7654 Use sh explicitely to run point.sh 
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 14:59:07 +00:00
Richard Levitte
d420ac2c7d Use BUF_strlcpy() instead of strcpy(). 
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 14:40:17 +00:00
Richard Levitte
03ddbdd9b9 Move another common functionality (reproduced so far with cut'n'paste) 
to apps.c, and give it the hopefully descriptive name parse_yesno().
 2003-11-28 14:45:09 +00:00
Richard Levitte
d45a098472 Forgot to change the declaration of do_subject() to one of parse_name()... 2003-11-28 14:18:05 +00:00
Richard Levitte
6d5ffb591b Move do_subject() to apps.c and rename it to parse_name(). The 
rationale behind the move is that it's use by several applications.
The rationale behind the name change is that it describes what the
function does a bit better.
 2003-11-28 14:07:14 +00:00
Richard Levitte
7ce9e425bc Allow multi-valued rdns in subjects. This adds the -multivalue-rdn option 
to 'openssl req' and 'openssl ca'.

PR: 779
Submitted by: Michael Bell <michael.bell@cms.hu-berlin.de>
Reviewed by: Richard Levitte

(there will be some follow-up changes)
 2003-11-28 14:04:09 +00:00
Richard Levitte
4d8743f490 Netware-specific changes, 
PR: 780
Submitted by: Verdon Walker <VWalker@novell.com>
Reviewed by: Richard Levitte
 2003-11-28 13:10:58 +00:00
Dr. Stephen Henson
a8287a90ea Give CRLDP its standard name. 
Max req -x509 use V1 if extensions section absent.
 2003-11-20 22:45:06 +00:00
Lutz Jänicke
95de3d204f Make sure to initialize AES counters to obtain proper results. 
Submitted by: Kirill Kochetkov <kochet@ixbt.com>

PR: #748
 2003-11-18 18:27:12 +00:00
Lutz Jänicke
f35232e6f3 Catch error condition to prevent NULL pointer dereference. 
Submitted by: Goetz Babin-Ebell <babin-ebell@trustcenter.de>

PR: #766
 2003-11-16 16:30:39 +00:00
Geoff Thorpe
d8ec0dcf45 Avoid some shadowed variable names. 
Submitted by: Nils Larsch
 2003-11-04 00:51:32 +00:00
Richard Levitte
cfd06a6223 Let exit codes propagate from within for loops. 2003-10-31 06:58:24 +00:00
Geoff Thorpe
bc3c578208 Copy-n-paste bug (don't mix variable declarations and code). This sets the 
callback structure just before it is needed.
 2003-10-29 22:30:45 +00:00
Geoff Thorpe
2754597013 A general spring-cleaning (in autumn) to fix up signed/unsigned warnings. 
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
 2003-10-29 20:24:15 +00:00
Geoff Thorpe
0991f07034 For whatever reason (compiler or header bugs), at least one commonly-used 
linux system (namely mine) chokes on our definitions and uses of the "HZ"
symbol in crypto/tmdiff.[ch] and apps/speed.c as a "bad function cast"
(when in fact there is no function casting involved at all). In both cases,
it is easily worked around by not defining a cast into the macro and
jiggling the expressions slightly.

In addition - this highlights some cruft in openssl that needs sorting out.
The tmdiff.h header is exported as part of the openssl API despite the fact
that it is ugly as the driven sludge and not used anywhere in the library,
applications, or utilities. More weird still, almost identical code exists
in apps/speed.c though it looks to be slightly tweaked - so either tmdiff
should be updated and used by speed.c, or it should be dumped because it's
obviously not useful enough.

Rather than removing it for now, I've changed the API for tmdiff to at
least make sense. This involves taking the object type (MS_TM) from the
implementation and using it in the header rather than using "char *" in the
API and casting mercilessly in the code (ugh). If someone doesn't like
"MS_TM" and the "ms_time_***" naming, by all means change it. This should
be a harmless improvement, because the existing API is clearly not very
useful (eg. we reimplement it rather than using it in our own utils).

