111 Commits

Author SHA1 Message Date
Bodo Möller
c4fddde87b fix potential memory leak when allocation fails
PR: 801
Submitted by: Nils Larsch
2005-03-11 09:00:18 +00:00
Richard Levitte
6628e9629c make update 2004-03-23 17:51:56 +00:00
Dr. Stephen Henson
7884f064f1 Memory leak fix. 2004-03-05 23:40:05 +00:00
Richard Levitte
6bad9d0522 A few more memset()s converted to OPENSSL_cleanse().
I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343
2002-11-29 11:31:18 +00:00
Richard Levitte
920b700d4a Cleanse memory using the new OPENSSL_cleanse() function.
I've covered all the memset()s I felt safe modifying, but may have missed some.
2002-11-28 08:06:36 +00:00
Richard Levitte
9952cfcf62 Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:16:31 +00:00
Bodo Möller
145a2794da don't memset(data,0,...) if data is NULL
Submitted by: anonymous
PR: 254
2002-08-29 11:33:43 +00:00
Lutz Jänicke
d12eb7b024 "make update"
Submitted by:
Reviewed by:
PR:
2002-07-30 09:32:45 +00:00
Richard Levitte
e17af60f15 Try to avoid double declaration of ERR_load_PEM_strings().
PR 71
2002-06-27 17:06:52 +00:00
Richard Levitte
578c1cdefa make update 2002-06-13 21:57:57 +00:00
Richard Levitte
549ce02729 Check errors when parsing a PKCS8INF PEM FILE, or there will be a core dump on error.
PR: 77
2002-06-05 11:58:16 +00:00
Richard Levitte
1c4dc1517d Uhmmm, if we use && after having tested for the presence of the certificate,
we just *might* stand a certain chance of actually getting it written
to file...
2002-04-23 13:15:22 +00:00
Richard Levitte
2aa5dac48f Stop assuming the IV is 8 bytes long, use the real size instead.
This is especially important for AES that has a 16 bytes IV.
2002-02-20 17:55:34 +00:00
Bodo Möller
3ece3605ac remove redundant ERR_load_... declarations 2001-12-17 19:24:39 +00:00
Richard Levitte
75df0bb231 perl util/mkerr.pl -recurse -write -rebuild 2001-11-15 12:44:57 +00:00
Lutz Jänicke
7b0cb7f08d Fix "wierd" typo as submitted by Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>. 2001-02-09 19:05:11 +00:00
Richard Levitte
eb3633164e Fix from main trunk, 2000-09-25 10:52 levitte:
'ranlib' doesn't always run on some systems.  That's actually
acceptable, since all that happens if it fails is a library with an
index, which makes linking slower, but still working correctly.
2000-10-11 02:04:16 +00:00
Richard Levitte
62ab514e98 'make update' 2000-09-07 08:46:51 +00:00
Richard Levitte
9fc2570677 It's not just VMS that needs some symbols to be hacked. Let's
centralise those hacks in crypto/symhacks.h and use it everywhere it's
needed.
2000-09-07 08:18:05 +00:00
Richard Levitte
3009458e2f MD4 implemented. Assar Westerlund provided the digest code itself and the test utility, I added the bits to get a EVP interface, the command line utility and the speed test 2000-08-14 14:05:53 +00:00
Richard Levitte
c2bbf9cf6c I got sick and tired of having to keep track of NIDs when such a thing
could be done automagically, much like the numbering in libeay.num and
ssleay.num.  The solution works as follows:

  - New object identifiers are inserted in objects.txt, following the
    syntax given in objects.README.
  - objects.pl is used to process obj_mac.num and create a new
    obj_mac.h.
  - obj_dat.pl is used to create a new obj_dat.h, using the data in
    obj_mac.h.

This is currently kind of a hack, and the perl code in objects.pl
isn't very elegant, but it works as I intended.  The simplest way to
check that it worked correctly is to look in obj_dat.h and check the
array nid_objs and make sure the objects haven't moved around (this is
important!).  Additions are OK, as well as consistent name changes.
2000-07-05 02:45:36 +00:00
Geoff Thorpe
1c4f90a05d Enable DSO support on alpha (OSF1), cc and gcc.
Also, "make update" has added some missing functions to libeay.num,
updated the TABLE for the alpha changes, and updated thousands of
dependancies that have changed from recent commits.
2000-06-13 12:59:38 +00:00
Richard Levitte
ef33b97050 Using checks of the existence of HEADER_{foo}_H in other header files
was a really bad idea.  For example, the following:

	#include <x509.h>
	#include <bio.h>
	#include <asn1.h>

would make sure that things like ASN1_UTCTIME_print() wasn't defined
unless you moved the inclusion of bio.h to above the inclusion of
x509.h.  The reason is that x509.h includes asn1.h, and the
declaration of ASN1_UTCTIME_print() depended on the definition of
HEADER_BIO_H.  That's what I call an obscure bug.

