Commit graph

4452 commits

Author SHA1 Message Date
Richard Levitte
206eb6a11d Change pkcs12 so the certificates coming from -in do not get tossed if
-certfile is given as well.
2001-12-12 16:49:02 +00:00
Richard Levitte
f11fd3f4e1 Implement failover for ubsec. Submitted by Subramanian Ramamoorthy
<sram@broadcom.com> with the following comment:

[...] We have implemented failover (ie, if for some reason that the
hardware fails, the implementation detects this failure and performs
this operation as if no hardware is present, ie, in software) for
sometime now and have tested it here with our hardware. [...]

This change was cc:ed to exports@crypto.com
2001-12-12 12:53:13 +00:00
Richard Levitte
29b108f939 make update 2001-12-11 10:57:13 +00:00
Ulf Möller
31106cc750 name confusion with HP library function prototype (?) 2001-12-10 18:52:06 +00:00
Ben Laurie
ff3fa48fc7 Improve back compatibility. 2001-12-09 21:53:31 +00:00
Bodo Möller
87166e1fb6 fix warnings (one of them was clearly justified) 2001-12-07 17:02:01 +00:00
Dr. Stephen Henson
f3e24baddf Don't overwrite signing time. 2001-12-07 00:36:32 +00:00
Lutz Jänicke
a6977ee73d HPUX 9.X on m68k with gcc
("Anton J. Gamel" <gamel@anna.anatomie.uni-freiburg.de>)
2001-12-06 13:15:51 +00:00
Richard Levitte
d4704d5245 UID was never a lable for uniqueIdentifier. However, LDAP and certain
RFCs concerning X.500 directories use UID as a shorter name for the
attribute type userId, which is defined by CCITT and available through
RFCs 1274 and 2247.

Unfortunately, if some applications have used the name "UID" for the
uniqueIdentifier attribute type, they will produce incorrect results.
However, I found it better to follow the standards that are out there
rather than having our own incompatible one.
2001-12-04 11:01:17 +00:00
Richard Levitte
8f0edcb3d2 I was recently informed that some people wrongly use ssleay.txt as
main documentation, so let's warn them a little more, so the word
"OBSOLETE" really gets understood.
2001-12-04 07:38:17 +00:00
Bodo Möller
35e25255e0 crypto/objects stuff 2001-12-03 14:03:23 +00:00
Bodo Möller
c3fbf5d9a8 Fix: 2.5.29 is "id-ce", not "ld-ce" (sort of a typo in objects.h).
Fix (?): Delete 'ip-pda 6' (id-pda-pseudonym) because it does not exist
in RFC 3039.

Also change Perl scripts to put auto-generation warning in the
first lines of the file.
2001-12-03 13:47:22 +00:00
Dr. Stephen Henson
55e42c93a8 EVP_BytesToKey documentation. 2001-12-03 03:07:37 +00:00
Dr. Stephen Henson
6a0dec9584 Make EVP_SealInit() return the correct value. 2001-12-01 23:09:38 +00:00
Dr. Stephen Henson
21a85f1977 Add -pubkey option to req command. 2001-12-01 23:03:30 +00:00
Dr. Stephen Henson
322de0c8c1 NO_DSA, NO_RSA patches. 2001-12-01 22:41:39 +00:00
Lutz Jänicke
6a9af68b56 Support for QNX (wrat@jump.net (the wharf rat)). 2001-11-30 09:38:57 +00:00
Richard Levitte
b6e4dac217 Certain missing algorithms make some SSL versions or TLS impossible to
build.
2001-11-27 11:48:30 +00:00
Bodo Möller
8a0a9392ab discuss -name and default_ca more correctly (I hope) 2001-11-26 12:13:50 +00:00
Geoff Thorpe
bcbe4e5254 This looks to have been a typo. 2001-11-24 04:02:42 +00:00
Bodo Möller
47ff5c6279 For future portability reasons MIT is moving all macros to function
calls.  This patch allows compilation either way.

