openssl.git
17 years ago/usr/lib/pkgconfig/openssl.pc was never installed in the RPM.
Richard Levitte [Wed, 7 May 2003 12:02:31 +0000 (12:02 +0000)]
/usr/lib/pkgconfig/openssl.pc was never installed in the RPM.
Notified by Bennett Todd <bet@rahul.net>.

17 years agoDO NOT constify RSA* in RSA_sign() and RSA_verify(), since there are function
Richard Levitte [Wed, 7 May 2003 11:38:10 +0000 (11:38 +0000)]
DO NOT constify RSA* in RSA_sign() and RSA_verify(), since there are function
called downstream that need it to be non-const.  The fact that the RSA_METHOD
functions take the RSA* as a const doesn't matter, it just expresses that
*they* won't touch it.
PR: 602

17 years agoAdd the possibility to store arbitrary data in a STORE.
Richard Levitte [Tue, 6 May 2003 08:02:14 +0000 (08:02 +0000)]
Add the possibility to store arbitrary data in a STORE.
Suggested by Götz Babin-Ebell <babin-ebell@trustcenter.de>.

17 years agoConstify RSA_sign() and RSA_verify().
Richard Levitte [Mon, 5 May 2003 13:55:18 +0000 (13:55 +0000)]
Constify RSA_sign() and RSA_verify().
PR: 602

17 years agoYeah, right, an object file ending with .c, that'll work!
Richard Levitte [Sat, 3 May 2003 06:58:08 +0000 (06:58 +0000)]
Yeah, right, an object file ending with .c, that'll work!

17 years agoMake DER option work again.
Dr. Stephen Henson [Fri, 2 May 2003 11:41:40 +0000 (11:41 +0000)]
Make DER option work again.

Fix typo.

17 years agoIt's usually best if the function name matches everywhere...
Richard Levitte [Fri, 2 May 2003 07:25:54 +0000 (07:25 +0000)]
It's usually best if the function name matches everywhere...

17 years agoSTORE was created 2003, darnit!
Richard Levitte [Thu, 1 May 2003 20:44:20 +0000 (20:44 +0000)]
STORE was created 2003, darnit!

17 years agoGet the year right...
Richard Levitte [Thu, 1 May 2003 20:15:35 +0000 (20:15 +0000)]
Get the year right...

17 years agoProvide some extra comments about the STORE_Memory STORE method.
Richard Levitte [Thu, 1 May 2003 04:31:12 +0000 (04:31 +0000)]
Provide some extra comments about the STORE_Memory STORE method.

17 years agomake update
Richard Levitte [Thu, 1 May 2003 04:10:32 +0000 (04:10 +0000)]
make update

17 years agoAdd STORE support in ENGINE.
Richard Levitte [Thu, 1 May 2003 03:57:46 +0000 (03:57 +0000)]
Add STORE support in ENGINE.

17 years agoDefine a STORE type. For documentation, read the entry in CHANGES,
Richard Levitte [Thu, 1 May 2003 03:53:12 +0000 (03:53 +0000)]
Define a STORE type.  For documentation, read the entry in CHANGES,
crypto/store/README, crypto/store/store.h and crypto/store/str_locl.h.

17 years agoDefine a STORE lock (the STORE type will be committed later).
Richard Levitte [Thu, 1 May 2003 03:46:10 +0000 (03:46 +0000)]
Define a STORE lock (the STORE type will be committed later).

17 years agoDefine the OPENSSL_ITEM structure.
Richard Levitte [Thu, 1 May 2003 03:45:18 +0000 (03:45 +0000)]
Define the OPENSSL_ITEM structure.

17 years agomake update
Richard Levitte [Tue, 29 Apr 2003 22:24:17 +0000 (22:24 +0000)]
make update

17 years agoAdd BUF_strndup() and BUF_memdup(). Not currently used, but I've code
Richard Levitte [Tue, 29 Apr 2003 22:08:57 +0000 (22:08 +0000)]
Add BUF_strndup() and BUF_memdup().  Not currently used, but I've code
that uses them that I'll commit in a few days.

