wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8670 commits 20 branches 302 tags 153 MiB
Commit graph

4246 commits

Author SHA1 Message Date
Ben Laurie
48ca0c99b2 Use PURIFY instead of PEDANTIC. 2007-09-20 12:33:24 +00:00
Dr. Stephen Henson
625782f7ee Wrap "keep valgrind happy" change in #ifdef PEDANTIC so any entropy in the 
buffer can be normally used.
 2007-09-19 13:29:05 +00:00
Ben Laurie
4f2b7d48b1 make depend 2007-09-19 12:17:11 +00:00
Andy Polyakov
ba75b4e750 Wire DES weak_keys to read-only segment [from HEAD]. 2007-09-18 20:59:33 +00:00
Andy Polyakov
ab011d51be Minimize stack utilization in probable_prime [from HEAD]. 2007-09-18 20:55:10 +00:00
Andy Polyakov
898d9b1a87 Remove excessive whitespaces from bio.h. 2007-09-18 20:49:25 +00:00
Bodo Möller
4f9a9d2b79 Make sure that BN_from_montgomery keeps the BIGNUMS in proper format 2007-09-18 16:31:18 +00:00
Andy Polyakov
12a52467c8 Typo in pq_compat.h [note that this file is not present in HEAD]. 
PR: 1537
 2007-09-17 16:21:21 +00:00
Andy Polyakov
53b9696f3f It's inappropraite to override application signal, nor is it appropriate 
to shut down Winsock unless we know it won't be used [and we never do]
[from HEAD].
PR: 1439
 2007-09-16 18:35:45 +00:00
Andy Polyakov
80ed5f84de Make bn2dec work on "SIXTY_FOUR_BIT" platforms [from HEAD]. 
PR: 1456
 2007-09-15 17:05:57 +00:00
Andy Polyakov
d4cfbdf2c0 Integrate remaining parts of #14247 [from HEAD]. 2007-09-07 12:27:50 +00:00
Dr. Stephen Henson
294f03a812 Reimplement safestack to avoid function pointer casts. 2007-09-06 21:07:43 +00:00
Dr. Stephen Henson
927a28ba3b gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL. 
Fix various "computed value not used" warnings too.
 2007-09-06 12:43:54 +00:00
Andy Polyakov
7a44a0cee7 aes_ige update [from HEAD]. 2007-08-30 08:11:25 +00:00
Andy Polyakov
1040deb0c5 Respect ISO aliasing rules [from HEAD]. 
PR: 1296
 2007-07-27 20:34:56 +00:00
Andy Polyakov
05ea800faf AES for IA64 update [from HEAD]. 2007-07-27 18:22:04 +00:00
Andy Polyakov
a8098740c6 Relax ISA detection. 2007-07-19 10:45:03 +00:00
Andy Polyakov
e3af0d041e Fix masm type-casting problem in SSE2 code. 2007-07-18 20:25:17 +00:00
Andy Polyakov
a313e23fff Shut up memory debuggers complaining about AES x86 assembler module 
[it was not a bug!].
PR: 1508,1320
 2007-07-08 19:41:12 +00:00
Andy Polyakov
4d2a292e8a EVP_*_cfb1 was broken [from HEAD]. 
PR: 1318
 2007-07-08 19:18:15 +00:00
Andy Polyakov
5a84b7fc2d bn_mul_recursive doesn't handle all cases correctly, which results in 
BN_mul failures at certain key-length mixes [from HEAD].
PR: 1427
 2007-07-08 18:54:30 +00:00
Andy Polyakov
d8e660a6dc Typo in str_lib [from HEAD]. 
PR: 1177
 2007-07-07 20:11:42 +00:00
Dr. Stephen Henson
14346b3456 Fix warnings: C++ comments and computed value not used. 2007-07-04 12:56:33 +00:00
Andy Polyakov
a166e96d16 bn_mont.c fix [from HEAD]. 2007-06-29 13:12:34 +00:00
Ben Laurie
8dd8ce1dc3 Fix warning. 2007-06-23 19:07:54 +00:00
Andy Polyakov
649ab2dcfa Optimize OPENSSL_cleanse [from HEAD]. 2007-06-20 17:37:09 +00:00
Andy Polyakov
283aedf498 Privatize BN_*_no_branch [from HEAD]. 2007-06-11 16:33:50 +00:00
Andy Polyakov
1a56614af2 Eliminate conditional final subtraction in Montgomery multiplication 
[from HEAD].
 2007-06-11 16:15:10 +00:00
Dr. Stephen Henson
693c33e407 Update from HEAD. 2007-06-07 16:13:56 +00:00
Dr. Stephen Henson
d9a9aa027d Update from HEAD. 2007-05-22 23:33:08 +00:00
Bodo Möller
b22250bb67 Fix crypto/ec/ec_mult.c to work properly with scalars of value 0 2007-05-22 09:48:06 +00:00
Andy Polyakov
d446120527 Padlock engine fails to compile with -O0 -fPIC [from HEAD]. 2007-05-20 07:14:14 +00:00
Andy Polyakov
bb9d68489c Type cast fixes in aes-586.pl. 2007-05-19 20:12:21 +00:00
Andy Polyakov
81fc4c93ef Typo in x509_txt.c [from HEAD]. 2007-05-19 18:04:21 +00:00
Ben Laurie
8957121c14 More IGE speedup. 2007-05-13 15:04:16 +00:00
Ben Laurie
50241bc84e AES IGE mode speedup. 2007-05-13 12:03:57 +00:00
Bodo Möller
8db10d9ac4 remove leftover from editing ... 2007-04-24 00:46:48 +00:00
Bodo Möller
c3cc4662af Add SEED encryption algorithm. 
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
 2007-04-23 23:50:26 +00:00
Bodo Möller
22892f9803 fix error codes 2007-04-19 15:14:39 +00:00
Bodo Möller
27eb115fb6 don't violate the bn_check_top assertion in BN_mod_inverse_no_branch() 2007-04-19 14:45:27 +00:00
Dr. Stephen Henson
51a596ef4f Update from HEAD. 2007-04-09 11:46:36 +00:00
Dr. Stephen Henson
1cb7e5be5b Fix OID config module. 2007-04-08 17:45:03 +00:00
Ben Laurie
84dd04e761 Make sure we detect corruption. 2007-04-04 12:50:13 +00:00
Bodo Möller
2ac061e487 make BN_FLG_CONSTTIME semantics more fool-proof 2007-03-28 18:44:01 +00:00
Bodo Möller
7cdb81582c Change to mitigate branch prediction attacks 
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
 2007-03-28 00:14:25 +00:00
Dr. Stephen Henson
3380c52f15 Stop memory leak. 2007-03-05 00:06:47 +00:00
Lutz Jänicke
1364e6f1ac Initialize "buf" to 0 to make valgrind happy :-) 
Note: the RAND_bytes() manual page says:
 RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf.
It does not talk about using the previous contents of buf so we are working
as documented.
 2007-03-02 17:54:31 +00:00
Lutz Jänicke
c5ac2aa62c Do not use uninitialized memory to seed the PRNG as it may confuse 
code checking tools.
PR: 1499
 2007-03-02 17:44:55 +00:00
Dr. Stephen Henson
392a0345de EVP_CIPHER_CTX_key_length() should return the set key length in the 
EVP_CIPHER_CTX structure which may not be the same as the underlying
cipher key length for variable length ciphers.
 2007-02-27 18:42:52 +00:00
Dr. Stephen Henson
5dd24ead57 Prepare for next version. 2007-02-23 12:50:54 +00:00
Dr. Stephen Henson
d2cb94952a Add L to version number 2007-02-23 12:38:11 +00:00
Dr. Stephen Henson
0615396d2d Prepare for release. 2007-02-23 12:12:28 +00:00
Dr. Stephen Henson
82877ea449 Make update. 2007-02-23 01:01:08 +00:00
Lutz Jänicke
d69f85bf15 Fix incorrect handling of special characters 
PR: 1459
Submitted by: tnitschke@innominate.com
Reviewed by: steve@openssl.org
 2007-02-21 17:44:51 +00:00
Dr. Stephen Henson
52ee969e29 Update from 0.9.7-stable. 2007-02-21 13:48:49 +00:00
Dr. Stephen Henson
d1049ad93e Fix Win32 warnings. 2007-02-18 17:23:20 +00:00
Nils Larsch
8f813338f1 - use OPENSSL_malloc() etc. in zlib 
- move zlib_stateful_ex_idx initialization to COMP_zlib()

PR: 1468
 2007-02-14 21:50:26 +00:00
Nils Larsch
5eee0253e5 remove unreachable code 2007-02-10 09:48:42 +00:00
Dr. Stephen Henson
594c723f98 Add hmac option to dgst from 0.9.7-stable. 2007-02-08 19:08:21 +00:00
Richard Levitte
53707e2eec After objects have been freed, NULLify the pointers so there will be no double 
free of those objects
 2007-02-07 01:42:51 +00:00
Nils Larsch
fde794e898 fix typo 2007-02-06 19:48:36 +00:00
Dr. Stephen Henson
e31c620686 Update from fips2 branch. 2007-02-03 17:32:14 +00:00
Nils Larsch
923df53e25 fix potential memory leaks 
PR: 1462
Submitted by: Charles Hardin <chardin@2wire.com>
 2007-02-03 09:51:59 +00:00
Dr. Stephen Henson
dc3b721fa0 Update from 0.9.7-stable. 2007-01-23 17:54:22 +00:00
Dr. Stephen Henson
4a0d3530e0 Update from HEAD. 2007-01-21 13:16:49 +00:00
Andy Polyakov
78d4d87e39 Initialize padlock in shared build. 2007-01-04 22:55:25 +00:00
Andy Polyakov
6211633273 #include <stddef.h> in digest headers [from HEAD]. 2006-12-29 14:55:43 +00:00
Richard Levitte
e25eb309ec From HEAD 2006-12-26 21:23:38 +00:00
Richard Levitte
ffa2b2aa7d Synchronise with Unixly build 2006-12-25 10:57:20 +00:00
Andy Polyakov
a77a95584d Make sha.h more "portable" [from HEAD]. 2006-12-22 16:04:56 +00:00
Nils Larsch
8e6905d238 remove trailing '\' 
PR: 1438
 2006-12-19 19:47:39 +00:00
Bodo Möller
1a8521ff24 Fix the BIT STRING encoding of EC points or parameter seeds 
(need to prevent the removal of trailing zero bits).
 2006-12-19 15:10:46 +00:00
Dr. Stephen Henson
35e59297fc Update from 0.9.7-stable branch 2006-12-07 13:28:07 +00:00
Dr. Stephen Henson
9b945233b1 Update from HEAD. 2006-12-06 13:38:59 +00:00
Nils Larsch
66c4bb1a70 avoid duplicate entries in add_cert_dir() 
PR: 1407
Submitted by: Tomas Mraz <tmraz@redhat.com>
 2006-12-05 21:21:10 +00:00
Nils Larsch
3c786aa6c8 allocate a new attributes entry in X509_REQ_add_extensions() 
if it's NULL (in case of a malformed pkcs10 request)

PR: 1347
Submitted by: Remo Inverardi <invi@your.toilet.ch>
 2006-12-04 19:10:58 +00:00
Nils Larsch
e5cce6d356 add "Certificate Issuer", "Issuing Distribution Point" and 
"Subject Directory Attributes" OIDs

PR: 1433
 2006-12-04 18:48:16 +00:00
Andy Polyakov
723b7d81e4 Camellia fixes and improvements from HEAD. 2006-12-02 12:00:27 +00:00
Andy Polyakov
a3ddd7358b Camellia portability fixes. 
Submitted by: Masashi Fujita, NTT
 2006-12-02 11:57:40 +00:00
Dr. Stephen Henson
45c027f31f Update dependencies. 2006-11-30 14:03:58 +00:00
Dr. Stephen Henson
34a8c7ec87 Win32 fixes. 
Use OPENSSL_NO_RFC3779 instead of OPENSSL_RFC3779: this makes the Win32 scripts
work and is consistent with other options.

