wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
18495 commits 20 branches 302 tags 153 MiB
Commit graph

1712 commits

Author SHA1 Message Date
Matt Caswell
e12c0beb5a Add the ability to set OCSP_RESPID fields 
OCSP_RESPID was made opaque in 1.1.0, but no accessors were provided for
setting the name/key value for the OCSP_RESPID.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-09-22 09:27:45 +01:00
Rich Salz
776e15f939 Dcoument -alpn flag 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-09-21 11:23:12 -04:00
Rich Salz
4588cb4443 Revert "Constify code about X509_VERIFY_PARAM" 
This reverts commit 81f9ce1e19.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-09-21 10:37:03 -04:00
Richard Levitte
6e836806ad Documentation fixup; no more ECDHParameters 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-09-20 18:24:24 +02:00
FdaSilvaYY
81f9ce1e19 Constify code about X509_VERIFY_PARAM 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1594)
 2016-09-18 00:22:00 -04:00
Rich Salz
6f0ac0e2f2 Make reference to other manpage more explicit 
Where -curves, etc., are defined: SSL_CONF_cmd

Reviewed-by: Andy Polyakov <appro@openssl.org>
 2016-09-14 18:25:40 -04:00
Richard Levitte
2e04d6cc9d Document the new SHA256 and SHA512 password generation options 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-09-14 18:02:29 +02:00
Rich Salz
7d959c358a Add -h and -help for c_rehash script and app 
Resolves GH1515 and GH1509.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-09-14 08:59:48 -04:00
Rich Salz
01c09f9fde Misc BN fixes 
Never output -0; make "negative zero" an impossibility.
Do better checking on BN_rand top/bottom requirements and #bits.
Update doc.
Ignoring trailing garbage in BN_asc2bn.

Port this commit from boringSSL: https://boringssl.googlesource.com/boringssl/+/899b9b19a4cd3fe526aaf5047ab9234cdca19f7d%5E!/
        Ensure |BN_div| never gives negative zero in the no_branch code.

        Have |bn_correct_top| fix |bn->neg| if the input is zero so that we
        don't have negative zeros lying around.

        Thanks to Brian Smith for noticing.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-09-06 10:42:01 -04:00
Viktor Dukhovni
4a7b3a7b4d Un-delete still documented X509_STORE_CTX_set_verify 
It should not have been removed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-08-24 20:30:45 +01:00
Rob Percival
cfd20f64cc Typo fixes 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
ea4b7ded52 Updates the CT_POLICY_EVAL_CTX POD 
Ownership semantics and function names have changed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
513a3cb16b Correct documentation about SCT setters resetting validation status 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
e12981019a Removes the SCT_verify* POD 
SCT_verify_v1 has been removed and SCT_verify is no longer part of the
public API.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
a0a9f36ebf Documents the SCT validation functions 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
76bfd2ccc3 Removes {o2i,i2o}_SCT_signature from PODs 
These functions have been removed from the public API.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
5edcadb127 Documents the CTLOG functions 
CTLOG_new_null() has been removed from the code, so it has also been
removed from this POD.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
0e74d7ca44 Document the i2o and o2i SCT functions 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
a8d5d13a5f Removes d2i_SCT_LIST.pod 
This is covered by d2i_X509.pod.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
4cfdabbb09 Document that SCT_set_source returns 0 on failure. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
882babda46 Clarifies the format of a log's public key in the CONF file 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
4a388d1e05 Refer to OPENSSLDIR rather than "the OpenSSL install directory" 
The prior wording was less accurate.
See https://github.com/openssl/openssl/pull/1372#discussion_r73127000.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
32fa3da8b1 Adds history section to CT PODs 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
e469945f2c Fixes final issue in CT PODs highlighted by util/find-doc-nits.pl 
Fixes complaint "ct missing from SYNOPSIS".

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
4eabbe9d59 Renames CT_POLICY_EVAL_CTX.pod to CT_POLICY_EVAL_CTX_new.pod 
util/fix-doc-nits.pl complains that
"CT_POLICY_EVAL_CTX (filename) missing from NAME section".

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
7a2c739c00 Adds copyright section to ct.pod 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
6c3e9a71ab Adds newline after =cut in PODs 
util/find-doc-nits.pl complains that the file "doesn't end with =cut".

