openssl.git
9 years agocrypto/sparc*: eliminate _sparcv9_rdwrasi.
Andy Polyakov [Fri, 2 Jul 2010 08:06:56 +0000 (08:06 +0000)]
crypto/sparc*: eliminate _sparcv9_rdwrasi.

9 years agoSPARCv9 assembler pack: refine CPU detection on Linux, fix for "unaligned
Andy Polyakov [Thu, 1 Jul 2010 07:34:56 +0000 (07:34 +0000)]
SPARCv9 assembler pack: refine CPU detection on Linux, fix for "unaligned
opcodes detected in executable segment" error.

9 years agono need for empty fragments with TLS 1.1 and later due to explicit IV
Dr. Stephen Henson [Sun, 27 Jun 2010 14:43:03 +0000 (14:43 +0000)]
no need for empty fragments with TLS 1.1 and later due to explicit IV

9 years agoclarify comment
Dr. Stephen Henson [Wed, 16 Jun 2010 13:15:31 +0000 (13:15 +0000)]
clarify comment

9 years agoFix warnings.
Ben Laurie [Sat, 12 Jun 2010 14:13:23 +0000 (14:13 +0000)]
Fix warnings.

9 years agoVC-32.pl: fix /Fd name generation.
Andy Polyakov [Wed, 9 Jun 2010 15:48:25 +0000 (15:48 +0000)]
VC-32.pl: fix /Fd name generation.
PR: 2284

9 years agoghash-x86_64.pl: "528B" variant delivers further >30% improvement.
Andy Polyakov [Wed, 9 Jun 2010 15:05:59 +0000 (15:05 +0000)]
ghash-x86_64.pl: "528B" variant delivers further >30% improvement.

9 years agoghash-x86.pl: commentary updates.
Andy Polyakov [Wed, 9 Jun 2010 15:05:14 +0000 (15:05 +0000)]
ghash-x86.pl: commentary updates.

9 years agoghash-x86.pl: "528B" variant of gcm_ghash_4bit_mmx gives 20-40%
Andy Polyakov [Fri, 4 Jun 2010 13:21:01 +0000 (13:21 +0000)]
ghash-x86.pl: "528B" variant of gcm_ghash_4bit_mmx gives 20-40%
improvement.

9 years agox86 perlasm: add support for 16-bit values.
Andy Polyakov [Fri, 4 Jun 2010 13:13:18 +0000 (13:13 +0000)]
x86 perlasm: add support for 16-bit values.

9 years agoupdate FAQ
Dr. Stephen Henson [Tue, 1 Jun 2010 15:23:21 +0000 (15:23 +0000)]
update FAQ

9 years agoadd CVE-2010-0742 and CVS-2010-1633 fixes
Dr. Stephen Henson [Tue, 1 Jun 2010 14:39:01 +0000 (14:39 +0000)]
add CVE-2010-0742 and CVS-2010-1633 fixes

9 years agoVC-32.pl: unconditionally generate symbols.pdb.
Andy Polyakov [Tue, 1 Jun 2010 06:02:47 +0000 (06:02 +0000)]
VC-32.pl: unconditionally generate symbols.pdb.

9 years agox86_64-xlate.pl: refine mingw support and regexps, update commentary.
Andy Polyakov [Tue, 1 Jun 2010 05:56:24 +0000 (05:56 +0000)]
x86_64-xlate.pl: refine mingw support and regexps, update commentary.

9 years agoConfigure: update mingw config-lines.
Andy Polyakov [Tue, 1 Jun 2010 05:52:39 +0000 (05:52 +0000)]
Configure: update mingw config-lines.

