openssl.git
18 years agoAdd a demo that reimplements the RSAref glue in form of a dynamically
Richard Levitte [Wed, 14 Nov 2001 22:42:35 +0000 (22:42 +0000)]
Add a demo that reimplements the RSAref glue in form of a dynamically
loadable engine.

18 years agoAfter loading a dynamic engine, reset the command definitions to the
Richard Levitte [Wed, 14 Nov 2001 22:32:19 +0000 (22:32 +0000)]
After loading a dynamic engine, reset the command definitions to the
empty set.  This prevents engines that do not set the command
definitions themselves to inherit the ones from "dynamic", which would
otherwise be very confusing.

18 years agoChange the order of events so the capabilities of loaded engines can
Richard Levitte [Wed, 14 Nov 2001 22:30:17 +0000 (22:30 +0000)]
Change the order of events so the capabilities of loaded engines can
get listed as well.

18 years agoremove obsolete entry
Bodo Möller [Wed, 14 Nov 2001 21:21:47 +0000 (21:21 +0000)]
remove obsolete entry

18 years agocast to unsigned int, not to int to avoid the warning -- all these
Bodo Möller [Wed, 14 Nov 2001 21:18:35 +0000 (21:18 +0000)]
cast to unsigned int, not to int to avoid the warning -- all these
values really are unsigned

18 years agoconsistency between main branch and stable branch
Bodo Möller [Wed, 14 Nov 2001 21:17:39 +0000 (21:17 +0000)]
consistency between main branch and stable branch

18 years agoImplement STARTTLS for certain protocols, currently only supporting SMTP.
Richard Levitte [Wed, 14 Nov 2001 13:57:52 +0000 (13:57 +0000)]
Implement STARTTLS for certain protocols, currently only supporting SMTP.

18 years agoRemove temporary files
Richard Levitte [Wed, 14 Nov 2001 10:58:37 +0000 (10:58 +0000)]
Remove temporary files

18 years agounsigned int vs. int.
Richard Levitte [Wed, 14 Nov 2001 10:55:29 +0000 (10:55 +0000)]
unsigned int vs. int.

18 years agoExclude .out files
Richard Levitte [Wed, 14 Nov 2001 10:53:47 +0000 (10:53 +0000)]
Exclude .out files

18 years agosynchronise with 0.9.6 stable branch
Bodo Möller [Mon, 12 Nov 2001 23:22:29 +0000 (23:22 +0000)]
synchronise with 0.9.6 stable branch

18 years agoinformation on 0.9.6c-engine
Bodo Möller [Mon, 12 Nov 2001 22:10:15 +0000 (22:10 +0000)]
information on 0.9.6c-engine

18 years agoPhew, finished
Mark J. Cox [Mon, 12 Nov 2001 20:30:01 +0000 (20:30 +0000)]
Phew, finished
Submitted by:
Reviewed by:
PR:

18 years agoI've still got one left; the backport of the Broadcom UBSEC driver to
Mark J. Cox [Mon, 12 Nov 2001 15:32:11 +0000 (15:32 +0000)]
I've still got one left; the backport of the Broadcom UBSEC driver to
0.9.6 that we've got - just waiting for clearance on that one
Submitted by:
Reviewed by:
PR:

18 years agoAdd unixware-7-gcc as in 0.9.6 branch (except that we need a 'sys_id'
Bodo Möller [Mon, 12 Nov 2001 15:31:39 +0000 (15:31 +0000)]
Add unixware-7-gcc as in 0.9.6 branch (except that we need a 'sys_id'
field here, which is left empty).

Various configurations are *only* in the 0.9.6 branch at the moment:
  OpenUNIX
  OpenUNIX-8-gcc-shared
  OpenUNIX-8-shared
Either Configure or CHANGES must be changed to rectify the situation.

18 years agothe PRNG race conditions were mostly a theoretical issue, remove from NEWS
Bodo Möller [Mon, 12 Nov 2001 11:33:38 +0000 (11:33 +0000)]
the PRNG race conditions were mostly a theoretical issue, remove from NEWS

18 years agoadd changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c
Bodo Möller [Mon, 12 Nov 2001 11:28:15 +0000 (11:28 +0000)]
add changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c

18 years agoAdd an FAQ.
Dr. Stephen Henson [Mon, 12 Nov 2001 01:58:50 +0000 (01:58 +0000)]
Add an FAQ.