However, someone still needs to take a hack at consolidating speed.c and
tmdiff.[ch] somehow.
 2003-10-29 04:40:13 +00:00
Geoff Thorpe
2aaec9cced Update any code that was using deprecated functions so that everything builds 
and links with OPENSSL_NO_DEPRECATED defined.
 2003-10-29 04:14:08 +00:00
Dr. Stephen Henson
a08ced78c8 Avoid warnings: add missing prototype, don't shadow. 2003-10-10 23:07:24 +00:00
Richard Levitte
f44e184ec6 s_client should inform the user of any compression/expansion methods used. 2003-10-06 12:19:38 +00:00
Richard Levitte
3d7c4a5a6d Selected changes for MSDOS, contributed by Gisle Vanem <giva@bgnett.no>. 
PR: 669
 2003-09-27 21:56:08 +00:00
Richard Levitte
253e893c2b Include the instance in the Kerberos ticket information. 
In s_server, print the received Kerberos information.
PR: 693
 2003-09-27 17:55:13 +00:00
Dr. Stephen Henson
dfe399e7d9 Add -passin support to rsautl 2003-09-21 02:20:02 +00:00
Dr. Stephen Henson
7068c8b1a6 In order to get the expected self signed error when 
calling X509_verify_cert() in x509.c the cert should
not be added to the trusted store.
 2003-09-21 02:18:15 +00:00
Richard Levitte
e6fa67fa93 Generalise the definition of strcasecmp() and strncasecmp() for 
platforms that don't (necessarely) have it.  In the case of VMS, this
means moving a couple of functions from apps/ to crypto/ and make them
general (although only used privately).
 2003-09-09 14:48:36 +00:00
Dr. Stephen Henson
560dfd2a02 New -ignore_err option in ocsp application to stop the server 
exiting on the first error in a request.
 2003-09-03 23:56:01 +00:00
Bodo Möller
563c05e2dc fix out-of-bounds check in lock_dbg_cb (was too lose to detect all 
invalid cases)

PR: 674
 2003-08-14 10:33:56 +00:00
Bodo Möller
968766cad8 updates for draft-ietf-tls-ecc-03.txt 
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
 2003-07-22 12:34:21 +00:00
Richard Levitte
94805c84d1 Add -issuer_hash and make -subject_hash the default way to get the 
subject hash, with -hash a synonym kept around for backward
compatibility reasons.
PR: 650
 2003-07-03 20:45:09 +00:00
Bodo Möller
0fbffe7a71 implement PKCS #8 / SEC1 private key format for ECC 
Submitted by: Nils Larsch
 2003-06-25 21:35:05 +00:00
Richard Levitte
fd4ef69913 Implement CRL numbers. 
Contributed in whole by Laurent Genier <Laurent.Genier@intrinsec.com>
PR: 644
 2003-06-19 17:40:16 +00:00
Richard Levitte
fadd2246a0 Avoid warnings saying that the format takes a void*. 2003-06-11 22:26:02 +00:00
Dr. Stephen Henson
beab098d53 Various S/MIME bug and compatibility fixes. 2003-06-01 20:51:58 +00:00
Lutz Jänicke
4f17dfcd75 Add minimum POP3 STLS hack to s_client.c (as was provided for STARTTLS before) 
Submitted by: dg@sunet.ru (Daniel Ginsburg)

