wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7789 commits 20 branches 302 tags 153 MiB
Commit graph

289 commits

Author SHA1 Message Date
Ben Laurie
cdffc716c9 Set the comparison function in v3_addr_canonize(). 2008-10-14 19:21:30 +00:00
Dr. Stephen Henson
e852835da6 Make update: delete duplicate error code. 2008-09-17 17:11:09 +00:00
Dr. Stephen Henson
d83dde6180 Merge changes to build system from fips branch. 2008-09-16 21:44:57 +00:00
Dr. Stephen Henson
bd72b8eca6 Stop warnings about value not used. 2008-09-14 15:46:36 +00:00
Dr. Stephen Henson
fd43ae3fe4 Fix flag clash... only used internally when policy checking is 
enabled.
 2008-08-31 11:15:35 +00:00
Dr. Stephen Henson
a750273546 Fix from HEAD. 2008-08-02 11:17:04 +00:00
Dr. Stephen Henson
4231b356aa Fix from HEAD. 2008-07-30 15:42:19 +00:00
Dr. Stephen Henson
3562202306 Fix from HEAD. 2008-07-13 22:38:52 +00:00
Dr. Stephen Henson
2bf4b96aef Update from HEAD. 2008-07-13 15:56:01 +00:00
Dr. Stephen Henson
811e08a2c5 Update from HEAD. 2008-07-13 14:33:16 +00:00
Dr. Stephen Henson
a523276786 Backport certificate status request TLS extension support to 0.9.8. 2007-10-12 00:00:36 +00:00
Dr. Stephen Henson
927a28ba3b gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL. 
Fix various "computed value not used" warnings too.
 2007-09-06 12:43:54 +00:00
Dr. Stephen Henson
3380c52f15 Stop memory leak. 2007-03-05 00:06:47 +00:00
Dr. Stephen Henson
e31c620686 Update from fips2 branch. 2007-02-03 17:32:14 +00:00
Dr. Stephen Henson
4a0d3530e0 Update from HEAD. 2007-01-21 13:16:49 +00:00
Richard Levitte
e25eb309ec From HEAD 2006-12-26 21:23:38 +00:00
Dr. Stephen Henson
9b945233b1 Update from HEAD. 2006-12-06 13:38:59 +00:00
Dr. Stephen Henson
34a8c7ec87 Win32 fixes. 
Use OPENSSL_NO_RFC3779 instead of OPENSSL_RFC3779: this makes the Win32 scripts
work and is consistent with other options.

Fix Win32 scripts and Configure to process OPENSSL_NO_RFC3779 properly.

Update ordinals.

Change some prototypes for LSB because VC++ 6 doesn't like the */ sequence and thinks it is an invalid end of comment.
 2006-11-30 13:04:43 +00:00
Ben Laurie
4636341b05 Add RFC 3779 support, contributed by ARIN. 2006-11-27 13:36:55 +00:00
Dr. Stephen Henson
115fc340cb Rebuild error file C source files. 2006-11-21 20:14:46 +00:00
Dr. Stephen Henson
20d6182f33 Typo. 2006-10-05 21:59:09 +00:00
Nils Larsch
22d1087e16 backport recent changes from the cvs head 2006-02-08 19:16:33 +00:00
Dr. Stephen Henson
9f85fcefdc Update filenames in makefiles 2006-02-04 01:49:36 +00:00
Bodo Möller
c55d882fab Avoid contradictive error code assignments. 
"make error".
 2006-01-08 21:52:46 +00:00
Nils Larsch
62b6cd007f fix potential memory leak + improved error checking 
PR: 1182
 2005-08-05 09:41:24 +00:00
Nils Larsch
3de6d65ea3 improved error checking and some fixes 
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
 2005-07-26 20:55:17 +00:00
Dr. Stephen Henson
b18165301d Update from head. 2005-07-25 18:40:09 +00:00
Dr. Stephen Henson
c4b13b0268 Reorder extensions to account for synced OID table. 2005-06-22 17:28:55 +00:00
Dr. Stephen Henson
1f93c96e63 Fix extension ordering. 2005-06-22 13:25:38 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and 
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
 2005-05-16 16:55:47 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Bodo Möller
8afca8d9c6 Fix more error codes. 
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
 2005-05-11 03:45:39 +00:00
Dr. Stephen Henson
29dc350813 Rebuild error codes. 2005-04-12 16:15:22 +00:00
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Richard Levitte
d9bfe4f97c Added restrictions on the use of proxy certificates, as they may pose 
a security threat on unexpecting applications.  Document and test.
 2005-04-09 16:07:12 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Richard Levitte
a7201e9a1b Changes concering RFC 3820 (proxy certificates) integration: 
- Enforce that there should be no policy settings when the language
   is one of id-ppl-independent or id-ppl-inheritAll.
 - Add functionality to ssltest.c so that it can process proxy rights
   and check that they are set correctly.  Rights consist of ASCII
   letters, and the condition is a boolean expression that includes
   letters, parenthesis, &, | and ^.
 - Change the proxy certificate configurations so they get proxy
   rights that are understood by ssltest.c.
 - Add a script that tests proxy certificates with SSL operations.

