Dr. Stephen Henson
0a3ea5d34a
Document the -certopt option to the x509 utility.
...
Add no_issuer option.
Fix X509_print_ex() so it prints out newlines when
certain fields are omitted.
2001-03-15 01:15:54 +00:00
Bodo Möller
cad4b840c8
Fix: return 0 if no error occured.
2001-03-13 22:17:10 +00:00
Bodo Möller
10654d3a74
Forcibly enable memory leak checking during "make test"
2001-03-11 14:49:46 +00:00
Richard Levitte
251cb4cfed
For some experiments, it is sometimes nice to serve files with complete
...
HTTP responses.
2001-03-10 16:20:52 +00:00
Dr. Stephen Henson
1358835050
Change the EVP_somecipher() and EVP_somedigest()
...
functions to return constant EVP_MD and EVP_CIPHER
pointers.
Update docs.
2001-03-09 02:51:02 +00:00
Bodo Möller
a75d8bebd2
Bugfix: previously the serial number file could turn negative
...
because an incompletely initialized ASN1_INTEGER was used.
2001-03-08 19:13:24 +00:00
Bodo Möller
3285076c8e
Integrate ec_err.[co].
...
"make depend"
2001-03-08 12:30:12 +00:00
Richard Levitte
70d70a3c81
Code for better build under Darwin (MacOS X).
...
Submitted by Brad Dominy <jdominy@darwinuser.org>
2001-03-07 10:04:00 +00:00
Bodo Möller
65e8167079
Move ec.h to ec2.h because it is not compatible with what we will use.
...
Add EC vaporware: change relevant Makefiles and add some empty source
files.
"make update".
2001-03-05 20:13:37 +00:00
Bodo Möller
bad4058574
New option '-subj arg' for 'openssl req' and 'openssl ca'. This
...
sets the subject name for a new request or supersedes the
subject name in a given request.
Add options '-batch' and '-verbose' to 'openssl req'.
Submitted by: Massimiliano Pala <madwolf@hackmasters.net>
Reviewed by: Bodo Moeller
2001-03-05 11:09:43 +00:00
Bodo Möller
d8c2adae57
increase emailAddress_max
2001-03-04 01:33:55 +00:00
Richard Levitte
7f19d42e9d
MacOSX doesn't have ftime().
...
Spotted by Pieter Bowman <bowman@math.utah.edu>
2001-02-27 08:14:32 +00:00
Dr. Stephen Henson
f196522159
New function and options to check OCSP response validity.
2001-02-24 13:50:06 +00:00
Geoff Thorpe
e3a9164073
I missed one.
2001-02-23 00:09:50 +00:00
Richard Levitte
41d2a336ee
e_os.h does not belong with the exported headers. Do not put it there
...
and make all files the depend on it include it without prefixing it
with openssl/.
This means that all Makefiles will have $(TOP) as one of the include
directories.
2001-02-22 14:45:02 +00:00
Richard Levitte
19f2192136
Windows does not know of strigs.h or strcasecmp, so when in Windows,
...
make strcasecmp a macro to _stricmp.
2001-02-22 14:21:06 +00:00
Geoff Thorpe
1aa0d94781
This adds command-line support to s_server for controlling the generation
...
of session IDs. Namely, passing "-id_prefix <text>" will set a
generate_session_id() callback that generates session IDs as random data
with <text> block-copied over the top of the start of the ID. This can be
viewed by watching the session ID s_client's output when it connects.
This is mostly useful for testing any SSL/TLS code (eg. proxies) that wish
to deal with multiple servers, when each of which might be generating a
unique range of session IDs (eg. with a certain prefix).
2001-02-21 18:38:48 +00:00
Richard Levitte
14565bedaf
Some functions, like strdup() and strcasecmp(), are defined in
...
strings.h according to X/Open.
2001-02-20 19:05:59 +00:00
Richard Levitte
02cc82ff8a
I forgot there was a reason why the inclusions and definition of u_int
...
was made in a certain sequence. This change restores the earlier
"chain of command".
2001-02-20 17:37:02 +00:00
Richard Levitte
38f3b3e29c
OpenVMS catches up.
2001-02-20 17:14:30 +00:00
Richard Levitte
be1bd9239f
Get e_os2.h to get all the system definitions correctly.
2001-02-20 14:07:03 +00:00
Dr. Stephen Henson
569afce4b0
Fix typo.
2001-02-20 13:30:28 +00:00
Richard Levitte
56dde3ebe6
Include opensslconf.h or the like early to make sure system macros get
...
correctly defined.
