Richard Levitte
1fff621bd7
Typo corrected
2000-03-14 04:32:24 +00:00
Richard Levitte
8824ec7cd5
Make sure strcmp() gets declared.
2000-03-14 04:09:48 +00:00
Bodo Möller
46c4647e3c
"openssl no-..." commands for avoiding the need to grep
...
"openssl list-standard-commands".
2000-03-13 20:31:46 +00:00
Bodo Möller
863fe2ecac
cleaning up a little
2000-03-12 23:27:14 +00:00
Ulf Möller
cee814f9d5
make update
2000-03-12 12:49:45 +00:00
Richard Levitte
ce301b6b0b
Add the possibility (with -ign_eof) to ignore end of file on input but
...
still not be quiet. Also make it clear that -quiet implicitely means
-ign_eof as well.
2000-03-10 12:18:28 +00:00
Bodo Möller
0dd3989868
Change to code generated by 'dhparam -C':
...
- Move DH parameter components inside the function.
- Automatically #include the required header file if it
has not already been #included.
2000-03-10 12:17:37 +00:00
Bodo Möller
a10c512afa
another typo
2000-03-10 11:47:58 +00:00
Bodo Möller
9f5d2069a4
typo
2000-03-10 11:43:45 +00:00
Dr. Stephen Henson
e743a5134e
Don't Free() password if it was read from config file.
2000-03-09 01:03:44 +00:00
Dr. Stephen Henson
c61252001b
Fix typo and make ca get the CA and request fields correct.
2000-03-08 12:44:10 +00:00
Bodo Möller
de83c12253
Add missing include (only MONOLITH builds were possible without it).
...
Submitted by: Andrew W. Gray
2000-03-05 01:11:44 +00:00
Bodo Möller
cf7fa82897
Read complete seed files given in -rand options.
2000-03-04 17:44:07 +00:00
Bodo Möller
0a150c5c9f
Generate correct error reasons strings for SYSerr.
2000-03-04 01:36:53 +00:00
Bodo Möller
37634c8bc9
Add an #include.
2000-03-03 23:27:56 +00:00
Bodo Möller
bb2276abf7
Avoid potential memory leak in code generated by 'openssl dhparam -C'.
2000-03-03 22:24:43 +00:00
Bodo Möller
41918458c0
New '-dsaparam' option for 'openssl dhparam', and related fixes.
2000-03-03 22:18:19 +00:00
Richard Levitte
a8883854a3
Synchronise
2000-03-02 23:32:47 +00:00
Ulf Möller
99a97051d4
pseudo-seed for the PRNG before testing DSA
2000-03-01 17:42:06 +00:00
Bodo Möller
afbd0746cf
'rand'/'-rand' documentation.
2000-03-01 11:45:53 +00:00
Bodo Möller
55f7d65db0
Document the 'rand' application.
2000-03-01 07:57:25 +00:00
Bodo Möller
27b782732f
'rand' application for creating pseudo-random files.
2000-02-29 23:47:01 +00:00
Ulf Möller
c9e1fe33be
Fix for non-monolithic build.
...
Submitted by: Andrew Gray <agray@iconsinc.com>
2000-02-28 20:16:06 +00:00
Richard Levitte
cde28e18bf
New logical names to skip algorithms are now supported.
2000-02-27 10:41:31 +00:00
Bodo Möller
6d0d5431d4
More get0 et al. changes. Also provide fgrep targets in CHANGES
...
where the new functions are mentioned.
2000-02-26 08:36:46 +00:00
Richard Levitte
cb464c38b2
The OpenVMS library is most definitely not built for anything but
...
files, unless it's all in unixly syntax. We can't guarantee that
right now, so let's skip the whole test suit. There are other places
(like the open()) where errors are detected anyway.
2000-02-26 03:53:58 +00:00
Dr. Stephen Henson
c7cb16a8ff
Rename functions for new convention.
2000-02-26 01:55:33 +00:00
Richard Levitte
1b8b0a8294
Correct small typo
2000-02-26 00:18:48 +00:00
Richard Levitte
3e0f27f3c9
Changes to synchronise with Unix.
...
(actually, much more is needed, like a real config script)
2000-02-25 20:37:46 +00:00
Ulf Möller
fea217f96f
EGD bugfix.
...
Submitted by: Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-02-25 14:16:43 +00:00
Ralf S. Engelschall
07fb39c32e
Make gcc 2.95.2 happy here, too.
2000-02-24 10:37:58 +00:00
Ulf Möller
4ec2d4d2b3
Support EGD.
2000-02-24 02:51:47 +00:00
Dr. Stephen Henson
4b42658082
Make pkcs8 work again.
...
Make EVP_CIPHER_type() return NID_undef if the cipher has no
ASN1 OID, modify code to handle this.
2000-02-22 18:45:11 +00:00
Bodo Möller
a2a0158959
Fix some bugs and document others
2000-02-21 17:09:54 +00:00
Ulf Möller
4ec19e203c
Fix gcc warnings.
2000-02-20 20:59:21 +00:00
Dr. Stephen Henson
ae1bb4e572
Add -clrext option to 'x509'
2000-02-19 00:46:02 +00:00
Bodo Möller
a91451ef13
add missing 'static'
2000-02-18 10:39:40 +00:00
Dr. Stephen Henson
8a208cba97
New functions and option to use NEW in certificate requests.
2000-02-18 00:54:21 +00:00
Bodo Möller
73c5591944
Casts now unnecessary because of changed prototype.
