wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7261 commits 20 branches 302 tags 153 MiB
Commit graph

825 commits

Author SHA1 Message Date
Richard Levitte
4108d365bf make update 2004-05-13 21:38:37 +00:00
Dr. Stephen Henson
7922ba2feb Make self signing option of 'x509' use random serial numbers too. 2004-05-12 18:20:57 +00:00
Dr. Stephen Henson
d94b22235f Fix memory leak. 2004-05-12 17:53:22 +00:00
Richard Levitte
d529f2a8f7 The functions OPENSSL_strcasen?cmp() were forgotten when merging the 
FIPS branch into this.  It's needed at least for certain OpenVMS
versions, and should really be used in a more general way.
 2004-05-12 10:09:00 +00:00
Richard Levitte
4eeaf52ed9 Only check for FIPS signatures when FIPS is enabled. 2004-05-12 08:27:38 +00:00
Ben Laurie
3642f632d3 Pull FIPS back into stable. 2004-05-11 12:46:24 +00:00
Dr. Stephen Henson
5a9d2d9081 Port the random serial number generation to 0.9.7-stable. 
Due to the changes in CA.pl in 0.9.8 (use of -self_sign) a slightly different
technique is used to ensure that 'ca' uses the next serial number. It
now initializes the serial number using 'openssl x509 -next_serial'.
 2004-04-22 12:19:48 +00:00
Dr. Stephen Henson
8e94e99ccb Clear error if unique_subject lookup fails. 2004-04-15 00:33:24 +00:00
Richard Levitte
5cf7908a86 Move the definition of Win32_rename(), since the macro rename gets undefined 
in the middle of the code on Windows, and that disrupts operations in functions
later that use rename()...
PR: 853
 2004-03-25 20:09:02 +00:00
Richard Levitte
a9d9b07167 Merge from HEAD: 
2003-04-03 22:03  levitte

	* apps/apps.c (1.70): Don't try to free NULL values...

Notified by "Steven Reddie" <smr@essemer.com.au>
 2004-03-19 00:20:12 +00:00
Dr. Stephen Henson
8e6a84e730 Avoid warnings. 2004-03-16 13:50:18 +00:00
Dr. Stephen Henson
00b9c1be7d Incorporate crlNumber functionality from 0.9.8 except it is commented out 
in openssl.cnf .
 2004-03-08 13:07:07 +00:00
Richard Levitte
051bb5c457 Incorporate the following changes from 0.9.8-dev: 
2003-04-04 17:10  levitte

	* apps/: apps.c (1.72), apps.h (1.56), ca.c (1.135), x509.c (1.82):
	  Convert save_serial() to work like save_index(), and add a
	  rotate_serial() that works like rotate_index().

2003-04-03 20:07  levitte

	* apps/: apps.c (1.69), ca.c (1.130): Conditionalise all debug
	  strings.

2003-04-03 18:33  levitte

	* apps/apps.c (1.68), apps/apps.h (1.55), apps/ca.c (1.129),
	  apps/ocsp.c (1.31), apps/openssl.cnf (1.24), apps/x509.c (1.80),
	  CHANGES (1.1139): Make it possible to have multiple active
	  certificates with the same subject.
 2004-03-08 02:53:46 +00:00
Dr. Stephen Henson
be21fe59aa Call autoconfig code in pkcs7 utility. 2004-03-05 23:45:08 +00:00
Dr. Stephen Henson
ae43f344af -passin argument to rsautl 2004-03-04 21:58:13 +00:00
Dr. Stephen Henson
489885cf84 Fix from head. 2004-03-01 13:23:41 +00:00
Dr. Stephen Henson
dd10343e75 Fix handling of -offset and -length in asn1parse tool. 
If -offset exceeds -length of data available exit with an error.

Don't read past end of total data available when -offset supplied.

If -length exceeds total available truncate it.
 2004-02-08 13:30:33 +00:00
Lutz Jänicke
3a0ede0ffd Cover all DSA setups when running tests 
PR: #748
Submitted by: Kirill Kochetkov <kochet@ixbt.com>
 2004-01-08 07:46:12 +00:00
Richard Levitte
cc056d6395 Use sh explicitely to run point.sh 
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 15:00:24 +00:00
Richard Levitte
394178c94c Use BUF_strlcpy() instead of strcpy(). 
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 14:40:57 +00:00
Dr. Stephen Henson
85421c7148 Give CRLDP its standard name. 
Max req -x509 use V1 if extensions section absent.
 2003-11-20 22:43:28 +00:00
Lutz Jänicke
890b2abf19 Make sure to initialize AES counters to obtain proper results. 
Submitted by: Kirill Kochetkov <kochet@ixbt.com>

