19 years agoDES PIC-ification. "Cygwin" companion. Problem was that preprocessor macro
Andy Polyakov [Sun, 15 Dec 2002 10:06:27 +0000 (10:06 +0000)]
DES PIC-ification. "Cygwin" companion. Problem was that preprocessor macro
is not expanded if prepended with a $-sign.

19 years agoMake sure manual pages are properly linked to on systems that have case
Richard Levitte [Sun, 15 Dec 2002 06:45:43 +0000 (06:45 +0000)]
Make sure manual pages are properly linked to on systems that have case
insensitive file names, as well as those that do not have symlinks.
Incidently, both these cases apply on DOS/Windows...

19 years agoUpdate the make system for installations:
Richard Levitte [Sun, 15 Dec 2002 05:59:13 +0000 (05:59 +0000)]
Update the make system for installations:

- define a HERE variable to indicate where the source tree is (used
  very little right now)
- make more use of copying and making attribute changes to {file}.new,
  and then move it to {file}
- use 'mv -f' to avoid all those questions to the user when the file
  in question doesn't have write attributes for that user.

19 years agoDon't define macros in terms of asm() when __STRICT_ANSI is defined.
Richard Levitte [Sun, 15 Dec 2002 05:54:56 +0000 (05:54 +0000)]
Don't define macros in terms of asm() when __STRICT_ANSI is defined.

19 years agoBring des_locl.h at the same level as in the 0.9.7 branch.
Richard Levitte [Sun, 15 Dec 2002 05:54:26 +0000 (05:54 +0000)]
Bring des_locl.h at the same level as in the 0.9.7 branch.
Don't define macros in terms of asm() when __STRICT_ANSI is defined.

19 years agoOoops! No ROTATE on some platforms after x86_64 performance patch...
Andy Polyakov [Sun, 15 Dec 2002 00:47:47 +0000 (00:47 +0000)]
Ooops! No ROTATE on some platforms after x86_64 performance patch...

19 years agoAs you might have noticed I tried to change for . prefix, because it's
Andy Polyakov [Sat, 14 Dec 2002 23:14:00 +0000 (23:14 +0000)]
As you might have noticed I tried to change for . prefix, because it's
the one to be used to denote local labels in single function scope.
Problem is that SHA uses same label set across functions, therefore I
have to switch back to $ prefix.

19 years agoSolaris shared build fix-ups. See RT#238,239 for details.
Andy Polyakov [Sat, 14 Dec 2002 21:46:46 +0000 (21:46 +0000)]
Solaris shared build fix-ups. See RT#238,239 for details.

19 years agoNew DETECT_GNU_LD procedure.
Andy Polyakov [Sat, 14 Dec 2002 20:52:19 +0000 (20:52 +0000)]
New DETECT_GNU_LD procedure.

19 years agox86_64 performance patch.
Andy Polyakov [Sat, 14 Dec 2002 20:42:05 +0000 (20:42 +0000)]
x86_64 performance patch.

19 years agoDES PIC-ification. Windows companion.
Andy Polyakov [Sat, 14 Dec 2002 17:54:30 +0000 (17:54 +0000)]
DES PIC-ification. Windows companion.

19 years agoThe ampersand is not required in these constructs, and was giving AIX
Geoff Thorpe [Fri, 13 Dec 2002 22:01:46 +0000 (22:01 +0000)]
The ampersand is not required in these constructs, and was giving AIX

Reported by: Bernhard Simon.

19 years agoIA-32 assembler modules (primarily DES) PIC-ification. Idea is to keep
Andy Polyakov [Fri, 13 Dec 2002 17:56:14 +0000 (17:56 +0000)]
IA-32 assembler modules (primarily DES) PIC-ification. Idea is to keep
shared libraries shared.

