openssl.git
15 years agoFlag changes in Configure and config, too.
Ben Laurie [Sun, 24 Apr 2005 12:02:49 +0000 (12:02 +0000)]
Flag changes in Configure and config, too.

Update dependencies.

15 years agoupdate
Nils Larsch [Sun, 24 Apr 2005 09:17:48 +0000 (09:17 +0000)]
update

15 years agoOops...
Dr. Stephen Henson [Sun, 24 Apr 2005 02:24:53 +0000 (02:24 +0000)]
Oops...

15 years agoRecognize zlib and krb5 options in mk1mf.pl
Dr. Stephen Henson [Sun, 24 Apr 2005 02:21:02 +0000 (02:21 +0000)]
Recognize zlib and krb5 options in mk1mf.pl

15 years agomake asn.1 field names const
Nils Larsch [Sat, 23 Apr 2005 13:45:49 +0000 (13:45 +0000)]
make asn.1 field names const

15 years agochange prototype of the ecdh KDF: make input parameter const and the outlen argument...
Nils Larsch [Sat, 23 Apr 2005 10:11:16 +0000 (10:11 +0000)]
change prototype of the ecdh KDF: make input parameter const and the outlen argument  more flexible

15 years agoAdd debug target, remove cast, note possible bug.
Ben Laurie [Sat, 23 Apr 2005 06:05:24 +0000 (06:05 +0000)]
Add debug target, remove cast, note possible bug.

15 years agoAdd prototypes.
Ben Laurie [Fri, 22 Apr 2005 23:57:46 +0000 (23:57 +0000)]
Add prototypes.

15 years agomore const
Nils Larsch [Fri, 22 Apr 2005 21:57:36 +0000 (21:57 +0000)]
more const

15 years agomake update
Nils Larsch [Fri, 22 Apr 2005 20:17:17 +0000 (20:17 +0000)]
make update

15 years ago- use BN_set_negative and BN_is_negative instead of BN_set_sign
Nils Larsch [Fri, 22 Apr 2005 20:02:44 +0000 (20:02 +0000)]
- use BN_set_negative and BN_is_negative instead of BN_set_sign
  and BN_get_sign
- implement BN_set_negative as a function
- always use "#define BN_is_zero(a) ((a)->top == 0)"

15 years agoAvoid aliasing between stack frames and S-boxes. Compress prefetch code.
Andy Polyakov [Fri, 22 Apr 2005 11:49:32 +0000 (11:49 +0000)]
Avoid aliasing between stack frames and S-boxes. Compress prefetch code.

15 years agothe pointer to the message digest is const
Nils Larsch [Thu, 21 Apr 2005 09:43:09 +0000 (09:43 +0000)]
the pointer to the message digest is const

15 years agoProvide a default OPENSSL_ia32cap_loc for non-Intel platforms where
Richard Levitte [Thu, 21 Apr 2005 09:10:19 +0000 (09:10 +0000)]
Provide a default OPENSSL_ia32cap_loc for non-Intel platforms where
util/libeay.num is important when building shared libraries, like
VMS.

15 years agoDon't use standard kerberos library locations in MK1MF builds.
Dr. Stephen Henson [Thu, 21 Apr 2005 00:46:28 +0000 (00:46 +0000)]
Don't use standard kerberos library locations in MK1MF builds.

Fix typo in mk1mf.pl

15 years agoMake kerberos ciphersuite code compile again.
Dr. Stephen Henson [Wed, 20 Apr 2005 21:48:48 +0000 (21:48 +0000)]
Make kerberos ciphersuite code compile again.

Avoid more shadow warnings.

15 years agoRename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts.
Dr. Stephen Henson [Wed, 20 Apr 2005 21:48:06 +0000 (21:48 +0000)]
Rename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts.

Remove more bogus shadow warnings.

15 years agoStop compiler warnings about deprecated lvalue casts.
Dr. Stephen Henson [Wed, 20 Apr 2005 21:39:13 +0000 (21:39 +0000)]
Stop compiler warnings about deprecated lvalue casts.

15 years agoStop bogus shadowing warning.
Dr. Stephen Henson [Wed, 20 Apr 2005 21:34:29 +0000 (21:34 +0000)]
Stop bogus shadowing warning.

15 years agoProcess MINFO file earlier in mk1mf.pl so it can modify variables like CFLAGS.
Dr. Stephen Henson [Wed, 20 Apr 2005 16:22:58 +0000 (16:22 +0000)]
Process MINFO file earlier in mk1mf.pl so it can modify variables like CFLAGS.

