Commit graph

2816 commits

Author SHA1 Message Date
Richard Levitte
8bb4ad88d8 make update 2000-10-27 11:09:52 +00:00
Richard Levitte
eb64730b9c The majority of the OCSP code from CertCo. 2000-10-27 11:05:35 +00:00
Ulf Möller
34a1488220 . 2000-10-26 22:24:49 +00:00
Richard Levitte
5270e7025e Merge the engine branch into the main trunk. All conflicts resolved.
At the same time, add VMS support for Rijndael.
2000-10-26 21:07:28 +00:00
Geoff Thorpe
1df586bec2 Add a note about the recent DSO changes in CHANGES. 2000-10-26 20:02:33 +00:00
Richard Levitte
551e5990d2 On HP-UX, at least when shl_* are used, the libraries have the
extension .sl instead of .so.
2000-10-26 18:42:35 +00:00
Richard Levitte
d9efa3616a For the operating systems where it matters, it is sometimes good to
translate library names by only adding ".so" to them without
prepending them with "lib".  Add the flag DSO_FLAG_NAME_TRANSLATION_EXT_ONLY
for that purpose.
2000-10-26 18:30:34 +00:00
Geoff Thorpe
51c8dc37dd This changes the behaviour of the DSO mechanism for determining an
appropriate filename translation on the host system. Apart from this point,
users should also note that there's a slight change in the API functions
too. The DSO now contains its own to-be-converted filename
("dso->filename"), and at the time the DSO loads the "dso->loaded_filename"
value is set to the translated form. As such, this also provides an impicit
way of determining if the DSO is currently loaded or not. Except, perhaps,
VMS .... :-)

The various DSO_METHODs have been updated for this mechanism except VMS
which is deliberately broken for now, Richard is going to look at how to
fit it in (the source comments in there explain "the issue").

Basically, the new callback scheme allows the filename conversion to
(a) be turned off altogether through the use of the
    DSO_FLAG_NO_NAME_TRANSLATION flag,
(b) be handled in the default way using the default DSO_METHOD's converter
(c) overriden per-DSO by setting the override callback
(d) a mix of (b) and (c) - eg. implement an override callback that;
    (i) checks if we're win32 "if(strstr(dso->meth->name, "win32"))..."
        and if so, convert "blah" into "blah32.dll" (the default is
	otherwise to make it "blah.dll").
    (ii) default to the normal behaviour - eg. we're not on win32, so
         finish with (return dso->meth->dso_name_converter(dso,NULL)).
(e) be retried a number of times by writing a new DSO_METHOD where the
    "dso_load()" handler will call the converter repeatedly. Then the
    custom converter could use state information in the DSO to suggest
    different conversions or paths each time it is invoked.
2000-10-26 17:38:59 +00:00
Bodo Möller
28967cf079 rsautl.c requires RSA. 2000-10-26 12:05:57 +00:00
Ulf Möller
a2bbe59401 s_server not s_client 2000-10-23 19:13:35 +00:00
Bodo Möller
421cb50b2d Cert chain verification is useable by now.
Whether Steve is still working on 'proper' verification is up to
him to decide ...
2000-10-23 14:36:18 +00:00
Ulf Möller
0fa504b68d Correction from Tani Hosokawa <unknown@riverstyx.net> 2000-10-23 14:02:02 +00:00
Bodo Möller
705bfcf8e7 internal_verify now does know about extensions 2000-10-23 08:01:41 +00:00
Bodo Möller
4fb40db932 Don't ever set 'seeded' if RAND_status() returned 0
(although maybe this static variable should be abolished totally,
it was introduced before RAND_status existed).
2000-10-23 07:37:03 +00:00
Richard Levitte
9dd0463852 When building shared libraries on HP-UX 10.20 and HP-UX 11.00 (32bit),
ld warns that -Fl "may not be supported in future releases".  We know
that, and are doing things in HP-UX 11 (64bit), so turn off that
warning with +vnocompatwarnings.
2000-10-22 21:37:39 +00:00
Richard Levitte
5cb5715f97 It seems like grep isn't as capable as I thought on some Unix systems.
Use egrep instead.
2000-10-22 16:46:47 +00:00
Richard Levitte
e9a583aa26 Pointer error corrected 2000-10-22 12:47:01 +00:00
Richard Levitte
f3f316f13f If the functions get_dh*() are declared static, they should be defined the same way 2000-10-22 12:45:33 +00:00
Richard Levitte
99b1aaf2ec On some operating systems, MAX is defined. Call ours OSSL_MAX instead 2000-10-22 12:44:12 +00:00
Richard Levitte
53400da75c Document 2000-10-21 22:53:32 +00:00
Richard Levitte
2b59a6ac14 There's no reason why app_RAND_load_file() should return 0 when
RAND_status() hasn't.
Reported by Dale Stimson <dale@accentre.com>.
2000-10-21 22:43:07 +00:00
Richard Levitte
48d89b560c Krister Walfridsson <cato@df.lth.se> tells us sysctl lives in /sbin
since NetBSD 1.5.
2000-10-21 22:18:52 +00:00
Richard Levitte
b5a43800ef FreeBSD-elf can do threads. However, there seems to be confusion if
you should defined _THREAD_SAFE (I found that in an include file, and
that's what everybody tells me) or _THREADSAFE (that's what the gcc
manual says in the FreeBSD-specific section), so I defined both, just
to be safe.
2000-10-21 22:05:03 +00:00
Richard Levitte
0fd44e2ddb Add what's needed to get shared libraries on HP-UX.
N.B.: This has not been tested at all, that's my next step.
2000-10-21 21:24:11 +00:00
Richard Levitte
0a2221f9ad make update 2000-10-21 20:15:46 +00:00
Richard Levitte
567f17cfe0 Document the change to NCONF. 2000-10-21 20:01:34 +00:00
Dr. Stephen Henson
627ec355d8 Fix for bug (?) in assembly language routines for SHA1. This
causes MASM to complain and not produce valid debug info.
Hopefully this wont break anything else...