Fix Win32 scripts and Configure to process OPENSSL_NO_RFC3779 properly.

Update ordinals.

Change some prototypes for LSB because VC++ 6 doesn't like the */ sequence and thinks it is an invalid end of comment.
 2006-11-30 13:04:43 +00:00
Nils Larsch
d4a6240005 replace macros with functions 
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
 2006-11-29 20:47:15 +00:00
Ben Laurie
4636341b05 Add RFC 3779 support, contributed by ARIN. 2006-11-27 13:36:55 +00:00
Nils Larsch
be3b770d8f register the engine as default engine in ENGINE_set_default() 
PR: 1431
 2006-11-24 18:44:26 +00:00
Dr. Stephen Henson
115fc340cb Rebuild error file C source files. 2006-11-21 20:14:46 +00:00
Dr. Stephen Henson
4877e30504 Fix from HEAD. 2006-11-13 13:23:05 +00:00
Andy Polyakov
e336441197 Gcc over-optimizes PadLock AES CFB codepath, tell it not to [from HEAD]. 2006-10-19 20:56:31 +00:00
Dr. Stephen Henson
20d6182f33 Typo. 2006-10-05 21:59:09 +00:00
Nils Larsch
aa145866f9 return an error if the supplied precomputed values lead to an invalid signature 2006-10-04 19:55:03 +00:00
Mark J. Cox
fdff41e166 Initialise ctx to NULL to avoid uninitialized free, noticed by 
Steve Kiernan
 2006-09-29 08:21:07 +00:00
Mark J. Cox
25e52a78fb After tagging, bump ready for 0.9.8e development 2006-09-28 11:39:33 +00:00
Mark J. Cox
47c4bb2ddf Prepare for 0.9.8d release 2006-09-28 11:32:42 +00:00
Mark J. Cox
951dfbb13a Introduce limits to prevent malicious keys being able to 
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
 2006-09-28 11:29:03 +00:00
Dr. Stephen Henson
c987c3f999 Fix from HEAD. 2006-09-22 17:07:40 +00:00
Bodo Möller
7d5af5e0fa Ensure that the addition mods[i]+delta cannot overflow in probable_prime(). 
[Problem pointed out by Adam Young <adamy (at) acm.org>]
 2006-09-18 14:01:39 +00:00
Bodo Möller
40ddcb717a Remove non-functional part of recent patch, after discussion with 
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
 2006-09-06 06:43:26 +00:00
Mark J. Cox
da1841a075 After tagging, prep for next release 2006-09-05 08:51:30 +00:00
Mark J. Cox
0a0a10d127 Ready for 0.9.8c release 2006-09-05 08:45:37 +00:00
Mark J. Cox
df20b6e79b Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher 
(CVE-2006-4339)

Submitted by:  Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
 2006-09-05 08:25:42 +00:00
Dr. Stephen Henson
f4f1dc39e0 Fix from HEAD. 2006-08-31 21:01:41 +00:00
Dr. Stephen Henson
340b4dd7df Fix from HEAD. 2006-08-31 20:11:09 +00:00
Ben Laurie
4b9dcd821f Add IGE and biIGE modes. 2006-08-28 11:00:32 +00:00
Andy Polyakov
669c5c9380 Engage assembler in solaris64-x86_64-cc [backport from HEAD]. 2006-08-01 16:13:47 +00:00
Bodo Möller
d9c06b56ca New Camellia implementation (replacing previous version) 
Submitted by: NTT
 2006-07-19 13:38:27 +00:00
Dr. Stephen Henson
eb499b2854 Oops... 2006-07-09 12:07:22 +00:00
Dr. Stephen Henson
65a82ef6d7 Fix from HEAD. 2006-07-09 12:03:02 +00:00
Bodo Möller
5d7f15daf8 use <poll.h> as by Single Unix Specification 2006-06-30 08:14:50 +00:00
Bodo Möller
ec67e3b7e4 always read in RAND_poll() if we can't use select because of a too 
large FD: it's non-blocking mode anyway
 2006-06-28 14:50:00 +00:00
Andy Polyakov
0d3ff3c073 aes-586.pl sync from HEAD. 2006-06-28 09:01:40 +00:00
Andy Polyakov
325e48867c Mitigate the hazard of cache-collision timing attack on last round 
[from HEAD].
 2006-06-28 08:58:15 +00:00
Richard Levitte
8de95bc05b Use poll() when possible to gather Unix randomness entropy 2006-06-27 06:31:57 +00:00
Bodo Möller
4a9cfd763e Another thread-safety fix 2006-06-16 01:01:14 +00:00
Bodo Möller
1921a1adb2 "make depend" for the default configuration, i.e. no-camellia here in 
the 0.9.8 branch!
 2006-06-14 09:56:08 +00:00
Bodo Möller
6d2cd23f40 Thread-safety fixes 2006-06-14 08:51:41 +00:00
Bodo Möller
14fb67f28a make update 2006-06-14 08:47:00 +00:00
Richard Levitte
c552680473 Keep synchronised with Unix 2006-06-12 06:46:27 +00:00
Bodo Möller
edbf9f878d Camellia cipher, contributed by NTT 
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
 2006-06-11 01:08:15 +00:00
Richard Levitte
2745ddfc33 Keep synchronised with the Unix build 2006-06-10 05:38:29 +00:00
Bodo Möller
808606034a Camellia cipher, contributed by NTT 
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
 2006-06-09 22:31:05 +00:00
Bodo Möller
e18eef3d7a Camellia cipher, contributed by NTT 
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
 2006-06-09 15:42:21 +00:00
Dr. Stephen Henson
986ad56124 Fix from HEAD. 2006-05-17 18:20:27 +00:00
Dr. Stephen Henson
1c5dc844e7 Update for next dev version. 2006-05-04 13:08:35 +00:00
Dr. Stephen Henson
f871949efd Prepare for new release. 2006-05-04 12:46:42 +00:00
Dr. Stephen Henson
eb2ec6bee9 make update 2006-05-04 12:15:59 +00:00
Dr. Stephen Henson
db0edc3273 Inherit check time if appropriate. 2006-05-03 13:16:02 +00:00
Dr. Stephen Henson
d4426e79a7 Fix warning. 2006-04-15 17:53:52 +00:00
Dr. Stephen Henson
b095418d20 Fix from 0.9.7-stable. 2006-04-15 17:43:18 +00:00
Dr. Stephen Henson
d6fd880481 Fix on the right branch this time :-) 2006-04-15 13:17:53 +00:00
Dr. Stephen Henson
cbb0b734c7 If cipher list contains a match for an explicit ciphersuite only match that 
one suite.
 2006-04-15 00:22:34 +00:00
Nils Larsch
d5cc2f19cd fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end() 2006-03-14 22:48:31 +00:00
Nils Larsch
b7a80146f4 fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end() 2006-03-13 23:12:08 +00:00
Dr. Stephen Henson
81418b7c77 Update from HEAD. 2006-03-01 21:17:50 +00:00
Nils Larsch
e2217e7ed5 fix "#ifndef HZ" statement 
PR: 1287
 2006-02-28 20:08:46 +00:00
Dr. Stephen Henson
9d01d50459 Update from head. 2006-02-21 01:00:47 +00:00
Dr. Stephen Henson
e27c67c5c5 Fix from HEAD. 2006-02-19 13:45:22 +00:00
Dr. Stephen Henson
38a3178185 Fix OBJ_obj2txt() for large OIDs. 2006-02-15 15:03:47 +00:00
Nils Larsch
58828ae573 fix typo: pass pre-computed parameters to the underlying signature function; thanks to Lucas Newman 2006-02-13 08:22:39 +00:00
Nils Larsch
22d1087e16 backport recent changes from the cvs head 2006-02-08 19:16:33 +00:00
Dr. Stephen Henson
9f85fcefdc Update filenames in makefiles 2006-02-04 01:49:36 +00:00
Dr. Stephen Henson
269d2575cd Fix from HEAD. 2006-02-04 01:26:49 +00:00
Nils Larsch
0b8ed5de2d fix if statement: call conn_state() if the BIO is not in the BIO_CONN_S_OK state 2006-02-02 22:16:45 +00:00
Ben Laurie
c22684eac9 Constification. 2006-02-02 15:27:22 +00:00
Dr. Stephen Henson
c42cd4b831 Fix from HEAD. 2006-01-31 18:37:41 +00:00
Dr. Stephen Henson
02df47d349 Fixes for BOOL handling: produce errors for invalid string for mini-compiler, 
correctly encode FALSE for BOOL in ASN1_TYPE.
 2006-01-19 17:17:33 +00:00
Dr. Stephen Henson
41c39e3366 Fix for Win32 dynamic engine loading. 2006-01-15 17:28:35 +00:00
Nils Larsch
611ed5f312 fix comment 
PR: 1270
 2006-01-13 23:52:17 +00:00
Nils Larsch
27fbb5dbf4 2 is a prime number ... 
PR: 1266
 2006-01-13 23:29:31 +00:00
Richard Levitte
db8d9b7cf1 Forgot to initialize CC6DISABLEWARNINGS properly... 2006-01-11 18:55:49 +00:00
Richard Levitte
60ec950517 Typo... 2006-01-11 13:31:19 +00:00
Richard Levitte
2cd4ebc01f Disable the Mixed Linkage warning for some selected modules. This is 
because the Compaq C compiler will not accept that a variable be
declared extern then defined static without a warning.
 2006-01-09 19:22:53 +00:00
Richard Levitte
5f4dcaf781 /usr/bin/perl util/mkerr.pl -recurse -write -rebuild 2006-01-09 16:05:22 +00:00
Bodo Möller
c55d882fab Avoid contradictive error code assignments. 
"make error".
 2006-01-08 21:52:46 +00:00
Bodo Möller
2e885232c2 Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts) 2006-01-08 19:41:25 +00:00
Dr. Stephen Henson
970d9b3795 Update from HEAD. 2006-01-03 14:20:47 +00:00
Richard Levitte
0ae50f19da Missing files in the VMS installation 2006-01-02 23:33:06 +00:00
Andy Polyakov
25d5d1a60d eng_padlock.c update from HEAD. 2005-12-28 16:26:07 +00:00
Andy Polyakov
6ff58b9240 Minor eng_padlock.c update from HEAD. 2005-12-27 21:24:22 +00:00
Andy Polyakov
99237262d4 Missing CFLAG in couple of depend: targets [from HEAD]. 
PR: 1247
Submitted by: Doug Kaufman
 2005-12-18 19:02:22 +00:00
Andy Polyakov
6c4da94687 bio.h update from HEAD. 
PR: 1252
 2005-12-16 21:24:59 +00:00
Bodo Möller
de71735e7c comment 2005-12-13 05:46:30 +00:00
Andy Polyakov
05decf3638 Perlasm update from HEAD addressing build problems on non-ELF platforms 
after http://cvs.openssl.org/chngview?cn=14661.
 2005-12-06 18:47:18 +00:00
Dr. Stephen Henson
7614f0e55e Various zlib related fixes and enhancements. 2005-12-05 13:34:56 +00:00
Dr. Stephen Henson
0632284f79 Fix warning. 2005-12-04 21:34:51 +00:00
Dr. Stephen Henson
ad4a89f070 Fix from HEAD. 2005-12-03 17:47:20 +00:00
Andy Polyakov
6104c49f31 x86cpuid.pl update [from HEAD]. 2005-12-03 11:57:36 +00:00
Dr. Stephen Henson
cf6bc84148 Update from HEAD. 2005-12-02 13:47:02 +00:00
Dr. Stephen Henson
36d51bea93 Update from HEAD. 2005-12-02 13:29:28 +00:00
Ben Laurie
ec7033745e Fix memory leak. 2005-11-25 14:26:12 +00:00
Dr. Stephen Henson
feef17fd88 Update from HEAD. 2005-11-20 13:26:57 +00:00
Andy Polyakov
98c045cf3a crypto/bn/asm/sparcv8plus.S update from HEAD. 2005-11-15 08:05:19 +00:00
Dr. Stephen Henson
8860f3a82a Fix possible race condition. 2005-11-11 12:59:39 +00:00
Andy Polyakov
43e9f4ca2f crypto/Makefile update from HEAD. 
PR: 1236
 2005-11-09 20:47:40 +00:00
Dr. Stephen Henson
abb0c2bba4 Update VC++ build engine to include supported engine DLL builds. 2005-11-06 17:49:00 +00:00
Richard Levitte
35a97b4b7b Fix numerous bugs in the Win32 path splitter 2005-11-01 07:49:47 +00:00
Richard Levitte
f59463aad3 A slight change in documentation that makes it so much more comprehensible 2005-11-01 04:56:29 +00:00
Andy Polyakov
2a87c31237 Broaden compatibility amount Win32 headers even further [from HEAD]. 2005-10-13 19:07:28 +00:00
Richard Levitte
da5f7fdcee The version text wasn't bumoed after tagging... 2005-10-11 19:26:41 +00:00
Mark J. Cox
d8b408b1de Bump after tag 2005-10-11 10:21:22 +00:00
Mark J. Cox
64932f9e4a Add fixes for CAN-2005-2969 
Bump release ready for OpenSSL_0_9_8a tag
 2005-10-11 10:16:21 +00:00
Richard Levitte
5a20efcf17 Synchronise with Unixly make. 2005-10-11 10:15:56 +00:00
Dr. Stephen Henson
1bef284ab1 Update from HEAD. 2005-10-05 17:53:40 +00:00
Andy Polyakov
049ced2c2f Fix typo [from HEAD]. 2005-09-29 20:18:05 +00:00
Andy Polyakov
844b0e603b Fix missing applink call [from HEAD]. 2005-09-29 16:59:19 +00:00
Richard Levitte
75ef751e23 Change a comment so it corresponds to reality. Put back a character that 
was previously replaced with a NUL for parsing purposes.  This seems to
fix a very weird parsing bug involving two variable references in the same
value.
 2005-09-28 18:03:06 +00:00
Dr. Stephen Henson
c4f6e56fca Avoid unused variable warnings. 2005-09-26 02:40:18 +00:00
Nils Larsch
ff86d3d894 protect BN_BLINDING_invert with a write lock and BN_BLINDING_convert 
with a read lock

