Dr. Stephen Henson
7f0606016c
Beginnings of EVP cipher overhaul. This should eventually
...
enhance and tidy up the EVP interface.
This patch adds initial support for variable length ciphers
and changes S/MIME code to use this.
Some other library functions need modifying to support use
of modified cipher parameters.
Also need to change all the cipher functions that should
return error codes, but currenly don't.
And of course it needs extensive testing...
2000-05-26 23:51:35 +00:00
Bodo Möller
2c05c494c0
Implement SSL_OP_TLS_ROLLBACK_BUG for servers.
...
Call dh_tmp_cb with correct 'is_export' flag.
Avoid tabs in CHANGES.
2000-05-25 09:50:40 +00:00
Dr. Stephen Henson
b4b41f48d1
Add DSA library string. Workaround for IIS .key file invalid
...
ASN1 encoding.
2000-05-24 13:09:59 +00:00
Richard Levitte
6d7cce481e
Add a note about the new document.
2000-05-18 21:25:48 +00:00
Dr. Stephen Henson
439df5087f
Fix c_rehash script, add -fingerprint option to crl.
2000-05-18 00:33:00 +00:00
Ulf Möller
0e1c06128a
Get rid of more non-ANSI declarations.
2000-05-15 22:54:43 +00:00
Dr. Stephen Henson
0cb957a684
Fix for SSL server purpose checking
2000-05-04 23:03:49 +00:00
Dr. Stephen Henson
a331a305e9
Make PKCS#12 code handle missing passwords.
...
Add a couple of FAQs.
2000-05-04 00:08:35 +00:00
Bodo Möller
316e6a66f2
Note apps/x509.c bugfixes.
2000-05-02 20:29:03 +00:00
Bodo Möller
dcba2534fa
Avoid leaking memory in thread_hash (and enable memory leak detection
...
for it).
2000-04-29 23:58:05 +00:00
Ulf Möller
3973628ea6
Submitted by:
...
Reviewed by:
PR:
2000-04-27 15:06:26 +00:00
Geoff Thorpe
deb4d50e51
Previously, the default RSA_METHOD was NULL until the first RSA structure was
...
initialised, at which point an appropriate default was chosen. This meant a
call to RSA_get_default_method might have returned FALSE.
This change fixes that; now any called to RSA_new(), RSA_new_method(NULL), or
RSA_get_default_method() will ensure that a default is chosen if it wasn't
already.
2000-04-20 06:44:18 +00:00
Geoff Thorpe
b9e6391582
This change facilitates name translation for shared libraries. The
...
technique used is far from perfect and alternatives are welcome.
Basically if the translation flag is set, the string is not too
long, and there appears to be no path information in the string,
then it is converted to whatever the standard should be for the
DSO_METHOD in question, eg;
blah --> libblah.so on *nix, and
blah --> blah.dll on win32.
This change also introduces the DSO_ctrl() function that is used
by the name translation stuff.
2000-04-19 21:45:17 +00:00
Bodo Möller
e5c84d5152
New function ERR_error_string_n.
2000-04-14 23:36:15 +00:00
Richard Levitte
a9831305d8
I forgot to update the change log
2000-04-10 15:48:16 +00:00
Bodo Möller
1d90f28029
In theory, TLS v1 ciphersuites are not the same as SSL v3 ciphersuites
2000-04-06 22:33:14 +00:00
Geoff Thorpe
6ef4d9d512
Better make a note of what's going on ... :-)
2000-04-04 22:49:27 +00:00
Richard Levitte
c90341a155
Tagging has now been done, update to the next version (it's not quite
...
as important to keep a low profile here :-))
2000-04-01 11:24:27 +00:00
Richard Levitte
5e61580bbd
Version and name changes, and a last minute changelog
2000-04-01 11:15:15 +00:00
Bodo Möller
cf194c1f68
Entry for ssleay_rand_status locking fix.
2000-03-30 08:12:35 +00:00
Bodo Möller
3bc90f2373
Fix typo in -clrext option, but add a compatibility hack because
...
0.9.5a should not break anything that works in 0.9.5.
2000-03-27 18:10:08 +00:00
Dr. Stephen Henson
b475baffb2
Fix for HMAC.
2000-03-27 00:53:27 +00:00
Dr. Stephen Henson
e77066ea0a
Fix a memory leak in PKCS12_parse.
...
Don't copy private key to X509 etc public key structures.
Fix for warning.
2000-03-22 13:50:23 +00:00
Ulf Möller
7af4816f0e
des_quad_cksum() byte order bug fix.
...
See http://www.pdc.kth.se/kth-krb/
Their solution for CRAY is somewhat awkward.
I'll assume that a "short" is 32 bits on CRAY to avoid the
#ifdef _CRAY
typedef struct {
unsigned int a:32;
unsigned int b:32;
} XXX;
#else
typedef DES_LONG XXX;
#endif
2000-03-19 02:06:37 +00:00
Dr. Stephen Henson
80870566cf
Make V_ASN1_APP_CHOOSE work again.
2000-03-14 03:29:57 +00:00
Bodo Möller
df1ff3f1b3
Correction.
2000-03-13 21:01:05 +00:00
Bodo Möller
7694ddcbc0
Clarifications for 'no-XXX'.
2000-03-13 20:48:23 +00:00
Bodo Möller
46c4647e3c
"openssl no-..." commands for avoiding the need to grep
...
"openssl list-standard-commands".
2000-03-13 20:31:46 +00:00
Bodo Möller
65b002f399
Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
2000-03-13 19:24:39 +00:00
Bodo Möller
e11f0de67f
Copy DH key (if available) in addition to the bare parameters
...
in SSL_new.
If SSL_OP_SINGLE_DH_USE is set, don't waste time in SSL_[CTX_]set_tmp_dh
on computing a DH key that will be ignored anyway.
ssltest -dhe1024dsa (w/ 160-bit sub-prime) had an unfair performance
advantage over -dhe1024 (safe prime): SSL_OP_SINGLE_DH_USE was
effectively always enabled because SSL_new ignored the DH key set in
the SSL_CTX. Now -dhe1024 takes the server only about twice as long
as -dhe1024dsa instead of three times as long (for 1024 bit RSA
with 1024 bit DH).
2000-03-13 17:07:04 +00:00
Bodo Möller
2d5e449a18
Mention -ign_eof.
2000-03-10 13:49:02 +00:00
Bodo Möller
daf4e53e86
spelling
2000-03-07 15:10:08 +00:00
Dr. Stephen Henson
068fdce877
New compatability trust and purpose settings.
2000-03-07 14:04:29 +00:00
Dr. Stephen Henson
48fe0eec67
Fix the PKCS#8 DSA code so it works again. All the
...
broken formats worked but the valid didn't :-(
2000-03-07 01:03:33 +00:00
Ulf Möller
4c4d87f95f
bug fix release planned
2000-03-06 14:24:25 +00:00
Bodo Möller
59fc2b0fc2
Preserve reason strings in automatically build tables.
2000-03-05 00:19:36 +00:00
Bodo Möller
0a150c5c9f
Generate correct error reasons strings for SYSerr.
2000-03-04 01:36:53 +00:00
Bodo Möller
41918458c0
New '-dsaparam' option for 'openssl dhparam', and related fixes.
2000-03-03 22:18:19 +00:00
Dr. Stephen Henson
d9c88a3902
Move the 'file scope' argument in set_label to
...
the third argument: the second was being used
already.
2000-03-03 00:06:40 +00:00
Bodo Möller
84d14408bf
Use RAND_pseudo_bytes, not RAND_bytes, for IVs/salts.
2000-03-02 22:44:55 +00:00
Bodo Möller
5eb8ca4d92
Use RAND_METHOD for implementing RAND_status.
2000-03-02 14:34:58 +00:00
Ulf Möller
7a2dfc2a20
Note bug fix for the DSA infinite loop
2000-03-01 19:07:58 +00:00
Bodo Möller
55f7d65db0
Document the 'rand' application.
2000-03-01 07:57:25 +00:00
Ralf S. Engelschall
010712ff23
Added configuration support for Linux/IA64
...
Submitted by: Rolf Haberrecker <rolf@suse.de>
2000-02-29 15:29:02 +00:00
Ulf Möller
2da0c11926
Support assembler for Mingw32.
2000-02-28 19:16:41 +00:00
Ulf Möller
a4709b3d88
Shared library support for Solaris and HPUX
...
by Lutz Behnke and by Lutz Jaenicke.
Hopefully we'll have a unified way of handling shared libraries when
we move to autoconf...
2000-02-28 19:14:46 +00:00
Bodo Möller
865874f2dd
Switch to 0.9.6, and finally remove the annoying message
...
about renamed header files.
2000-02-28 18:03:16 +00:00
Dr. Stephen Henson
82b931860a
Ouch! PKCS7_encrypt() was heading MIME text headers twice
...
because it added them manually and as part of SMIME_crlf_copy().
Removed the manual add.
2000-02-28 14:11:19 +00:00
Richard Levitte
74cdf6f73a
Time for a release
2000-02-28 11:59:02 +00:00
Dr. Stephen Henson
587bb0e02e
Don't call BN_rand with zero bits in bntest.c
2000-02-27 17:34:30 +00:00
Andy Polyakov
a5770be6ae
Statement that it fails only on 32-bit architectures isn't true.
2000-02-27 02:34:37 +00:00
Ulf Möller
688938fbb4
Bug fix!
2000-02-27 02:05:39 +00:00
Dr. Stephen Henson
94de04192d
Fix so Win32 assembly language works with MASM.
...
Add info about where to get MASM.
2000-02-27 01:15:25 +00:00
Dr. Stephen Henson
0202197dbf
Make ASN1 types real typedefs.
...
Rebuild error files.
2000-02-26 19:25:31 +00:00
Bodo Möller
6d0d5431d4
More get0 et al. changes. Also provide fgrep targets in CHANGES
...
where the new functions are mentioned.
2000-02-26 08:36:46 +00:00
Ulf Möller
234b5e9611
Make clear which naming convention is meant.
2000-02-26 02:24:16 +00:00
Dr. Stephen Henson
c7cb16a8ff
Rename functions for new convention.
2000-02-26 01:55:33 +00:00
Dr. Stephen Henson
fbb41ae0ad
Allow code which calls RSA temp key callback to cope
...
with a failure.
Fix typos in some error codes.
2000-02-25 00:23:48 +00:00
Ulf Möller
505b5a0ee0
BIO_printf() change
2000-02-24 22:57:42 +00:00
Ulf Möller
4ec2d4d2b3
Support EGD.
2000-02-24 02:51:47 +00:00
Ulf Möller
cdf20e0839
add missing names.
2000-02-23 21:57:22 +00:00
Dr. Stephen Henson
3142c86d65
Allow ADH to be used but not present in the default cipher
...
list.
Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.
2000-02-23 01:11:01 +00:00
Dr. Stephen Henson
72b60351f1
Change EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md for
...
the old functionality.
Various warning fixes.
Initial EVP symmetric cipher docs.
2000-02-22 02:59:26 +00:00
Bodo Möller
745c70e565
Move MAC computations for Finished from ssl3_read_bytes into
...
ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client.
2000-02-21 10:16:30 +00:00
Bodo Möller
b35e9050f2
Tolerate fragmentation and interleaving in the SSL 3/TLS record layer.
2000-02-20 23:04:06 +00:00
Dr. Stephen Henson
d754b3850f
Change the 'other' structure in certificate aux info.
2000-02-20 18:27:23 +00:00
Bodo Möller
853f757ece
Allow for higher granularity of entropy estimates by using 'double'
...
instead of 'unsigned' counters.
