wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7111 commits 20 branches 302 tags 153 MiB
Commit graph

7111 commits

This branch
This branch
All branches
Author SHA1 Message Date
Richard Levitte
5b0b0e98ce Security fix: Vaudenay timing attack on CBC. 
An advisory will be posted to the web.  Expect a release within the hour.
 2003-02-19 12:03:59 +00:00
Richard Levitte
a3063b37ef Make sure the memory allocation routines check for negative sizes 2003-02-19 11:54:57 +00:00
Richard Levitte
d5234c7b3a Make sure the memory allocation routines check for negative sizes 2003-02-19 11:54:42 +00:00
Richard Levitte
cf13eaf1a1 Borland C++ Builder 5 complains about unreachable statements. 2003-02-19 11:22:18 +00:00
Richard Levitte
77e270d10e Borland C++ Builder 5 complains about unreachable statements. 2003-02-19 11:22:15 +00:00
Dr. Stephen Henson
c893bffae7 Update debub-steve* entries. 2003-02-19 01:04:34 +00:00
Dr. Stephen Henson
988e8458ad Typo. 2003-02-18 12:46:47 +00:00
Richard Levitte
cc811b1d7e Make the no-err option work properly 2003-02-18 12:15:13 +00:00
Richard Levitte
758f942b88 Make the no-err option work properly 2003-02-18 12:14:57 +00:00
Bodo Möller
a81d9af7f7 Remove "+Olibcalls" option from HPUX targets. 
Reportedly this option is deprecated, and on some systems
"make test" fails if it is included.

PR: 495
 2003-02-16 20:10:26 +00:00
Bodo Möller
26e9724458 Remove "+Olibcalls" option from HPUX targets. 
Reportedly this option is deprecated, and on some systems
"make test" fails if it is included.

PR: 495
 2003-02-16 20:10:23 +00:00
Geoff Thorpe
4879ec7bf3 Session cache implementations shouldn't have to access SSL_SESSION 
elements directly, so this missing functionality is required.

PR: 276
 2003-02-15 20:38:57 +00:00
Geoff Thorpe
b653327d47 Declare prototypes for function pointer types, even if they are likely to 
be cast later on.
 2003-02-15 20:32:13 +00:00
Dr. Stephen Henson
4cadedef57 Update docs. 2003-02-15 01:09:55 +00:00
Dr. Stephen Henson
27068df7e0 Single pass processing to cleartext S/MIME signing. 2003-02-15 00:50:55 +00:00
Geoff Thorpe
b12753dffc We cache a montgomery form for 'n' if the PUBLIC flag is set, not PRIVATE. 
Also, I've added handling for other mod_exp calls that were not using any
cached montgomery forms. These cases matter only for special RSA keys (eg.
ones that are missing information) so are unlikely to be used in normal
circumstances.
 2003-02-15 00:18:38 +00:00
Geoff Thorpe
79221bc265 David Brumley <dbrumley@stanford.edu> noted and corrected a case in the 
verification step of CRT private key operations in the RSA code -
previously no montgomery form was checked or used for 'n', and so it would
be generated on the fly each time. As a result, private key operations are
now a percent or two faster.

Rather than adding this as another repetition of the nearly-identical
montgomery "check for first-use" initialisation code blocks, I've taken
this chance to create a helper function and macro-wrapper to replace them.

