Dr. Stephen Henson
3745e57bf9
Prepare for next version....
2008-09-15 12:19:09 +00:00
Dr. Stephen Henson
b7e7aa00de
Begin release of OpenSSL 0.9.8i.
2008-09-15 10:28:13 +00:00
Bodo Möller
200d00c854
Fix SSL state transitions.
...
Submitted by: Nagendra Modadugu
2008-09-14 14:02:01 +00:00
Bodo Möller
669b912dea
Really get rid of unsafe double-checked locking.
...
Also, "CHANGES" clean-ups.
2008-09-14 13:51:49 +00:00
Bodo Möller
36a4a67b2b
Some precautions to avoid potential security-relevant problems.
2008-09-14 13:42:40 +00:00
Ben Laurie
b7c8b4fc95
Allow soft-loading engines.
2008-09-12 13:29:59 +00:00
Dr. Stephen Henson
dd6e90465d
Add support for Local Machine Keyset attribute in PKCS#12 files.
2008-06-26 23:26:52 +00:00
Bodo Möller
4afcee8b4b
avoid potential infinite loop in final reduction round of BN_GF2m_mod_arr()
...
Submitted by: Huang Ying
Reviewed by: Douglas Stebila
2008-06-23 20:46:28 +00:00
Dr. Stephen Henson
1f3206216b
Add acknowledgement.
2008-06-09 16:50:48 +00:00
Dr. Stephen Henson
1a12ce8ea5
Update CHANGES.
2008-06-05 15:32:05 +00:00
Mark J. Cox
3f79793b7e
After tagging, bump ready for 0.9.8i development
2008-05-28 07:47:50 +00:00
Mark J. Cox
0d01d8a735
Prepare for 0.9.8h release
2008-05-28 07:37:14 +00:00
Mark J. Cox
2c0fa03dc6
Fix flaw if 'Server Key exchange message' is omitted from a TLS
...
handshake which could lead to a cilent crash as found using the
Codenomicon TLS test suite (CVE-2008-1672)
Reviewed by: openssl-security@openssl.org
Obtained from: mark@awe.com
2008-05-28 07:29:27 +00:00
Mark J. Cox
d3b3a6d389
Fix double-free in TLS server name extensions which could lead to a remote
...
crash found by Codenomicon TLS test suite (CVE-2008-0891)
Reviewed by: openssl-security@openssl.org
Obtained from: jorton@redhat.com
2008-05-28 07:26:33 +00:00
Lutz Jänicke
5f23288692
Clear error queue when starting SSL_CTX_use_certificate_chain_file
...
PR: 1417, 1513
Submitted by: Erik de Castro Lopo <mle+openssl@mega-nerd.com>
2008-05-23 10:37:22 +00:00
Lutz Jänicke
45c58c7d10
Remove all root CA files (beyond test CAs including private key)
...
from the OpenSSL distribution.
2008-05-23 08:59:56 +00:00
Dr. Stephen Henson
112591be76
Fix off by one error ;-)
2008-05-20 18:48:22 +00:00
Dr. Stephen Henson
1b8daa3693
Typo.
2008-05-20 16:13:11 +00:00
Dr. Stephen Henson
10d3886c51
Fix two invalid memory reads in RSA OAEP mode.
...
Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com>
Reviewed by: steve
2008-05-19 21:26:28 +00:00
Bodo Möller
c3031a4610
Avoid BN_MONT_CTX incompatibility.
2008-05-02 18:47:19 +00:00
Bodo Möller
812d8a176c
Unobtrusive backport of 32-bit x86 Montgomery improvements from 0.9.9-dev:
...
you need to use "enable-montasm" to see a difference. (Huge speed
advantage, but BN_MONT_CTX is not binary compatible, so this can't be
enabled by default in the 0.9.8 branch.)
The CHANGES entry also covers the 64-bit x86 backport in November 2007
by appro.
2008-05-01 23:11:34 +00:00
Dr. Stephen Henson
db533c96e3
TLS ticket key setting callback: this allows and application to set
...
its own TLS ticket keys.
