Ben Laurie
910d193029
Did you know it was wrong to use a char as an array index?
2005-06-28 13:27:53 +00:00
Andy Polyakov
beae6324e5
Eliminate dependency on UNICODE macro.
2005-06-27 21:21:12 +00:00
Richard Levitte
a50a2126cf
DCC doesn't like argument names in returned function pointers.
...
PR: 1122
2005-06-23 21:35:20 +00:00
Richard Levitte
c58a1f76f8
Do not undefine _XOPEN_SOURCE. This is currently experimental, and
...
will be firmed up as soon as it's been verified not to break anything.
2005-06-16 22:19:14 +00:00
Nils Larsch
cac0d4ee6f
- let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an
...
error if the cipher list is empty
- fix last commit in ssl_create_cipher_list
- clean up ssl_create_cipher_list
2005-06-10 19:51:16 +00:00
Nils Larsch
898d3ecce0
use "=" instead of "|=", fix typo
2005-06-08 22:20:24 +00:00
Nils Larsch
4e2a0e58f2
ssl_create_cipher_list should return an error if no cipher could be
...
collected (see SSL_CTX_set_cipher_list manpage). Fix handling of
"cipher1+cipher2" expressions in ssl_cipher_process_rulestr
PR: 836 + 1005
2005-06-08 21:13:52 +00:00
Richard Levitte
0fb4d54068
Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER
...
and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true),
depending on which is true. Use those flags everywhere else to provide
the correct implementation for handling certain operations in q PQ_64BIT.
2005-06-06 00:32:30 +00:00
Richard Levitte
d28b7799dd
handshake_write_seq is an unsigned short, so treat it like one
2005-06-02 17:26:17 +00:00
Nils Larsch
7ea61df414
clear error queue on success and return NULL if cert could be read
...
PR: 1088
2005-06-01 08:31:22 +00:00
Richard Levitte
335ed97263
Synchronise more with the Unix build
2005-05-31 20:28:55 +00:00
Richard Levitte
3d37d5e24a
Forgottent make update. These files will be retagged.
2005-05-30 23:20:32 +00:00
Richard Levitte
e2ac4732cd
pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't
...
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.
Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
2005-05-30 22:34:28 +00:00
Richard Levitte
e96025755d
We have some source with \r\n as line ends. DEC C informs about that,
...
and I really can't be bothered...
2005-05-29 12:13:20 +00:00
Richard Levitte
dd890f0776
make update
2005-05-24 03:39:37 +00:00
Dr. Stephen Henson
69762c75fa
Fix WIN32+KRB5 issues.
2005-05-23 00:32:55 +00:00
Richard Levitte
b9927cfa2d
When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in
...
http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html .
Notified by David Wolfe <dwolfe5272@yahoo.com>
2005-05-21 17:39:53 +00:00
Andy Polyakov
ce92b6eb9c
Further BUILDENV refinement, further fool-proofing of Makefiles and
...
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342 .
2005-05-16 16:55:47 +00:00
Nils Larsch
9dd8405341
ecc api cleanup; summary:
...
- hide the EC_KEY structure definition in ec_lcl.c + add
some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
2005-05-16 10:11:04 +00:00
Andy Polyakov
81a86fcf17
Fool-proofing Makefiles
2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
f795123c4a
Fix from stable branch.
2005-05-12 22:39:42 +00:00
Bodo Möller
3f19bbf4e3
fix msg_callback() arguments for SSL 2.0 compatible client hello
...
(previous revision got this wrong)
2005-05-12 06:24:25 +00:00
Bodo Möller
c6c2e3135d
Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled
...
with the SSL_OP_NO_SSLv2 option.
2005-05-11 18:25:49 +00:00
Nils Larsch
35e8510e60
use 'p' as conversion specifier for printf to avoid truncation of
...
pointers on 64 bit platforms. Patch supplied by Daniel Gryniewicz
via Mike Frysinger <vapier@gentoo.org>.
PR: 1064
2005-05-10 11:55:28 +00:00
Nils Larsch
8b15c74018
give EC_GROUP_new_by_nid a more meanigful name:
...