19 years agoOK, there's at least one application author who has provided dynamic locking
Richard Levitte [Fri, 13 Dec 2002 07:30:53 +0000 (07:30 +0000)]
OK, there's at least one application author who has provided dynamic locking

19 years agoBIO_new_bio_pair() was unnecessarily described in it's own page as well as in
Richard Levitte [Thu, 12 Dec 2002 22:12:02 +0000 (22:12 +0000)]
BIO_new_bio_pair() was unnecessarily described in it's own page as well as in
BIO_s_bio.pod.  The most logical is to move everything needed from
BIO_new_bio_pair.pod to BIO_s_bio.pod (including the nice example)
and toss BIO_new_bio_pair.pod.  I hope I got all the info over properly.
PR: 370

19 years agoBIO_set_nbio() is enumerated, but not explained. Remove it from enumeration
Richard Levitte [Thu, 12 Dec 2002 22:08:49 +0000 (22:08 +0000)]
BIO_set_nbio() is enumerated, but not explained.  Remove it from enumeration
since it's both enumerated and explained in BIO_s_connect.pod.
PR: 370

19 years agoI forgot one item I intend to work on.
Richard Levitte [Thu, 12 Dec 2002 19:40:55 +0000 (19:40 +0000)]
I forgot one item I intend to work on.

19 years agoSkip DH-specific tests when no-dh has been configured.
Richard Levitte [Thu, 12 Dec 2002 18:43:10 +0000 (18:43 +0000)]
Skip DH-specific tests when no-dh has been configured.
PR: 353

19 years agoDocument the modifications in 0.9.7 that will make the hw_ncipher.c
Richard Levitte [Thu, 12 Dec 2002 17:40:15 +0000 (17:40 +0000)]
Document the modifications in 0.9.7 that will make the hw_ncipher.c
engine work properly even in bad situations.

19 years agoMake 'tunala' link with zlib if possible (so it works if openssl was
Geoff Thorpe [Wed, 11 Dec 2002 19:07:03 +0000 (19:07 +0000)]
Make 'tunala' link with zlib if possible (so it works if openssl was
configured with zlib support).

19 years agoIn CRYPTO_lock(), check that the application cares about locking (provided
Richard Levitte [Wed, 11 Dec 2002 08:56:35 +0000 (08:56 +0000)]
In CRYPTO_lock(), check that the application cares about locking (provided
callbacks) before attempting to lock.

19 years agosk_*_push() returns the number of items on the stack, not the index of the
Richard Levitte [Wed, 11 Dec 2002 08:33:31 +0000 (08:33 +0000)]
sk_*_push() returns the number of items on the stack, not the index of the
pushed item.  The index is the number of items - 1.  And if a NULL item was
found, actually use it.
Finally, provide a little bit of safety in CRYPTO_lock() by asserting the a
requested dynamic lock really must exist, instead of just being silent about it

19 years agoLet's not forget the other places where HEADER_DES_H and HEADER_DES_OLD_H
Richard Levitte [Wed, 11 Dec 2002 07:37:54 +0000 (07:37 +0000)]
Let's not forget the other places where HEADER_DES_H and HEADER_DES_OLD_H
were defined.

19 years agoLet's not forget the other places where HEADER_DES_H and HEADER_DES_OLD_H
Richard Levitte [Wed, 11 Dec 2002 07:24:43 +0000 (07:24 +0000)]
Let's not forget the other places where HEADER_DES_H and HEADER_DES_OLD_H
were defined.

19 years agoSince HEADER_DES_H has been the protector of des.h since libdes
Richard Levitte [Wed, 11 Dec 2002 06:59:16 +0000 (06:59 +0000)]
Since HEADER_DES_H has been the protector of des.h since libdes
(before SSLeay, maybe?), it's better to have that macro protect
the compatibility header des_old.h.  In the new des.h, let's use
a slightly different protecting macro.

The rationale is that there are application that might include (via
other header files, perhaps) both an old libdes des.h and OpenSSL's
des.h.  Whichever comes first would overshadow the other because of
the clash in protecting macro.  This fix solves that problem.

