wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3194 commits 20 branches 302 tags 153 MiB
Commit graph

3194 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bodo Möller
31a74acfd3 Another comment change. (Previous comment does not apply 
for range = 11000000... or range = 100000...)
 2001-02-08 12:33:55 +00:00
Bodo Möller
d82242169b Change comments. (The expected number of iterations in BN_rand_range 
never exceeds 1.333...).
 2001-02-08 12:27:00 +00:00
Bodo Möller
a0707e6170 oops -- remove observation code 2001-02-08 12:25:03 +00:00
Bodo Möller
07fc72fea1 Integrate my implementation of a countermeasure against 
Bleichenbacher's DSA attack.  With this implementation, the expected
number of iterations never exceeds 2.

New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
     min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
     min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
 2001-02-08 12:20:25 +00:00
Lutz Jänicke
813c7c415b Update documentation to match the state of OpenSSL 0.9.6. 2001-02-08 10:36:37 +00:00
Ulf Möller
38b3a46ffa DSA fix from main branch. 2001-02-07 22:35:11 +00:00
Ulf Möller
60b3b2c9d0 EBCDIC bug fix from main branch. 2001-02-07 22:13:10 +00:00
Bodo Möller
c7410f2693 Avoid coredumps for CONF_get_...(NULL, ...) 2001-02-06 10:14:57 +00:00
Bodo Möller
43a5e1409e don't dump core 2001-02-06 09:47:25 +00:00
Richard Levitte
cd4fad5488 Merge in memory leak correction from main trunk. 2001-02-05 13:33:28 +00:00
Richard Levitte
28b1bceb2f 0.9.6a will not be release in Y2K. :-) 2001-02-05 13:32:33 +00:00
Lutz Jänicke
d4d76b9e83 Documenting session caching, 2nd step. 2001-02-04 18:10:54 +00:00
cvs2svn
e1fee47759 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-02-04 18:05:28 +00:00
Lutz Jänicke
0bc6597d4d Documenting session caching, 2nd step. 2001-02-04 18:05:27 +00:00
Dr. Stephen Henson
2b916952a8 Fix ASN1_TIME_to_generlizedtime(). 
Add protoype for OCSP_response_create().

Add OCSP_request_sign() and OCSP_basic_sign()
private key and certificate checks and make
OCSP_NOCERTS consistent with PKCS7_NOCERTS
 2001-02-04 03:04:43 +00:00
Dr. Stephen Henson
02e4fbed3d Various OCSP responder utility functions. 
Delete obsolete OCSP functions.

Largely untested at present...
 2001-02-03 19:20:45 +00:00
Lutz Jänicke
88e9984da5 Clarify why SSL_CTX_use_certificate_chain_file() should be preferred. 2001-02-03 15:15:44 +00:00
Lutz Jänicke
7403c34b0b Clarify why SSL_CTX_use_certificate_chain_file() should be preferred. 2001-02-03 15:15:00 +00:00
Lutz Jänicke
dac1169e82 Typo: on my screen it nicely wrapped around at 80 :-) 2001-02-03 11:02:35 +00:00
Lutz Jänicke
9022f2403b Typo: on my screen it nicely wrapped around at 80 :-) 2001-02-03 11:02:02 +00:00
Lutz Jänicke
53ab745f7a If the source has already been succesfully queried, do not try to open it 
again as file.
 2001-02-03 10:59:16 +00:00
Lutz Jänicke
08f3f07212 If the source has already been succesfully queried, do not try to open it 
again as file.
 2001-02-03 10:59:13 +00:00
Lutz Jänicke
2bbe747045 Backport... 2001-02-02 14:44:02 +00:00
cvs2svn
55cd47ffb4 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-02-02 14:40:53 +00:00
Lutz Jänicke
8cbceba610 Document session caching, first step. 2001-02-02 14:40:52 +00:00
Dr. Stephen Henson
88ce56f8c1 Various function for commmon operations. 2001-02-02 00:45:54 +00:00
Dr. Stephen Henson
664d83bb23 Tidy up the mess in bss_sock.c and bss_fd.c 
by placing them socket/fd code in separate
files rather than trying to have them both
share the same one.
 2001-02-02 00:31:45 +00:00
Dr. Stephen Henson
2e1d669cba Tolerate some "variations" used in some 
certificates.

