Richard Levitte
7b5ffd6834
Addapt VMS scripts to the newer disk layout system ODS-5, which allows more than one period and mixed size characters in file names
2001-10-29 13:05:28 +00:00
Dr. Stephen Henson
9b55da73ca
Another noemailDN fix.
2001-10-27 17:53:06 +00:00
Dr. Stephen Henson
e7156ff2e8
Allow ca to certify requests containing BMPStrings and UTF8Strings.
2001-10-27 17:04:47 +00:00
Dr. Stephen Henson
437db75b94
Bugfixes for noemailDN option. Make it use the
...
correct name (instead of NULL) if nomailDN is
not set, fix memory leaks and retain DN structure
when deleting emailAddress.
2001-10-27 17:03:20 +00:00
Dr. Stephen Henson
1586365835
Stop compiler warnings.
2001-10-27 00:18:04 +00:00
Dr. Stephen Henson
7d5b04db4e
Add support for Subject Info Acess extension.
2001-10-27 00:16:53 +00:00
Bodo Möller
48b0cf8b10
Note BUF_MEM_grow() consistency fix.
2001-10-26 14:06:33 +00:00
Bodo Möller
b693f941fd
Consistency fix in BUF_MEM_grow: Initialise to zero when new memory
...
had to be allocated, not just when reusing the existing buffer.
2001-10-26 13:12:25 +00:00
Bodo Möller
c602e7f4e8
disable caching in BIO_gethostbyname
2001-10-26 13:04:23 +00:00
Dr. Stephen Henson
1fc6d41bf6
New options to allow req to accept UTF8 strings as input.
2001-10-26 12:40:38 +00:00
Ulf Möller
a41477f92e
remove compatibility notes that no longer apply
2001-10-25 17:45:25 +00:00
Richard Levitte
5f68c5feef
Correct some links...
2001-10-25 16:56:06 +00:00
Richard Levitte
ee84a5a7fb
Change the DES documentation to reflect the current status. Note that
...
some password reading functions are really part of the UI
compatibility library...
2001-10-25 16:55:17 +00:00
Richard Levitte
66d3e7481e
Make sure openssl speed is compilable on systems where fork() doesn't
...
exist. For now, that's all the ones we "support" except Unix.
2001-10-25 16:08:17 +00:00
Ben Laurie
0e21156333
Add paralellism to speed - note that this currently causes a weird memory leak.
2001-10-25 14:27:17 +00:00
Ben Laurie
f533b7780e
Fix warning.
2001-10-25 14:24:59 +00:00
Bodo Möller
cc2f5a8022
Like MD_Init, MD now must include a NULL engine pointer in its definition.
2001-10-25 08:53:54 +00:00
Bodo Möller
b441bf9226
remove redundant definitions that are also in des.h
2001-10-25 08:46:10 +00:00
Bodo Möller
2a9aca32dc
mention des_old.h
2001-10-25 08:44:10 +00:00
Bodo Möller
89da653fa6
Add '-noemailDN' option to 'openssl ca'. This prevents inclusion of
...
the e-mail address in the DN (i.e., it will go into a certificate
extension only). The new configuration file option 'email_in_dn = no'
has the same effect.
Submitted by: Massimiliano Pala madwolf@openca.org
2001-10-25 08:25:19 +00:00
Bodo Möller
af50b58c3f
filenames are des_old.[ch], not des.comp*
2001-10-25 08:23:13 +00:00
Bodo Möller
4d635a7001
Consistency with s2_... and s23_... variants (no real functional
...
change)
2001-10-25 08:17:53 +00:00
Richard Levitte
ce15d5a9dc
Remove DES_random_seed() but retain des_random_seed() for now. Change
...
the docs to reflect this change and correct libeay.num.
2001-10-25 06:46:22 +00:00
Bodo Möller
ba1c602281
Assume TLS 1.0 when ClientHello fragment is too short.
2001-10-25 06:09:51 +00:00
Richard Levitte
cfc781be6e
Have the removal warnings very high up in the source.
2001-10-25 05:37:10 +00:00
Richard Levitte
84acc3c2bc
A C file is a C file is a C file!
2001-10-24 21:31:14 +00:00
Richard Levitte
c2e4f17c1a
Due to an increasing number of clashes between modern OpenSSL and
...
libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_. Compatibility routines are provided and declared by including
openssl/des_old.h. Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.