2008-04-30 16:11:33 +00:00
Geoff Thorpe
98bd148b1a
Fix auto-discovery of ENGINEs, ported from HEAD.
...
NB, this fixes a regression relative to 0.9.7 and the documented behaviour,
but it would make sense for distro maintainers and others with an interest
in system behaviour to test with this change. The fix re-enables behaviour
that was broken and thus inherently disabled. In particular, if you
register an ENGINE implementation, and that ENGINE is able to successfully
self-initialise on the host, it will get used automatically (as claimed in
the documentation and as was the case for 0.9.7) - this was not the case
with 0.9.8 until now because of a bug.
PR: 1668
Submitted by: Ian Lister
Reviewed by: Geoff Thorpe
2008-04-28 21:45:43 +00:00
Geoff Thorpe
292248b8c2
Update from HEAD.
2008-04-27 18:52:14 +00:00
Dr. Stephen Henson
94b2c29f9d
Backport of CMS code to 0.9.8-stable branch. Disabled by default.
2008-04-03 23:03:56 +00:00
Dr. Stephen Henson
6b8be6da76
Update CHANGES.
2008-04-02 11:45:34 +00:00
Dr. Stephen Henson
7ec2d392e7
Backport of zlib compression BIO from HEAD. Update mkdef.pl script to handle
...
ZLIB. Update ordinals.
2008-04-02 11:37:25 +00:00
Dr. Stephen Henson
e88f66bb49
Add CHANGES entry for key wrap.
2008-04-02 11:21:53 +00:00
Dr. Stephen Henson
9e7459fc5d
Backport some useful ASN1 utility functions from HEAD.
2008-04-02 11:11:51 +00:00
Mark J. Cox
216ac24bd3
Add missing changelog entry for http://cvs.openssl.org/chngview?cn=16587
2008-02-28 13:35:58 +00:00
Bodo Möller
19398a175a
fix BIGNUM flag handling
2008-02-27 06:02:00 +00:00
Dr. Stephen Henson
3b0e61a812
Netware support.
...
Submitted by: Guenter Knauf <eflash@gmx.net>
2008-01-03 22:53:06 +00:00
Lutz Jänicke
32f1f622f6
Release OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f
2007-10-19 08:25:53 +00:00
Dr. Stephen Henson
a523276786
Backport certificate status request TLS extension support to 0.9.8.
2007-10-12 00:00:36 +00:00
Ben Laurie
2339c5d722
Next version.
2007-10-11 15:04:32 +00:00
Ben Laurie
dd00266757
Ready to roll.
2007-10-11 14:58:15 +00:00
Ben Laurie
bb99ce5f80
make update, and more DTLS stuff.
2007-10-11 14:36:59 +00:00
Dr. Stephen Henson
294f03a812
Reimplement safestack to avoid function pointer casts.
2007-09-06 21:07:43 +00:00
Dr. Stephen Henson
927a28ba3b
gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL.
...
Fix various "computed value not used" warnings too.
2007-09-06 12:43:54 +00:00
Dr. Stephen Henson
967ead7269
Update from HEAD.
2007-08-27 23:47:10 +00:00
Dr. Stephen Henson
5b96d1ccf9
Clarify CHANGES entry.
2007-08-23 22:58:24 +00:00
Dr. Stephen Henson
865a90eb4f
Backport of TLS extension code to OpenSSL 0.9.8.
...
Include server name and RFC4507bis support.
This is not compiled in by default and must be explicitly enabled with
the Configure option enable-tlsext
2007-08-12 18:59:03 +00:00
Dr. Stephen Henson
f805d30769
SSE2 and AES assembly language support for VC++ build.
2007-07-19 17:39:07 +00:00
Andy Polyakov
4c5979a107
Mention recent changes to bn_mont.c in CHANGES.
2007-06-20 17:44:43 +00:00
Bodo Möller
b22250bb67
Fix crypto/ec/ec_mult.c to work properly with scalars of value 0
2007-05-22 09:48:06 +00:00
Ben Laurie
8957121c14
More IGE speedup.
2007-05-13 15:04:16 +00:00
Ben Laurie
50241bc84e
AES IGE mode speedup.