Other changes:

 - Change the copyright end year in mkerr.pl.
 - make update.
 2005-01-17 17:06:58 +00:00
Richard Levitte
6951c23afd Add functionality needed to process proxy certificates. 2004-12-28 00:21:35 +00:00
Dr. Stephen Henson
a0e7c8eede Add lots of checks for memory allocation failure, error codes to indicate 
failure and freeing up memory if a failure occurs.

PR:620
 2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
8f284faaec V1 certificates that aren't self signed can't be accepted as CAs. 2004-12-03 00:10:34 +00:00
Richard Levitte
5073ff0346 Split X509_check_ca() into a small self and an internal function 
check_ca(), to resolve constness issue.  check_ca() is called from the
purpose checkers instead of X509_check_ca(), since the stuff done by
the latter (except for calling check_ca()) is also done by
X509_check_purpose().
 2004-11-30 12:18:55 +00:00
Richard Levitte
30b415b076 Make an explicit check during certificate validation to see that the 
CA setting in each certificate on the chain is correct.  As a side-
effect always do the following basic checks on extensions, not just
when there's an associated purpose to the check:
- if there is an unhandled critical extension (unless the user has
  chosen to ignore this fault)
- if the path length has been exceeded (if one is set at all)
- that certain extensions fit the associated purpose (if one has been
  given)
 2004-11-29 11:28:08 +00:00
Richard Levitte
a2ac429da2 Don't use $(EXHEADER) directly in for loops, as most shells will break 
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
 2004-11-02 23:55:01 +00:00
Dr. Stephen Henson
637ff35ef6 Delta CRL support in extension code. 2004-07-06 17:16:40 +00:00
Dr. Stephen Henson
eea674567c Delete non-POSIX header file. 2004-07-04 16:48:27 +00:00
Geoff Thorpe
9c52d2cc75 After the latest round of header-hacking, regenerate the dependencies in 
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
 2004-05-17 19:26:06 +00:00
Geoff Thorpe
0f814687b9 Deprecate the recursive includes of bn.h from various API headers (asn1.h, 
dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are
already declared in ossl_typ.h. Add explicit includes for bn.h in those C
files that need access to structure internals or API functions+macros.
 2004-05-17 19:14:22 +00:00
Geoff Thorpe
c57bc2dc51 make update 2004-04-19 18:33:41 +00:00
Dr. Stephen Henson
b6a5fdb8a7 Don't use C++ reserved word. 2004-04-01 22:23:46 +00:00
Dr. Stephen Henson
ecf139917d New function X509_POLICY_NODE_print() 2004-03-31 12:17:24 +00:00