Seed PRNG in MacOS/GetHTTPS.src/GetHTTPS.cpp.
Partially submitted by Yoram Meroz <yoram@mail.idrive.com>.
2000-02-19 15:22:53 +00:00
Dr. Stephen Henson
8a208cba97
New functions and option to use NEW in certificate requests.
2000-02-18 00:54:21 +00:00
Dr. Stephen Henson
a3fe382e2d
Pass phrase reorganisation.
2000-02-16 23:16:01 +00:00
Ben Laurie
bd03b99b9b
Add support for Compaq Atalla crypto accelerator.
2000-02-16 22:15:39 +00:00
Dr. Stephen Henson
de469ef21e
Fix for Netscape "hang" bug.
2000-02-15 14:19:44 +00:00
Andy Polyakov
bcba6cc60f
HP-UX tune-up: new unified configs, HP C compiler bug workaround.
2000-02-12 23:33:01 +00:00
Dr. Stephen Henson
d13e4eb0b5
Make pkcs12 and smime applications seed random number
...
generator (otherwise they don't work) and add -rand
option. Update docs.
2000-02-12 03:03:04 +00:00
Bodo Möller
3ebf0be142
Corrections.
2000-02-11 17:18:50 +00:00
Bodo Möller
bb325c7d6a
'passwd' tool.
2000-02-10 21:50:52 +00:00
Dr. Stephen Henson
f07fb9b24b
Add command line password options to the reamining utilities,
...
amend docs.
2000-02-08 01:34:59 +00:00
Ulf Möller
cae55bfc68
Improve bntest slightly, and fix another bug in the BN library.
2000-02-06 15:56:59 +00:00
Andy Polyakov
0fad6cb7e7
Support for MacOS X (Rhapsody) is added. Also get rid of volatile
...
qualifier in asm definitions as it prevents compiler from moving
the instruction(s) during optimization pass.
2000-02-06 11:15:20 +00:00
Ulf Möller
4a6222d71b
BN_div bugfix. The q-- loop should not be entered in the n0==d0 case.
2000-02-06 00:25:39 +00:00
Dr. Stephen Henson
66430207a4
Add support for some broken PKCS#8 formats.
2000-02-05 21:07:56 +00:00
Ulf Möller
9b141126d4
New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access
...
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
2000-02-05 14:17:32 +00:00
Dr. Stephen Henson
af57d84312
Rename SSLeay_add_all_algorithms() et al to
...
OpenSSL_add_all_algorithms(). Move these into
separate files so they work properly.
2000-02-04 14:01:38 +00:00
Dr. Stephen Henson
82fc1d9c28
Add new -notext option to 'ca', -pubkey option to spkac.
...
Remove some "WTF??" casts from applications.
Fixes to keep VC++ happy and avoid warnings.
Docs tidy.
2000-02-03 02:56:48 +00:00
Bodo Möller
e74231ed9e
rndsort{Miller, Rabin} primality test.
2000-02-02 21:20:44 +00:00
Bodo Möller
2c5fe5b12a
Change log entry completed.
2000-02-01 07:50:42 +00:00
Ulf Möller
8efb60144d
EBCDIC support.
...
Submitted by: Martin Kraemer <martin.kraemer@mch.sni.de>
2000-02-01 02:21:16 +00:00
Ulf Möller
98d0b2e375
Note changes.
2000-01-30 23:34:33 +00:00
Bodo Möller
cdd43b5ba5
Documentation for BN_is_prime_fasttest.
2000-01-30 11:05:39 +00:00
Bodo Möller
1baa94907c
Make output of "openssl dsaparam 1024" more interesting :-)
2000-01-30 03:32:28 +00:00
Bodo Möller
7865b871c0
Tiny changes to previous patch (the log message was meant to be
...
"Make DSA_generate_parameters faster").
2000-01-30 02:40:38 +00:00
Bodo Möller
a87030a1ed
Make DSA_generate_parameters, and fix a couple of bug
...
(including another problem in the s3_srvr.c state machine).
2000-01-30 02:23:03 +00:00
Dr. Stephen Henson
e1314b5716
Fix CRL encoding bug.
2000-01-29 00:00:26 +00:00
Bodo Möller
07e6dbde66
more information on 0.9.5
2000-01-28 21:26:30 +00:00
Dr. Stephen Henson
90644dd74d
New -pkcs12 option to CA.pl.
...
Document CA.pl script.
Initialise and free up the extra DH fields
(nothing uses them yet though).
2000-01-28 01:35:31 +00:00
Ulf Möller
38e33cef15
Document DSA and SHA.
...
New function BN_pseudo_rand().
Use BN_prime_checks_size(BN_num_bits(w)) rounds of Miller-Rabin when
generating DSA primes (why not use BN_is_prime()?)
2000-01-27 19:31:26 +00:00
Ulf Möller
e93f9a3284
Run ispell.
...
Clean up bn_mont.c.
2000-01-27 01:50:42 +00:00
Bodo Möller
2557eaeac8
Avoid a race condition.
2000-01-24 17:57:56 +00:00
Bodo Möller
a46faa2bfd
Improve clarity.
2000-01-24 16:02:29 +00:00
Bodo Möller
aabbb7451b
Document RAND_load_file change.
2000-01-24 14:42:26 +00:00
Dr. Stephen Henson
dd9d233e2a
Tidy up CRYPTO_EX_DATA structures.
2000-01-23 23:41:49 +00:00
Dr. Stephen Henson
fabce04122
Make s_server, s_client check cipher list return codes.
...
Update docs.
2000-01-23 02:28:08 +00:00
Ulf Möller
4486d0cd7a
Document the DH library, and make some minor changes along the way.
2000-01-22 20:05:23 +00:00
Dr. Stephen Henson
09483c58e3
Add new program dhparam and update docs.
2000-01-22 13:58:29 +00:00
Dr. Stephen Henson
bda70ed430
Gets Lutz Jaenicke's name right this time :-)
...
Apologies to both concerned.
2000-01-22 12:49:48 +00:00
Dr. Stephen Henson
018e57c74d
Apply Lutz Behnke's 56 bit cipher patch with a few
...
minor changes.
Docs haven't been added at this stage. They are probably
best included in the 'ciphers' program docs.
2000-01-22 03:17:06 +00:00
Dr. Stephen Henson
8100490a72
Make -CAcreateserial start from 1 instead of 0 for
...
serial numbers.
2000-01-21 02:42:14 +00:00
Ulf Möller
e7f97e2d22
Check RAND_bytes() return value or use RAND_pseudo_bytes().
2000-01-21 01:15:56 +00:00
Dr. Stephen Henson
6e6bc352b1
Finish off the X509_ATTRIBUTE string stuff.
2000-01-20 01:37:17 +00:00
Dr. Stephen Henson
77b47b9036
Rename X509_att*() stuff to X509at_*(), add X509_REQ wrappers.
2000-01-19 01:02:13 +00:00
Ulf Möller
aa82db4fb4
Add missing #ifndefs that caused missing symbols when building libssl
...
as a shared library without RSA. Use #ifndef NO_SSL2 instead of
NO_RSA in ssl/s2*.c.
Submitted by: Kris Kennaway <kris@hub.freebsd.org>
Modified by Ulf Möller
2000-01-16 21:10:00 +00:00
Ulf Möller
373b575f5a
New function RAND_pseudo_bytes() generated pseudorandom numbers that
...
are not guaranteed to be unpredictable.
2000-01-16 15:58:17 +00:00
Bodo Möller
0983760dfc
note about things still to do with RAND_bytes
2000-01-13 21:20:26 +00:00
Bodo Möller
a873356c00
Use CRYPTO_push_info to find a memory leak in pkcs12.c.
2000-01-13 21:10:43 +00:00
Ulf Möller
eb952088f0
Precautions against using the PRNG uninitialized: RAND_bytes() now
...
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
2000-01-13 20:59:17 +00:00
Bodo Möller
76aa0ddc86
Turn BN_prime_checks into a macro.
...
Primes p where (p-1)/2 is prime too are called "safe", not "strong".
2000-01-12 11:57:30 +00:00
Richard Levitte
de73e397f8
Added a comment about Win32.
2000-01-11 22:32:37 +00:00
Richard Levitte
cbfa4c32c0
Add more info to the memory allocation change log.
...
Suggested by Bodo.
2000-01-11 22:16:12 +00:00
Bodo Möller
3cc6cdea0f
The buffer in ss3_read_n cannot actually occur because it is never
...
called with max > n when extend is set.
2000-01-11 08:09:27 +00:00
Bodo Möller
c51ae173a6
Clean up some of the SSL server code.
2000-01-11 01:07:26 +00:00
Dr. Stephen Henson
25f923ddd1
New function X509_CTX_rget_chain(), make SSL_SESSION_print() display return code.
...
Remove references to 'TXT' in -inform and -outform switches.
2000-01-09 14:21:40 +00:00
Dr. Stephen Henson
dad666fbbe
Add PKCS#12 manpage and use MAC iteration counts by default.
2000-01-08 03:16:04 +00:00
Ulf Möller
0f583f69f3
Honor the no-xxx Configure options when creating .DEF files.
2000-01-07 03:17:47 +00:00
Dr. Stephen Henson
35f4850ae0
More X509_ATTRIBUTE changes.
2000-01-07 00:55:54 +00:00
Dr. Stephen Henson
b38f9f66c3
Initial automation changes to 'req' and X509_ATTRIBUTE functions.
2000-01-06 01:26:48 +00:00
Bodo Möller
ca03109c3a
New functions SSL_get_finished, SSL_get_peer_finished.
...
Add short state string for MS SGC.
2000-01-06 01:19:17 +00:00
Bodo Möller
f2d9a32cf4
Use separate arrays for certificate verify and for finished hashes.
2000-01-06 00:24:24 +00:00
Andy Polyakov
bdf5e18317
Enhanced support for Alpha Linux. See CHANGES for details.
2000-01-02 20:46:58 +00:00
Dr. Stephen Henson
3d14b9d04a
Add support for MS "fast SGC".
2000-01-02 18:52:58 +00:00
Dr. Stephen Henson
20432eae41
Fix some of the command line password stuff. New function
...
that can automatically determine the type of a DER encoded
"traditional" format private key and change some of the
d2i functions to use it instead of requiring the application
to work out the key type.
2000-01-01 16:42:49 +00:00
Bodo Möller
47134b7864
Don't request client certificate in anonymous ciphersuites
...
except when following the specs is bound to fail.
1999-12-29 17:43:03 +00:00
Bodo Möller
45fd4dbb84
Fix SSL_CTX_add_session: When two SSL_SESSIONs have the same ID,
...
they can sometimes be different memory structures.
1999-12-29 14:29:32 +00:00
Dr. Stephen Henson
f45f40ffff
Add OIDs for idea and blowfish. Unfortunately these are in
...
the middle of the OID table so the diff is rather large :-(
1999-12-29 02:59:18 +00:00
Dr. Stephen Henson
6447cce372
Simplify the trust structure: basically zap the bit strings and
...
represent everything by OIDs.
1999-12-29 00:40:28 +00:00
Dr. Stephen Henson
e6f3c5850e
New {i2d,d2i}_PrivateKey_{bio, fp} functions.
1999-12-26 19:20:03 +00:00
Dr. Stephen Henson
36217a9424
Allow passwords to be included on command line for a few
...
more utilities.
1999-12-24 23:53:57 +00:00
Dr. Stephen Henson
525f51f6c9
Add PKCS#8 utility functions and add PBE options.
1999-12-23 02:02:42 +00:00
Bodo Möller
78baa17ad0
Correct spelling, and don't abuse grave accent as left quote
...