2000-02-17 18:36:21 +00:00
Dr. Stephen Henson
cd3c54e50f
Add -pass argument to 'enc'.
...
Fix to make Win32 compile work again.
2000-02-17 00:41:43 +00:00
Dr. Stephen Henson
a3fe382e2d
Pass phrase reorganisation.
2000-02-16 23:16:01 +00:00
Ben Laurie
bd44570322
Fix signed/unsigned warnings.
2000-02-16 12:09:17 +00:00
Richard Levitte
207c7df746
Remove the access() call altogether for VMS, since it doesn't quite
...
work for directory specifications (this will be reported as a bug to
DEC^H^H^HCompaq). It could as well be removed for all others as well,
since stat() and open() will return appropriate errors as well, but I
leave that to someone else to decide.
2000-02-15 09:44:54 +00:00
Dr. Stephen Henson
d13e4eb0b5
Make pkcs12 and smime applications seed random number
...
generator (otherwise they don't work) and add -rand
option. Update docs.
2000-02-12 03:03:04 +00:00
Richard Levitte
07fc35519e
A hack to make sure access() will give us the correct answer about the
...
accessability of an "empty" directory. Thsi *is* weird, and a better
solution will be provided in apps/ca.c, when I get time to hack at it.
2000-02-11 18:12:47 +00:00
Bodo Möller
3ebf0be142
Corrections.
2000-02-11 17:18:50 +00:00
Bodo Möller
cbcc5c01f9
Update.
2000-02-11 16:31:04 +00:00
Bodo Möller
e6e7b5f3df
Implement MD5-based "apr1" password hash.
2000-02-11 16:25:44 +00:00
Ben Laurie
efb416299f
Fix shadow.
2000-02-11 13:11:18 +00:00
Richard Levitte
f6814ea43a
Add compilation of the new passwd utility.
2000-02-11 11:21:50 +00:00
Ralf S. Engelschall
667ac4ec6a
Make gcc 2.95.2 happy again, even under ``-Wall -Wshadow -Wpointer-arith -Wcast-align
...
-Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''.
2000-02-11 09:47:18 +00:00
Bodo Möller
bb325c7d6a
'passwd' tool.
2000-02-10 21:50:52 +00:00
Dr. Stephen Henson
f07fb9b24b
Add command line password options to the reamining utilities,
...
amend docs.
2000-02-08 01:34:59 +00:00
Bodo Möller
8652d1c22e
Memory leak.
2000-02-06 02:48:53 +00:00
Bodo Möller
e290c7d4e0
Correction: openssl.c must get the long version of the apps_startup()
...
macro
2000-02-05 21:39:20 +00:00
Bodo Möller
29a28ee503
Cosmetic changes.
2000-02-05 21:28:09 +00:00
Dr. Stephen Henson
66430207a4
Add support for some broken PKCS#8 formats.
2000-02-05 21:07:56 +00:00
Dr. Stephen Henson
af57d84312
Rename SSLeay_add_all_algorithms() et al to
...
OpenSSL_add_all_algorithms(). Move these into
separate files so they work properly.
2000-02-04 14:01:38 +00:00
Ulf Möller
657e60fa00
ispell (and minor modifications)
2000-02-03 23:23:24 +00:00
Dr. Stephen Henson
82fc1d9c28
Add new -notext option to 'ca', -pubkey option to spkac.
...
Remove some "WTF??" casts from applications.
Fixes to keep VC++ happy and avoid warnings.
Docs tidy.
2000-02-03 02:56:48 +00:00
Ulf Möller
51ca375e7e
Seek out and destroy another evil cast.
2000-01-30 23:33:40 +00:00
Ulf Möller
9d1a01be8f
Source code cleanups: Use void * rather than char * in lhash,
...
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
2000-01-30 22:20:28 +00:00
Richard Levitte
1f36fe2835
Synchronise with Unix code
2000-01-28 12:15:20 +00:00
Dr. Stephen Henson
90644dd74d
New -pkcs12 option to CA.pl.
...
Document CA.pl script.
Initialise and free up the extra DH fields
(nothing uses them yet though).
2000-01-28 01:35:31 +00:00
Bodo Möller
05ccd698b9
RAND_load_file(..., -1) now means "read the complete file";
...
this is what we now use to read $RANDFILE / $HOME/.rnd.
(Previously, after 'cat'ting lots of stuff into .rnd
only the first MB would be looked at.)
Bugfix for apps/enc.c: Continue if RAND_pseudo_bytes returns 0
(only -1 is an error).
2000-01-24 10:03:24 +00:00
Bodo Möller
f13b93d3b4
RAND_pseudo_bytes is good enough for encryption IVs,
...
we should not need RAND_bytes (and we cannot use the latter
unless we load a seed file)
2000-01-24 09:32:20 +00:00
Dr. Stephen Henson
fabce04122
Make s_server, s_client check cipher list return codes.
...
Update docs.
2000-01-23 02:28:08 +00:00
Ulf Möller
2a99e8b9df
dh renamed to dhparam
2000-01-22 21:26:52 +00:00
Dr. Stephen Henson
09483c58e3
Add new program dhparam and update docs.
2000-01-22 13:58:29 +00:00
Dr. Stephen Henson
018e57c74d
Apply Lutz Behnke's 56 bit cipher patch with a few
...
minor changes.
Docs haven't been added at this stage. They are probably
best included in the 'ciphers' program docs.
2000-01-22 03:17:06 +00:00
Bodo Möller
033db22d57
add ERR_print_errors after "end" label.
