| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
This removes the fips configure option. This option is broken as the
required FIPS code is not available.
FIPS_mode() and FIPS_mode_set() are retained for compatibility, but
FIPS_mode() always returns 0, and FIPS_mode_set() can only be used to
turn FIPS mode off.
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #1330
|
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
|
|
|
|
|
|
|
|
| |
There is a preference for suffixes to indicate that a function is internal
rather than prefixes. Note: the suffix is only required to disambiguate
internal functions and public symbols with the same name (but different
case)
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
|
| |
There was a lot of naming inconsistency, so we try and standardise on
one form.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
| |
Misc fixes for no-ocsp
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
|
| |
Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe to include the header file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
|
| |
Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
| |
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
|
|
|
|
|
|
| |
This builds on the previous commit to auto initialise/deinitialise
libcrypto.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
| |
Remove redundant ecdh.h header and any references to it.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
| |
Add ASYNCerr support to give some meaningful error message in the event of
a failure.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
|
|
|
|
| |
Suggested by John Foley <foleyj@cisco.com>.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following compile options (#ifdef's) are removed:
OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY
OPENSSL_NO_EVP OPENSSL_NO_FIPS_ERR OPENSSL_NO_HASH_COMP
OPENSSL_NO_LHASH OPENSSL_NO_OBJECT OPENSSL_NO_SPEED OPENSSL_NO_STACK
OPENSSL_NO_X509 OPENSSL_NO_X509_VERIFY
This diff is big because of updating the indents on preprocessor lines.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
library dependencies.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Initial support for CMS.
Add zlib compression BIO.
Add AES key wrap implementation.
Generalize S/MIME MIME code to support CMS and/or PKCS7.
|
| |
|
|
|
|
|
|
|
| |
and response verification.
Submitted by: Zoltan Glozik <zglozik@opentsa.org>
Reviewed by: Ulf Moeller
|
|
|
|
|
|
|
|
|
| |
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
|
|
|
|
| |
PR: 287
|
|
|
|
| |
Submitted by: Nils Larsch
|
| |
|
|
|
|
| |
example)
|
|
|
|
|
| |
Change mkerr.pl so that it puts the ERR_load_..._strings()
prototype in header files that it writes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Set correct type in ASN1_STRING for
INTEGER and ENUMERATED types.
Make ASN1_INTEGER_get() and ASN1_ENUMERATED_get()
return -1 for invalid type rather than 0 (which is
often valid). -1 may also be valid but this is less
likely.
Load OCSP error strings in ERR_load_crypto_strings().
|
|
|
|
| |
away now...
|
|
|
|
| |
At the same time, add VMS support for Rijndael.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
variety of platforms. A few are missing, and they will be added in
eventually, but as this is new stuff, it was better to not break lots of
platforms in one go that we can't easily test. The changes to "Configure"
should illustrate how to add support to other systems if you feel like
having a go.
NB: I'll add something shortly to allow you to add "dlfcn.h" support on
those platforms that don't have (or need) a dlfcn.h header file. (The
symbol for Configure will probably by "dlfcn_no_h").
Thanks to Richard Levitte, who is responsible for the dso_dl.c support,
understanding the trickier aspects of the build process, and giving great
feedback on everything else.
[Don't use this stuff if you're easily offended by changes to the
interface or behaviour - it's still work in progress.]
PR:
|
| |
|