PR: #613
 2003-05-28 20:24:57 +00:00
Richard Levitte
d1465bac90 make update 2003-05-01 04:10:32 +00:00
Richard Levitte
4c771796d5 Convert save_serial() to work like save_index(), and add a 
rotate_serial() that works like rotate_index().
 2003-04-04 15:10:35 +00:00
Richard Levitte
d6df2b281f Add documentation on the added functionality in 'openssl ca'. 2003-04-04 14:39:44 +00:00
Richard Levitte
3ae70939ba Correct a lot of printing calls. Remove extra arguments... 2003-04-03 23:39:48 +00:00
Richard Levitte
83b23ed967 One more debug line to conditionalise. 2003-04-03 23:01:20 +00:00
Richard Levitte
16b1b03543 Implement self-signing in 'openssl ca'. This makes it easier to have 
the CA certificate part of the CA database, and combined with
'unique_subject=no', it should make operations like CA certificate
roll-over easier.
 2003-04-03 22:33:59 +00:00
Richard Levitte
db598fbce2 Don't try to free NULL values... 2003-04-03 20:03:23 +00:00
Richard Levitte
0998cfaadd Remove unused variable. 2003-04-03 19:07:27 +00:00
Richard Levitte
c4448f60d6 Reset the version number of the issuer certificate? I believe this 
hasn't been tested in a long while...
 2003-04-03 18:50:15 +00:00
Richard Levitte
63b6fe2bf6 Conditionalise all debug strings. 2003-04-03 18:07:39 +00:00
Richard Levitte
f85b68cd49 Make it possible to have multiple active certificates with the same 
subject.
 2003-04-03 16:33:03 +00:00
Richard Levitte
d678cc07ed No need to test -setalias twice. 
PR: 556
 2003-03-31 13:56:52 +00:00
Richard Levitte
03eeb07152 Add usage string for -fingerprint. 
PR: 560
 2003-03-31 13:06:24 +00:00
Dr. Stephen Henson
1a15c89988 Multi valued AVA support. 2003-03-30 01:51:16 +00:00
Dr. Stephen Henson
e5b0508a14 Update ocsp usage message and docs. 2003-03-26 00:46:47 +00:00
Richard Levitte
48f1fa7482 Make sure that all the library paths are modified in prepend mode, not 
replace mode.
PR: 528
 2003-03-20 11:37:47 +00:00
Dr. Stephen Henson
12d4e7b8c8 Fix PEDANTIC stuff... 2003-03-13 21:28:03 +00:00
Dr. Stephen Henson
767712fa62 Avoid warnings for no-engine and PEDANTIC 2003-03-12 02:38:57 +00:00
Bodo Möller
176f31ddec - new ECDH_compute_key interface (KDF is no longer a fixed built-in) 
- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary
 2003-02-28 15:37:10 +00:00
Dr. Stephen Henson
e9ec63961b Fix indefinite length encoding so EOC correctly updates 
the buffer pointer.

Rename PKCS7_PARTSIGN to PKCS7_STREAM.

Guess what that's for :-)
 2003-02-25 19:03:31 +00:00
Ulf Möller
66ecdf3bfb more mingw related cleanups. 2003-02-22 18:00:14 +00:00
Richard Levitte
132eaa59da Allow building applications against static libraries with Makefile.shared. 2003-02-22 14:41:34 +00:00
Dr. Stephen Henson
27068df7e0 Single pass processing to cleartext S/MIME signing. 2003-02-15 00:50:55 +00:00
Richard Levitte
c1269c81fd Handle krb5 libraries separately and make sure only libssl.so depends 
on it.
 2003-02-14 13:12:00 +00:00
Richard Levitte
e270cf9c5e Pay attention to disabled SSL versions. 
PR: 500
 2003-02-14 05:24:22 +00:00
Richard Levitte
85d686e723 Make it possible to disable OCSP, the speed application, and the use of sockets. 
PR: 358
 2003-02-14 01:02:58 +00:00
Richard Levitte
2d3de726c5 Add full support for -rpath/-R, both in shared libraries and 
applications, at least on the platforms where it's known how
to do it.

Note: this has only been tested on GNU-based platforms (Linux), and
needs to be tested on all others.  Additionally, it's not yet
supported on the following platforms, for lack of information:

Darwin (MacOS X)
Cygwin
OSF1/Alpha
SVR3
ReliantUNIX

Please help out with testing and the platforms we don't yet know well
enough.
 2003-02-13 23:52:54 +00:00
Dr. Stephen Henson
33075f229e Typo. 2003-02-10 17:52:10 +00:00
Bodo Möller
d42d2d1ab6 avoid coredump 
Submitted by: Nils Larsch
 2003-02-08 19:49:16 +00:00
Bodo Möller
37c660ff9b implement fast point multiplication with precomputation 
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
 2003-02-06 19:25:12 +00:00
Richard Levitte
0b13e9f055 Add the possibility to build without the ENGINE framework. 
PR: 287
 2003-01-30 17:39:26 +00:00
Geoff Thorpe
bb3e67f315 "openssl engine" will not display ENGINE/DSO load failure errors when 
testing availability of engines with "-t" - the old behaviour of is
produced by increasing the feature's verbosity with "-tt".
 2003-01-30 14:58:44 +00:00
Richard Levitte
4e78074b39 cert_sk isn't always allocated, so freeing it may cause a crash. 
PR: 481
 2003-01-30 10:27:43 +00:00
Dr. Stephen Henson
d3b5cb5343 Check return value of gmtime() and add error codes 
where it fails in ASN1_TIME_set().