2000-01-21 11:30:52 +00:00
Dr. Stephen Henson
8100490a72
Make -CAcreateserial start from 1 instead of 0 for
...
serial numbers.
2000-01-21 02:42:14 +00:00
Ulf Möller
e7f97e2d22
Check RAND_bytes() return value or use RAND_pseudo_bytes().
2000-01-21 01:15:56 +00:00
Dr. Stephen Henson
6e6bc352b1
Finish off the X509_ATTRIBUTE string stuff.
2000-01-20 01:37:17 +00:00
Richard Levitte
b058a08085
It doesn't make sense to try see if these variables are negative, since they're unsigned.
2000-01-17 00:49:52 +00:00
Ulf Möller
aa82db4fb4
Add missing #ifndefs that caused missing symbols when building libssl
...
as a shared library without RSA. Use #ifndef NO_SSL2 instead of
NO_RSA in ssl/s2*.c.
Submitted by: Kris Kennaway <kris@hub.freebsd.org>
Modified by Ulf Möller
2000-01-16 21:10:00 +00:00
Ulf Möller
373b575f5a
New function RAND_pseudo_bytes() generated pseudorandom numbers that
...
are not guaranteed to be unpredictable.
2000-01-16 15:58:17 +00:00
Bodo Möller
4fd2ead09d
Enable memory checking earlier (we correctly free everything
...
except for the BIO through which we print the memory leak list,
and the leak printing function ignores this one block).
2000-01-15 03:08:52 +00:00
Bodo Möller
11afb40c01
Use CRYPTO_push_info to track down memory leak
...
(only the CRYPTO_push_info's in the apps/ directory
are included in the CVS commit, not all those I used
in crypto/)
2000-01-13 22:52:52 +00:00
Bodo Möller
2c736d077b
slightly change usage information
2000-01-13 21:36:06 +00:00
Bodo Möller
a873356c00
Use CRYPTO_push_info to find a memory leak in pkcs12.c.
2000-01-13 21:10:43 +00:00
Dr. Stephen Henson
25f923ddd1
New function X509_CTX_rget_chain(), make SSL_SESSION_print() display return code.
...
Remove references to 'TXT' in -inform and -outform switches.
2000-01-09 14:21:40 +00:00
Ben Laurie
752d706aaf
Make NO_RSA compile with pedantic.
2000-01-08 21:06:24 +00:00
Dr. Stephen Henson
c3ed3b6eab
Add -prexit command to s_client and patch some BIO
...
functions so it doesn't crash. Document s_client.
2000-01-08 19:05:47 +00:00
Dr. Stephen Henson
ef7eaa4cb0
Manpages for the DH utils and fix for a memory leak in dh program
2000-01-08 13:36:17 +00:00
Dr. Stephen Henson
dad666fbbe
Add PKCS#12 manpage and use MAC iteration counts by default.
2000-01-08 03:16:04 +00:00
Bodo Möller
918a8a16fa
CA.pl is now generated automatically (using CA.pl.in as input)
2000-01-07 13:06:28 +00:00
Bodo Möller
d2b6c3f31f
apps/openssl.cnf and the documentation say it's "nombstr",
...
but crypto/asn1/a_strnid.c had "nombchar".
2000-01-07 13:05:41 +00:00
Bodo Möller
63da21c01b
make no-des and no-rc2 work.
2000-01-07 12:15:54 +00:00
Dr. Stephen Henson
35f4850ae0
More X509_ATTRIBUTE changes.
2000-01-07 00:55:54 +00:00
Dr. Stephen Henson
b38f9f66c3
Initial automation changes to 'req' and X509_ATTRIBUTE functions.
2000-01-06 01:26:48 +00:00
Bodo Möller
3a4f14f3d1
Rename CA.pl to CA.pl.in (no actual changes), and let Configure
...
set the #! line with the path to Perl.
Submitted by: Peter Jones
2000-01-05 01:31:22 +00:00
Dr. Stephen Henson
20432eae41
Fix some of the command line password stuff. New function
...
that can automatically determine the type of a DER encoded
"traditional" format private key and change some of the
d2i functions to use it instead of requiring the application
to work out the key type.
2000-01-01 16:42:49 +00:00
Dr. Stephen Henson
6447cce372
Simplify the trust structure: basically zap the bit strings and
...
represent everything by OIDs.
1999-12-29 00:40:28 +00:00
Dr. Stephen Henson
36217a9424
Allow passwords to be included on command line for a few
...
more utilities.
1999-12-24 23:53:57 +00:00
Dr. Stephen Henson
12aefe78f0
Fixes so NO_RSA works again.
1999-12-24 17:26:33 +00:00
Dr. Stephen Henson
525f51f6c9
Add PKCS#8 utility functions and add PBE options.
1999-12-23 02:02:42 +00:00
Bodo Möller
2b6313d0da
Rename
...
CRYPTO_add_info => CRYPTO_push_info
CRYPTO_remove_info => CRYPTO_pop_info
in the hope that these names are more descriptive;
and "make update".
1999-12-18 13:51:47 +00:00
Bodo Möller
75acc288ca
fix typos and other little errors ...
1999-12-18 13:25:45 +00:00
Bodo Möller
03c48fa07b
Avoid shadowing p to make the compiler happy.
1999-12-18 05:16:30 +00:00
Bodo Möller
3db1f2d5be
Add a comment.
1999-12-18 00:30:32 +00:00
Bodo Möller
e8f48dbacc
Add missing semicolon to make compiler happy, and switch back
...
from MemCheck_start() to CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
because that is what applications should use
(MemCheck_start/stop never really worked for applications
unless CRYPTO_MDEBUG was defined both when compiling the library
and when compiling the application, so probably we should
get rid of it).