Process kerberos include and library options.

15 years agoHandle similar mk1mf.pl options with a hash table.
Dr. Stephen Henson [Wed, 20 Apr 2005 16:01:50 +0000 (16:01 +0000)]
Handle similar mk1mf.pl options with a hash table.

15 years agosigned vs. unsigned.
Richard Levitte [Wed, 20 Apr 2005 13:21:10 +0000 (13:21 +0000)]
signed vs. unsigned.

15 years agoMake sure id2_func is properly cast as well...
Richard Levitte [Wed, 20 Apr 2005 13:17:42 +0000 (13:17 +0000)]
Make sure id2_func is properly cast as well...

15 years agosigned vs. unsigned.
Richard Levitte [Wed, 20 Apr 2005 13:12:33 +0000 (13:12 +0000)]
signed vs. unsigned.

15 years agoAvoid compiler complaint about mismatched function signatures
Richard Levitte [Wed, 20 Apr 2005 13:09:46 +0000 (13:09 +0000)]
Avoid compiler complaint about mismatched function signatures
(void * != char *)

15 years agoResolve signed vs. unsigned.
Richard Levitte [Wed, 20 Apr 2005 12:55:15 +0000 (12:55 +0000)]
Resolve signed vs. unsigned.

15 years agoType mismatch detected by DEC C compiler. void* != void**
Richard Levitte [Wed, 20 Apr 2005 12:53:50 +0000 (12:53 +0000)]
Type mismatch detected by DEC C compiler.  void* != void**

15 years agoAvoid compiler complaint about mismatched function signatures
Richard Levitte [Wed, 20 Apr 2005 10:02:16 +0000 (10:02 +0000)]
Avoid compiler complaint about mismatched function signatures
(void * != RSA *)

15 years agoFix logic in mkdef.pl function is_valid.
Dr. Stephen Henson [Tue, 19 Apr 2005 23:54:44 +0000 (23:54 +0000)]
Fix logic in mkdef.pl function is_valid.

Update symbols

15 years agoStop perl warning.
Dr. Stephen Henson [Tue, 19 Apr 2005 18:57:17 +0000 (18:57 +0000)]
Stop perl warning.

15 years agoNew "algorithm define" OPENSSL_NO_GMP. Update mkdef.pl and Configure script
Dr. Stephen Henson [Tue, 19 Apr 2005 13:24:44 +0000 (13:24 +0000)]
New "algorithm define" OPENSSL_NO_GMP. Update mkdef.pl and Configure script
to use it.

15 years agoIgnore TYPEDEF_OF in mkdef.pl
Dr. Stephen Henson [Tue, 19 Apr 2005 11:49:25 +0000 (11:49 +0000)]
Ignore TYPEDEF_OF in mkdef.pl

15 years agoUpdate year.
Dr. Stephen Henson [Tue, 19 Apr 2005 00:15:18 +0000 (00:15 +0000)]
Update year.

15 years agoVarious Win32 and other fixes for warnings and compilation errors.
Dr. Stephen Henson [Tue, 19 Apr 2005 00:12:36 +0000 (00:12 +0000)]
Various Win32 and other fixes for warnings and compilation errors.

Fix Win32 build system to use 'Makefile' instead of 'Makefile.ssl'.

15 years agoThrow in x86_64 AT&T to MASM assembler converter to facilitate development
Andy Polyakov [Sun, 17 Apr 2005 21:05:57 +0000 (21:05 +0000)]
Throw in x86_64 AT&T to MASM assembler converter to facilitate development
of dual-ABI Unix/Win64 modules.

15 years agoFix from stable branch.
Dr. Stephen Henson [Sun, 17 Apr 2005 13:59:36 +0000 (13:59 +0000)]
Fix from stable branch.

15 years agoSynchronise with ec/Makefile.
Richard Levitte [Sun, 17 Apr 2005 09:07:37 +0000 (09:07 +0000)]
Synchronise with ec/Makefile.

15 years agoMitigate cache-timing attack in CBC mode. This is done by implementing
Andy Polyakov [Sat, 16 Apr 2005 15:23:21 +0000 (15:23 +0000)]
Mitigate cache-timing attack in CBC mode. This is done by implementing
compressed tables (2x compression factor) and by pre-fetching them into
processor cache prior every CBC en-/decryption pass. One can argue why
just CBC? Well, it's commonly used mode in real-life applications and
API allows us to amortize the prefetch costs for larger data chunks...