18 years agoOrder chronologically: move entry for recent s2_clnt.c/s2_srvr.c fixes
Bodo Möller [Sat, 10 Nov 2001 15:14:00 +0000 (15:14 +0000)]
Order chronologically: move entry for recent s2_clnt.c/s2_srvr.c fixes
(nearly) to the top.

Move msg_callback entry to the top as the implementation for SSL 2.0
is based on the s2_clnt.c/s2_srvr.c changes.

18 years agomake code a little more similar to what it looked like before the fixes,
Bodo Möller [Sat, 10 Nov 2001 10:44:15 +0000 (10:44 +0000)]
make code a little more similar to what it looked like before the fixes,
call ssl2_part_read again to parse error message

18 years agoremove incorrect 'callback' prototype
Bodo Möller [Sat, 10 Nov 2001 02:12:56 +0000 (02:12 +0000)]
remove incorrect 'callback' prototype

18 years agomsg_callback documentation
Bodo Möller [Sat, 10 Nov 2001 02:12:09 +0000 (02:12 +0000)]
msg_callback documentation

18 years agomore output for SSL 2.0 in our msg_callback
Bodo Möller [Sat, 10 Nov 2001 01:17:02 +0000 (01:17 +0000)]
more output for SSL 2.0 in our msg_callback

18 years agoImplement msg_callback for SSL 2.0.
Bodo Möller [Sat, 10 Nov 2001 01:16:28 +0000 (01:16 +0000)]
Implement msg_callback for SSL 2.0.

Important SSL 2.0 bugfixes (bugs found while implementing msg_callback).

18 years ago2001, not 2000
Bodo Möller [Fri, 9 Nov 2001 13:15:05 +0000 (13:15 +0000)]
2001, not 2000

18 years agoadjust to OpenSSL_0_9_6-stable version
Bodo Möller [Fri, 9 Nov 2001 13:09:11 +0000 (13:09 +0000)]
adjust to OpenSSL_0_9_6-stable version

18 years agocast to 'unsigned long' before using ~ if we need an unsigned long result
Bodo Möller [Fri, 9 Nov 2001 12:58:05 +0000 (12:58 +0000)]
cast to 'unsigned long' before using ~ if we need an unsigned long result

Submitted by: "Stefan Marxen" <stefan.marxen@gmx.net>

18 years agoclarify
Bodo Möller [Thu, 8 Nov 2001 14:54:21 +0000 (14:54 +0000)]
clarify

18 years agoDon't define _REENTRANT here in e_os.h. On systems where we need
Bodo Möller [Thu, 8 Nov 2001 14:32:06 +0000 (14:32 +0000)]
Don't define _REENTRANT here in e_os.h.  On systems where we need
_REENTRANT if threads support is enabled, the ./Configure entry must
define it so that it ends up in CFLAG.

18 years agoPKCS#12 code fixes: initialize and cleanup digests and ciphers
Dr. Stephen Henson [Tue, 6 Nov 2001 13:54:48 +0000 (13:54 +0000)]
PKCS#12 code fixes: initialize and cleanup digests and ciphers
properly.

18 years agoWin32 fixes.
Dr. Stephen Henson [Tue, 6 Nov 2001 13:40:27 +0000 (13:40 +0000)]
Win32 fixes.

18 years agodes_old.h doesn't really need to include des.h, so don't. That will
Richard Levitte [Tue, 6 Nov 2001 11:37:14 +0000 (11:37 +0000)]
des_old.h doesn't really need to include des.h, so don't.  That will
avoid clashes with other code that have their own DES_ functions but
really only use OpenSSL's old des_ functions.

18 years agoFix email address delete code.
Dr. Stephen Henson [Tue, 6 Nov 2001 01:44:21 +0000 (01:44 +0000)]
Fix email address delete code.

18 years agoPlace the OpenSSL-specific headers back so they always get included,
Richard Levitte [Mon, 5 Nov 2001 18:18:12 +0000 (18:18 +0000)]
Place the OpenSSL-specific headers back so they always get included,
or we get a dependency war in Makefile.ssl

18 years agoNo need to include anything on systems that do not have /dev/crypt
Richard Levitte [Mon, 5 Nov 2001 12:44:14 +0000 (12:44 +0000)]
No need to include anything on systems that do not have /dev/crypt

18 years agoDOS and Windows do not like unistd.h
Richard Levitte [Mon, 5 Nov 2001 12:43:17 +0000 (12:43 +0000)]
DOS and Windows do not like unistd.h

18 years agoIf verify fails, say why.
Ben Laurie [Fri, 2 Nov 2001 13:29:14 +0000 (13:29 +0000)]
If verify fails, say why.

