| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.
Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.
Originally-by: Geoff Thorpe <geoff@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following compile options (#ifdef's) are removed:
OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY
OPENSSL_NO_EVP OPENSSL_NO_FIPS_ERR OPENSSL_NO_HASH_COMP
OPENSSL_NO_LHASH OPENSSL_NO_OBJECT OPENSSL_NO_SPEED OPENSSL_NO_STACK
OPENSSL_NO_X509 OPENSSL_NO_X509_VERIFY
This diff is big because of updating the indents on preprocessor lines.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
|
|
|
|
|
|
| |
OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160
OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO
Two typo's on #endif comments fixed:
OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB
OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
| |
Introduce use of DECLARE_DEPRECATED
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
| |
that use it.
|
|
|
|
| |
library dependencies.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).
Thanks to Bodo, for invaluable review and feedback.
|
|
|
|
| |
version some time soon.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed
version was added but it required portable code to check *both* modes to
determine equality. This commit maintains the availability of both thread
ID types, but deprecates the type-specific accessor APIs that invoke the
callbacks - instead a single type-independent API is used. This simplifies
software that calls into this interface, and should also make it less
error-prone - as forgetting to call and compare *both* thread ID accessors
could have led to hard-to-debug/infrequent bugs (that might only affect
certain platforms or thread implementations). As the CHANGES note says,
there were corresponding deprecations and replacements in the
thread-related functions for BN_BLINDING and ERR too.
|
|
|
|
|
|
|
|
|
|
| |
Initial support for CMS.
Add zlib compression BIO.
Add AES key wrap implementation.
Generalize S/MIME MIME code to support CMS and/or PKCS7.
|
| |
|
|
|
|
|
|
| |
CRYPTO_get_idptr_callback(), CRYPTO_thread_idptr() for a 'void *' type
thread ID, since the 'unsigned long' type of the existing thread ID
does not always work well.
|
|
|
|
|
|
|
| |
and response verification.
Submitted by: Zoltan Glozik <zglozik@opentsa.org>
Reviewed by: Ulf Moeller
|
|
|
|
|
|
|
|
|
| |
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
|
|
|
|
|
|
| |
Unfortunately, this means that the dynamic ENGINE version just went up, and
isn't backward compatible.
PR: 678
|
|
|
|
| |
the next mark.
|
|
|
|
| |
crypto/store/README, crypto/store/store.h and crypto/store/str_locl.h.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Additional changes:
- use EC_GROUP_get_degree() in apps/req.c
- add ECDSA and ECDH to apps/speed.c
- adds support for EC curves over binary fields to ECDSA
- new function EC_KEY_up_ref() in crypto/ec/ec_key.c
- reorganize crypto/ecdsa/ecdsatest.c
- add engine support for ECDH
- fix a few bugs in ECDSA engine support
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
|
|
|
|
| |
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
|
| |
|
| |
|
|
|
|
| |
Submitted by: Nils Larsch <nla@trustcenter.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ERR_peek_last_error
ERR_peek_last_error_line
ERR_peek_last_error_line_data
(supersedes ERR_peek_top_error).
Rename OPENSSL_NO_OLD_DES_SUPPORT into OPENSSL_DISABLE_OLD_DES_SUPPORT
because OPENSSL_NO_... indicates disabled algorithms (according to
mkdef.pl).
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
"ERR_load_strings" function.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
error strings and a hash table storing per-thread error state) go via an
ERR_FNS function table. The first time an ERR operation occurs, the
implementation that will be used (from then on) is set to the internal
"defaults" implementation if it has not already been set. The actual LHASH
tables are only accessed by this implementation.
This is primarily for modules that can be loaded at run-time and bound into
an application (or a shared-library version of OpenSSL). If the module has
its own statically-linked copy of OpenSSL code - this mechanism allows it
to *not* create and use ERR information in its own linked "ERR" code, but
instead to use and interact with the state stored in the loader
(application or shared library). The loader calls ERR_get_implementation()
and the return value is what the module should use when calling its own
copy of ERR_set_implementation().
|
|
|
|
| |
errors through an arbitrary function.
|
|
|
|
|
|
|
| |
like des_read_password and friends (backward compatibility functions
using this new API are provided). The purpose is to remove prompting
functions from the DES code section as well as provide for prompting
through dialog boxes in a window system and the like.
|
|
|
|
|
|
| |
(It cannot possibly help to avoid duplicate 'name of file' strings
in object files because the preprocessor does not work at object file
level.)
|
| |
|
|
|
|
|
|
|
| |
Add EC vaporware: change relevant Makefiles and add some empty source
files.
"make update".
|
|
|
|
|
|
|
|
|
|
|
|
| |
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
|
| |
|
|
|
|
| |
At the same time, add VMS support for Rijndael.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
was a really bad idea. For example, the following:
#include <x509.h>
#include <bio.h>
#include <asn1.h>
would make sure that things like ASN1_UTCTIME_print() wasn't defined
unless you moved the inclusion of bio.h to above the inclusion of
x509.h. The reason is that x509.h includes asn1.h, and the
declaration of ASN1_UTCTIME_print() depended on the definition of
HEADER_BIO_H. That's what I call an obscure bug.
Instead, this change makes sure that whatever header files are needed
for the correct process of one header file are included automagically,
and that the definitions of, for example, BIO-related things are
dependent on the absence of the NO_{foo} macros. This is also
consistent with the way parts of OpenSSL can be excluded at will.
|
|
|
|
| |
needed, or size_t won't be defined on SunOS 4.1.4.
|
|
|
|
|
|
| |
"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order. Thusly fixed.
|
|
|
|
| |
for it).
|
| |
|