| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
of unneeded includes of openssl/engine.h.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
bad, so let's not check OPENSSL_NO_ENGINE in those places. Fortunately, all
the header files where the problem existed include ossl_typ.h, which makes
a 'forward declaration' of the ENGINE type.
|
| |
|
|
| |
PR: 287
|
| |
|
|
|
|
| |
override key-generation implementations by placing handlers in the methods
for DSA and DH. Also, parameter generation for DSA and DH is possible by
another new handler for each method.
|
| | |
|
| |
|
|
|
|
|
|
| |
- a patch to fix a memory leak in rsa_gen.c
- a note about compiler warnings with unions
- a note about improving structure element names
This applies his patch and implements a solution to the notes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
key-generation and prime-checking functions. Rather than explicitly passing
callback functions and caller-defined context data for the callbacks, a new
structure BN_GENCB is defined that encapsulates this; a pointer to the
structure is passed to all such functions instead.
This wrapper structure allows the encapsulation of "old" and "new" style
callbacks - "new" callbacks return a boolean result on the understanding
that returning FALSE should terminate keygen/primality processing. The
BN_GENCB abstraction will allow future callback modifications without
needing to break binary compatibility nor change the API function
prototypes. The new API functions have been given names ending in "_ex" and
the old functions are implemented as wrappers to the new ones. The
OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined,
declaration of the older functions will be skipped. NB: Some
openssl-internal code will stick with the older callbacks for now, so
appropriate "#undef" logic will be put in place - this is in case the user
is *building* openssl (rather than *including* its headers) with this
symbol defined.
There is another change in the new _ex functions; the key-generation
functions do not return key structures but operate on structures passed by
the caller, the return value is a boolean. This will allow for a smoother
transition to having key-generation as "virtual function" in the various
***_METHOD tables.
|
| |
|
|
| |
always give the expected result on some platforms.
|
| |
|
|
|
|
|
| |
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
|
| | |
|
| | |
|
| |
|
|
|
| |
handled properly.
Part of PR 75
|
| | |
|
| |
|
|
|
|
|
|
| |
enc == -1
[Reported by Markus Friedl <markus@openbsd.org>]
Fix typo in dh_lib.c (use of DSAerr instead of DHerr).
|
| |
|
|
| |
functional reference in all cases.
|
| |
|
|
|
| |
is really a long, to avoid problems on platforms where
sizeof(int) != sizeof(long).
|
| |
|
|
| |
Submitted by: Nils Larsch <nla@trustcenter.de>
|
| | |
|
| |
|
|
| |
perl util/mkerr.pl -recurse -write -rebuild
|
| | |
|
| |
|
|
| |
types.h to ossl_typ.h.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGINE. Previously their use of
"method" pointers was replaced by use of ENGINE references. See
crypto/engine/README for details.
Also, remove the ENGINE iterations from evp_test - even when the
cipher/digest code is committed in, this functionality would require a
different set of API calls.
|
| |
|
|
|
|
| |
declaration and implementation had not. So a recent update recreated the
original definition in libeay.num ... this corrects it and changes the "dh"
code to the "up_ref" variant.
|
| |
|
|
|
|
|
|
|
|
|
| |
See the commit log message for that for more information.
NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
|
| |
|
|
|
|
|
| |
dependant code has to directly increment the "references" value of each
such structure using the corresponding lock. Apart from code duplication,
this provided no "REF_CHECK/REF_PRINT" checking and violated
encapsulation.
|
| |
|
|
|
|
|
|
| |
setting stack (actually, array) values in ex_data. So only increment the
global counters if the underlying CRYPTO_get_ex_new_index() call succeeds.
This change doesn't make "ex_data" right (see the comment at the head of
ex_data.c to know why), but at least makes the source code marginally less
frustrating.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
circumstances.
|
| |
|
|
| |
or bogus DH parameters can be used for launching DOS attacks
|
| | |
|
| |
|
|
|
| |
count of the ENGINE is x is not NULL since it will be freed
in {RSA,DSA,DH}_free().
|
| | |
|
| | |
|
| |
|
|
| |
ENGINE code does not return a default, set an error.
|
| |
|
|
|
|
| |
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
|
| |
|
|
| |
Incease the number of BIGNUMs in a BN_CTX.
|
| |
|
|
|
|
| |
prototype hack. This unfortunately means that
every ASN1_*_END construct cannot have a
trailing ;
|
| |
|
|
|
|
|
|
| |
and make all files the depend on it include it without prefixing it
with openssl/.
This means that all Makefiles will have $(TOP) as one of the include
directories.
|
| | |
|
| |
|
|
|
|
|
| |
missed any.
This compiles and runs on Linux, and external applications have no
problems with it. The definite test will be to build this on VMS.
|