Submitted by: Leandro Santi <lesanti@fiuba7504.com.ar>
 2005-09-22 23:32:49 +00:00
Andy Polyakov
efaf159af6 Broaden compatibility among Windows SDK versions [from HEAD]. 2005-09-22 20:29:35 +00:00
Andy Polyakov
4685663d73 Latest MSVCR80 doesn't tolerate unsupported signal numbers [from HEAD]. 
PR: 1205
 2005-09-20 20:32:36 +00:00
Andy Polyakov
ed1f716022 "Overload" SunOS 4.x memcmp, which ruins ASN1_OBJECT table lookups [from HEAD]. 
PR: 1196
Submitted by: Russel Ruby
 2005-09-20 20:25:17 +00:00
Andy Polyakov
cb59297438 Proper solution to nasm compilation problems in Borland context. 2005-09-20 06:15:18 +00:00
Andy Polyakov
7306ab29bc bswapl usage should be masked by I386_ONLY. 
PR: 1195
 2005-09-19 13:17:07 +00:00
Nils Larsch
e734dcc2c7 bugfix: register engine as default engine in ENGINE_set_default_DSA 
Submitted by: Jonathon Green
 2005-09-09 07:52:18 +00:00
Dr. Stephen Henson
0fce007b8e Add two extra verify flags functions. 2005-09-02 22:48:21 +00:00
Nils Larsch
5a053a3a07 fix typo in sbgp names 
PR: 1194
 2005-09-02 21:22:50 +00:00
Nils Larsch
7f622f6c04 fix warnings when building openssl with (gcc 3.3.1): 
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
-Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
-Wstrict-prototypes -Wreturn-type -Wpointer-arith  -W -Wunused
-Wno-unused-parameter -Wuninitialized
 2005-08-28 23:20:52 +00:00
Bodo Möller
9eaf7e14c7 avoid potential spurious BN_free() 
Submitted by: David Heine <dlheine@suif.Stanford.EDU>
 2005-08-23 04:14:55 +00:00
Ben Laurie
0e441bc103 Missing arguments. 2005-08-22 04:59:27 +00:00
Ben Laurie
9ddb11f11c Avoid weak subgroups in Diffie Hellman. 2005-08-20 18:35:53 +00:00
Andy Polyakov
9dc4ca4507 Pedantic polish to ectest.c [from HEAD]. 2005-08-11 08:44:34 +00:00
Andy Polyakov
98e986141b Windows CE update from HEAD. 2005-08-07 22:29:58 +00:00
Nils Larsch
d7e35e0371 avoid infinite recursion if dynamic engine isn't loaded 
Submitted by: Jonathon Green <jonathon_au@yahoo.com>
 2005-08-06 10:34:35 +00:00
Nils Larsch
62b6cd007f fix potential memory leak + improved error checking 
PR: 1182
 2005-08-05 09:41:24 +00:00
Dr. Stephen Henson
1682e8fb12 Allow PKCS7_decrypt() to work if no cert supplied. 2005-08-04 22:10:05 +00:00
Andy Polyakov
984aefe0e8 3-4 times better RSA/DSA performance on WIN64A target [from HEAD]. 2005-08-04 17:42:58 +00:00
Andy Polyakov
2d54cc69c9 WCE update, mostly typos [from HEAD]. 2005-08-03 20:04:05 +00:00
Andy Polyakov
2dd8278de8 PIC-ify SPARC assembler in alternative manner to eliminate dependency on 
OPENSSL_PIC macro [from HEAD].
 2005-08-03 10:44:29 +00:00
Andy Polyakov
e0d8ac972e Abstain from GUI calls in rand_win.c in NT service context [from HEAD]. 2005-08-02 22:22:17 +00:00
Andy Polyakov
93cf2b17bf WCE-specific fix for cryptlib.c [from HEAD]. 2005-08-02 22:21:07 +00:00
Andy Polyakov
b3c7162fd0 WCE update from HEAD. 2005-08-02 12:03:09 +00:00
Andy Polyakov
67865069eb Implement complementary LoadLibraryA shim under WCE. [from HEAD] 2005-08-02 11:03:42 +00:00
Andy Polyakov
1957924d51 Fix #if _MSC_VER clause in aes_locl.h [from HEAD]. 2005-07-30 19:49:24 +00:00
Nils Larsch
104a66f256 remove unused variable 2005-07-27 20:19:51 +00:00
Nils Larsch
3de6d65ea3 improved error checking and some fixes 
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
 2005-07-26 20:55:17 +00:00
Dr. Stephen Henson
fdb0a6e004 Update from head. 2005-07-26 12:46:53 +00:00
Nils Larsch
87b857b6bf fix BN_mod_word and give a more reasonable return value if an error occurred 2005-07-25 22:55:48 +00:00
Dr. Stephen Henson
b18165301d Update from head. 2005-07-25 18:40:09 +00:00
Nils Larsch
0cdd29ea78 Remove BN_CTX_DEBUG from the normal debug build flags (it's too noisy 
to be really useful for 'normal' debugging).
Disable EC_GROUP_precompute_mult for the nist curves in ectest.c as
it causes problems when libefence is used.
 2005-07-23 08:46:41 +00:00
Nils Larsch
7dec24688f set correct bn->top value 2005-07-21 22:38:16 +00:00
Nils Larsch
e62fa54811 the final byte of pkcs7 padded plaintext can never be 0 
Submitted by: K S Sreeram <sreeram@tachyontech.net>
 2005-07-20 22:02:25 +00:00
Andy Polyakov
1614174e79 Bug-fix from HEAD. 
PR: 1130
 2005-07-19 23:10:04 +00:00
Nils Larsch
f95d097359 fix typo 2005-07-17 21:05:11 +00:00
Nils Larsch
3c6ab9aad9 bugfix: 0 - w (w != 0) is actually negative 2005-07-17 16:08:21 +00:00
Nils Larsch
4913b88f70 make 
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
	make all test
work again (+ make update)

