Commit Graph

496 Commits

Author SHA1 Message Date
Richard Levitte
e8461ee1d1 Simplify the specification of include dirs in the build dir
In build.info files, make the include directory in the build directory
absolute, or Configure will think it should be added to the source
directory top.  Configure will turn it into a relative path if
possible.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 05:09:39 +01:00
Matt Caswell
7b9f8f7f03 Auto init/deinit libcrypto
This builds on the previous commit to auto initialise/deinitialise
libcrypto.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-09 15:11:38 +00:00
Richard Levitte
c86ddbe613 Enhance and clear the support of linker flags
Some time ago, we had a ex_libs configuration setting that could be
divided into lflags and ex_libs.  These got divided in two settings,
lflags and ex_libs, and the former was interpreted to be general
linking flags.

Unfortunately, that conclusion wasn't entirely accurate.  Most of
those linking were meant to end up in a very precise position on the
linking command line, just before the spec of libraries the linking
depends on.

Back to the drawing board, we're diving things further, now having
lflags, which are linking flags that aren't depending on command line
position, plib_lflags, which are linking flags that should show up just
before the spec of libraries to depend on, and finally ex_libs, which
is the spec of extra libraries to depend on.

Also, documentation is changed in Configurations/README.  This was
previously forgotten.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-02-06 17:57:19 +01:00
Richard Levitte
777a288270 unified build scheme: add build.info files
Now that we have the foundation for the "unified" build scheme in
place, we add build.info files.  They have been generated from the
Makefiles in the same directories.  Things that are platform specific
will appear in later commits.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-02-01 12:46:58 +01:00
Rich Salz
ced2c2c598 Templatize util/domd
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-29 16:56:07 -05:00
Richard Levitte
1740c16265 Configure et al: split up the lflags configuration item into two
The lflags configuration had a weird syntax with a % as separator.  If
it was present, whatever came before ended up as PEX_LIBS in Makefile
(usually, this is LDFLAGS), while whatever came after ended up as
EX_LIBS.

This change splits that item into lflags and ex_libs, making their use
more explicit.

Also, PEX_LIBS in all the Makefiles are renamed to LDFLAGS.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-29 18:36:57 +01:00
Rich Salz
349807608f Remove /* foo.c */ comments
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-26 16:40:43 -05:00
Richard Levitte
05e4e63366 Small Makefile.in cleanup
engines_obj changed name to padlock_obj in Configure.  We need to do
the corresponding ENGINES_ASM_OBJ -> PADLOCK_ASM_OBJ in appropriate
Makefile.ins.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-25 22:23:42 +01:00
Rich Salz
56c77c52e1 Remove update tags
Also remove depend/local_depend.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-20 09:09:14 -05:00
Matt Caswell
a8eda4312d Remove the GOST engine
The GOST engine is now out of date and is removed by this commit. An up
to date GOST engine is now being maintained in an external repository.

See:
https://wiki.openssl.org/index.php/Binaries

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-19 22:29:32 +00:00
Rich Salz
ee6d9f4eb6 Remove some old makefile targets
Remove lint, tags, dclean, tests.
This is prep for a new makedepend scheme.
This is temporary pending unified makefile, and might help it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-17 14:47:32 -05:00
Dr. Stephen Henson
25be7a0fea free up gost ciphers
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-15 22:38:09 +00:00
Rich Salz
d10dac1187 Move Makefiles to Makefile.in
Create Makefile's from Makefile.in
Rename Makefile.org to Makefile.in
Rename Makefiles to Makefile.in
Address review feedback from Viktor and Richard

