wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8698 commits 20 branches 302 tags 153 MiB
Commit graph

108 commits

Author SHA1 Message Date
Bodo Möller
6d0d5431d4 More get0 et al. changes. Also provide fgrep targets in CHANGES 
where the new functions are mentioned.
 2000-02-26 08:36:46 +00:00
Dr. Stephen Henson
c7cb16a8ff Rename functions for new convention. 2000-02-26 01:55:33 +00:00
Ralf S. Engelschall
667ac4ec6a Make gcc 2.95.2 happy again, even under ``-Wall -Wshadow -Wpointer-arith -Wcast-align 
-Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''.
 2000-02-11 09:47:18 +00:00
Dr. Stephen Henson
ff8a4c47ce Rename the X509V3_*_d2i functions to X509_get_ext_d2i() etc. 
This better reflects their behaviour.
 2000-02-07 01:17:22 +00:00
Dr. Stephen Henson
fc6be0fa56 #undef PKCS7_SIGNER_INFO for Win32 to avoid clashes. 
Fix so CRLDistributionPoints relativeName option uses
the correct type.
 2000-01-07 02:23:42 +00:00
Dr. Stephen Henson
6447cce372 Simplify the trust structure: basically zap the bit strings and 
represent everything by OIDs.
 1999-12-29 00:40:28 +00:00
Dr. Stephen Henson
dd4134101f Change the trust and purpose code so it doesn't need init 
either and has a static and dynamic mix.
 1999-12-02 02:33:56 +00:00
Dr. Stephen Henson
13938aceca Add part of chain verify SSL support code: not complete or doing anything 
yet.

Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.

Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
 1999-11-29 01:09:25 +00:00
Dr. Stephen Henson
d4cec6a13d New options to the -verify program which can be used for chain verification. 
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.

Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
 1999-11-26 00:27:07 +00:00
Dr. Stephen Henson
6d3724d3b0 Support for authority information access extension. 
Fix so EVP_PKEY_rset_*() check return codes.
 1999-11-23 18:50:28 +00:00
Dr. Stephen Henson
a716d72734 Support for otherName in GeneralName. 1999-11-19 02:19:58 +00:00
Dr. Stephen Henson
ce1b4fe146 Allow additional information to be attached to a 
certificate: currently this includes trust settings
and a "friendly name".
 1999-11-04 00:45:35 +00:00
Bodo Möller
798757762a Improve support for running everything as a monolithic application. 
Submitted by: Lennart Bång, Bodo Möller
 1999-10-25 19:36:01 +00:00
Dr. Stephen Henson
08e9c1af6c Replace the macros in asn1.h with function equivalents. Also make UTF8Strings 
tolerated in certificates.
 1999-10-20 01:50:23 +00:00
Dr. Stephen Henson
673b102c5b Initial support for certificate purpose checking: this will 
ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.
 1999-10-13 01:11:56 +00:00
Dr. Stephen Henson
4654ef985b New functions to parse and get extensions. 1999-10-09 02:54:10 +00:00
Dr. Stephen Henson
c79b16e11d Allow extensions to be added to certificate requests, update the sample 
config file (change RAW to DER).
 1999-08-25 16:59:26 +00:00
Dr. Stephen Henson
66ab08b1cf Implement STACK_OF(ANS1_OBJECT) for extended key usage extension, change the 
documentation to reflect the STACK_OF(CONF_VALUE) change to the CONF lib and
use ANSI typedefs for X509V3_EXT_I2D and X509V3_EXT_FREE.
 1999-06-21 23:59:09 +00:00
Dr. Stephen Henson
ba404b5e86 Convert the CONF library to use a typesafe stack: a STACK_OF(CONF_VALUE). It 
seemed like a good idea at the time... several hours later it was rather
obvious that these are used all over the place making the changes rather
extensive.
 1999-06-20 22:18:16 +00:00
Dr. Stephen Henson
565d1065c3 Document the X509V3 code and change some of the extension function pointers 
to use 'void *' rather than 'char *' for an "arbitrary extension".
 1999-06-11 01:58:42 +00:00
Ralf S. Engelschall
397f703892 Fix various things to let OpenSSL even pass ``egcc -pipe -O2 -Wall -Wshadow 
-Wpointer-arith -Wcast-align -Wmissing-prototypes -Wmissing-declarations
-Wnested-externs -Winline'' with EGCS 1.1.2+
 1999-05-10 08:33:56 +00:00
Dr. Stephen Henson
c8b4185079 Kill evil casts, fix PKCS#7 and add new X509V3 Function. 1999-05-09 16:39:11 +00:00
Ulf Möller
a9be3af5ad Remove NOPROTO definitions and error code comments. 1999-04-26 16:43:10 +00:00
Dr. Stephen Henson
c74b3a6037 Various header consistency fixes. 1999-04-25 16:38:52 +00:00
Dr. Stephen Henson
6d31193858 Complete rewrite of the error code generation script. It now runs as a single 
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
 1999-04-24 00:15:18 +00:00
Bodo Möller
ec577822f9 Change #include filenames from <foo.h> to <openssl.h>. 
Submitted by:
Reviewed by:
PR:
 1999-04-23 22:13:45 +00:00
Ben Laurie
61f5b6f338 Work with -pedantic! 1999-04-23 15:01:15 +00:00
Dr. Stephen Henson
d943e37241 Suppport for CRL distribution points extension. Also document some of 
this stuff.
 1999-04-21 17:44:45 +00:00
Dr. Stephen Henson
f5fedc0497 Various fixes so Win32 compile may work. Convert GeneralNames to use safe stack. 1999-04-20 01:10:33 +00:00
Dr. Stephen Henson
3edd7ed15d Finish off support for Certificate Policies extension. 1999-04-19 17:55:11 +00:00
Ulf Möller
0ae645db10 Clean up prototypes (prepare for removing NOPROTO). 1999-04-19 16:30:06 +00:00
Bodo Möller
6c5d4168ff Removed extra semicolons. 
Submitted by:
Reviewed by:
PR:
 1999-04-19 13:37:35 +00:00
Dr. Stephen Henson
41b731f2f8 Initial support for Certificate Policies extension: print out works but setting 
isn't fully implemented (yet).
 1999-04-18 23:21:03 +00:00
Dr. Stephen Henson
c83e523d7f Allow asn1parse to print out VISIBLESTRING and some code needed for certificate 
policies extension.
 1999-04-17 23:55:39 +00:00
Ben Laurie
e778802f53 Massive constification. 1999-04-17 21:25:43 +00:00
Ben Laurie
cfdcfede9c Another STACK bites the dust. 1999-04-17 10:28:46 +00:00
Dr. Stephen Henson
1d48dd0019 Add initial support for r2i RAW extensions which can access the config database 
add various X509V3_CTX helper functions and support for LHASH as the config
database.
 1999-04-16 23:57:04 +00:00
Dr. Stephen Henson
28a98809d1 Add some utilities to support SXNet extension also add support in DEF files 
generator to typesafe stacks.
 1999-04-14 23:44:41 +00:00
Dr. Stephen Henson
0490a86d01 Delete all the old X509V3 pack and unpack stuff and various structures and 
files associated with them. This stuff is all obsoleted by the new X509V3 code.
 1999-04-13 23:56:39 +00:00
Dr. Stephen Henson
785cdf2048 Add initial support for Thawte strong extranet certificate extensions and 
include an 'indent' option to V3 stuff.
 1999-03-27 14:06:25 +00:00
Dr. Stephen Henson
0cc395796b Add missing funtions from non ANSI section of header files and add missing 
ordinals to libeay.num.
 1999-03-08 22:46:56 +00:00
Dr. Stephen Henson
1756d405cc Added support for adding extensions to CRLs, also fix a memory leak and 
make 'req' check the config file syntax before it adds extensions. Added
info in the documentation as well.
 1999-03-06 19:33:29 +00:00
Dr. Stephen Henson
79a474e8f2 Add an extra 'raw' function r2i to the extension code. Nothing uses this yet and 
it is just a place holder for functionality to be added later. Its been added
now so the X509V3_EXT_METHOD structure shouldn't (hopefully) have to change
after the release.
 1999-03-06 02:34:07 +00:00
Dr. Stephen Henson
9985bed331 Deleted my str_dup() function from X509V3: the same functionality is provided 
by BUF_MEM_strdup(). Added text documentation to the BUF_MEM stuff.
 1999-03-04 23:29:51 +00:00
Dr. Stephen Henson
e527ba09a6 Various changes to make this stuff compile under Win32 and VC++ with and 
without -debug option to mk1mf.pl. Change _export to is_export (_export is
a reserved word under VC++). Add yucky function prototype function pointer
casts. Sanitise the included files in crypto/x509v3.

