18 years agoReplace the BN_CTX implementation with my current work. I'm leaving the
Geoff Thorpe [Thu, 25 Mar 2004 04:16:14 +0000 (04:16 +0000)]
Replace the BN_CTX implementation with my current work. I'm leaving the
little TODO list in there as well as the debugging code (only enabled if
BN_CTX_DEBUG is defined).

I'd appreciate as much review and testing as can be spared for this. I'll
commit some changes to other parts of the bignum code shortly to make
better use of this implementation (no more fixed size limitations). Note
also that under identical optimisations, I'm seeing a noticable speed
increase over openssl-0.9.7 - so any feedback to confirm/deny this on other
systems would also be most welcome.

18 years agoAdds warnings about two curves and fixes the "seed" value for two other
Geoff Thorpe [Thu, 25 Mar 2004 03:03:52 +0000 (03:03 +0000)]
Adds warnings about two curves and fixes the "seed" value for two other

Submitted by: Nils Larsch

18 years ago... and this should likewise fix up those RSA implementations that weren't
Geoff Thorpe [Thu, 25 Mar 2004 02:55:17 +0000 (02:55 +0000)]
... and this should likewise fix up those RSA implementations that weren't
already built and tested.

18 years agoBy adding a BN_CTX parameter to the 'rsa_mod_exp' callback, private key
Geoff Thorpe [Thu, 25 Mar 2004 02:52:04 +0000 (02:52 +0000)]
By adding a BN_CTX parameter to the 'rsa_mod_exp' callback, private key
operations no longer require two distinct BN_CTX structures. This may put
more "strain" on the current BN_CTX implementation (which has a fixed limit
to the number of variables it will hold), but so far this limit is not
triggered by any of the tests pass and I will be changing BN_CTX in the
near future to avoid this problem anyway.

This also changes the default RSA implementation code to use the BN_CTX in
favour of initialising some of its variables locally in each function.

18 years agoDamn, I was a bit hasty with my fix and hadn't spotted the linker
Geoff Thorpe [Thu, 25 Mar 2004 02:41:35 +0000 (02:41 +0000)]
Damn, I was a bit hasty with my fix and hadn't spotted the linker
dependency from asn1.

18 years agoRemove some warnings.
Geoff Thorpe [Thu, 25 Mar 2004 02:24:38 +0000 (02:24 +0000)]
Remove some warnings.

18 years agoProtect against gcc's "warning: cast does not match function type".
Geoff Thorpe [Thu, 25 Mar 2004 02:19:42 +0000 (02:19 +0000)]
Protect against gcc's "warning: cast does not match function type".

18 years agoDon't define fd for platforms that do not use it, as some may not declare fileno...
Richard Levitte [Wed, 24 Mar 2004 10:55:48 +0000 (10:55 +0000)]
Don't define fd for platforms that do not use it, as some may not declare fileno() properly

18 years agoCorrect constness problems.
Richard Levitte [Wed, 24 Mar 2004 10:50:42 +0000 (10:50 +0000)]
Correct constness problems.

18 years agoMake it easier to buld test applications...
Richard Levitte [Wed, 24 Mar 2004 10:50:25 +0000 (10:50 +0000)]
Make it easier to buld test applications...

18 years agoOnly build the PKCS#7 test applications if "pkcs7" is present in
Richard Levitte [Wed, 24 Mar 2004 10:48:50 +0000 (10:48 +0000)]
Only build the PKCS#7 test applications if "pkcs7" is present in

18 years agoAdd store.h among the exported headers on VMS.
Richard Levitte [Wed, 24 Mar 2004 09:52:16 +0000 (09:52 +0000)]
Add store.h among the exported headers on VMS.

18 years agoo_str.h isn't a public header file, so make sure it will still be
Richard Levitte [Wed, 24 Mar 2004 09:43:03 +0000 (09:43 +0000)]
o_str.h isn't a public header file, so make sure it will still be

18 years agoo_str.h isn't a public header file.
Richard Levitte [Wed, 24 Mar 2004 09:41:33 +0000 (09:41 +0000)]
o_str.h isn't a public header file.