2007-05-13 12:03:57 +00:00
Bodo Möller
c3cc4662af
Add SEED encryption algorithm.
...
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:50:26 +00:00
Bodo Möller
2ac061e487
make BN_FLG_CONSTTIME semantics more fool-proof
2007-03-28 18:44:01 +00:00
Bodo Möller
7cdb81582c
Change to mitigate branch prediction attacks
...
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2007-03-28 00:14:25 +00:00
Bodo Möller
6fd3f3260d
stricter session ID context matching
2007-03-21 14:33:01 +00:00
Bodo Möller
d9e262443c
oops -- this should have been in 0.9.8e
2007-03-21 14:18:27 +00:00
Bodo Möller
402b951804
include complete 0.9.7 history
2007-02-26 10:48:56 +00:00
Dr. Stephen Henson
5dd24ead57
Prepare for next version.
2007-02-23 12:50:54 +00:00
Dr. Stephen Henson
0615396d2d
Prepare for release.
2007-02-23 12:12:28 +00:00
Lutz Jänicke
cdb13ae8d0
Extend SMTP and IMAP protocol handling to perform the required
...
EHLO or CAPABILITY handshake before sending STARTTLS
Submitted by: Goetz Babin-Ebell <goetz@shomitefo.de>
2007-02-21 18:20:33 +00:00
Dr. Stephen Henson
52ee969e29
Update from 0.9.7-stable.
2007-02-21 13:48:49 +00:00
Bodo Möller
55f0501201
Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a
...
ciphersuite string such as "DEFAULT:RSA" cannot enable
authentication-only ciphersuites.
2007-02-19 18:38:11 +00:00
Bodo Möller
5f4cc234fb
Some fixes for ciphersuite string processing:
...
- add a workaround provided by Victor Duchovni so that 128- and
256-bit variants of otherwise identical ciphersuites are treated
correctly;
- also, correctly skip invalid parts of ciphersuite description strings.
Submitted by: Victor Duchovni, Bodo Moeller
2007-02-17 06:52:42 +00:00
Nils Larsch
68bb98159f
fix typos
...
PR: 1354, 1355, 1398
2006-12-21 21:11:44 +00:00
Bodo Möller
1a8521ff24
Fix the BIT STRING encoding of EC points or parameter seeds
...
(need to prevent the removal of trailing zero bits).
2006-12-19 15:10:46 +00:00
Bodo Möller
5c6f76da0a
fix support for receiving fragmented handshake messages
2006-11-29 14:45:14 +00:00
Ben Laurie
4636341b05
Add RFC 3779 support, contributed by ARIN.
2006-11-27 13:36:55 +00:00
Dr. Stephen Henson
900f7a8776
Update from 0.9.7-stable.
...
Improve mkerr.pl header file function name parsing.
2006-11-21 20:14:05 +00:00
Bodo Möller
bd869183d5
for completeness, include 0.9.7l information
2006-09-28 13:29:08 +00:00
Mark J. Cox
25e52a78fb
After tagging, bump ready for 0.9.8e development
2006-09-28 11:39:33 +00:00
Mark J. Cox
47c4bb2ddf
Prepare for 0.9.8d release
2006-09-28 11:32:42 +00:00
Mark J. Cox
951dfbb13a
Introduce limits to prevent malicious keys being able to
...
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Bodo Möller
8fdb296cbd
Update
2006-09-12 14:42:09 +00:00
Bodo Möller
879b30aaa3
ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0
...
ciphersuite as well
2006-09-11 09:48:46 +00:00
Mark J. Cox
da1841a075
After tagging, prep for next release
2006-09-05 08:51:30 +00:00
Mark J. Cox
0a0a10d127
Ready for 0.9.8c release
2006-09-05 08:45:37 +00:00
Mark J. Cox
df20b6e79b
Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
...
(CVE-2006-4339)
Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:25:42 +00:00
Ben Laurie
4b9dcd821f
Add IGE and biIGE modes.
