Richard Levitte
90d02be7c5
First attempt at adding the possibility to set the pointer size for the builds on VMS.
...
PR: 2393
2010-12-14 19:18:58 +00:00
Dr. Stephen Henson
981c0de27a
fix no SIGALRM case in speed.c
2010-11-18 13:22:42 +00:00
Dr. Stephen Henson
251431ff4f
add TLS v1.1 options to s_server
2010-11-13 12:44:17 +00:00
Dr. Stephen Henson
84fbc56fd0
PR: 2366
...
Submitted by: Damien Miller <djm@mindrot.org>
Reviewed by: steve
Stop pkeyutl crashing if some arguments are missing. Also make str2fmt
tolerate NULL parameter.
2010-11-11 14:42:34 +00:00
Dr. Stephen Henson
497b4f92d2
i variable is used on some platforms
2010-07-05 11:03:50 +00:00
Dr. Stephen Henson
1eb1cf452b
Backport TLS v1.1 support from HEAD
2010-06-27 14:15:02 +00:00
Dr. Stephen Henson
e97359435e
Fix warnings (From HEAD, original patch by Ben).
2010-06-15 17:25:15 +00:00
Dr. Stephen Henson
6938440d68
PR: 2262
...
Submitted By: Victor Wagner <vitus@cryptocom.ru>
Fix error reporting in load_key function.
2010-05-27 14:09:13 +00:00
Richard Levitte
1cf12a6350
No need to look for the file if none was entered.
2010-04-13 14:39:58 +00:00
Richard Levitte
d2f098b33d
Spelling
2010-04-13 14:34:48 +00:00
Dr. Stephen Henson
5b0a79a27a
PR: 2220
...
Fixes to make OpenSSL compile with no-rc4
2010-04-06 11:18:32 +00:00
Dr. Stephen Henson
75ece4b5cf
don't leave bogus errors in the queue
2010-03-10 13:48:21 +00:00
Dr. Stephen Henson
3b3f71121b
PR: 2183
...
PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
2010-03-03 19:56:17 +00:00
Dr. Stephen Henson
2e630b1847
use supplied ENGINE in genrsa
2010-03-01 14:22:02 +00:00
Dr. Stephen Henson
7366f0b304
PR: 2170
...
Submitted by: Magnus Lilja <lilja.magnus@gmail.com>
Make -c option in dgst work again.
2010-02-12 17:07:24 +00:00
Dr. Stephen Henson
8b354e776b
PR: 2161
...
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.
Make no-dsa, no-ecdsa and no-rsa compile again.
2010-02-02 13:36:05 +00:00
Dr. Stephen Henson
ffa304c838
oops, revert more test code arghh!
2010-01-28 17:52:18 +00:00
Dr. Stephen Henson
df21765a3e
In engine_table_select() don't clear out entire error queue: just clear
...
out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise
errors from other sources (e.g. SSL library) can be wiped.
2010-01-28 17:50:23 +00:00
Dr. Stephen Henson
1699389a46
Tolerate PKCS#8 DSA format with negative private key.
2010-01-22 20:17:30 +00:00
Dr. Stephen Henson
93fac08ec3
PR: 2136
...
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>
Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
2010-01-12 17:27:11 +00:00
Andy Polyakov
496cf69e40
Fix compilation on older Linux [from HEAD].
2010-01-06 21:25:22 +00:00
Dr. Stephen Henson
675564835c
New option to enable/disable connection to unpatched servers
2009-12-16 20:28:30 +00:00
Dr. Stephen Henson
b52a2738d4
Add ctrl and macro so we can determine if peer support secure renegotiation.
2009-12-08 13:42:32 +00:00
Dr. Stephen Henson
3d5d81bf39
Replace the broken SPKAC certification with the correct version.
2009-12-02 14:41:24 +00:00
Richard Levitte
370f48da2a
Typo
2009-11-12 14:03:57 +00:00
Dr. Stephen Henson
73582b8117
add missing parts of reneg port, fix apps patch
2009-11-11 14:51:29 +00:00
Dr. Stephen Henson
5c33091cfa
commit missing apps code for reneg fix
2009-11-11 14:10:09 +00:00
Dr. Stephen Henson
4a7f7171f5
Add missing functions to allow access to newer X509_STORE_CTX status
...
information. Add more informative message to verify callback to indicate
when CRL path validation is taking place.