18 years agoChange the shared library support so the shared libraries get built
Richard Levitte [Tue, 30 Oct 2001 08:00:59 +0000 (08:00 +0000)]
Change the shared library support so the shared libraries get built
sooner and the programs get built against the shared libraries.

This requires a bit more work.  Things like -rpath and the possibility
to still link the programs statically should be included.  Some
cleanup is also needed.  This will be worked on.

18 years agoAddapt VMS scripts to the newer disk layout system ODS-5, which allows more than...
Richard Levitte [Mon, 29 Oct 2001 13:05:28 +0000 (13:05 +0000)]
Addapt VMS scripts to the newer disk layout system ODS-5, which allows more than one period and mixed size characters in file names

18 years agoAnother noemailDN fix.
Dr. Stephen Henson [Sat, 27 Oct 2001 17:53:06 +0000 (17:53 +0000)]
Another noemailDN fix.

18 years agoAllow ca to certify requests containing BMPStrings and UTF8Strings.
Dr. Stephen Henson [Sat, 27 Oct 2001 17:04:47 +0000 (17:04 +0000)]
Allow ca to certify requests containing BMPStrings and UTF8Strings.

18 years agoBugfixes for noemailDN option. Make it use the
Dr. Stephen Henson [Sat, 27 Oct 2001 17:03:20 +0000 (17:03 +0000)]
Bugfixes for noemailDN option. Make it use the
correct name (instead of NULL) if nomailDN is
not set, fix memory leaks and retain DN structure
when deleting emailAddress.

18 years agoStop compiler warnings.
Dr. Stephen Henson [Sat, 27 Oct 2001 00:18:04 +0000 (00:18 +0000)]
Stop compiler warnings.

18 years agoAdd support for Subject Info Acess extension.
Dr. Stephen Henson [Sat, 27 Oct 2001 00:16:53 +0000 (00:16 +0000)]
Add support for Subject Info Acess extension.

18 years agoNote BUF_MEM_grow() consistency fix.
Bodo Möller [Fri, 26 Oct 2001 14:06:33 +0000 (14:06 +0000)]
Note BUF_MEM_grow() consistency fix.

18 years agoConsistency fix in BUF_MEM_grow: Initialise to zero when new memory
Bodo Möller [Fri, 26 Oct 2001 13:12:25 +0000 (13:12 +0000)]
Consistency fix in BUF_MEM_grow: Initialise to zero when new memory
had to be allocated, not just when reusing the existing buffer.

18 years agodisable caching in BIO_gethostbyname
Bodo Möller [Fri, 26 Oct 2001 13:04:23 +0000 (13:04 +0000)]
disable caching in BIO_gethostbyname

18 years agoNew options to allow req to accept UTF8 strings as input.
Dr. Stephen Henson [Fri, 26 Oct 2001 12:40:38 +0000 (12:40 +0000)]
New options to allow req to accept UTF8 strings as input.

18 years agoremove compatibility notes that no longer apply
Ulf Möller [Thu, 25 Oct 2001 17:45:25 +0000 (17:45 +0000)]
remove compatibility notes that no longer apply

18 years agoCorrect some links...
Richard Levitte [Thu, 25 Oct 2001 16:56:06 +0000 (16:56 +0000)]
Correct some links...

18 years agoChange the DES documentation to reflect the current status. Note that
Richard Levitte [Thu, 25 Oct 2001 16:55:17 +0000 (16:55 +0000)]
Change the DES documentation to reflect the current status.  Note that
some password reading functions are really part of the UI
compatibility library...

18 years agoMake sure openssl speed is compilable on systems where fork() doesn't
Richard Levitte [Thu, 25 Oct 2001 16:08:17 +0000 (16:08 +0000)]
Make sure openssl speed is compilable on systems where fork() doesn't
exist.  For now, that's all the ones we "support" except Unix.

18 years agoAdd paralellism to speed - note that this currently causes a weird memory leak.
Ben Laurie [Thu, 25 Oct 2001 14:27:17 +0000 (14:27 +0000)]
Add paralellism to speed - note that this currently causes a weird memory leak.