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-12 16:26:56 -05:00
Richard Levitte
ff4b7fafb3 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-12 13:58:29 +01:00
Richard Levitte
39e8d0ce73 Adapt all engines that need it to opaque EVP_CIPHER
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-12 13:52:22 +01:00
Richard Levitte
936166aff2 Adapt cipher implementations to opaque EVP_CIPHER_CTX
Note: there's a larger number of implementations in crypto/evp/ that
aren't affected because they include evp_locl.h.  They will be handled
in a separate commit.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-12 13:52:22 +01:00
Rich Salz
bbd86bf542 mem functions cleanup
Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this.
If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery.
        (Thanks to Jakob Bohm for the suggestion!)
Make the "change wrapper functions" be the only paradigm.
Wrote documentation!
Format the 'set func' functions so their paramlists are legible.
Format some multi-line comments.
Remove ability to get/set the "memory debug" functions at runtme.
Remove MemCheck_* and CRYPTO_malloc_debug_init macros.
Add CRYPTO_mem_debug(int flag) function.
Add test/memleaktest.
Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 15:14:18 -05:00
Richard Levitte
31384753c7 Remove the "eay" c-file-style indicators
Since we don't use the eay style any more, there's no point tryint to
tell emacs to use it.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-18 13:08:40 +01:00
Rich Salz
7644a9aef8 Rename some BUF_xxx to OPENSSL_xxx
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-16 16:14:49 -05:00
Rich Salz
2ab9687479 Remove GMP engine.
Reviewed-by: Ben Laurie <ben@openssl.org>
2015-12-15 07:59:56 -05:00
Dr. Stephen Henson
3c4e064e78 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
62690c6acf remove ecdsa.h header references.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Richard Levitte
cddcea8c4b Adapt all engines that add new EVP_MDs
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00
Richard Levitte
6e59a892db Adjust all accesses to EVP_MD_CTX to use accessor functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00
Dr. Stephen Henson
19c6d3ea2d Remove RSA_FLAG_SIGN_VER flag.
Remove RSA_FLAG_SIGN_VER: this was origininally used to retain binary
compatibility after RSA_METHOD was extended to include rsa_sign and
rsa_verify fields. It is no longer needed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-02 18:23:29 +00:00
Dr. Stephen Henson
7f572e958b Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.

Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.

Remove now obsolete EVP_dss1() and EVP_ecdsa().

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-02 17:52:01 +00:00
Kurt Roeckx
652d4a8c83 Update dasync to use size_t for the sha1 update
Reviewed-by: Matt Caswell <matt@openssl.org>

MR #1350
2015-11-22 10:38:56 +01:00
Matt Caswell
46a283c01c Rename some daysnc functions for consistency
For some reason the dasync sha1 functions did not start with the
dasync prefix like all of the other functions do. Changed for
consistency.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-11-20 23:35:19 +00:00
Matt Caswell
f4da39d200 Initial Async notify code changes
Initial API implemented for notifying applications that an ASYNC_JOB
has completed. Currently only s_server is using this. The Dummy Async
engine "cheats" in that it notifies that it has completed *before* it
pauses the job. A normal async engine would not do that.

Only the posix version of this has been implemented so far, so it will
probably fail to compile on Windows at the moment.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-11-20 23:33:46 +00:00
Matt Caswell
a14e9ff713 Add the Dummy Async engine (dasync)
This engine is for developers of async aware applications. It simulates
asynchronous activity with external hardware. This initial version supports
SHA1 and RSA. Certain operations using those algorithms have async job
"pauses" in them - using the new libcrypto async capability.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-11-20 23:31:42 +00:00
Matt Caswell
55646005a9 Continue malloc standardisation in engines
Continuing from previous work standardise use of malloc in the engine code.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-11-09 22:48:41 +00:00
Rich Salz
b0700d2c8d Replace "SSLeay" in API with OpenSSL
All instances of SSLeay (any combination of case) were replaced with
the case-equivalent OpenSSL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-10-30 17:21:42 -04:00
Matt Caswell
8b7080b0b7 Remove Obsolete engines
There are a number of engines in the OpenSSL source code which are now
obsolete. The following engines have been removed: 4758cca, aep, atalla,
cswift, nuron, sureware.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-10-15 17:02:06 +01:00
Andy Polyakov
57ebe74831 engine/e_capi.c: fix various warnings.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-29 18:06:06 +02:00
Andy Polyakov
16a9542a17 Fix prototypes in e_ossttest.c.
Problem was exposed in mingw64 build, or in other words on P64 platform.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-29 18:05:29 +02:00
Andy Polyakov
8be7438f16 Rationalize .gitignore and harmonize pair of Makefiles.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-29 18:02:35 +02:00
Matt Caswell
51a6081719 Change ossltest engine to manually allocate cipher_data
The ossltest engine wraps the built-in implementation of aes128-cbc.
Normally in an engine the cipher_data structure is automatically allocated
by the EVP layer. However this relies on the engine specifying up front
the size of that cipher_data structure. In the case of ossltest this value
isn't available at compile time. This change makes the ossltest engine
allocate its own cipher_data structure instead of leaving it to the EVP
layer.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-09-25 15:13:57 +01:00
Rich Salz
64b25758ed remove 0 assignments.
After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-03 16:26:34 -04:00
Rich Salz
b51bce9420 Add and use OPENSSL_zalloc
There are many places (nearly 50) where we malloc and then memset.
Add an OPENSSL_zalloc routine to encapsulate that.
(Missed one conversion; thanks Richard)
Also fixes GH328