15 years agoconst fixes
Nils Larsch [Fri, 15 Apr 2005 18:29:33 +0000 (18:29 +0000)]
const fixes

15 years agoEVP_CIPHER_CTX_init is a void function + fix typo
Nils Larsch [Fri, 15 Apr 2005 16:01:35 +0000 (16:01 +0000)]
EVP_CIPHER_CTX_init is a void function + fix typo

PR: 1044 + 1045

15 years agoCheck return values of <Digest>_Init functions in low level digest calls.
Dr. Stephen Henson [Thu, 14 Apr 2005 22:58:44 +0000 (22:58 +0000)]
Check return values of <Digest>_Init functions in low level digest calls.

15 years agoPrototype mnemonics in padlock_verify_context for better portability
Andy Polyakov [Thu, 14 Apr 2005 07:47:10 +0000 (07:47 +0000)]
Prototype mnemonics in padlock_verify_context for better portability
[read support for Solaris assembler].

15 years agoFix for bug emerged in openvpn conext.
Andy Polyakov [Thu, 14 Apr 2005 07:41:29 +0000 (07:41 +0000)]
Fix for bug emerged in openvpn conext.

15 years agoFinal touch to mingw shared.
Andy Polyakov [Wed, 13 Apr 2005 23:54:28 +0000 (23:54 +0000)]
Final touch to mingw shared.

15 years agoMore cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...
Andy Polyakov [Wed, 13 Apr 2005 21:46:30 +0000 (21:46 +0000)]
More cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...

15 years agoAddenum to http://cvs.openssl.org/chngview?cn=13054.
Andy Polyakov [Wed, 13 Apr 2005 21:10:07 +0000 (21:10 +0000)]
Addenum to cvs.openssl.org/chngview?cn=13054.

15 years agoFinal(?) touches to mingw shared support.
Andy Polyakov [Wed, 13 Apr 2005 21:08:39 +0000 (21:08 +0000)]
Final(?) touches to mingw shared support.

15 years agoZap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL.
Andy Polyakov [Wed, 13 Apr 2005 20:51:42 +0000 (20:51 +0000)]
Zap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL.

15 years agoMakefile.ssl -> Makefile
Nils Larsch [Wed, 13 Apr 2005 19:09:43 +0000 (19:09 +0000)]
Makefile.ssl -> Makefile

15 years agoFix typos.
Andy Polyakov [Wed, 13 Apr 2005 15:41:11 +0000 (15:41 +0000)]
Fix typos.

15 years agoIntroduce OPENSSL_NONPIC_relocated to denote relocated DLLs.
Andy Polyakov [Wed, 13 Apr 2005 08:46:35 +0000 (08:46 +0000)]
Introduce OPENSSL_NONPIC_relocated to denote relocated DLLs.

15 years agoParameterize do_solaris rules in Makefile.shared.
Andy Polyakov [Wed, 13 Apr 2005 07:22:41 +0000 (07:22 +0000)]
Parameterize do_solaris rules in Makefile.shared.

15 years agoMinor cryptlib.c update: compiler warnings in OPENSSL_showfatal and
Andy Polyakov [Wed, 13 Apr 2005 06:55:42 +0000 (06:55 +0000)]
Minor cryptlib.c update: compiler warnings in OPENSSL_showfatal and
OPENSSL_stderr stub.

15 years agoUpdate FAQ.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:38:00 +0000 (16:38 +0000)]
Update FAQ.

15 years agoMore overwritten stuff...
Dr. Stephen Henson [Tue, 12 Apr 2005 16:36:36 +0000 (16:36 +0000)]
More overwritten stuff...

15 years agoReplace overwritten lines before error codes.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:17:53 +0000 (16:17 +0000)]
Replace overwritten lines before error codes.

15 years agoRebuild error codes.
Dr. Stephen Henson [Tue, 12 Apr 2005 16:15:22 +0000 (16:15 +0000)]
Rebuild error codes.

15 years agoInclude error library value in C error source files instead of fixing up
Dr. Stephen Henson [Tue, 12 Apr 2005 13:31:14 +0000 (13:31 +0000)]
Include error library value in C error source files instead of fixing up
at runtime.

15 years agoinclude limits.h for UINT_MAX etc.
Nils Larsch [Mon, 11 Apr 2005 20:59:58 +0000 (20:59 +0000)]
include limits.h for UINT_MAX etc.