1999-12-18 00:28:21 +00:00
Richard Levitte
1ad9bdf253
Use MemCheck_start() instead of CRYPTO_mem_ctrl(), and generate a small leak to test (conditional)
1999-12-17 12:50:06 +00:00
Richard Levitte
8a1580096b
Synchronise VMS scripts with Unix Makefiles
1999-12-16 19:57:50 +00:00
Dr. Stephen Henson
55f30198ad
Various S/MIME fixes. Fix for memory leak, recipient list bug
...
and not excluding parameters with DSA keys.
1999-12-14 02:44:27 +00:00
Dr. Stephen Henson
e3775a33c1
Make the PKCS#7 S/MIME functions check for passed NULL pointers.
...
Fix the usage message of smime utility and sanitise the return
codes.
Add some documentation.
1999-12-09 01:31:32 +00:00
Dr. Stephen Henson
a2121e0aee
Add i2d_ASN1_PRINTABLESTRING() function, and do 'make update'
1999-12-08 00:56:15 +00:00
Dr. Stephen Henson
55ec5861c8
Modify S/MIME application so the -signer option writes the signer(s)
...
to a file if we are verifying.
1999-12-07 02:35:52 +00:00
Dr. Stephen Henson
5a9a4b299c
Merge in my S/MIME library and utility.
1999-12-05 00:40:59 +00:00
Bodo Möller
cddfe788fb
Add functions des_set_key_checked, des_set_key_unchecked.
...
Never use des_set_key (it depends on the global variable des_check_key),
but usually des_set_key_unchecked.
Only destest.c bothered to look at the return values of des_set_key,
but it did not set des_check_key -- if it had done so,
most checks would have failed because of wrong parity and
because of weak keys.
1999-12-03 20:24:21 +00:00
Dr. Stephen Henson
dd4134101f
Change the trust and purpose code so it doesn't need init
...
either and has a static and dynamic mix.
1999-12-02 02:33:56 +00:00
Dr. Stephen Henson
08cba61011
Modify the X509 V3 extension lookup code.
1999-12-01 01:49:46 +00:00
Ben Laurie
fea9afbfc7
Make salting the default. Fail gracefully if the input is not salted.
1999-11-30 20:15:19 +00:00
Dr. Stephen Henson
bb7cd4e3eb
Remainder of SSL purpose and trust code: trust and purpose setting in
...
SSL_CTX and SSL, functions to set them and defaults if no values set.
1999-11-29 22:35:00 +00:00
Dr. Stephen Henson
13938aceca
Add part of chain verify SSL support code: not complete or doing anything
...
yet.
Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.
Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
1999-11-29 01:09:25 +00:00
Dr. Stephen Henson
51630a3706
Add trust setting support to the verify code. It now checks the
...
trust settings of the root CA.
After a few fixes it seems to work OK.
Still need to add support to SSL and S/MIME code though.
1999-11-27 19:43:10 +00:00
Dr. Stephen Henson
9868232ae1
Initial trust code: allow setting of trust checking functions
...
in a table. Doesn't do too much yet.
Make the -<digestname> options in 'x509' affect all relevant
options.
Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.
A few constification changes.
1999-11-27 01:14:04 +00:00
Dr. Stephen Henson
d4cec6a13d
New options to the -verify program which can be used for chain verification.
...
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.
Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
1999-11-26 00:27:07 +00:00
Dr. Stephen Henson
52664f5081
Transparent support for PKCS#8 private keys in RSA/DSA.
...
New universal public key format.
Fix CRL+cert load problem in by_file.c
Make verify report errors when loading files or dirs
1999-11-21 22:28:31 +00:00
Ben Laurie
44eca70641
Update dependencies.
1999-11-18 14:32:54 +00:00
Ben Laurie
5ef738240a
Fix warning.
1999-11-18 14:10:53 +00:00
Dr. Stephen Henson
f76d8c4747
Modify verify code to handle self signed certificates.
1999-11-17 01:20:29 +00:00
Dr. Stephen Henson
91895a5938
Fix for a bug in PKCS#7 code and non-detached data.
...
Remove rc4-64 from ciphers since it doesn't exist...
1999-11-16 14:54:50 +00:00
Dr. Stephen Henson
fd699ac55f
Add a salt to the key derivation using the 'enc' program.
1999-11-16 02:49:25 +00:00
Dr. Stephen Henson
06556a1744
'req' fixes. Reinstate length check one request fields.
...
Fix to stop null being added to attributes.
Modify X509_LOOKUP, X509_INFO to handle auxiliary info.
1999-11-14 23:10:50 +00:00
Dr. Stephen Henson
a0e9f529a4
Add support for the 40 and 64 bit RC2 and RC4 ciphers in 'enc'
...
add documentation for 'enc'.
1999-11-14 03:23:17 +00:00
Richard Levitte
849c0fe240
Adjust to changes in apps/openssl.cnf
1999-11-12 01:59:47 +00:00
Richard Levitte
ca0e2bc973
Adjust to changes in apps/Makefile.ssl
1999-11-12 01:52:59 +00:00
Dr. Stephen Henson
954ef7ef69
Merge some common functionality in the apps, delete
...
the encryption option in the pkcs7 utility (they never
did anything) and add a couple more options to pkcs7.
1999-11-12 01:42:25 +00:00
Dr. Stephen Henson
af29811edd
Add password command line options to some utils. Fix and update man
...
pages.
