openssl

Author	SHA1	Message	Date
Dr. Stephen Henson	3533ab1fee	Replace the broken SPKAC certification with the correct version.	2009-12-02 14:41:51 +00:00
Dr. Stephen Henson	0e039aa797	Fix warnings about ignoring fgets return value	2009-10-04 16:42:56 +00:00
Dr. Stephen Henson	17b5326ba9	PR: 2013 Submitted by: steve@openssl.org Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created. This makes it possible to tell if the underlying type is UTCTime, GeneralizedTime or Time when the structure is reused and X509_time_adj_ex() can handle each case in an appropriate manner. Add error checking to CRL generation in ca utility when nextUpdate is being set.	2009-09-02 13:54:50 +00:00
Dr. Stephen Henson	c869da8839	Update from 1.0.0-stable	2009-07-27 21:10:00 +00:00
Dr. Stephen Henson	33ab2e31f3	PR: 1854 Submitted by: Oliver Martin <oliver@volatilevoid.net> Reviewed by: steve@openssl.org Support GeneralizedTime in ca utility.	2009-03-09 13:59:07 +00:00
Andy Polyakov	2140659b00	Incidentally http://cvs.openssl.org/chngview?cn=17710 also made it possible to build the library without -D_CRT_NONSTDC_NO_DEPRECATE. This commit expands it even to apps catalog and actually omits the macro in question from Configure.	2008-12-22 14:05:42 +00:00
Dr. Stephen Henson	87d3a0cd90	Experimental new date handling routines. These fix issues with X509_time_adj() and should avoid any OS date limitations such as the year 2038 bug.	2008-10-07 22:55:27 +00:00
Ben Laurie	5ce278a77b	More type-checking.	2008-06-04 11:01:43 +00:00
Dr. Stephen Henson	c451bd828f	Avoid case in ca.c fix.	2008-06-02 12:10:06 +00:00
Dr. Stephen Henson	8ecfbedd85	Revert, doesn't fix warning :-(	2008-06-02 10:42:57 +00:00
Dr. Stephen Henson	c173fce4e2	Avoid cast with wrapper function.	2008-06-02 10:37:53 +00:00
Dr. Stephen Henson	c6ddacf7f8	Stop const mismatch warning.	2008-05-31 19:28:57 +00:00
Ben Laurie	3c1d6bbc92	LHASH revamp. make depend.	2008-05-26 11:24:29 +00:00
Dr. Stephen Henson	7c337e00d2	Fix some warnings.	2008-03-16 20:59:10 +00:00
Ben Laurie	309fa55bbb	Return an error if the serial number is badly formed. (Coverity ID 116).	2007-04-04 14:35:56 +00:00
Ben Laurie	96ea4ae91c	Add RFC 3779 support.	2006-11-27 14:18:05 +00:00
Dr. Stephen Henson	f6e7d01450	Support for multiple CRLs with same issuer name in X509_STORE. Modify verify logic to try to use an unexpired CRL if possible.	2006-07-25 17:39:38 +00:00
Dr. Stephen Henson	03919683f9	Add support for default public key digest type ctrl.	2006-05-07 17:09:39 +00:00
Dr. Stephen Henson	ee1d9ec019	Remove link between digests and signature algorithms. Use cross reference table in ASN1_item_sign(), ASN1_item_verify() to eliminate the need for algorithm specific code.	2006-04-19 17:05:59 +00:00
Andy Polyakov	ffa101872f	Eliminate dependency on read/write/stat in apps under _WIN32.	2005-11-04 09:30:55 +00:00
Nils Larsch	cc29c1204b	successfully updating the db shouldn't result in an error message	2005-09-30 16:47:38 +00:00
Dr. Stephen Henson	cbdac46d58	Update from stable branch.	2005-07-04 23:12:04 +00:00
Nils Larsch	ff990440ee	const fixes	2005-04-15 18:29:33 +00:00
Nils Larsch	7d727231b7	some const fixes	2005-04-05 19:11:19 +00:00
Dr. Stephen Henson	10c8505734	Use the default_md config file value when signing CRLs. PR:662	2004-11-11 13:47:06 +00:00
Dr. Stephen Henson	b5a93e2250	Call setup_engine after autoconfig.	2004-08-06 12:44:34 +00:00
Dr. Stephen Henson	64674bcc8c	Reduce chances of issuer and serial number duplication by use of random initial serial numbers. PR: 842	2004-04-20 12:05:26 +00:00
Dr. Stephen Henson	ae44fc1ec4	Clear error if unique_subject lookup fails.	2004-04-15 00:32:19 +00:00
Richard Levitte	d420ac2c7d	Use BUF_strlcpy() instead of strcpy(). Use BUF_strlcat() instead of strcat(). Use BIO_snprintf() instead of sprintf(). In some cases, keep better track of buffer lengths. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 14:40:17 +00:00
Richard Levitte	03ddbdd9b9	Move another common functionality (reproduced so far with cut'n'paste) to apps.c, and give it the hopefully descriptive name parse_yesno().	2003-11-28 14:45:09 +00:00