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
cb8145ff4a Adds missing function names to NAME section of PODs 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
ae97a654ca Add enum definitions to CT pods 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
8b12a3e75b Remove unnecessary bold tags in CT pods 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
0620ecdcd2 Add SSL_get0_peer_scts to ssl.pod 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
Rob Percival
56f3f714ef First draft of CT documentation 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-24 13:58:19 +01:00
FdaSilvaYY
0fe9123687 Constify a bit X509_NAME_get_entry 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-23 11:47:22 +02:00
FdaSilvaYY
9f5466b9b8 Constify some X509_NAME, ASN1 printing code 
ASN1_buf_print, asn1_print_*, X509_NAME_oneline, X509_NAME_print

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-23 11:47:22 +02:00
Kazuki Yamaguchi
9ba6f347fe Expose alloc functions for EC{PK,}PARAMETERS 
Declare EC{PK,}PARAMETERS_{new,free} functions in public headers. The
free functions are necessary because EC_GROUP_get_ec{pk,}parameters()
was made public by commit 60b350a3ef ("RT3676: Expose ECgroup i2d
functions").

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-22 15:10:02 +01:00
Andy Polyakov
1194ea8dc3 crypto/pkcs12: facilitate accessing data with non-interoperable password. 
Originally PKCS#12 subroutines treated password strings as ASCII.
It worked as long as they were pure ASCII, but if there were some
none-ASCII characters result was non-interoperable. But fixing it
poses problem accessing data protected with broken password. In
order to make asscess to old data possible add retry with old-style
password.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-22 13:52:59 +02:00
Dr. Stephen Henson
0b7347effe Add X509_getm_notBefore, X509_getm_notAfter 
Add mutable versions of X509_get0_notBefore and X509_get0_notAfter.

Rename X509_SIG_get0_mutable to X509_SIG_getm.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2016-08-21 18:25:23 +01:00
Rich Salz
8b8d963db5 Add BIO_get_new_index() 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2016-08-19 21:04:41 -04:00
Dr. Stephen Henson
568ce3a583 Constify certificate and CRL time routines. 
Update certificate and CRL time routines to match new standard.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-08-19 18:40:55 +01:00
Viktor Dukhovni
c4fbed6c31 Add -dane_ee_no_namechecks s_client(1) option 
The DANE API supports a DANE_FLAG_NO_DANE_EE_NAMECHECKS option, but
there was no way to exercise/enable it via s_client.  This commit
addresses that gap.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-08-19 12:18:49 -04:00
Rich Salz
2a9afa4046 RT3940: For now, just document the issue. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-19 11:45:07 -04:00
Dr. Stephen Henson
68c12bfc66 Add X509_get0_serialNumber() and constify OCSP_cert_to_id() 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-19 12:47:31 +01:00
Dr. Stephen Henson
11222483d7 constify X509_REQ_get0_signature() 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-19 12:47:31 +01:00
Matt Caswell
604f6eff31 Convert X509_REVOKED* functions to use const getters 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
 2016-08-18 11:59:39 +01:00
Rich Salz
9d8c2dfe14 Fix some doc nits. 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-17 19:41:47 -04:00
Dr. Stephen Henson
59b4da05b4 Constify X509_SIG. 
Constify X509_SIG_get0() and order arguments to mactch new standard.

Add X509_SIG_get0_mutable() to support modification or initialisation
of an X509_SIG structure.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-17 17:48:43 +01:00
Dr. Stephen Henson
8adc1cb851 Constify X509_get0_signature() 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-17 14:12:55 +01:00
Dr. Stephen Henson
8900f3e398 Convert X509* functions to use const getters 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-17 13:59:04 +01:00
Matt Caswell
5e6089f0eb Convert X509_CRL* functions to use const getters 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
 2016-08-17 13:38:03 +01:00
Matt Caswell
6eabcc839f Make X509_NAME_get0_der() conform to OpenSSL style 
Put the main object first in the params list.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
 2016-08-17 13:03:04 +01:00
Matt Caswell
79613ea844 Convert OCSP* functions to use const getters 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
 2016-08-17 12:29:03 +01:00
Dr. Stephen Henson
ac4e257747 constify X509_ALGOR_get0() 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-17 12:01:29 +01:00
Remi Gacogne
fddfc0afc8 Add missing session id and tlsext_status accessors 
* SSL_SESSION_set1_id()
 * SSL_SESSION_get0_id_context()
 * SSL_CTX_get_tlsext_status_cb()
 * SSL_CTX_get_tlsext_status_arg()