1999-11-11 18:41:31 +00:00
Dr. Stephen Henson
53b1899e3c
Fix a couple of outstanding issues: update STATUS file, fix NO_FP_API problems.
...
Update docs, change 'ca' to use the new callback parameter. Now moved key_callback
into app.c because some other utilities will use it soon.
1999-11-11 13:58:41 +00:00
Ben Laurie
95fdc5eef9
Fix (spurious) warnings.
1999-11-09 12:09:24 +00:00
Bodo Möller
5fe2085bba
Avoid some warnings.
1999-11-09 10:00:15 +00:00
Dr. Stephen Henson
a0ad17bb6c
Fix to the -revoke option in ca. It was leaking memory, crashing and just
...
plain not working :-(
Also fix some memory leaks in the new X509_NAME code.
Fix so new app_rand code doesn't crash 'x509' and move #include so it compiles
under Win32.
1999-11-08 13:58:08 +00:00
Dr. Stephen Henson
ce1b4fe146
Allow additional information to be attached to a
...
certificate: currently this includes trust settings
and a "friendly name".
1999-11-04 00:45:35 +00:00
Dr. Stephen Henson
74400f7348
Continued multibyte character support.
...
Add a bunch of functions to simplify the creation of X509_NAME structures.
Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.
1999-10-27 00:15:11 +00:00
Bodo Möller
847c52e47f
Warn about RANDFILE being overwritten.
1999-10-26 11:27:42 +00:00
Bodo Möller
640588bbfb
New file app_rand.c with some functionality used in various openssl
...
applications.
1999-10-26 01:59:11 +00:00
Bodo Möller
a31011e8e0
Various randomness handling bugfixes and improvements --
...
some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.
1999-10-26 01:56:29 +00:00
Bodo Möller
798757762a
Improve support for running everything as a monolithic application.
...
Submitted by: Lennart Bång, Bodo Möller
1999-10-25 19:36:01 +00:00
Dr. Stephen Henson
673b102c5b
Initial support for certificate purpose checking: this will
...
ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.
1999-10-13 01:11:56 +00:00
Dr. Stephen Henson
def38e38ec
Fix incorrect usage messages in some commands.
1999-10-06 22:59:21 +00:00
Dr. Stephen Henson
d71c6bc5a4
Fix for bug in pkcs12 program and typo in ASN1_tag2str().
1999-10-05 13:10:21 +00:00
Dr. Stephen Henson
2d681b779c
Fix for bug in pkcs12 program and typo in ASN1_tag2str().
1999-10-05 12:57:50 +00:00
Dr. Stephen Henson
3908cdf442
New option -dhparam to s_server to allow the DH parameter file to be set
...
explicitly. Previously it couldn't be changed because it was hard coded as
"server.pem".
1999-10-04 23:56:06 +00:00
Dr. Stephen Henson
3ea23631d4
Add support for public key input and output in rsa and dsa utilities with some
...
new DSA public key functions that were missing.
Also beginning of a cache for X509_EXTENSION structures: this will allow them
to be accessed more quickly for things like certificate chain verification...
1999-10-04 21:17:47 +00:00
Ben Laurie
18c77bf29e
Fix warnings.
1999-10-03 18:09:45 +00:00
Dr. Stephen Henson
c91e125934
Modify the 'speed' application so it now uses RSA_sign and RSA_verify
...
instead of RSA_private_encrypt and RSA_public_decrypt
1999-10-02 01:18:19 +00:00
Bodo Möller
39b30b6ab7
"make update"
1999-09-27 15:12:30 +00:00
Bodo Möller
8569c322be
Fix typo in error message.
...
Submitted by: Alan Batie
1999-09-25 11:26:31 +00:00
Bodo Möller
dd73193c83
Honor BUFSIZZ definition in s_server, don't use tiny 32 byte
...
buffer (which leads to truncation of client cipher list).
1999-09-25 11:24:53 +00:00
Bodo Möller
4ad378ea43
Bugfix: avoid opening CAfile when it's NULL.
1999-09-24 20:27:20 +00:00
Bodo Möller
f4e723f3e7
typo
1999-09-21 14:03:20 +00:00
Dr. Stephen Henson
06f4536a61
Fix to make s_client and s_server work under Windows. A bit of a hack but
...
an improvement on not working at all.
1999-09-20 22:09:17 +00:00
Dr. Stephen Henson
090d848ea8
Various CRL enhancements tidies and workaround for broken CRLs.
1999-09-18 01:42:02 +00:00
Bodo Möller
9a0f732d75
Document -startdate and -enddate in usage summary.
1999-09-17 16:35:29 +00:00
Dr. Stephen Henson
d79812b0fa
Fix typo.
1999-09-15 21:12:23 +00:00
Bodo Möller
396f631458
some more patches for avoiding problems with non-automatic variables
1999-09-08 21:58:13 +00:00
Dr. Stephen Henson
c1cd88a0eb
Oops... forgot the other RSA_NULL patches...
1999-09-08 18:19:45 +00:00
Bodo Möller
a32640b0f4
Reinitialize conf to NULL whenver ca application is started.
...
Submitted by: Lennart Bang
1999-09-05 20:53:08 +00:00
Bodo Möller
b74ba295da
Reinitialize global variables when necessary (for monolith application).
1999-09-03 23:08:45 +00:00
Dr. Stephen Henson
8ce97163a2
Add new 'spkac' utility and several SPKAC utility functions.
1999-09-03 01:08:34 +00:00
Dr. Stephen Henson
87a25f9032
Allow the extension section specified in config files to be overridden
...
on the command line for various utilities.