9 years agofix PR#2261 in a different way
Dr. Stephen Henson [Mon, 31 May 2010 13:18:21 +0000 (13:18 +0000)]
fix PR#2261 in a different way

9 years agoPR: 2278
Dr. Stephen Henson [Sat, 29 May 2010 12:49:20 +0000 (12:49 +0000)]
PR: 2278
Submitted By: Mattias Ellert <mattias.ellert@fysast.uu.se>

Fix type checking macro SKM_ASN1_SET_OF_i2d

9 years agoupdate NEWS
Dr. Stephen Henson [Thu, 27 May 2010 15:05:30 +0000 (15:05 +0000)]
update NEWS

9 years agoPR: 2262
Dr. Stephen Henson [Thu, 27 May 2010 14:09:03 +0000 (14:09 +0000)]
PR: 2262
Submitted By: Victor Wagner <vitus@cryptocom.ru>

Fix error reporting in load_key function.

9 years agoPR: 2261
Dr. Stephen Henson [Thu, 27 May 2010 13:07:22 +0000 (13:07 +0000)]
PR: 2261
Submitted By: De Rudder, Stephen L." <s_derudder@tditx.com>

Workaround for newer Windows headers which define EADDRINUSE but not to the
same value as WSAEADDRINUSE.

9 years agoPR: 2258
Dr. Stephen Henson [Thu, 27 May 2010 12:41:05 +0000 (12:41 +0000)]
PR: 2258
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Base64 BIO fixes:

Use OPENSSL_assert() instead of assert().
Use memmove() as buffers overlap.
Fix write retry logic.

9 years agoPR: 2266
Dr. Stephen Henson [Wed, 26 May 2010 23:23:34 +0000 (23:23 +0000)]
PR: 2266
Submitted By: Jonathan Gray <jsg@goblin.cx>

Correct ioctl definitions.

9 years agogcm128.c: P.-M. Hager has tipped about possibility to fold reductions
Andy Polyakov [Wed, 26 May 2010 21:36:36 +0000 (21:36 +0000)]
gcm128.c: P.-M. Hager has tipped about possibility to fold reductions
in gcm_ghash_4bit. Taking the idea a step further I've added extra
256+16 bytes of per-key storage, so that one can speak about 3rd variant
in addition to "256B" and "4KB": "528B" one. Commonly it should be
~50% faster than "256B" implementation or ~25% slower than "4KB" one.

9 years agoAvoid use of ex_data free function in Chil ENGINE so it can be safely
Dr. Stephen Henson [Wed, 26 May 2010 16:17:16 +0000 (16:17 +0000)]
Avoid use of ex_data free function in Chil ENGINE so it can be safely
reloaded.

9 years agoghash-x86.pl: MMX optimization (+20-40%) and commentary update.
Andy Polyakov [Sun, 23 May 2010 12:37:01 +0000 (12:37 +0000)]
ghash-x86.pl: MMX optimization (+20-40%) and commentary update.

9 years agogcm128.c: commentary update.
Andy Polyakov [Sun, 23 May 2010 12:35:41 +0000 (12:35 +0000)]
gcm128.c: commentary update.

9 years agoPR: 2254
Dr. Stephen Henson [Sat, 22 May 2010 00:40:38 +0000 (00:40 +0000)]
PR: 2254
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org

Check for <= 0 i2d return value.

9 years agoPR: 2251
Dr. Stephen Henson [Sat, 22 May 2010 00:30:41 +0000 (00:30 +0000)]
PR: 2251
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org

Memleak, BIO chain leak and realloc checks in v3_pci.c

9 years agoStop compiler complaining in pedantic mode: may be a better way to do this...
Dr. Stephen Henson [Sat, 22 May 2010 00:20:42 +0000 (00:20 +0000)]
Stop compiler complaining in pedantic mode: may be a better way to do this...

9 years agooops, typo
Dr. Stephen Henson [Thu, 20 May 2010 17:36:05 +0000 (17:36 +0000)]
oops, typo

9 years agoUpdate cms-test.pl to handle some Unix like Windows environments where
Dr. Stephen Henson [Thu, 20 May 2010 17:28:37 +0000 (17:28 +0000)]
Update cms-test.pl to handle some Unix like Windows environments where
calling shlib_wrap.sh doesn't work.

9 years agoPR: 2259
Dr. Stephen Henson [Mon, 17 May 2010 11:27:22 +0000 (11:27 +0000)]
PR: 2259
Submitted By: Artem Chuprina <ran@cryptocom.ru>

Check return values of HMAC in tls_P_hash and tls1_generate_key_block.