19 years agoThis stops a compiler warning from -Wmissing-prototypes.
Geoff Thorpe [Wed, 11 Dec 2002 03:34:26 +0000 (03:34 +0000)]
This stops a compiler warning from -Wmissing-prototypes.
(Noticed by Nils Larsch)

19 years agoUpdate -Olimit setting.
Lutz Jänicke [Tue, 10 Dec 2002 18:48:14 +0000 (18:48 +0000)]
Update -Olimit setting.
Submitted by: Bernhard Simon <>
Reviewed by:

19 years agotest commit (just removing tailing blanks) #2 after migration
Ralf S. Engelschall [Tue, 10 Dec 2002 12:01:39 +0000 (12:01 +0000)]
test commit (just removing tailing blanks) #2 after migration

19 years agotest commit (removing trailing blanks) after migration
Ralf S. Engelschall [Tue, 10 Dec 2002 10:51:18 +0000 (10:51 +0000)]
test commit (removing trailing blanks) after migration

19 years agotest blank-line commit after migration -- just ignore
Ralf S. Engelschall [Tue, 10 Dec 2002 10:49:22 +0000 (10:49 +0000)]
test blank-line commit after migration -- just ignore

19 years agoA memset() too many got converted into a OPENSSL_cleanse().
Richard Levitte [Tue, 10 Dec 2002 08:26:05 +0000 (08:26 +0000)]
A memset() too many got converted into a OPENSSL_cleanse().
PR: 393

19 years agoBN_sqr test failure entry.
Andy Polyakov [Mon, 9 Dec 2002 13:43:38 +0000 (13:43 +0000)]
BN_sqr test failure entry.

19 years agoFix wrong URI.
Lutz Jänicke [Mon, 9 Dec 2002 08:49:58 +0000 (08:49 +0000)]
Fix wrong URI.
Submitted by:
Reviewed by:
PR: 390

19 years agomake update
Richard Levitte [Mon, 9 Dec 2002 02:19:27 +0000 (02:19 +0000)]
make update

19 years agoHmm, Geoff's change made things quite interesting. We can now give
Richard Levitte [Mon, 9 Dec 2002 02:18:16 +0000 (02:18 +0000)]
Hmm, Geoff's change made things quite interesting.  We can now give
users the option of disabling deprecated functions, which should of
course be reflected in libeay.num and .def files.  Quite nice,

19 years agoNils Larsch submitted;
Geoff Thorpe [Sun, 8 Dec 2002 16:45:26 +0000 (16:45 +0000)]
Nils Larsch submitted;
  - a patch to fix a memory leak in rsa_gen.c
  - a note about compiler warnings with unions
  - a note about improving structure element names

This applies his patch and implements a solution to the notes.

19 years agoSince it's defined in draft-ietf-tls-compression-04.txt, let's make
Richard Levitte [Sun, 8 Dec 2002 09:31:41 +0000 (09:31 +0000)]
Since it's defined in draft-ietf-tls-compression-04.txt, let's make
ZLIB a known compression method, with the identity 1.

19 years agoUndefine OPENSSL_NO_DEPRECATED inside openssl application code if we are
Geoff Thorpe [Sun, 8 Dec 2002 05:38:44 +0000 (05:38 +0000)]
Undefine OPENSSL_NO_DEPRECATED inside openssl application code if we are
being built with it defined - it is not a symbol to affect how openssl
itself builds, but to alter the way openssl headers can be used from an API
point of view. The "deprecated" function wrappers will always remain inside
OpenSSL at least as long as they're still being used internally. :-)

The exception is dsaparam which has been updated to the BN_GENCB-based
functions to test the new functionality. If GENCB_TEST is defined, dsaparam
will support a "-timebomb <n>" switch to cancel parameter-generation if it
gets as far as 'n' seconds without completion.

19 years agoThis is a first-cut at improving the callback mechanisms used in
Geoff Thorpe [Sun, 8 Dec 2002 05:24:31 +0000 (05:24 +0000)]
This is a first-cut at improving the callback mechanisms used in
key-generation and prime-checking functions. Rather than explicitly passing
callback functions and caller-defined context data for the callbacks, a new
structure BN_GENCB is defined that encapsulates this; a pointer to the
structure is passed to all such functions instead.