Edit asn1.h so the new error code is the same in 0.9.7
and 0.9.8, rebuild new error codes.

Clear error queue in req.c if *_min or *_max is absent.
 2003-01-24 01:12:01 +00:00
Bodo Möller
d745af4b0c avoid potential confusion about curves (prime192v1 and prime256v1 are 
also known as secp192r1 and secp256r1, respectively)

Submitted by: Nils Larsch, Bodo Moeller
 2003-01-16 16:05:23 +00:00
Richard Levitte
8cbb91c857 DJGPP doesn't have DLLs, so skip adding to %PATH% in that environment. 
PR: 453
 2003-01-13 15:16:40 +00:00
Dr. Stephen Henson
09ad2458b8 Typo. 2003-01-09 16:54:21 +00:00
Dr. Stephen Henson
5b7249f302 NULL tofree when it is freed to avoid double free. 
Make sure key is not NULL before freeing it.
 2003-01-09 13:06:49 +00:00
Dr. Stephen Henson
876e96fdbf Fix leak. 2003-01-04 18:25:24 +00:00
Richard Levitte
5e42f9ab46 make update 2002-12-29 01:38:15 +00:00
Richard Levitte
e235000169 Spelling error. 
This patch was taken from the OpenBSD copy of OpenSSL 0.9.7 beta3 with patches
 2002-12-25 22:16:56 +00:00
Richard Levitte
821951b851 Avoid double definition of config. 
PR: 420
 2002-12-24 23:53:46 +00:00
Richard Levitte
cb661c56b0 Cygwin needs the library locatin for .DLLs to be set in PATH. Unfortunately, 
the conditional was set to add the library directory to PATH when the
platform is NOT Cygwin.  Corrected.
PR: 404
 2002-12-24 10:50:11 +00:00
Richard Levitte
49e42a1f60 There was a mixup between INSTALLTOP and OPENSSLDIR... 2002-12-20 07:51:03 +00:00
Richard Levitte
9cd16b1dea We stupidly had a separate LIBKRB5 variable for KRB5 library dependencies, 
and then didn't support it very well.  And that when there already is a
useful variable for exactly this kind of thing; EX_LIBS...
 2002-12-19 22:10:12 +00:00
Richard Levitte
0b900a5e93 I have no idea what possesed me to compile s_socket.c as POSIXly code. 
Incidently, it now compiles so much better without _POSIX_C_SOURCE.
 2002-12-19 19:42:53 +00:00
Richard Levitte
30c08f2e3d Update the make system for installations: 
- define a HERE variable to indicate where the source tree is (used
  very little right now)
- make more use of copying and making attribute changes to {file}.new,
  and then move it to {file}
- use 'mv -f' to avoid all those questions to the user when the file
  in question doesn't have write attributes for that user.
 2002-12-15 05:59:13 +00:00
Geoff Thorpe
f92570f00a This stops a compiler warning from -Wmissing-prototypes. 
(Noticed by Nils Larsch)
 2002-12-11 03:34:26 +00:00
Geoff Thorpe
e189872486 Nils Larsch submitted; 
- a patch to fix a memory leak in rsa_gen.c
  - a note about compiler warnings with unions
  - a note about improving structure element names

This applies his patch and implements a solution to the notes.
 2002-12-08 16:45:26 +00:00
Geoff Thorpe
5daec7ea0e Undefine OPENSSL_NO_DEPRECATED inside openssl application code if we are 
being built with it defined - it is not a symbol to affect how openssl
itself builds, but to alter the way openssl headers can be used from an API
point of view. The "deprecated" function wrappers will always remain inside
OpenSSL at least as long as they're still being used internally. :-)