Submitted by: Jeffrey Altman <jaltman@columbia.edu>
2001-11-23 21:50:50 +00:00
Bodo Möller
898f856c44 info on 0.9.6 engine branch 2001-11-23 21:12:44 +00:00
Bodo Möller
883b0c2274 fix submitted by Andy Schneider <andy.schneider@bjss.co.uk>
(in main branch, hn_ncipher.c is already correct)
2001-11-23 20:58:40 +00:00
Bodo Möller
4f94d1a8b1 check OPENSSL_NO_... before including header files that might be
disabled
2001-11-22 11:13:10 +00:00
Bodo Möller
1d4581c2dd OS/390 support
Submitted by: Richard Shapiro <rshapiro@abinitio.com>
2001-11-22 11:09:42 +00:00
Bodo Möller
c05940edc7 comment 2001-11-22 11:08:38 +00:00
Geoff Thorpe
c507a16e49 Cut "ENGINE_ID" to the more concise "ID". 2001-11-22 10:08:49 +00:00
Geoff Thorpe
308f028e28 In this particular error condition, the structural reference wasn't being
released.
2001-11-22 09:20:08 +00:00
Geoff Thorpe
e4a6cf421a When the "dynamic" ENGINE loads another ENGINE from a shared-library, it
essentially overwrites itself with the new ENGINE, with the exception of
reference counts, ex_data structures, and other 'admin' elements. However
if the new ENGINE doesn't populate certain elements, there's the risk of
the "dynamic" ENGINE's elements showing through - the "cmd_defns" were just
one of the possibilities. This implements a more comprehensive cleanup.
2001-11-22 09:13:18 +00:00
Geoff Thorpe
329636d6e3 The "openssl" ENGINE is no longer used except as a testing/debugging
device. This change enables it for building as a self-contained "dynamic"
ENGINE, to help testing such mechanisms.
2001-11-22 09:01:11 +00:00
Geoff Thorpe
9163b8fb23 'flags' should only be set inside DSO_load() if constructing a new DSO
object - otherwise we overwrite any flags that had been previously set in
the DSO before calling DSO_load().
2001-11-22 08:48:09 +00:00
Richard Levitte
a542db90c6 Extentions of the explanations to the linking problem on Win32. Provided by Andrew Gray <agray@iconsinc.com> 2001-11-19 20:46:35 +00:00
Lutz Jänicke
a7ce69dbd7 Clarify reference count handling/removal of session
(shinagawa@star.zko.dec.com).
2001-11-19 11:11:23 +00:00
Richard Levitte
9d93ce246c On VMS, the norm is still that symbols are uppercased, so for now it's better
to trust that norm.  I might implement a control for this later on
2001-11-16 13:12:19 +00:00
Bodo Möller
76c4336c43 wNAFs use does not bring that much performance on Sparcs (where
elliptic curves are are relatively faster than on PCs anyway)
2001-11-16 12:02:01 +00:00
Bodo Möller
e71adb85c5 avoid stupid compiler warning 2001-11-16 11:37:36 +00:00
Richard Levitte
033c51f0a3 Build dynamic rsaref engine on VMS. Tested on VAX so far. 2001-11-16 09:14:06 +00:00
Richard Levitte
452d1595a6 End assembler macro correctly.
On VAX, all global variables are accessed through functions, so skip
doing transfer entries for variables.

Forgot the looping gotos.
2001-11-16 09:09:15 +00:00
Richard Levitte
0d197a833c On systems that don't do too well including headers from a different
directory, trust the building scripts to handle it properly.
2001-11-16 08:54:34 +00:00
Richard Levitte
e0031b80ee Make sure evp_locl.h can be included (hw_openbsd_dev_crypto.c needs that). 2001-11-16 08:52:56 +00:00
Bodo Möller
b19941ab05 comment 2001-11-16 06:22:21 +00:00
Bodo Möller
752938daab use a more interesting test case 2001-11-16 06:22:05 +00:00
Bodo Möller
c78515f55e comments etc. 2001-11-15 22:35:41 +00:00
Bodo Möller
3ba1f11147 Improve EC efficiency. 2001-11-15 22:32:11 +00:00
Richard Levitte
bbc206fdf7 A missing comma added. 2001-11-15 22:29:02 +00:00
Richard Levitte
2bd065dfbe make update 2001-11-15 20:24:00 +00:00
Richard Levitte
6d7dbc12f2 Add MD digests.
And this finishes this engine, it now offers all ciphers and digests
that RSAref 2.0 has.
2001-11-15 20:23:29 +00:00
Richard Levitte
83c40e7fc0 Make it possible to give digest names as -evp arguments. 2001-11-15 20:19:40 +00:00
Richard Levitte
b5fe234588 Add DES functions.
Restructure the code and comment it a bit.
Prepare for the presence of digests.
2001-11-15 18:52:28 +00:00
Richard Levitte
e1a00d7d1d If an engine isn't built in, try loading it as a shareable library
instead.  This also makes it possible for users to simply give said
shareable library as argument for the -engine option.
2001-11-15 18:48:42 +00:00