This wrapper structure allows the encapsulation of "old" and "new" style
callbacks - "new" callbacks return a boolean result on the understanding
that returning FALSE should terminate keygen/primality processing.  The
BN_GENCB abstraction will allow future callback modifications without
needing to break binary compatibility nor change the API function
prototypes. The new API functions have been given names ending in "_ex" and
the old functions are implemented as wrappers to the new ones.  The
OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined,
declaration of the older functions will be skipped. NB: Some
openssl-internal code will stick with the older callbacks for now, so
appropriate "#undef" logic will be put in place - this is in case the user
is *building* openssl (rather than *including* its headers) with this
symbol defined.

There is another change in the new _ex functions; the key-generation
functions do not return key structures but operate on structures passed by
the caller, the return value is a boolean. This will allow for a smoother
transition to having key-generation as "virtual function" in the various
***_METHOD tables.

19 years agoFix a warning, and do some constification as a lucky side-effect :-)
Geoff Thorpe [Sun, 8 Dec 2002 05:19:43 +0000 (05:19 +0000)]
Fix a warning, and do some constification as a lucky side-effect :-)

19 years agoSince it's defined in draft-ietf-tls-compression-04.txt, let's make
Richard Levitte [Sun, 8 Dec 2002 02:41:11 +0000 (02:41 +0000)]
Since it's defined in draft-ietf-tls-compression-04.txt, let's make
ZLIB a known compression method, with the identity 1.

19 years agoImplement a stateful variant if the ZLIB compression method. The old
Richard Levitte [Sun, 8 Dec 2002 02:39:38 +0000 (02:39 +0000)]
Implement a stateful variant if the ZLIB compression method.  The old
stateless variant is kept, but isn't used anywhere.

19 years agoForgot one.
Richard Levitte [Sat, 7 Dec 2002 20:03:42 +0000 (20:03 +0000)]
Forgot one.

19 years agoAdd a few items I intend to work on for 0.9.8 and on.
Richard Levitte [Sat, 7 Dec 2002 20:02:20 +0000 (20:02 +0000)]
Add a few items I intend to work on for 0.9.8 and on.

19 years agoWorkaround for GCC-ia64 compiler bug.
Andy Polyakov [Fri, 6 Dec 2002 17:18:10 +0000 (17:18 +0000)]
Workaround for GCC-ia64 compiler bug.

Submitted by: <appro>
Reviewed by:

19 years agoSome compilers are quite picky about non-void functions that don't return
Richard Levitte [Fri, 6 Dec 2002 08:50:06 +0000 (08:50 +0000)]
Some compilers are quite picky about non-void functions that don't return

19 years agoApparently, bash is more forgiving than sh. To be backward
Richard Levitte [Fri, 6 Dec 2002 08:43:41 +0000 (08:43 +0000)]
Apparently, bash is more forgiving than sh.  To be backward
compatible, don't use ==, use = instead...

19 years agoKeep NEWS in HEAD up to date.
Richard Levitte [Fri, 6 Dec 2002 00:39:03 +0000 (00:39 +0000)]
Keep NEWS in HEAD up to date.

19 years agoKeep STATUS in HEAD up to date.
Richard Levitte [Thu, 5 Dec 2002 23:01:17 +0000 (23:01 +0000)]
Keep STATUS in HEAD up to date.

19 years agoMerge in relevant changes from the OpenSSL 0.9.6h release.
Richard Levitte [Thu, 5 Dec 2002 21:50:13 +0000 (21:50 +0000)]
Merge in relevant changes from the OpenSSL 0.9.6h release.

19 years agoSSL_CERT_FILE should be used in place of the system default file, not as
Richard Levitte [Thu, 5 Dec 2002 21:07:26 +0000 (21:07 +0000)]
SSL_CERT_FILE should be used in place of the system default file, not as
a first alternative to try

19 years agoCorrected DJGPP patch
Richard Levitte [Thu, 5 Dec 2002 20:50:25 +0000 (20:50 +0000)]
Corrected DJGPP patch

19 years agolinux64-sparcv9 support finally debugged and tested.
Andy Polyakov [Thu, 5 Dec 2002 13:17:52 +0000 (13:17 +0000)]
linux64-sparcv9 support finally debugged and tested.

