Commit graph

23302 commits

Author SHA1 Message Date
Ben Laurie
9587030eb9 Update dependencies. 1999-04-18 11:10:22 +00:00
Dr. Stephen Henson
c83e523d7f Allow asn1parse to print out VISIBLESTRING and some code needed for certificate
policies extension.
1999-04-17 23:55:39 +00:00
Ben Laurie
e778802f53 Massive constification. 1999-04-17 21:25:43 +00:00
Dr. Stephen Henson
d77b3054cd Add support for VISIBLESTRING and UTF8String 1999-04-17 15:53:32 +00:00
Ben Laurie
cfdcfede9c Another STACK bites the dust. 1999-04-17 10:28:46 +00:00
Dr. Stephen Henson
1d48dd0019 Add initial support for r2i RAW extensions which can access the config database
add various X509V3_CTX helper functions and support for LHASH as the config
database.
1999-04-16 23:57:04 +00:00
Ben Laurie
c5db363e1b Fix some warnings. Contributed by Anonymous. 1999-04-16 18:13:27 +00:00
Ulf Möller
ddb25f88c2 Another bug. 1999-04-16 11:32:33 +00:00
Ulf Möller
2fef6785c6 Write random seed file in binary mode.
Submitted by: Richard Levitte <levitte@stacken.kth.se>
1999-04-16 11:16:00 +00:00
Dr. Stephen Henson
953937bdc6 Fix a horrible BN bug in bn_expand2 which caused BN_add_word() et al to fail
when they cause the destination to expand.

To see how evil this is try this:

#include <pem.h>
main()
{
	BIGNUM *bn = NULL;
        int i;
	bn = BN_new();
	BN_hex2bn(&bn, "FFFFFFFF");
	BN_add_word(bn, 1);
	printf("Value %s\n", BN_bn2hex(bn));
}

This would typically fail before the patch.

It also screws up if you comment out the BN_hex2bn line above or in any
situation where BN_add_word() causes the number of BN_ULONGs in the result
to change (try doubling the number of FFs).
1999-04-15 23:07:00 +00:00
Ben Laurie
abed0b8a1f Add new experimental ciphersuites. Bring naming into line with RFC. 1999-04-15 18:52:13 +00:00
Ben Laurie
28db340142 Just use an ANSI declaration, instead. 1999-04-15 10:10:21 +00:00
Bodo Möller
c1cf1eecdb /* Just some comments. */
Submitted by:
Reviewed by:
PR:
1999-04-14 23:47:41 +00:00
Dr. Stephen Henson
28a98809d1 Add some utilities to support SXNet extension also add support in DEF files
generator to typesafe stacks.
1999-04-14 23:44:41 +00:00
Bodo Möller
d91f8c3ce8 Cleaning up Ben's clean-ups :-)
Submitted by:
Reviewed by:
PR:
1999-04-14 23:10:11 +00:00
Bodo Möller
9e7bd9b5fe Make Windows compilers happy.
Submitted by:Tom Titchener
Reviewed by:
PR:
1999-04-14 21:43:02 +00:00
Bodo Möller
f0f1b4e400 Some tiny fixes.
Submitted by:
Reviewed by:
PR:

Submitted by:
Reviewed by:
PR:
1999-04-14 20:17:23 +00:00
Ben Laurie
8f7de4f04c Typo. 1999-04-14 11:13:47 +00:00
Ralf S. Engelschall
52a48254c7 Start with some plans... 1999-04-14 09:32:51 +00:00
Dr. Stephen Henson
0490a86d01 Delete all the old X509V3 pack and unpack stuff and various structures and
files associated with them. This stuff is all obsoleted by the new X509V3 code.
1999-04-13 23:56:39 +00:00
Ralf S. Engelschall
baf748ba09 SSL_ALLOW_ENULL was renamed to SSL_FORBID_ENULL some time ago by Ben. 1999-04-13 11:01:44 +00:00
Bodo Möller
dd5ae70333 Submitted by:
Reviewed by:
PR:
1999-04-13 02:32:38 +00:00
Ulf Möller
5fbe91d86b New Configure option "rsaref". 1999-04-13 00:58:49 +00:00
Bodo Möller
5fd4e2b16b Don#t auto-generate crypto/pem/pem.h -- a fixed file is fine for it.
Submitted by:
Reviewed by:
PR:
1999-04-12 19:58:17 +00:00
Ben Laurie
f73e07cf42 Add type-safe STACKs and SETs. 1999-04-12 17:23:57 +00:00
Ben Laurie
a36a1a5146 gcc claims this is a shadow, though I can't find what it is shadowing... 1999-04-12 17:17:39 +00:00
Ralf S. Engelschall
f9a2593163 Add `openssl ca -revoke <certfile>' facility which revokes a certificate
specified in <certfile> by updating the entry in the index.txt file.
This way one no longer has to edit the index.txt file manually for
revoking a certificate. The -revoke option does the gory details now.