18 years agoTypo...
Richard Levitte [Wed, 24 Mar 2004 09:40:59 +0000 (09:40 +0000)]

18 years agoMake sure toupper() is properly declared.
Richard Levitte [Wed, 24 Mar 2004 09:40:23 +0000 (09:40 +0000)]
Make sure toupper() is properly declared.

18 years agoMake it clear that for RSA_NO_PADDING, flen must be RSA_size(rsa)
Richard Levitte [Tue, 23 Mar 2004 21:01:34 +0000 (21:01 +0000)]
Make it clear that for RSA_NO_PADDING, flen must be RSA_size(rsa)

18 years agomake update
Richard Levitte [Tue, 23 Mar 2004 15:06:33 +0000 (15:06 +0000)]
make update

18 years agoSync the VMS build with Unix.
Richard Levitte [Tue, 23 Mar 2004 14:50:16 +0000 (14:50 +0000)]
Sync the VMS build with Unix.

18 years agoInitial support for certificate policy checking and evaluation.
Dr. Stephen Henson [Tue, 23 Mar 2004 14:14:35 +0000 (14:14 +0000)]
Initial support for certificate policy checking and evaluation.

This is currently *very* experimental and needs to be more fully integrated
with the main verification code.

18 years agoCorrect minor spelling error.
Richard Levitte [Sun, 21 Mar 2004 23:03:52 +0000 (23:03 +0000)]
Correct minor spelling error.
PR: 845

18 years agoChange \t to real tab in echo argument.
Richard Levitte [Sun, 21 Mar 2004 22:50:20 +0000 (22:50 +0000)]
Change \t to real tab in echo argument.
PR: 847

18 years agoRemove a warning for conversion double->long. This has impacts on Windows.
Richard Levitte [Sun, 21 Mar 2004 22:39:52 +0000 (22:39 +0000)]
Remove a warning for conversion double->long.  This has impacts on Windows.
PR: 849

18 years agoMake sure fd is defined where it should.
Richard Levitte [Sun, 21 Mar 2004 22:36:27 +0000 (22:36 +0000)]
Make sure fd is defined where it should.
PR: 849

18 years agoNote my bignum hijinx in case app maintainers are using CHANGES for their
Geoff Thorpe [Wed, 17 Mar 2004 18:30:47 +0000 (18:30 +0000)]
Note my bignum hijinx in case app maintainers are using CHANGES for their
porting efforts. Also, add Richard's name to the prior change.

18 years agoVariety of belt-tightenings in the bignum code. (Please help test this!)
Geoff Thorpe [Wed, 17 Mar 2004 17:36:54 +0000 (17:36 +0000)]
Variety of belt-tightenings in the bignum code. (Please help test this!)

- Remove some unnecessary "+1"-like fudges. Sizes should be handled
  exactly, as enlarging size parameters causes needless bloat and may just
  make bugs less likely rather than fixing them: bn_expand() macro,
  bn_expand_internal(), and BN_sqr().
- Deprecate bn_dup_expand() - it's new since 0.9.7, unused, and not that
- Remove unnecessary zeroing of unused bytes in bn_expand2().
- Rewrite BN_set_word() - it should be much simpler, the previous
  complexities probably date from old mismatched type issues.
- Add missing bn_check_top() macros in bn_word.c
- Improve some degenerate case handling in BN_[add|sub]_word(), add
  comments, and avoid a bignum expansion if an overflow isn't possible.

18 years agoAvoid warnings.
Dr. Stephen Henson [Tue, 16 Mar 2004 13:51:11 +0000 (13:51 +0000)]
Avoid warnings.

18 years agoConstify d2i, s2i, c2i and r2i functions and other associated
Richard Levitte [Mon, 15 Mar 2004 23:15:26 +0000 (23:15 +0000)]
Constify d2i, s2i, c2i and r2i functions and other associated
functions and macros.