Submitted by:
Reviewed by:

19 years agoMake sure to implement the cryptodev engine only when /dev/crypto exists.
Richard Levitte [Thu, 5 Dec 2002 10:16:28 +0000 (10:16 +0000)]
Make sure to implement the cryptodev engine only when /dev/crypto exists.

20 years agomake update
Richard Levitte [Thu, 5 Dec 2002 01:55:48 +0000 (01:55 +0000)]
make update

20 years agoDeclare another general file.
Richard Levitte [Thu, 5 Dec 2002 01:42:14 +0000 (01:42 +0000)]
Declare another general file.

20 years agoAllow users to modify /MD to /MT.
Richard Levitte [Thu, 5 Dec 2002 01:35:04 +0000 (01:35 +0000)]
Allow users to modify /MD to /MT.
PR: 380

20 years agoMake sure using SSL_CERT_FILE actually works, and has priority over system defaults.
Richard Levitte [Thu, 5 Dec 2002 01:20:47 +0000 (01:20 +0000)]
Make sure using SSL_CERT_FILE actually works, and has priority over system defaults.
PR: 376

20 years agoIf an application supports static locks, it MUST support dynamic locks as
Richard Levitte [Thu, 5 Dec 2002 00:56:58 +0000 (00:56 +0000)]
If an application supports static locks, it MUST support dynamic locks as
well to be able to use the CHIL engine.
PR: 281

20 years agoPR: 381
Richard Levitte [Thu, 5 Dec 2002 00:05:48 +0000 (00:05 +0000)]
PR: 381

20 years agoOnly check for a result buffer if the allocated string is a prompt string.
Richard Levitte [Thu, 5 Dec 2002 00:04:30 +0000 (00:04 +0000)]
Only check for a result buffer if the allocated string is a prompt string.
PR: 381

20 years agoDo not implement RC4 stuff if RC4 is disabled. Concequently, apply the same
Richard Levitte [Wed, 4 Dec 2002 22:54:02 +0000 (22:54 +0000)]
Do not implement RC4 stuff if RC4 is disabled.  Concequently, apply the same
rule for SHA stuff.
PR: 381

20 years agogethostname() is more a BSD feature than an XOPEN one.
Richard Levitte [Wed, 4 Dec 2002 22:48:01 +0000 (22:48 +0000)]
gethostname() is more a BSD feature than an XOPEN one.
PR: 379

20 years agoCorrect a few typos that I introduced after applying DJGPP patches.
Richard Levitte [Wed, 4 Dec 2002 19:13:43 +0000 (19:13 +0000)]
Correct a few typos that I introduced after applying DJGPP patches.

20 years agoIn ECPKParameters_print, output the private key length correctly
Bodo Möller [Wed, 4 Dec 2002 17:43:01 +0000 (17:43 +0000)]
In ECPKParameters_print, output the private key length correctly
(length of the order of the group, not length of the actual key, which
will be shorter in some cases).

Submitted by: Nils Larsch

20 years agoDon't compute timings here, we can do this elsewhere.
Bodo Möller [Wed, 4 Dec 2002 17:38:40 +0000 (17:38 +0000)]
Don't compute timings here, we can do this elsewhere.
Include X9.62 signature examples.

Submitted by: Nils Larsch

20 years agoMissing ")"
Lutz Jänicke [Wed, 4 Dec 2002 13:30:58 +0000 (13:30 +0000)]
Missing ")"
Submitted by: Christian Hohnstaedt <>
Reviewed by:

20 years agoDJGPP patches.
Richard Levitte [Wed, 4 Dec 2002 09:54:10 +0000 (09:54 +0000)]
DJGPP patches.
PR: 347

20 years agoAdd support for x86_64.
Richard Levitte [Wed, 4 Dec 2002 09:17:43 +0000 (09:17 +0000)]
Add support for x86_64.
PR: 348

20 years agoA gcc 3.0 bug is triggered by our code. Add a section about it in PROBLEMS.
Richard Levitte [Wed, 4 Dec 2002 08:24:18 +0000 (08:24 +0000)]
A gcc 3.0 bug is triggered by our code.  Add a section about it in PROBLEMS.
PR: 375

20 years agoMake ASN1_TYPE_get() work for V_ASN1_NULL type.
Dr. Stephen Henson [Wed, 4 Dec 2002 00:49:46 +0000 (00:49 +0000)]
Make ASN1_TYPE_get() work for V_ASN1_NULL type.