15 years agoAdd a NEWS item for 0.9.7g.
Richard Levitte [Mon, 11 Apr 2005 15:05:45 +0000 (15:05 +0000)]
Add a NEWS item for 0.9.7g.

15 years agoAdd emacs cache files to .cvsignore.
Richard Levitte [Mon, 11 Apr 2005 14:17:07 +0000 (14:17 +0000)]
Add emacs cache files to .cvsignore.

15 years agoMove allow_proxy_certs declaration to start of function.
Dr. Stephen Henson [Sun, 10 Apr 2005 23:41:09 +0000 (23:41 +0000)]
Move allow_proxy_certs declaration to start of function.

15 years agoMake kerberos ciphersuite code work with newer header files
Dr. Stephen Henson [Sat, 9 Apr 2005 23:55:55 +0000 (23:55 +0000)]
Make kerberos ciphersuite code work with newer header files

15 years agoAdded restrictions on the use of proxy certificates, as they may pose
Richard Levitte [Sat, 9 Apr 2005 16:07:12 +0000 (16:07 +0000)]
Added restrictions on the use of proxy certificates, as they may pose
a security threat on unexpecting applications.  Document and test.

15 years agoadd support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()
Nils Larsch [Fri, 8 Apr 2005 22:52:42 +0000 (22:52 +0000)]
add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()
and SSL_use_PrivateKey_file()

PR: 1035
Submitted by: Walter Goulet
Reviewed by:  Nils Larsch

15 years agoimprove docu of SSL_CTX_use_PrivateKey()
Nils Larsch [Fri, 8 Apr 2005 22:49:57 +0000 (22:49 +0000)]
improve docu of SSL_CTX_use_PrivateKey()

15 years agoget rid of very buggy and very imcomplete DH cert support
Nils Larsch [Thu, 7 Apr 2005 23:19:17 +0000 (23:19 +0000)]
get rid of very buggy and very imcomplete DH cert support

Reviewed by: Bodo Moeller

15 years agomake sure error queue is totally emptied
Nils Larsch [Thu, 7 Apr 2005 22:53:35 +0000 (22:53 +0000)]
make sure error queue is totally emptied

PR: 359

15 years agoconst fixes
Nils Larsch [Thu, 7 Apr 2005 22:48:33 +0000 (22:48 +0000)]
const fixes

15 years agoRecognize MSYS/MINGW environment.
Andy Polyakov [Thu, 7 Apr 2005 20:24:29 +0000 (20:24 +0000)]
Recognize MSYS/MINGW environment.

15 years agoImplement OPENSSL_showfatal and make it Win32 GUI and service aware
Andy Polyakov [Thu, 7 Apr 2005 18:39:45 +0000 (18:39 +0000)]
Implement OPENSSL_showfatal and make it Win32 GUI and service aware
[meaning that it will detect in which context application is running
and either write message to stderr, post a dialog or log an event].

15 years agoHarmonize cygwin/mingw and VC targets.
Andy Polyakov [Thu, 7 Apr 2005 15:51:55 +0000 (15:51 +0000)]
Harmonize cygwin/mingw and VC targets.

15 years ago+45% RC4 performance boost on Intel EM64T core. Unrolled loop providing
Andy Polyakov [Wed, 6 Apr 2005 09:45:42 +0000 (09:45 +0000)]
+45% RC4 performance boost on Intel EM64T core. Unrolled loop providing
further +35% will follow...

Submitted by: Zou Nanhai

15 years agosome const fixes
Nils Larsch [Tue, 5 Apr 2005 19:11:19 +0000 (19:11 +0000)]
some const fixes

15 years agoupdate progs.pl to reflect changes in progs.h
Nils Larsch [Tue, 5 Apr 2005 18:17:13 +0000 (18:17 +0000)]
update progs.pl to reflect changes in progs.h

15 years agofix example in docu
Nils Larsch [Tue, 5 Apr 2005 11:17:03 +0000 (11:17 +0000)]
fix example in docu

PR: 800

15 years agosome const fixes and cleanup
Nils Larsch [Tue, 5 Apr 2005 10:29:43 +0000 (10:29 +0000)]
some const fixes and cleanup

15 years agoremove unused recp method
Nils Larsch [Mon, 4 Apr 2005 18:15:59 +0000 (18:15 +0000)]
remove unused recp method

15 years agoExtend Solaris x86 support to amd64.
Andy Polyakov [Mon, 4 Apr 2005 17:10:53 +0000 (17:10 +0000)]
Extend Solaris x86 support to amd64.