PR: 475
 2003-02-14 23:21:19 +00:00
Bodo Möller
1dc94d4dcc mask old error codes so that mkerr.pl does not re-add them 2003-02-14 14:43:31 +00:00
Bodo Möller
5a2485ce12 make update 2003-02-14 14:40:04 +00:00
Bodo Möller
ffa49dc3d9 make update 2003-02-14 14:21:58 +00:00
Richard Levitte
142398d3a7 Add support for IA64. 
PR: 454
 2003-02-14 13:30:43 +00:00
Richard Levitte
b7bbac72c4 Add support for IA64. 
PR: 454
 2003-02-14 13:30:35 +00:00
Richard Levitte
c1269c81fd Handle krb5 libraries separately and make sure only libssl.so depends 
on it.
 2003-02-14 13:12:00 +00:00
Richard Levitte
6c0118ee8e Handle krb5 libraries separately and make sure only libssl.so depends 
on it.
 2003-02-14 13:11:44 +00:00
Richard Levitte
765ca5ea06 Update linux-mips and linux-mipsel to support threads and shared libraries. 
I also updated the bn_ops field with values taken from OpenBSD-mips.
PR: 498
 2003-02-14 08:56:25 +00:00
Richard Levitte
794a386af3 Update linux-mips and linux-mipsel to support threads and shared libraries. 
I also updated the bn_ops field with values taken from OpenBSD-mips.
PR: 498
 2003-02-14 08:56:21 +00:00
Richard Levitte
97333eaff7 Pay attention to disabled SSL versions. 
PR: 500
 2003-02-14 05:24:25 +00:00
Richard Levitte
e270cf9c5e Pay attention to disabled SSL versions. 
PR: 500
 2003-02-14 05:24:22 +00:00
Richard Levitte
b088a2d3f9 Change no_rmd160 to no_ripemd for consistency. 
PR: 500
 2003-02-14 05:20:28 +00:00
Richard Levitte
7e38616d1f Change no_rmd160 to no_ripemd for consistency. 
PR: 500
 2003-02-14 05:20:25 +00:00
Richard Levitte
b9447ec1bc Make it possible to disable OCSP, the speed application, and the use of sockets. 
PR: 358
 2003-02-14 01:03:06 +00:00
Richard Levitte
85d686e723 Make it possible to disable OCSP, the speed application, and the use of sockets. 
PR: 358
 2003-02-14 01:02:58 +00:00
Richard Levitte
2d3de726c5 Add full support for -rpath/-R, both in shared libraries and 
applications, at least on the platforms where it's known how
to do it.

Note: this has only been tested on GNU-based platforms (Linux), and
needs to be tested on all others.  Additionally, it's not yet
supported on the following platforms, for lack of information:

Darwin (MacOS X)
Cygwin
OSF1/Alpha
SVR3
ReliantUNIX

Please help out with testing and the platforms we don't yet know well
enough.
 2003-02-13 23:52:54 +00:00
Richard Levitte
4989f0599f Another long name to deal with 2003-02-13 13:21:13 +00:00
Richard Levitte
73bec6d4b7 Oh, the destest program did look at the return value... 2003-02-13 08:53:43 +00:00
Richard Levitte
e4b52ac353 Oh, the destest program did look at the return value... 2003-02-13 08:53:40 +00:00
Bodo Möller
abd22c9c46 new lock for EC_PRE_COMP structures 
Submitted by: Nils Larsch
 2003-02-12 22:01:12 +00:00
Bodo Möller
ba729265a8 Allow EC_GROUP objects to share precomputation for improved memory 
efficiency (EC_PRE_COMP objects are now constant once completed).

Extend 'extra_data' API to support arbitrarily many slots (although we
need only one at the moment).

Modify EC internal 'extra_data' API: EC_GROUP_[clear_]free_extra_data
now frees only a single slot (the previous functions are available as
EC_GROUP_[clear_]free_all_extra_data).

Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
 2003-02-12 18:30:16 +00:00
Richard Levitte
e4b95737f0 Adjust DES_cbc_cksum() so the returned value is the same as MIT's 
mit_des_cbc_cksum().  The difference was first observed, then verified by
looking at the MIT source.
 2003-02-12 17:20:50 +00:00
Richard Levitte
9ec1d35f29 Adjust DES_cbc_cksum() so the returned value is the same as MIT's 
mit_des_cbc_cksum().  The difference was first observed, then verified by
looking at the MIT source.
 2003-02-12 17:20:39 +00:00
Dr. Stephen Henson
cf56663fb7 Option to disable SSL auto chain build 2003-02-12 17:06:02 +00:00
Dr. Stephen Henson
c13eba970c Option to disable auto SSL chain building. 2003-02-12 17:05:17 +00:00
Bodo Möller
ea513641d0 comments 2003-02-12 14:17:41 +00:00
Bodo Möller
4309b740ce comments 2003-02-12 14:17:38 +00:00
Bodo Möller
8537943e8b first section is now "Changes between 0.9.7a and 0.9.8", not "... 0.9.7 and 0.9.8" 2003-02-11 16:42:30 +00:00
Dr. Stephen Henson
a8f5b2ed50 GeneralString support in mini-ASN1 compiler 2003-02-11 14:06:27 +00:00
Dr. Stephen Henson
33075f229e Typo. 2003-02-10 17:52:10 +00:00
Richard Levitte
28f573a28d Make sure memcpy() is properly declared by including string.h. 2003-02-10 11:14:35 +00:00
Bodo Möller
e2c9c91b5b fix EC_GROUP_copy for EC_GFp_nist_method() 
Submitted by: Nils Larsch
 2003-02-08 19:51:37 +00:00
Bodo Möller
d42d2d1ab6 avoid coredump 
Submitted by: Nils Larsch
 2003-02-08 19:49:16 +00:00