20 years agoTypo in X509v3_get_ext_by_critical
Dr. Stephen Henson [Wed, 4 Dec 2002 00:16:00 +0000 (00:16 +0000)]
Typo in X509v3_get_ext_by_critical

20 years agoIn asn1_d2i_read_bio, don't assume BIO_read will
Dr. Stephen Henson [Tue, 3 Dec 2002 23:50:59 +0000 (23:50 +0000)]
In asn1_d2i_read_bio, don't assume BIO_read will
return the requested number of bytes when reading

20 years agoEXIT() may mean return(). That's confusing, so let's have it really mean
Richard Levitte [Tue, 3 Dec 2002 16:33:03 +0000 (16:33 +0000)]
EXIT() may mean return().  That's confusing, so let's have it really mean
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)

20 years agoMake CRYPTO_cleanse() independent of endianness.
Richard Levitte [Tue, 3 Dec 2002 16:06:40 +0000 (16:06 +0000)]
Make CRYPTO_cleanse() independent of endianness.

20 years agoWindows CE updates, contributed by Steven Reddie <>
Richard Levitte [Tue, 3 Dec 2002 14:20:44 +0000 (14:20 +0000)]
Windows CE updates, contributed by Steven Reddie <>

20 years agodefine USE_SOCKETS so sys/param.h gets included (and thusly, MAXHOSTNAMELEN
Richard Levitte [Mon, 2 Dec 2002 22:49:02 +0000 (22:49 +0000)]
define USE_SOCKETS so sys/param.h gets included (and thusly, MAXHOSTNAMELEN
gets defined).
PR: 371

20 years agoI think I got it now. Apparently, the case of having to shift down
Richard Levitte [Mon, 2 Dec 2002 21:31:45 +0000 (21:31 +0000)]
I think I got it now.  Apparently, the case of having to shift down
the divisor was a bit more complex than I first saw.  The lost bit
can't just be discarded, as there are cases where it is important.
For example, look at dividing 320000 with 80000 vs. 80001 (all
decimals), the difference is crucial.  The trick here is to check if
that lost bit was 1, and in that case, do the following:

1. subtract the quotient from the remainder
2. as long as the remainder is negative, add the divisor (the whole
   divisor, not the shofted down copy) to it, and decrease the
   quotient by one.

There's probably a nice mathematical proof for this already, but I
won't bother with that, unless someone requests it from me.

20 years agoMake some names consistent.
Richard Levitte [Mon, 2 Dec 2002 02:40:27 +0000 (02:40 +0000)]
Make some names consistent.

20 years agoThrough some experimentation and thinking, I think I finally got the
Richard Levitte [Mon, 2 Dec 2002 02:28:27 +0000 (02:28 +0000)]
Through some experimentation and thinking, I think I finally got the
proper implementation of bn_div_words() for VAX.

If the tests go through well, the next step will be to test on Alpha.

20 years agoSmall bugfix: even when r == d, we need to adjust r and q.
Richard Levitte [Sun, 1 Dec 2002 02:17:23 +0000 (02:17 +0000)]
Small bugfix: even when r == d, we need to adjust r and q.
PR: 366

20 years agoEXIT() needs to be in a function that returns int.
Richard Levitte [Sun, 1 Dec 2002 01:23:35 +0000 (01:23 +0000)]
EXIT() needs to be in a function that returns int.