Although the previous version could in theory crash that would only happen if a
digest call failed. The standard software methods can never fail and only one
ENGINE currently uses digests and it is not compiled in by default.

9 years agooops, revert test patch
Dr. Stephen Henson [Sat, 15 May 2010 00:35:39 +0000 (00:35 +0000)]
oops, revert test patch

9 years agoPR: 2253
Dr. Stephen Henson [Sat, 15 May 2010 00:34:06 +0000 (00:34 +0000)]
PR: 2253
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Check callback return value when outputting errors.

9 years agoPR: 2255
Dr. Stephen Henson [Sat, 15 May 2010 00:19:44 +0000 (00:19 +0000)]
PR: 2255
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Place RSA dependent variable under #ifndef OPENSSL_NO_RSA

9 years agorc4-x86_64.pl: "Westmere" optimization.
Andy Polyakov [Thu, 13 May 2010 21:01:24 +0000 (21:01 +0000)]
rc4-x86_64.pl: "Westmere" optimization.

9 years agoghash-x86[_64].pl: add due credit.
Andy Polyakov [Thu, 13 May 2010 17:21:52 +0000 (17:21 +0000)]
ghash-x86[_64].pl: add due credit.

9 years agoGCM "jumbo" update:
Andy Polyakov [Thu, 13 May 2010 15:32:43 +0000 (15:32 +0000)]
GCM "jumbo" update:
- gcm128.c: support for Intel PCLMULQDQ, readability improvements;
- asm/ghash-x86.pl: splitted vanilla, MMX, PCLMULQDQ subroutines;
- asm/ghash-x86_64.pl: add PCLMULQDQ implementations.

9 years agox86asm.pl: consistency imrovements.
Andy Polyakov [Thu, 13 May 2010 15:28:07 +0000 (15:28 +0000)]
x86asm.pl: consistency imrovements.

9 years agox86_64-xlate.pl: refine some regexp's and add support for OWORD/QWORD PTR.
Andy Polyakov [Thu, 13 May 2010 15:26:46 +0000 (15:26 +0000)]
x86_64-xlate.pl: refine some regexp's and add support for OWORD/QWORD PTR.

9 years agoRevert previous Linux-specific/centric commit#19629. If it really has to
Andy Polyakov [Wed, 5 May 2010 22:05:39 +0000 (22:05 +0000)]
Revert previous Linux-specific/centric commit#19629. If it really has to
be done, it's definitely not the way to do it. So far answer to the
question was to ./config -Wa,--noexecstack (adopted by RedHat).

9 years agoNon-executable stack in asm.
Ben Laurie [Wed, 5 May 2010 15:50:13 +0000 (15:50 +0000)]
Non-executable stack in asm.

9 years ago"Jumbo" update for crypto/modes:
Andy Polyakov [Tue, 4 May 2010 19:23:02 +0000 (19:23 +0000)]
"Jumbo" update for crypto/modes:
- introduce common modes_lcl.h;
- ctr128.c: implement additional CRYPTO_ctr128_encrypt_ctr32 interface;
- gcm128.c: add omitted ARM initialization, remove ctx.ctr;

9 years agoAdd ghash-armv4.pl.
Andy Polyakov [Mon, 3 May 2010 18:23:29 +0000 (18:23 +0000)]
Add ghash-armv4.pl.

9 years agoPR: 2252
Dr. Stephen Henson [Mon, 3 May 2010 15:30:07 +0000 (15:30 +0000)]
PR: 2252
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Update docs to BIO_f_buffer()

9 years agoPR: 2230
Dr. Stephen Henson [Mon, 3 May 2010 13:01:40 +0000 (13:01 +0000)]
PR: 2230
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix bug in bitmask macros and stop warnings.

9 years agoPR: 2244
Dr. Stephen Henson [Mon, 3 May 2010 12:50:36 +0000 (12:50 +0000)]
PR: 2244
Submitted By: "PMHager" <hager@dortmund.net>

Initialise pkey callback to 0.