2006-08-28 11:00:32 +00:00
Bodo Möller
ec67e3b7e4
always read in RAND_poll() if we can't use select because of a too
...
large FD: it's non-blocking mode anyway
2006-06-28 14:50:00 +00:00
Richard Levitte
8de95bc05b
Use poll() when possible to gather Unix randomness entropy
2006-06-27 06:31:57 +00:00
Bodo Möller
aa17ab7e57
Put ECCdraft ciphersuites back into default build (but disabled
...
unless specifically requested)
2006-06-22 12:35:54 +00:00
Bodo Möller
35908bd040
Remove ECC ciphersuites from 0.9.8 branch (should use 0.9.9 branch)
2006-06-20 08:50:33 +00:00
Bodo Möller
0e73294e26
Disable invalid ciphersuites
2006-06-14 17:52:01 +00:00
Bodo Möller
6d2cd23f40
Thread-safety fixes
2006-06-14 08:51:41 +00:00
Bodo Möller
e18eef3d7a
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:42:21 +00:00
Dr. Stephen Henson
b723a7b11b
Don't check for padding bug if compression is negotiated.
...
PR: 1204
2006-05-07 12:27:48 +00:00
Dr. Stephen Henson
1c5dc844e7
Update for next dev version.
2006-05-04 13:08:35 +00:00
Dr. Stephen Henson
f871949efd
Prepare for new release.
2006-05-04 12:46:42 +00:00
Dr. Stephen Henson
cbb0b734c7
If cipher list contains a match for an explicit ciphersuite only match that
...
one suite.
2006-04-15 00:22:34 +00:00
Bodo Möller
5586a71a6e
clarification
2006-03-11 22:10:46 +00:00
Dr. Stephen Henson
217382d584
Handle manifest files for VC++
...
Submitted by: Austin Ziegler <halostatue@gmail.com>
2006-01-15 13:46:20 +00:00
Bodo Möller
bc9320452c
update TLS-ECC code
...
Submitted by: Douglas Stebila
2005-12-13 07:41:47 +00:00
Bodo Möller
23d43aae27
add missing entry (the corresponding code *is* in the 0.9.8 branch,
...
and both the code and the CHANGES entry are in HEAD)
2005-12-13 07:32:10 +00:00
Dr. Stephen Henson
7614f0e55e
Various zlib related fixes and enhancements.
2005-12-05 13:34:56 +00:00
Dr. Stephen Henson
feef17fd88
Update from HEAD.
2005-11-20 13:26:57 +00:00
Dr. Stephen Henson
abb0c2bba4
Update VC++ build engine to include supported engine DLL builds.
2005-11-06 17:49:00 +00:00
Richard Levitte
d3afc92bc9
Document it
2005-11-01 07:53:43 +00:00
Bodo Möller
20f7053254
harmonize with 0.9.7-stable CHANGES
2005-10-26 19:26:15 +00:00
Mark J. Cox
802c014656
One time CAN->CVE change
2005-10-19 10:51:36 +00:00
Richard Levitte
860841794d
Add in CHANGES for 0.9.7i.
2005-10-15 04:27:05 +00:00
Mark J. Cox
d8b408b1de
Bump after tag
2005-10-11 10:21:22 +00:00
Mark J. Cox
64932f9e4a
Add fixes for CAN-2005-2969
...
Bump release ready for OpenSSL_0_9_8a tag
2005-10-11 10:16:21 +00:00
Dr. Stephen Henson
0fce007b8e
Add two extra verify flags functions.
2005-09-02 22:48:21 +00:00
Nils Larsch
3c0e39c539
Keep cipher lists sorted in the source instead of sorting them at
...
runtime, thus removing the need for a lock. Add a test to ssltest
to verify that the cipher lists are sorted.
2005-08-25 07:43:04 +00:00
Bodo Möller
19fddebf0e
recent DH change does not avoid *all* possible small-subgroup attacks;
...
let's be clear about that
2005-08-23 06:55:45 +00:00
Ben Laurie
6086422193
Missed stuff.
2005-08-20 21:30:33 +00:00
Ben Laurie
9ddb11f11c
Avoid weak subgroups in Diffie Hellman.
