wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7579 commits 20 branches 302 tags 153 MiB
Commit graph

345 commits

Author SHA1 Message Date
Andy Polyakov
23b3b61921 Typo in x509_txt.c [from HEAD]. 2007-05-19 18:05:33 +00:00
Dr. Stephen Henson
aeb9ccfaad And so it begins... 2007-03-22 00:39:24 +00:00
Dr. Stephen Henson
d1049ad93e Fix Win32 warnings. 2007-02-18 17:23:20 +00:00
Richard Levitte
53707e2eec After objects have been freed, NULLify the pointers so there will be no double 
free of those objects
 2007-02-07 01:42:51 +00:00
Dr. Stephen Henson
4a0d3530e0 Update from HEAD. 2007-01-21 13:16:49 +00:00
Dr. Stephen Henson
9b945233b1 Update from HEAD. 2006-12-06 13:38:59 +00:00
Nils Larsch
66c4bb1a70 avoid duplicate entries in add_cert_dir() 
PR: 1407
Submitted by: Tomas Mraz <tmraz@redhat.com>
 2006-12-05 21:21:10 +00:00
Nils Larsch
3c786aa6c8 allocate a new attributes entry in X509_REQ_add_extensions() 
if it's NULL (in case of a malformed pkcs10 request)

PR: 1347
Submitted by: Remo Inverardi <invi@your.toilet.ch>
 2006-12-04 19:10:58 +00:00
Ben Laurie
4636341b05 Add RFC 3779 support, contributed by ARIN. 2006-11-27 13:36:55 +00:00
Dr. Stephen Henson
115fc340cb Rebuild error file C source files. 2006-11-21 20:14:46 +00:00
Dr. Stephen Henson
db0edc3273 Inherit check time if appropriate. 2006-05-03 13:16:02 +00:00
Nils Larsch
22d1087e16 backport recent changes from the cvs head 2006-02-08 19:16:33 +00:00
Dr. Stephen Henson
9f85fcefdc Update filenames in makefiles 2006-02-04 01:49:36 +00:00
Dr. Stephen Henson
0fce007b8e Add two extra verify flags functions. 2005-09-02 22:48:21 +00:00
Nils Larsch
3de6d65ea3 improved error checking and some fixes 
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
 2005-07-26 20:55:17 +00:00
Nils Larsch
4913b88f70 make 
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
	make all test
work again (+ make update)

PR: 1159
 2005-07-16 11:13:10 +00:00
Andy Polyakov
2e39604021 Fix bugs in bug-fix to x509/by_dir.c [from HEAD]. 
PR: 1131
 2005-07-03 13:15:53 +00:00
Richard Levitte
46e7a9797e Initialise dir to avoid a compiler warning. 2005-06-23 21:49:18 +00:00
Richard Levitte
40ba0257de Change dir_ctrl to check for the environment variable before using the default 
directory instead of the other way around.