PR: 1159
 2005-07-16 11:13:10 +00:00
Andy Polyakov
2a824402f3 DES CFB bug-fix from HEAD. 2005-07-08 16:48:34 +00:00
Richard Levitte
86a249fe4f On case insensitive systems, 'install' gets mixed up with the existing file 
'INSTALL', so we need to put some force into installing
 2005-07-08 10:13:25 +00:00
Richard Levitte
750cb3d248 Now that 0.9.8 has been tagged, it's time to move on. 2005-07-05 19:11:56 +00:00
Richard Levitte
f254b540b8 Time to release OpenSSL 0.9.8. 
The tag will be OpenSSL_0_9_8.
 2005-07-05 18:49:43 +00:00
Andy Polyakov
b914049c53 Get rid of "unary minus applied to unsigned type" warning. 2005-07-04 23:30:31 +00:00
Andy Polyakov
dabaea8048 To secure Win64 API I'm throwing in this minimalistic Win64 support. 2005-07-04 23:24:12 +00:00
Andy Polyakov
2e39604021 Fix bugs in bug-fix to x509/by_dir.c [from HEAD]. 
PR: 1131
 2005-07-03 13:15:53 +00:00
Andy Polyakov
fbfb947b21 Bugfix for bn_div_words PPC assembler implementation [from HEAD]. 2005-07-03 09:23:57 +00:00
Dr. Stephen Henson
9152f07eaf Check PKCS7 structures in PKCS#12 files are of type data. 2005-06-30 11:34:27 +00:00
Richard Levitte
35f70c09f5 Actually, the 64bit format specifier differs between SIXTY_FOUR_BIT and 
SIXTY_FOUR_BIT_LONG
 2005-06-29 18:48:12 +00:00
Nils Larsch
6b695fefd0 remove OPENSSL_NO_ASM dependency 2005-06-28 15:03:58 +00:00
Ben Laurie
50d5376698 Replace missing character deleted in error. 2005-06-28 12:53:33 +00:00
Ben Laurie
5b9b62a7db Fix warning. 2005-06-28 12:41:35 +00:00
Ben Laurie
c0e29e5b01 Fix warnings. 2005-06-28 12:32:48 +00:00
Andy Polyakov
2f03129d46 bn.h update from HEAD. 2005-06-28 11:52:52 +00:00
Andy Polyakov
b44e2d3416 x86nasm.pl update from HEAD. 2005-06-28 11:30:12 +00:00
Andy Polyakov
a24b7eeb87 Makefile updates from HEAD [see http://cvs.openssl.org/chngview?cn=14099 
for further details].
 2005-06-28 09:10:19 +00:00
Andy Polyakov
beae6324e5 Eliminate dependency on UNICODE macro. 2005-06-27 21:21:12 +00:00
Andy Polyakov
ef04c9aff8 IA64 RC4 update from HEAD [see commentary in HEAD for details]. 
PR: 1114
 2005-06-26 16:14:22 +00:00
Andy Polyakov
ff0bfe64af Replace emms with finit in x86cpuid. 2005-06-24 16:34:46 +00:00
Richard Levitte
8bdbf50772 Wrap the inclusion of openssl/engine.h with a protective check for 
the absence of OPENSSL_NO_ENGINE.
 2005-06-23 22:08:41 +00:00
Richard Levitte
ec33a76641 Wrap the inclusion of openssl/engine.h with a protective check for 
the absence of OPENSSL_NO_ENGINE.

PR: 1123
 2005-06-23 21:57:37 +00:00
Richard Levitte
00ce9376c7 Do not defined des_crypt(), since it clashes with Solaris crypt.h. 
PR: 1125
 2005-06-23 21:53:52 +00:00
Richard Levitte
46e7a9797e Initialise dir to avoid a compiler warning. 2005-06-23 21:49:18 +00:00
Richard Levitte
07f7b4b470 Update for Stratus VOS. 
PR: 1130
 2005-06-23 21:27:13 +00:00
Richard Levitte
40ba0257de Change dir_ctrl to check for the environment variable before using the default 
directory instead of the other way around.

PR: 1131
 2005-06-23 21:14:10 +00:00
Andy Polyakov
2a5b22d6f9 Missed -c in IRIX rule. 2005-06-23 20:38:19 +00:00
Andy Polyakov
f247dc7522 IRIX upadte from HEAD. 2005-06-23 16:47:21 +00:00
Dr. Stephen Henson
c4b13b0268 Reorder extensions to account for synced OID table. 2005-06-22 17:28:55 +00:00
Dr. Stephen Henson
daef72316f Sync OID database with 0.9.7. 2005-06-22 17:26:24 +00:00
Dr. Stephen Henson
1f93c96e63 Fix extension ordering. 2005-06-22 13:25:38 +00:00
Richard Levitte
8aa9c79276 Tagging is done, we're moving on. 2005-06-21 05:56:26 +00:00
Richard Levitte
09a7f2e734 Prepare for a release of 0.9.8-beta6. This is supposed to be the 
final beta.
The tag will be OpenSSL_0_9_8-beta6
 2005-06-21 05:49:47 +00:00
Richard Levitte
2b975dfd5b Do no try to pretend we're at the end of anything unless we're at the end 
of a 4-character block.
 2005-06-20 22:11:28 +00:00
Andy Polyakov
8d56c8b51c Solaris x86_64 /usr/ccs/bin/as support. 2005-06-20 14:50:26 +00:00
Richard Levitte
7435d89edf Move the definition of DEVRANDOM for DJGPP from Configure to e_os.h. 
That should solve the issues with propagating it through the Makefiles.

PR: 1110
 2005-06-18 04:42:34 +00:00
Richard Levitte
14557c8be4 Only define ZLIB_SHARED if it hasn't already been defined (on the command 
line, for example).

PR: 1112
 2005-06-18 04:32:23 +00:00
Dr. Stephen Henson
ce2c19e357 Update from head. 2005-06-16 02:05:57 +00:00
Richard Levitte
c923394924 Now that beta5 is tagged, lets continue with beta6. 2005-06-13 03:48:22 +00:00
Richard Levitte
d9dbd24db5 Time to release beta 5. 
The tag will be OpenSSL_0_9_8-beta5
 2005-06-13 03:36:21 +00:00
Richard Levitte
cbcbd07da2 Netware patch submitted by Verdon Walker" <VWalker@novell.com> in PR 
1107.  He says:

This is a followup to the NetWare patch that was applied to beta3.  It
does the following:

- Fixes a problem in the CLib build with undefined symbols.

- Adds the ability to use BSD sockets as the default for the OpenSSL
  socket BIO.  NetWare supports 2 flavors of sockets and our Apache
  developers need BSD sockets as a configurable option when building
  OpenSSL.  This adds that for them.

- Updates to the INSTALL.NW file to explain new options.

I have tried very hard to make sure all the changes are in NetWare
specific files or guarded carefully to make sure they only impact
NetWare builds.  I have tested the Windows build to make sure it does
not break that since we have made changes to mk1mf.pl.

We are still working the gcc cross compile for NetWare issue and hope
to have a patch for that before beta 6 is released.
 2005-06-13 03:21:01 +00:00
Andy Polyakov
428759b3d4 Allow for dso load by explicit path on HP-UX. 2005-06-09 20:50:44 +00:00
Dr. Stephen Henson
39d29195a7 Update from head. 2005-06-06 22:41:50 +00:00
Andy Polyakov
727c9b8027 Allow BIO_s_file to open and sequentially access files larger than 2GB 
on affected platforms.
PR: 973
 2005-06-06 12:05:12 +00:00
Richard Levitte
6687f12988 Now that tagging is done, we can continue working. 2005-06-06 00:44:49 +00:00
Richard Levitte
fcd12fc0f1 Time to release 0.9.8 beta 4. 
The tag will be OpenSSL_0_9_8-beta4
 2005-06-06 00:39:18 +00:00
Richard Levitte
0fb4d54068 Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER 
and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true),
depending on which is true.  Use those flags everywhere else to provide
the correct implementation for handling certain operations in q PQ_64BIT.
 2005-06-06 00:32:30 +00:00
Richard Levitte
7a6bb17255 Change pq_compat.h to trust the macros defined by bn.h a bit more, and thereby 
provide better generic support for environments that do not have 64-bit
integers.  Among others, this should solve PR 1086
 2005-06-05 22:43:08 +00:00
Richard Levitte
8a41bcc934 Old typo... 
PR: 1097
 2005-06-05 21:55:09 +00:00
Andy Polyakov
3d5afc8b83 PSS update [from 0.9.7]. 2005-06-02 18:29:21 +00:00
Nils Larsch
b0fb889c29 check return value 2005-06-01 22:35:07 +00:00
Dr. Stephen Henson
460e80bd1d Update from 0.9.7-stable 2005-06-01 22:14:41 +00:00
Richard Levitte
bc1e96e942 Synchronise yet a little more with the Unixly build 2005-06-01 16:24:20 +00:00
Nils Larsch
431712293d fix assertion 
PR: 1072
 2005-05-31 20:38:31 +00:00
Nils Larsch
e00b165e9b let "make all test" work with "no-aes" 
PR: 1078
 2005-05-31 17:56:17 +00:00
Andy Polyakov
7a37dd92ed "Show" more respect to no-sha* config options. 
PR: 1086
 2005-05-31 16:33:43 +00:00
Andy Polyakov
39663d2c40 Missing sparcv8.o rule. 
PR: 1082
 2005-05-31 12:18:15 +00:00
Nils Larsch
198bcece58 fix warning 2005-05-31 09:55:13 +00:00
Richard Levitte
3d37d5e24a Forgottent make update. These files will be retagged. 2005-05-30 23:20:32 +00:00
Richard Levitte
adb040d4cb Tagging done, moving up to next beta in development. 2005-05-30 23:07:30 +00:00
Richard Levitte
22d1acd5ac Time to release the next beta (a few days late, sorry about that). 
The tag will be OpenSSL_0_9_8-beta3
 2005-05-30 22:56:49 +00:00
Richard Levitte
77b97ee0d7 DJGPP changes. Contributed by Doug Kaufman <dkaufman@rahul.net> 2005-05-30 22:37:41 +00:00
Richard Levitte
e2ac4732cd pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't 
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.

Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
 2005-05-30 22:34:28 +00:00
Richard Levitte
e8f665b495 Synchronise with Unixly build 2005-05-30 22:26:23 +00:00
Dr. Stephen Henson
c2d78c9623 Copy ordinals from 0.9.7 and update. 2005-05-30 00:28:38 +00:00
Richard Levitte
e96025755d We have some source with \r\n as line ends. DEC C informs about that, 
and I really can't be bothered...
 2005-05-29 12:13:20 +00:00
Richard Levitte
c9028b0ab5 Typo 2005-05-29 11:26:56 +00:00
Dr. Stephen Henson
b4d2858f95 Add PSS prototype to rsa.h 2005-05-28 20:50:11 +00:00
Dr. Stephen Henson
dea446d995 Update from 0.9.7-stable branch. 2005-05-28 20:49:09 +00:00
cvs2svn
5cd94f9e9d This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_8-stable'.
 2005-05-28 20:44:38 +00:00
Dr. Stephen Henson
429168e7ee Add pss/x931 files. 2005-05-28 20:44:37 +00:00
Dr. Stephen Henson
499fca2db3 Update from 0.9.7-stable. Also repatch and rebuild error codes. 2005-05-28 20:44:02 +00:00
Bodo Möller
cad811fc41 Use BN_with_flags() in a cleaner way. 2005-05-27 15:39:24 +00:00
Bodo Möller
a28a5d9c62 Use BN_with_flags() in a cleaner way. 2005-05-27 15:38:53 +00:00
Dr. Stephen Henson
3f791ca818 Assing check_{cert,crl}_time to 'ok' variable so it returns errors on 
expiry.
 2005-05-27 13:19:25 +00:00
Bodo Möller
e4106a4e24 make sure DSA signing exponentiations really are constant-time 2005-05-26 04:40:57 +00:00
Bodo Möller
0ebfcc8f92 make sure DSA signing exponentiations really are constant-time 2005-05-26 04:40:52 +00:00
Bodo Möller
c61f571ce0 check BN_copy() return value 2005-05-26 04:30:49 +00:00
Bodo Möller
a506b8c7dd check BN_copy() return value 2005-05-26 04:30:48 +00:00
Andy Polyakov
e5cd536894 Some assemblers are too rudimentary to understand dynamic labels. 2005-05-25 21:37:18 +00:00
Richard Levitte
7d9e1321c7 Forgot to change the version number itself. 2005-05-24 03:57:12 +00:00
Richard Levitte
83af7422a0 Tagging is done, we continue on beta3, which is planned to be released 
on Sunday May 29th.
 2005-05-24 03:50:30 +00:00
Richard Levitte
ce8945f35c Time to release the next beta. 
The tag will be OpenSSL_0_9_8-beta2.
 2005-05-24 03:42:49 +00:00
Richard Levitte
af4ac437ab It seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512 
was still active when it came down to the functions.  mkdef.pl should really
be corrected, but that'll be another day...
 2005-05-24 03:39:10 +00:00
Richard Levitte
85991994df It seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512 
was still active when it came down to the functions.  mkdef.pl should really
be corrected, but that'll be another day...
 2005-05-24 03:39:08 +00:00
Richard Levitte
2f596aeef5 DEC C complains about bad subscript, but we know better, so let's shut it up. 2005-05-24 03:22:56 +00:00
Richard Levitte
b172dec864 DEC C complains about bad subscript, but we know better, so let's shut it up. 2005-05-24 03:22:53 +00:00
Andy Polyakov
61391e2314 Be more consistent with OPENSSL_NO_SHA256. 2005-05-22 10:27:59 +00:00
Andy Polyakov
36b29660ce Be more consistent with OPENSSL_NO_SHA256. 2005-05-22 10:26:47 +00:00
Andy Polyakov
4b23506594 OPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to 
make no-sha512 more effective on platforms, which don't support 64-bit
integer type of *any* kind.
 2005-05-22 08:55:15 +00:00
Andy Polyakov
31e4ad25ba OPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to 
make no-sha512 more effective on platforms, which don't support 64-bit
integer type of *any* kind.
 2005-05-22 08:52:12 +00:00
Andy Polyakov
225f4daf15 Still SEGV trouble in .init segment under Solaris x86... 2005-05-21 17:51:12 +00:00
Andy Polyakov
82d3dda8a1 Still SEGV trouble in .init segment under Solaris x86... 2005-05-21 17:49:10 +00:00
Richard Levitte
b9927cfa2d When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in 
http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html.

Notified by David Wolfe <dwolfe5272@yahoo.com>
 2005-05-21 17:39:53 +00:00
Richard Levitte
fe8bf9560d When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in 
http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html.

Notified by David Wolfe <dwolfe5272@yahoo.com>
 2005-05-21 17:39:43 +00:00
Ben Laurie
fe977f7512 Propagate BUILDENV into subdirectories. 2005-05-21 16:13:36 +00:00
Andy Polyakov
886ed3544b Move _WIN32_WINNT definition from command line to e_os.h [from HEAD]. 2005-05-21 13:19:46 +00:00
Andy Polyakov
e476f94212 Move _WIN32_WINNT definition from command line to e_os.h. The change is 
inspired by VC6 failure report. In addition abstain from taking screen
snapshots when running in NT service context.
 2005-05-21 13:19:27 +00:00
Nils Larsch
aff2922f9a fix typo, add prototype 2005-05-20 23:01:31 +00:00
Nils Larsch
bbbd67108f fix typo, add prototype 2005-05-20 22:55:10 +00:00
Nils Larsch
f32e0035a3 fix potential memory leak 
Submitted by: Goetz Babin-Ebell
 2005-05-19 22:11:22 +00:00
Nils Larsch
7f246621b5 fix potential memory leak 
Submitted by: Goetz Babin-Ebell
 2005-05-19 22:10:40 +00:00
Richard Levitte
032bb2a2c5 Tagging of 0.9.8-beta1 is done, time to update the version numbers to 
the next beta (beta2).
 2005-05-19 19:45:53 +00:00
Richard Levitte
fa96ed06d2 Update version information. 2005-05-19 19:42:04 +00:00
Richard Levitte
43133041c9 'make update' with a default configuration. 2005-05-19 19:31:53 +00:00
Nils Larsch
3f4657d131 fix "dereferencing type-punned pointer will break strict-aliasing rules" 
warning when using gcc 4.0
 2005-05-19 12:01:51 +00:00
Nils Larsch
f5634286a3 fix "dereferencing type-punned pointer will break strict-aliasing rules" 
warning when using gcc 4.0
 2005-05-19 11:59:35 +00:00
Andy Polyakov
3f516ce837 SysV make [or least some of them] don't propogate command line macros to 
recursively called make. So let's pass down BUILDENV as value too...
 2005-05-19 01:48:46 +00:00
Nils Larsch
67ffa18cce make the type parameter const when ID2_OF_const() is used 2005-05-18 22:30:38 +00:00
Nils Larsch
9f197f9da5 make the type parameter const when ID2_OF_const() is used 2005-05-18 22:29:17 +00:00
Andy Polyakov
ca3e683747 Don't emit SSE2 instructions unless were asked to [from HEAD]. 
PR: 1073
 2005-05-18 08:45:21 +00:00
Andy Polyakov
c50226594d Don't emit SSE2 instructions unless were asked to. 
PR: 1073
 2005-05-18 08:42:08 +00:00
Andy Polyakov
38a1757168 Engage Applink in mingw. [from HEAD] 2005-05-18 08:17:29 +00:00
Andy Polyakov
51ff6bde38 Engage Applink in mingw. Note that application-side module is not 
compiled into *our* aplpications. That's because mingw is always
consistent with itself. Having library-side code linked into .dll
makes it possible to deploy the .dll with user-code compiled with
another compiler [which is pretty much the whole point behind Applink].
 2005-05-18 08:16:46 +00:00
Richard Levitte
4104a57107 OpenSSL 0.9.8 has just entered beta status. Not quite releasing yet, 
since I need to write a NEWS entry.

This means we're in feature freeze.  HEAD is now 0.9.9-dev.
 2005-05-18 04:14:22 +00:00
Richard Levitte
c800a070b5 I just branched 0.9.8, so HEAD needs to be bumped to 0.9.9-dev. 
The 0.9.8 branch is called OpenSSL_0_9_8-stable.
 2005-05-18 03:58:34 +00:00
Andy Polyakov
53d8996764 Engage Applink for VC builds. 2005-05-17 16:50:46 +00:00
Nils Larsch
8712009778 simplify EC_KEY_dup 2005-05-17 12:23:16 +00:00
Bodo Möller
f468e3824a fix memory leak (BIO_free_all needs pointer to first BIO) 
PR: 1070
 2005-05-17 05:52:24 +00:00
Andy Polyakov
ea1b02db6a OPENSSL_Applink update. 2005-05-17 00:08:28 +00:00
Andy Polyakov
25a66ee3cb Move cryptlib.h prior bio.h. Actually it makes sense to include cryptlib.h 
first everywhere in crypto and skip stdio.h and string.h [because it
includes them].
 2005-05-17 00:01:48 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and 
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
 2005-05-16 16:55:47 +00:00
Andy Polyakov
7abbffc3fb Further BUILDENV clean-up, 'make depend' is operational again. 2005-05-16 14:24:45 +00:00
Nils Larsch
9dd8405341 ecc api cleanup; summary: 
- hide the EC_KEY structure definition in ec_lcl.c + add
  some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
  attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
  additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
 2005-05-16 10:11:04 +00:00
Bodo Möller
46a643763d Implement fixed-window exponentiation to mitigate hyper-threading 
timing attacks.

BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.

Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
 2005-05-16 01:43:31 +00:00
Bodo Möller
10cde5010d make update 2005-05-16 00:27:37 +00:00
Andy Polyakov
734540f887 Consolidate BUILDENV [idea is to keep all variables in one place]. 2005-05-15 23:53:34 +00:00
Andy Polyakov
804515425a +20% performance improvement of P4-specific RC4_CHAR loop. 2005-05-15 22:43:00 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
b6995add5c Make -CSP option work again in pkcs12 utility by checking for 
attribute in EVP_PKEY structure.
 2005-05-15 00:54:45 +00:00
Dr. Stephen Henson
8ccd06c66c openssl_fcast should always be defined, not just with DEBUG_SAFESTACK 2005-05-14 12:58:20 +00:00
Dr. Stephen Henson
fe86616c72 Some C compilers produce warnings or compilation errors if an attempt 
is made to directly cast a function of one type to what it considers and
incompatible type. In particular gcc 3.4.2.

Add new openssl_fcast macro to place functions into a form where the compiler
will allow them to be cast.