1999-08-27 00:08:17 +00:00
Dr. Stephen Henson
f9150e5421
Allow the 1.OU="my OU" syntax in 'ca' for SPKACs.
1999-08-25 23:18:23 +00:00
Dr. Stephen Henson
c79b16e11d
Allow extensions to be added to certificate requests, update the sample
...
config file (change RAW to DER).
1999-08-25 16:59:26 +00:00
Bodo Möller
2cfa692136
Return 0 for succesful exit when -noout is used.
1999-08-17 08:33:59 +00:00
Bodo Möller
1b1a6e7808
-crlf option.
1999-08-09 13:01:48 +00:00
Bodo Möller
204cf1abb0
Comments.
1999-08-08 14:21:04 +00:00
Ralf S. Engelschall
5a97a0b6e4
consistent style
1999-08-08 09:39:43 +00:00
Bodo Möller
1bdb8633c1
New option "-crlf" to s_client and s_server which tells them to convert
...
LFs into CRLFs when forwarding data from stdin to the TLS connection.
This is necessary for properly talking HTTP.
Because of the code freeze this change is by default disabled for now;
without -DAPPS_CRLF, the code is exactly as before.
1999-08-07 02:51:10 +00:00
Dr. Stephen Henson
ed7f60fbf9
Fix -startdate and -enddate arguments to 'ca' program. Also update NEWS file
...
with some 0.9.4 changes.
1999-08-06 21:47:09 +00:00
Bodo Möller
e42979f2c5
Dont' assume that something starting with '-' is a filename --
...
"openssl gendsa -help" now prints the usage summary, not error
messages that now file -help was found.
1999-08-06 11:18:44 +00:00
Bodo Möller
a851544169
avoid some NO_<cipher> problems
1999-08-02 21:44:49 +00:00
Dr. Stephen Henson
12ea44704a
Tidy up pkcs12 application.
1999-07-29 21:50:34 +00:00
Ulf Möller
8c197cc55e
VMS updates.
...
Submitted by: Richard Levitte <levitte@stacken.kth.se>
1999-07-28 23:25:59 +00:00
Bodo Möller
93c106c4b9
additional argument for key_callback
1999-07-21 22:07:35 +00:00
Bodo Möller
74678cc2f8
Additional user data argument to pem_password_cb function type
...
and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>
1999-07-21 20:57:16 +00:00
Bodo Möller
c69e361f1c
Fix option processing.
...
Submitted by: Sam Tetherow
1999-07-14 18:37:51 +00:00
Bodo Möller
5059658219
fix memory leak in s3_clnt.c
1999-07-12 17:15:42 +00:00
Bodo Möller
3a55fc1aab
correct error handling
...
insert spaces in products that occur in error codes
1999-07-12 09:46:34 +00:00
Bodo Möller
03cd49447f
New function RSA_check_key,
...
openssl rsa -check
1999-07-11 22:00:55 +00:00
Dr. Stephen Henson
f7daafa442
Fix a bug in x509.c that omitted DSA parameters when they didn't match the
...
signers parameters. Changed it to never omit parameters.
1999-07-11 01:48:21 +00:00
Bodo Möller
777ab7e611
Fix memory checking.
1999-07-09 16:27:30 +00:00
Ulf Möller
5271ebd9a3
More no-xxx option tweaks.
1999-06-30 00:42:56 +00:00
Ulf Möller
5676d8cb76
Fix no-hmac and no-ripemd.
1999-06-29 23:52:08 +00:00
Bodo Möller
227cd06ffe
Avoid some memory holes, one of which was pointed out by
...
"Chad C. Mulligan" <mulligan@antipope.org>.
1999-06-25 13:41:35 +00:00
Bodo Möller
a6c1b3a9ac
"make update"
1999-06-21 10:04:48 +00:00
Dr. Stephen Henson
ba404b5e86
Convert the CONF library to use a typesafe stack: a STACK_OF(CONF_VALUE). It
...
seemed like a good idea at the time... several hours later it was rather
obvious that these are used all over the place making the changes rather
extensive.
1999-06-20 22:18:16 +00:00
Bodo Möller
d58d092bc9
Avoid warnings.
1999-06-10 16:29:32 +00:00
Ulf Möller
df63a389a5
"extern" is a C++ reserved word.
...
Pointed out by: Janez Jere <jj@void.si>
1999-06-09 16:33:18 +00:00
Bodo Möller
7740a1c6ef
"make update" (added to top Makefile, and applied).
1999-06-09 16:18:53 +00:00
Dr. Stephen Henson
8eb57af5fe
Complete support for PKCS#5 v2.0. Still needs extensive testing.
1999-06-08 00:09:51 +00:00
Bodo Möller
b1c4fe3625
Don't mix real tabs with tabs expanded as 8 spaces -- that's
...
a pain to read when using 4-space tabs.
1999-06-07 20:26:51 +00:00
Bodo Möller
9e06f6f601
Introduce "BIO pairs", which (when finished) will relay data
...
so that the SSL library can be used for applications that
have to handle all the actual I/O themselves.
1999-06-07 16:04:45 +00:00
Bodo Möller
cf2562e772
More general definition for S_ISDIR (needed not only for VMS but
...
also for NeXT).
1999-06-07 00:20:54 +00:00
Dr. Stephen Henson
e7871ffaa8
More PKCS#8 stuff. Support for unencrypted forms of private key.