15 years agoSolaris x86 linker erroneously pads .init segment with zeros instead of
Andy Polyakov [Mon, 4 Apr 2005 17:07:16 +0000 (17:07 +0000)]
Solaris x86 linker erroneously pads .init segment with zeros instead of
nops, which causes SEGV at startup. So I don't align anymore.

15 years agoSome non-GNU compilers (such as Sun C) define __i386.
Andy Polyakov [Mon, 4 Apr 2005 17:05:06 +0000 (17:05 +0000)]
Some non-GNU compilers (such as Sun C) define __i386.

15 years agoHISTORY section: point out change of default digest
Bodo Möller [Sun, 3 Apr 2005 23:53:48 +0000 (23:53 +0000)]
HISTORY section: point out change of default digest

15 years agoMake bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially
Andy Polyakov [Sun, 3 Apr 2005 18:53:29 +0000 (18:53 +0000)]
Make bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially
introduced for a reason [like bug in initial gcc port], but proposed
=&r is treated correctly by senior 3.2, so we can assume it's safe now.
PR: 1031

15 years agoIf input is bad, we still need to clear the buffer.
Ben Laurie [Sun, 3 Apr 2005 16:38:22 +0000 (16:38 +0000)]
If input is bad, we still need to clear the buffer.

15 years agouse SHA-1 as the default digest for the apps/openssl commands
Nils Larsch [Sat, 2 Apr 2005 09:29:15 +0000 (09:29 +0000)]
use SHA-1 as the default digest for the apps/openssl commands

15 years agoTypo
Dr. Stephen Henson [Fri, 1 Apr 2005 21:56:15 +0000 (21:56 +0000)]
Typo

15 years agoreally clear the error queue here
Nils Larsch [Fri, 1 Apr 2005 17:50:09 +0000 (17:50 +0000)]
really clear the error queue here

PR: 860

15 years agouse SSL3_VERSION_MAJOR instead of SSL3_VERSION etc.
Nils Larsch [Fri, 1 Apr 2005 17:35:32 +0000 (17:35 +0000)]
use SSL3_VERSION_MAJOR instead of SSL3_VERSION etc.

PR: 658

15 years agoConsistency.
Ben Laurie [Thu, 31 Mar 2005 13:57:54 +0000 (13:57 +0000)]
Consistency.

15 years agoAdd a file with fingerprints that have recently been used to sign
Richard Levitte [Thu, 31 Mar 2005 11:51:47 +0000 (11:51 +0000)]
Add a file with fingerprints that have recently been used to sign
OpenSSL distributions, or are about to.  This has been requested a
little now and then by users, for years :-/...

15 years agoSimplicate and add lightness.
Ben Laurie [Thu, 31 Mar 2005 10:55:55 +0000 (10:55 +0000)]
Simplicate and add lightness.

15 years agoGet rid of irritating noise.
Ben Laurie [Thu, 31 Mar 2005 10:34:59 +0000 (10:34 +0000)]
Get rid of irritating noise.

15 years agoGive everything prototypes (well, everything that's actually used).
Ben Laurie [Thu, 31 Mar 2005 09:26:39 +0000 (09:26 +0000)]
Give everything prototypes (well, everything that's actually used).

15 years agofix header
Nils Larsch [Wed, 30 Mar 2005 21:38:29 +0000 (21:38 +0000)]
fix header

15 years agoMakefile.ssl doesn't exist anymore
Nils Larsch [Wed, 30 Mar 2005 21:37:05 +0000 (21:37 +0000)]
Makefile.ssl doesn't exist anymore

15 years agoTake account of Makefile.ssl removal.
Ben Laurie [Wed, 30 Mar 2005 14:44:50 +0000 (14:44 +0000)]
Take account of Makefile.ssl removal.

15 years agoMake tags target useful.
Ben Laurie [Wed, 30 Mar 2005 14:19:21 +0000 (14:19 +0000)]
Make tags target useful.

15 years agoDon't debug.
Ben Laurie [Wed, 30 Mar 2005 14:15:14 +0000 (14:15 +0000)]
Don't debug.

15 years agoBlow away Makefile.ssl.
Ben Laurie [Wed, 30 Mar 2005 13:05:57 +0000 (13:05 +0000)]
Blow away Makefile.ssl.

15 years agoupdate docs (recent constification)
Nils Larsch [Wed, 30 Mar 2005 11:50:14 +0000 (11:50 +0000)]
update docs (recent constification)