(which was allowed by old ASCII definitions but is not compatible
with ISO 8859-1, ISO 10646 etc.).
1999-12-22 16:10:44 +00:00
Dr. Stephen Henson
e76f935ead
Support for ASN1 NULL type.
1999-12-22 01:39:23 +00:00
Andy Polyakov
099f1b32c8
Initial support for MacOS is now available
...
Submitted by: Roy Woods <roy@centricsystems.ca>
Reviewed by: Andy Polyakov
1999-12-19 16:17:45 +00:00
Richard Levitte
f3a2a04496
- Added more documentation in CHANGES.
...
- Made CRYPTO_MDEBUG even less used in crypto.h, giving
MemCheck_start() and MemCheck_stop() only one possible definition.
- Made the values of the debug function pointers in mem.c dependent
on the existence of the CRYPTO_MDEBUG macro, and made the rest of
the code understand the NULL case.
That's it. With this code, the old behvior of the debug functionality
is restored, but you can still opt to have it on, even when the
library wasn't compiled with a defined CRYPTO_MDEBUG.
1999-12-18 02:34:37 +00:00
Richard Levitte
d8df48a9bc
- Made sure some changed behavior is documented in CHANGES.
...
- Moved the handling of compile-time defaults from crypto.h to
mem_dbg.c, since it doesn't make sense for the library users to try
to affect this without recompiling libcrypto.
- Made sure V_CRYPTO_MDEBUG_TIME and V_CRYPTO_MDEBUG_THREAD had clear
and constant definitions.
- Aesthetic correction.
1999-12-18 01:14:39 +00:00
Richard Levitte
9ac42ed8fc
Rebuild of the OpenSSL memory allocation and deallocation routines.
...
With this change, the following is provided and present at all times
(meaning CRYPTO_MDEBUG is no longer required to get this functionality):
- hooks to provide your own allocation and deallocation routines.
They have to have the same interface as malloc(), realloc() and
free(). They are registered by calling CRYPTO_set_mem_functions()
with the function pointers.
- hooks to provide your own memory debugging routines. The have to
have the same interface as as the CRYPTO_dbg_*() routines. They
are registered by calling CRYPTO_set_mem_debug_functions() with
the function pointers.
I moved everything that was already built into OpenSSL and did memory
debugging to a separate file (mem_dbg.c), to make it clear what is
what.
With this, the relevance of the CRYPTO_MDEBUG has changed. The only
thing in crypto/crypto.h that it affects is the definition of the
MemCheck_start and MemCheck_stop macros.
1999-12-17 12:56:24 +00:00
Dr. Stephen Henson
b216664f66
Various S/MIME fixes.
1999-12-11 20:04:06 +00:00
Dr. Stephen Henson
d8223efd04
Fix for crashing INTEGERs, ENUMERATEDs and OBJECT IDENTIFIERs.
...
Also fix a memory leak in PKCS#7 routines.
1999-12-10 13:46:48 +00:00
Dr. Stephen Henson
5a9a4b299c
Merge in my S/MIME library and utility.
1999-12-05 00:40:59 +00:00
Bodo Möller
cddfe788fb
Add functions des_set_key_checked, des_set_key_unchecked.
...
Never use des_set_key (it depends on the global variable des_check_key),
but usually des_set_key_unchecked.
Only destest.c bothered to look at the return values of des_set_key,
but it did not set des_check_key -- if it had done so,
most checks would have failed because of wrong parity and
because of weak keys.
1999-12-03 20:24:21 +00:00
Dr. Stephen Henson
21131f00d7
New function PKC12_newpass()
1999-12-03 03:46:18 +00:00
Dr. Stephen Henson
dd4134101f
Change the trust and purpose code so it doesn't need init
...
either and has a static and dynamic mix.
1999-12-02 02:33:56 +00:00
Dr. Stephen Henson
08cba61011
Modify the X509 V3 extension lookup code.
1999-12-01 01:49:46 +00:00
Ben Laurie
fea9afbfc7
Make salting the default. Fail gracefully if the input is not salted.
1999-11-30 20:15:19 +00:00
Dr. Stephen Henson
bb7cd4e3eb
Remainder of SSL purpose and trust code: trust and purpose setting in
...
SSL_CTX and SSL, functions to set them and defaults if no values set.
1999-11-29 22:35:00 +00:00
Dr. Stephen Henson
51630a3706
Add trust setting support to the verify code. It now checks the
...
trust settings of the root CA.
After a few fixes it seems to work OK.
Still need to add support to SSL and S/MIME code though.
1999-11-27 19:43:10 +00:00
Dr. Stephen Henson
9868232ae1
Initial trust code: allow setting of trust checking functions
...
in a table. Doesn't do too much yet.
Make the -<digestname> options in 'x509' affect all relevant
options.
Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.
A few constification changes.
1999-11-27 01:14:04 +00:00
Dr. Stephen Henson
d4cec6a13d
New options to the -verify program which can be used for chain verification.
...
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.
Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
1999-11-26 00:27:07 +00:00
Dr. Stephen Henson
1126239111
Initial chain verify code: not tested probably not working
...
at present. However nothing enables it yet so this doesn't
matter :-)
1999-11-24 01:31:49 +00:00
Dr. Stephen Henson
6d3724d3b0
Support for authority information access extension.
...
Fix so EVP_PKEY_rset_*() check return codes.
1999-11-23 18:50:28 +00:00
Dr. Stephen Henson
52664f5081
Transparent support for PKCS#8 private keys in RSA/DSA.
...
New universal public key format.
Fix CRL+cert load problem in by_file.c
Make verify report errors when loading files or dirs
1999-11-21 22:28:31 +00:00
Dr. Stephen Henson
a716d72734
Support for otherName in GeneralName.
1999-11-19 02:19:58 +00:00
Dr. Stephen Henson
f76d8c4747
Modify verify code to handle self signed certificates.
1999-11-17 01:20:29 +00:00
Bodo Möller
b1fe6ca175
Store verify_result with sessions to avoid potential security hole.
1999-11-16 23:15:41 +00:00
Dr. Stephen Henson
91895a5938
Fix for a bug in PKCS#7 code and non-detached data.
...
Remove rc4-64 from ciphers since it doesn't exist...
1999-11-16 14:54:50 +00:00
Dr. Stephen Henson
fd699ac55f
Add a salt to the key derivation using the 'enc' program.
1999-11-16 02:49:25 +00:00
Dr. Stephen Henson
e947f39689
New function X509_cmp().
1999-11-16 00:56:03 +00:00
Mark J. Cox
b7cfcfb7f8
This corrects the reference count handling in SSL_get_session.
...
Previously, the returned SSL_SESSION didn't have its reference count
incremented so the SSL_SESSION could be freed at any time causing
seg-faults if the pointer was subsequently used. Code that uses
SSL_get_session must now make a corresponding SSL_SESSION_free() call when
it is done to avoid memory leaks (or blocked up session caches).
Submitted By: Geoff Thorpe <geoff@eu.c2.net>
1999-11-15 16:31:31 +00:00
Dr. Stephen Henson
06556a1744
'req' fixes. Reinstate length check one request fields.
...
Fix to stop null being added to attributes.
Modify X509_LOOKUP, X509_INFO to handle auxiliary info.
1999-11-14 23:10:50 +00:00
Dr. Stephen Henson
a0e9f529a4
Add support for the 40 and 64 bit RC2 and RC4 ciphers in 'enc'
...
add documentation for 'enc'.
1999-11-14 03:23:17 +00:00
Richard Levitte
71d7526b72
Avoid some silly compiler warnings, and add the change log I forgot :-)
1999-11-12 03:12:46 +00:00
Dr. Stephen Henson
954ef7ef69
Merge some common functionality in the apps, delete
...
the encryption option in the pkcs7 utility (they never
did anything) and add a couple more options to pkcs7.
1999-11-12 01:42:25 +00:00
Dr. Stephen Henson
af29811edd
Add password command line options to some utils. Fix and update man
...
pages.
1999-11-11 18:41:31 +00:00
Dr. Stephen Henson
aba3e65f2c
Very preliminary POD format documentation for some
...
of the openssl utility commands...
1999-11-10 02:52:17 +00:00
Dr. Stephen Henson
a0ad17bb6c
Fix to the -revoke option in ca. It was leaking memory, crashing and just
...
plain not working :-(
Also fix some memory leaks in the new X509_NAME code.
Fix so new app_rand code doesn't crash 'x509' and move #include so it compiles
under Win32.
1999-11-08 13:58:08 +00:00
Dr. Stephen Henson
ce1b4fe146
Allow additional information to be attached to a
...
certificate: currently this includes trust settings
and a "friendly name".
1999-11-04 00:45:35 +00:00
Mark J. Cox
ce2c95b2a2
Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). The
...
problem was that one of the replacement routines had not been working since
SSLeay releases. For now the offending routine has been replaced with
non-optimised assembler. Even so, this now gives around 95% performance
improvement for 1024 bit RSA signs.
1999-11-03 14:10:10 +00:00
Dr. Stephen Henson
9716a8f9f2
Fix to PKCS#7 routines so it can decrypt some oddball RC2 handling.
1999-10-29 13:06:25 +00:00
Dr. Stephen Henson
74400f7348
Continued multibyte character support.
...
Add a bunch of functions to simplify the creation of X509_NAME structures.
Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.
1999-10-27 00:15:11 +00:00
Bodo Möller
62ac293801
Always hash the pid in the first iteration in ssleay_rand_bytes,
...
don't try to detect fork()s by looking at getpid().
The reason is that threads sharing the same memory can have different
PIDs; it's inefficient to run RAND_seed each time a different thread
calls RAND_bytes.
1999-10-26 16:26:48 +00:00
Bodo Möller
c1e744b912
Make md_rand.c more robust.
1999-10-26 14:49:12 +00:00
Bodo Möller
99e87569fd
Don't be overly paranoid.
1999-10-26 11:19:42 +00:00
Bodo Möller
a31011e8e0
Various randomness handling bugfixes and improvements --
...
some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.
1999-10-26 01:56:29 +00:00
Dr. Stephen Henson
462f79ec44
New function ASN1_mbstring_copy() to handle ASN1 string copying. Ultimately
...
this will be used to clear up the horrible DN mess.
1999-10-21 13:20:49 +00:00
Dr. Stephen Henson
08e9c1af6c
Replace the macros in asn1.h with function equivalents. Also make UTF8Strings
...
tolerated in certificates.
1999-10-20 01:50:23 +00:00
Dr. Stephen Henson
673b102c5b
Initial support for certificate purpose checking: this will
...
ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.
1999-10-13 01:11:56 +00:00
Dr. Stephen Henson
56a3fec1b1
Add EX_DATA support to X509.
...
Fix a bug in the X509_get_d2i() functions which didn't check if crit was NULL.
1999-10-11 01:30:04 +00:00
Dr. Stephen Henson
4654ef985b
New functions to parse and get extensions.
1999-10-09 02:54:10 +00:00
Andy Polyakov
7e102e28e1
RC4 tune-up featuring 30-40% performance improvement on most RISC
...
platforms. See crypto/rc4/rc4_enc.c for further details.
1999-10-07 12:10:26 +00:00
Dr. Stephen Henson
d71c6bc5a4
Fix for bug in pkcs12 program and typo in ASN1_tag2str().
1999-10-05 13:10:21 +00:00
Dr. Stephen Henson
2d681b779c
Fix for bug in pkcs12 program and typo in ASN1_tag2str().