Also changed ssleay.exe target to openssl.exe
 1999-02-22 01:26:40 +00:00
Dr. Stephen Henson
aa066b9e6e Add more functionality to issuer alt name and subject alt name. New options 
to include email addresses from DN and copy details from issuer certificate.
Include examples in openssl.cnf, update Win32 ordinals.
 1999-02-21 01:46:45 +00:00
Ben Laurie
57c86f79bb Fix a warning. 1999-02-20 16:36:28 +00:00
Dr. Stephen Henson
c74f1eb9bd Preliminary support for reason code CRL extension. 1999-02-20 01:15:41 +00:00
Dr. Stephen Henson
0ca5f8b15c Overhaul 'crl' application, add a proper X509_CRL_print function and start 
to support CRL extensions.
 1999-02-19 01:29:29 +00:00
Dr. Stephen Henson
0be9747b39 Oops! Remeber to include the other patches this time... 1999-02-17 23:22:57 +00:00
Dr. Stephen Henson
d08d8da432 Added code to GENERAL_NAME with support for more options and preliminary 
support for assignment in config files.
 1999-02-17 03:09:58 +00:00
Dr. Stephen Henson
5236efdbf5 Update error codes. 1999-02-14 17:21:14 +00:00
Dr. Stephen Henson
175b0942ec More extension code. Incomplete support for subject and issuer alt 
name, issuer and authority key id. Change the i2v function parameters
and add an extra 'crl' parameter in the X509V3_CTX structure: guess
what that's for :-) Fix to ASN1 macro which messed up
IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED.
 1999-02-10 01:12:59 +00:00
Dr. Stephen Henson
142fcca8ca Add support for GeneralName and GeneralNames extensions. Also preliminary 
support for subject and issuer alt name. Add a new ASN1 macro and fix a
nasty bug that left an ASN1 buffer modified on an error condition with
IMPLICIT tagging.
 1999-02-07 00:14:12 +00:00
Dr. Stephen Henson
f614496cfb Delete bogus V3 prototype and update the *.num files to include ordinals for 
the new functions. Update MINFO.
 1999-02-01 01:17:53 +00:00
Dr. Stephen Henson
f317aa4c9c More X509 V3 stuff. Add support for extensions in the 'req' application 
so that: openssl req -x509 -new -out cert.pem
will take extensions from openssl.cnf a sample for a CA is included.
Also change the directory order so pem is nearer the end. Otherwise 'make links'
wont work because pem.h can't be built.
 1999-01-25 01:09:21 +00:00
Dr. Stephen Henson
9aeaf1b4a7 Initial addition of new X509 V3 files, tidy of old files. 1999-01-24 00:50:01 +00:00
Ralf S. Engelschall
58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00