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-17 10:38:20 +01:00
Matt Caswell
48593cb12a Convert SSL_SESSION* functions to use const getters 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
 2016-08-16 23:36:28 +01:00
Dr. Stephen Henson
17ebf85abd Add ASN1_STRING_get0_data(), deprecate ASN1_STRING_data(). 
Deprecate the function ASN1_STRING_data() and replace with a new function
ASN1_STRING_get0_data() which returns a constant pointer. Update library
to use new function.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-08-16 16:05:35 +01:00
Dr. Stephen Henson
c082201a36 add documentation 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-08-13 14:11:05 +01:00
Rich Salz
e928132343 GH1446: Add SSL_SESSION_get0_cipher 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1451)
 2016-08-12 15:23:48 -04:00
Dr. Stephen Henson
721f398023 Update documentation for DSA_SIG and ECDSA_SIG. 
RT#4590

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-08-12 14:21:21 +01:00
FdaSilvaYY
b4b42ce621 Fix doc and help about ca -valid option 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-08-11 10:59:21 +01:00
jamercee
e86e76a6c4 Fixed typo 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1386)
 2016-08-10 11:07:42 -04:00
JimC
3b7a575897 Documented BIO_set_accept_port()/BIO_get_accept_port() 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1386)
 2016-08-10 11:07:42 -04:00
jamercee
b4c1d72e9f Adapt BIO_new_accept() to call BIO_set_accept_name() 
Commit 417be66 broken BIO_new_accept() by changing the definition of the
macro BIO_set_accept_port() which stopped acpt_ctrl() from calling
BIO_parse_hostserv(). This commit completes the series of changes
initiated in 417be66.

Updated pods to reflect new definition introduced by 417be66.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1386)
 2016-08-10 11:07:42 -04:00
Rich Salz
f67cbb7443 Add #defines for magic numbers in API. 
Binary- and backward-compatible.  Just better.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1429)
 2016-08-10 10:07:37 -04:00
Rich Salz
3663990760 Add some const casts 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1397)
 2016-08-10 09:53:58 -04:00
Emilia Kasper
b03fe23146 CT: fix documentation 
Make method names match reality

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-08-10 14:41:21 +02:00
klemens
6025001707 spelling fixes, just comments and readme. 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1413)
 2016-08-05 19:07:30 -04:00
FdaSilvaYY
c47ba4e96c Constify some ASN1_OBJECT *obj input parameters 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-04 17:02:48 +02:00
FdaSilvaYY
924212a670 Constify input buffer 
of X509_NAME_add_entry_by_OBJ, X509_NAME_add_entry_by_NID, X509_NAME_ENTRY_create_by_NID

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-04 17:02:48 +02:00
FdaSilvaYY
f48ebf9f4c Constify ASN1_INTEGER_get, ASN1_ENUMERATED_get 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-04 17:02:48 +02:00
FdaSilvaYY
700b814549 Fix some style issues... 
extra spacing and 80 cols

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1366)
 2016-08-02 09:59:23 +02:00
Dr. Stephen Henson
c2e888b54c Document certificate and CRL time functions. 
RT#4639

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-08-01 19:54:11 +01:00
Dr. Stephen Henson
b26ab17f3d Constify some X509_CRL, X509_REQ functions. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-08-01 19:53:43 +01:00
Dr. Stephen Henson
5d8d9a8efa Add DSA_bits() function. 
RT#4637

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-08-01 19:37:42 +01:00
Kurt Roeckx
6c1f368d88 Fix typo of BN_zero() 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-01 16:17:44 +02:00
Richard J. Moore
3c8537765c Const the ex data stuff too to fix warnings 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-08-01 16:13:27 +02:00
Richard J. Moore
e1f02308ae Fix the docs too 
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1367)
 2016-07-30 15:19:24 -04:00
Matt Caswell
e040a42e44 Update the SSL_set_bio()/SSL_set0_rbio()/SSL_set0_wbio() docs 
Update the documentation for the newly renamed and modified SSL_set0_rbio()
and SSL_set0_wbio() functions. State that they should be preferred over
SSL_set_bio(). Attempt to document the ownership rules for SSL_set_bio().

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-29 14:09:57 +01:00
Rich Salz
1a62777163 Various doc fixes. 
Cannot nest B<> tags
Document "openssl speed" command.
Fix doc nits: missing NAME/SYNOPSIS stuff

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2016-07-28 17:00:05 -04:00
Richard Levitte
61d81f0ac9 Update the example in proxy_certificates.txt 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-26 09:43:21 +02:00
FdaSilvaYY
9d7bfb14dd Discard BIO_set(BIO* bio) method 
Simplify BIO init using OPENSSL_zalloc().

