| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
|
|
|
| |
Conflicts:
crypto/cryptlib.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Windows 8 SDKs complain that GetVersion() is deprecated.
We only use GetVersion like this:
(GetVersion() < 0x80000000)
which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
(cherry picked from commit a4cc3c8041104896d51ae12ef7b678c31808ce52)
|
|
|
|
|
|
|
| |
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
|
|
|
|
| |
Submitted by: Chromium Authors
|
| |
|
| |
|
|
|
|
| |
in question.
|
|
|
|
|
|
|
|
|
|
| |
such operation can be considered as breaking binary compatibility. However!
OPNESSL_ia32cap_P is accessed by application through pointer returned by
OPENSSL_ia32cap_loc() and such change of *internal* OPENSSL_ia32cap_P
declaration is possible specifically on little-endian platforms, such as
x86[_64] ones in question. In addition, if 32-bit application calls
OPENSSL_ia32cap_loc(), it clears upper half of capability vector maintaining
the illusion that it's still 32 bits wide.
|
|
|
|
|
|
|
| |
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve
Don't call ERR_remove_state from DllMain.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add static build support to openssl utility.
Add new "fips" option to Configure.
Make use of installed fipsld and fips_standalone_sha1
Initialise FIPS error callbacks, locking and DRBG.
Doesn't do anything much yet: no crypto is redirected to the FIPS module.
Doesn't completely build either but the openssl utility can enter FIPS mode:
which doesn't do anything much either.
|
|
|
|
|
|
|
| |
Submitted by: Guenter <lists@gknw.net>
Reviewed by: steve
Cleanup alloca use, fix Win32 target for OpenWatcom.
|
| |
|
|
|
|
|
|
| |
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
|
|
|
|
| |
as "STRING" cause conflicts with other headers/libraries.
|
| |
|
|
|
|
|
|
|
| |
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org
Fix various typos and stuff.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).
Thanks to Bodo, for invaluable review and feedback.
|
|
|
|
| |
version some time soon.
|
| |
|
|
|
|
|
|
| |
ptr members.
(So if the id_callback is bogus, we still have &errno.)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed
version was added but it required portable code to check *both* modes to
determine equality. This commit maintains the availability of both thread
ID types, but deprecates the type-specific accessor APIs that invoke the
callbacks - instead a single type-independent API is used. This simplifies
software that calls into this interface, and should also make it less
error-prone - as forgetting to call and compare *both* thread ID accessors
could have led to hard-to-debug/infrequent bugs (that might only affect
certain platforms or thread implementations). As the CHANGES note says,
there were corresponding deprecations and replacements in the
thread-related functions for BN_BLINDING and ERR too.
|
| |
|
| |
|
|
|
|
|
|
| |
CRYPTO_get_idptr_callback(), CRYPTO_thread_idptr() for a 'void *' type
thread ID, since the 'unsigned long' type of the existing thread ID
does not always work well.
|
|
|
|
|
|
| |
PR: 1312
Submitted by: Oliver Tappe <zooey@hirschkaefer.de>
Reviewed by: Ulf Moeller
|
|
|
|
| |
Engage run-time switch between bn_mul_mont_fpu and bn_mul_mont_int.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
inspired by VC6 failure report. In addition abstain from taking screen
snapshots when running in NT service context.
|
| |
|
|
|
|
|
| |
util/libeay.num is important when building shared libraries, like
VMS.
|
| |
|
| |
|
|
|
|
| |
OPENSSL_stderr stub.
|
|
|
|
|
| |
[meaning that it will detect in which context application is running
and either write message to stderr, post a dialog or log an event].
|
| |
|
| |
|
|
|
|
|
| |
symbol, but a macro expanded as (*(OPENSSL_ia32cap_loc())). The latter
is the only one to be exported to application.
|
| |
|
|
|
|
|
|
|
| |
if we explicitly intruct the linker to set entry point, then we become
obliged to initialize run-time library. Instead we can pick name run-time
will call and such name is DllMain. Note that this applies to both
"native" Win32 environment and Cygwin:-)
|
|
|
|
|
|
| |
http://cvs.openssl.org/chngview?cn=12493. Now all platform should
be operational, while SSE2 code pathes get engaged on ELF platforms
only.
|
|
|
|
|
|
|
|
|
|
|
| |
is to have a placeholder to small routines, which can be written only
in assembler. In IA-32 case this includes processor capability
identification and access to Time-Stamp Counter. As discussed earlier
OPENSSL_ia32cap is introduced to control recently added SSE2 code
pathes (see docs/crypto/OPENSSL_ia32cap.pod). For the moment the
code is operational on ELF platforms only. I haven't checked it yet,
but I have all reasons to believe that Windows build should fail to
link too. I'll be looking into it shortly...
|
|
|
|
|
| |
tree. This further reduces header interdependencies, and makes some
associated cleanups.
|
|
|
|
| |
let's wrap it with a lock.
|
| |
|
|
|
|
| |
Submitted by: Nils Larsch
|