18 years agoFix warning.
Ben Laurie [Thu, 25 Oct 2001 14:24:59 +0000 (14:24 +0000)]
Fix warning.

18 years agoLike MD_Init, MD now must include a NULL engine pointer in its definition.
Bodo Möller [Thu, 25 Oct 2001 08:53:54 +0000 (08:53 +0000)]
Like MD_Init, MD now must include a NULL engine pointer in its definition.

18 years agoremove redundant definitions that are also in des.h
Bodo Möller [Thu, 25 Oct 2001 08:46:10 +0000 (08:46 +0000)]
remove redundant definitions that are also in des.h

18 years agomention des_old.h
Bodo Möller [Thu, 25 Oct 2001 08:44:10 +0000 (08:44 +0000)]
mention des_old.h

18 years agoAdd '-noemailDN' option to 'openssl ca'. This prevents inclusion of
Bodo Möller [Thu, 25 Oct 2001 08:25:19 +0000 (08:25 +0000)]
Add '-noemailDN' option to 'openssl ca'.  This prevents inclusion of
the e-mail address in the DN (i.e., it will go into a certificate
extension only).  The new configuration file option 'email_in_dn = no'
has the same effect.

Submitted by: Massimiliano Pala madwolf@openca.org

18 years agofilenames are des_old.[ch], not des.comp*
Bodo Möller [Thu, 25 Oct 2001 08:23:13 +0000 (08:23 +0000)]
filenames are des_old.[ch], not des.comp*

18 years agoConsistency with s2_... and s23_... variants (no real functional
Bodo Möller [Thu, 25 Oct 2001 08:17:53 +0000 (08:17 +0000)]
Consistency with s2_... and s23_... variants (no real functional
change)

18 years agoRemove DES_random_seed() but retain des_random_seed() for now. Change
Richard Levitte [Thu, 25 Oct 2001 06:46:22 +0000 (06:46 +0000)]
Remove DES_random_seed() but retain des_random_seed() for now.  Change
the docs to reflect this change and correct libeay.num.

18 years agoAssume TLS 1.0 when ClientHello fragment is too short.
Bodo Möller [Thu, 25 Oct 2001 06:09:51 +0000 (06:09 +0000)]
Assume TLS 1.0 when ClientHello fragment is too short.

18 years agoHave the removal warnings very high up in the source.
Richard Levitte [Thu, 25 Oct 2001 05:37:10 +0000 (05:37 +0000)]
Have the removal warnings very high up in the source.

18 years agoA C file is a C file is a C file!
Richard Levitte [Wed, 24 Oct 2001 21:31:14 +0000 (21:31 +0000)]
A C file is a C file is a C file!

18 years agoDue to an increasing number of clashes between modern OpenSSL and
Richard Levitte [Wed, 24 Oct 2001 21:21:12 +0000 (21:21 +0000)]
Due to an increasing number of clashes between modern OpenSSL and
libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_.  Compatibility routines are provided and declared by including
openssl/des_old.h.  Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.

The compatibility functions will be removed in some future release, at
the latest in version 1.0.

18 years agoFix SSL handshake functions and SSL_clear() such that SSL_clear()
Bodo Möller [Wed, 24 Oct 2001 19:03:22 +0000 (19:03 +0000)]
Fix SSL handshake functions and SSL_clear() such that SSL_clear()
never resets s->method to s->ctx->method when called from within
one of the SSL handshake functions.

18 years agoDeprecate the macro MAC_OS_pre_X.
Richard Levitte [Wed, 24 Oct 2001 15:32:53 +0000 (15:32 +0000)]
Deprecate the macro MAC_OS_pre_X.

18 years agomake update
Richard Levitte [Wed, 24 Oct 2001 15:32:14 +0000 (15:32 +0000)]
make update

18 years agomake update
Richard Levitte [Wed, 24 Oct 2001 08:27:22 +0000 (08:27 +0000)]
make update

18 years agoCorrection of the id-pda OID's.
Richard Levitte [Tue, 23 Oct 2001 14:30:57 +0000 (14:30 +0000)]
Correction of the id-pda OID's.
Submitted by Frederic.Giudicelli@INTRINsec.com

18 years agoSanitize CHANGES entry.
Dr. Stephen Henson [Tue, 23 Oct 2001 00:54:58 +0000 (00:54 +0000)]
Sanitize CHANGES entry.