1999-10-05 12:57:50 +00:00
Dr. Stephen Henson
3908cdf442
New option -dhparam to s_server to allow the DH parameter file to be set
...
explicitly. Previously it couldn't be changed because it was hard coded as
"server.pem".
1999-10-04 23:56:06 +00:00
Dr. Stephen Henson
3ea23631d4
Add support for public key input and output in rsa and dsa utilities with some
...
new DSA public key functions that were missing.
Also beginning of a cache for X509_EXTENSION structures: this will allow them
to be accessed more quickly for things like certificate chain verification...
1999-10-04 21:17:47 +00:00
Dr. Stephen Henson
393f2c651d
Fix for d2i_ASN1_bytes and stop PKCS#7 routines crashing is signed message
...
contains no certificates.
Also fix typo in RANLIB changes.
1999-10-04 12:08:59 +00:00
Dr. Stephen Henson
4579dd5dc6
Fix for base64 BIO decoding bug
1999-10-02 13:33:06 +00:00
Bodo Möller
0f7e6fe10c
Fix typo that I introduced when reformatting lines.
1999-09-24 20:24:24 +00:00
Bodo Möller
96c2201bef
Keep line lengths < 80 characters.
1999-09-21 13:33:15 +00:00
Dr. Stephen Henson
06f4536a61
Fix to make s_client and s_server work under Windows. A bit of a hack but
...
an improvement on not working at all.
1999-09-20 22:09:17 +00:00
Dr. Stephen Henson
1c80019a2c
Add new sign and verify members to RSA_METHOD and change SSL code to use sign
...
and verify rather than direct encrypt/decrypt.
1999-09-18 22:37:44 +00:00
Dr. Stephen Henson
090d848ea8
Various CRL enhancements tidies and workaround for broken CRLs.
1999-09-18 01:42:02 +00:00
Bodo Möller
6f7af1524e
Use non-copying BIO interface in ssltest.c.
1999-09-10 14:03:21 +00:00
Bodo Möller
396f631458
some more patches for avoiding problems with non-automatic variables
1999-09-08 21:58:13 +00:00
Dr. Stephen Henson
4a61a64f50
This is preliminary support for an "RSA null" cipher. Unfortunately when
...
OpenSSL is compiled with NO_RSA, no RSA operations can be used: including
key generation storage and display of RSA keys. Since these operations are
not covered by the RSA patent (my understanding is it only covers encrypt,
decrypt, sign and verify) they can be included: this is an often requested
feature, attempts to use the patented operations return an error code.
This is enabled by setting RSA_NULL. This means that if a particular application
has its own legal US RSA implementation then it can use that instead by setting
it as the default RSA method.
Still experimental and needs some fiddling of the other libraries so they have
some options that don't attempt to use RSA if it isn't allowed.
1999-09-08 18:02:25 +00:00
Bodo Möller
c1082a90bb
Non-copying interface to BIO pairs.
...
It's still totally untested ...
1999-09-07 21:37:09 +00:00
Dr. Stephen Henson
a785abc324
New function to convert ASN1 tag values to strings. Also fix typo in asn1.h
1999-09-07 12:16:29 +00:00
Dr. Stephen Henson
aef838fc95
New UTF8 utility functions to parse/generate UTF8 strings.
1999-09-04 17:19:55 +00:00
Bodo Möller
074309b7ee
Fix server behaviour when facing backwards-compatible client hellos.
1999-09-03 16:33:11 +00:00
Dr. Stephen Henson
8ce97163a2
Add new 'spkac' utility and several SPKAC utility functions.
1999-09-03 01:08:34 +00:00
Andy Polyakov
2d4287da34
RIPEMD160 shape-up. Final touch.
1999-08-28 13:18:25 +00:00
Dr. Stephen Henson
87a25f9032
Allow the extension section specified in config files to be overridden
...
on the command line for various utilities.
1999-08-27 00:08:17 +00:00
Dr. Stephen Henson
f9150e5421
Allow the 1.OU="my OU" syntax in 'ca' for SPKACs.
1999-08-25 23:18:23 +00:00
Dr. Stephen Henson
c79b16e11d
Allow extensions to be added to certificate requests, update the sample
...
config file (change RAW to DER).
1999-08-25 16:59:26 +00:00
Dr. Stephen Henson
7b65c3298f
Fix for a bug which meant encrypting BIOs sometimes wouldn't read the final
...
block.
1999-08-24 13:21:35 +00:00
Dr. Stephen Henson
13066cee60
Initial support for DH_METHOD. Also added a DH lock. A few changes made to
...
DSA_METHOD to make it more consistent with RSA_METHOD.
1999-08-23 23:11:32 +00:00
Dr. Stephen Henson
c0711f7f0f
Initial support for DSA_METHOD...
1999-08-22 17:57:38 +00:00
Dr. Stephen Henson
8484721adb
Allow memory bios to be read only and change PKCS#7 routines to use them.
1999-08-19 13:07:43 +00:00
Bodo Möller
de1915e48c
Fix horrible (and hard to track down) bug in ssl23_get_client_hello:
...
In case of a restart, v[0] and v[1] were incorrectly initialised.
This was interpreted by ssl3_get_client_key_exchange as an RSA decryption
failure (don't ask me why) and caused it to create a _random_ master key
instead (even weirder), which obviously led to incorrect input to
ssl3_generate_master_secret and thus caused "block cipher pad is
wrong" error messages from ssl3_enc for the client's Finished message.
Arrgh.
1999-08-18 17:14:42 +00:00
Dr. Stephen Henson
c6c3450643
Fix PKCS7_ENC_CONTENT_new() to include a sensible default content type and add
...
support for encrypted content type in PKCS7_set_content().
1999-08-17 12:58:01 +00:00
Dr. Stephen Henson
fd52057729
Add functions to allow extensions to be added to certificate requests.
...
Modify obj_dat.pl to take its files from the command line. Usage is now
perl obj_dat.pl objects.h obj_dat.h
this should avoid redirection shell escape problems under Win32.
1999-08-11 13:08:58 +00:00
Dr. Stephen Henson
87c49f622e
Support for parsing of certificate extensions in PKCS#10 requests: these are
...
used by things like Xenroll. Also include documentation for extendedKeyUsage
extension.
1999-08-09 22:38:05 +00:00
Bodo Möller
1b1a6e7808
-crlf option.
1999-08-09 13:01:48 +00:00
Ralf S. Engelschall
d91e201e96
Bump after tarball rolling.
...
Friends, feel free to start again hacking for 0.9.5... ;)
1999-08-09 11:14:08 +00:00
Bodo Möller
9a577e29e8
spelling
1999-08-08 22:41:24 +00:00
Ralf S. Engelschall
dfbaf95618
Install libRSAglue.a when OpenSSL is build with RSAref.
...
This should now finally make the RSAref users happy...
1999-08-08 19:12:26 +00:00
Ralf S. Engelschall
9639515871
A few more ``#ifndef NO_FP_API / #endif'' pairs for consistency.
...
Hint from: Andrija Antonijevic <TheAntony2@bigfoot.com>
1999-08-08 10:15:43 +00:00
Dr. Stephen Henson
ed7f60fbf9
Fix -startdate and -enddate arguments to 'ca' program. Also update NEWS file
...
with some 0.9.4 changes.
1999-08-06 21:47:09 +00:00
Bodo Möller
48c843c367
New function DSA_dup_DH, and fixes for bugs that were found
...
while implementing and using it.
1999-08-05 11:50:18 +00:00
Bodo Möller
41a6fdea80
0.9.4 won't be completed in July ...
1999-08-03 12:24:14 +00:00
Dr. Stephen Henson
922180d794
Allow the PKCS#7 (S/MIME encrypt) application to support more than one
...
recipient.
1999-07-30 01:12:46 +00:00
Bodo Möller
571199434c
Always use buildinf.h, which now includes the mk1mfinf.h data.
...
Using different files caused problems because the dependencies
in the Makefiles produced by mk1mf.pl were for the standard case,
i.e. mentioned buildinf.h and not mk1mfinf.h.
1999-07-29 12:57:23 +00:00
Dr. Stephen Henson
3e3d2ea2fc
New function OBJ_obj2txt()
1999-07-27 22:22:58 +00:00
Dr. Stephen Henson
770d19b862
New RSA flag RSA_FLAG_EXT_PKEY, to always call rsa_mod_exp.
1999-07-27 21:58:08 +00:00
Bodo Möller
2e0fc87599
Use correct CFLAG definition for makefile.one builds.
1999-07-27 09:10:36 +00:00
Andy Polyakov
a0618e3e5e
Added support for SPARC Linux.
1999-07-25 15:13:49 +00:00
Bodo Möller
74678cc2f8
Additional user data argument to pem_password_cb function type
...
and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>
1999-07-21 20:57:16 +00:00
Bodo Möller
664b99853c
avoid -DPLATFORM=\"...\" and -DCFLAGS=\"...\" command lines,
...
use new file buildinf.h instead.
1999-07-21 20:49:15 +00:00
Andy Polyakov
7363455fac
MIPS III/IV assembler module is reimplemented.
1999-07-20 15:50:20 +00:00
Bodo Möller
9c962484fe
SSL_MODE_ENABLE_PARTIAL_WRITE and SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
...
work as intended, both for SSLv2 and TLS.
1999-07-19 12:59:12 +00:00
Bodo Möller
e391116a48
New compile time option -DCRYPTO_MDEBUG_THREAD.
1999-07-19 10:36:10 +00:00
Bodo Möller
458cddc104
Have CRYPTO_MDEBUG_TIME automatically set CRYPTO_MDEBUG,
...
and make it the default for some debugging configurations.
1999-07-19 09:25:35 +00:00
Ulf Möller
6434450cd6
DES library changes.
1999-07-16 00:50:45 +00:00
Dr. Stephen Henson
b617a5be59
Continues NASM support. This might work now. Its still experimental but it
...
passes all the tests. Added documentation in INSTALL.W32.
1999-07-12 23:35:10 +00:00
Bodo Möller
5059658219
fix memory leak in s3_clnt.c
1999-07-12 17:15:42 +00:00
Bodo Möller
03cd49447f
New function RSA_check_key,
...
openssl rsa -check
1999-07-11 22:00:55 +00:00
Dr. Stephen Henson
f598cd13a3
Various changes to stop VC++ choking under Win32.
1999-07-11 17:09:04 +00:00
Dr. Stephen Henson
f513939ebb
Add a debugging option to PKCS#5 v2.0 key generation function.
1999-07-11 12:40:46 +00:00
Dr. Stephen Henson
0ab8beb480
Copy flags in ASN1_STRING_dup()
1999-07-11 12:30:55 +00:00
Dr. Stephen Henson
f7daafa442
Fix a bug in x509.c that omitted DSA parameters when they didn't match the
...
signers parameters. Changed it to never omit parameters.
1999-07-11 01:48:21 +00:00
Bodo Möller
777ab7e611
Fix memory checking.
1999-07-09 16:27:30 +00:00
Bodo Möller
975d3dc2ca
remove editing artifacts
1999-07-09 13:02:14 +00:00
Bodo Möller
6888f2b35c
Mention modification to Configure.
1999-07-09 12:01:40 +00:00
Bodo Möller
e105643595
New functions SSL[_CTX]_{set,get}_mode; the initial set of mode flags is
...
SSL_MODE_ENABLE_PARTIAL_WRITE, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
1999-07-02 13:55:32 +00:00
Ulf Möller
5271ebd9a3
More no-xxx option tweaks.
1999-06-30 00:42:56 +00:00
Dr. Stephen Henson
ce8b257413
New functions to allow RSA_METHODs to be changed without poking round in
...
RSA structure internals.