17 years agomake update
Richard Levitte [Tue, 29 Apr 2003 21:35:28 +0000 (21:35 +0000)]
make update

17 years agoInclude objects.h to get a correct declaration of OBJ_bsearch_ex(),
Richard Levitte [Tue, 29 Apr 2003 20:46:32 +0000 (20:46 +0000)]
Include objects.h to get a correct declaration of OBJ_bsearch_ex(),
not to mention the OBJ_BSEARCH_* macros.

17 years agoSome variables were uninitialised...
Richard Levitte [Tue, 29 Apr 2003 20:45:36 +0000 (20:45 +0000)]
Some variables were uninitialised...

17 years agoCorrect documentation. sk_find_ex() doesn't return a pointer, it
Richard Levitte [Tue, 29 Apr 2003 20:31:58 +0000 (20:31 +0000)]
Correct documentation.  sk_find_ex() doesn't return a pointer, it
returns an index.

17 years agoAdd an extended variant of sk_find() which returns a non-NULL pointer
Richard Levitte [Tue, 29 Apr 2003 20:30:55 +0000 (20:30 +0000)]
Add an extended variant of sk_find() which returns a non-NULL pointer
even if an exact match wasn't found.

17 years agoAdd an extended variant of OBJ_bsearch() that can be given a few
Richard Levitte [Tue, 29 Apr 2003 20:25:21 +0000 (20:25 +0000)]
Add an extended variant of OBJ_bsearch() that can be given a few
flags.

17 years agofix typo
Bodo Möller [Tue, 22 Apr 2003 08:29:21 +0000 (08:29 +0000)]
fix typo

Submitted by: Nils Larsch

17 years agoMake it possible to affect the extension of man pages.
Richard Levitte [Mon, 21 Apr 2003 22:00:36 +0000 (22:00 +0000)]
Make it possible to affect the extension of man pages.
PR: 578

17 years agoMemory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances.
Richard Levitte [Wed, 16 Apr 2003 06:25:21 +0000 (06:25 +0000)]
Memory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances.
Memory leak fix: RSA_blinding_on() would leave a dangling pointer in
                 rsa->blinding under certain circumstances.
Double definition fix: RSA_FLAG_NO_BLINDING was defined twice.

17 years agoMemory leak fix: local blinding structure not freed in rsa_eay_private_decrypt()
Richard Levitte [Tue, 15 Apr 2003 13:01:37 +0000 (13:01 +0000)]
Memory leak fix: local blinding structure not freed in rsa_eay_private_decrypt()

17 years agoinclude 'Changes between 0.9.6i and 0.9.6j'
Bodo Möller [Fri, 11 Apr 2003 15:03:12 +0000 (15:03 +0000)]
include 'Changes between 0.9.6i and 0.9.6j'

17 years agoAdd the 0.9.6j news.
Richard Levitte [Thu, 10 Apr 2003 20:38:24 +0000 (20:38 +0000)]
Add the 0.9.6j news.

17 years agomake update
Richard Levitte [Thu, 10 Apr 2003 20:11:09 +0000 (20:11 +0000)]
make update

17 years agoNew NEWS
Richard Levitte [Thu, 10 Apr 2003 19:33:09 +0000 (19:33 +0000)]
New NEWS

17 years agoRemove all those infernal stupid CR characters
Richard Levitte [Thu, 10 Apr 2003 19:11:32 +0000 (19:11 +0000)]
Remove all those infernal stupid CR characters

17 years agoThere's a problem building shared libraries on the sco5-gcc target. However,
Richard Levitte [Thu, 10 Apr 2003 18:36:31 +0000 (18:36 +0000)]
There's a problem building shared libraries on the sco5-gcc target.  However,
it's time for a release, so I'm just adding an enty in PROBLEMS, and will
hopefully solve this for a later release

17 years agoExplicitely tell the compiler we're mips3 for the target irix-mips3-cc.
Richard Levitte [Thu, 10 Apr 2003 05:46:51 +0000 (05:46 +0000)]
Explicitely tell the compiler we're mips3 for the target irix-mips3-cc.

