Bodo Möller
418a0d151e
Simplify BN_rand_range
2001-02-10 00:34:20 +00:00
Lutz Jänicke
7b0cb7f08d
Fix "wierd" typo as submitted by Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>.
2001-02-09 19:05:11 +00:00
Bodo Möller
1c08c320c5
add linux-s390 configuration (based on information submitted by
...
Denis Beauchemin <Denis.Beauchemin@Courrier.USherb.ca>)
2001-02-09 08:35:03 +00:00
Ulf Möller
452b34a770
add comment and RAND_load_file() change as in main branch.
2001-02-08 17:50:55 +00:00
Ulf Möller
6bdb723259
cleanup
2001-02-08 17:14:47 +00:00
Bodo Möller
31a74acfd3
Another comment change. (Previous comment does not apply
...
for range = 11000000... or range = 100000...)
2001-02-08 12:33:55 +00:00
Bodo Möller
d82242169b
Change comments. (The expected number of iterations in BN_rand_range
...
never exceeds 1.333...).
2001-02-08 12:27:00 +00:00
Bodo Möller
a0707e6170
oops -- remove observation code
2001-02-08 12:25:03 +00:00
Bodo Möller
07fc72fea1
Integrate my implementation of a countermeasure against
...
Bleichenbacher's DSA attack. With this implementation, the expected
number of iterations never exceeds 2.
New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
2001-02-08 12:20:25 +00:00
Lutz Jänicke
813c7c415b
Update documentation to match the state of OpenSSL 0.9.6.
2001-02-08 10:36:37 +00:00
Ulf Möller
38b3a46ffa
DSA fix from main branch.
2001-02-07 22:35:11 +00:00
Ulf Möller
60b3b2c9d0
EBCDIC bug fix from main branch.
2001-02-07 22:13:10 +00:00
Bodo Möller
c7410f2693
Avoid coredumps for CONF_get_...(NULL, ...)
2001-02-06 10:14:57 +00:00
Bodo Möller
43a5e1409e
don't dump core
2001-02-06 09:47:25 +00:00
Richard Levitte
cd4fad5488
Merge in memory leak correction from main trunk.
2001-02-05 13:33:28 +00:00
Richard Levitte
28b1bceb2f
0.9.6a will not be release in Y2K. :-)
2001-02-05 13:32:33 +00:00
Lutz Jänicke
d4d76b9e83
Documenting session caching, 2nd step.
2001-02-04 18:10:54 +00:00
cvs2svn
e1fee47759
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_6-stable'.
2001-02-04 18:05:28 +00:00
Lutz Jänicke
0bc6597d4d
Documenting session caching, 2nd step.
2001-02-04 18:05:27 +00:00
Dr. Stephen Henson
2b916952a8
Fix ASN1_TIME_to_generlizedtime().
...
Add protoype for OCSP_response_create().
Add OCSP_request_sign() and OCSP_basic_sign()
private key and certificate checks and make
OCSP_NOCERTS consistent with PKCS7_NOCERTS
2001-02-04 03:04:43 +00:00
Dr. Stephen Henson
02e4fbed3d
Various OCSP responder utility functions.
...
Delete obsolete OCSP functions.
Largely untested at present...
2001-02-03 19:20:45 +00:00
Lutz Jänicke
88e9984da5
Clarify why SSL_CTX_use_certificate_chain_file() should be preferred.
2001-02-03 15:15:44 +00:00
Lutz Jänicke
7403c34b0b
Clarify why SSL_CTX_use_certificate_chain_file() should be preferred.
2001-02-03 15:15:00 +00:00
Lutz Jänicke
dac1169e82
Typo: on my screen it nicely wrapped around at 80 :-)
2001-02-03 11:02:35 +00:00
Lutz Jänicke
9022f2403b
Typo: on my screen it nicely wrapped around at 80 :-)
2001-02-03 11:02:02 +00:00
Lutz Jänicke
53ab745f7a
If the source has already been succesfully queried, do not try to open it
...
again as file.