This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const.  Those will be removed when this change has been
properly reviewed.

18 years agoIt was just pointed out to me that it's better to cast to double...
Richard Levitte [Mon, 15 Mar 2004 23:02:55 +0000 (23:02 +0000)]
It was just pointed out to me that it's better to cast to double...

18 years agoMake sure that the last argument to RAND_add() is a float, or some
Richard Levitte [Mon, 15 Mar 2004 22:37:08 +0000 (22:37 +0000)]
Make sure that the last argument to RAND_add() is a float, or some
compilers may complain.

18 years agoMake sure we use unsigned constants, or come compilers may complain.
Richard Levitte [Mon, 15 Mar 2004 22:33:19 +0000 (22:33 +0000)]
Make sure we use unsigned constants, or come compilers may complain.

18 years agoConvert openssl code not to assume the deprecated form of BN_zero().
Geoff Thorpe [Sat, 13 Mar 2004 23:57:20 +0000 (23:57 +0000)]
Convert openssl code not to assume the deprecated form of BN_zero().

Remove certain redundant BN_zero() initialisations, because BN_CTX_get(),
BN_init(), [etc] already initialise to zero.

Correct error checking in bn_sqr.c, and be less wishy-wash about how/why
the result's 'top' value is set (note also, 'max' is always > 0 at this

18 years agoThe efforts to eliminate the dual-representation of zero and to ensure
Geoff Thorpe [Sat, 13 Mar 2004 23:04:15 +0000 (23:04 +0000)]
The efforts to eliminate the dual-representation of zero and to ensure
bignums are passed in and out of functions and APIs in a consistent form
has highlighted that zero-valued bignums don't need any allocated word
data. The use of BN_set_word() to initialise a bignum to zero causes
needless allocation and gives it a return value that must be checked. This
change converts BN_zero() to a self-contained macro that has no
return/expression value and does not cause any expansion of bignum data.

Note, it would be tempting to rewrite the deprecated version as a
success-valued comma expression, such as;
   #define BN_zero(a) ((a)->top = (a)->neg = 0, 1)
However, this evaluates 'a' twice and would confuse initialisation loops
(eg. while(..) { BN_zero(bn++) } ). As such, the deprecated version
continues to use BN_set_word().

18 years agoDocument a change I'd already made, and at the same time, correct the
Geoff Thorpe [Sat, 13 Mar 2004 22:10:15 +0000 (22:10 +0000)]
Document a change I'd already made, and at the same time, correct the
change to work properly; BN_zero() should set 'neg' to zero as well as
'top' to match the behaviour of BN_new().

18 years agoIRIX 6.x shared build fix-up.
Andy Polyakov [Fri, 12 Mar 2004 21:52:54 +0000 (21:52 +0000)]
IRIX 6.x shared build fix-up.

For reference. Note that both cc and gcc support -Wl flag, but we can't
use -Wl,-[not]all with both drivers, because cc rearranges options
passed through -Wl. We can't use -Wl,-all,libcrypto.a,-notall with cc
either, because it refuses to start with "no input" error.

18 years agostatic
Geoff Thorpe [Wed, 10 Mar 2004 01:20:26 +0000 (01:20 +0000)]

18 years agoMinimise the amount of code dependent on BN_DEBUG_RAND. In particular,
Geoff Thorpe [Tue, 9 Mar 2004 03:53:40 +0000 (03:53 +0000)]
Minimise the amount of code dependent on BN_DEBUG_RAND. In particular,
redefine bn_clear_top2max() to be a NOP in the non-debugging case, and
remove some unnecessary usages in bn_nist.c.

Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe, Ulf Möller

18 years agoMore changes coming out of the bignum auditing. BN_CTX_get() should ideally
Geoff Thorpe [Tue, 9 Mar 2004 03:47:35 +0000 (03:47 +0000)]
More changes coming out of the bignum auditing. BN_CTX_get() should ideally
return a "zero" bignum as BN_new() does - so reset 'top'. During
BN_CTX_end(), released bignums should be consistent so enforce this in
debug builds. Also, reduce the number of wasted BN_clear_free() calls from
BN_CTX_end() (typically by 75% or so).

Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe, Ulf Möller

18 years agoFix policy constraints syntax.
Dr. Stephen Henson [Mon, 8 Mar 2004 18:15:32 +0000 (18:15 +0000)]
Fix policy constraints syntax.

18 years agoSupport for inhibitAnyPolicy extension.
Dr. Stephen Henson [Mon, 8 Mar 2004 13:56:31 +0000 (13:56 +0000)]
Support for inhibitAnyPolicy extension.

18 years agotypo
Ulf Möller [Sat, 6 Mar 2004 08:43:36 +0000 (08:43 +0000)]

18 years agoCleanup ASN1 OID module when it exits.
Dr. Stephen Henson [Fri, 5 Mar 2004 23:47:56 +0000 (23:47 +0000)]
Cleanup ASN1 OID module when it exits.

18 years agoCall autoconfig code in pkcs7 utility.
Dr. Stephen Henson [Fri, 5 Mar 2004 23:46:29 +0000 (23:46 +0000)]
Call autoconfig code in pkcs7 utility.

18 years agoMemory leak fix.
Dr. Stephen Henson [Fri, 5 Mar 2004 23:39:42 +0000 (23:39 +0000)]
Memory leak fix.

18 years agoVarious X509 fixes. Disable broken certificate workarounds
Dr. Stephen Henson [Fri, 5 Mar 2004 17:16:35 +0000 (17:16 +0000)]
Various X509 fixes. Disable broken certificate workarounds
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in
CRL issuer certificates. Reject CRLs with unhandled (any)
critical extensions.

18 years agoTypos.
Dr. Stephen Henson [Thu, 4 Mar 2004 21:44:39 +0000 (21:44 +0000)]

Reported by: Jose Castejon-Amenedo <>

18 years agoMake our page with pointers to binary distributions visible in the FAQ
Richard Levitte [Thu, 4 Mar 2004 07:47:40 +0000 (07:47 +0000)]
Make our page with pointers to binary distributions visible in the FAQ

18 years agoIndent some of the code examples.
Dr. Stephen Henson [Tue, 2 Mar 2004 13:39:23 +0000 (13:39 +0000)]
Indent some of the code examples.

18 years agoConfig docs.
Dr. Stephen Henson [Tue, 2 Mar 2004 13:31:32 +0000 (13:31 +0000)]
Config docs.

18 years agoDocumentation of the KISS autoconfig functions.
Dr. Stephen Henson [Tue, 2 Mar 2004 01:01:11 +0000 (01:01 +0000)]
Documentation of the KISS autoconfig functions.

18 years agoMore autoconfig docs.
Dr. Stephen Henson [Mon, 1 Mar 2004 19:15:24 +0000 (19:15 +0000)]
More autoconfig docs.

18 years agoAvoid a memory leak in OCSP_parse_url().
Richard Levitte [Mon, 1 Mar 2004 14:58:22 +0000 (14:58 +0000)]
Avoid a memory leak in OCSP_parse_url().
Notified by Paul Siegel <>

18 years agoInitial docs for the OpenSSL library configuration via openssl.cnf
Dr. Stephen Henson [Mon, 1 Mar 2004 01:04:40 +0000 (01:04 +0000)]
Initial docs for the OpenSSL library configuration via openssl.cnf

18 years agoAdd ECDSA documentation.
Geoff Thorpe [Fri, 27 Feb 2004 23:03:23 +0000 (23:03 +0000)]
Add ECDSA documentation.

Submitted by: Nils Larsch

18 years agoAES is spelled AES, not ASE. Oops...
Richard Levitte [Fri, 27 Feb 2004 02:24:49 +0000 (02:24 +0000)]
AES is spelled AES, not ASE.  Oops...