Submitted by: Massimiliano Pala <madwolf@openca.org>
Cleaned up and integrated by: Ralf S. Engelschall
1999-04-12 11:45:14 +00:00
Ralf S. Engelschall
2f0cd19533 Fix openssl crl -noout -text' combination where -noout' killed the `-text'
option at all and this way the `-noout -text' combination was inconsistent in
`openssl crl' with the friends in `openssl x509|rsa|dsa'.
1999-04-12 10:36:16 +00:00
Ralf S. Engelschall
268c2102e3 Make sure a corresponding plain text error message exists for the
X509_V_ERR_CERT_REVOKED/23 error number which can occur when a
verify callback function determined that a certificate was revoked.
1999-04-12 09:59:05 +00:00
Bodo Möller
4211a99ba0 Obsoleted by new openssl command "list-cipher-commands".
Submitted by:
Reviewed by:
PR:
1999-04-11 02:52:44 +00:00
Bodo Möller
fc8ee06b4d Submitted by:
Reviewed by:
PR:
1999-04-11 02:49:35 +00:00
Ralf S. Engelschall
7c7c88515f Fix a few typos and tabs while I'm poking around in ca.c... 1999-04-10 13:15:38 +00:00
Ben Laurie
c0035435a9 Rid the world of yet more evil casts. 1999-04-10 12:09:17 +00:00
Ben Laurie
3bb307c10c Adjust renegotiation slightly. 1999-04-10 12:08:46 +00:00
Ralf S. Engelschall
94c95d04c6 Fix a typo in the X.509v3 docs: cRLSign instead of cRLCertSign is correct
according to the sources.... found by Steffen Dettmer <steffen@tfh-berlin.de>.
1999-04-10 11:33:28 +00:00
Ben Laurie
5a88a6eabf Rid the world of more evil casts. 1999-04-10 10:36:19 +00:00
Ben Laurie
215c24fc8e Install signal handler if we are using sigaction. 1999-04-10 10:21:44 +00:00
Bodo Möller
c7ac31e26e Bugfix: s_client occasionally would sleep in select() when it should
have checked SSL_pending() first.
Submitted by:
Reviewed by:
PR:
1999-04-09 20:54:25 +00:00
Ulf Möller
9d892e2855 recent changes. 1999-04-09 17:04:32 +00:00
Ulf Möller
28847dd153 Test PKCS#1 v1.5 padding as well. 1999-04-09 16:26:37 +00:00
Ulf Möller
a5a47e4afb Use Perl 5 even if Perl 4 comes first in the search path. 1999-04-09 16:25:25 +00:00
Ulf Möller
a8da89186c Separate DSA functionality from ASN.1 encoding.
New functions DSA_do_sign and DSA_do_verify to provide access to
the raw DSA values.
1999-04-09 16:24:32 +00:00
Bodo Möller
dae08db4a0 Preprocessor file to allow testenc to test only those ciphers
that are available.
Submitted by:
Reviewed by:
PR:
1999-04-09 10:44:50 +00:00
Bodo Möller
adbfb08354 Tiny comment to improve code comprehensibility.
Submitted by:
Reviewed by:
PR:
1999-04-09 07:12:17 +00:00
Dr. Stephen Henson
d2e26dccd1 Add PKCS#5 v2.0 ASN1 structures. 1999-04-08 23:55:42 +00:00
Ulf Möller
acafc0b4ae Bugs. 1999-04-08 20:45:53 +00:00
Bodo Möller
3f90e6793f New "open issue" (ERR_...).
Submitted by:
Reviewed by:
PR:
1999-04-08 20:29:19 +00:00
Ulf Möller
44a25707fd Avoid error message about missing gcc.
Submitted by: Niels Poppe <niels@netbox.org>
1999-04-08 19:51:16 +00:00
Bodo Möller
fa3da3cf09 Be more optimistic about the availability of termios for ~ECHO,
because sgtty emulation tends to fail on various systems.
Submitted by:
Reviewed by:
PR:
1999-04-08 17:10:27 +00:00
Ulf Möller
bacad008eb Bad dependencies. 1999-04-08 15:19:36 +00:00