- Nov 22, 2000
-
-
Ulf Möller authored
You can still get the code using tag "rsaref".
-
Richard Levitte authored
-
- Nov 21, 2000
-
-
Richard Levitte authored
I'm a little bit nervous about bn_div_words, as I don't know what it's supposed to return on overflow. For now, I trust the rest of the system to give it numbers that will not cause any overflow...
-
Richard Levitte authored
-
Ben Laurie authored
-
- Nov 20, 2000
-
-
Richard Levitte authored
problem in some other file, but I can't recall which.
-
Ben Laurie authored
-
- Nov 19, 2000
-
-
Richard Levitte authored
(incorrect) attempt to free it once more...
-
Richard Levitte authored
-
Richard Levitte authored
-
- Nov 18, 2000
-
-
Richard Levitte authored
BN_mul() correctly constified, avoids two realloc()'s that aren't really necessary and saves memory to boot. This required a small change in bn_mul_part_recursive() and the addition of variants of bn_cmp_words(), bn_add_words() and bn_sub_words() that can take arrays with differing sizes. The test results show a performance that very closely matches the original code from before my constification. This may seem like a very small win from a performance point of view, but if one remembers that the variants of bn_cmp_words(), bn_add_words() and bn_sub_words() are not at all optimized for the moment (and there's no corresponding assembler code), and that their use may be just as non-optimal, I'm pretty confident there are possibilities... This code needs reviewing!
-
Richard Levitte authored
-
Richard Levitte authored
-
Richard Levitte authored
-
- Nov 17, 2000
-
-
Bodo Möller authored
-
Bodo Möller authored
-
Richard Levitte authored
declarations of bn_add_part_words() and bn_sub_part_words() since they do not exist.
-
Bodo Möller authored
-
Bodo Möller authored
-
Bodo Möller authored
password verification where it makes sense.
-
Bodo Möller authored
in bn.h
-
- Nov 16, 2000
-
-
Richard Levitte authored
-
Richard Levitte authored
stdout. bc gets so confused by bean counts.
-
Richard Levitte authored
-
Richard Levitte authored
4 times it's size when bn_sqr_recursive() won't look farther than the original length. Thereby, constification is no longer a problem.
-
Richard Levitte authored
/proc/cpuinfo can have several lines containing the word "type". We want the one that is "type", plain and simple. Caught by Raoul Borenius <borenius@shuttle.de>
-
Geoff Thorpe authored
applicable to ENGINE_ctrl()
-
Geoff Thorpe authored
situation where they've initialised the ENGINE, loaded keys (which are then linked to that ENGINE), and performed other checks (such as verifying certificate chains etc). At that point, if the application goes multi-threaded or multi-process it creates problems for any ENGINE implementations that are either not thread/process safe or that perform optimally when they do not have to perform locking and other contention management tasks at "run-time". This defines a new ENGINE_ctrl() command that can be supported by engines at their discretion. If ENGINE_ctrl(..., ENGINE_CTRL_HUP,...) returns an error then the caller should check if the *_R_COMMAND_NOT_IMPLEMENTED error reason was set - it may just be that the engine doesn't support or need the HUP command, or it could be that the attempted reinitialisation failed. A crude alternative is to ignore the return value from ENGINE_ctrl() (and clear any errors with ERR_clear_error()) and perform a test operation immediately after the "HUP". Very crude indeed. ENGINEs can support this command to close and reopen connections, files, handles, or whatever as an alternative to run-time locking when such things would otherwise be needed. In such a case, it's advisable for the engine implementations to support locking by default but disable it after the arrival of a HUP command, or any other indication by the application that locking is not required. NB: This command exists to allow an ENGINE to reinitialise without the ENGINE's functional reference count having to sink down to zero and back up - which is what is normally required for the finish() and init() handlers to get invoked. It would also be a bad idea for engine_lib to catch this command itself and interpret it by calling the engine's init() and finish() handlers directly, because reinitialisation may need special handling on a case-by-case basis that is distinct from a finish/init pair - eg. calling a finish() handler may invalidate the state stored inside individual keys that have already loaded for this engine.
-
- Nov 15, 2000
-
-
Lutz Jänicke authored
SSL_CIPHER_description(), as there is no other API function to find out details about the cipher used besides the number of bits or protocol used.
-
- Nov 14, 2000
-
-
Ulf Möller authored
-
Richard Levitte authored
engine structure, and some ANSI C compilers will complain otherwise.
-
Richard Levitte authored
-
Richard Levitte authored
-
Richard Levitte authored
-
Richard Levitte authored
-
Lutz Jänicke authored
For performance reasons, it is also recommended to make the (mmap'ed) shared library 'read-only'. -> New permissions for installed shared libraries = 555 This doesn't hurt anybody, provided the installation is performed with 'cp -f' :-)
-
Richard Levitte authored
Caught by Jeffrey Altman <jaltman@columbia.edu>
-
Richard Levitte authored
-
- Nov 13, 2000
-
-
Lutz Jänicke authored
"-Wl,+s" instead of +s: * Hardcoded necessary references to -ldld/-ldl into the build rules and removed EX_LIBS. HP-UX records the pathnames of dependent libraries when the shared libs are built, so that ./libcrypto.sl... is recorded in libssl.sl..., with "./" not being resolvable when running an application linked against -lssl: * Build libssl without explicit reference to libcrypto, applications will be linked with "-lssl -lcrypto" anyway. Document these informations in Makefile.org.
-
- Nov 12, 2000
-
-
Ulf Möller authored
-