2001-02-03 10:59:16 +00:00
Lutz Jänicke
08f3f07212
If the source has already been succesfully queried, do not try to open it
...
again as file.
2001-02-03 10:59:13 +00:00
Lutz Jänicke
2bbe747045
Backport...
2001-02-02 14:44:02 +00:00
cvs2svn
55cd47ffb4
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_6-stable'.
2001-02-02 14:40:53 +00:00
Lutz Jänicke
8cbceba610
Document session caching, first step.
2001-02-02 14:40:52 +00:00
Dr. Stephen Henson
88ce56f8c1
Various function for commmon operations.
2001-02-02 00:45:54 +00:00
Dr. Stephen Henson
664d83bb23
Tidy up the mess in bss_sock.c and bss_fd.c
...
by placing them socket/fd code in separate
files rather than trying to have them both
share the same one.
2001-02-02 00:31:45 +00:00
Dr. Stephen Henson
2e1d669cba
Tolerate some "variations" used in some
...
certificates.
One is a valid CA which has no basicConstraints
but does have certSign keyUsage.
Other is S/MIME signer with nonRepudiation but
no digitalSignature.
2001-02-01 02:03:58 +00:00
Dr. Stephen Henson
8cff6331c9
Tolerate some "variations" used in some
...
certificates.
One is a valid CA which has no basicConstraints
but does have certSign keyUsage.
Other is S/MIME signer with nonRepudiation but
no digitalSignature.
2001-02-01 01:57:32 +00:00
Lutz Jänicke
819d5cef08
Backport extended documentation.
2001-01-31 14:18:43 +00:00
cvs2svn
e9cba65a99
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_6-stable'.
2001-01-31 14:14:21 +00:00
Lutz Jänicke
cd6aa710b5
New manual page for a hardly known but important item :-)
2001-01-31 14:14:20 +00:00
Richard Levitte
3b1f393ae7
Transport from development branch.
2001-01-30 13:54:44 +00:00
Richard Levitte
903872d65e
Document the change.
2001-01-30 13:47:59 +00:00
Richard Levitte
16a44ae7e9
Increase consistency of header data (some mail readers really do not
...
like spaces before the semicolon, and besides, other parts of this
file makes the values without those spaces), and move spacing of
continuation lines to support BIO's that break lines after each
write.
2001-01-30 13:38:59 +00:00
Bodo Möller
739423fceb
Remove serial number file during 'make clean'.
2001-01-29 11:41:12 +00:00
Lutz Jänicke
61433519af
Backported manual pages from 0.9.7.
2001-01-28 18:35:10 +00:00
Lutz Jänicke
c032563a0a
Backport documentation added for 0.9.7.
2001-01-28 18:31:35 +00:00
Dr. Stephen Henson
943f8a46a4
For CRLs.
...
Shouldn't use the "encode empty" macros with the
revoked field since that is initialised.
Extensions should now be set to NULL so they
encode as absent if none are added.
2001-01-28 14:48:13 +00:00
Bodo Möller
78f3a2aad7
Comment and indentation
2001-01-28 14:38:11 +00:00
Dr. Stephen Henson
b847024026
Make sk_sort tolearate a NULL argument.
2001-01-28 14:20:13 +00:00
Dr. Stephen Henson
7a60df7dd3
New ASN1 macros which will encode an empty SEQUENCE OF.
...
Fix CRL encoders to encode empty SEQUENCE OF.
The old code was breaking CRL signatures.
Note: it is best to add new macros because changing the
old ones could break other code which expects that behaviour.
None of this is needed with the new ASN1 code anyway...
2001-01-28 14:18:20 +00:00
Dr. Stephen Henson
50d5199120
New OCSP response verify option OCSP_TRUSTOTHER
2001-01-26 01:55:52 +00:00
Richard Levitte
9020b86250
Documentation language corrections, contributed by Chris Pepper <pepper@mail.reppep.com>
2001-01-25 14:46:00 +00:00
Dr. Stephen Henson
de0b3ab7fb
Zero the premaster secret after deriving the master secret in DH
...
ciphersuites.
2001-01-25 13:20:39 +00:00