17 years agoTypo.
Dr. Stephen Henson [Thu, 10 Apr 2003 00:04:02 +0000 (00:04 +0000)]
Typo.

17 years agoInclude rand.h, so RAND_status() and friends get properly declared.
Richard Levitte [Tue, 8 Apr 2003 11:07:05 +0000 (11:07 +0000)]
Include rand.h, so RAND_status() and friends get properly declared.

17 years agoCorrect a few typos.
Richard Levitte [Tue, 8 Apr 2003 09:27:43 +0000 (09:27 +0000)]
Correct a few typos.

It seems that svr3 and svr5 differ, after all.

17 years agoA single quote too many.
Richard Levitte [Tue, 8 Apr 2003 08:58:56 +0000 (08:58 +0000)]
A single quote too many.

17 years agoI forgot to continuation mark.
Richard Levitte [Tue, 8 Apr 2003 08:57:23 +0000 (08:57 +0000)]
I forgot to continuation mark.

17 years agoIt seems like OpenUnix's ld uses LD_LIBRARY_PATH to search for
Richard Levitte [Tue, 8 Apr 2003 08:36:20 +0000 (08:36 +0000)]
It seems like OpenUnix's ld uses LD_LIBRARY_PATH to search for
libraries.  What's worse, the directories given in LD_LIBRARY_PATH are
checked first!  Therefore, we need a hack to prepend all the
directories we give with -L to the current value of LD_LIBRARY_PATH,
thereby temporarly forming a hacked value.

Only copy LIBEXTRAS if they are given.

Svr5 doesn't use -z allextract...

17 years agoFix ordering of compare functions: strncmp() must be used first, a
Lutz Jänicke [Tue, 8 Apr 2003 06:31:36 +0000 (06:31 +0000)]
Fix ordering of compare functions: strncmp() must be used first, a
the cipher name in the list is not guaranteed to be at least "buflen"
long.
PR: 567
Submitted by: "Matt Harren" <matth@cs.berkeley.edu>

17 years agoWe seem to carry some rests of the 0.9.6 [engine] ENGINE framework, here in
Richard Levitte [Tue, 8 Apr 2003 06:01:55 +0000 (06:01 +0000)]
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework, here in
form of unneeded direct calls through the engine pointer..

17 years agoWe seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form
Richard Levitte [Tue, 8 Apr 2003 06:00:05 +0000 (06:00 +0000)]
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form
of unneeded includes of openssl/engine.h.

17 years agoRSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function
Richard Levitte [Mon, 7 Apr 2003 19:15:25 +0000 (19:15 +0000)]
RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function
pointers should be used.  It doesn't necessarely mean it should go through
the ENGINE framework.

17 years agoWhat was I smoking? EVP_PKEY_cmp() should return with 0 if
Richard Levitte [Mon, 7 Apr 2003 10:15:32 +0000 (10:15 +0000)]
What was I smoking?  EVP_PKEY_cmp() should return with 0 if
EVP_PKEY_cmp_parameters() returned 0, otherwise it should
go on processing the public key component.  Thia has nothing
to do with the proper handling of EC parameters or not.

17 years agoCorrect a typo.
Richard Levitte [Mon, 7 Apr 2003 10:09:44 +0000 (10:09 +0000)]
Correct a typo.
Have EVP_PKEY_cmp() call EVP_PKEY_cmp_parameters(), and make a note
about the lack of parameter comparison for EC.

17 years agoConstify
Richard Levitte [Sun, 6 Apr 2003 15:31:18 +0000 (15:31 +0000)]
Constify

17 years agoDo not call ENGINE_setup_bsd_cryptodev() when OPENSSL_NO_ENGINE is defined.
Richard Levitte [Sat, 5 Apr 2003 21:21:26 +0000 (21:21 +0000)]
Do not call ENGINE_setup_bsd_cryptodev() when OPENSSL_NO_ENGINE is defined.
PR: 564

17 years agoConvert save_serial() to work like save_index(), and add a
Richard Levitte [Fri, 4 Apr 2003 15:10:35 +0000 (15:10 +0000)]
Convert save_serial() to work like save_index(), and add a
rotate_serial() that works like rotate_index().