The current version achives this by casting to: void function(void).
 2005-05-12 23:01:44 +00:00
Dr. Stephen Henson
ba2ba27008 Avoid warnings. 2005-05-12 22:40:19 +00:00
Dr. Stephen Henson
c596c795bf Typo. 2005-05-12 17:28:53 +00:00
Ben Laurie
4b26fe30de There must be an explicit way to build the .o! 2005-05-11 16:39:05 +00:00
Bodo Möller
8afca8d9c6 Fix more error codes. 
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
 2005-05-11 03:45:39 +00:00
Nils Larsch
8b15c74018 give EC_GROUP_new_by_nid a more meanigful name: 
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
 2005-05-10 11:37:47 +00:00
Andy Polyakov
e19e549041 Comply with optimization manual (no data should share cache-line with code). 2005-05-09 21:48:01 +00:00
Andy Polyakov
d7561ac576 Allow for 64-bit cache-line alignments in code segment. 2005-05-09 21:27:40 +00:00
Bodo Möller
fbeaa3c47d Update util/ck_errf.pl script, and have it run automatically 
during "make errors" and thus during "make update".

Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.
 2005-05-09 00:27:37 +00:00
Bodo Möller
b0ac0a8ef8 improve comment readability 2005-05-09 00:06:54 +00:00
Nils Larsch
7dc17a6cf0 give EC_GROUP_*_nid functions a more meaningful name 
EC_GROUP_get_nid -> EC_GROUP_get_curve_name
	EC_GROUP_set_nid -> EC_GROUP_set_curve_name
 2005-05-08 22:09:12 +00:00
Andy Polyakov
b6223d2f70 Eliminate "statement with no effect" warning when OPENSSL_assert macro 
is used with constant assertion.
 2005-05-08 19:54:33 +00:00
Andy Polyakov
5d0d60e2f5 x86_64 assembler translator update. 2005-05-07 08:13:51 +00:00
Andy Polyakov
57ee007035 Fix constants. 
PR: 1059
 2005-05-07 08:11:50 +00:00
Richard Levitte
82e8cb403a Since BN_LLONG will only be defined for Alpha/VMS and not VAX/VMS, 
there's no need to undefine it here.  Then, let's get a bit paranoid
and not define BN_ULLONG on THIRTY_TWO_BIT machines when BN_LLONG
isn't defined.
 2005-05-06 13:34:35 +00:00
Nils Larsch
2c288b2a7e fix compiler warning; pow10 is also in math.h 2005-05-05 20:57:37 +00:00
Andy Polyakov
0ee883650d Commentary update motivating code update in 0.9.7. 2005-05-04 14:51:38 +00:00
Andy Polyakov
70cf309517 x86_64 assembler translator update. 2005-05-04 08:42:47 +00:00
Andy Polyakov
8b5bf52ac2 Cvs missed adapted module itself, here it goes... 2005-05-03 23:03:31 +00:00
Andy Polyakov
73a9485081 Engage md5-x86_64 assembler module. 2005-05-03 22:59:17 +00:00
Andy Polyakov
d37a65bc81 Throw in md5-x86_64 assembler. 2005-05-03 22:56:15 +00:00
Andy Polyakov
34c7ff6dc9 Cygwin doesn't expose Win32 [not "officially"]. 2005-05-03 21:20:17 +00:00
Andy Polyakov
647907918d Commentary update. 2005-05-03 21:16:42 +00:00
Andy Polyakov
cee73df3bd Cpuid modules updates. 2005-05-03 21:05:06 +00:00
Nils Larsch
f15c448a72 remove BN_ncopy, it was only used in bn_nist.c and wasn't particular 
useful anyway
 2005-05-03 20:27:00 +00:00
Nils Larsch
fcb41c0ee8 rewrite of bn_nist.c, disable support for some curves on 64 bit platforms 
for now (it was broken anyway)
 2005-05-03 20:23:33 +00:00
Andy Polyakov
5f1841cdca Rename amd64 modules to x86_64 and update RC4 implementation. 2005-05-03 15:42:05 +00:00
Andy Polyakov
4b45051902 x86_64 assembler translator update. 2005-05-03 15:35:14 +00:00
Dr. Stephen Henson
05338b58ce Support for smime-type MIME parameter. 2005-05-01 12:46:57 +00:00
Andy Polyakov
405d9761a5 Allow for ./config no-sha0 [from stable]. 2005-04-30 21:51:41 +00:00
Dr. Stephen Henson
98a2fd32a0 Typo. 2005-04-30 18:07:30 +00:00
Dr. Stephen Henson
7bdeeb64ac Don't attempt to parse nested ASN1 strings by default. 2005-04-30 18:02:54 +00:00
Dr. Stephen Henson
e1cc0671ac Use more efficient way to locate end of an ASN1 structure. 2005-04-30 13:06:45 +00:00
Nils Larsch
c1a8a5de13 don't let BN_CTX_free(NULL) segfault 2005-04-29 21:20:31 +00:00
Nils Larsch
6a50d0a422 hide the definition of ECDSA_METHOD and ECDSA_DATA (and mutatis mutandis 
for ecdh)
 2005-04-29 15:56:06 +00:00
Nils Larsch
1897c89302 avoid warnings when building on systems where sizeof(void *) > sizeof(int) 2005-04-29 14:26:59 +00:00
Andy Polyakov
3cc54008eb Pointer to BN_MONT_CTX could be used uninitialized. 2005-04-28 08:49:01 +00:00
Richard Levitte
ff8bcccdd4 Synchronise with Unix build system. 2005-04-28 04:55:28 +00:00
Dr. Stephen Henson
a93b01be57 Increase offset for BIO_f_enc() to avoid problems with overlapping buffers 
when decrypting data.
 2005-04-28 00:21:29 +00:00
Dr. Stephen Henson
6c61726b2a Lots of Win32 fixes for DTLS. 
1. "unsigned long long" isn't portable changed: to BN_ULLONG.
2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
2. Avoid lots of compiler warnings about signed/unsigned mismatches.
3. Include new library directory pqueue in mk1mf build system.
4. Update symbols.
 2005-04-27 16:27:14 +00:00
Nils Larsch
df9e0bf507 add missing parentheses 2005-04-27 07:57:50 +00:00
Dr. Stephen Henson
879b19801a Change method_mont_p from (char *) to (BN_MONT_CTX *) and remove several 
casts.
 2005-04-27 00:04:59 +00:00
Dr. Stephen Henson
6ec8e63af6 Port BN_MONT_CTX_set_locked() from stable branch. 
The function rsa_eay_mont_helper() has been removed because it is no longer
needed after this change.
 2005-04-26 23:58:54 +00:00
Dr. Stephen Henson
465b9f6b26 Stop unused variable warning. 2005-04-26 23:45:49 +00:00
Dr. Stephen Henson
2deadf1672 Port from stable branch. 2005-04-26 23:21:49 +00:00
Nils Larsch
800e400de5 some updates for the blinding code; summary: 
- possibility of re-creation of the blinding parameters after a
  fixed number of uses (suggested by Bodo)
- calculatition of the rsa::e in case it's absent and p and q
  are present (see bug report #785)
- improve the performance when if one rsa structure is shared by
  more than a thread (see bug report #555)
- fix the problem described in bug report #827
- hide the definition ot the BN_BLINDING structure in bn_blind.c
 2005-04-26 22:31:48 +00:00
Dr. Stephen Henson
667aef4c6a Port from stable branch. 2005-04-26 22:07:17 +00:00
Bodo Möller
aa4ce7315f Fix various incorrect error function codes. 
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
 2005-04-26 18:53:22 +00:00
Bodo Möller
0d5ea7613e make update 2005-04-26 18:09:21 +00:00
Ben Laurie
36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00
Bodo Möller
2e7245f5a3 Use OPENSSL_NO_CAST, not OPENSSL_NO_CAST5 in e_old.c 
PR: 959
 2005-04-25 23:09:00 +00:00
Andy Polyakov
3d5fd31280 Avoid L1 cache aliasing even between key and S-boxes. 2005-04-24 21:09:20 +00:00
Nils Larsch
9edf4e8157 make asn.1 field names const 2005-04-23 13:45:49 +00:00
Nils Larsch
965a1cb92e change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible 2005-04-23 10:11:16 +00:00
Ben Laurie
e9ad6665a5 Add debug target, remove cast, note possible bug. 2005-04-23 06:05:24 +00:00
Ben Laurie
b5855b2f32 Add prototypes. 2005-04-22 23:57:46 +00:00
Nils Larsch
a0bee97e55 more const 2005-04-22 21:57:36 +00:00
Nils Larsch
ff22e913a3 - use BN_set_negative and BN_is_negative instead of BN_set_sign 
and BN_get_sign
- implement BN_set_negative as a function
- always use "#define BN_is_zero(a) ((a)->top == 0)"
 2005-04-22 20:02:44 +00:00
Andy Polyakov
04d0d0accf Avoid aliasing between stack frames and S-boxes. Compress prefetch code. 2005-04-22 11:49:32 +00:00
Richard Levitte
630e4a6e59 Provide a default OPENSSL_ia32cap_loc for non-Intel platforms where 
util/libeay.num is important when building shared libraries, like
VMS.
 2005-04-21 09:10:19 +00:00
Dr. Stephen Henson
2c45bf2bc9 Rename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts. 
Remove more bogus shadow warnings.
 2005-04-20 21:48:06 +00:00
Dr. Stephen Henson
836ec0c764 Stop compiler warnings about deprecated lvalue casts. 2005-04-20 21:39:13 +00:00
Dr. Stephen Henson
5e72fb063a Stop bogus shadowing warning. 2005-04-20 21:34:29 +00:00
Richard Levitte
a74286d636 Make sure id2_func is properly cast as well... 2005-04-20 13:17:42 +00:00
Richard Levitte
254cfe878e signed vs. unsigned. 2005-04-20 13:12:33 +00:00
Richard Levitte
ed824195a1 Avoid compiler complaint about mismatched function signatures 
(void * != char *)
 2005-04-20 13:09:46 +00:00
Richard Levitte
22c3600e4c Resolve signed vs. unsigned. 2005-04-20 12:55:15 +00:00
Richard Levitte
49f386578e Type mismatch detected by DEC C compiler. void* != void** 2005-04-20 12:53:50 +00:00
Richard Levitte
7c671508bd Avoid compiler complaint about mismatched function signatures 
(void * != RSA *)
 2005-04-20 10:02:16 +00:00
Dr. Stephen Henson
987bebaf8c New "algorithm define" OPENSSL_NO_GMP. Update mkdef.pl and Configure script 
to use it.
 2005-04-19 13:24:44 +00:00
Dr. Stephen Henson
f68854b4c3 Various Win32 and other fixes for warnings and compilation errors. 
Fix Win32 build system to use 'Makefile' instead of 'Makefile.ssl'.
 2005-04-19 00:12:36 +00:00
Andy Polyakov
1cfd258ed6 Throw in x86_64 AT&T to MASM assembler converter to facilitate development 
of dual-ABI Unix/Win64 modules.
 2005-04-17 21:05:57 +00:00
Richard Levitte
2906dc8601 Synchronise with ec/Makefile. 2005-04-17 09:07:37 +00:00
Andy Polyakov
c8d5c71af5 Mitigate cache-timing attack in CBC mode. This is done by implementing 
compressed tables (2x compression factor) and by pre-fetching them into
processor cache prior every CBC en-/decryption pass. One can argue why
just CBC? Well, it's commonly used mode in real-life applications and
API allows us to amortize the prefetch costs for larger data chunks...
 2005-04-16 15:23:21 +00:00
Dr. Stephen Henson
fbe6ba81e9 Check return values of <Digest>_Init functions in low level digest calls. 2005-04-14 22:58:44 +00:00
Andy Polyakov
2b85e23d2e Prototype mnemonics in padlock_verify_context for better portability 
[read support for Solaris assembler].
 2005-04-14 07:47:10 +00:00
Andy Polyakov
026bb0b96a Fix for bug emerged in openvpn conext. 2005-04-14 07:41:29 +00:00
Andy Polyakov
e62991a07c Zap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL. 2005-04-13 20:51:42 +00:00
Andy Polyakov
1bf955920a Fix typos. 2005-04-13 15:41:11 +00:00
Andy Polyakov
51d28013db Introduce OPENSSL_NONPIC_relocated to denote relocated DLLs. 2005-04-13 08:46:35 +00:00
Andy Polyakov
9e88c82703 Minor cryptlib.c update: compiler warnings in OPENSSL_showfatal and 
OPENSSL_stderr stub.
 2005-04-13 06:55:42 +00:00
Dr. Stephen Henson
ad0db060b1 More overwritten stuff... 2005-04-12 16:36:36 +00:00
Dr. Stephen Henson
3547478fc8 Replace overwritten lines before error codes. 2005-04-12 16:17:53 +00:00
Dr. Stephen Henson
29dc350813 Rebuild error codes. 2005-04-12 16:15:22 +00:00
Dr. Stephen Henson
bc3cae7e7d Include error library value in C error source files instead of fixing up 
at runtime.
 2005-04-12 13:31:14 +00:00
Nils Larsch
37942fab51 include limits.h for UINT_MAX etc. 2005-04-11 20:59:58 +00:00
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Dr. Stephen Henson
b392e52050 Move allow_proxy_certs declaration to start of function. 2005-04-10 23:41:09 +00:00
Richard Levitte
d9bfe4f97c Added restrictions on the use of proxy certificates, as they may pose 
a security threat on unexpecting applications.  Document and test.
 2005-04-09 16:07:12 +00:00
Nils Larsch
f763e0b5ae make sure error queue is totally emptied 
PR: 359
 2005-04-07 22:53:35 +00:00
Andy Polyakov
9f2027e56d Implement OPENSSL_showfatal and make it Win32 GUI and service aware 
[meaning that it will detect in which context application is running
and either write message to stderr, post a dialog or log an event].
 2005-04-07 18:39:45 +00:00
Andy Polyakov
e1d51de41f Harmonize cygwin/mingw and VC targets. 2005-04-07 15:51:55 +00:00
Andy Polyakov
81ee80ab88 +45% RC4 performance boost on Intel EM64T core. Unrolled loop providing 
further +35% will follow...