Instead, this change makes sure that whatever header files are needed
for the correct process of one header file are included automagically,
and that the definitions of, for example, BIO-related things are
dependent on the absence of the NO_{foo} macros.  This is also
consistent with the way parts of OpenSSL can be excluded at will.
2000-06-09 10:41:35 +00:00
Richard Levitte
26a3a48d65 There have been a number of complaints from a number of sources that names
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.
2000-06-01 22:19:21 +00:00
Richard Levitte
82271cee5b In Message-ID: <003201bfb332$14a07520$0801a8c0@janm.transactionsite.com>,
"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order.  Thusly fixed.
2000-05-02 12:16:01 +00:00
Bodo Möller
59fc2b0fc2 Preserve reason strings in automatically build tables. 2000-03-05 00:19:36 +00:00
Bodo Möller
d6f68fa314 Fix for previous patch: If RAND_pseudo_bytes returns 0, this is not an error. 2000-03-03 07:51:25 +00:00
Bodo Möller
7c472f706e Use RAND_pseudo_bytes, not RAND_bytes, for IVs/salts. 2000-03-02 22:29:38 +00:00
Dr. Stephen Henson
c7cb16a8ff Rename functions for new convention. 2000-02-26 01:55:33 +00:00
Dr. Stephen Henson
3142c86d65 Allow ADH to be used but not present in the default cipher
list.

Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.
2000-02-23 01:11:01 +00:00
Dr. Stephen Henson
8a208cba97 New functions and option to use NEW in certificate requests. 2000-02-18 00:54:21 +00:00
Dr. Stephen Henson
a3fe382e2d Pass phrase reorganisation. 2000-02-16 23:16:01 +00:00
Ulf Möller
e7f97e2d22 Check RAND_bytes() return value or use RAND_pseudo_bytes(). 2000-01-21 01:15:56 +00:00
Ulf Möller
eb952088f0 Precautions against using the PRNG uninitialized: RAND_bytes() now
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
2000-01-13 20:59:17 +00:00
Ben Laurie
752d706aaf Make NO_RSA compile with pedantic. 2000-01-08 21:06:24 +00:00
Dr. Stephen Henson
36217a9424 Allow passwords to be included on command line for a few
more utilities.
1999-12-24 23:53:57 +00:00
Dr. Stephen Henson
12aefe78f0 Fixes so NO_RSA works again. 1999-12-24 17:26:33 +00:00
Dr. Stephen Henson
525f51f6c9 Add PKCS#8 utility functions and add PBE options. 1999-12-23 02:02:42 +00:00
Dr. Stephen Henson
d4cec6a13d New options to the -verify program which can be used for chain verification.
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.

Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
1999-11-26 00:27:07 +00:00
Dr. Stephen Henson
52664f5081 Transparent support for PKCS#8 private keys in RSA/DSA.
New universal public key format.

Fix CRL+cert load problem in by_file.c

Make verify report errors when loading files or dirs
1999-11-21 22:28:31 +00:00
Dr. Stephen Henson
06556a1744 'req' fixes. Reinstate length check one request fields.
Fix to stop null being added to attributes.
Modify X509_LOOKUP, X509_INFO to handle auxiliary info.
1999-11-14 23:10:50 +00:00
Dr. Stephen Henson
53b1899e3c Fix a couple of outstanding issues: update STATUS file, fix NO_FP_API problems.
Update docs, change 'ca' to use the new callback parameter. Now moved key_callback
into app.c because some other utilities will use it soon.
1999-11-11 13:58:41 +00:00
Dr. Stephen Henson
ce1b4fe146 Allow additional information to be attached to a
certificate: currently this includes trust settings
and a "friendly name".
1999-11-04 00:45:35 +00:00
Dr. Stephen Henson
f769ce3ea4 More multibyte character support.
Functions to get keys from EVP_PKEY structures.
1999-10-25 02:00:09 +00:00
Dr. Stephen Henson
3ea23631d4 Add support for public key input and output in rsa and dsa utilities with some
new DSA public key functions that were missing.

Also beginning of a cache for X509_EXTENSION structures: this will allow them
to be accessed more quickly for things like certificate chain verification...
1999-10-04 21:17:47 +00:00
Ralf S. Engelschall
1d5edd0882 Fix two remaining prototype-related warnings 1999-08-08 11:25:32 +00:00
Ulf Möller
8c197cc55e VMS updates.
Submitted by: Richard Levitte <levitte@stacken.kth.se>
1999-07-28 23:25:59 +00:00
Bodo Möller
74678cc2f8 Additional user data argument to pem_password_cb function type
and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>
1999-07-21 20:57:16 +00:00
Dr. Stephen Henson
dbd665c210 Change the PEM_* function prototypes to use DECLARE_PEM macros and change
util/mkdef.pl to handle this. Also do a 'make update'.
1999-06-22 01:38:31 +00:00
Ben Laurie
84757d677f Fix warnings. 1999-06-10 19:45:25 +00:00