17 years agoAdd documentation on the added functionality in 'openssl ca'.
Richard Levitte [Fri, 4 Apr 2003 14:39:44 +0000 (14:39 +0000)]
Add documentation on the added functionality in 'openssl ca'.

17 years agomake update
Richard Levitte [Fri, 4 Apr 2003 14:19:15 +0000 (14:19 +0000)]
make update

17 years agoThere's no need to check for __attribute__ with ANSI functions, since
Richard Levitte [Fri, 4 Apr 2003 14:19:00 +0000 (14:19 +0000)]
There's no need to check for __attribute__ with ANSI functions, since
we only check to the opening parenthesis anyway...

17 years agoCorrect a lot of printing calls. Remove extra arguments...
Richard Levitte [Thu, 3 Apr 2003 23:39:48 +0000 (23:39 +0000)]
Correct a lot of printing calls.  Remove extra arguments...

17 years agoMake %p and %# work properly, at least with pointers and floats.
Richard Levitte [Thu, 3 Apr 2003 23:35:14 +0000 (23:35 +0000)]
Make %p and %# work properly, at least with pointers and floats.

17 years agoAdd GCC attributes when compiled with gcc. This helps find out if
Richard Levitte [Thu, 3 Apr 2003 23:06:05 +0000 (23:06 +0000)]
Add GCC attributes when compiled with gcc.  This helps find out if
we're using the printing functions correctly or not.

I used the corresponding attributes found in the header files of my
Linux installation.

17 years agoCounter for GCC attributes.
Richard Levitte [Thu, 3 Apr 2003 23:04:48 +0000 (23:04 +0000)]
Counter for GCC attributes.

17 years agoOne more debug line to conditionalise.
Richard Levitte [Thu, 3 Apr 2003 23:01:20 +0000 (23:01 +0000)]
One more debug line to conditionalise.

17 years agoAdd a CA section, to make sure the test will work with the changes in
Richard Levitte [Thu, 3 Apr 2003 22:38:31 +0000 (22:38 +0000)]
Add a CA section, to make sure the test will work with the changes in
CA.sh.

17 years agoImplement self-signing in 'openssl ca'. This makes it easier to have
Richard Levitte [Thu, 3 Apr 2003 22:33:59 +0000 (22:33 +0000)]
Implement self-signing in 'openssl ca'.  This makes it easier to have
the CA certificate part of the CA database, and combined with
'unique_subject=no', it should make operations like CA certificate
roll-over easier.

17 years agoAdd functionality to help making self-signed certificate.
Richard Levitte [Thu, 3 Apr 2003 22:27:24 +0000 (22:27 +0000)]
Add functionality to help making self-signed certificate.

17 years agoIt's recommended to use req rather than x509 to create self-signed certificates
Richard Levitte [Thu, 3 Apr 2003 22:12:48 +0000 (22:12 +0000)]
It's recommended to use req rather than x509 to create self-signed certificates

17 years agoTypo correction
Richard Levitte [Thu, 3 Apr 2003 21:55:55 +0000 (21:55 +0000)]
Typo correction

17 years agoDon't try to free NULL values...
Richard Levitte [Thu, 3 Apr 2003 20:03:23 +0000 (20:03 +0000)]
Don't try to free NULL values...

17 years agoReindent for readability.
Richard Levitte [Thu, 3 Apr 2003 19:10:32 +0000 (19:10 +0000)]
Reindent for readability.

17 years agoRemove unused variable.
Richard Levitte [Thu, 3 Apr 2003 19:07:27 +0000 (19:07 +0000)]
Remove unused variable.

