Commit graph

3794 commits

Author SHA1 Message Date
Richard Levitte
397211323c nCipher callbacks shall return 0 on success, something else otherwise. 2001-06-01 15:29:32 +00:00
Richard Levitte
a87f50fb5a Stop mishandling the type number in dynlock locking 2001-06-01 15:21:01 +00:00
Bodo Möller
31bc51c8cf Fix Bleichenbacher PKCS #1 1.5 countermeasure.
(The attack against SSL 3.1 and TLS 1.0 is impractical anyway,
otherwise this would be a security relevant patch.)
2001-06-01 09:41:25 +00:00
Bodo Möller
be487c429e increase DEFAULT_BUFFER_SIZE (4K instead of just 1K) 2001-06-01 08:38:29 +00:00
Richard Levitte
80340f1fe9 Don't decrement the reference counter twice when destroying dynamic
links.
2001-05-31 22:25:30 +00:00
Geoff Thorpe
d918f85146 Fix a memory leak in 'sk_dup' in the case a realloc() fails. Also, tidy up
a bit of weird code in sk_new.
2001-05-31 19:01:08 +00:00
Andy Polyakov
a95541d61e Get rid of RAW dependency warnings.
Submitted by:
Reviewed by:
PR:
2001-05-30 22:01:33 +00:00
Richard Levitte
30b4c2724e Extend all the loading functions to take an engine pointer, a pass
string (some engines may have certificates protected by a PIN!) and
a description to put into error messages.

Also, have our own password callback that we can send both a password
and some prompt info to.  The default password callback in EVP assumes
that the passed parameter is a password, which isn't always the right
thing, and the ENGINE code (at least the nCipher one) makes other
assumptions...

Also, in spite of having the functions to load keys, some utilities
did the loading all by themselves...  That's changed too.
2001-05-30 15:29:28 +00:00
Richard Levitte
2adc929367 A wish was expressed. 2001-05-30 14:59:14 +00:00
Lutz Jänicke
7e97837274 Don't forget responsible person so that its clear who is to blame. 2001-05-29 13:52:21 +00:00
Andy Polyakov
4cb73bf8e4 Assembler support for IA-64. See the source code commentary for further
details (performance numbers and accompanying discussions:-). Note that
the code is not engaged in ./Configure yet. I'll add it later this week
along with updates for .spec file.

Submitted by:
Reviewed by:
PR:
2001-05-28 20:02:51 +00:00
Richard Levitte
79bb8d0077 Document the latest change in ENGINEs. 2001-05-26 16:58:34 +00:00
Richard Levitte
6c1a3e4f58 We had the password callback for ENGINEs pretty much wrong. And
passwords that were given to the key loading functions were completely
ignored, at least in the ncipher code, and then we made the assumption
that the callback wanted a prompt as user argument.

All that is now changed, and the application author is forced to give
a callback function of type pem_callback_cb and possibly an argument
for it, just as for all other functions that want to generate password
prompting.

NOTE: this change creates binary and source incompatibilities with
previous versions of OpenSSL [engine].  It's worth it this time, to
get it right (or at least better and with a chance that it'll work).
2001-05-25 21:08:56 +00:00
Dr. Stephen Henson
76c919c1a3 Add missing variable length cipher flag for Blowfish.
Only use trust settings if either trust or reject settings
are present, otherwise use compatibility mode. This stops
root CAs being rejected if they have alias of keyid set.
2001-05-24 22:58:35 +00:00
Richard Levitte
98405f240b VMS doesn't support more than on period in a file name 2001-05-22 12:47:38 +00:00
Dr. Stephen Henson
181355616e Add examples to EVP_EncryptInit manual page. 2001-05-17 13:03:20 +00:00
Dr. Stephen Henson
b49a5b2dc0 Fix for new UI functions under Win32.
For some unknown reason fopen("con", "w") is the
only way to make this work. Using "r+" and "w+"
causes the fopen call to fail and the fallback
(using stdin) doesn't work because writing to stdin
fails.
2001-05-17 11:47:08 +00:00
Richard Levitte
713f226114 Add a requirements section for OpenVMS. 2001-05-17 04:21:00 +00:00
Richard Levitte
d57d85ff35 Add a few more details on what one might need. make and a development
environment were a part of a Unix operating systems, but these days
you see an increasing number of installations that do not necessarely
have these crucial parts by default, so it's needs mentioning.
2001-05-17 04:16:19 +00:00
Lutz Jänicke
74daa124c2 Add missing item(s) SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT. 2001-05-16 09:43:51 +00:00
Richard Levitte
b8e35bd66e New internal function OPENSSL_gmtime, which is intended to do the same
as gmtime_r() on the systems where that is defined.
2001-05-16 08:44:09 +00:00
Lutz Jänicke
e8734731d3 Increase ENTROPY_NEEDED to support Rijndael's larger key size. 2001-05-15 16:02:35 +00:00
Richard Levitte
9e0fcabeca Do not forget to increment the pointers... 2001-05-15 15:49:54 +00:00
Richard Levitte
6482dec1bb Low-case the names of the system routines, since some versions of
DEC C only have them declared that way (it doesn't really matter,
since the linker is case-insensitive by default)
2001-05-15 05:15:47 +00:00
Richard Levitte
81b5eeed6a branch on equal is beql, not beq... 2001-05-14 22:10:09 +00:00
Richard Levitte
365359dd79 Make sure strdup() is properly declared. 2001-05-14 12:23:28 +00:00
Richard Levitte
2757be06de Make sure memset() is properly declared. 2001-05-14 12:22:58 +00:00
Richard Levitte
d0afe49d3e ui was forgotten when installing libcrypto and it's headers. 2001-05-14 12:22:27 +00:00
Richard Levitte
81b31b7087 ui_compat.h was forgotten in the "symlinking" routine. 2001-05-14 12:21:16 +00:00
Richard Levitte
2643b122fc Remove the password reading objects from LIB_DES. 2001-05-14 11:59:02 +00:00
Richard Levitte
88db657ac2 Make more short aliases for symbols that are longer than 31
characters.
2001-05-14 11:58:08 +00:00
Richard Levitte
1f0af2c073 len is a size_t, which is an unsigned integer. Therefore, some
compilers will complain against the check for less than zero.
2001-05-14 11:56:47 +00:00
Richard Levitte
2ed2d1515e Use ui_compat.h to get the password reading functions. 2001-05-14 11:54:36 +00:00
Richard Levitte
bb5b16a36c Make it so the compiler doesn't inform me about the dollars in some
symbols.
2001-05-14 11:53:37 +00:00
Lutz Jänicke
5892855c5f Typos. 2001-05-14 09:52:44 +00:00
Lutz Jänicke
a6e859e9ec One more point to clarify, pointed out by "Greg Stark" <ghstark@pobox.com> 2001-05-14 09:02:38 +00:00
Richard Levitte
99c65cef0f It seems like the removal of "extern" before "static" wasn't a
mistake.
2001-05-13 17:55:30 +00:00
Richard Levitte
496da8b918 Document the addition. 2001-05-13 10:37:02 +00:00
Richard Levitte
739862384c A randomizer for OpenVMS, using the statistics that are easily
reachable.

It's completely untested for now.  To be done in the next few days.
2001-05-13 10:34:18 +00:00
Richard Levitte
0a647c2b8b Define `ok' and better error detection. 2001-05-13 05:34:39 +00:00
Richard Levitte
429e4f0de8 make update 2001-05-13 05:16:58 +00:00
Richard Levitte
2d10c7156c Win16 too :-). 2001-05-13 05:01:58 +00:00
Richard Levitte
299053becd des_read_password() and des_read_2passwords() can only appear if DES
is compiled.
2001-05-13 04:59:09 +00:00
Richard Levitte
1449bda052 When doing rewrites on ssleay.num, the file was prematurely closed.
Make rewrites the default, since it works, and people get confused if
changed information doesn't get rewritten automagically.
2001-05-13 04:48:07 +00:00
Richard Levitte
56bb1a7c83 Move the password reading functions completely away from the DES
section.

Add ui_compat.h for inclusion by those who want the old functions and
provide all of them, not just the higher-level ones, in ui_compat.c.
2001-05-13 04:40:44 +00:00
Richard Levitte
96aaf806d8 Put back a removed "extern", or many compilers will complain about
redefined variables.
2001-05-13 04:34:57 +00:00
Dr. Stephen Henson
d70e5100c0 #if 0 out deleted (?) functions to stop Win32 DLL
build falling over.
2001-05-13 00:33:55 +00:00
Dr. Stephen Henson
4831e626aa Change Win32 to use EXPORT_VAR_AS_FN.
Fix OPENSSL_IMPLEMENT_GLOBAL.

Allow Win32 to use EXPORT_VAR_AS_FN in mkdef.pl

make update.
2001-05-12 23:57:41 +00:00
Lutz Jänicke
33ab4699ba Clarify behaviour with respect to SSL/TLS records. 2001-05-12 09:49:02 +00:00
Dr. Stephen Henson
595cc5b4b8 Under VC++ _DLL is set to indicate that the application
will be linked against the DLL runtime library. It is
automatically set when /MD is used.

As a result OpenSSL shouldn't use _DLL to determine if
it should set OPENSSL_OPT_WINDLL because this will
cause linkage conflicts with static builds which do
include the /MD compiler switch.
2001-05-12 00:16:56 +00:00