Commit Graph

2750 Commits

Author SHA1 Message Date
Richard Levitte
67d93e6f49 Make sure to print the BN counting (BN_COUNT) to stderr instead of
stdout.  bc gets so confused by bean counts.
2000-11-16 22:42:39 +00:00
Richard Levitte
afb83c45e6 Oops, when I clean, I should do it thoroughly. 2000-11-16 22:41:26 +00:00
Richard Levitte
43fcc1b096 I've checked again and again. There really is no need to expand a to
4 times it's size when bn_sqr_recursive() won't look farther than the
original length.  Thereby, constification is no longer a problem.
2000-11-16 21:35:41 +00:00
Richard Levitte
d5695a26a6 /proc/cpuinfo can have several lines containing the word "type". We want the one that is "type", plain and simple. Caught by Raoul Borenius <borenius@shuttle.de> 2000-11-16 18:59:02 +00:00
Geoff Thorpe
8bfc8f934f I have no idea how this comment got there, but it's certainly not
applicable to ENGINE_ctrl()
2000-11-16 00:17:11 +00:00
Geoff Thorpe
ef02b10a16 Many applications that use OpenSSL with ENGINE support might face a
situation where they've initialised the ENGINE, loaded keys (which are then
linked to that ENGINE), and performed other checks (such as verifying
certificate chains etc). At that point, if the application goes
multi-threaded or multi-process it creates problems for any ENGINE
implementations that are either not thread/process safe or that perform
optimally when they do not have to perform locking and other contention
management tasks at "run-time".

This defines a new ENGINE_ctrl() command that can be supported by engines
at their discretion. If ENGINE_ctrl(..., ENGINE_CTRL_HUP,...) returns an
error then the caller should check if the *_R_COMMAND_NOT_IMPLEMENTED error
reason was set - it may just be that the engine doesn't support or need the
HUP command, or it could be that the attempted reinitialisation failed. A
crude alternative is to ignore the return value from ENGINE_ctrl() (and
clear any errors with ERR_clear_error()) and perform a test operation
immediately after the "HUP". Very crude indeed.

ENGINEs can support this command to close and reopen connections, files,
handles, or whatever as an alternative to run-time locking when such things
would otherwise be needed. In such a case, it's advisable for the engine
implementations to support locking by default but disable it after the
arrival of a HUP command, or any other indication by the application that
locking is not required. NB: This command exists to allow an ENGINE to
reinitialise without the ENGINE's functional reference count having to sink
down to zero and back up - which is what is normally required for the
finish() and init() handlers to get invoked. It would also be a bad idea
for engine_lib to catch this command itself and interpret it by calling the
engine's init() and finish() handlers directly, because reinitialisation
may need special handling on a case-by-case basis that is distinct from a
finish/init pair - eg. calling a finish() handler may invalidate the state
stored inside individual keys that have already loaded for this engine.
2000-11-16 00:15:50 +00:00
Lutz Jänicke
803e4e93d4 Fill in missing information about the string returned from
SSL_CIPHER_description(), as there is no other API function to find
out details about the cipher used besides the number of bits or protocol used.
2000-11-15 18:42:41 +00:00
Ulf Möller
60b8607727 ignore 2000-11-14 19:18:31 +00:00
Richard Levitte
159564ae9f Modify () to (void), since that's what is actually defined in the
engine structure, and some ANSI C compilers will complain otherwise.
2000-11-14 15:33:06 +00:00
Richard Levitte
cd1bf28e2c Two OCSP functions that aren't yet implemented. 2000-11-14 13:50:42 +00:00
Richard Levitte
74e10aa58b make update 2000-11-14 13:39:38 +00:00
Richard Levitte
5f524accc1 Get the Rijndael function declarations. 2000-11-14 13:24:06 +00:00
Richard Levitte
451e60e99f Detect and mark functions that no longer exist. 2000-11-14 13:20:10 +00:00
Lutz Jänicke
89c16ab53e Some platforms (namely HP-UX) require the 'x' bit set for shared libraries.
For performance reasons, it is also recommended to make the (mmap'ed)
shared library 'read-only'.
-> New permissions for installed shared libraries = 555

This doesn't hurt anybody, provided the installation is performed with
'cp -f' :-)
2000-11-14 11:05:10 +00:00
Richard Levitte
820aaa5fc5 Typo, was "time" instead of "tim".
Caught by Jeffrey Altman <jaltman@columbia.edu>
2000-11-14 10:52:16 +00:00
Richard Levitte
993ea851f5 Add Rijndael as things to look through. 2000-11-14 10:51:00 +00:00
Lutz Jänicke
305db17b5f HP-UX shared libraries do not build any longer, as EX_LIBS contains
"-Wl,+s" instead of +s:
* Hardcoded necessary references to -ldld/-ldl into the build rules and
  removed EX_LIBS.

HP-UX records the pathnames of dependent libraries when the shared libs
are built, so that ./libcrypto.sl... is recorded in libssl.sl..., with
"./" not being resolvable when running an application linked against -lssl:
* Build libssl without explicit reference to libcrypto, applications will
  be linked with "-lssl -lcrypto" anyway.