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1261)
 2016-07-25 13:48:32 -04:00
Richard Levitte
fe0169b097 Make it possible for external code to set the certiciate proxy path length 
This adds the functions X509_set_proxy_pathlen(), which sets the
internal pc path length cache for a given X509 structure, along with
X509_get_proxy_pathlen(), which retrieves it.

Along with the previously added X509_set_proxy_flag(), this provides
the tools needed to manipulate all the information cached on proxy
certificates, allowing external code to do what's necessary to have
them verified correctly by the libcrypto code.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-25 17:36:39 +02:00
Richard Levitte
3067095e8a Add X509_STORE lock and unlock functions 
Since there are a number of function pointers in X509_STORE that might
lead to user code, it makes sense for them to be able to lock the
store while they do their work.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-25 17:33:41 +02:00
Richard Levitte
0e82e0e1d0 Document the X509_STORE and X509_STORE_CTX setters and getters 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-25 17:20:58 +02:00
Steffen Nurpmeso
d49cfa3bd5 RT4627: Doc patch: fix constant names 
Reviewed-by: Matt Caswell <matt@openssl.org>
Signed-off-by: Rich Salz <rsalz@openssl.org>
 2016-07-25 09:50:27 -04:00
FdaSilvaYY
c7d13c138c Constify X509|X509_CRL|X509_REVOKED_get_ext 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
 2016-07-25 08:20:00 -04:00
FdaSilvaYY
7569362ebb Constify ... X509|X509_CRL|X509_REVOKED|_get_ext*() 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
 2016-07-25 08:20:00 -04:00
FdaSilvaYY
fdaf7beec5 Constify ... 
X509_REVOKED_get0_extensions
X509_check_private_key

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
 2016-07-25 08:20:00 -04:00
FdaSilvaYY
84de54b91e Constify (X509|X509V3|X509_CRL|X509_REVOKED)_get_ext_d2i ... 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
 2016-07-25 08:20:00 -04:00
FdaSilvaYY
333ed02c8a Constify input parameters of methods : 
- X509_NAME_entry_count, X509_ATTRIBUTE_count
 - X509_NAME_add_entry_by_OBJ, X509_NAME_ENTRY_create_by_OBJ, X509_NAME_ENTRY_set_object

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
 2016-07-25 08:20:00 -04:00
FdaSilvaYY
e83f154f6c Constify i2t_ASN1_OBJECT, i2d_ASN1_OBJECT, i2a_ASN1_OBJECT. 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
 2016-07-25 08:20:00 -04:00
FdaSilvaYY
08275a29c1 Constify ASN1_TYPE_get, ASN1_STRING_type, ASN1_STRING_to_UTF8, ASN1_TYPE_get_octetstring & co... 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
 2016-07-25 08:20:00 -04:00
FdaSilvaYY
25d57dc71b Constify EC_KEY_*_oct2priv() input buffer 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
 2016-07-25 08:20:00 -04:00
Jakub Zelenka
c1054bb4d2 Add EVP_ENCODE_CTX_copy 
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1344)
 2016-07-24 19:23:00 +01:00
Richard Levitte
9961cb7768 Make it possible for external code to flag a certificate as a proxy one. 
This adds the function X509_set_proxy_flag(), which sets the internal flag
EXFLAG_PROXY on a given X509 structure.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-23 11:35:23 +02:00
Dr. Stephen Henson
bd19d1aa04 Clarify digest change in HMAC_Init_ex() 
RT#4603

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-22 14:02:38 +01:00
FdaSilvaYY
2f8e53d794 Fix if/for/while( in docs 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1292)
 2016-07-20 07:21:53 -04:00
Coty Sutherland
2a5f907edf Resolve over command syntax error which causes 'make install' to fail 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1312)
 2016-07-19 18:15:17 -04:00
Richard Levitte
0a5228543c Document the slight change in CRYPTO_mem_ctrl() 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2016-07-19 23:49:54 +02:00
Richard Levitte
c1c26660df Document the slight change in ERR_get_next_error_library() 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2016-07-19 23:49:54 +02:00
Rich Salz
aebb9aac48 RT4593: Add space after comma (doc nits) 
Update find-doc-nits to find errors in SYNOPSIS (the most common
place where they were missing).

Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-07-19 09:29:53 -04:00