18 years agoFix memory leak.
Bodo Möller [Mon, 22 Oct 2001 13:59:36 +0000 (13:59 +0000)]
Fix memory leak.

18 years agoReject certificates with unhandled critical extensions.
Dr. Stephen Henson [Sun, 21 Oct 2001 02:09:15 +0000 (02:09 +0000)]
Reject certificates with unhandled critical extensions.

18 years agoStop spurious "unable to load config info" errors in req
Dr. Stephen Henson [Sun, 21 Oct 2001 01:05:53 +0000 (01:05 +0000)]
Stop spurious "unable to load config info" errors in req

18 years agoCall msg_callback with correct length parameter if ssl3_write_bytes had to
Bodo Möller [Sat, 20 Oct 2001 18:56:01 +0000 (18:56 +0000)]
Call msg_callback with correct length parameter if ssl3_write_bytes had to
be called multiple times

18 years agoNew functions SSL[_CTX]_set_msg_callback().
Bodo Möller [Sat, 20 Oct 2001 17:56:36 +0000 (17:56 +0000)]
New functions SSL[_CTX]_set_msg_callback().
New macros SSL[_CTX]_set_msg_callback_arg().

Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).

New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.

In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.

Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).

Add/update some OpenSSL copyright notices.

18 years agoTypo.
Dr. Stephen Henson [Sat, 20 Oct 2001 16:22:28 +0000 (16:22 +0000)]
Typo.

18 years agoAdd missing EVP_CIPHER_CTX_{init,cleanup}
Dr. Stephen Henson [Sat, 20 Oct 2001 16:18:03 +0000 (16:18 +0000)]
Add missing EVP_CIPHER_CTX_{init,cleanup}

18 years agogcc complained about "write" being shadowed even though the "write"
Bodo Möller [Wed, 17 Oct 2001 20:44:25 +0000 (20:44 +0000)]
gcc complained about "write" being shadowed even though the "write"
variable name occured just in a function *prototype* -- so rename it

18 years agoWrong place...
Richard Levitte [Wed, 17 Oct 2001 17:54:17 +0000 (17:54 +0000)]
Wrong place...

18 years agoThe EVP_*Init_ex() functions take one extra argument. Let's default
Richard Levitte [Wed, 17 Oct 2001 16:03:42 +0000 (16:03 +0000)]
The EVP_*Init_ex() functions take one extra argument.  Let's default
it to NULL.

18 years agodocument SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
Bodo Möller [Wed, 17 Oct 2001 11:56:26 +0000 (11:56 +0000)]
document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION

18 years agoUpdate docs.
Dr. Stephen Henson [Wed, 17 Oct 2001 01:50:32 +0000 (01:50 +0000)]
Update docs.

18 years agoModify EVP cipher behaviour in a similar way
Dr. Stephen Henson [Wed, 17 Oct 2001 00:37:12 +0000 (00:37 +0000)]
Modify EVP cipher behaviour in a similar way
to digests to retain compatibility.

18 years agoFlush buffers to prevent mixed output (Adam Back <adam@cypherspace.org>).
Lutz Jänicke [Tue, 16 Oct 2001 14:24:46 +0000 (14:24 +0000)]
Flush buffers to prevent mixed output (Adam Back <adam@cypherspace.org>).

18 years agoAdd per-SSL 'msg_callback' with 'msg_callback_arg'.
Bodo Möller [Tue, 16 Oct 2001 13:09:24 +0000 (13:09 +0000)]
Add per-SSL 'msg_callback' with 'msg_callback_arg'.
Both have per-SSL_CTX defaults.
These new values can be set by calling SSL[_CTX]_[callback_]ctrl
with codes SSL_CTRL_SET_MSG_CALLBACK and SSL_CTRL_SET_MSG_CALLBACK_ARG.

So far, the callback is never actually called.

Also rearrange some SSL_CTX struct members (some exist just in
SSL_CTXs, others are defaults for SSLs and are either copied
during SSL_new, or used if the value in the SSL is not set;
these three classes of members were not in a logical order),
and add some missing assignments to SSL_dup.

18 years agoUpdate docs.
Dr. Stephen Henson [Tue, 16 Oct 2001 02:22:59 +0000 (02:22 +0000)]
Update docs.