1999-06-29 22:22:42 +00:00
Bodo Möller
9c729e0a6d
Memory leak checks.
1999-06-25 14:04:10 +00:00
Dr. Stephen Henson
034292ad6a
Fix d2i_ASN1_INTEGER() and i2d_ASN1_INTEGER() so it correctly works out
...
the length of negative integers.
1999-06-24 01:50:27 +00:00
Dr. Stephen Henson
170afce58d
New function PKCS7_signatureVerify to allow the signing certificate to
...
be explicitly stated with PKCS#7 verify.
Also fix for util/mkerr.pl: if the -nostatic option is being used this will be
for an external library so the autogenerated C file should include the
header file as:
#include "any/path/to/header.h"
rather than the internal library form:
#include <openssl/header.h>
1999-06-22 13:33:22 +00:00
Dr. Stephen Henson
dbd665c210
Change the PEM_* function prototypes to use DECLARE_PEM macros and change
...
util/mkdef.pl to handle this. Also do a 'make update'.
1999-06-22 01:38:31 +00:00
Bodo Möller
f76a8084df
Perl variable names are case-sensitive ...
1999-06-21 11:32:25 +00:00
Dr. Stephen Henson
8623f693d9
New functions CONF_load_bio() and CONF_load_fp() to load a configuration
...
file from a bio or fp. Added some more constification to the BN library.
1999-06-20 17:36:11 +00:00
Bodo Möller
11af1a2758
Clarification.
1999-06-18 18:22:38 +00:00
Bodo Möller
a111306bbc
New function CRYPTO_num_locks.
1999-06-18 16:14:18 +00:00
Bodo Möller
95d29597b7
BIO pairs.
1999-06-12 01:03:40 +00:00
Dr. Stephen Henson
9bce3070ac
Fix to i2d_DSAPublicKey() to return the correct length.
...
Submitted by: Jeon KyoungHo <khjeon@sds.samsung.co.kr>
1999-06-11 22:30:45 +00:00
Dr. Stephen Henson
565d1065c3
Document the X509V3 code and change some of the extension function pointers
...
to use 'void *' rather than 'char *' for an "arbitrary extension".
1999-06-11 01:58:42 +00:00
Dr. Stephen Henson
b7d135b353
Two new functions to write out PKCS#8 private keys. Also fixes for some of
...
the the PBE code and a new constant PKCS5_DEFAULT_ITER for the default
iteration count if it is passed as zero.
1999-06-10 17:32:52 +00:00
Ralf S. Engelschall
9d9b559ef0
Fix determination of Perl interpreter: A perl or perl5
...
_directory_ in $PATH was also accepted as the interpreter.
1999-06-10 08:13:52 +00:00
Dr. Stephen Henson
5f6d0ea210
Reformat and "modernise" the sign.c demo.
1999-06-09 23:33:48 +00:00
Dr. Stephen Henson
f62676b92d
Change the PEM function implementation to use a common set of macros: this
...
should make modifying them easier.
Fix the selfsign demo: it was rather ancient and used deleted functions.
1999-06-09 18:05:30 +00:00
Bodo Möller
a7bd03960c
des_cbc_encrypt / des_ncbc_encrypt issue.
1999-06-09 18:01:49 +00:00
Bodo Möller
c77f47abfa
DES CBC change looks dubious to me.
1999-06-09 13:41:51 +00:00
Bodo Möller
8151f52add
Mention unistd.h.
1999-06-09 13:29:51 +00:00
Ben Laurie
05861c77e7
I keep forgetting to fix this: update the IV! Most important!
1999-06-09 11:08:36 +00:00
Ben Laurie
233bf734d3
Make "make test" fail if bntest fails an internal selfcheck.
1999-06-09 10:19:53 +00:00
Ulf Möller
908eb7b85a
Call our crypt implementation des_crypt(). crypt() now is a wrapper if
...
there is no system crypt() available.
1999-06-08 16:35:11 +00:00
Dr. Stephen Henson
8eb57af5fe
Complete support for PKCS#5 v2.0. Still needs extensive testing.
1999-06-08 00:09:51 +00:00
Bodo Möller
d4443edc57
Mention mkdir-p.pl.
1999-06-07 13:34:25 +00:00
Bodo Möller
272c933315
linux-sparc
1999-06-07 00:26:20 +00:00
Dr. Stephen Henson
69cbf46811
Rewrite PBE handling read to support PKCS#5 v2.0 and update the function
...
list for Win32.
1999-06-06 13:07:13 +00:00
Dr. Stephen Henson
e7871ffaa8
More PKCS#8 stuff. Support for unencrypted forms of private key.
1999-06-05 12:39:10 +00:00
Dr. Stephen Henson
600dec1586
Add a 'pkcs8' application for initial PKCS#8 support. Still needs lots more
...
options to handle encrypted and unencrypted forms and DER format input and
output.
1999-06-05 00:32:16 +00:00
Dr. Stephen Henson
ef8335d900
Add PKCS#5 v1.5 compatible algorithms and initial PKCS#8 support. PKCS#8 needs
...
more work: need an application and make the private key routines automatically
handle PKCS#8.
1999-06-04 23:32:14 +00:00
Ben Laurie
84c15db551
Some constification and stacks that slipped through the cracks (how?).
1999-06-04 22:23:10 +00:00
Bodo Möller
af258e0dec
remove conflict indicator ...
1999-06-04 21:52:12 +00:00
Bodo Möller
885982dc6e
"linux-sparc64-gcc" configuration
...
Submitted by: Ray Miller <ray.miller@oucs.ox.ac.uk>
1999-06-04 21:46:35 +00:00
Ulf Möller
a53955d8ab
Support the EBCDIC character set and BS2000/OSD-POSIX (work in progress).
...
Submitted by: Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>
1999-06-04 21:35:58 +00:00
Ben Laurie
b4f76582d4
More evil cast removal.
1999-06-03 18:04:04 +00:00
Ben Laurie
213a75dbf2
Make samples compile.
1999-06-03 16:07:37 +00:00
Bodo Möller
748365eed7
More consistency.
1999-05-31 21:58:18 +00:00
Bodo Möller
0cceb1c708
BSD/OS 4.x support (bsdi-elf-gcc)
1999-05-30 23:54:52 +00:00
Ben Laurie
31fab3e8da
Prepare to release 0.9.3a
1999-05-29 14:13:15 +00:00
Bodo Möller
2e36cc41ef
sco5-gcc configuration.
...
Submitted by: David Greaves
1999-05-28 20:25:30 +00:00
Bodo Möller
054009a638
Updated C++ SSL demos.
...
Submitted (a month ago) by: Wade Scholine
1999-05-27 23:59:58 +00:00
Bodo Möller
71f080935a
Updated some demos.
...
Submitted by: Sean O Riordain <Sean.ORiordain@cyrona.com>
1999-05-27 23:52:31 +00:00
Bodo Möller
e95f626827
*** empty log message ***
1999-05-27 20:55:18 +00:00
Bodo Möller
472bde404f
Change function call according to current API.
1999-05-27 20:49:27 +00:00
Bodo Möller
557068c087
Final version for 0.9.3.
1999-05-24 22:38:23 +00:00
Ulf Möller
e14d4443a2
Bignum library bug fix. IRIX 6 passes "make test" now!
...
This also avoids the problems with SC4.2 and unpatched SC5.
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-05-20 01:43:07 +00:00
Dr. Stephen Henson
e84240d422
New functions sk_set, sk_value and sk_num to replace existing macros: this is
...
to minimise the effects on existing code.
1999-05-19 12:45:16 +00:00
Dr. Stephen Henson
1b266dabf5
Fix various less obvious bugs in PKCS#7 handling: such as not zeroing
...
the secret key before we've encrypted it and using the right NID for RC2-64.
Add various arguments to the experimental programs 'dec' and 'enc' to make
testing less painful.
This stuff has now been tested against Netscape Messenger and it can encrypt
and decrypt S/MIME messages with RC2 (128, 64 and 40 bit) DES and triple DES.
Its still experimental though...
1999-05-16 17:32:32 +00:00
Bodo Möller
f43c814917
Typo.
1999-05-16 14:20:17 +00:00
Bodo Möller
55519bbb2d
DES changes.
1999-05-16 12:29:28 +00:00
Dr. Stephen Henson
84fa704c6f
Fix some obvious bugs in the PKCS#7 library handling. It didn't try to
...
find the right RecipientInfo based on the recipient certificate (so would
fail a lot of the time) and fixup cipher structures to correctly (maybe)
modify the AlgorithmIdentifiers. Largely untested at present... this will be
fixed in due course. Well the stuff was broken to begin with so if its broken
now then you haven't lost anything :-)
1999-05-16 00:25:36 +00:00
Ben Laurie
62bad77124
Add actual testing to bntest...
1999-05-15 15:59:28 +00:00
Dr. Stephen Henson
1ad2ecb66f
The encoding of negative ASN1 INTEGERs and the conversion of BNs to negative
...
integers was completely broken. Also added a NEG_PUBKEY_BUG compilation option
to compensate for public keys improperly encoded as negative integers.
1999-05-14 18:21:21 +00:00
Bodo Möller
1b24cca969
Add release dates to the "CHANGES" file, because that's an obvious
...
place to look for them.
1999-05-13 21:17:03 +00:00
Bodo Möller
b56bce4fc7
New structure type SESS_CERT used instead of CERT inside SSL_SESSION.
...
While modifying the sources, I found some inconsistencies on the use of
s->cert vs. s->session->sess_cert; I don't know if those could
really have caused problems, but possibly this is a proper bug-fix
and not just a clean-up.
1999-05-13 15:09:38 +00:00
Ulf Möller
bd3576d2dd
Reorganize and speed up MD5.
...
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-05-13 13:16:42 +00:00
Ulf Möller
7d7d2cbcb0
VMS support.
...
Submitted by: Richard Levitte <richard@levitte.org>
1999-05-13 11:37:32 +00:00
Dr. Stephen Henson
f5eac85edc
Add new -out option to asn1parse to allow the parsed data to be output.
...
Fixed -strparse option: it didn't work if used more than once (this was due
to the d2i_ASN1_TYPE call parsing a freed buffer). On Win32 the file wincrypt.h
#define's X509_NAME and PKCS7_SIGNER_INFO causing clashes so these are #undef'ed
1999-05-12 01:56:27 +00:00
Bodo Möller
b31b04d951
Make SSL library a little more fool-proof by not requiring any longer
...
that SSL_set_{accept,connect}_state be called before
SSL_{accept,connect} may be used.
Submitted by:
Reviewed by:
PR:
1999-05-11 07:43:16 +00:00
Ulf Möller
d5a2ea4b73
Move openssl.cnf out of lib/.
1999-05-10 23:59:28 +00:00
Ralf S. Engelschall
397f703892
Fix various things to let OpenSSL even pass ``egcc -pipe -O2 -Wall -Wshadow
...
-Wpointer-arith -Wcast-align -Wmissing-prototypes -Wmissing-declarations
-Wnested-externs -Winline'' with EGCS 1.1.2+
1999-05-10 08:33:56 +00:00
Dr. Stephen Henson
884e8ec615
Various PKCS#7 fixes to properly (maybe!) handle PKCS#7 enveloped data.
...
Containts elements of code by Sebastian Akerman <sak@parallelconsulting.com>
and made a bit less "naughty" by Steve.
1999-05-10 00:47:42 +00:00
Bodo Möller
ca8e5b9b8a
Create a duplicate of the SSL_CTX's CERT in SSL_new instead of copying
...
pointers. The cert_st handling is changed by this in various ways.
