openssl

Author	SHA1	Message	Date
Matt Caswell	40720ce3ca	Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>	2015-01-22 09:52:55 +00:00
Matt Caswell	c7c7a432df	indent has problems with comments that are on the right hand side of a line. Sometimes it fails to format them very well, and sometimes it corrupts them! This commit moves some particularly problematic ones. Conflicts: crypto/bn/bn.h crypto/ec/ec_lcl.h crypto/rsa/rsa.h demos/engines/ibmca/hw_ibmca.c ssl/ssl.h ssl/ssl3.h Conflicts: crypto/ec/ec_lcl.h ssl/tls1.h Conflicts: crypto/ec/ecp_nistp224.c crypto/evp/evp.h ssl/d1_both.c ssl/ssl.h ssl/ssl_lib.c Conflicts: crypto/bio/bss_file.c crypto/ec/ec_lcl.h crypto/evp/evp.h crypto/store/str_mem.c crypto/whrlpool/wp_block.c crypto/x509/x509_vfy.h ssl/ssl.h ssl/ssl3.h ssl/ssltest.c ssl/t1_lib.c ssl/tls1.h Reviewed-by: Tim Hudson <tjh@openssl.org>	2015-01-22 09:50:57 +00:00
Matt Caswell	00ea17f9d7	Fix source where indent will not be able to cope Conflicts: apps/ciphers.c ssl/s3_pkt.c Conflicts: crypto/ec/ec_curve.c Conflicts: crypto/ec/ec_curve.c ssl/s3_clnt.c ssl/s3_srvr.c ssl/ssl_sess.c Conflicts: apps/ciphers.c crypto/bn/bn.h crypto/ec/ec_curve.c ssl/t1_enc.c ssl/t1_lib.c Reviewed-by: Tim Hudson <tjh@openssl.org>	2015-01-22 09:49:13 +00:00
Tim Hudson	b558c8d597	mark all block comments that need format preserving so that indent will not alter them when reformatting comments (cherry picked from commit 1d97c8435171a7af575f73c526d79e1ef0ee5960) Conflicts: crypto/bn/bn_lcl.h crypto/bn/bn_prime.c crypto/engine/eng_all.c crypto/rc4/rc4_utl.c crypto/sha/sha.h ssl/kssl.c ssl/t1_lib.c Conflicts: crypto/rc4/rc4_enc.c crypto/x509v3/v3_scts.c crypto/x509v3/v3nametest.c ssl/d1_both.c ssl/s3_srvr.c ssl/ssl.h ssl/ssl_locl.h ssl/ssltest.c ssl/t1_lib.c Conflicts: crypto/asn1/a_sign.c crypto/bn/bn_div.c crypto/dsa/dsa_asn1.c crypto/ec/ecp_nistp224.c crypto/ec/ecp_nistp256.c crypto/ec/ecp_nistp521.c crypto/ec/ecp_nistputil.c crypto/modes/gcm128.c crypto/opensslv.h ssl/d1_both.c ssl/heartbeat_test.c ssl/s3_clnt.c ssl/s3_srvr.c ssl/ssl_sess.c ssl/t1_lib.c test/testutil.h Conflicts: apps/openssl.c apps/ts.c apps/vms_decc_init.c crypto/aes/aes_core.c crypto/aes/aes_x86core.c crypto/dsa/dsa_ameth.c crypto/ec/ec2_mult.c crypto/evp/evp.h crypto/objects/objects.h crypto/rsa/rsa_pss.c crypto/stack/safestack.h crypto/ts/ts.h crypto/ts/ts_rsp_verify.c crypto/whrlpool/wp_dgst.c crypto/x509v3/v3_ncons.c e_os2.h engines/ccgost/gost89.c engines/ccgost/gost_ctl.c engines/ccgost/gost_keywrap.c engines/ccgost/gost_keywrap.h engines/ccgost/gost_sign.c ssl/kssl.c ssl/s3_srvr.c Reviewed-by: Tim Hudson <tjh@openssl.org>	2015-01-22 09:48:44 +00:00
Dr. Stephen Henson	3795297af8	Change old obsolete email address...	2008-11-05 18:36:57 +00:00
Dr. Stephen Henson	e852835da6	Make update: delete duplicate error code.	2008-09-17 17:11:09 +00:00
Dr. Stephen Henson	d83dde6180	Merge changes to build system from fips branch.	2008-09-16 21:44:57 +00:00
Dr. Stephen Henson	e3f2860e73	Merge public key FIPS code, RSA, DSA, DH.	2008-09-16 14:55:26 +00:00
Dr. Stephen Henson	1af12ff1d1	Fix error code discrepancy. Make update.	2008-09-14 16:43:37 +00:00
Lutz Jänicke	fbfa11fb29	Typos PR: 1578 Submitted by: Charles Longeau <chl@tuxfamily.org>	2007-09-24 11:22:31 +00:00