Also fix typo in e_rd.c
2000-10-20 00:36:45 +00:00
Dr. Stephen Henson
4184a78761 Move expired CA certificate. 2000-10-19 23:16:47 +00:00
Ulf Möller
bbdc9c98a8 give pseudo prototypes instead of macro definitions for better clarity 2000-10-19 22:02:21 +00:00
Ulf Möller
11b62699a1 "DESCRIPTION" is required. 2000-10-19 19:40:35 +00:00
Ulf Möller
14a74a21f0 correction from Lutz 2000-10-19 15:19:41 +00:00
Richard Levitte
c8cda405e7 Keep binary backward compatibility by putting new method function
pointers at the end of the structure.
2000-10-19 08:29:27 +00:00
Richard Levitte
befb3e7a4d Make it possible for methods to load from something other than a BIO,
by providing a function pointer that is given a name instead of a BIO.
For example, this could be used to load configuration data from an
LDAP server.
2000-10-19 08:26:32 +00:00
Richard Levitte
c6f1787bbd NCONF_get_number() has no error checking at all. As a replacement,
NCONF_get_number_e() is defined (_e for "error checking") and is
promoted strongly.  The old NCONF_get_number is kept around for
binary backward compatibility.
2000-10-19 08:03:14 +00:00
Ulf Möller
9bd3bd227f Add short overview, move header files section further down. 2000-10-18 23:08:55 +00:00
Ulf Möller
d0ef53bd2d cosmetic changes 2000-10-18 22:51:34 +00:00
Ulf Möller
8d3f155a66 cosmetic change 2000-10-18 22:01:47 +00:00
Richard Levitte
ef0ab7f94f John Denney <jdenney@ca.mdis.com> reports that we forgot to convert
Free to OPENSSL_free in the SSL demos.
2000-10-18 19:36:27 +00:00
Richard Levitte
bf55ece1c1 Two questions have been asked quite often lately. 2000-10-17 16:16:12 +00:00
Dr. Stephen Henson
51754ec835 Update test server certificate in apps/server.pem (it was expired). 2000-10-16 22:56:10 +00:00
Ben Laurie
1bc5dd3efc Always return a value.
Submitted by:
Reviewed by:
PR:
2000-10-16 13:08:16 +00:00
Richard Levitte
0ded1638ba CRYPTO_get_ex_new_index would never return an error. 2000-10-16 06:01:41 +00:00
Dr. Stephen Henson
71d525c9f6 Fix for typo in certificate directory lookup code. 2000-10-14 23:51:52 +00:00
Richard Levitte
3ab5651112 The experimental Rijndael code moved to the main trunk.
make update done.
2000-10-14 20:09:54 +00:00
Richard Levitte
82ce0b2308 Even when you don't want to create shared libraries, it's a good idea
to have the full extension information, so residual shared libraries
can be removed so the applications and test programs do not get linked
against them by mistake...
2000-10-13 16:04:20 +00:00
Richard Levitte
a22fb399cb Rework the system to generate shared libraries:
- Make note of the expected extension for the shared libraries and
    if there is a need for symbolic links from for example libcrypto.so.0
    to libcrypto.so.0.9.7.  There is extended info in Configure for
    that.

  - Make as few rebuilds of the shared libraries as possible.

  - Still avoid linking the OpenSSL programs with the shared libraries.

  - When installing, install the shared libraries separately from the
    static ones.
2000-10-13 15:25:06 +00:00
Richard Levitte
8df8f27513 Bump the shared library version (should have been done a while ago). 2000-10-13 15:09:06 +00:00
Richard Levitte
cde70093ac Make the new conf implementatoin bug-compatible with the old one.
Actually, it's a feature that it goes looking at environment
variables.  It's just a pity that it's at the cost of the error
checking...  I'll see if I can come up with a better interface for
this.
2000-10-13 08:30:06 +00:00
Richard Levitte
5f97f508e4 make update 2000-10-13 08:27:00 +00:00
Richard Levitte
553615f500 New docs and new facts in older docs.
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-10-12 09:56:36 +00:00