Nils Larsch
7c7667b86b
check return value of RAND_pseudo_bytes; backport from the stable branch
2005-04-29 20:10:06 +00:00
Dr. Stephen Henson
6c61726b2a
Lots of Win32 fixes for DTLS.
...
1. "unsigned long long" isn't portable changed: to BN_ULLONG.
2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
2. Avoid lots of compiler warnings about signed/unsigned mismatches.
3. Include new library directory pqueue in mk1mf build system.
4. Update symbols.
2005-04-27 16:27:14 +00:00
Bodo Möller
aa4ce7315f
Fix various incorrect error function codes.
...
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
2005-04-26 18:53:22 +00:00
Bodo Möller
480506bd49
remove some functions from exported headers
2005-04-26 18:18:35 +00:00
Bodo Möller
0d5ea7613e
make update
2005-04-26 18:09:21 +00:00
Bodo Möller
beb056b303
fix SSLerr stuff for DTLS1 code;
...
move some functions from exported header <openssl/dtl1.h> into "ssl_locl.h";
fix silly indentation (a TAB is *not* always 4 spaces)
2005-04-26 18:08:00 +00:00
Dr. Stephen Henson
4e321ffaff
Fixes for signed/unsigned warnings and shadows.
2005-04-26 17:43:53 +00:00
Ben Laurie
36d16f8ee0
Add DTLS support.
2005-04-26 16:02:40 +00:00
Nils Larsch
965a1cb92e
change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible
2005-04-23 10:11:16 +00:00
Dr. Stephen Henson
384dba6edb
Make kerberos ciphersuite code compile again.
...
Avoid more shadow warnings.
2005-04-20 21:48:48 +00:00
Andy Polyakov
3ed449e94a
More cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...
2005-04-13 21:46:30 +00:00
Dr. Stephen Henson
29dc350813
Rebuild error codes.
2005-04-12 16:15:22 +00:00
Richard Levitte
4bb61becbb
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
Dr. Stephen Henson
0858b71b41
Make kerberos ciphersuite code work with newer header files
2005-04-09 23:55:55 +00:00
Richard Levitte
d9bfe4f97c
Added restrictions on the use of proxy certificates, as they may pose
...
a security threat on unexpecting applications. Document and test.
2005-04-09 16:07:12 +00:00
Nils Larsch
dc0ed30cfe
add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()
...
and SSL_use_PrivateKey_file()
PR: 1035
Submitted by: Walter Goulet
Reviewed by: Nils Larsch
2005-04-08 22:52:42 +00:00
Nils Larsch
6049399baf
get rid of very buggy and very imcomplete DH cert support
...
Reviewed by: Bodo Moeller
2005-04-07 23:19:17 +00:00
Nils Larsch
48c832b6b7
really clear the error queue here
...
PR: 860
2005-04-01 17:50:09 +00:00
Nils Larsch
f3e427f6f9
use SSL3_VERSION_MAJOR instead of SSL3_VERSION etc.
...
PR: 658
2005-04-01 17:35:32 +00:00
Ben Laurie
41a15c4f0f
Give everything prototypes (well, everything that's actually used).
2005-03-31 09:26:39 +00:00
Ben Laurie
42ba5d2329
Blow away Makefile.ssl.
2005-03-30 13:05:57 +00:00
Ben Laurie
0821bcd4de
Constification.
2005-03-30 10:26:02 +00:00
Dr. Stephen Henson
59b6836ab2
Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server and
...
client random values.
2005-03-22 14:11:06 +00:00
Nils Larsch
f4bfd357e5
some const fixes
2005-03-20 22:56:07 +00:00
Richard Levitte
a963395a7b
Apparently, at least with my VMS C environment, defining _XOPEN_SOURCE
...
gets _POSIX_C_SOURC and _ANSI_C_SOURCE defined, which stops u_int from
being defined, and that breaks havock into the rest of the standard
headers... *sigh*
2005-01-19 17:03:07 +00:00
Richard Levitte
d8863f0bdb
Small thing. It seems like we have to defined _XOPEN_SOURCE to get
...
isascii() on DEC/Compaq/HP C for VMS.
2005-01-18 16:46:02 +00:00
Richard Levitte
a7201e9a1b
Changes concering RFC 3820 (proxy certificates) integration:
...
- Enforce that there should be no policy settings when the language
is one of id-ppl-independent or id-ppl-inheritAll.
- Add functionality to ssltest.c so that it can process proxy rights
and check that they are set correctly. Rights consist of ASCII
letters, and the condition is a boolean expression that includes
letters, parenthesis, &, | and ^.
- Change the proxy certificate configurations so they get proxy
rights that are understood by ssltest.c.
