Commit graph

8478 commits

Author SHA1 Message Date
Dr. Stephen Henson
7d537d4fc7 Add initial support for multiple SSL client certifcate selection in
CryptoAPI ENGINE.
2008-06-03 23:54:31 +00:00
Dr. Stephen Henson
ca89fc1fb4 Match empty CA list to anything for ssl client auth in CryptoAPI engine. 2008-06-03 11:37:52 +00:00
Dr. Stephen Henson
59d2d48f64 Add support for client cert engine setting in s_client app.
Add appropriate #ifdefs round client cert functions in headers.
2008-06-03 11:26:27 +00:00
Dr. Stephen Henson
b3c8dd4eab Add preliminary SSL client auth callback to CryptoAPI ENGINE. 2008-06-03 10:27:39 +00:00
Dr. Stephen Henson
45d3767d28 Prevent signed/unsigned warning on VC++ 2008-06-03 10:17:45 +00:00
Ben Laurie
8671b89860 Memory saving patch. 2008-06-03 02:48:34 +00:00
Dr. Stephen Henson
4f7f411719 Update year. 2008-06-02 23:41:38 +00:00
Dr. Stephen Henson
eac442ddd3 Windows batch file to rebuild error codes for CryptoAPI ENGINE. 2008-06-02 23:10:34 +00:00
Dr. Stephen Henson
55bef26d8a #undef OCSP_RESPONSE: CryptoAPI uses this too. 2008-06-02 23:09:04 +00:00
Dr. Stephen Henson
2aa2a5775f Fix indentation. 2008-06-02 14:29:32 +00:00
Dr. Stephen Henson
c451bd828f Avoid case in ca.c fix. 2008-06-02 12:10:06 +00:00
Dr. Stephen Henson
8ecfbedd85 Revert, doesn't fix warning :-( 2008-06-02 10:42:57 +00:00
Dr. Stephen Henson
c173fce4e2 Avoid cast with wrapper function. 2008-06-02 10:37:53 +00:00
Dr. Stephen Henson
953174f46e Free old store name (if any). 2008-06-01 23:45:11 +00:00
Dr. Stephen Henson
c621c7e432 Add ctrl for alternative certificate store names. 2008-06-01 23:42:49 +00:00
Dr. Stephen Henson
2bbe8f9129 Use keyspec for DSA too. 2008-06-01 23:28:17 +00:00
Dr. Stephen Henson
4be0a5d429 Get and note keyspec when signing. 2008-06-01 23:24:53 +00:00
Dr. Stephen Henson
bdfe932dca Release engine reference when calling SSL_CTX_free(). 2008-06-01 23:06:48 +00:00
Dr. Stephen Henson
3fc59c8406 Allow ENGINE client cert callback to specify a set of other certs, for
the rest of the certificate chain. Currently unused.
2008-06-01 22:45:08 +00:00
Dr. Stephen Henson
c61915c659 Update error codes. 2008-06-01 22:34:40 +00:00
Dr. Stephen Henson
368888bcb6 Add client cert engine to SSL routines. 2008-06-01 22:33:24 +00:00
Dr. Stephen Henson
eafd6e5110 Update error codes, move typedef of SSL, SSL_CTX to ossl_typ.h 2008-06-01 21:18:47 +00:00
Dr. Stephen Henson
05935c47b2 Add support for ENGINE supplied SSL client auth. 2008-06-01 21:10:30 +00:00
Dr. Stephen Henson
d8bd55a364 Update from stable branch. 2008-06-01 11:07:34 +00:00
Dr. Stephen Henson
841c91d6e4 Update from stable branch. 2008-05-31 23:48:02 +00:00
Dr. Stephen Henson
a4792168ec Update VC-32.pl and load CryptoAPI engine in the right place. 2008-05-31 23:21:40 +00:00
Dr. Stephen Henson
90b96776cd More CryptoAPI engine code from stable branch. 2008-05-31 22:53:16 +00:00
Dr. Stephen Henson
408f906592 Add CryptoAPI error file too. 2008-05-31 22:50:00 +00:00
Dr. Stephen Henson
7a18ecb2df Add CryptoAPI ENGINE from stable branch. 2008-05-31 22:49:32 +00:00
Dr. Stephen Henson
174c86a216 Recognize LHASH_OF(). 2008-05-31 21:20:53 +00:00
Dr. Stephen Henson
c6ddacf7f8 Stop const mismatch warning. 2008-05-31 19:28:57 +00:00
Dr. Stephen Henson
ab3eafd5b5 Stop warning about extra ';' outside of function. 2008-05-31 19:17:25 +00:00
Dr. Stephen Henson
dd043cd501 Stop const mismatch warning in VC++. 2008-05-31 18:55:23 +00:00
Bodo Möller
a75c662fd1 Everyone's had a few years to port their favorite additions to 0.9.7
to HEAD (and the 0.9.8 branch).  Remove the reminder.
2008-05-31 13:42:53 +00:00
Dr. Stephen Henson
83574cf808 Fix from stable branch. 2008-05-30 10:57:49 +00:00
Bodo Möller
2cd81830ef sync with 0.9.8 branch 2008-05-28 22:30:28 +00:00
Bodo Möller
e194fe8f47 From HEAD:
Fix flaw if 'Server Key exchange message' is omitted from a TLS
handshake which could lead to a cilent crash as found using the
Codenomicon TLS test suite (CVE-2008-1672)

Reviewed by: openssl-security@openssl.org

Obtained from: mark@awe.com
2008-05-28 22:17:34 +00:00
Bodo Möller
40a706286f From HEAD:
Fix double-free in TLS server name extensions which could lead to a remote
crash found by Codenomicon TLS test suite (CVE-2008-0891)

Reviewed by: openssl-security@openssl.org

Obtained from: jorton@redhat.com
2008-05-28 22:15:48 +00:00
Bodo Möller
c6f6c380c7 grammar 2008-05-27 18:43:20 +00:00
Bodo Möller
8f395e0f4d year 2008 2008-05-27 18:41:09 +00:00
Dr. Stephen Henson
595852f3b5 Avoid "duplicate const" warnings. 2008-05-27 11:44:03 +00:00
Dr. Stephen Henson
0a56761f19 Avoid warning about empty structures and always define CHECKED_PTR_OF 2008-05-27 11:28:49 +00:00
Dr. Stephen Henson
220903f92e C++ style comments fixed. 2008-05-26 15:39:36 +00:00
Ben Laurie
3c1d6bbc92 LHASH revamp. make depend. 2008-05-26 11:24:29 +00:00
Lutz Jänicke
cab14b9803 Add README about removed root CA certificates. 2008-05-26 06:23:57 +00:00
Lutz Jänicke
17a4a4dff8 Reword comment to be much shorter to stop other people from complaining
about "overcommenting".
2008-05-26 06:21:13 +00:00
Lutz Jänicke
c2c2e7a438 Clear error queue when starting SSL_CTX_use_certificate_chain_file
PR: 1417, 1513
Submitted by: Erik de Castro Lopo <mle+openssl@mega-nerd.com>
2008-05-23 10:37:52 +00:00
Lutz Jänicke
d18ef847f4 Remove all root CA files (beyond test CAs including private key)
from the OpenSSL distribution.
2008-05-23 08:59:23 +00:00
Dr. Stephen Henson
5c0d90a699 Typo. 2008-05-20 18:49:00 +00:00
Dr. Stephen Henson
f434730524 Typo. 2008-05-20 16:13:57 +00:00