1999-06-05 12:39:10 +00:00
Dr. Stephen Henson
3cbb7937fa
Add d2i,i2d bio and fp functions for PKCS#8 and add -inform and -outform
...
arguments to pkcs8 application.
1999-06-05 01:45:20 +00:00
Dr. Stephen Henson
600dec1586
Add a 'pkcs8' application for initial PKCS#8 support. Still needs lots more
...
options to handle encrypted and unencrypted forms and DER format input and
output.
1999-06-05 00:32:16 +00:00
Ben Laurie
167f3af2ce
Aha! That's how pkcs12 got missed from stackification.
1999-06-04 22:25:30 +00:00
Ben Laurie
84c15db551
Some constification and stacks that slipped through the cracks (how?).
1999-06-04 22:23:10 +00:00
Ulf Möller
a53955d8ab
Support the EBCDIC character set and BS2000/OSD-POSIX (work in progress).
...
Submitted by: Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>
1999-06-04 21:35:58 +00:00
Ulf Möller
1e44804e33
Avoid type conflict on Unix with DEC C.
...
Pointed out by Sergio Rabellino <Rabellino@di.unito.it>
1999-06-04 13:41:30 +00:00
Ben Laurie
b4f76582d4
More evil cast removal.
1999-06-03 18:04:04 +00:00
Ben Laurie
6d114240b9
stack.
1999-05-31 21:00:25 +00:00
Ben Laurie
e5e932d212
Another safe stack.
1999-05-30 15:40:21 +00:00
Ben Laurie
ee8ba0b26c
Another safe stack.
1999-05-30 15:25:47 +00:00
Dr. Stephen Henson
bec9e0da7a
Free up 'out' before exiting pkcs12 application.
...
Submitted by: Wu Zhigang <zhigangwu@yahoo.com>
1999-05-27 13:10:59 +00:00
Bodo Möller
5ece777974
der_chop is now generated from der_chop.in.
1999-05-27 00:19:59 +00:00
Bodo Möller
288d2fb959
Set #!... path to Perl in apps/der_chop automatically.
1999-05-25 22:31:49 +00:00
Bodo Möller
6720e9472f
Add closing parenthesis to usage output.
1999-05-25 21:38:09 +00:00
Bodo Möller
7e70181723
It was a very bad idea to use #include "../e_os.h" -- when this occurs
...
in cryptlib.h (which is often included as "../cryptlib.h"), then the
question remains relative to which directory this is to be interpreted.
gcc went one further directory up, as intended; but makedepend thinks
differently, and so probably do some C compilers. So the ../ must go away;
thus e_os.h goes back into include/openssl (but I now use
#include "openssl/e_os.h" instead of <openssl/e_os.h> to make the point) --
and we have another huge bunch of dependency changes. Argh.
1999-05-21 11:16:48 +00:00
Bodo Möller
17e3dd1c62
Don't install e_os.h in include/openssl, use it only as a local
...
include file.
1999-05-20 21:59:20 +00:00
Ulf Möller
9dff4cc051
Bring VMS in sync with the recent changes.
...
Submitted by: Richard Levitte <levitte@stacken.kth.se>
1999-05-20 21:00:29 +00:00
Ulf Möller
da70ff710c
Avoid a warning.
...
Submitted by: Sylvain Robitaille <syl@alcor.concordia.ca>
1999-05-20 02:09:46 +00:00
Dr. Stephen Henson
257e206da6
Include some notes on basic extension usage and change openssl.cnf to usually
...
do sensible things with extensions.
1999-05-19 23:54:58 +00:00
Dr. Stephen Henson
e84240d422
New functions sk_set, sk_value and sk_num to replace existing macros: this is
...
to minimise the effects on existing code.
1999-05-19 12:45:16 +00:00
Dr. Stephen Henson
35f7324c23
Change default PKCS#12 iteration count to 2048, include rsa_oeap_test in the
...
test batch file.
1999-05-18 20:12:54 +00:00
Bodo Möller
12ba413c08
Get rid of some unnecessary casts and add a necessary one.
1999-05-18 15:06:20 +00:00
Bodo Möller
bc2e519a89
If we couldn't handle "-showcerts" (which happens with the current
...
SSL2 implementation), show at least the server certificate.
1999-05-17 20:46:43 +00:00
Bodo Möller
3f45ed82dc
Rename "openssl x509" option "-config" to "-extfile", because it
...
doesn't have a default value like the "-config" options of other
openssl subprograms.
1999-05-17 08:28:37 +00:00
Dr. Stephen Henson
4aeb94b801
Oops! Get the pmatch test the right way round.
1999-05-16 21:50:26 +00:00
Dr. Stephen Henson
1b266dabf5
Fix various less obvious bugs in PKCS#7 handling: such as not zeroing
...
the secret key before we've encrypted it and using the right NID for RC2-64.
Add various arguments to the experimental programs 'dec' and 'enc' to make
testing less painful.
This stuff has now been tested against Netscape Messenger and it can encrypt
and decrypt S/MIME messages with RC2 (128, 64 and 40 bit) DES and triple DES.
Its still experimental though...
1999-05-16 17:32:32 +00:00
Bodo Möller
edf0bfb52b
Change type of various DES function arguments from des_cblock
...
(meaning pointer to char) to des_cblock * (meaning pointer to
array with 8 char elements), which allows the compiler to
do more typechecking. (The changed argument types were of type
des_cblock * back in SSLeay, and a lot of ugly casts were
used then to turn them into pointers to elements; but it can be
done without those casts.)
Introduce new type const_des_cblock -- before, the pointers rather
than the elements pointed to were declared const, and for
some reason gcc did not complain about this (but some other
compilers did).