17 years agoReset the version number of the issuer certificate? I believe this
Richard Levitte [Thu, 3 Apr 2003 18:50:15 +0000 (18:50 +0000)]
Reset the version number of the issuer certificate?  I believe this
hasn't been tested in a long while...

17 years agoConditionalise all debug strings.
Richard Levitte [Thu, 3 Apr 2003 18:07:39 +0000 (18:07 +0000)]
Conditionalise all debug strings.

17 years agoMake it possible to have multiple active certificates with the same
Richard Levitte [Thu, 3 Apr 2003 16:33:03 +0000 (16:33 +0000)]
Make it possible to have multiple active certificates with the same
subject.

17 years agomake RSA blinding thread-safe
Bodo Möller [Wed, 2 Apr 2003 09:50:22 +0000 (09:50 +0000)]
make RSA blinding thread-safe

17 years agoIt seems like gcc-drivven shared library building on OpenUnix 8 requires
Richard Levitte [Tue, 1 Apr 2003 10:59:15 +0000 (10:59 +0000)]
It seems like gcc-drivven shared library building on OpenUnix 8 requires
-shared rather than -G.

17 years agoUpdate from stable branch.
Dr. Stephen Henson [Mon, 31 Mar 2003 22:29:25 +0000 (22:29 +0000)]
Update from stable branch.

17 years agoNo need to test -setalias twice.
Richard Levitte [Mon, 31 Mar 2003 13:56:52 +0000 (13:56 +0000)]
No need to test -setalias twice.
PR: 556

17 years agoDon't feil when indent is 0.
Richard Levitte [Mon, 31 Mar 2003 13:24:02 +0000 (13:24 +0000)]
Don't feil when indent is 0.
PR: 559

17 years agoAdd usage string for -fingerprint.
Richard Levitte [Mon, 31 Mar 2003 13:06:24 +0000 (13:06 +0000)]
Add usage string for -fingerprint.
PR: 560

17 years agoMulti valued AVA support.
Dr. Stephen Henson [Sun, 30 Mar 2003 01:51:16 +0000 (01:51 +0000)]
Multi valued AVA support.

17 years agoOpenUNIX 8 has some problems using -G with gcc. Maybe using gnu-shared works better...
Richard Levitte [Fri, 28 Mar 2003 08:57:04 +0000 (08:57 +0000)]
OpenUNIX 8 has some problems using -G with gcc.  Maybe using gnu-shared works better (will be tested tonight).

17 years agoAdd warning about unwanted side effect when calling SSL_CTX_free():
Lutz Jänicke [Thu, 27 Mar 2003 22:04:05 +0000 (22:04 +0000)]
Add warning about unwanted side effect when calling SSL_CTX_free():
sessions in the external session cache might be removed.
Submitted by: "Nadav Har'El" <nyh@math.technion.ac.il>

PR: 547

17 years agoUpdate VMS building system
Richard Levitte [Wed, 26 Mar 2003 14:34:38 +0000 (14:34 +0000)]
Update VMS building system

17 years agoUpdate ocsp usage message and docs.
Dr. Stephen Henson [Wed, 26 Mar 2003 00:46:47 +0000 (00:46 +0000)]
Update ocsp usage message and docs.

17 years agoLet's limit the extent of the definition of _XOPEN_SOURCE.
Richard Levitte [Tue, 25 Mar 2003 21:17:28 +0000 (21:17 +0000)]
Let's limit the extent of the definition of _XOPEN_SOURCE.

17 years agoMissed a few dollars.
Richard Levitte [Tue, 25 Mar 2003 20:56:06 +0000 (20:56 +0000)]
Missed a few dollars.
PR: 528

17 years agomake update
Dr. Stephen Henson [Mon, 24 Mar 2003 17:06:25 +0000 (17:06 +0000)]
make update

17 years agoSupport for name constraints.
Dr. Stephen Henson [Mon, 24 Mar 2003 17:04:44 +0000 (17:04 +0000)]
Support for name constraints.

17 years agoName Constraints OID.
Dr. Stephen Henson [Mon, 24 Mar 2003 00:56:09 +0000 (00:56 +0000)]
Name Constraints OID.