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
2005-05-10 11:37:47 +00:00
Bodo Möller
fbeaa3c47d
Update util/ck_errf.pl script, and have it run automatically
...
during "make errors" and thus during "make update".
Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.
2005-05-09 00:27:37 +00:00
Nils Larsch
7dc17a6cf0
give EC_GROUP_*_nid functions a more meaningful name
...
EC_GROUP_get_nid -> EC_GROUP_get_curve_name
EC_GROUP_set_nid -> EC_GROUP_set_curve_name
2005-05-08 22:09:12 +00:00
Nils Larsch
9e5790ce21
backport fix from the stable branch
2005-05-03 10:00:16 +00:00
Nils Larsch
7c7667b86b
check return value of RAND_pseudo_bytes; backport from the stable branch
2005-04-29 20:10:06 +00:00
Dr. Stephen Henson
6c61726b2a
Lots of Win32 fixes for DTLS.
...
1. "unsigned long long" isn't portable changed: to BN_ULLONG.
2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
2. Avoid lots of compiler warnings about signed/unsigned mismatches.
3. Include new library directory pqueue in mk1mf build system.
4. Update symbols.
2005-04-27 16:27:14 +00:00
Bodo Möller
aa4ce7315f
Fix various incorrect error function codes.
...
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
2005-04-26 18:53:22 +00:00
Bodo Möller
480506bd49
remove some functions from exported headers
2005-04-26 18:18:35 +00:00
Bodo Möller
0d5ea7613e
make update
2005-04-26 18:09:21 +00:00
Bodo Möller
beb056b303
fix SSLerr stuff for DTLS1 code;
...
move some functions from exported header <openssl/dtl1.h> into "ssl_locl.h";
fix silly indentation (a TAB is *not* always 4 spaces)
2005-04-26 18:08:00 +00:00
Dr. Stephen Henson
4e321ffaff
Fixes for signed/unsigned warnings and shadows.
2005-04-26 17:43:53 +00:00
Ben Laurie
36d16f8ee0
Add DTLS support.
2005-04-26 16:02:40 +00:00
Nils Larsch
965a1cb92e
change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible
2005-04-23 10:11:16 +00:00
Dr. Stephen Henson
384dba6edb
Make kerberos ciphersuite code compile again.
...
Avoid more shadow warnings.
2005-04-20 21:48:48 +00:00
Andy Polyakov
3ed449e94a
More cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...
2005-04-13 21:46:30 +00:00
Dr. Stephen Henson
29dc350813
Rebuild error codes.
2005-04-12 16:15:22 +00:00
Richard Levitte
4bb61becbb
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
Dr. Stephen Henson
0858b71b41
Make kerberos ciphersuite code work with newer header files
2005-04-09 23:55:55 +00:00
Richard Levitte
d9bfe4f97c
Added restrictions on the use of proxy certificates, as they may pose
...
a security threat on unexpecting applications. Document and test.
2005-04-09 16:07:12 +00:00
Nils Larsch
dc0ed30cfe
add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()
...
and SSL_use_PrivateKey_file()
PR: 1035
Submitted by: Walter Goulet
Reviewed by: Nils Larsch
2005-04-08 22:52:42 +00:00
Nils Larsch
6049399baf
get rid of very buggy and very imcomplete DH cert support
...
Reviewed by: Bodo Moeller
2005-04-07 23:19:17 +00:00
Nils Larsch
48c832b6b7
really clear the error queue here
...
PR: 860
2005-04-01 17:50:09 +00:00
Nils Larsch
f3e427f6f9
use SSL3_VERSION_MAJOR instead of SSL3_VERSION etc.
...
PR: 658
2005-04-01 17:35:32 +00:00
Ben Laurie
41a15c4f0f
Give everything prototypes (well, everything that's actually used).
2005-03-31 09:26:39 +00:00
Ben Laurie
42ba5d2329
Blow away Makefile.ssl.
2005-03-30 13:05:57 +00:00
Ben Laurie
0821bcd4de
Constification.
2005-03-30 10:26:02 +00:00