18 years agoMake sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also.
Richard Levitte [Thu, 26 Feb 2004 22:07:45 +0000 (22:07 +0000)]
Make sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also.
PR: 833

18 years agoDocument the AES options for 'openssl smime'.
Richard Levitte [Thu, 26 Feb 2004 21:44:41 +0000 (21:44 +0000)]
Document the AES options for 'openssl smime'.
PR: 834

18 years agoA cleanup of the ecs_ossl.c code and some (doxygen) comments for ecdsa.h
Geoff Thorpe [Sun, 22 Feb 2004 19:32:53 +0000 (19:32 +0000)]
A cleanup of the ecs_ossl.c code and some (doxygen) comments for ecdsa.h

Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe

18 years agoWhen adding positive elements, we can use BN_uadd() instead of BN_add().
Geoff Thorpe [Sun, 22 Feb 2004 19:30:41 +0000 (19:30 +0000)]
When adding positive elements, we can use BN_uadd() instead of BN_add().

Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe

18 years agoUse an OCTET STRING for the encoding of an OCSP nonce value.
Dr. Stephen Henson [Thu, 19 Feb 2004 18:16:38 +0000 (18:16 +0000)]
Use an OCTET STRING for the encoding of an OCSP nonce value.

The old raw format can't be handled by some implementations
and updates to RFC2560 will make this mandatory.

18 years agominor signed/unsigned warning fixes
Geoff Thorpe [Tue, 10 Feb 2004 18:46:10 +0000 (18:46 +0000)]
minor signed/unsigned warning fixes

18 years agoFix handling of -offset and -length in asn1parse tool.
Dr. Stephen Henson [Sun, 8 Feb 2004 13:30:04 +0000 (13:30 +0000)]
Fix handling of -offset and -length in asn1parse tool.

If -offset exceeds -length of data available exit with an error.

Don't read past end of total data available when -offset supplied.

If -length exceeds total available truncate it.

18 years agoTypo in crypto/bn/asm/x86_64.c, bn_div_words().
Andy Polyakov [Sat, 7 Feb 2004 09:51:28 +0000 (09:51 +0000)]
Typo in crypto/bn/asm/x86_64.c, bn_div_words().
PR: 821

18 years agoAdd flag to avoid continuous
Dr. Stephen Henson [Sun, 1 Feb 2004 13:39:51 +0000 (13:39 +0000)]
Add flag to avoid continuous
memory allocate when calling EVP_MD_CTX_copy_ex().

Without this HMAC is several times slower than
< 0.9.7.

18 years agoTypo in PA-RISC 2 rules in crypto/bn/Makefile.ssl
Andy Polyakov [Fri, 30 Jan 2004 05:41:23 +0000 (05:41 +0000)]
Typo in PA-RISC 2 rules in crypto/bn/Makefile.ssl

18 years agoHP/UX PA-RISC 2 targets update.
Andy Polyakov [Thu, 29 Jan 2004 22:16:08 +0000 (22:16 +0000)]
HP/UX PA-RISC 2 targets update.

18 years agoRemove typos
Richard Levitte [Thu, 29 Jan 2004 11:24:32 +0000 (11:24 +0000)]
Remove typos

18 years ago-Wtraditional was a little too much...
Richard Levitte [Thu, 29 Jan 2004 10:56:18 +0000 (10:56 +0000)]
-Wtraditional was a little too much...

18 years agoTypo
Richard Levitte [Thu, 29 Jan 2004 02:55:43 +0000 (02:55 +0000)]

18 years agoIn the development branch, it feels quite all right to warn on a lot
Richard Levitte [Thu, 29 Jan 2004 00:05:09 +0000 (00:05 +0000)]
In the development branch, it feels quite all right to warn on a lot
more stuff.