9 years agoPR: 2250
Dr. Stephen Henson [Mon, 3 May 2010 12:24:01 +0000 (12:24 +0000)]
PR: 2250
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Don't overwrite return value with strlen(f).

9 years agoexperimental function to convert ASN1_TIME to tm, not used or even compiled in yet
Dr. Stephen Henson [Mon, 3 May 2010 12:17:44 +0000 (12:17 +0000)]
experimental function to convert ASN1_TIME to tm, not used or even compiled in yet

9 years agoMissing declarations, no assembler in PEDANTIC.
Ben Laurie [Sat, 1 May 2010 14:41:25 +0000 (14:41 +0000)]
Missing declarations, no assembler in PEDANTIC.

9 years agobss_file.c: refine UTF-8 logic on Windows.
Andy Polyakov [Wed, 28 Apr 2010 20:02:28 +0000 (20:02 +0000)]
bss_file.c: refine UTF-8 logic on Windows.

9 years agoAdd ghash-parisc.pl.
Andy Polyakov [Wed, 28 Apr 2010 18:51:45 +0000 (18:51 +0000)]
Add ghash-parisc.pl.

9 years agoTake gcm128.c and ghash assembler modules into the build loop.
Andy Polyakov [Thu, 22 Apr 2010 21:36:26 +0000 (21:36 +0000)]
Take gcm128.c and ghash assembler modules into the build loop.

9 years agobss_file.c: reserve for option to encode file name with UTF-8.
Andy Polyakov [Wed, 21 Apr 2010 20:38:21 +0000 (20:38 +0000)]
bss_file.c: reserve for option to encode file name with UTF-8.

9 years agomd5-ia64.S: fix assembler warning.
Andy Polyakov [Tue, 20 Apr 2010 20:40:46 +0000 (20:40 +0000)]
md5-ia64.S: fix assembler warning.

9 years agoPR: 2241
Dr. Stephen Henson [Tue, 20 Apr 2010 12:53:18 +0000 (12:53 +0000)]
PR: 2241
Submitted By: Artemy Lebedev <vagran.ast@gmail.com>

Typo.

9 years agonew function to diff tm structures
Dr. Stephen Henson [Thu, 15 Apr 2010 13:25:26 +0000 (13:25 +0000)]
new function to diff tm structures

9 years agooops revert patch not part of Configure diff
Dr. Stephen Henson [Thu, 15 Apr 2010 13:24:20 +0000 (13:24 +0000)]
oops revert patch not part of Configure diff

9 years agooops, commit Configure part of PR#2234
Dr. Stephen Henson [Thu, 15 Apr 2010 13:17:15 +0000 (13:17 +0000)]
oops, commit Configure part of PR#2234

9 years agoPR: 2234
Dr. Stephen Henson [Wed, 14 Apr 2010 23:07:12 +0000 (23:07 +0000)]
PR: 2234
Submitted By: Matthias Andree <matthias.andree@gmx.de>

Use correct path to openssl utility in c_rehash script.

9 years agoPR: 2235
Dr. Stephen Henson [Wed, 14 Apr 2010 23:04:12 +0000 (23:04 +0000)]
PR: 2235
Submitted By: Bruce Stephens <bruce.stephens@isode.com>

Make ts/Makefile consistent with other Makefiles.

9 years agox86_64cpuid.pl: ml64 is allergic to db on label line.
Andy Polyakov [Wed, 14 Apr 2010 19:24:48 +0000 (19:24 +0000)]
x86_64cpuid.pl: ml64 is allergic to db on label line.

9 years agogcm128.c and assembler modules: change argument order for gcm_ghash_4bit.
Andy Polyakov [Wed, 14 Apr 2010 19:04:51 +0000 (19:04 +0000)]
gcm128.c and assembler modules: change argument order for gcm_ghash_4bit.
ghash-x86*.pl: fix performance numbers for Core2, as it turned out
previous ones were "tainted" by variable clock frequency.

