Ben Laurie
a17f351b56
Fix display of all 0 IPv6 address (from Rob Austein).
2009-03-08 10:48:03 +00:00
Dr. Stephen Henson
72f6453c48
PR: 1835
...
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org
Fix various typos.
2009-02-14 21:50:14 +00:00
Dr. Stephen Henson
fe43caa4a4
Fix from HEAD.
2008-12-08 19:13:57 +00:00
Dr. Stephen Henson
792e614144
Fix from HEAD.
2008-12-07 23:59:13 +00:00
Dr. Stephen Henson
cef3e62d2b
Don't clobber passed GENERAL_NAME on error.
2008-11-30 16:07:11 +00:00
Dr. Stephen Henson
55eff40084
Stop warnings.
2008-11-15 17:46:41 +00:00
Dr. Stephen Henson
3795297af8
Change old obsolete email address...
2008-11-05 18:36:57 +00:00
Ben Laurie
cdffc716c9
Set the comparison function in v3_addr_canonize().
2008-10-14 19:21:30 +00:00
Dr. Stephen Henson
e852835da6
Make update: delete duplicate error code.
2008-09-17 17:11:09 +00:00
Dr. Stephen Henson
d83dde6180
Merge changes to build system from fips branch.
2008-09-16 21:44:57 +00:00
Dr. Stephen Henson
bd72b8eca6
Stop warnings about value not used.
2008-09-14 15:46:36 +00:00
Dr. Stephen Henson
fd43ae3fe4
Fix flag clash... only used internally when policy checking is
...
enabled.
2008-08-31 11:15:35 +00:00
Dr. Stephen Henson
a750273546
Fix from HEAD.
2008-08-02 11:17:04 +00:00
Dr. Stephen Henson
4231b356aa
Fix from HEAD.
2008-07-30 15:42:19 +00:00
Dr. Stephen Henson
3562202306
Fix from HEAD.
2008-07-13 22:38:52 +00:00
Dr. Stephen Henson
2bf4b96aef
Update from HEAD.
2008-07-13 15:56:01 +00:00
Dr. Stephen Henson
811e08a2c5
Update from HEAD.
2008-07-13 14:33:16 +00:00
Dr. Stephen Henson
a523276786
Backport certificate status request TLS extension support to 0.9.8.
2007-10-12 00:00:36 +00:00
Dr. Stephen Henson
927a28ba3b
gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL.
...
Fix various "computed value not used" warnings too.
2007-09-06 12:43:54 +00:00
Dr. Stephen Henson
3380c52f15
Stop memory leak.
2007-03-05 00:06:47 +00:00
Dr. Stephen Henson
e31c620686
Update from fips2 branch.
2007-02-03 17:32:14 +00:00
Dr. Stephen Henson
4a0d3530e0
Update from HEAD.
2007-01-21 13:16:49 +00:00
Richard Levitte
e25eb309ec
From HEAD
2006-12-26 21:23:38 +00:00
Dr. Stephen Henson
9b945233b1
Update from HEAD.
2006-12-06 13:38:59 +00:00
Dr. Stephen Henson
34a8c7ec87
Win32 fixes.
...
Use OPENSSL_NO_RFC3779 instead of OPENSSL_RFC3779: this makes the Win32 scripts
work and is consistent with other options.
Fix Win32 scripts and Configure to process OPENSSL_NO_RFC3779 properly.
Update ordinals.
Change some prototypes for LSB because VC++ 6 doesn't like the */ sequence and thinks it is an invalid end of comment.
2006-11-30 13:04:43 +00:00
Ben Laurie
4636341b05
Add RFC 3779 support, contributed by ARIN.
2006-11-27 13:36:55 +00:00
Dr. Stephen Henson
115fc340cb
Rebuild error file C source files.
2006-11-21 20:14:46 +00:00
Dr. Stephen Henson
20d6182f33
Typo.