- Add a script that tests proxy certificates with SSL operations.
Other changes:
- Change the copyright end year in mkerr.pl.
- make update.
2005-01-17 17:06:58 +00:00
Richard Levitte
c4d423511a
Small typo, `mask' got the same value ORed to it twice instead of
...
`mask' and `emask' getting that operation done once each.
Patch supplied by Nils Larsch <nils.larsch@cybertrust.com>
2005-01-12 16:40:48 +00:00
Richard Levitte
a2ac429da2
Don't use $(EXHEADER) directly in for loops, as most shells will break
...
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Dr. Stephen Henson
c284f20f00
Fix race condition when SSL ciphers are initialized.
2004-10-25 11:14:16 +00:00
Dr. Stephen Henson
5d7c222db8
New X509_VERIFY_PARAM structure and associated functionality.
...
This tidies up verify parameters and adds support for integrated policy
checking.
Add support for policy related command line options. Currently only in smime
application.
WARNING: experimental code subject to change.
2004-09-06 18:43:01 +00:00
Richard Levitte
d28f7bc74d
make update
2004-07-10 13:18:23 +00:00
Richard Levitte
4083a229b4
Use the new directory reading functions.
2004-07-10 13:17:16 +00:00
Richard Levitte
6713a4835f
Move some COMP functions to be inside the #ifndef OPENSSL_NO_COMP
...
wrapping preprocessor directive. This also removes a duplicate
declaration.
2004-05-20 23:47:57 +00:00
Geoff Thorpe
9c52d2cc75
After the latest round of header-hacking, regenerate the dependencies in
...
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
2004-05-17 19:26:06 +00:00
Geoff Thorpe
d095b68d63
Deprecate quite a few recursive includes from the ssl.h API header and
...
remove some unnecessary includes from the internal header ssl_locl.h. This
then requires adding includes for bn.h in four C files.
2004-05-17 18:53:47 +00:00
Dr. Stephen Henson
4843acc868
Fixes so alerts are sent properly in s3_pkt.c
...
PR: 851
2004-05-15 17:55:07 +00:00
Geoff Thorpe
bcfea9fb25
Allow RSA key-generation to specify an arbitrary public exponent. Jelte
...
proposed the change and submitted the patch, I jiggled it slightly and
adjusted the other parts of openssl that were affected.
PR: 867
Submitted by: Jelte Jansen
Reviewed by: Geoff Thorpe
2004-04-26 15:31:35 +00:00
Geoff Thorpe
c57bc2dc51
make update
2004-04-19 18:33:41 +00:00
Geoff Thorpe
60a938c6bc
(oops) Apologies all, that last header-cleanup commit was from the wrong
...
tree. This further reduces header interdependencies, and makes some
associated cleanups.
2004-04-19 18:09:28 +00:00
Richard Levitte
0020502a07
SSL_COMP_get_compression_method is a typo (a missing 's' at the end of
...
the symbol name).
2004-03-25 21:32:30 +00:00
Dr. Stephen Henson
4e8172d6da
Avoid warnings.
2004-03-16 13:51:11 +00:00
Richard Levitte
875a644a90
Constify d2i, s2i, c2i and r2i functions and other associated
...
functions and macros.
This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const. Those will be removed when this change has been
properly reviewed.
2004-03-15 23:15:26 +00:00
Richard Levitte
1fb724449d
make update
2004-01-28 18:38:33 +00:00
Lutz Jänicke
344e86645d
unintptr_t and <inttypes.h> are not strictly portable with respect to
...
ANSI C 89.
Undo change to maintain compatibility.
2004-01-04 17:53:21 +00:00
Richard Levitte
5fdf06666c
Avoid including cryptlib.h, it's not really needed.
...
Check if IDEA is being built or not.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:10:30 +00:00
Richard Levitte
79b42e7654
Use sh explicitely to run point.sh
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:59:07 +00:00
Lutz Jänicke
919f8bcd21
Restructure make targets to allow parallel make.
...
Submitted by: Witold Filipczyk <witekfl@poczta.gazeta.pl>
PR: #513
2003-12-03 16:29:41 +00:00
Richard Levitte
3822740ce3
We're getting a clash with C++ because it has a type called 'list'.
...
Therefore, change all instances of the symbol 'list' to something else.
PR: 758
Submitted by: Frédéric Giudicelli <groups@newpki.org>
2003-11-29 10:25:37 +00:00
Richard Levitte
70ef9c5a3d
RSA_size() and DH_size() return the amount of bytes in a key, and we
...
compared it to the amount of bits required...
PR: 770
Submitted by: c zhang <czhang2005@hotmail.com>
2003-11-28 23:03:14 +00:00