The compatibility functions will be removed in some future release, at
the latest in version 1.0.
2001-10-24 21:21:12 +00:00
Bodo Möller
979689aa5c
Fix SSL handshake functions and SSL_clear() such that SSL_clear()
...
never resets s->method to s->ctx->method when called from within
one of the SSL handshake functions.
2001-10-24 19:03:22 +00:00
Richard Levitte
a3faebd104
Deprecate the macro MAC_OS_pre_X.
2001-10-24 15:32:53 +00:00
Richard Levitte
025c7737b2
make update
2001-10-24 15:32:14 +00:00
Richard Levitte
513d4b4c16
make update
2001-10-24 08:27:22 +00:00
Richard Levitte
7ef701519b
Correction of the id-pda OID's.
...
Submitted by Frederic.Giudicelli@INTRINsec.com
2001-10-23 14:30:57 +00:00
Dr. Stephen Henson
50d194af4d
Sanitize CHANGES entry.
2001-10-23 00:54:58 +00:00
Bodo Möller
287973746e
Fix memory leak.
2001-10-22 13:59:36 +00:00
Dr. Stephen Henson
f1558bb424
Reject certificates with unhandled critical extensions.
2001-10-21 02:09:15 +00:00
Dr. Stephen Henson
6ca487992b
Stop spurious "unable to load config info" errors in req
2001-10-21 01:05:53 +00:00
Bodo Möller
cf3a5cebd7
Call msg_callback with correct length parameter if ssl3_write_bytes had to
...
be called multiple times
2001-10-20 18:56:01 +00:00
Bodo Möller
a661b65357
New functions SSL[_CTX]_set_msg_callback().
...
New macros SSL[_CTX]_set_msg_callback_arg().
Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).
New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.
In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).
Add/update some OpenSSL copyright notices.
2001-10-20 17:56:36 +00:00
Dr. Stephen Henson
98e6654938
Typo.
2001-10-20 16:22:28 +00:00
Dr. Stephen Henson
cecd263878
Add missing EVP_CIPHER_CTX_{init,cleanup}
2001-10-20 16:18:03 +00:00
Bodo Möller
31fe950d2b
gcc complained about "write" being shadowed even though the "write"
...
variable name occured just in a function *prototype* -- so rename it
2001-10-17 20:44:25 +00:00
Richard Levitte
db6a87d8cc
Wrong place...
2001-10-17 17:54:17 +00:00
Richard Levitte
7beb408771
The EVP_*Init_ex() functions take one extra argument. Let's default
...
it to NULL.
2001-10-17 16:03:42 +00:00
Bodo Möller
51008ffce1
document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
2001-10-17 11:56:26 +00:00
Dr. Stephen Henson
3811eed8d5
Update docs.
2001-10-17 01:50:32 +00:00
Dr. Stephen Henson
581f1c8494
Modify EVP cipher behaviour in a similar way
...
to digests to retain compatibility.
2001-10-17 00:37:12 +00:00
Lutz Jänicke
41ebed27fa
Flush buffers to prevent mixed output (Adam Back <adam@cypherspace.org>).
2001-10-16 14:24:46 +00:00
Bodo Möller
bf21446a2a
Add per-SSL 'msg_callback' with 'msg_callback_arg'.
...
Both have per-SSL_CTX defaults.
These new values can be set by calling SSL[_CTX]_[callback_]ctrl
with codes SSL_CTRL_SET_MSG_CALLBACK and SSL_CTRL_SET_MSG_CALLBACK_ARG.
So far, the callback is never actually called.
Also rearrange some SSL_CTX struct members (some exist just in
SSL_CTXs, others are defaults for SSLs and are either copied
during SSL_new, or used if the value in the SSL is not set;
these three classes of members were not in a logical order),
and add some missing assignments to SSL_dup.
2001-10-16 13:09:24 +00:00
Dr. Stephen Henson
e72d734d5f
Update docs.
2001-10-16 02:22:59 +00:00
Dr. Stephen Henson
20d2186c87
Retain compatibility of EVP_DigestInit() and EVP_DigestFinal()
...
with existing code.
Modify library to use digest *_ex() functions.
2001-10-16 01:24:29 +00:00