Bodo Möller	7cdb81582c	Change to mitigate branch prediction attacks Submitted by: Matthew D Wood Reviewed by: Bodo Moeller	2007-03-28 00:14:25 +00:00
Dr. Stephen Henson	4a0d3530e0	Update from HEAD.	2007-01-21 13:16:49 +00:00
Dr. Stephen Henson	115fc340cb	Rebuild error file C source files.	2006-11-21 20:14:46 +00:00
Mark J. Cox	fdff41e166	Initialise ctx to NULL to avoid uninitialized free, noticed by Steve Kiernan	2006-09-29 08:21:07 +00:00
Mark J. Cox	951dfbb13a	Introduce limits to prevent malicious keys being able to cause a denial of service. (CVE-2006-2940) [Steve Henson, Bodo Moeller] Fix ASN.1 parsing of certain invalid structures that can result in a denial of service. (CVE-2006-2937) [Steve Henson] Fix buffer overflow in SSL_get_shared_ciphers() function. (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team] Fix SSL client code which could crash if connecting to a malicious SSLv2 server. (CVE-2006-4343) [Tavis Ormandy and Will Drewry, Google Security Team]	2006-09-28 11:29:03 +00:00
Nils Larsch	b7a80146f4	fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end()	2006-03-13 23:12:08 +00:00
Dr. Stephen Henson	9f85fcefdc	Update filenames in makefiles	2006-02-04 01:49:36 +00:00
Richard Levitte	5f4dcaf781	/usr/bin/perl util/mkerr.pl -recurse -write -rebuild	2006-01-09 16:05:22 +00:00
Ben Laurie	9ddb11f11c	Avoid weak subgroups in Diffie Hellman.	2005-08-20 18:35:53 +00:00
Bodo Möller	cad811fc41	Use BN_with_flags() in a cleaner way.	2005-05-27 15:39:24 +00:00
Andy Polyakov	ce92b6eb9c	Further BUILDENV refinement, further fool-proofing of Makefiles and [most importantly] put back dependencies accidentaly eliminated in check-in #13342.	2005-05-16 16:55:47 +00:00
Bodo Möller	46a643763d	Implement fixed-window exponentiation to mitigate hyper-threading timing attacks. BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for RSA/DSA/DH private key computations unless RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/ DH_FLAG_NO_EXP_CONSTTIME is set. Submitted by: Matthew D Wood Reviewed by: Bodo Moeller	2005-05-16 01:43:31 +00:00
Andy Polyakov	81a86fcf17	Fool-proofing Makefiles	2005-05-15 22:23:26 +00:00
Andy Polyakov	3cc54008eb	Pointer to BN_MONT_CTX could be used uninitialized.	2005-04-28 08:49:01 +00:00
Dr. Stephen Henson	879b19801a	Change method_mont_p from (char ) to (BN_MONT_CTX ) and remove several casts.	2005-04-27 00:04:59 +00:00
Dr. Stephen Henson	6ec8e63af6	Port BN_MONT_CTX_set_locked() from stable branch. The function rsa_eay_mont_helper() has been removed because it is no longer needed after this change.	2005-04-26 23:58:54 +00:00
Bodo Möller	aa4ce7315f	Fix various incorrect error function codes. ("perl util/ck_errf.pl /.c //*.c" still reports many more.)	2005-04-26 18:53:22 +00:00
Dr. Stephen Henson	29dc350813	Rebuild error codes.	2005-04-12 16:15:22 +00:00
Richard Levitte	4bb61becbb	Add emacs cache files to .cvsignore.	2005-04-11 14:17:07 +00:00
Ben Laurie	41a15c4f0f	Give everything prototypes (well, everything that's actually used).	2005-03-31 09:26:39 +00:00
Ben Laurie	42ba5d2329	Blow away Makefile.ssl.	2005-03-30 13:05:57 +00:00
Richard Levitte	a2ac429da2	Don't use $(EXHEADER) directly in for loops, as most shells will break if $(EXHEADER) is empty. Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>	2004-11-02 23:55:01 +00:00