9 years agoupdate FAQ
Dr. Stephen Henson [Wed, 14 Apr 2010 13:21:21 +0000 (13:21 +0000)]
update FAQ

9 years ago[co]fb128.c: fix "n=0" bug.
Andy Polyakov [Wed, 14 Apr 2010 07:47:28 +0000 (07:47 +0000)]
[co]fb128.c: fix "n=0" bug.

9 years agofix signed/unsigned comparison warnings
Dr. Stephen Henson [Wed, 14 Apr 2010 00:41:14 +0000 (00:41 +0000)]
fix signed/unsigned comparison warnings

9 years agofix bug in ccgost CFB mode code
Dr. Stephen Henson [Wed, 14 Apr 2010 00:33:06 +0000 (00:33 +0000)]
fix bug in ccgost CFB mode code

9 years agocheck ASN1 type before using it
Dr. Stephen Henson [Wed, 14 Apr 2010 00:30:32 +0000 (00:30 +0000)]
check ASN1 type before using it

9 years agoPR: 2230
Dr. Stephen Henson [Wed, 14 Apr 2010 00:17:55 +0000 (00:17 +0000)]
PR: 2230
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix various DTLS fragment reassembly bugs.

9 years agoPR: 2229
Dr. Stephen Henson [Wed, 14 Apr 2010 00:10:05 +0000 (00:10 +0000)]
PR: 2229
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Don't drop DTLS connection if mac or decryption failed.

9 years agoPR: 2228
Dr. Stephen Henson [Wed, 14 Apr 2010 00:03:27 +0000 (00:03 +0000)]
PR: 2228
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix DTLS buffer record MAC failure bug.

9 years agoaes-ppc.pl: 10% performance improvement on Power6.
Andy Polyakov [Sat, 10 Apr 2010 14:53:17 +0000 (14:53 +0000)]
aes-ppc.pl: 10% performance improvement on Power6.

9 years agoAESNI engine: update test_aesni.
Andy Polyakov [Sat, 10 Apr 2010 14:07:40 +0000 (14:07 +0000)]
AESNI engine: update test_aesni.

9 years agogcm128.c: commentary and formatting updates.
Andy Polyakov [Sat, 10 Apr 2010 14:02:26 +0000 (14:02 +0000)]
gcm128.c: commentary and formatting updates.

9 years agocts128.c: add support for NIST "Ciphertext Stealing" proposal.
Andy Polyakov [Sat, 10 Apr 2010 14:01:02 +0000 (14:01 +0000)]
cts128.c: add support for NIST "Ciphertext Stealing" proposal.

9 years agoAESNI engine: add counter mode.
Andy Polyakov [Sat, 10 Apr 2010 13:56:59 +0000 (13:56 +0000)]
AESNI engine: add counter mode.

9 years agoperlasm/x86*: add support to SSE>2 and pclmulqdq. x86_64-xlate.pl provides
Andy Polyakov [Sat, 10 Apr 2010 13:55:05 +0000 (13:55 +0000)]
perlasm/x86*: add support to SSE>2 and pclmulqdq. x86_64-xlate.pl provides
correct solution to problem addressed in committ #19244.

9 years agosha1-alpha.pl: addenum till commit #19547.
Andy Polyakov [Sat, 10 Apr 2010 13:51:20 +0000 (13:51 +0000)]
sha1-alpha.pl: addenum till commit #19547.

9 years agoctr129.c: fix typo, simplify ctr128_inc and fix "n=0" bug.
Andy Polyakov [Sat, 10 Apr 2010 13:46:53 +0000 (13:46 +0000)]
ctr129.c: fix typo, simplify ctr128_inc and fix "n=0" bug.

9 years agoAdd ghash-alpha.pl assembler module.
Andy Polyakov [Sat, 10 Apr 2010 13:44:20 +0000 (13:44 +0000)]
Add ghash-alpha.pl assembler module.

9 years agosha1-alpha.pl: engage it in build.
Andy Polyakov [Sat, 10 Apr 2010 13:43:26 +0000 (13:43 +0000)]
sha1-alpha.pl: engage it in build.