Richard Levitte	6d5ffb591b	Move do_subject() to apps.c and rename it to parse_name(). The rationale behind the move is that it's use by several applications. The rationale behind the name change is that it describes what the function does a bit better.	2003-11-28 14:07:14 +00:00
Richard Levitte	7ce9e425bc	Allow multi-valued rdns in subjects. This adds the -multivalue-rdn option to 'openssl req' and 'openssl ca'. PR: 779 Submitted by: Michael Bell <michael.bell@cms.hu-berlin.de> Reviewed by: Richard Levitte (there will be some follow-up changes)	2003-11-28 14:04:09 +00:00
Richard Levitte	4d8743f490	Netware-specific changes, PR: 780 Submitted by: Verdon Walker <VWalker@novell.com> Reviewed by: Richard Levitte	2003-11-28 13:10:58 +00:00
Geoff Thorpe	2754597013	A general spring-cleaning (in autumn) to fix up signed/unsigned warnings. I have tried to convert 'len' type variable declarations to unsigned as a means to address these warnings when appropriate, but when in doubt I have used casts in the comparisons instead. The better solution (that would get us all lynched by API users) would be to go through and convert all the function prototypes and structure definitions to use unsigned variables except when signed is necessary. The proliferation of (signed) "int" for strictly non-negative uses is unfortunate.	2003-10-29 20:24:15 +00:00
Richard Levitte	e6fa67fa93	Generalise the definition of strcasecmp() and strncasecmp() for platforms that don't (necessarely) have it. In the case of VMS, this means moving a couple of functions from apps/ to crypto/ and make them general (although only used privately).	2003-09-09 14:48:36 +00:00
Richard Levitte	fd4ef69913	Implement CRL numbers. Contributed in whole by Laurent Genier <Laurent.Genier@intrinsec.com> PR: 644	2003-06-19 17:40:16 +00:00
Richard Levitte	4c771796d5	Convert save_serial() to work like save_index(), and add a rotate_serial() that works like rotate_index().	2003-04-04 15:10:35 +00:00
Richard Levitte	d6df2b281f	Add documentation on the added functionality in 'openssl ca'.	2003-04-04 14:39:44 +00:00
Richard Levitte	3ae70939ba	Correct a lot of printing calls. Remove extra arguments...	2003-04-03 23:39:48 +00:00
Richard Levitte	16b1b03543	Implement self-signing in 'openssl ca'. This makes it easier to have the CA certificate part of the CA database, and combined with 'unique_subject=no', it should make operations like CA certificate roll-over easier.	2003-04-03 22:33:59 +00:00
Richard Levitte	c4448f60d6	Reset the version number of the issuer certificate? I believe this hasn't been tested in a long while...	2003-04-03 18:50:15 +00:00
Richard Levitte	63b6fe2bf6	Conditionalise all debug strings.	2003-04-03 18:07:39 +00:00
Richard Levitte	f85b68cd49	Make it possible to have multiple active certificates with the same subject.	2003-04-03 16:33:03 +00:00
Richard Levitte	0b13e9f055	Add the possibility to build without the ENGINE framework. PR: 287	2003-01-30 17:39:26 +00:00
Richard Levitte	4e78074b39	cert_sk isn't always allocated, so freeing it may cause a crash. PR: 481	2003-01-30 10:27:43 +00:00
Dr. Stephen Henson	09ad2458b8	Typo.	2003-01-09 16:54:21 +00:00
Dr. Stephen Henson	5b7249f302	NULL tofree when it is freed to avoid double free. Make sure key is not NULL before freeing it.	2003-01-09 13:06:49 +00:00
Richard Levitte	e235000169	Spelling error. This patch was taken from the OpenBSD copy of OpenSSL 0.9.7 beta3 with patches	2002-12-25 22:16:56 +00:00
Richard Levitte	1c3e4a3660	EXIT() may mean return(). That's confusing, so let's have it really mean exit() in whatever way works for the intended platform, and define OPENSSL_EXIT() to have the old meaning (the name is of course because it's only used in the openssl program)	2002-12-03 16:33:03 +00:00
Richard Levitte	4579924b7e	Cleanse memory using the new OPENSSL_cleanse() function. I've covered all the memset()s I felt safe modifying, but may have missed some.	2002-11-28 08:04:36 +00:00

1 2 3 4

173 commits