PR: #748
 2003-11-18 18:26:32 +00:00
Lutz Jänicke
6b051c4ebc Catch error condition to prevent NULL pointer dereference. 
Submitted by: Goetz Babin-Ebell <babin-ebell@trustcenter.de>

PR: #766
 2003-11-16 16:31:22 +00:00
Richard Levitte
87c99c59bd Selected changes for MSDOS, contributed by Gisle Vanem <giva@bgnett.no>. 
PR: 669
 2003-09-27 21:56:12 +00:00
Richard Levitte
9c90f27dac Remove extra argument to BIO_printf(). 
PR: 685
 2003-09-27 18:31:41 +00:00
Richard Levitte
ec4e600da6 Include the instance in the Kerberos ticket information. 
In s_server, print the received Kerberos information.
PR: 693
 2003-09-27 17:55:18 +00:00
Dr. Stephen Henson
5f444c8fcd In order to get the expected self signed error when 
calling X509_verify_cert() in x509.c the cert should
not be added to the trusted store.
 2003-09-21 02:15:07 +00:00
Dr. Stephen Henson
bd69ac5c93 New -ignore_err option in ocsp application to stop the server 
exiting on the first error in a request.
 2003-09-03 23:54:00 +00:00
Bodo Möller
9cc513a000 fix out-of-bounds check in lock_dbg_cb (was too lose to detect all 
invalid cases)

PR: 674
 2003-08-14 10:33:26 +00:00
Richard Levitte
cac32e5acd Undo the change that left LD_LIBRARY_PATH unchanged. The errors I saw 
weren't due to that, but to a change on the SCO machines I used for
testing, where my $PATH was suddenly incorrect.
 2003-08-14 06:54:29 +00:00
Richard Levitte
f56c451143 Oops, removed a little too much. 2003-08-11 09:56:17 +00:00
Dr. Stephen Henson
3410aa1aa8 Various S/MIME bug and compatibility fixes. 2003-06-01 20:45:44 +00:00
Lutz Jänicke
a598524ad6 Add minimum POP3 STLS hack to s_client.c (as was provided for STARTTLS before) 
Submitted by: dg@sunet.ru (Daniel Ginsburg)

PR: #613
 2003-05-28 20:24:20 +00:00
Richard Levitte
e4e049e489 Dont forget req. 2003-04-09 06:50:39 +00:00
Richard Levitte
9f81f23742 Set LD_LIBRARY_PATH when linking, since OpenUnix' ld uses it to create 
a library search path.

Correct typos.
 2003-04-08 11:54:32 +00:00
Richard Levitte
2bdcfbd7a3 Reset the version number of the issuer certificate? I believe this 
hasn't been tested in a long while...
 2003-04-03 18:50:48 +00:00
Richard Levitte
be34231656 No need to test -setalias twice. 
PR: 556
 2003-03-31 13:56:55 +00:00
Richard Levitte
c6b220d933 Add usage string for -fingerprint. 
PR: 560
 2003-03-31 13:06:27 +00:00
Dr. Stephen Henson
39e76bc454 Update ocsp usage message and docs. 2003-03-26 00:47:07 +00:00
Richard Levitte
f077cf68af Make sure that all the library paths are modified in prepend mode, not 
replace mode.
PR: 528
 2003-03-20 11:37:55 +00:00
Dr. Stephen Henson
3f691235da Get the PEDANTIC stuff right this time... 2003-03-13 21:26:31 +00:00
Dr. Stephen Henson
b575dff21a Avoid warnings for no-engine and PEDANTIC 2003-03-12 02:38:35 +00:00
Ulf Möller
37d9503a67 mingw related cleanups, as in head 2003-02-22 18:02:46 +00:00
Richard Levitte
6c0118ee8e Handle krb5 libraries separately and make sure only libssl.so depends 
on it.
 2003-02-14 13:11:44 +00:00
Richard Levitte
97333eaff7 Pay attention to disabled SSL versions. 
PR: 500
 2003-02-14 05:24:25 +00:00
Richard Levitte
b9447ec1bc Make it possible to disable OCSP, the speed application, and the use of sockets. 
PR: 358
 2003-02-14 01:03:06 +00:00
Richard Levitte
6d85cd36e2 Add the possibility to build without the ENGINE framework. 
PR: 287
 2003-01-30 17:37:49 +00:00
Richard Levitte
d48e6a47bd cert_sk isn't always allocated, so freeing it may cause a crash. 
PR: 481
 2003-01-30 10:27:47 +00:00
Dr. Stephen Henson
624feae8af Check return value of gmtime() and add error codes 
where it fails in ASN1_TIME_set().

Clear error queue in req.c if *_min or *_max is absent.
 2003-01-24 00:42:50 +00:00
Richard Levitte
881cb8b108 DJGPP doesn't have DLLs, so skip adding to %PATH% in that environment. 
PR: 453
 2003-01-13 15:16:48 +00:00