2009-10-31 19:21:47 +00:00
Dr. Stephen Henson
961092281f
Add option to allow in-band CRL loading in verify utility. Add function
...
load_crls and tidy up load_certs. Remove useless purpose variable from
verify utility: now done with args_verify.
2009-10-31 13:34:19 +00:00
Dr. Stephen Henson
90528846e8
Add -no_cache option to s_server
2009-10-28 17:49:37 +00:00
Dr. Stephen Henson
c679fb298e
Add new function X509_STORE_set_verify_cb and use it in apps
2009-10-18 14:42:27 +00:00
Dr. Stephen Henson
595e804ae3
Fix for WIN32 (and possibly other platforms) which don't define in_port_t.
2009-10-15 18:48:47 +00:00
Dr. Stephen Henson
28418076b2
PR: 2069
...
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org
IPv6 support for DTLS.
2009-10-15 17:41:44 +00:00
Dr. Stephen Henson
abdfdb029e
PR: 1847
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org
Integrated patches to CA.sh to bring it into line with CA.pl functionality.
2009-10-15 17:27:47 +00:00
Dr. Stephen Henson
8465b81d50
PR: 2066
...
Submitted by: Guenter <lists@gknw.net>
Approved by: steve@openssl.org
Add -r option to dgst to produce format compatible with core utilities.
2009-10-15 17:18:03 +00:00
Dr. Stephen Henson
2280f82fc6
Fix warnings about ignoring fgets return value
2009-10-04 16:43:21 +00:00
Dr. Stephen Henson
804196a418
PR: 2061
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct i2b_PVK_bio error handling in rsa.c, dsa.c
2009-10-01 00:26:07 +00:00
Dr. Stephen Henson
0c690586e0
PR: 2064, 728
...
Submitted by: steve@openssl.org
Add support for custom headers in OCSP requests.
2009-09-30 21:41:53 +00:00
Dr. Stephen Henson
bc8c5fe58d
Free SSL_CTX after BIO
2009-09-30 21:35:26 +00:00
Dr. Stephen Henson
80afb40ae3
Submitted by: Julia Lawall <julia@diku.dk>
...
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
2009-09-13 11:27:27 +00:00
Dr. Stephen Henson
e7209103e6
PR: 2038
...
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Approved by: steve@openssl.org
Avoid double call to BIO_free().
2009-09-11 11:03:31 +00:00
Dr. Stephen Henson
b7e3cb31a5
PR: 2031
...
Submitted by: steve@openssl.org
Tolerate application/timestamp-response which some servers send out.
2009-09-07 17:57:02 +00:00
Dr. Stephen Henson
c0688f1aef
Make update, deleting bogus DTLS error code
2009-09-06 15:55:54 +00:00
Dr. Stephen Henson
2e9802b7a7
PR: 2028
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix DTLS cookie management bugs.
2009-09-04 17:42:06 +00:00
Dr. Stephen Henson
196dcf93bc
PR: 2020
...
Submitted by: Keith Beckman <kbeckman@mcg.edu>, Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org
Fix improperly capitalized references to WWW::Curl::Easy.
2009-09-02 15:57:12 +00:00
Dr. Stephen Henson
e5eb96c83a
PR: 2013
...
Submitted by: steve@openssl.org
Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.
Add error checking to CRL generation in ca utility when nextUpdate is being
set.
2009-09-02 13:55:22 +00:00
Dr. Stephen Henson
c9add317a9
Tidy up and fix verify callbacks to avoid structure dereference, use of
...
obsolete functions and enhance to handle new conditions such as policy
printing.
2009-09-02 12:45:19 +00:00
Richard Levitte
82f35daaaf
Moving up the inclusion of e_os.h was a bad idea.
...
Put it back where it was and place an inclusion of e_os2.h to get platform
macros defined...
2009-08-26 11:21:50 +00:00
Richard Levitte
cb0d89705b
Define EXE_DIR earlier.
...
Make sure S_SOCKET also gets compiled with _POSIX_C_SOURCE defined.
Submitted by Zoltan Arpadffy <zoli@polarhome.com>
2009-08-25 07:25:55 +00:00
Richard Levitte
f49353b42f
Move up the inclusion of e_os.h so OPENSSL_SYS_VMS_DECC has a chance
...
to be properly defined.
2009-08-25 07:23:21 +00:00