2005-08-20 18:35:53 +00:00
Andy Polyakov
98e986141b
Windows CE update from HEAD.
2005-08-07 22:29:58 +00:00
Dr. Stephen Henson
222f224664
Initialize SSL_METHOD structures at compile time. This removes the need
...
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
2005-08-05 23:52:08 +00:00
Dr. Stephen Henson
1682e8fb12
Allow PKCS7_decrypt() to work if no cert supplied.
2005-08-04 22:10:05 +00:00
Richard Levitte
750cb3d248
Now that 0.9.8 has been tagged, it's time to move on.
2005-07-05 19:11:56 +00:00
Richard Levitte
f254b540b8
Time to release OpenSSL 0.9.8.
...
The tag will be OpenSSL_0_9_8.
2005-07-05 18:49:43 +00:00
Richard Levitte
1d01c9d43d
Last additions to the release documentation.
2005-07-05 18:32:05 +00:00
Andy Polyakov
e32ea81876
Mention Win64 support in CHANGES and throw in building instructions.
2005-07-05 10:53:13 +00:00
Dr. Stephen Henson
09c1a425a9
Add utf8 options to ca utility.
...
PR:1109
2005-07-04 23:04:28 +00:00
Dr. Stephen Henson
ab95eac286
Typo.
2005-06-02 20:30:46 +00:00
Dr. Stephen Henson
1cd76233d1
Update CHANGES.
2005-06-02 20:09:43 +00:00
Geoff Thorpe
a4578a5413
Change the source and output paths for 'chil' and '4758cca' engines so that
...
dynamic loading is consistent with respect to engine ids.
2005-05-29 19:16:26 +00:00
Bodo Möller
e4106a4e24
make sure DSA signing exponentiations really are constant-time
2005-05-26 04:40:57 +00:00
Bodo Möller
91b17fbad4
Change wording for BN_mod_exp_mont_consttime() entry
2005-05-16 19:14:34 +00:00
Bodo Möller
46a643763d
Implement fixed-window exponentiation to mitigate hyper-threading
...
timing attacks.
BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2005-05-16 01:43:31 +00:00
Dr. Stephen Henson
b6995add5c
Make -CSP option work again in pkcs12 utility by checking for
...
attribute in EVP_PKEY structure.
2005-05-15 00:54:45 +00:00
Bodo Möller
c6c2e3135d
Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled
...
with the SSL_OP_NO_SSLv2 option.
2005-05-11 18:25:49 +00:00
Nils Larsch
8b15c74018
give EC_GROUP_new_by_nid a more meanigful name:
...
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
2005-05-10 11:37:47 +00:00
Bodo Möller
0f4499360e
give EC_GROUP_*_nid functions a more meaningful name
...
EC_GROUP_get_nid -> EC_GROUP_get_curve_name
EC_GROUP_set_nid -> EC_GROUP_set_curve_name
2005-05-09 00:05:17 +00:00
Dr. Stephen Henson
05338b58ce
Support for smime-type MIME parameter.
2005-05-01 12:46:57 +00:00
Dr. Stephen Henson
6ec8e63af6
Port BN_MONT_CTX_set_locked() from stable branch.
...
The function rsa_eay_mont_helper() has been removed because it is no longer
needed after this change.
2005-04-26 23:58:54 +00:00
Nils Larsch
800e400de5
some updates for the blinding code; summary:
...
- possibility of re-creation of the blinding parameters after a
fixed number of uses (suggested by Bodo)
- calculatition of the rsa::e in case it's absent and p and q
are present (see bug report #785 )
- improve the performance when if one rsa structure is shared by
more than a thread (see bug report #555 )
- fix the problem described in bug report #827
- hide the definition ot the BN_BLINDING structure in bn_blind.c
2005-04-26 22:31:48 +00:00
Ben Laurie
36d16f8ee0
Add DTLS support.