One is a valid CA which has no basicConstraints
but does have certSign keyUsage.

Other is S/MIME signer with nonRepudiation but
no digitalSignature.
 2001-02-01 02:03:58 +00:00
Dr. Stephen Henson
8cff6331c9 Tolerate some "variations" used in some 
certificates.

One is a valid CA which has no basicConstraints
but does have certSign keyUsage.

Other is S/MIME signer with nonRepudiation but
no digitalSignature.
 2001-02-01 01:57:32 +00:00
Lutz Jänicke
819d5cef08 Backport extended documentation. 2001-01-31 14:18:43 +00:00
cvs2svn
e9cba65a99 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-01-31 14:14:21 +00:00
Lutz Jänicke
cd6aa710b5 New manual page for a hardly known but important item :-) 2001-01-31 14:14:20 +00:00
Richard Levitte
3b1f393ae7 Transport from development branch. 2001-01-30 13:54:44 +00:00
Richard Levitte
903872d65e Document the change. 2001-01-30 13:47:59 +00:00
Richard Levitte
16a44ae7e9 Increase consistency of header data (some mail readers really do not 
like spaces before the semicolon, and besides, other parts of this
file makes the values without those spaces), and move spacing of
continuation lines to support BIO's that break lines after each
write.
 2001-01-30 13:38:59 +00:00
Bodo Möller
739423fceb Remove serial number file during 'make clean'. 2001-01-29 11:41:12 +00:00
Lutz Jänicke
61433519af Backported manual pages from 0.9.7. 2001-01-28 18:35:10 +00:00
Lutz Jänicke
c032563a0a Backport documentation added for 0.9.7. 2001-01-28 18:31:35 +00:00
Dr. Stephen Henson
943f8a46a4 For CRLs. 
Shouldn't use the "encode empty" macros with the
revoked field since that is initialised.

Extensions should now be set to NULL so they
encode as absent if none are added.
 2001-01-28 14:48:13 +00:00
Bodo Möller
78f3a2aad7 Comment and indentation 2001-01-28 14:38:11 +00:00
Dr. Stephen Henson
b847024026 Make sk_sort tolearate a NULL argument. 2001-01-28 14:20:13 +00:00
Dr. Stephen Henson
7a60df7dd3 New ASN1 macros which will encode an empty SEQUENCE OF. 
Fix CRL encoders to encode empty SEQUENCE OF.

The old code was breaking CRL signatures.

Note: it is best to add new macros because changing the
old ones could break other code which expects that behaviour.
None of this is needed with the new ASN1 code anyway...
 2001-01-28 14:18:20 +00:00
Dr. Stephen Henson
50d5199120 New OCSP response verify option OCSP_TRUSTOTHER 2001-01-26 01:55:52 +00:00
Richard Levitte
9020b86250 Documentation language corrections, contributed by Chris Pepper <pepper@mail.reppep.com> 2001-01-25 14:46:00 +00:00
Dr. Stephen Henson
de0b3ab7fb Zero the premaster secret after deriving the master secret in DH 
ciphersuites.
 2001-01-25 13:20:39 +00:00
Dr. Stephen Henson
a342cc5a70 Zero the premaster secret after deriving the master secret in DH 
ciphersuites.
 2001-01-25 13:15:01 +00:00
cvs2svn
2b8d087ba1 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-01-25 02:26:59 +00:00
Geoff Thorpe
67c3cf0675 Insert a missing space to stop pod2man giving stroppy "malformed" warnings. 2001-01-25 02:26:58 +00:00
Bodo Möller
9a875a3574 update 2001-01-24 22:39:29 +00:00
Dr. Stephen Henson
a43cf9fae9 Add debugging info to new ASN1 code to trace memory leaks. 
Fix PKCS7 and PKCS12 memory leaks.

Initialise encapsulated content type properly.
 2001-01-24 18:39:54 +00:00