Submitted by: Zou Nanhai
 2005-04-06 09:45:42 +00:00
Nils Larsch
70f34a5841 some const fixes and cleanup 2005-04-05 10:29:43 +00:00
Nils Larsch
c2e40d0f9a remove unused recp method 2005-04-04 18:15:59 +00:00
Andy Polyakov
0abfd60604 Extend Solaris x86 support to amd64. 2005-04-04 17:10:53 +00:00
Andy Polyakov
e5dbccc182 Solaris x86 linker erroneously pads .init segment with zeros instead of 
nops, which causes SEGV at startup. So I don't align anymore.
 2005-04-04 17:07:16 +00:00
Andy Polyakov
f8fa22d826 Some non-GNU compilers (such as Sun C) define __i386. 2005-04-04 17:05:06 +00:00
Andy Polyakov
60fd574cdf Make bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially 
introduced for a reason [like bug in initial gcc port], but proposed
=&r is treated correctly by senior 3.2, so we can assume it's safe now.
PR: 1031
 2005-04-03 18:53:29 +00:00
Ben Laurie
73705abc34 If input is bad, we still need to clear the buffer. 2005-04-03 16:38:22 +00:00
Dr. Stephen Henson
7bdf8eed69 Typo 2005-04-01 21:56:15 +00:00
Ben Laurie
8bb826ee53 Consistency. 2005-03-31 13:57:54 +00:00
Ben Laurie
45d10efc35 Simplicate and add lightness. 2005-03-31 10:55:55 +00:00
Ben Laurie
41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Nils Larsch
fea4280a8b fix header 2005-03-30 21:38:29 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Ben Laurie
0821bcd4de Constification. 2005-03-30 10:26:02 +00:00
Nils Larsch
c01d2b974e when building with OPENSSL_NO_DEPRECATED defined BN_zero is a macro 
which cannot be evaluated in an if statement
 2005-03-28 15:06:29 +00:00
Ulf Möller
7a8c728860 undo Cygwin change 2005-03-24 00:14:59 +00:00
Nils Larsch
41e455bfc4 test, remove unnecessary const cast 2005-03-22 17:55:18 +00:00
Ulf Möller
130db968b8 Use Windows randomness code on Cygwin 2005-03-19 11:39:17 +00:00
Ulf Möller
8d274837e5 fix breakage for Perl versions that do boolean operations on long words 2005-03-19 11:13:30 +00:00
Bodo Möller
9f6715d4bb "make depend". This takes into account the algorithms that are now 
disabled by default (MDC2 and RC5), which until now were skipped
by "make links" and yet supposedly required by some of the Makefiles,
meaning that the recent snapshots failed to compile.

Problem reported by Nils Larsch.
 2005-03-13 19:49:47 +00:00
Andy Polyakov
1642000707 Cygwin to use DSO_FLFCN and mingw to use DSO_WIN32. 2005-03-12 11:28:41 +00:00
Andy Polyakov
f7f2125522 Avoid re-build avalanches with HP-UX make. 2005-03-12 09:12:44 +00:00
Bodo Möller
2b61034b0b fix potential memory leak when allocation fails 
PR: 801
Submitted by: Nils Larsch
 2005-03-11 09:01:24 +00:00
Bodo Möller
80c808b90b Fix typo 
PR: 1017
Submitted by: ciresh@yahoo.com
Reviewed by: Nils Larsch
 2005-03-09 19:08:02 +00:00
Lutz Jänicke
f69a8aebab Fix hang in EGD/PRNGD query when communication socket is closed 
prematurely by EGD/PRNGD.
PR: 1014
Submitted by: Darren Tucker <dtucker@zip.com.au>
 2005-02-19 10:19:07 +00:00
Dr. Stephen Henson
9d10b15ef9 Fix possible memory leak. 2005-02-14 21:53:24 +00:00
Andy Polyakov
da30c74a27 Remove unused assembler modules. 2005-02-06 13:43:02 +00:00
Andy Polyakov
67ea999d4a This patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF 
and GNU binutils, but kept BSD make... And I took the opportunity to
unify other targets to this common least denominator...
 2005-02-06 13:23:34 +00:00
Richard Levitte
8c3c570134 The first argument to load_iv should really be a char ** instead of an 
unsigned char **, since it points at text.

Thanks to Nils Larsch <nils.larsch@cybertrust.com> for pointing out
the inelegance of our code :-)
 2005-01-27 11:42:28 +00:00
Richard Levitte
bf746f0f46 Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might 
cause a segfault...  This was uncovered because EVP_VerifyInit() may fail
in FIPS mode if the wrong algorithm is chosen...
 2005-01-27 01:49:25 +00:00
Richard Levitte
a229e3038e Get rid if the annoying warning 2005-01-27 01:47:31 +00:00
Andy Polyakov
fbdce13e5a Please BSD make... 2005-01-25 22:09:11 +00:00
Andy Polyakov
e532a6c449 FreeBSD 5 refuses to #include <malloc.h>. Fix compiler warning after 
http://cvs.openssl.org/chngview?cn=12843.
 2005-01-25 22:07:22 +00:00
Andy Polyakov
8359421d90 Default to AES u32 being unsinged int and not long. This improves cache 
locality on 64-bit platforms (and fixes IA64 assembler-empowered build:-).
The choice is guarded by newly introduced AES_LONG macro, which needs
to be defined only on 16-bit platforms which we don't support (not that
I know of). Meaning that one could as well skip long option altogether.
 2005-01-24 14:22:05 +00:00
Andy Polyakov
efde5230f1 Improve ECB performance (48+14*rounds -> 18+13*rounds) and reserve for 
hand-coded zero-copy AES_cbc_encrypt.
 2005-01-24 14:14:53 +00:00
Andy Polyakov
bac252a5e3 Bug-fix in CBC encrypt tail processing and commentary section update. 2005-01-20 10:33:37 +00:00
Andy Polyakov
addb6e16a8 Throw in AES CBC assembler, up to +40% on aes-128-cbc benchmark. 2005-01-18 01:04:41 +00:00
Andy Polyakov
ed65fab910 Reserve for AES CBC assembler implementation... 2005-01-18 00:43:32 +00:00
Andy Polyakov
90cc40911b Don't zap AES CBC IV, when decrypting truncated content in place. 2005-01-18 00:26:52 +00:00
Richard Levitte
a7201e9a1b Changes concering RFC 3820 (proxy certificates) integration: 
- Enforce that there should be no policy settings when the language
   is one of id-ppl-independent or id-ppl-inheritAll.
 - Add functionality to ssltest.c so that it can process proxy rights
   and check that they are set correctly.  Rights consist of ASCII
   letters, and the condition is a boolean expression that includes
   letters, parenthesis, &, | and ^.
 - Change the proxy certificate configurations so they get proxy
   rights that are understood by ssltest.c.
 - Add a script that tests proxy certificates with SSL operations.