Geoff Thorpe	9c52d2cc75	After the latest round of header-hacking, regenerate the dependencies in the Makefiles. NB: this commit is probably going to generate a huge posting and it is highly uninteresting to read.	2004-05-17 19:26:06 +00:00
Geoff Thorpe	0f814687b9	Deprecate the recursive includes of bn.h from various API headers (asn1.h, dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are already declared in ossl_typ.h. Add explicit includes for bn.h in those C files that need access to structure internals or API functions+macros.	2004-05-17 19:14:22 +00:00
Geoff Thorpe	c57bc2dc51	make update	2004-04-19 18:33:41 +00:00
Geoff Thorpe	3a87a9b9db	Reduce header interdependencies, initially in engine.h (the rest of the changes are the fallout). As this could break source code that doesn't directly include headers for interfaces it uses, changes to recursive includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to define this when building and using openssl, and then adapt code where necessary - this is how to stay current. However the mechanism exists for the lethargic.	2004-04-19 17:46:04 +00:00
Richard Levitte	79b42e7654	Use sh explicitely to run point.sh This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 14:59:07 +00:00
Richard Levitte	4d8743f490	Netware-specific changes, PR: 780 Submitted by: Verdon Walker <VWalker@novell.com> Reviewed by: Richard Levitte	2003-11-28 13:10:58 +00:00
Geoff Thorpe	2aaec9cced	Update any code that was using deprecated functions so that everything builds and links with OPENSSL_NO_DEPRECATED defined.	2003-10-29 04:14:08 +00:00
Geoff Thorpe	9d473aa2e4	When OPENSSL_NO_DEPRECATED is defined, deprecated functions are (or should be) precompiled out in the API headers. This change is to ensure that if it is defined when compiling openssl, the deprecated functions aren't implemented either.	2003-10-29 04:06:50 +00:00
Richard Levitte	d1465bac90	make update	2003-05-01 04:10:32 +00:00
Richard Levitte	1a0c1f9052	make update	2003-04-10 20:11:09 +00:00
Richard Levitte	43eb3b0130	We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form of unneeded includes of openssl/engine.h.	2003-04-08 06:00:05 +00:00
Richard Levitte	d3ae5b1c8a	Make sure we get the definition of OPENSSL_NO_DH.	2003-03-20 23:21:27 +00:00
Richard Levitte	78951e7711	Make sure we get the definition of OPENSSL_NO_ERR.	2003-03-20 23:19:41 +00:00
Ulf Möller	66ecdf3bfb	more mingw related cleanups.	2003-02-22 18:00:14 +00:00
Richard Levitte	5fe11c7533	The OPENSSL_NO_ENGINE has small problem: it changes certain structures. That's bad, so let's not check OPENSSL_NO_ENGINE in those places. Fortunately, all the header files where the problem existed include ossl_typ.h, which makes a 'forward declaration' of the ENGINE type.	2003-01-30 18:52:46 +00:00
Richard Levitte	0b13e9f055	Add the possibility to build without the ENGINE framework. PR: 287	2003-01-30 17:39:26 +00:00
Geoff Thorpe	0e4aa0d2d2	As with RSA, which was modified recently, this change makes it possible to override key-generation implementations by placing handlers in the methods for DSA and DH. Also, parameter generation for DSA and DH is possible by another new handler for each method.	2003-01-15 02:01:55 +00:00
Richard Levitte	0edad88a31	make update	2002-12-09 02:19:27 +00:00

1 2 3 4

161 Commits