Submitted by:
Reviewed by:
PR:
1999-05-09 20:12:44 +00:00
Dr. Stephen Henson
c8b4185079
Kill evil casts, fix PKCS#7 and add new X509V3 Function.
1999-05-09 16:39:11 +00:00
Dr. Stephen Henson
e40b7abeed
Allows PKCS#12 password to be placed on command line and add allow config
...
file name for 'ca' to come from the environment.
1999-05-08 12:59:50 +00:00
Ben Laurie
5b640028cb
Make -pedantic work again.
1999-05-07 15:42:23 +00:00
Ben Laurie
135a1dcaac
Bodo didn't do that.
1999-05-07 09:18:25 +00:00
Ulf Möller
31a674d8c9
Support additional Win32 compilers.
...
Borland C submitted by: Janez Jere <jj@void.si>
1999-05-06 00:46:34 +00:00
Ulf Möller
8e7f966bf3
SHA-1 cleanups and performance enhancements.
...
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-05-05 00:23:53 +00:00
Ulf Möller
4f5fac8011
Sparc v8plus assembler.
...
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-05-04 20:35:18 +00:00
Ulf Möller
afd1f9e80b
Update HPUX config, work around HPUX library incompatibility.
...
Submitted by: Anonymous
1999-05-04 11:52:26 +00:00
Ben Laurie
aeef69b102
Add other people who've done stackification.
1999-05-04 10:34:08 +00:00
Ralf S. Engelschall
9263e88294
Bundle stack'ification entries on Bens request
1999-05-04 10:27:10 +00:00
Ralf S. Engelschall
dee75ecf9c
Add missing sk_<type>_unshift() function to safestack.h
1999-05-04 10:15:02 +00:00
Ralf S. Engelschall
20b85fdd76
Convert casted X509_INFO stacks to type-safe STACK_OF(X509_INFO).
...
PS: Feel free to move the IMPLEMENT_STACK_OF(X509_INFO) from
crypto/asn1/x_info.c to any other place where you think it fits better.
X509_INFO is a structure slightly spreaded over ASN.1, X509 and PEM code,
so I found no definitive location for IMPLEMENT_STACK_OF(X509_INFO). In
crypto/asn1/x_info.c it's at least now bundled with X509_INFO_new() and
friends.
1999-05-04 08:56:51 +00:00
Bodo Möller
dc1f607aff
Entry for resolved error macro confusion.
...
Submitted by:
Reviewed by:
PR:
Submitted by:
Reviewed by:
PR:
1999-05-01 20:16:35 +00:00
Bodo Möller
b3ca645f47
New function SSL_CTX_use_certificate_chain_file.
...
Submitted by:
Reviewed by:
PR:
1999-05-01 17:43:52 +00:00
Bodo Möller
7f89714e64
Support verify_depth from the SSL API without need for user-defined
...
callbacks.
Submitted by:
Reviewed by:
PR:
1999-05-01 03:20:40 +00:00
Bodo Möller
dd1462fd18
Broken line that was too long.
...
Submitted by:
Reviewed by:
PR:
1999-05-01 00:07:42 +00:00
Bodo Möller
4eb77b2679
New function SSL_CTX_set_session_id_context.
...
Submitted by:
Reviewed by:
PR:
1999-04-30 17:15:56 +00:00
Ulf Möller
c66527497c
OAEP bug fix.
1999-04-29 21:56:13 +00:00
Bodo Möller
e5f3045fbf
Support INSTALL_PREFIX for packagers.
...
Submitted by:
Reviewed by:
PR:
1999-04-29 21:52:08 +00:00
Bodo Möller
87bc2c00f8
Submitted by:
...
Reviewed by:
PR:
1999-04-29 16:10:41 +00:00
Bodo Möller
6e6acfd4b9
Use util/mklink.pl instead of util/mklink.sh.
...
Submitted by:
Reviewed by:
PR:
1999-04-28 22:33:54 +00:00
Bodo Möller
ddeee82c63
Install various scripts to $(OPENSSLDIR)/misc instead of $(INSTALLTOP)/bin.
...
Submitted by:
Reviewed by:
PR:
1999-04-28 22:06:19 +00:00
Ulf Möller
0973910fbb
Linux shared libraries.
1999-04-28 16:16:31 +00:00
Ulf Möller
f5d7a031a3
New Configure option no-<cipher> (rsa, idea, rc5, ...).
1999-04-27 01:14:46 +00:00
Dr. Stephen Henson
b64f825671
Add PKCS#12 documentation and new option in x509 to add certificate extensions.
1999-04-27 00:36:20 +00:00
Ulf Möller
a9be3af5ad
Remove NOPROTO definitions and error code comments.
1999-04-26 16:43:10 +00:00
Dr. Stephen Henson
47339f6179
Extensively changed the DEF file generator mkdef.pl to use a modified version
...
of Ulf's prototype parser, also general tidying and fixing of several problems
with the original. Its still a bit of a hack but should work.
This is the last bit of the old code that uses the K&R prototypes: after some
testing they can finally go away...
1999-04-26 00:23:10 +00:00
Ulf Möller
9c4711c73a
*** empty log message ***
1999-04-24 23:39:52 +00:00
Ulf Möller
b0b7b1c5ae
New Configure option --openssldir to replace ssldir.pl.
1999-04-24 23:01:36 +00:00
Dr. Stephen Henson
6e781e8e07
Delete the unnecessary ERR and ERRC lines in makefiles, add some functionality
...
to error code script: it can now find untranslatable function codes (usually
because the function is static and not defined in a header: occasionally because
of a typo...) and unreferenced function and reason codes. To see this try:
perl util/mkerr.pl -recurse -debug
Also fixed some typos in crypto/pkcs12 that this found :-)
Also tidy up some error calls that had to be all on one line: the old error
script couldn't find codes unless the call was all on one line.
1999-04-24 13:28:57 +00:00
Dr. Stephen Henson
6d31193858
Complete rewrite of the error code generation script. It now runs as a single
...
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
1999-04-24 00:15:18 +00:00
Bodo Möller
018b4ee9bb
Submitted by:
...
Reviewed by:
PR:
1999-04-23 22:38:22 +00:00
Bodo Möller
92df96077e
Submitted by:
...
Reviewed by:
PR:
1999-04-23 22:20:21 +00:00
Bodo Möller
85f48f7e93
Don't return 0 from ssl2_read when a packet with empty payload is received.
...
Submitted by:
Reviewed by:
PR:
1999-04-22 14:28:38 +00:00
Bodo Möller
90b8bbb8da
Submitted by:
...
Reviewed by:
PR:
1999-04-22 13:38:03 +00:00
Dr. Stephen Henson
4cd401e401
Oops! Fixup CHANGES.
1999-04-21 17:46:23 +00:00
Dr. Stephen Henson
d943e37241
Suppport for CRL distribution points extension. Also document some of
...
this stuff.
1999-04-21 17:44:45 +00:00
Ulf Möller
8e10f2b3ac
Move all autogenerated header file parts to crypto/opensslconf.h.
1999-04-21 17:31:05 +00:00
Ben Laurie
4997138a06
Fix DES export ciphersuites.
1999-04-21 13:24:58 +00:00
Ulf Möller
95dc05bc6d
Fix lots of warnings.
...
Submitted by: Richard Levitte <levitte@stacken.kth.se>
1999-04-20 22:50:42 +00:00
Ulf Möller
8fb04b9803
Problems with 64-bit long.
...
Pointed out by Andy Polyakov <appro@fy.chalmers.se>.
1999-04-20 16:23:03 +00:00
Ulf Möller
6b691a5c85
Change functions to ANSI C.
1999-04-19 21:31:43 +00:00
Dr. Stephen Henson
3edd7ed15d
Finish off support for Certificate Policies extension.
1999-04-19 17:55:11 +00:00
Ulf Möller
df82f5c85c
Fix typos in error codes.
1999-04-19 14:45:02 +00:00
Ulf Möller
22a4f969b9
Defunct assembler files removed; various cleanups.
...
New Ultrix and Alpha entries submitted by Bernhard Simon
<simon@zid.tuwien.ac.at>.
1999-04-19 13:54:11 +00:00
Ulf Möller
5e85b6abaf
SPARC v8 assembler BIGNUM code.
...
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-04-19 13:41:45 +00:00
Dr. Stephen Henson
41b731f2f8
Initial support for Certificate Policies extension: print out works but setting
...
isn't fully implemented (yet).
1999-04-18 23:21:03 +00:00
Dr. Stephen Henson
c83e523d7f
Allow asn1parse to print out VISIBLESTRING and some code needed for certificate
...
policies extension.
1999-04-17 23:55:39 +00:00
Ben Laurie
e778802f53
Massive constification.
1999-04-17 21:25:43 +00:00
Dr. Stephen Henson
d77b3054cd
Add support for VISIBLESTRING and UTF8String
1999-04-17 15:53:32 +00:00
Dr. Stephen Henson
1d48dd0019
Add initial support for r2i RAW extensions which can access the config database
...
add various X509V3_CTX helper functions and support for LHASH as the config
database.
1999-04-16 23:57:04 +00:00
Dr. Stephen Henson
953937bdc6
Fix a horrible BN bug in bn_expand2 which caused BN_add_word() et al to fail
...
when they cause the destination to expand.
To see how evil this is try this:
#include <pem.h>
main()
{
BIGNUM *bn = NULL;
int i;
bn = BN_new();
BN_hex2bn(&bn, "FFFFFFFF");
BN_add_word(bn, 1);
printf("Value %s\n", BN_bn2hex(bn));
}
This would typically fail before the patch.
It also screws up if you comment out the BN_hex2bn line above or in any
situation where BN_add_word() causes the number of BN_ULONGs in the result
to change (try doubling the number of FFs).
1999-04-15 23:07:00 +00:00
Dr. Stephen Henson
28a98809d1
Add some utilities to support SXNet extension also add support in DEF files
...
generator to typesafe stacks.
1999-04-14 23:44:41 +00:00
Ben Laurie
8f7de4f04c
Typo.
1999-04-14 11:13:47 +00:00
Dr. Stephen Henson
0490a86d01
Delete all the old X509V3 pack and unpack stuff and various structures and
...
files associated with them. This stuff is all obsoleted by the new X509V3 code.
1999-04-13 23:56:39 +00:00
Ulf Möller
5fbe91d86b
New Configure option "rsaref".
1999-04-13 00:58:49 +00:00
Bodo Möller
5fd4e2b16b
Don#t auto-generate crypto/pem/pem.h -- a fixed file is fine for it.
...
Submitted by:
Reviewed by:
PR:
1999-04-12 19:58:17 +00:00
Ben Laurie
f73e07cf42
Add type-safe STACKs and SETs.
1999-04-12 17:23:57 +00:00
Ralf S. Engelschall
f9a2593163
Add `openssl ca -revoke <certfile>' facility which revokes a certificate
...
specified in <certfile> by updating the entry in the index.txt file.
This way one no longer has to edit the index.txt file manually for
revoking a certificate. The -revoke option does the gory details now.
Submitted by: Massimiliano Pala <madwolf@openca.org>
Cleaned up and integrated by: Ralf S. Engelschall
1999-04-12 11:45:14 +00:00
Ralf S. Engelschall
2f0cd19533
Fix openssl crl -noout -text' combination where
-noout' killed the `-text'
...
option at all and this way the `-noout -text' combination was inconsistent in
`openssl crl' with the friends in `openssl x509|rsa|dsa'.
1999-04-12 10:36:16 +00:00
Ralf S. Engelschall
268c2102e3
Make sure a corresponding plain text error message exists for the
...