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-09-02 22:05:37 -04:00
Rich Salz
22dc08d00a BN_bin2bn handle leading zero's
If a binary sequence is all zero's, call BN_zero.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-26 07:00:43 -04:00
Rich Salz
ade44dcb16 Remove Gost94 signature algorithm.
This was obsolete in 2001.  This is not the same as Gost94 digest.
Thanks to Dmitry Belyavsky <beldmit@gmail.com> for review and advice.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-11 18:23:29 -04:00
Matt Caswell
6142f5c640 make update
Run a "make update" for the OSSLTest Engine changes

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-08-11 20:27:46 +01:00
Richard Levitte
c0cbb4c19b Use dynamic engine for libssl test harness
Use a dynamic engine for ossltest engine so that we can build it without
subsequently deploying it during install. We do not want people accidentally
using this engine.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-11 20:27:46 +01:00
Matt Caswell
2d5d70b155 Add OSSLTest Engine
This engine is for testing purposes only. It provides crippled crypto
implementations and therefore must not be used in any instance where
security is required.

This will be used by the forthcoming libssl test harness which will operate
as a man-in-the-middle proxy. The test harness will be able to modify
TLS packets and read their contents. By using this test engine packets are
not encrypted and MAC codes always verify.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-08-11 20:27:46 +01:00
Matt Caswell
90e7cdff3a Fix error check in GOST engine
The return value of i2d functions can be negative if an error occurs.
Therefore don't assign the return value to an unsigned type and *then*
check if it is negative.

RT#3862

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-26 10:35:22 +01:00
Richard Levitte
8b822d2566 Fix update and depend in engines/
The update: target in engines/ didn't recurse into engines/ccgost.
The update: and depend: targets in engines/ccgost needed a fixup.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-23 06:33:41 +02:00
Richard Levitte
0f539dc1a2 Fix the update target and remove duplicate file updates
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in.  This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.

This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-22 18:44:33 +02:00
Rich Salz
75ebbd9aa4 Use p==NULL not !p (in if statements, mainly)
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-11 10:06:38 -04:00
Rich Salz
86885c2895 Use "==0" instead of "!strcmp" etc
For the various string-compare routines (strcmp, strcasecmp, str.*cmp)
use "strcmp()==0" instead of "!strcmp()"

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-06 22:37:53 -04:00
Rich Salz
16f8d4ebf0 memset, memcpy, sizeof consistency fixes
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr)
for memset and memcpy.  Remove needless casts for those functions.
For memset, replace alternative forms of zero with 0.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-05 22:18:59 -04:00
Rich Salz
b4faea50c3 Use safer sizeof variant in malloc
For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-04 15:00:13 -04:00
Richard Levitte
31ff45aa97 Remove obsolete make variables
ONEDIRS, EDIRS and WDIRS aren't used anywhere.  Most probably remains
from a build system of the past, it's time they get put to rest.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-02 21:51:45 +02:00
Rich Salz
25aaa98aa2 free NULL cleanup -- coda
After the finale, the "real" final part. :)  Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-01 14:37:16 -04:00
Rich Salz
efa7dd6444 free NULL cleanup 11
Don't check for NULL before calling free functions. This gets:
        ERR_STATE_free
        ENGINE_free
        DSO_free
        CMAC_CTX_free
        COMP_CTX_free
        CONF_free
        NCONF_free NCONF_free_data _CONF_free_data
        A sk_free use within OBJ_sigid_free
        TS_TST_INFO_free (rest of TS_ API was okay)
        Doc update for UI_free (all uses were fine)
        X509V3_conf_free
        X509V3_section_free
        X509V3_string_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:15:18 -04:00
Rich Salz
b548a1f11c free null cleanup finale
Don't check for NULL before calling OPENSSL_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:02:07 -04:00
Rich Salz
23a1d5e97c free NULL cleanup 7
This gets BN_.*free:
    BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free
    BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free

Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd
dead code in engines/e_ubsec.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 21:37:06 -04:00
Rich Salz
4b45c6e52b free cleanup almost the finale
Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
        CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 17:57:32 -04:00
Rich Salz
b196e7d936 remove malloc casts
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 15:28:14 -04:00
Viktor Dukhovni
61986d32f3 Code style: space after 'if'
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-16 13:44:59 -04:00
Emilia Kasper
6824941440 Initialize variable
newsig may be used (freed) uninitialized on a malloc error.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-15 14:19:12 +02:00
Richard Levitte
a80e33b991 Remove EXHEADER, TEST, APPS, links:, install: and uninstall: where relevant
With no more symlinks, there's no need for those variables, or the links
target.  This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.

Also, removed METHTEST from test/Makefile.  It looks like an old test that's
forgotten...

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Richard Levitte
dee502be89 Stop symlinking, move files to intended directory
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.

Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.

Originally-by: Geoff Thorpe <geoff@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Richard Levitte
06affe3dac Initialised 'ok' and redo the logic.
The logic with how 'ok' was calculated didn't quite convey what's "ok",
so the logic is slightly redone to make it less confusing.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-03-30 05:31:58 +02:00
Rich Salz
c5ba2d9904 free NULL cleanup
EVP_.*free; this gets:
        EVP_CIPHER_CTX_free EVP_PKEY_CTX_free EVP_PKEY_asn1_free
        EVP_PKEY_asn1_set_free EVP_PKEY_free EVP_PKEY_free_it
        EVP_PKEY_meth_free; and also EVP_CIPHER_CTX_cleanup

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-28 10:54:15 -04:00
Rich Salz
8fdc3734c0 free NULL cleanup.
This gets EC_GROUP_clear_free EC_GROUP_free, EC_KEY_free,
EC_POINT_clear_free, EC_POINT_free

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-25 18:35:24 -04:00
Rich Salz
ca3a82c3b3 free NULL cleanup
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free
BIO_free BIO_free_all BIO_vfree

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-25 11:31:18 -04:00
Matt Caswell
8817e2e0c9 Fix return checks in GOST engine
Filled in lots of return value checks that were missing the GOST engine, and
added appropriate error handling.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 12:33:37 +00:00
Matt Caswell
7b611e5fe8 Fix misc NULL derefs in sureware engine
Fix miscellaneous NULL pointer derefs in the sureware engine.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 12:33:31 +00:00
Rich Salz
d64070838e free NULL cleanup
Start ensuring all OpenSSL "free" routines allow NULL, and remove
any if check before calling them.
This gets DH_free, DSA_free, RSA_free

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 23:17:16 -04:00
Dr. Stephen Henson
2e43027757 make ASN1_OBJECT opaque
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 17:35:58 +00:00
Edgar Pek
bcfa19a8d1 Fix null-pointer dereference
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-22 13:20:10 +01:00
Richard Levitte
774ccae63c Transfer a fix from 1.0.1
manually picked from e7b85bc402
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-02-13 13:39:05 +01:00
Rich Salz
fbf08b79ff Remove X509_PAIR
Unused type; a pair X509 certificates. Intended for LDAP support.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-06 10:55:31 -05:00
Rich Salz
6f91b017bb Live code cleanup: remove #if 1 stuff
For code bracketed by "#if 1" then remove the alternate
"#else .. #endif" lines.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-02-06 10:54:20 -05:00
Ben Laurie
4de8385796 Build correctly for me on FreeBSD 10.
Reviewed-by: Rich Salz

Don't debug.
2015-01-30 22:23:17 +00:00
Rich Salz
d6fbb19409 Dead code removal #if 0 engines
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-30 13:24:35 -05:00
Richard Levitte
132536f96e VMS adjustments:
catch up with the Unix build.
A number of new tests, among others test/tocsp.com
Define INTERNAL in ssl/ssl-lib.com to allow for '#include "internal/foo.h"'