Document these informations in Makefile.org.
2000-11-13 14:40:07 +00:00
Ulf Möller
6a8ba34f9d in some new file names the first 8 characters were not unique 2000-11-12 22:32:18 +00:00
Richard Levitte
f777408fc5 For a long time, I've wanted to be able to easily run one or a few
individual tests.  I finally got myself to implement it...
2000-11-12 20:24:30 +00:00
Bodo Möller
2984b0ae24 Additional explanations for SSL_ERROR_WANT_READ/WRITE. 2000-11-12 19:17:22 +00:00
Richard Levitte
3d6001f7b9 Enhance granularity on what I want to debug for the moment by changing
LEVITTE_DEBUG to LEVITTE_DEBUG_MEM.
2000-11-12 18:25:30 +00:00
Richard Levitte
f6a8898fc3 Update my own debugging configuration entry 2000-11-12 16:20:40 +00:00
Ben Laurie
757e392d4e Make Rijndael work! Those long flights have some good points. 2000-11-12 02:13:38 +00:00
Ben Laurie
2f9f0c72de Make this stuff compile. 2000-11-12 02:11:13 +00:00
Bodo Möller
cb4ae6c0d3 Point to SSL_set_bio(3) early because that manpage provides
information that is essential for using BIO pairs.
2000-11-10 07:50:18 +00:00
Bodo Möller
359fd02fec add missing word 2000-11-10 07:46:11 +00:00
Bodo Möller
e1a8ac495b tmp2 is not used in BN_mod_mul_montgomery. 2000-11-09 16:39:01 +00:00
Richard Levitte
0b5806b5f5 Really stupid glitch (a comment not properly ended) fixed. 2000-11-08 18:10:35 +00:00
Richard Levitte
ccb9643f02 Remove references to RSAref. The glue library is but a memory to fade
away now...
2000-11-08 17:51:37 +00:00
Bodo Möller
7f7b8d6871 BN_CTX-related fixes. 2000-11-08 10:05:34 +00:00
Richard Levitte
bb7e632aef Constification of LHASH. Contributed by "Paul D. Smith" <psmith@gnu.org>
I didn't apply all his patches yet, since I have some hesitance about
unconstifying.  To be pondered.
2000-11-07 23:43:21 +00:00
Richard Levitte
55d892e373 Document that the Nuron hardware has been added and remove the
requirement for an engine utility since we now have that.
2000-11-07 14:31:53 +00:00
Richard Levitte
f971ccb264 Constify DH-related code. 2000-11-07 14:30:37 +00:00
Richard Levitte
a4aba800d9 Constify DSA-related code. 2000-11-07 13:54:39 +00:00
Richard Levitte
669cefdd35 Make sure ERR_get_error() is declared. 2000-11-07 13:53:21 +00:00
Richard Levitte
7be7c2eda5 A few more constifications of some RSA routines that I forgot
yesterday.
2000-11-07 13:49:46 +00:00
Richard Levitte
8de2910b5c Lutz tells me HP cc uses the same syntax for flags that should be
passed down to ld as GNU cc.
2000-11-07 13:23:16 +00:00
Richard Levitte
74489a3668 When ENGINE_by_id() couldn't find the given engine id, it generates an
error.  When checking like engine_add() is, those errors are actually
good, so remove them.
2000-11-07 13:21:09 +00:00
Richard Levitte
e06433d9ba shl_load() also needs to load along a path given through an
environment variable, SHLIB_PATH.  This change makes that possible.
2000-11-07 11:25:26 +00:00
Bodo Möller
e0bf5c11ea Handle BN_copy failure after successful BN_new. 2000-11-07 09:39:51 +00:00
Bodo Möller
58f0f52e67 handle the case when BN_new returns NULL 2000-11-07 09:35:19 +00:00
Richard Levitte
55b3c877c7 Document recent constifications. 2000-11-06 23:29:52 +00:00
Richard Levitte
bbbc96a87e Constification of CRYPTO_get_ex_data() needed for the sake of
RSA_get_ext_data().
2000-11-06 23:24:59 +00:00
Richard Levitte
5e4ca4220e The consequence of constification is that to pass the address to a
pointer to a const double pointe parameter, the pointer must point to
const data as well.
2000-11-06 23:16:04 +00:00
Richard Levitte
e5828cd46f Constify the RSAref glue code. 2000-11-06 23:15:03 +00:00
Richard Levitte
7081f3bd89 Constify the RSA parts of the ASN.1 library. Note some ugly casts
that are needed in the ASN.1 macros.  Hopefully, we can get rid of
those in an elegant way in the future.
2000-11-06 23:04:15 +00:00
Richard Levitte
0413ba429c Constify the RSA library. 2000-11-06 22:49:05 +00:00
Richard Levitte
29c1f0615b Constify the RSA library. 2000-11-06 22:34:17 +00:00
Richard Levitte
10e473e930 As a consequence of the BIGNUM constification, the ENGINE code needs a
few small constifying changes, and why not throw in a couple of extras
while I'm at it?
2000-11-06 22:15:50 +00:00
Richard Levitte
e7ef1a561a Make all engines available in the openssl application. 2000-11-06 22:03:00 +00:00