17 years agoAdd SCO5 shared library scripts.
Lutz Jänicke [Sun, 23 Mar 2003 10:18:05 +0000 (10:18 +0000)]
Add SCO5 shared library scripts.
Upate SVR5 scripts for the upcoming 0.9.7b.
Submitted by: Boyd Lynn Gerber <gerberb@zenez.com>

17 years agoTo define OPENSSL_NO_FP_API for all MSDOS type targets was unfair
Richard Levitte [Sat, 22 Mar 2003 22:33:52 +0000 (22:33 +0000)]
To define OPENSSL_NO_FP_API for all MSDOS type targets was unfair
against DJGPP, and much more restricted than previous definitions.

17 years agomake update
Dr. Stephen Henson [Fri, 21 Mar 2003 16:28:29 +0000 (16:28 +0000)]
make update

17 years agoSupport for policy constraints.
Dr. Stephen Henson [Fri, 21 Mar 2003 16:26:20 +0000 (16:26 +0000)]
Support for policy constraints.

17 years agoremove patch ID (which is supposed to appear in patched variants of
Bodo Möller [Fri, 21 Mar 2003 13:11:14 +0000 (13:11 +0000)]
remove patch ID (which is supposed to appear in patched variants of
old OpenSSL releases, but not in new releases)

17 years agoDefine COMP method function prototypes properly.
Richard Levitte [Fri, 21 Mar 2003 00:05:14 +0000 (00:05 +0000)]
Define COMP method function prototypes properly.

17 years agoMake sure to declare mem*() properly.
Richard Levitte [Fri, 21 Mar 2003 00:04:14 +0000 (00:04 +0000)]
Make sure to declare mem*() properly.

17 years agomake update
Richard Levitte [Thu, 20 Mar 2003 23:54:33 +0000 (23:54 +0000)]
make update

17 years agoDon't put configuration macro definitions on the command line, we're
Richard Levitte [Thu, 20 Mar 2003 23:52:41 +0000 (23:52 +0000)]
Don't put configuration macro definitions on the command line, we're
just fooling ourselves and then screwing up for other applications.

17 years agoSometimes, we have partial comments on the same line as other stuff we
Richard Levitte [Thu, 20 Mar 2003 23:51:35 +0000 (23:51 +0000)]
Sometimes, we have partial comments on the same line as other stuff we
parse.  Make sure to read in the whole comment, so it can be entirely
removed.

17 years agoMake sure we get the definition of OPENSSL_NO_RSA.
Richard Levitte [Thu, 20 Mar 2003 23:34:28 +0000 (23:34 +0000)]
Make sure we get the definition of OPENSSL_NO_RSA.

17 years agoMake sure we get the definition of OPENSSL_NO_HMAC and OPENSSL_NO_SHA.
Richard Levitte [Thu, 20 Mar 2003 23:34:08 +0000 (23:34 +0000)]
Make sure we get the definition of OPENSSL_NO_HMAC and OPENSSL_NO_SHA.

17 years agoMake sure we get the definition of OPENSSL_NO_SHA.
Richard Levitte [Thu, 20 Mar 2003 23:32:16 +0000 (23:32 +0000)]
Make sure we get the definition of OPENSSL_NO_SHA.

17 years agoMake sure we get the definition of OPENSSL_NO_RIPEMD.
Richard Levitte [Thu, 20 Mar 2003 23:31:56 +0000 (23:31 +0000)]
Make sure we get the definition of OPENSSL_NO_RIPEMD.

17 years agoMake sure we get the definition of OPENSSL_NO_MDC2.
Richard Levitte [Thu, 20 Mar 2003 23:31:44 +0000 (23:31 +0000)]
Make sure we get the definition of OPENSSL_NO_MDC2.

17 years agoMake sure we get the definition of OPENSSL_NO_MD5.
Richard Levitte [Thu, 20 Mar 2003 23:31:34 +0000 (23:31 +0000)]
Make sure we get the definition of OPENSSL_NO_MD5.