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-01-30 14:43:57 +01:00
Rich Salz
33fc38ff8e Make output consistency: remove blank line
When you use "-s" in the make flag, you see that engines outputs
a blank line because EDIRS isn't set.  This is a debug echo that
isn't needed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-29 12:09:14 -05:00
Richard Levitte
c6ef15c494 clang on Linux x86_64 complains about unreachable code.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-01-29 01:54:09 +01:00
Rich Salz
474e469bbd OPENSSL_NO_xxx cleanup: SHA
Remove support for SHA0 and DSS0 (they were broken), and remove
the ability to attempt to build without SHA (it didn't work).
For simplicity, remove the option of not building various SHA algorithms;
you could argue that SHA_224/256/384/512 should be kept, since they're
like crypto algorithms, but I decided to go the other way.
So these options are gone:
	GENUINE_DSA         OPENSSL_NO_SHA0
	OPENSSL_NO_SHA      OPENSSL_NO_SHA1
	OPENSSL_NO_SHA224   OPENSSL_NO_SHA256
	OPENSSL_NO_SHA384   OPENSSL_NO_SHA512

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 12:34:45 -05:00
Matt Caswell
35a1cc90bc More comment realignment
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
50e735f9e5 Re-align some comments after running the reformat script.
This should be a one off operation (subsequent invokation of the
script should not move them)

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
68d39f3ce6 Move more comments that confuse indent
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
b853717fc4 Fix strange formatting by indent
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:08 +00:00
Andy Polyakov
aec4b334f0 engines/e_ubsec.c: make it indent-friendly.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:07 +00:00
Matt Caswell
23a22b4cf7 More comments
Conflicts:
	crypto/dsa/dsa_vrf.c
	crypto/ec/ec2_smpl.c
	crypto/ec/ecp_smpl.c

Conflicts:
	demos/bio/saccept.c
	ssl/d1_clnt.c

Conflicts:
	bugs/dggccbug.c
	demos/tunala/cb.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:06 +00:00
Rich Salz
4b618848f9 Cleanup OPENSSL_NO_xxx, part 1
OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160
OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO
Two typo's on #endif comments fixed:
	OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB
	OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-14 15:57:28 -05:00
Dr. Stephen Henson
98b3b116ab For master windows build dsa.h is now needed.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-01-13 15:39:37 +00:00
Rich Salz
fcf64ba0ac RT3548: Remove some unsupported platforms.
This commit removes NCR, Tandem, Cray.
Regenerates TABLE.
Removes another missing BEOS fluff.
The last platform remaining on this ticket is WIN16.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-12 10:40:00 -05:00
Matt Caswell
3a83462dfe Further comment amendments to preserve formatting prior to source reformat
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-06 15:45:25 +00:00
Tim Hudson
1d97c84351 mark all block comments that need format preserving so that
indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-12-30 22:10:26 +00:00
Matt Caswell
ad500fdc49 Rename gost2814789t.c to gost2814789test.c. The old name caused problems
for dummytest if gost is compiled out, since the name of the test is not
standard (dummytest segfaults). Also the old name caused problems for git
because the executable was not in the .gitignore file

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-12-16 14:14:03 +00:00
Matt Caswell
fd0ba77717 make update
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-11 23:52:47 +00:00
Kurt Roeckx
5b17b79a89 capi_ctrl, capi_vtrace: check for NULL after allocating and free it
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-12-10 18:35:18 +01:00
Matt Caswell
29e7a56d54 Disable engines that will fail to build when bn is made opaque
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 21:41:12 +00:00
Emilia Kasper
f50ffd10fa Fix broken build
Add includes missing from commit 33eab3f6af

Reviewed-by: Geoff Thorpe <geoff@openssl.org>
2014-12-05 16:18:20 +01:00
Kurt Roeckx
33eab3f6af Replace GOST_R_MALLOC_FAILURE and GOST_R_NO_MEMORY with ERR_R_MALLOC_FAILURE
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 23:48:44 +01:00
Kurt Roeckx
f6fa7c5347 capi_get_provname: Check return values
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 23:48:44 +01:00
Jonas Maebe
b1a08ac71f capi_get_key: check for NULL after allocating key
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 23:48:44 +01:00
Jonas Maebe
8607322765 capi_cert_get_fname: check for NULL after allocating wfname
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 23:48:44 +01:00
Jonas Maebe
e2140501fd capi_get_provname: free name on error if it was malloc'ed
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 23:48:44 +01:00
Jonas Maebe
0716f9e405 pkey_gost_mac_keygen: check for NULL after allocating keydata
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 23:48:44 +01:00
Jonas Maebe
787e992965 pkey_gost_ctrl: check for NULL after allocating pctx->shared_ukm
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 23:48:43 +01:00
Rich Salz
8cfe08b4ec Remove all .cvsignore files
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-11-28 18:32:43 -05:00
Rich Salz
92c7846372 RT3544: Remove MWERKS support
The following #ifdef tests were all removed:
	__MWERKS__
	MAC_OS_pre_X
	MAC_OS_GUSI_SOURCE
	MAC_OS_pre_X
	OPENSSL_SYS_MACINTOSH_CLASSIC
	OPENSSL_SYS_MACOSX_RHAPSODY

Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-09-24 18:07:29 -04:00
Rich Salz
cb4bb56bae RT3271 update; extra; semi-colon; confuses; some;
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-09-10 15:08:40 -04:00
Rich Salz
843921f298 RT3271: Don't use "if !" in shell lines
For portability don't use "if ! expr"

Reviewed-by: Geoff Thorpe <geoff@openssl.org>
2014-09-09 17:06:14 -04:00
Martin Olsson
1afd7fa97c RT2513: Fix typo's paramter-->parameter
I also found a couple of others (padlock and signinit)
and fixed them.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-08-19 11:09:33 -04:00
Justin Blanchard
f756fb430e RT1815: More const'ness improvements
Add a dozen more const declarations where appropriate.
These are from Justin; while adding his patch, I noticed
ASN1_BIT_STRING_check could be fixed, too.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-08-18 11:49:16 -04:00
Jonas Maebe
defe438d47 pub_decode_gost94, pub_decode_gost01: check for NULL after allocating databuf pub_encode_gost94, pub_encode_gost01: check for NULL after allocating databuf and octet
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-17 18:56:52 +02:00
Rich Salz
f642ebc1e2 Undo a90081576c
Undo unapproved commit that removed DJGPP and WATT32
2014-08-09 08:02:20 -04:00
Rich Salz
a90081576c Remove DJGPP (and therefore WATT32) #ifdef's.
DJGPP is no longer a supported platform.  Remove all #ifdef, etc.,
cases that refer to it.  DJGPP also #define'd WATT32, so that
is now removed as well.
2014-08-08 16:54:14 -04:00
Dr. Stephen Henson
8e55e6de45 Don't call setenv in gost2814789t.c
The call to setenv in gost2814789t.c is not portable and may
not reflect the location of the GOST ENGINE on all platforms anyway.
Instead set OPENSSL_ENGINES in test/Makefile
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
2014-07-24 18:18:54 +01:00
Andy Polyakov
021e5043e5 Please Clang's sanitizer.
PR: #3424,#3423,#3422
2014-07-08 22:24:44 +02:00
Libor Krystek
a5ff18bf90 Add support for SHA2 in CAPI ENGINE.
PR#2706 though patch is from PR#3366.
2014-07-02 00:33:10 +01:00
David Ramos
7e2c6f7eb0 Initialise alg.
PR#3313
2014-06-01 13:04:10 +01:00
Andy Polyakov
ea38f02049 engines/ccgost/gosthash.c: simplify and avoid SEGV.
PR: 3275
2014-03-07 11:02:25 +01:00
Andy Polyakov
96180cac04 engines/ccgost/gost89.h: make word32 defintion unconditional.
Original definition depended on __LONG_MAX__ that is not guaranteed to
be present. As we don't support platforms with int narrower that 32 bits
it's appropriate to make defition inconditional.