2005-04-26 16:02:40 +00:00
Bodo Möller
aa16a28631
first step to melt down ChangeLog.0_9_7-stable_not-in-head :-)
2005-04-25 21:06:05 +00:00
Nils Larsch
ff22e913a3
- use BN_set_negative and BN_is_negative instead of BN_set_sign
...
and BN_get_sign
- implement BN_set_negative as a function
- always use "#define BN_is_zero(a) ((a)->top == 0)"
2005-04-22 20:02:44 +00:00
Dr. Stephen Henson
bc3cae7e7d
Include error library value in C error source files instead of fixing up
...
at runtime.
2005-04-12 13:31:14 +00:00
Dr. Stephen Henson
0858b71b41
Make kerberos ciphersuite code work with newer header files
2005-04-09 23:55:55 +00:00
Richard Levitte
d9bfe4f97c
Added restrictions on the use of proxy certificates, as they may pose
...
a security threat on unexpecting applications. Document and test.
2005-04-09 16:07:12 +00:00
Nils Larsch
dc0ed30cfe
add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()
...
and SSL_use_PrivateKey_file()
PR: 1035
Submitted by: Walter Goulet
Reviewed by: Nils Larsch
2005-04-08 22:52:42 +00:00
Nils Larsch
6049399baf
get rid of very buggy and very imcomplete DH cert support
...
Reviewed by: Bodo Moeller
2005-04-07 23:19:17 +00:00
Nils Larsch
12bdb64375
use SHA-1 as the default digest for the apps/openssl commands
2005-04-02 09:29:15 +00:00
Ben Laurie
41a15c4f0f
Give everything prototypes (well, everything that's actually used).
2005-03-31 09:26:39 +00:00
Bodo Möller
b0ef321cc8
Harmonize with CHANGES as distributed in OpenSSL 0.9.7f.
2005-03-24 01:37:07 +00:00
Ulf Möller
7a8c728860
undo Cygwin change
2005-03-24 00:14:59 +00:00
Dr. Stephen Henson
59b6836ab2
Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server and
...
client random values.
2005-03-22 14:11:06 +00:00
Ulf Möller
130db968b8
Use Windows randomness code on Cygwin
2005-03-19 11:39:17 +00:00
Bodo Möller
ecc5ef8793
In addition to RC5, also exclude MDC2 from compilation unless
...
the algorithm is explicitly requested.
2005-03-02 20:11:31 +00:00
Bodo Möller
c9a112f540
Change ./Configure so that certain algorithms can be disabled by default.
...
This is now the case for RC5.
As a side effect, the OPTIONS in the Makefile will usually look a
little different now, but they are essentially only for information
anyway.
2005-02-22 10:29:51 +00:00
Lutz Jänicke
f69a8aebab
Fix hang in EGD/PRNGD query when communication socket is closed
...
prematurely by EGD/PRNGD.
PR: 1014
Submitted by: Darren Tucker <dtucker@zip.com.au>
2005-02-19 10:19:07 +00:00
Dr. Stephen Henson
e90faddaf8
Prompt for passphrases for PKCS12 input format
2004-12-29 01:07:14 +00:00
Richard Levitte
6951c23afd
Add functionality needed to process proxy certificates.
2004-12-28 00:21:35 +00:00
Dr. Stephen Henson
a0e7c8eede
Add lots of checks for memory allocation failure, error codes to indicate
...
failure and freeing up memory if a failure occurs.
PR:620
2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
5b40d7dd97
Add -passin argument to dgst command.
2004-12-03 12:26:56 +00:00
Dr. Stephen Henson
1862dae862
Perform partial comparison of different character types in X509_NAME_cmp().
2004-12-01 01:45:30 +00:00
Richard Levitte
5022e4ecdf
Document the change.
2004-11-29 11:57:00 +00:00
Andy Polyakov
ea681ba872
Summarize recent RC4 tune-ups.
2004-11-26 15:26:09 +00:00
Dr. Stephen Henson
401ee37a3e
Allow alternative manual sections to be embedded in .pod file comments.
2004-11-25 17:47:31 +00:00
Dr. Stephen Henson
826a42a088
PR: 910
...
Add command line options -certform, -keyform and -pass to s_client and
s_server. This supports the use of alternative passphrase sources, key formats
and keys handled by an ENGINE.
Update docs.
2004-11-16 17:30:59 +00:00