18 years agomake update
Richard Levitte [Wed, 28 Jan 2004 19:07:41 +0000 (19:07 +0000)]
make update

18 years agoAdd the missing parts for DES CFB1 and CFB8.
Richard Levitte [Wed, 28 Jan 2004 19:05:35 +0000 (19:05 +0000)]
Add the missing parts for DES CFB1 and CFB8.
Add the corresponding AES parts while I'm at it.
make update

18 years agomake update
Richard Levitte [Wed, 28 Jan 2004 18:38:33 +0000 (18:38 +0000)]
make update

18 years agoUnsigned vs. signed problem removed
Richard Levitte [Wed, 28 Jan 2004 08:48:11 +0000 (08:48 +0000)]
Unsigned vs. signed problem removed

18 years ago#undef _POSIX_C_SOURCE in ui_openssl.c ruined IRIX builds. Comment on why
Andy Polyakov [Tue, 27 Jan 2004 22:06:48 +0000 (22:06 +0000)]
#undef _POSIX_C_SOURCE in ui_openssl.c ruined IRIX builds. Comment on why
_POSIX_C_SOURCE needed in first place.

18 years agoCFB DES sync-up with FIPS branch.
Andy Polyakov [Tue, 27 Jan 2004 21:47:35 +0000 (21:47 +0000)]
CFB DES sync-up with FIPS branch.

18 years agoAvoid signed vs. unsigned warnings (which are treated like errors on
Richard Levitte [Tue, 27 Jan 2004 01:16:38 +0000 (01:16 +0000)]
Avoid signed vs. unsigned warnings (which are treated like errors on

18 years agoS_IFBLK and S_IFCHR may not exist in some places (like Windows), so
Richard Levitte [Mon, 26 Jan 2004 23:45:32 +0000 (23:45 +0000)]
S_IFBLK and S_IFCHR may not exist in some places (like Windows), so
let's check for those macros, and if they aren't defined, let's assume
there aren't Unixly devices on this platform.

18 years agoEven though C specification explicitly says that constant type "stretches"
Andy Polyakov [Sun, 25 Jan 2004 10:53:43 +0000 (10:53 +0000)]
Even though C specification explicitly says that constant type "stretches"
automatically to accomodate the value, some compilers fail to do so. Most
notably 0x0123456789ABCDEF should come out as long long in 32-bit context,
but HP compiler truncates it to 32-bit value. Which in turn breaks GF(2^m)
arithmetics in hpux-parisc2-cc build. Therefore this fix...

18 years agoFix declaration inconsistency in ecparam.c.
Andy Polyakov [Sat, 24 Jan 2004 16:51:59 +0000 (16:51 +0000)]
Fix declaration inconsistency in ecparam.c.

18 years agoGet rid of bogus warning when compiling with Sun vendor compiler.
Andy Polyakov [Sat, 24 Jan 2004 16:31:21 +0000 (16:31 +0000)]
Get rid of bogus warning when compiling with Sun vendor compiler.

18 years agoWe're passed p, so let's use p instead of making assumptions.
Richard Levitte [Sat, 24 Jan 2004 01:16:02 +0000 (01:16 +0000)]
We're passed p, so let's use p instead of making assumptions.

18 years agoTypo...
Richard Levitte [Thu, 22 Jan 2004 22:36:46 +0000 (22:36 +0000)]

18 years agoReplace expired certificate.
Dr. Stephen Henson [Wed, 21 Jan 2004 13:08:11 +0000 (13:08 +0000)]
Replace expired certificate.

18 years agoSHA-1 assembler tune-up for Intel P4
Andy Polyakov [Wed, 21 Jan 2004 08:17:08 +0000 (08:17 +0000)]
SHA-1 assembler tune-up for Intel P4

18 years agoAdding a slash between the directoryt and the file is a problem with
Richard Levitte [Sat, 10 Jan 2004 18:04:38 +0000 (18:04 +0000)]
Adding a slash between the directoryt and the file is a problem with
VMS.  The C RTL can handle it well if the "directory" is a logical
name with no colon, therefore ending being 'logname/file'.  However,
if the given logical names actually has a colon, or if you use a full
VMS-syntax directory, you end up with 'logname:/file' or
'dev:[dir1.dir2]/file', and that isn't handled in any good way.