PR: 3165
2013-11-08 23:00:35 +01:00
Dr. Stephen Henson
3f9b187bae Fix warning. 2013-11-01 21:41:52 +00:00
Andy Polyakov
e6e29bc4c9 engines/e_aep.c: make it BN_ULONG-size and endian "neutral". 2013-10-28 22:18:48 +01:00
Andy Polyakov
b3ef742cbb Add support for Cygwin-x86_64.
PR: 3110
Submitted by Corinna Vinschen.
2013-09-15 22:01:23 +02:00
Veres Lajos
478b50cf67 misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
Dr. Stephen Henson
810639536c Add control to retrieve signature MD. 2013-06-21 21:33:00 +01:00
Andy Polyakov
db05b447a5 Fix Windows linking error in GOST test case. 2013-04-13 23:03:31 +02:00
Ben Laurie
95dd301861 Missing MINFO generation. 2013-03-04 14:31:18 +00:00
Ben Laurie
0850f11855 Fix ignored return value warnings.
Not sure why I am getting these now and not before.
2013-02-21 18:30:04 +00:00
Dr. Stephen Henson
e511c64a24 Don't use C++ style comments. 2013-01-24 23:22:33 +00:00
Andy Polyakov
46bf83f07a x86_64 assembly pack: make Windows build more robust.
PR: 2963 and a number of others
2013-01-22 22:27:28 +01:00
Andy Polyakov
06b3b640eb gost2814789t.c: portability fixes. 2013-01-22 14:37:03 +01:00
Ben Laurie
5bdf1f1a89 Fix warnings. 2013-01-21 23:02:17 +00:00
Andy Polyakov
a0dcb8d821 gost_crypt.c: add assertions.
Submitted by: Seguei Leontiev
PR: 2821
2013-01-19 18:10:05 +01:00
Andy Polyakov
26906f2d93 engines/ccgost: add test case.
Submitted by: Serguei Leontiev
PR: 2821
2013-01-19 17:56:56 +01:00
Andy Polyakov
3a3f964eda gost_crypt.c: more intuitive ceiling. 2012-12-19 17:24:46 +00:00
Andy Polyakov
8cfb6411ff engines/cchost/gost_crypt.c: fix typo. 2012-12-19 11:06:00 +00:00
Andy Polyakov
2c0093d294 engines/e_capi.c: fix typo.
Submitted by: Pierre Delaage
2012-12-19 10:54:47 +00:00
Andy Polyakov
947e129219 engine/cchost: fix bugs.
PR: 2821
Submitted by: Dmitry Belyavsky, Serguei Leontiev
2012-12-19 10:45:13 +00:00
Dr. Stephen Henson
c4fc172240 PR: 2880
Submitted by: "Florian Rüchel" <florian.ruechel@ruhr-uni-bochum.de>

Correctly handle local machine keys in the capi ENGINE.
2012-11-18 15:24:37 +00:00
Dr. Stephen Henson
d21bf10dea Don't load GOST ENGINE if it is already loaded.
Multiple copies of the ENGINE will cause problems when it is cleaned up as
the methods are stored in static structures which will be overwritten and
freed up more than once.

Set static methods to NULL when the ENGINE is freed so it can be reloaded.
2012-09-01 11:30:53 +00:00
Andy Polyakov
99e59d634a gosthash.c: use memmove in circle_xor8, as input pointers can be equal.
PR: 2858
2012-08-13 16:36:51 +00:00
Andy Polyakov
6251989eb6 x86_64 assembly pack: make it possible to compile with Perl located on
path with spaces.

PR: 2835
2012-06-27 10:08:23 +00:00
Ben Laurie
71fa451343 Version skew reduction: trivia (I hope). 2012-06-03 22:00:21 +00:00
Andy Polyakov
ed998634cd e_padlock-x86[_64].pl: better understanding of prefetch errata and proper
workaround.
2012-03-19 20:23:32 +00:00
Andy Polyakov
884c580e05 eng_all.c: revert previous "disable Padlock" commit, which was unjustified. 2012-03-19 20:20:41 +00:00
Dr. Stephen Henson
174b07be93 PR: 2744
Submitted by: Dmitry Belyavsky <beldmit@gmail.com>

CMS support for ccgost engine
2012-03-11 13:40:17 +00:00
Dr. Stephen Henson
797a2a102d PR: 2743
Reported by: Dmitry Belyavsky <beldmit@gmail.com>

Fix memory leak if invalid GOST MAC key given.
2012-02-29 14:13:00 +00:00
Dr. Stephen Henson
e626c77808 PR: 2703
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Fix some memory and resource leaks in CAPI ENGINE.
2012-02-11 23:13:10 +00:00
Dr. Stephen Henson
da2a5a79ef PR: 2705
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Only create ex_data indices once for CAPI engine.
2012-02-11 23:08:08 +00:00
Andy Polyakov
a50bce82ec Sanitize usage of <ctype.h> functions. It's important that characters
are passed zero-extended, not sign-extended.
PR: 2682
2012-01-12 16:21:35 +00:00
Dr. Stephen Henson
6bf896d9b1 Check GOST parameters are not NULL (CVE-2012-0027) 2012-01-04 23:03:40 +00:00