1999-05-16 12:26:16 +00:00
Bodo Möller
e186bf96b4
Added a comment pointing out the behaviour of "openssl x509 -conf ...",
...
which cost me some time to find out about.
1999-05-16 12:17:20 +00:00
Bodo Möller
ee86c3f53d
Marked probable bug, pointed out by Anonymous.
1999-05-16 12:01:49 +00:00
Dr. Stephen Henson
a74c55cd8f
Various Win32 fixes. Change args in do_ms.bat to put platform last. Fix
...
unsigned/signed cmp error in asn1parse. Change various pem_all.c args to
use pem_password_cb.
1999-05-15 20:33:15 +00:00
Bodo Möller
127640b449
Update dependencies.
1999-05-15 13:38:48 +00:00
Ben Laurie
531b2cf7e9
Get rid of the cast.
1999-05-15 11:54:21 +00:00
Ulf Möller
09feda5cec
Cut&paste error.
1999-05-13 17:25:05 +00:00
Bodo Möller
b56bce4fc7
New structure type SESS_CERT used instead of CERT inside SSL_SESSION.
...
While modifying the sources, I found some inconsistencies on the use of
s->cert vs. s->session->sess_cert; I don't know if those could
really have caused problems, but possibly this is a proper bug-fix
and not just a clean-up.
1999-05-13 15:09:38 +00:00
Ulf Möller
5c83b4c93f
Remove redundant ifdef.
1999-05-13 13:29:41 +00:00
Ulf Möller
75e0770d96
VMS support bug fixes.
1999-05-13 13:21:17 +00:00
Ulf Möller
7d7d2cbcb0
VMS support.
...
Submitted by: Richard Levitte <richard@levitte.org>
1999-05-13 11:37:32 +00:00
Dr. Stephen Henson
f5eac85edc
Add new -out option to asn1parse to allow the parsed data to be output.
...
Fixed -strparse option: it didn't work if used more than once (this was due
to the d2i_ASN1_TYPE call parsing a freed buffer). On Win32 the file wincrypt.h
#define's X509_NAME and PKCS7_SIGNER_INFO causing clashes so these are #undef'ed
1999-05-12 01:56:27 +00:00
Bodo Möller
54a29df0ec
argc counting bug fixed.
...
Submitted by: Tomas Hulek
Reviewed by:
PR:
1999-05-11 15:44:58 +00:00
Ulf Möller
7af62c3cbb
Move openssl.cnf out of lib/.
...
Submitted by: Richard Levitte <levitte@stacken.kth.se>
1999-05-11 10:42:28 +00:00
Ulf Möller
d5a2ea4b73
Move openssl.cnf out of lib/.
1999-05-10 23:59:28 +00:00
Ralf S. Engelschall
397f703892
Fix various things to let OpenSSL even pass ``egcc -pipe -O2 -Wall -Wshadow
...
-Wpointer-arith -Wcast-align -Wmissing-prototypes -Wmissing-declarations
-Wnested-externs -Winline'' with EGCS 1.1.2+
1999-05-10 08:33:56 +00:00
Dr. Stephen Henson
a5ab0532ca
Various Win32 fixes. Win95 doesn't support MoveFileEx() (which was used for a
...
Win32 version of rename() ). There isn't a precise rename() equivalent under
Win95: the standard rename() complains if the destination already exists so
replaced with a combination of unlink() and MoveFile().
1999-05-08 22:46:51 +00:00
Dr. Stephen Henson
e40b7abeed
Allows PKCS#12 password to be placed on command line and add allow config
...
file name for 'ca' to come from the environment.
1999-05-08 12:59:50 +00:00
Bodo Möller
a2aa81683f
This was an unused derivate of an old version of s_client.c that had
...
been changed so that it almost could be used under Windows.
No one asked to keep it (and no one volunteered to bring it into useable
state), so away with it.
Submitted by:
Reviewed by:
PR:
1999-05-08 10:12:48 +00:00
Ralf S. Engelschall
20b85fdd76
Convert casted X509_INFO stacks to type-safe STACK_OF(X509_INFO).
...
PS: Feel free to move the IMPLEMENT_STACK_OF(X509_INFO) from
crypto/asn1/x_info.c to any other place where you think it fits better.
X509_INFO is a structure slightly spreaded over ASN.1, X509 and PEM code,
so I found no definitive location for IMPLEMENT_STACK_OF(X509_INFO). In
crypto/asn1/x_info.c it's at least now bundled with X509_INFO_new() and
friends.
1999-05-04 08:56:51 +00:00
Ralf S. Engelschall
0f3e604589
consistency cosmetics
1999-05-04 06:50:45 +00:00
Ben Laurie
0b3f827cf5
Yet another stack.
1999-05-02 21:36:58 +00:00
Ben Laurie
5b1b044606
Update dependencies.
1999-05-01 22:36:10 +00:00
Ben Laurie
d35ea5b00b
Another stack.
1999-05-01 18:29:59 +00:00
Ben Laurie
d500de1672
Another stack.
1999-05-01 18:08:44 +00:00
Ben Laurie
65d4927b8d
Another safe stack.
1999-05-01 17:40:57 +00:00
Bodo Möller
e5f3045fbf
Support INSTALL_PREFIX for packagers.
...
Submitted by:
Reviewed by:
PR:
1999-04-29 21:52:08 +00:00
Ulf Möller
d575d2924c
Ignore Makefile.save
...
Submitted by: Anonymous
1999-04-29 16:04:54 +00:00