9 years agosparccpuid.S: some assembler is allergic to apostrophes in comments.
Andy Polyakov [Sat, 10 Apr 2010 13:36:34 +0000 (13:36 +0000)]
sparccpuid.S: some assembler is allergic to apostrophes in comments.

9 years agoalpha-mont.pl: comply with stack alignment requirements.
Andy Polyakov [Sat, 10 Apr 2010 13:33:04 +0000 (13:33 +0000)]
alpha-mont.pl: comply with stack alignment requirements.

9 years agomake GOST MAC work again
Dr. Stephen Henson [Thu, 8 Apr 2010 10:55:04 +0000 (10:55 +0000)]
make GOST MAC work again

9 years agoAdd SHA2 algorithms to SSL_library_init(). Although these aren't used
Dr. Stephen Henson [Wed, 7 Apr 2010 13:18:07 +0000 (13:18 +0000)]
Add SHA2 algorithms to SSL_library_init(). Although these aren't used
directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.

Update docs.

9 years agoRemove obsolete PRNG note. Add comment about use of SHA256 et al.
Dr. Stephen Henson [Tue, 6 Apr 2010 15:03:27 +0000 (15:03 +0000)]
Remove obsolete PRNG note. Add comment about use of SHA256 et al.

9 years agoPR: 2209
Dr. Stephen Henson [Tue, 6 Apr 2010 14:45:18 +0000 (14:45 +0000)]
PR: 2209
Submitted Daniel Mentz <danielml@sent.com>

Documentation typo.

9 years agoPR: 2218
Dr. Stephen Henson [Tue, 6 Apr 2010 12:45:04 +0000 (12:45 +0000)]
PR: 2218
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS replay bug.

9 years agoPR: 2219
Dr. Stephen Henson [Tue, 6 Apr 2010 12:40:19 +0000 (12:40 +0000)]
PR: 2219
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS buffering bug.

9 years agoPR: 2223
Dr. Stephen Henson [Tue, 6 Apr 2010 12:29:31 +0000 (12:29 +0000)]
PR: 2223
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS timeout bug

9 years agoPR: 2220
Dr. Stephen Henson [Tue, 6 Apr 2010 11:18:59 +0000 (11:18 +0000)]
PR: 2220

Fixes to make OpenSSL compile with no-rc4

9 years agofix FAQ (again)
Dr. Stephen Henson [Wed, 31 Mar 2010 11:50:30 +0000 (11:50 +0000)]
fix FAQ (again)

9 years agoupdate FAQ
Dr. Stephen Henson [Tue, 30 Mar 2010 16:43:51 +0000 (16:43 +0000)]
update FAQ

9 years agofix FAQ
Dr. Stephen Henson [Tue, 30 Mar 2010 16:36:59 +0000 (16:36 +0000)]
fix FAQ

9 years agoupdate FAQ
Dr. Stephen Henson [Tue, 30 Mar 2010 16:35:41 +0000 (16:35 +0000)]
update FAQ

9 years agoupdate FAQ
Dr. Stephen Henson [Tue, 30 Mar 2010 16:24:53 +0000 (16:24 +0000)]
update FAQ

9 years agoupdate HEAD FAQ
Dr. Stephen Henson [Tue, 30 Mar 2010 00:49:36 +0000 (00:49 +0000)]
update HEAD FAQ

9 years agocryptlib.c: allow application to override OPENSSL_isservice.
Andy Polyakov [Mon, 29 Mar 2010 10:06:01 +0000 (10:06 +0000)]
cryptlib.c: allow application to override OPENSSL_isservice.
PR: 2194

9 years agoARMv4 assembler: fix compilation failure. Fix is actually unconfirmed, but
Andy Polyakov [Mon, 29 Mar 2010 09:55:19 +0000 (09:55 +0000)]
ARMv4 assembler: fix compilation failure. Fix is actually unconfirmed, but
I can't think of any other cause for failure

9 years agodso_dlfcn.c: fix compile failure on Tru64.
Andy Polyakov [Mon, 29 Mar 2010 09:50:02 +0000 (09:50 +0000)]
dso_dlfcn.c: fix compile failure on Tru64.