20 years agoRedo the VAX assembler version of bn_div_words().
Richard Levitte [Sun, 1 Dec 2002 00:49:36 +0000 (00:49 +0000)]
Redo the VAX assembler version of bn_div_words().
PR: 366

20 years agoRemove incorrect assert.
Richard Levitte [Fri, 29 Nov 2002 15:18:22 +0000 (15:18 +0000)]
Remove incorrect assert.
PR: 360

20 years agoMake it so all names mentioned in the NAME section of each manpage becomes a
Richard Levitte [Fri, 29 Nov 2002 15:00:58 +0000 (15:00 +0000)]
Make it so all names mentioned in the NAME section of each manpage becomes a
symlink to said manpage.
PR: 242

20 years agoCorrect some names.
Richard Levitte [Fri, 29 Nov 2002 14:21:54 +0000 (14:21 +0000)]
Correct some names.

20 years agoA few more memset()s converted to OPENSSL_cleanse().
Richard Levitte [Fri, 29 Nov 2002 11:30:45 +0000 (11:30 +0000)]
A few more memset()s converted to OPENSSL_cleanse().
I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343

20 years agoHave all tests use EXIT() to exit rather than exit(), since the latter doesn't
Richard Levitte [Thu, 28 Nov 2002 18:54:30 +0000 (18:54 +0000)]
Have all tests use EXIT() to exit rather than exit(), since the latter doesn't
always give the expected result on some platforms.

20 years agoMake sure EXIT() can always be used as one statement.
Richard Levitte [Thu, 28 Nov 2002 18:52:14 +0000 (18:52 +0000)]
Make sure EXIT() can always be used as one statement.

20 years agoCleanse memory using the new OPENSSL_cleanse() function.
Richard Levitte [Thu, 28 Nov 2002 08:04:36 +0000 (08:04 +0000)]
Cleanse memory using the new OPENSSL_cleanse() function.
I've covered all the memset()s I felt safe modifying, but may have missed some.

20 years agoUnused variable removed.
Richard Levitte [Wed, 27 Nov 2002 13:40:41 +0000 (13:40 +0000)]
Unused variable removed.

20 years agoExtra ; removed.
Richard Levitte [Wed, 27 Nov 2002 13:40:11 +0000 (13:40 +0000)]
Extra ; removed.

20 years agoAdd OPENSSL_cleanse() to help cleanse memory and avoid certain compiler
Richard Levitte [Wed, 27 Nov 2002 12:24:05 +0000 (12:24 +0000)]
Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler
and linker optimizations.
PR: 343

20 years agoI forgot that @ in strings must be escaped in Perl
Richard Levitte [Tue, 26 Nov 2002 15:27:05 +0000 (15:27 +0000)]
I forgot that @ in strings must be escaped in Perl

20 years agoThe logic in the main signing and verifying functions to check lengths was
Richard Levitte [Tue, 26 Nov 2002 11:14:32 +0000 (11:14 +0000)]
The logic in the main signing and verifying functions to check lengths was
incorrect.  Fortunately, there is a second check that's correct, when adding
the pads.
PR: 355

20 years agoHeimdal isn't really supported right now. Say so, and offer a possibility
Richard Levitte [Tue, 26 Nov 2002 10:11:58 +0000 (10:11 +0000)]
Heimdal isn't really supported right now.  Say so, and offer a possibility
to force the use of Heimdal, and warn if that's used.
PR: 346

20 years agoSmall bugfixes to the KSSL implementation.
Richard Levitte [Tue, 26 Nov 2002 10:09:36 +0000 (10:09 +0000)]
Small bugfixes to the KSSL implementation.
PR: 349

20 years agoHeimdal isn't really supported right now. Say so, and offer a possibility
Richard Levitte [Tue, 26 Nov 2002 09:19:17 +0000 (09:19 +0000)]
Heimdal isn't really supported right now.  Say so, and offer a possibility
to force the use of Heimdal, and warn if that's used.
PR: 346

20 years agorename some functions to improve consistency
Bodo Möller [Sat, 23 Nov 2002 18:16:09 +0000 (18:16 +0000)]
rename some functions to improve consistency

Submitted by: Sheueling Chang

20 years agoadd a comment
Bodo Möller [Fri, 22 Nov 2002 09:25:35 +0000 (09:25 +0000)]
add a comment