X509_V_ERR_CERT_REVOKED/23 error number which can occur when a
verify callback function determined that a certificate was revoked.
1999-04-12 09:59:05 +00:00
Bodo Möller
fc8ee06b4d
Submitted by:
...
Reviewed by:
PR:
1999-04-11 02:49:35 +00:00
Bodo Möller
c7ac31e26e
Bugfix: s_client occasionally would sleep in select() when it should
...
have checked SSL_pending() first.
Submitted by:
Reviewed by:
PR:
1999-04-09 20:54:25 +00:00
Ulf Möller
9d892e2855
recent changes.
1999-04-09 17:04:32 +00:00
Dr. Stephen Henson
d2e26dccd1
Add PKCS#5 v2.0 ASN1 structures.
1999-04-08 23:55:42 +00:00
Ulf Möller
99aab1619f
New Makefile variables $(RANLIB) and $(PERL).
1999-04-01 12:34:33 +00:00
Ulf Möller
2613c1fa2f
New option to generate 80386 code.
1999-03-31 12:38:27 +00:00
Bodo Möller
6d02d8e444
New option "-showcerts" for s_client
...
Slight cleanup in ssl/
1999-03-31 12:06:30 +00:00
Dr. Stephen Henson
ee0508d411
Include pkcs12 program as part of openssl. This completes most of the PKCS#12
...
integration.
1999-03-29 17:50:26 +00:00
Dr. Stephen Henson
8d8c7266d4
Yet more PKCS#12 integration: add lots of files under crypto/pkcs12 and add
...
them to the build environment.
1999-03-28 23:17:34 +00:00
Dr. Stephen Henson
cfcefcbe2a
Further PKCS#12 integration, PBE, PKCS#8 additions.
1999-03-28 17:46:10 +00:00
Dr. Stephen Henson
4b518c2601
This is the beginning of PKCS#12 integration. This just adds the PKCS#12
...
objects to objects.h
NOTE: during this integration it will not be possible to compile my PKCS#12
program against OpenSSL because there will be conflicts between the external
functionality and that being added to the core code.
1999-03-28 01:00:56 +00:00
Dr. Stephen Henson
785cdf2048
Add initial support for Thawte strong extranet certificate extensions and
...
include an 'indent' option to V3 stuff.
1999-03-27 14:06:25 +00:00
Ben Laurie
ba423adddd
Linux PPC support.
1999-03-27 13:03:37 +00:00
Ben Laurie
67da3df72e
Fix Alpha assembler, remove redundant file.
1999-03-27 12:53:21 +00:00
Ralf S. Engelschall
0e9fc7115b
Make sure the RSA OAEP test is skipped under -DRSAref because
...
OAEP isn't supported when OpenSSL is built with RSAref.
Submitted by: Ulf Moeller <ulf@fitug.de>
Reviewed by: Ralf S. Engelschall
1999-03-25 07:49:33 +00:00
Ralf S. Engelschall
1b276f3012
Move definitions of IS_SET/IS_SEQUENCE inside crypto/asn1/asn1.h
...
so they no longer are missing under -DNOPROTO.
Submitted by: Soren S. Jorvang <soren@t.dk>
Reviewed by: Ralf S. Engelschall
1999-03-24 10:24:35 +00:00
Ralf S. Engelschall
72e442a3a6
function names recently changed - consistency.
1999-03-22 15:50:34 +00:00
Ralf S. Engelschall
e98b5b58a0
Be consistent: 0.9.2b
1999-03-22 14:54:52 +00:00
Ben Laurie
b4cadc6e13
Fix security hole.
1999-03-22 12:22:14 +00:00
Ralf S. Engelschall
afb2306346
Some more source tree cleanups (removed obsolete files crypto/bf/asm/bf586.pl,
...
test/test.txt and crypto/sha/asm/f.s; changed permission on "config" script to
be executable) and a fix for the INSTALL document.
Submitted by: Ulf Moeller <ulf@fitug.de>
Reviewed by: Ralf S. Engelschall
1999-03-20 13:04:12 +00:00
Dr. Stephen Henson
199d59e5a1
Remove some references which called malloc and free instead of Malloc and Free.
1999-03-14 01:16:45 +00:00
Ben Laurie
b4899bb1fa
Fail if test fails.
1999-03-12 20:41:09 +00:00
Ben Laurie
29c0fccba8
Solaris shared library support.
1999-03-12 20:26:27 +00:00
Ben Laurie
cadf126b99
Use the right compiler for ctx_size.
1999-03-12 19:58:43 +00:00
Dr. Stephen Henson
bc420ac592
Delete NULL ciphers from 'ALL' in the cipher list aliases. This means that
...
NULL ciphers specifically have to be enabled with e.g. "DEFAULT:eNULL". This
prevents cipher lists from inadvertantly having NULL ciphers at the top
of their list (e.g. the default ones) because they didn't have to be taken
into account before.
1999-03-12 01:43:28 +00:00
Dr. Stephen Henson
abd4c91527
Fix for RSA private key encryption if p < q. This took ***ages*** to track down.
1999-03-11 02:42:13 +00:00
Ralf S. Engelschall
7e37e72a3d
Be less restrictive and allow also `perl util/perlpath.pl /path/to/bin/perl'
...
in addition to `perl util/perlpath.pl /path/to/bin', because this way one can
also use an interpreter named `perl5' (which is usually the name of Perl 5.xxx
on platforms where an Perl 4.x is still installed as `perl').
Submitted by: Matthias Loepfe <Matthias.Loepfe@adnovum.ch>
Reviewed by: Ralf S. Engelschall
1999-03-10 19:57:05 +00:00
Ralf S. Engelschall
637691e6b4
Let util/clean-depend.pl work also with older Perl 5.00x versions.
...
Submitted by: Matthias Loepfe <Matthias.Loepfe@adnovum.ch>
Reviewed by: Ralf S. Engelschall
1999-03-10 19:51:43 +00:00
Dr. Stephen Henson
381380206b
Fix couple of ANSI declarations and prototypes
1999-03-10 18:30:48 +00:00
Dr. Stephen Henson
83ec54b40d
Make CC,CFLAG etc get passed to make links and various Win32 fixes.
1999-03-10 01:37:33 +00:00
Ben Laurie
b241fefd98
Fix quad checksum bug.
1999-03-09 11:37:23 +00:00
Dr. Stephen Henson
d4d2f98c59
Comment out two unimplemented functions from bio.h. Attempt to get the
...
Win32 test batch file going again.
1999-03-09 03:01:48 +00:00
Dr. Stephen Henson
0cc395796b
Add missing funtions from non ANSI section of header files and add missing
...
ordinals to libeay.num.
1999-03-08 22:46:56 +00:00
Ralf S. Engelschall
d10f052be5
Make `openssl version' output lines consistent.
1999-03-08 12:35:01 +00:00
Ralf S. Engelschall
c0e538e117
Fix Win32 symbol export lists for BIO functions: Added BIO_get_ex_new_index,
...
BIO_get_ex_num, BIO_get_ex_data and BIO_set_ex_data to ms/libeay{16,32}.def.
I'm not a Win32 hacker, but I think I've done it correctly.
Steve or Ben: can you confirm that it's correct?
I don't want to break any Win32 stuff.
1999-03-08 11:41:26 +00:00
Ralf S. Engelschall
84107e6ca8
Second round of fixing the OpenSSL perl/ stuff. It now at least compiled fine
...
under Unix and passes some trivial tests I've now added. But the whole stuff
is horribly incomplete, so a README.1ST with a disclaimer was added to make
sure no one expects that this stuff really works in the OpenSSL 0.9.2 release.
Additionally I've started to clean the XS sources up and fixed a few little
bugs and inconsistencies in OpenSSL.{pm,xs} and openssl_bio.xs.
PS: I'm still not convinces whether we should try to make this
finally running or kick it out and replace it with some
other module....
1999-03-08 11:25:49 +00:00
Ben Laurie
efadf60f9c
Don't make links on Windoze.
1999-03-07 15:21:08 +00:00
Ben Laurie
26a0846fc1
Fix perl assembler.
1999-03-07 15:08:38 +00:00
Ben Laurie
7d3ce7ba37
Linux MIPS support.
1999-03-07 14:17:32 +00:00
Ben Laurie
cba5068d10
Always make links.
1999-03-07 14:05:36 +00:00
Dr. Stephen Henson
1756d405cc
Added support for adding extensions to CRLs, also fix a memory leak and
...
make 'req' check the config file syntax before it adds extensions. Added
info in the documentation as well.
1999-03-06 19:33:29 +00:00
Ralf S. Engelschall
116e315303
Add a useful kludge to allow package maintainers to specify compiler and other
...
platforms details on the command line without having to patch the Configure
script everytime: One now can use ``perl Configure <id>:<details>'', i.e.
platform ids are allowed to have details appended to them (seperated by
colons). This is treated as there would be a static pre-configured entry in
Configure's %table under key <id> with value <details> and ``perl Configure
<id>'' is called. So, when you want to perform a quick test-compile under
FreeBSD 3.1 with pgcc and without assembler stuff you can use ``perl Configure
"FreeBSD-elf:pgcc:-O6:::"'' now, which overrides the FreeBSD-elf entry
on-the-fly.
(PS: Notice that the same effect _cannot_ be achieved by using
``make CC=pgcc ..'' etc, because you cannot override all
things from there.)
1999-03-06 16:07:47 +00:00
Ben Laurie
bc3482442a
Disable new TLS1 ciphersuites.
1999-03-06 15:21:02 +00:00
Ralf S. Engelschall
3eb0ed6d91
Allow DSO flags like -fpic, -fPIC, -KPIC etc. to be specified on the `perl
...
Configure ...' command line. This way one can compile OpenSSL libraries with
Position Independent Code (PIC) which is needed for linking it into DSOs.
1999-03-06 14:35:03 +00:00
Ben Laurie
f415fa3243
Fix export ciphersuites, again.
1999-03-06 14:09:36 +00:00
Ralf S. Engelschall
2c6ccde1f7
just a little typo
1999-03-06 14:01:29 +00:00
Ralf S. Engelschall
0b903ec018
Cleaned up the LICENSE document: The official contact for any license
...
questions now is the OpenSSL core team under openssl-core@openssl.org . And
add a paragraph about the dual-license situation to make sure people recognize
that _BOTH_ the OpenSSL license _AND_ the SSLeay license apply to the OpenSSL
toolkit.
1999-03-06 13:29:09 +00:00
Ralf S. Engelschall
bb8f3c5879
General source tree makefile cleanups: Made `making xxx in yyy...' display
...
consistent in the source tree and replaced `/bin/rm' by `rm'. Additonally
cleaned up the `make links' target: Remove unnecessary semicolons, subsequent
redundant removes, inline point.sh into mklink.sh to speed processing and no
longer clutter the display with confusing stuff. Instead only the actually
done links are displayed.
1999-03-06 12:32:06 +00:00
Ben Laurie
988788f697
Permit null ciphers.
1999-03-06 12:09:36 +00:00
Dr. Stephen Henson
924acc5451
Fix the PKCS#7 stuff: signature verify could fail if attributes reordered, the
...
detached data encoding was wrong and free up public keys.
1999-03-05 02:05:15 +00:00
Dr. Stephen Henson
d00b7aad5a
Workaround for a Win95 console bug triggered by the password read stuff.
1999-03-05 01:07:04 +00:00
Dr. Stephen Henson
9985bed331
Deleted my str_dup() function from X509V3: the same functionality is provided
...
by BUF_MEM_strdup(). Added text documentation to the BUF_MEM stuff.