2001-02-20 13:11:54 +00:00
Bodo Möller
ff055b5c89
honour '-no_tmp_rsa'
2001-02-20 12:59:48 +00:00
Richard Levitte
bc36ee6227
Use new-style system-id macros everywhere possible. I hope I haven't
...
missed any.
This compiles and runs on Linux, and external applications have no
problems with it. The definite test will be to build this on VMS.
2001-02-20 08:13:47 +00:00
Ulf Möller
28143c66e1
Fix warning.
2001-02-20 00:43:03 +00:00
Richard Levitte
cf1b7d9664
Make all configuration macros available for application by making
...
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Richard Levitte
07247321c6
make update
2001-02-19 14:00:38 +00:00
Dr. Stephen Henson
acba75c59d
New -set_serial options to 'req' and 'x509'.
...
Remove the old broken bio read of serial numbers in the 'ca' index
file. This would choke if a revoked certificate was specified with
a negative serial number.
Fix typo in uid.c
2001-02-19 13:38:32 +00:00
Dr. Stephen Henson
a6b7ffddac
New options to 'ca' utility to support CRL entry extensions.
...
Add revelant new X509V3 extensions.
Add OIDs.
Fix ASN1 memory leak code to pop info if external allocation used.
2001-02-16 01:35:44 +00:00
Lutz Jänicke
52b621db88
Add "-rand" option to s_client and s_server.
2001-02-15 10:22:07 +00:00
Dr. Stephen Henson
f2e5ca84d4
Option to disable standard block padding with EVP API.
...
Add -nopad option to enc command.
Update docs.
2001-02-14 02:11:52 +00:00
Dr. Stephen Henson
cdc7b8cc60
Initial OCSP SSL support.
2001-02-14 01:12:41 +00:00
Dr. Stephen Henson
67c1801924
New function OCSP_parse_url() and -url option for ocsp utility.
...
Doesn't handle SSL URLs yet.
2001-02-13 00:37:44 +00:00
Dr. Stephen Henson
46a58ab946
Modify OCSP nonce behaviour.
2001-02-12 23:28:45 +00:00
Bodo Möller
620cea37e0
disable stdin buffering in load_cert
2001-02-10 13:12:35 +00:00
Bodo Möller
c15e036398
use case-insensitive comparison in set_table_opts
...
(similar to how arguments such as -inform/-outform specifications
are treated)
2001-02-10 11:21:29 +00:00
Dr. Stephen Henson
ccb08f98ae
Fix CRL printing to correctly show when there are no revoked certificates.
...
Make ca.c correctly initialize the revocation date.
Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() set the
string type: so they can initialize ASN1_TIME structures properly.
2001-02-10 00:56:45 +00:00
Lutz Jänicke
836f996010
New Option SSL_OP_CIPHER_SERVER_PREFERENCE allows TLS/SSLv3 server to override
...
the clients choice; in SSLv2 the client uses the server's preferences.
2001-02-09 19:56:31 +00:00
Lutz Jänicke
1613c4d3bf
Typo
2001-02-09 19:05:49 +00:00
Dr. Stephen Henson
c063f2c5ec
Various Win32 related fixed. Make no-krb5 work in mkdef.pl .
...
Fix warning in apps/engine.c
Remove definitions of deleted functions.
Add missing definition of X509_VAL.
2001-02-09 18:16:12 +00:00
Dr. Stephen Henson
b3f2e399d2
Add missing \n's to ocsp usage message.
2001-02-09 03:09:05 +00:00
Dr. Stephen Henson
8c950429a9
Allow various options to be included for signing and verify of
...
OCSP responses.
Documentation to follow...
Urgh.. this conflicted with the -VAfile patch I hope I haven't
broken it.
2001-02-08 19:36:10 +00:00
Richard Levitte
9235adbf47
Add the -VAfile option to 'openssl ocsp'. This option will give the
...
client code certificates to use to only check response signatures.
I'm not entirely sure if the way I just implemented the verification
is the right way to do it, and would be happy if someone would like to
review this.
2001-02-08 17:59:29 +00:00
Lutz Jänicke
73fc98a7bf
Fix typo preventing correct usage of -out option.
2001-02-07 14:15:41 +00:00
Ben Laurie
259810e05b
Rijdael CBC mode and partial undebugged SSL support.
2001-02-06 14:09:13 +00:00
Bodo Möller
69a03c1799
don't dump core
2001-02-06 09:47:47 +00:00
Ulf Möller
4327aae816
format strings
2001-02-06 02:57:35 +00:00
Ben Laurie
4978361212
Make depend.
2001-02-04 21:06:55 +00:00
Lutz Jänicke
08f3f07212
If the source has already been succesfully queried, do not try to open it
...
again as file.
2001-02-03 10:59:13 +00:00