So, on VMS, we need to check if the directory string ends with a
separator (one of ':', ']' or '>' (< and > can be used instead [ and
])), and handle that by not inserting anything between the directory
spec and the file name.  In all other cases, it's assumed the
directory spec is a logical name, so we need to place a colon between
it and the file.

Notified by Kevin Greaney <>.

18 years agoCover all DSA setups when running tests
Lutz Jänicke [Thu, 8 Jan 2004 07:46:37 +0000 (07:46 +0000)]
Cover all DSA setups when running tests
PR: #748
Submitted by: Kirill Kochetkov <>

18 years agoUpdates to s_time manual page
Lutz Jänicke [Thu, 8 Jan 2004 07:38:15 +0000 (07:38 +0000)]
Updates to s_time manual page
PR: #570
Submitted by: Martin Witzel <>

18 years agoAdd s_time manual page
Lutz Jänicke [Sun, 4 Jan 2004 18:59:14 +0000 (18:59 +0000)]
Add s_time manual page
Submitted by: "Martin Witzel" <>

PR: #570

18 years agoUpdate URI
Lutz Jänicke [Sun, 4 Jan 2004 18:05:50 +0000 (18:05 +0000)]
Update URI
Submitted by: Gertjan van Oosten <gertjan@West.NL>

PR: #804

18 years agounintptr_t and <inttypes.h> are not strictly portable with respect to
Lutz Jänicke [Sun, 4 Jan 2004 17:53:21 +0000 (17:53 +0000)]
unintptr_t and <inttypes.h> are not strictly portable with respect to
ANSI C 89.
Undo change to maintain compatibility.

18 years agoFix Perl problems on sparc64.
Richard Levitte [Sat, 27 Dec 2003 16:13:18 +0000 (16:13 +0000)]
Fix Perl problems on sparc64.
This is part of a large change submitted by Markus Friedl <>

18 years agoAvoid including cryptlib.h, it's not really needed.
Richard Levitte [Sat, 27 Dec 2003 16:10:30 +0000 (16:10 +0000)]
Avoid including cryptlib.h, it's not really needed.
Check if IDEA is being built or not.
This is part of a large change submitted by Markus Friedl <>

18 years agoOnly use environment variables if uid and gid are the same as euid and egid.
Richard Levitte [Sat, 27 Dec 2003 16:07:20 +0000 (16:07 +0000)]
Only use environment variables if uid and gid are the same as euid and egid.
This is part of a large change submitted by Markus Friedl <>

18 years agoCheck if a random "file" is really a device file, and treat it
Richard Levitte [Sat, 27 Dec 2003 16:02:22 +0000 (16:02 +0000)]
Check if a random "file" is really a device file, and treat it
specially if it is.
Add a few OpenBSD-specific cases.
This is part of a large change submitted by Markus Friedl <>

18 years agoCorrect documentation typos.
Richard Levitte [Sat, 27 Dec 2003 15:04:54 +0000 (15:04 +0000)]
Correct documentation typos.
This is part of a large change submitted by Markus Friedl <>

18 years agoOpenBSD-internal changes.
Richard Levitte [Sat, 27 Dec 2003 15:02:56 +0000 (15:02 +0000)]
OpenBSD-internal changes.
This is part of a large change submitted by Markus Friedl <>

18 years agoUse sh explicitely to run
Richard Levitte [Sat, 27 Dec 2003 14:59:07 +0000 (14:59 +0000)]
Use sh explicitely to run
This is part of a large change submitted by Markus Friedl <>

18 years agoInclude strings.h so strcasecmp() and strncasecmp() get properly declared.
Richard Levitte [Sat, 27 Dec 2003 14:54:48 +0000 (14:54 +0000)]
Include strings.h so strcasecmp() and strncasecmp() get properly declared.

18 years agoUse BUF_strlcpy() instead of strcpy().
Richard Levitte [Sat, 27 Dec 2003 14:40:17 +0000 (14:40 +0000)]
Use BUF_strlcpy() instead of strcpy().
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <>