Commit graph

152 commits

Author SHA1 Message Date
Dr. Stephen Henson
68dbba9817 Replace old (and invalid) copyright notice. 2001-09-08 12:15:09 +00:00
Geoff Thorpe
79aa04ef27 Make the necessary changes to work with the recent "ex_data" overhaul.
See the commit log message for that for more information.

NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
2001-09-01 20:02:13 +00:00
Ben Laurie
d66ace9da5 Start to reduce some of the header bloat. 2001-08-05 18:02:16 +00:00
Richard Levitte
710e5d5639 make update 2001-07-31 17:07:24 +00:00
Ben Laurie
dbad169019 Really add the EVP and all of the DES changes. 2001-07-30 23:57:25 +00:00
Dr. Stephen Henson
1241126adf More linker bloat reorganisation:
Split private key PEM and normal PEM handling. Private key
handling needs to link in stuff like PKCS#8.

Relocate the ASN1 *_dup() functions, to the relevant ASN1
modules using new macro IMPLEMENT_ASN1_DUP_FUNCTION. Previously
these were all in crypto/x509/x_all.c along with every ASN1
BIO/fp function which linked in *every* ASN1 function if
a single dup was used.

Move the authority key id ASN1 structure to a separate file.
This is used in the X509 routines and its previous location
linked in all the v3 extension code.

Also move ASN1_tag2bit to avoid linking in a_bytes.c which
is now largely obsolete.

So far under Linux stripped binary with single PEM_read_X509
is now 238K compared to 380K before these changes.
2001-07-27 02:22:42 +00:00
Richard Levitte
4ac881ede3 Fix couple of memory leaks in PKCS7_dataDecode().
(provided by Stephen)
2001-04-05 10:19:12 +00:00
Richard Levitte
271da5a2e0 avoid linking problems when OpenSSL is built with no-dsa. Spotted by Hellan,Kim KHE <khe@kmd.dk> 2001-03-20 15:36:59 +00:00
Bodo Möller
4e20b1a656 Instead of telling both 'make' and the user that ranlib
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
2001-03-09 14:01:42 +00:00
Dr. Stephen Henson
1358835050 Change the EVP_somecipher() and EVP_somedigest()
functions to return constant EVP_MD and EVP_CIPHER
pointers.

Update docs.
2001-03-09 02:51:02 +00:00
Bodo Möller
5277d7cb7c Fix ERR_R_... problems. 2001-03-07 01:19:07 +00:00
Richard Levitte
d88a26c489 make update
Note that all *_it variables are suddenly non-existant according to
libeay.num.  This is a bug that will be corrected.  Please be patient.
2001-02-26 10:54:08 +00:00
Dr. Stephen Henson
db4a465974 Stop PKCS7_verify() core dumping with unknown public
key algorithms and leaking if the signature verify
fails.
2001-02-24 01:38:56 +00:00
Dr. Stephen Henson
d339187b1a Get rid of ASN1_ITEM_FUNCTIONS dummy function
prototype hack. This unfortunately means that
every ASN1_*_END construct cannot have a
trailing ;
2001-02-23 12:47:06 +00:00
Dr. Stephen Henson
bb5ea36b96 Initial support for ASN1_ITEM_FUNCTION option to
change the way ASN1 modules are exported.

Still needs a bit of work for example the hack which a
dummy function prototype to avoid compilers warning about
multiple ;s.
2001-02-23 03:16:09 +00:00
Richard Levitte
41d2a336ee e_os.h does not belong with the exported headers. Do not put it there
and make all files the depend on it include it without prefixing it
with openssl/.

This means that all Makefiles will have $(TOP) as one of the include
directories.
2001-02-22 14:45:02 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Ben Laurie
4978361212 Make depend. 2001-02-04 21:06:55 +00:00
Richard Levitte
16a44ae7e9 Increase consistency of header data (some mail readers really do not
like spaces before the semicolon, and besides, other parts of this
file makes the values without those spaces), and move spacing of
continuation lines to support BIO's that break lines after each
write.
2001-01-30 13:38:59 +00:00
Dr. Stephen Henson
a43cf9fae9 Add debugging info to new ASN1 code to trace memory leaks.
Fix PKCS7 and PKCS12 memory leaks.

Initialise encapsulated content type properly.
2001-01-24 18:39:54 +00:00
Dr. Stephen Henson
ec5add8784 Fix the S/MIME code so it now works again and
uses the new ASN1 code.
2000-12-31 17:31:57 +00:00
Dr. Stephen Henson
ecbe07817a Rewrite PKCS#12 code and remove some of the old
horrible macros.

Fix two evil ASN1 bugs. Attempt to use 'ctx' when
NULL if input is indefinite length constructed
in asn1_check_tlen() and invalid pointer to ASN1_TYPE
when reusing existing structure (this took *ages* to
find because the new PKCS#12 code triggered it).
2000-12-31 01:13:04 +00:00
Dr. Stephen Henson
78d3b819f0 Replace the old ASN1_dup() with ASN1_item_dup() and
zap some evil function pointers casts along the way...
2000-12-29 18:23:55 +00:00
Dr. Stephen Henson
3c07b4c2ee Various Win32 related fixes. Doesn't compile yet on
Win32 but it is getting there...

Update mkdef.pl to handle ASN1_ANY and fix headers.

Stop various VC++ warnings.

Include some fixes from "Peter 'Luna' Runestig"
<peter@runestig.com>

Remove external declaration for des_set_weak_key_flag:
it doesn't exist.
2000-12-21 01:38:55 +00:00
Dr. Stephen Henson
06db4253e2 Change the PKCS7 structure to use SEQUENCE OF for the
authenticated attributes: this is used to retain the
original encoding and not break signatures.

Support for a SET OF which reorders the STACK when
encoding a structure. This will be used with the
PKCS7 code.
2000-12-13 23:54:30 +00:00
Dr. Stephen Henson
9d6b1ce644 Merge from the ASN1 branch of new ASN1 code
to main trunk.

Lets see if the makes it to openssl-cvs :-)
2000-12-08 19:09:35 +00:00
Ulf Möller
6a8ba34f9d in some new file names the first 8 characters were not unique 2000-11-12 22:32:18 +00:00
Richard Levitte
3ab5651112 The experimental Rijndael code moved to the main trunk.
make update done.
2000-10-14 20:09:54 +00:00
Richard Levitte
4e20a4e688 'ranlib' doesn't always run on some systems. That's actually
acceptable, since all that happens if it fails is a library with
an index, which makes linking slower, but still working correctly.
2000-09-25 08:53:15 +00:00
Dr. Stephen Henson
730e37edb6 Work around for Netscape PKCS#7 signedData bug. 2000-09-18 12:30:57 +00:00
Richard Levitte
62324627aa Use sk_*_new_null() instead of sk_*_new(NULL), since that takes care
of complaints from the compiler about data pointers and function
pointers not being compatible with each other.
2000-09-17 18:21:27 +00:00
Richard Levitte
a1b15ac21f Two places where I forgot to change vms_idhacks to symhacks. 2000-09-08 06:28:09 +00:00
Dr. Stephen Henson
f50c11ca40 Ugh, BIO_find_type() cannot be passed a NULL.
Fix doc example, and fix BIO_find_type().

Fix PKCS7_verify(). It was using 'i' for both the
loop variable and the verify return value.
2000-09-07 17:42:25 +00:00
Dr. Stephen Henson
cfd3bb1785 Add docs for BIO_find_type() and friends.
Added function BIO_next() otherwise you can't
traverse a chain without accessing BIO internals.
2000-09-07 13:04:27 +00:00
Richard Levitte
62ab514e98 'make update' 2000-09-07 08:46:51 +00:00
Dr. Stephen Henson
34216c0422 Keep a not of original encoding in certificate requests.
Add new option to PKCS7_sign to exclude S/MIME capabilities.
2000-09-05 13:27:57 +00:00
Dr. Stephen Henson
d096b524af Add support for 'other' PKCS#7 content types. 2000-08-22 22:20:25 +00:00
Dr. Stephen Henson
eaa2818189 Various fixes...
initialize ex_pathlen to -1 so it isn't checked if pathlen
is not present.

set ucert to NULL in apps/pkcs12.c otherwise it gets freed
twice.

remove extraneous '\r' in MIME encoder.

Allow a NULL to be passed to X509_gmtime_adj()


Make PKCS#7 code use definite length encoding rather then
the indefinite stuff it used previously.
2000-08-21 22:02:23 +00:00
Richard Levitte
3009458e2f MD4 implemented. Assar Westerlund provided the digest code itself and the test utility, I added the bits to get a EVP interface, the command line utility and the speed test 2000-08-14 14:05:53 +00:00
Richard Levitte
c2bbf9cf6c I got sick and tired of having to keep track of NIDs when such a thing
could be done automagically, much like the numbering in libeay.num and
ssleay.num.  The solution works as follows:

  - New object identifiers are inserted in objects.txt, following the
    syntax given in objects.README.
  - objects.pl is used to process obj_mac.num and create a new
    obj_mac.h.
  - obj_dat.pl is used to create a new obj_dat.h, using the data in
    obj_mac.h.

This is currently kind of a hack, and the perl code in objects.pl
isn't very elegant, but it works as I intended.  The simplest way to
check that it worked correctly is to look in obj_dat.h and check the
array nid_objs and make sure the objects haven't moved around (this is
important!).  Additions are OK, as well as consistent name changes.
2000-07-05 02:45:36 +00:00
Dr. Stephen Henson
3aceb94b9e Safe stack reorganisation in terms of function casts.
After some messing around this seems to work but needs
a few more tests. Working out the syntax for sk_set_cmp_func()
(cast it to a function that itself returns a function pointer)
was painful :-(

Needs some testing to see what other compilers think of this
syntax.

Also needs similar stuff for ASN1_SET_OF etc etc.
2000-06-16 23:29:26 +00:00
Geoff Thorpe
1c4f90a05d Enable DSO support on alpha (OSF1), cc and gcc.
Also, "make update" has added some missing functions to libeay.num,
updated the TABLE for the alpha changes, and updated thousands of
dependancies that have changed from recent commits.
2000-06-13 12:59:38 +00:00
Richard Levitte
26a3a48d65 There have been a number of complaints from a number of sources that names
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.
2000-06-01 22:19:21 +00:00
Geoff Thorpe
7edd20916a "make update" + stripping the type-specific stack functions out of
libeay.num and ssleay.num.
2000-06-01 06:07:19 +00:00
Geoff Thorpe
ccd86b68ef The previous commit to crypto/stack/*.[ch] pulled the type-safety strings
yet tighter, and also put some heat on the rest of the library by
insisting (correctly) that compare callbacks used in stacks are prototyped
with "const" parameters. This has led to a depth-first explosion of
compiler warnings in the code where 1 constification has led to 3 or 4
more. Fortunately these have all been resolved to completion and the code
seems cleaner as a result - in particular many of the _cmp() functions
should have been prototyped with "const"s, and now are. There was one
little problem however;

X509_cmp() should by rights compare "const X509 *" pointers, and it is now
declared as such. However, it's internal workings can involve
recalculating hash values and extensions if they have not already been
setup. Someone with a more intricate understanding of the flow control of
X509 might be able to tighten this up, but for now - this seemed the
obvious place to stop the "depth-first" constification of the code by
using an evil cast (they have migrated all the way here from safestack.h).

Fortunately, this is the only place in the code where this was required
to complete these type-safety changes, and it's reasonably clear and
commented, and seemed the least unacceptable of the options. Trying to
take the constification further ends up exploding out considerably, and
indeed leads directly into generalised ASN functions which are not likely
to cooperate well with this.
2000-06-01 02:36:58 +00:00
Geoff Thorpe
e20d7d7167 sk_value was also suffering from de-const-ification.
Also, add in a couple of missing declarations in pkcs7 code.
2000-05-31 17:35:11 +00:00
Dr. Stephen Henson
7f0606016c Beginnings of EVP cipher overhaul. This should eventually
enhance and tidy up the EVP interface.

This patch adds initial support for variable length ciphers
and changes S/MIME code to use this.

Some other library functions need modifying to support use
of modified cipher parameters.

Also need to change all the cipher functions that should
return error codes, but currenly don't.

And of course it needs extensive testing...
2000-05-26 23:51:35 +00:00
Ben Laurie
4d29312ce1 Yet more typesafety. 2000-05-21 15:21:55 +00:00
Ben Laurie
371acb22e6 Typesafe Thought Police part 4. 2000-05-16 23:01:19 +00:00
Ben Laurie
5de603abc8 Typesafety Thought Police part 3. 2000-05-16 21:22:45 +00:00