PR: 1131
 2005-06-23 21:14:10 +00:00
Dr. Stephen Henson
ce2c19e357 Update from head. 2005-06-16 02:05:57 +00:00
Richard Levitte
8a41bcc934 Old typo... 
PR: 1097
 2005-06-05 21:55:09 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and 
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
 2005-05-16 16:55:47 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
b6995add5c Make -CSP option work again in pkcs12 utility by checking for 
attribute in EVP_PKEY structure.
 2005-05-15 00:54:45 +00:00
Bodo Möller
8afca8d9c6 Fix more error codes. 
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
 2005-05-11 03:45:39 +00:00
Dr. Stephen Henson
2c45bf2bc9 Rename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts. 
Remove more bogus shadow warnings.
 2005-04-20 21:48:06 +00:00
Dr. Stephen Henson
f68854b4c3 Various Win32 and other fixes for warnings and compilation errors. 
Fix Win32 build system to use 'Makefile' instead of 'Makefile.ssl'.
 2005-04-19 00:12:36 +00:00
Dr. Stephen Henson
29dc350813 Rebuild error codes. 2005-04-12 16:15:22 +00:00
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Dr. Stephen Henson
b392e52050 Move allow_proxy_certs declaration to start of function. 2005-04-10 23:41:09 +00:00
Richard Levitte
d9bfe4f97c Added restrictions on the use of proxy certificates, as they may pose 
a security threat on unexpecting applications.  Document and test.
 2005-04-09 16:07:12 +00:00
Ben Laurie
8bb826ee53 Consistency. 2005-03-31 13:57:54 +00:00
Ben Laurie
41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Ben Laurie
0821bcd4de Constification. 2005-03-30 10:26:02 +00:00
Richard Levitte
a7201e9a1b Changes concering RFC 3820 (proxy certificates) integration: 
- Enforce that there should be no policy settings when the language
   is one of id-ppl-independent or id-ppl-inheritAll.
 - Add functionality to ssltest.c so that it can process proxy rights
   and check that they are set correctly.  Rights consist of ASCII
   letters, and the condition is a boolean expression that includes
   letters, parenthesis, &, | and ^.
 - Change the proxy certificate configurations so they get proxy
   rights that are understood by ssltest.c.
 - Add a script that tests proxy certificates with SSL operations.

Other changes:

 - Change the copyright end year in mkerr.pl.
 - make update.
 2005-01-17 17:06:58 +00:00
Richard Levitte
6951c23afd Add functionality needed to process proxy certificates. 2004-12-28 00:21:35 +00:00
Dr. Stephen Henson
c162b132eb Automatically mark the CRL cached encoding as invalid when some operations 
are performed.
 2004-12-09 13:35:06 +00:00
Dr. Stephen Henson
a0e7c8eede Add lots of checks for memory allocation failure, error codes to indicate 
failure and freeing up memory if a failure occurs.

PR:620
 2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
3e66ee9f01 In by_file.c check last error for no start line, not first error. 2004-12-04 21:25:51 +00:00
Dr. Stephen Henson
1862dae862 Perform partial comparison of different character types in X509_NAME_cmp(). 2004-12-01 01:45:30 +00:00
Richard Levitte
30b415b076 Make an explicit check during certificate validation to see that the 
CA setting in each certificate on the chain is correct.  As a side-
effect always do the following basic checks on extensions, not just
when there's an associated purpose to the check:
- if there is an unhandled critical extension (unless the user has
  chosen to ignore this fault)
- if the path length has been exceeded (if one is set at all)
- that certain extensions fit the associated purpose (if one has been
  given)
 2004-11-29 11:28:08 +00:00
Richard Levitte
a2ac429da2 Don't use $(EXHEADER) directly in for loops, as most shells will break 
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
 2004-11-02 23:55:01 +00:00
Dr. Stephen Henson
2f605e8d24 Fix race condition when CRL checking is enabled. 2004-10-04 16:30:12 +00:00
Dr. Stephen Henson
175ac6811a Don't use C++ reserved work "explicit". 2004-10-01 11:21:53 +00:00
Geoff Thorpe
6ef2ff62fc Make -Werror happy again. 2004-09-18 01:32:32 +00:00
Dr. Stephen Henson
58606421ae When looking for request extensions in a certificate look first 
for the PKCS#9 OID then the non standard MS OID.
 2004-09-10 20:20:54 +00:00
Richard Levitte
d813ff2ac1 make update 2004-09-10 10:30:33 +00:00
Dr. Stephen Henson
5d7c222db8 New X509_VERIFY_PARAM structure and associated functionality. 
This tidies up verify parameters and adds support for integrated policy
checking.

Add support for policy related command line options. Currently only in smime
application.

WARNING: experimental code subject to change.
 2004-09-06 18:43:01 +00:00
Dr. Stephen Henson
eda52e175a Delete obsolete and unimplemented function. 2004-05-19 17:05:02 +00:00