2006-10-05 21:59:09 +00:00
Nils Larsch
22d1087e16
backport recent changes from the cvs head
2006-02-08 19:16:33 +00:00
Dr. Stephen Henson
9f85fcefdc
Update filenames in makefiles
2006-02-04 01:49:36 +00:00
Bodo Möller
c55d882fab
Avoid contradictive error code assignments.
...
"make error".
2006-01-08 21:52:46 +00:00
Nils Larsch
62b6cd007f
fix potential memory leak + improved error checking
...
PR: 1182
2005-08-05 09:41:24 +00:00
Nils Larsch
3de6d65ea3
improved error checking and some fixes
...
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
2005-07-26 20:55:17 +00:00
Dr. Stephen Henson
b18165301d
Update from head.
2005-07-25 18:40:09 +00:00
Dr. Stephen Henson
c4b13b0268
Reorder extensions to account for synced OID table.
2005-06-22 17:28:55 +00:00
Dr. Stephen Henson
1f93c96e63
Fix extension ordering.
2005-06-22 13:25:38 +00:00
Andy Polyakov
ce92b6eb9c
Further BUILDENV refinement, further fool-proofing of Makefiles and
...
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342 .
2005-05-16 16:55:47 +00:00
Andy Polyakov
81a86fcf17
Fool-proofing Makefiles
2005-05-15 22:23:26 +00:00
Bodo Möller
8afca8d9c6
Fix more error codes.
...
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
2005-05-11 03:45:39 +00:00
Dr. Stephen Henson
29dc350813
Rebuild error codes.
2005-04-12 16:15:22 +00:00
Richard Levitte
4bb61becbb
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
Richard Levitte
d9bfe4f97c
Added restrictions on the use of proxy certificates, as they may pose
...
a security threat on unexpecting applications. Document and test.
2005-04-09 16:07:12 +00:00
Ben Laurie
42ba5d2329
Blow away Makefile.ssl.
2005-03-30 13:05:57 +00:00
Richard Levitte
a7201e9a1b
Changes concering RFC 3820 (proxy certificates) integration:
...
- Enforce that there should be no policy settings when the language
is one of id-ppl-independent or id-ppl-inheritAll.
- Add functionality to ssltest.c so that it can process proxy rights
and check that they are set correctly. Rights consist of ASCII
letters, and the condition is a boolean expression that includes
letters, parenthesis, &, | and ^.
- Change the proxy certificate configurations so they get proxy
rights that are understood by ssltest.c.
- Add a script that tests proxy certificates with SSL operations.
Other changes:
- Change the copyright end year in mkerr.pl.
- make update.
2005-01-17 17:06:58 +00:00
Richard Levitte
6951c23afd
Add functionality needed to process proxy certificates.
2004-12-28 00:21:35 +00:00
Dr. Stephen Henson
a0e7c8eede
Add lots of checks for memory allocation failure, error codes to indicate
...
failure and freeing up memory if a failure occurs.
PR:620
2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
8f284faaec
V1 certificates that aren't self signed can't be accepted as CAs.
2004-12-03 00:10:34 +00:00
Richard Levitte
5073ff0346
Split X509_check_ca() into a small self and an internal function
...
check_ca(), to resolve constness issue. check_ca() is called from the
purpose checkers instead of X509_check_ca(), since the stuff done by
the latter (except for calling check_ca()) is also done by
X509_check_purpose().
2004-11-30 12:18:55 +00:00
Richard Levitte
30b415b076
Make an explicit check during certificate validation to see that the
...
CA setting in each certificate on the chain is correct. As a side-
effect always do the following basic checks on extensions, not just
when there's an associated purpose to the check:
- if there is an unhandled critical extension (unless the user has
chosen to ignore this fault)
- if the path length has been exceeded (if one is set at all)
- that certain extensions fit the associated purpose (if one has been
given)
2004-11-29 11:28:08 +00:00
Richard Levitte
a2ac429da2
Don't use $(EXHEADER) directly in for loops, as most shells will break
...
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00