Other changes:

 - Change the copyright end year in mkerr.pl.
 - make update.
 2005-01-17 17:06:58 +00:00
Dr. Stephen Henson
fcd5cca418 PKCS7_verify() performance optimization. When the content is large and a 
memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots
of slow memory copies from the memory BIO by saving the content in a
temporary read only memory BIO.
 2005-01-14 17:52:24 +00:00
Andy Polyakov
e6d27baf52 Rely on e_os.h to appropriately define str[n]casecmp in non-POSIX 
environments.
 2005-01-13 15:46:09 +00:00
Andy Polyakov
e7e1150706 "Monolithic" x86 assembler replacement for aes_core.c. Up to +15% better 
performance on recent microarchitectures.
 2005-01-13 15:35:44 +00:00
Andy Polyakov
5d727078ac Fix an "oops" typo! Well, it was a debugging left-over... 2005-01-13 15:25:30 +00:00
Andy Polyakov
108159ffcc O_NOFOLLOW is not appropriate when opening /dev/* entries on Solaris. 
PR: 998
 2005-01-13 15:20:42 +00:00
Richard Levitte
b15a93a9c5 Correct a faulty address assignment, and add a length check (not 
really needed now, but may be needed in the future, who knows?).
 2005-01-12 09:53:20 +00:00
Andy Polyakov
7de4b5b060 Permit "monolithic" AES assembler implementations, i.e. such which would 
replace *whole* aes_core.c, not only AES_[de|en]crypt routines.
 2005-01-09 16:01:58 +00:00
Andy Polyakov
02a00bb054 DJGPP update. 
PR: 989
Submitted by: Doug Kaufman
 2005-01-04 10:28:38 +00:00
Andy Polyakov
3b4de6e4cc Borrow #include <string[s].h> from e_os.h. 2004-12-31 00:00:05 +00:00
Andy Polyakov
bdbc9b4d1a Make whiny compilers stop complaining about missing prototype. 2004-12-30 23:40:31 +00:00
Andy Polyakov
25866e3982 Commentary update for AES IA-64 assembler module. 2004-12-30 10:55:02 +00:00
Andy Polyakov
3b3df98ca6 Minor AES x86 assembler tune-up. 2004-12-30 10:46:03 +00:00
Andy Polyakov
2e4a99f38b AES-CFB[18] 2x optimization. Well, I bet nobody cares about AES-CFB1 
performance, but anyway...
 2004-12-30 10:43:33 +00:00
Andy Polyakov
f1ce306f30 Oops-kind typos in aes-ia64.S... 2004-12-28 17:10:42 +00:00
Richard Levitte
37b11ca78e iv needs to be const because it sometimes takes it's value from a 
const.
 2004-12-28 10:35:13 +00:00
Richard Levitte
a17af9e277 Forgot to synchronise the VMS build scripts. 2004-12-28 10:22:00 +00:00
Richard Levitte
6951c23afd Add functionality needed to process proxy certificates. 2004-12-28 00:21:35 +00:00
Andy Polyakov
de421076a5 Minor cygwin update. 
PR: 949
 2004-12-27 21:27:46 +00:00
Andy Polyakov
9850f7f6b2 Remove yet another redundant memcpy. Not at least performance critical, 
essentially cosmetic modification...
 2004-12-26 13:05:40 +00:00
Andy Polyakov
131e064e4a Eliminate redundant memcpy of IV material. Performance improvement varies 
from platform to platform and can be as large as 20%.
 2004-12-26 12:31:37 +00:00
Andy Polyakov
556b8f3f77 Engage AES x86 assembler module for COFF and a.out targets. 2004-12-26 10:58:39 +00:00
Andy Polyakov
045d3285e2 Engage AES x86 assembler module on ELF platforms. 2004-12-23 21:44:28 +00:00
Andy Polyakov
d1df5b4339 x86 perlasm update to accomodate aes-586.pl. 2004-12-23 21:43:25 +00:00
Andy Polyakov
25558bf743 Eliminate copies of TeN and TdN, use those found in assembler module. 2004-12-23 21:40:23 +00:00
Andy Polyakov
713147109c AES x86 assembler implementation. 2004-12-23 21:32:34 +00:00
Andy Polyakov
76ef6ac956 Refine PowerPC platform support. 2004-12-20 13:44:34 +00:00
Dr. Stephen Henson
a842df6659 Remove unused buffer 'buf'. 2004-12-20 00:49:36 +00:00
Richard Levitte
fbf218b8c3 make update (oops, missed this file) 2004-12-13 22:57:39 +00:00
Richard Levitte
3c97bd833b Change libeay.num so it's synchronised with additions in 0.9.7-stable. 
make update
 2004-12-13 22:57:08 +00:00
Dr. Stephen Henson
5e8904f289 Remove duplicate lines. 2004-12-12 13:15:49 +00:00
Andy Polyakov
0c0788ba0a Solaris x86 perlasm update. 2004-12-10 11:24:42 +00:00
Andy Polyakov
905fd45b36 Engage SHA1 IA64 assembler on IA64 platforms. 2004-12-09 15:39:55 +00:00
Dr. Stephen Henson
c162b132eb Automatically mark the CRL cached encoding as invalid when some operations 
are performed.
 2004-12-09 13:35:06 +00:00
Andy Polyakov
b4e0ce5165 SHA1 assembler for IA-64. 2004-12-09 11:57:38 +00:00
Andy Polyakov
17f0e916db Extend RC4 test. 2004-12-07 11:55:56 +00:00
Dr. Stephen Henson
41c70d47d7 Remaing bits of PR:620 relevant to 0.9.8. 2004-12-05 01:50:56 +00:00
Dr. Stephen Henson
a0e7c8eede Add lots of checks for memory allocation failure, error codes to indicate 
failure and freeing up memory if a failure occurs.

PR:620
 2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
3e66ee9f01 In by_file.c check last error for no start line, not first error. 2004-12-04 21:25:51 +00:00
Dr. Stephen Henson
8f284faaec V1 certificates that aren't self signed can't be accepted as CAs. 2004-12-03 00:10:34 +00:00
Andy Polyakov
f774accdbf Fix rc4-ia64.S to pass more exhaustive regression tests. 2004-12-02 10:07:55 +00:00
Dr. Stephen Henson
8544a80776 Add couple of OIDs. Resync NIDs for consistency with 0.9.7. 2004-12-01 18:09:53 +00:00
Andy Polyakov
7c69478064 I've introduced a bug to i386 RC4 assembler, which would emerge with 
certain mix of calls to RC4 routine not covered by rc4test.c.
It's fixed now. In addition this patch inadvertently fixes minor
performance problem: in 0.9.7 context P4 was performing 12% slower
than the original implementation...
 2004-12-01 15:28:18 +00:00
Dr. Stephen Henson
1862dae862 Perform partial comparison of different character types in X509_NAME_cmp(). 2004-12-01 01:45:30 +00:00
Andy Polyakov
b7b46c9a87 Add 0.9.7 specific comments to RC4 assembler modules. 2004-11-30 15:46:46 +00:00
Richard Levitte
5073ff0346 Split X509_check_ca() into a small self and an internal function 
check_ca(), to resolve constness issue.  check_ca() is called from the
purpose checkers instead of X509_check_ca(), since the stuff done by
the latter (except for calling check_ca()) is also done by
X509_check_purpose().
 2004-11-30 12:18:55 +00:00
Andy Polyakov
fc7fc5678f sha1_block_asm_data_order can't hash if message crosses 2GB boundary. 2004-11-29 21:19:56 +00:00
Andy Polyakov
7a3240e319 Final touches to rc4/asm/rc4-596.pl, +52% better performance on AMD core. 2004-11-29 21:12:58 +00:00
Richard Levitte
30b415b076 Make an explicit check during certificate validation to see that the 
CA setting in each certificate on the chain is correct.  As a side-
effect always do the following basic checks on extensions, not just
when there's an associated purpose to the check:
- if there is an unhandled critical extension (unless the user has
  chosen to ignore this fault)
- if the path length has been exceeded (if one is set at all)
- that certain extensions fit the associated purpose (if one has been
  given)
 2004-11-29 11:28:08 +00:00
Andy Polyakov
914c2a28c0 perlasm/x86[ms|nasm] update to accomodate updated RC4 assembler module. 2004-11-27 15:14:58 +00:00
Andy Polyakov
bc3e7fabe7 Engage RC4 IA-64 assembler module. 2004-11-26 15:12:17 +00:00
Andy Polyakov
d675c74d14 RC4 IA-64 assembler implementation. 2004-11-26 15:07:50 +00:00
Dr. Stephen Henson
9d2996b82f Check return code of EVP_CipherInit() in PKCS#12 code. 2004-11-24 01:21:03 +00:00
Andy Polyakov
959f9b1158 linux-x86_64 didn't link after EM64T RC4 tune-up... 2004-11-23 09:06:12 +00:00
Andy Polyakov
376729e130 RC4 tune-up for Intel P4 core, both 32- and 64-bit ones. As it's 
apparently impossible to compose blended code with would perform
satisfactory on all x86 and x86_64 cores, an extra RC4_CHAR
code-path is introduced and P4 core is detected at run-time. This
way we keep original performance on non-P4 implementations and
turbo-charge P4 performance by factor of 2.8x (on 32-bit core).
 2004-11-21 10:36:25 +00:00
Andy Polyakov
68d9e764cb As was shown by Marc Bevand reordering of couple of load operations 
results in even higher performance gain of 3.3x:-) At least on
Opteron...
 2004-11-09 17:23:26 +00:00
Richard Levitte
a2ac429da2 Don't use $(EXHEADER) directly in for loops, as most shells will break 
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
 2004-11-02 23:55:01 +00:00
Richard Levitte
1a4b8e7cee Make sure memmove() is defined, even on SunOS 4.1.4. 
PR: 963
 2004-11-01 07:58:38 +00:00
Geoff Thorpe
58ae65cd1a Update ECDSA and ECDH for OPENSSL_NO_ENGINE. 
Reported by: Maxim Masiutin
Submitted by: Nils Larsch
 2004-10-21 00:06:14 +00:00
Richard Levitte
5b0f1f7d13 Because libraries on Windows lack useful version information, the zlib 
guys had to change the name to differentiate with older versions when
a backward incompatibility came up.  Of course, we need to adapt.
This change simply tries to load the library through the newer name
(ZLIB1) first, and if that fails, it tries the good old ZLIB.
 2004-10-14 05:48:59 +00:00
Dr. Stephen Henson
785e827323 Oops! 2004-10-04 17:28:31 +00:00
Dr. Stephen Henson
2f605e8d24 Fix race condition when CRL checking is enabled. 2004-10-04 16:30:12 +00:00
Dr. Stephen Henson
175ac6811a Don't use C++ reserved work "explicit". 2004-10-01 11:21:53 +00:00
Andy Polyakov
07d488daf6 Fix Solaris 10_x86 shared build. -Bsymbolic is required to avoid 
"remaining relocations" in assembler modules. The latter seems to
be new behaviour, elder as/ld managed to resolve this relocations
as internal. It's possible to address this problem differently,
but I settle for -Bsymbolic...
PR: 546
 2004-09-28 20:45:10 +00:00