The exception is dsaparam which has been updated to the BN_GENCB-based
functions to test the new functionality. If GENCB_TEST is defined, dsaparam
will support a "-timebomb <n>" switch to cancel parameter-generation if it
gets as far as 'n' seconds without completion.
 2002-12-08 05:38:44 +00:00
Richard Levitte
fa63a98ad8 Apparently, bash is more forgiving than sh. To be backward 
compatible, don't use ==, use = instead...
 2002-12-06 08:43:41 +00:00
Richard Levitte
f68bb3c51f Corrected DJGPP patch 2002-12-05 20:50:25 +00:00
Richard Levitte
1c3e4a3660 EXIT() may mean return(). That's confusing, so let's have it really mean 
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)
 2002-12-03 16:33:03 +00:00
Richard Levitte
4579924b7e Cleanse memory using the new OPENSSL_cleanse() function. 
I've covered all the memset()s I felt safe modifying, but may have missed some.
 2002-11-28 08:04:36 +00:00
Richard Levitte
19aa370573 Disable this module if OPENSSL_NO_SOCK is defined. 2002-11-22 08:45:20 +00:00
Richard Levitte
450cee5c3a Make sure sysconf exists (it doesn't in the VMS C RTL lesser than version 7). 2002-11-18 23:05:39 +00:00
Bodo Möller
055076cd4f allocate bio_err before memory debugging is enabled to avoid memory leaks 
(we can't release it before the CRYPTO_mem_leaks() call!)

Submitted by: Nils Larsch
 2002-11-18 13:37:40 +00:00
Richard Levitte
0bf23d9b20 WinCE patches 2002-11-15 22:37:18 +00:00
Richard Levitte
6f17f16fd5 Changes to make shared library building and use work better with Cygwin 2002-11-15 16:48:38 +00:00
Richard Levitte
c863201780 Remove warnings. 2002-11-14 15:57:38 +00:00
Richard Levitte
8d6e60486f Fix to build better with DJGPP. 
PR: 338

Here's the description, submitted by Gisle Vanem <giva@bgnett.no>:

1. sock_init() renamed to ssl_sock_init() in ./apps/s_socket.c due
   to name-clash with Watt-32.

2. rand() renamed to Rand() in ./crypto/bn/divtest.c due to name-clash
   with <stdlib.h>

3. Added calls to dbug_init()/sock_init() in some demo programs.

4. Changed cflags/lflags in configure. Watt-32 install root now taken
   from $WATT_ROOT.
 2002-11-14 11:22:01 +00:00
Richard Levitte
c112323dd5 This didn't get to the 0.9.8-dev thread... 2002-11-13 18:09:27 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Dr. Stephen Henson
9ea1b87862 Initial ASN1 generation code. This can construct 
arbitrary encodings from strings and config files.

Documentation to follow...
 2002-11-12 13:34:51 +00:00
Richard Levitte
06b7c8d5ba Variables on the stack must be initialized or we can't depend on any 
initial value.  For errline/errorline, we did depend on that, erroneously
 2002-11-11 21:34:21 +00:00
Richard Levitte
6722b62b36 Make the programs link against the static library on MacOS X. 
PR: 335
 2002-11-11 20:46:52 +00:00
Richard Levitte
3782350c14 -CAserial does take a filename argument. 
PR: 332
 2002-11-08 21:53:54 +00:00
Richard Levitte
ddff68bee7 Windows doesn't know sys/file.h 2002-11-07 21:40:06 +00:00
Richard Levitte
b6d0defb98 Remove all referenses to RSAref, since that's been gone for more than 
a year.
 2002-10-31 16:46:52 +00:00
Bodo Möller
259cdf2af9 Sun has agreed to removing the covenant language from most files. 
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
 2002-10-29 10:59:32 +00:00
Bodo Möller
5c6bf03117 fast reduction for NIST curves 
Submitted by: Nils Larsch
 2002-10-28 13:23:24 +00:00
Richard Levitte
d652a0957f Make sure toupper() is declared 2002-10-25 09:51:45 +00:00
Richard Levitte
d610d27f30 On certain platforms, we redefine certain symbols using macros in 
apps.h.  For those, it's better to include apps.h after the system
headers where those symbols may be defined, since there's otherwise a
chance that the C compiler will barf when it sees something that looks
like this after expansion:

int VMS_strcasecmp((str1),(str2))(const char *, const char *);
 2002-10-24 10:03:55 +00:00