18 years agoRetain compatibility of EVP_DigestInit() and EVP_DigestFinal()
Dr. Stephen Henson [Tue, 16 Oct 2001 01:24:29 +0000 (01:24 +0000)]
Retain compatibility of EVP_DigestInit() and EVP_DigestFinal()
with existing code.

Modify library to use digest *_ex() functions.

18 years agoThe message header for fake SSL 3.0/TLS 1.0 client hellos created from
Bodo Möller [Tue, 16 Oct 2001 00:56:04 +0000 (00:56 +0000)]
The message header for fake SSL 3.0/TLS 1.0 client hellos created from
SSL 2.0 client hellos added with the previous commit was totally wrong --
it must start with the message type, not the protocol version.
(Not that this particular header is actually used anywhere ...)

18 years agoFor consistency, set s->init_num in the 'reuse_message' case
Bodo Möller [Mon, 15 Oct 2001 20:16:36 +0000 (20:16 +0000)]
For consistency, set s->init_num in the 'reuse_message' case
(if s23_srvr.c faked the message, s->init_num is 0).

18 years agoChange ssl3_get_message and the functions using it so that complete
Bodo Möller [Mon, 15 Oct 2001 19:49:25 +0000 (19:49 +0000)]
Change ssl3_get_message and the functions using it so that complete
'Handshake' protocol structures are kept in memory, including
'msg_type' and 'length'.

(This is in preparation of future support for callbacks that get to
peek at handshake messages and the like.)

18 years agomake sure .rnd exists
Bodo Möller [Mon, 15 Oct 2001 17:58:00 +0000 (17:58 +0000)]
make sure .rnd exists

18 years agoFix ssl3_get_message handle message fragmentation correctly.
Bodo Möller [Mon, 15 Oct 2001 17:41:41 +0000 (17:41 +0000)]
Fix ssl3_get_message handle message fragmentation correctly.

18 years agothe previous commit accidentily removed 'ret = 1' from the SSL_ST_OK
Bodo Möller [Mon, 15 Oct 2001 17:40:42 +0000 (17:40 +0000)]
the previous commit accidentily removed 'ret = 1' from the SSL_ST_OK
case of ssl3_accept

18 years agoopenbsd-x86 macros
Ulf Möller [Sun, 14 Oct 2001 00:57:30 +0000 (00:57 +0000)]
openbsd-x86 macros

Submitted by: Toomas Kiisk <vix@cyber.ee>

18 years agoUpdate information as a partial response to the post
Lutz Jänicke [Fri, 12 Oct 2001 12:29:16 +0000 (12:29 +0000)]
Update information as a partial response to the post
  From: "Chris D. Peterson" <cpeterson@aventail.com>
  Subject: Implementation Issues with OpenSSL
  To: openssl-users@openssl.org
  Date: Wed, 22 Aug 2001 16:13:17 -0700
The patch included in the original post may improve the internal session
list handling (and is therefore worth a seperate investigation).
No change to the list handling will however solve the problems of incorrect
SSL_SESSION_free() calls. The session list is only one possible point of
failure, dangling pointers would also occur for SSL object currently
using the session. The correct solution is to only use SSL_SESSION_free()
when applicable!

18 years agoIn certain cases, no encoding has been set up for the b64 filter. In
Richard Levitte [Thu, 11 Oct 2001 19:38:40 +0000 (19:38 +0000)]
In certain cases, no encoding has been set up for the b64 filter.  In
such cases, a flush should *not* attempt to finalise the encoding, as
the EVP_ENCODE_CTX structure will only be filled with garbage.  For
the same reason, do the same check when a wpending is performed.

18 years ago'make update'
Richard Levitte [Wed, 10 Oct 2001 21:52:06 +0000 (21:52 +0000)]
'make update'

18 years agoAdd support for md4WithRSAEncryption.
Richard Levitte [Wed, 10 Oct 2001 21:37:45 +0000 (21:37 +0000)]
Add support for md4WithRSAEncryption.

18 years agoFor systems where gcc is used and where we don't know if GNU ld is
Richard Levitte [Wed, 10 Oct 2001 14:46:41 +0000 (14:46 +0000)]
For systems where gcc is used and where we don't know if GNU ld is
used or not, let's ask collect2 which ld it uses and choose to use the
target do-gnu_shared if GNU ld is used.

This solves the reported problems on Solaris systems where GNU cc is
used but GNU ld isn't, and probably on other systems with similar
setups.