1999-03-04 23:29:51 +00:00
Ralf S. Engelschall
789285aa96
Added the new `Includes OpenSSL Cryptography Software' button as
...
doc/openssl_button.{gif,html} which is similar in style to the old SSLeay
button and can be used by applications based on OpenSSL to show the
relationship to the OpenSSL project.
PS: This beast caused me three hours to create, because
of the size I had to hand-paint the 7pt fonts in Photoshop.
1999-03-04 12:55:42 +00:00
Ralf S. Engelschall
a06c602e6f
Remove confusing variables in function signatures in files
...
ssl/ssl_lib.c and ssl/ssl.h. At least the double ctx-variable
confused some compilers.
Submitted by: Lennart Bong <lob@kulthea.stacken.kth.se>
Reviewed by: Ralf S. Engelschall
1999-03-04 07:54:01 +00:00
Ralf S. Engelschall
8d697db1d0
Don't install bss_file.c under PREFIX/include/. It was introduced by Eric
...
between SSLeay 0.8 and 0.9 and just looks useless and confusing.
Pointed out by: Lennart Bong <lob@kulthea.stacken.kth.se>
Submitted by: Ralf S. Engelschall
1999-03-04 07:47:27 +00:00
Dr. Stephen Henson
06c6849124
Fix the Win32 compile environment and add various changes so it will now compile
...
under Win32 (9X and NT) again. Note: some signed/unsigned changes recently
checked in were killing the Win32 compile.
1999-03-03 02:01:26 +00:00
Ben Laurie
eb90a483ad
Add functions to add certs to stacks, used for CA file/path stuff in servers.
1999-02-28 17:41:55 +00:00
Ben Laurie
4f43d0e71f
Experiment with doxygen documentation.
1999-02-28 12:41:50 +00:00
Ralf S. Engelschall
74d7abc2ab
Get rid of remaining C++-style comments which strict C compilers hate.
...
(Pointed out by Carlos Amengual).
1999-02-27 12:17:40 +00:00
Dr. Stephen Henson
7283ecea22
BN_RECURSION causes the stuff in bn_mont.c to fall over for large keys. For
...
now change it to BN_RECURSION_MONT so it isn't compiled in.
1999-02-26 01:37:34 +00:00
Ralf S. Engelschall
15d21c2df4
Add a bunch of SSL_xxx() functions for configuring the temporary RSA and DH
...
private keys and/or callback functions which directly correspond to their
SSL_CTX_xxx() counterparts but work on a per-connection basis. This is needed
for applications which have to configure certificates on a per-connection
basis (e.g. Apache+mod_ssl) instead of a per-context basis (e.g.
s_server).
For the RSA certificate situation is makes no difference, but for the DSA
certificate situation this fixes the "no shared cipher" problem where the
OpenSSL cipher selection procedure failed because the temporary keys were not
overtaken from the context and the API provided no way to reconfigure them.
The new functions now let applications reconfigure the stuff and they are in
detail: SSL_need_tmp_RSA, SSL_set_tmp_rsa, SSL_set_tmp_dh,
SSL_set_tmp_rsa_callback and SSL_set_tmp_dh_callback. Additionally a new
non-public-API function ssl_cert_instantiate() is used as a helper function
and also to reduce code redundancy inside ssl_rsa.c.
Submitted by: Ralf S. Engelschall
Reviewed by: Ben Laurie
1999-02-25 14:40:29 +00:00
Ralf S. Engelschall
ea14a91f64
Move s_server -dcert and -dkey options out of the undocumented feature area
...
because they are useful for the DSA situation and should be recognized by the
users. Thanks to Steve for the original hint.
1999-02-25 11:26:26 +00:00
Ralf S. Engelschall
90a52cecaf
Fix the cipher decision scheme for export ciphers: the export bits are *not*
...
within SSL_MKEY_MASK or SSL_AUTH_MASK, they are within SSL_EXP_MASK. So, the
original variable has to be used instead of the already masked variable.
Submitted by: Richard Levitte <levitte@stacken.kth.se>
Reviewed by: Ralf S. Engelschall
1999-02-25 11:03:18 +00:00
Ralf S. Engelschall
def9f43151
Fix 'port' variable from int' to
unsigned int' in crypto/bio/b_sock.c
...
Submitted by: Richard Levitte <levitte@stacken.kth.se>
Reviewed by: Ralf S. Engelschall
1999-02-25 10:54:27 +00:00
Ralf S. Engelschall
8aef252bf4
Change type of another md_len variable in pk7_doit.c:PKCS7_dataFinal()
...
from `int' to `unsigned int' because it's a length and initialized by
EVP_DigestFinal() which expects an `unsigned int *'.
Submitted by: Richard Levitte <levitte@stacken.kth.se>
Reviewed by: Ralf S. Engelschall
1999-02-25 10:47:24 +00:00
Ralf S. Engelschall
a4ed5532a8
Don't hard-code path to Perl interpreter on shebang line of Configure
...
script. Instead use the usual Shell->Perl transition trick.
1999-02-25 08:48:52 +00:00
Ralf S. Engelschall
7be304acdb
Make `openssl x509 -noout -modulus' functional also for DSA certificates (in
...
addition to RSA certificates) to match the behaviour of `openssl dsa -noout
-modulus' as it's already the case for `openssl rsa -noout -modulus'. For RSA
the -modulus is the real "modulus" while for DSA currently the public key is
printed (a decision which was already done by `openssl dsa -modulus' in the
past) which serves a similar purpose. Additionally the NO_RSA no longer
completely removes the whole -modulus option; it now only avoids using the RSA
stuff. Same applies to NO_DSA now, too.
1999-02-24 17:17:31 +00:00
Ben Laurie
55ab3bf7f9
Add reliable BIO.
1999-02-23 21:44:34 +00:00
Dr. Stephen Henson
a43aa73e3b
Redo the way 'req' and 'ca' add objects: add support for oid_section.
1999-02-23 00:07:46 +00:00
Ben Laurie
0849d13811
Add syslogging BIO.
1999-02-22 21:21:08 +00:00
Ben Laurie
06ab81f9f7
Add support for new TLS export ciphersuites.
1999-02-21 20:03:24 +00:00
Dr. Stephen Henson
deff75b634
Add preliminary user level config documentation for extension stuff. Programming
...
info will come later...
Feel free to reformat and tidy this up...
1999-02-21 17:41:08 +00:00
Dr. Stephen Henson
0c8a1281d0
Make RSA_NO_PADDING really use no padding.
...
Submitted by: Ulf Moeller <ulf@fitug.de>
1999-02-21 17:39:07 +00:00
Ben Laurie
4004dbb7f6
Generate errors when public/private key check is done.
1999-02-20 11:50:07 +00:00
Dr. Stephen Henson
0ca5f8b15c
Overhaul 'crl' application, add a proper X509_CRL_print function and start
...
to support CRL extensions.
1999-02-19 01:29:29 +00:00
Dr. Stephen Henson
3d8accc3ae
Fuller authority key id support, partial support for private key usage extension
...
and really fix the ASN.1 IMPLICIT bug this time :-)
1999-02-17 23:21:01 +00:00
Ben Laurie
a49498969e
Add OAEP.
1999-02-17 21:11:08 +00:00
Mark J. Cox
413c4f45ed
Updates to the new SSL compression code
...
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
Fix so that the version number in the master secret, when passed
via RSA, checks that if TLS was proposed, but we roll back to SSLv3
(because the server will not accept higher), that the version number
is 0x03,0x01, not 0x03,0x00
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
Submitted by:
Reviewed by:
PR:
1999-02-16 09:22:21 +00:00
Dr. Stephen Henson
a8236c8c32
Fix various memory leaks in SSL, apps and DSA
1999-02-15 21:05:21 +00:00
Dr. Stephen Henson
388ff0b076
Add support for raw extensions. This means that you can include the DER encoding
...
of an arbitrary extension: e.g. 1.3.4.5=critical,RAW:12:34:56 Using this
technique currently unsupported extensions can be generated if you know their
DER encoding. Even if the extension is supported in future the raw extension
will still work: that is the raw version can always be used even if it is a
supported extension.
1999-02-14 16:48:22 +00:00
Ralf S. Engelschall
6013fa8395
Make sure latest Perl versions don't interpret some generated C array as Perl
...
array code in the crypto/err/err_genc.pl script.
Submitted by: Lars Weber <3weber@informatik.uni-hamburg.de>
Reviewed by: Ralf s. Engelschall
1999-02-14 13:21:52 +00:00
Dr. Stephen Henson
5c00879ef0
More Win32 fixes and upsdate INSTALL.W32 documentation.
1999-02-14 00:40:13 +00:00
Dr. Stephen Henson
9becf66621
Oops... add other changes this time too.
1999-02-13 23:13:32 +00:00
Ben Laurie
4e31df2cd7
Fix ghastly DES declarations, and all consequential warnings.
1999-02-13 18:52:38 +00:00
Dr. Stephen Henson
e4119b9311
Fix typo in asn1.h (PRINTABLESTRING_STRING) and fix a bug in object creation
...
perl script. It failed if the OID had any zeros in it.
1999-02-13 17:15:32 +00:00
Ben Laurie
4a71b90deb
Add support for 3DES CBCM mode.
1999-02-13 15:03:47 +00:00
Ben Laurie
436d318c80
In the absence of feedback either way, commit the fix that looks right for
...
wrong keylength with export null ciphers.
1999-02-13 12:39:50 +00:00
Dr. Stephen Henson
55a9cc6e47
Make the 'crypto' and 'ssl' options in the perl script mkdef.pl really work,
...
also add an 'update' option to automatically append any new functions to the
ssleay.num and libeay.num files.
1999-02-11 01:39:30 +00:00
Ralf S. Engelschall
8073036dd6
Overhauled the Perl interface (perl/*):
...
- ported BN stuff to OpenSSL's different BN library
- made the perl/ source tree CVS-aware
- renamed the package from SSLeay to OpenSSL (the files still contain
their history because I've copied them in the repository)
- removed obsolete files (the test scripts will be replaced
by better Test::Harness variants in the future)
1999-02-10 09:38:31 +00:00
Ralf S. Engelschall
483fdf1883
Remember the cleanup
1999-02-10 08:34:01 +00:00
Dr. Stephen Henson
175b0942ec
More extension code. Incomplete support for subject and issuer alt
...
name, issuer and authority key id. Change the i2v function parameters
and add an extra 'crl' parameter in the X509V3_CTX structure: guess
what that's for :-) Fix to ASN1 macro which messed up
IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED.
1999-02-10 01:12:59 +00:00
Dr. Stephen Henson
bceacf938f
Support for ASN1 ENUMERATED type. This copies and duplicates the ASN1_INTEGER
...
code and adds support to ASN1_TYPE and asn1parse.
1999-02-09 01:29:37 +00:00
Mark J. Cox
351d899878
Add new function, EVP_MD_CTX_copy() to replace frequent use of memcpy.
...
Submitted by: Eric A Young - from changes to C2Net SSLeay
Reviewed by: Mark Cox
PR:
1999-01-31 12:14:39 +00:00
Ralf S. Engelschall
b621d77258
Make sure make rehash' target really finds the
openssl' program.
1999-01-31 11:10:10 +00:00
Ben Laurie
a96e7810e2
Squeeze a bit more speed out of MD5 assembler.
1999-01-30 17:53:00 +00:00
Ralf S. Engelschall
e04a6c2b35
Add CygWin32 platform information to Configure script.
...
Submitted by: Alan Batie <batie@aahz.jf.intel.com>
1999-01-30 11:50:48 +00:00
Ralf S. Engelschall
0172f988c7
Fixed ms/32all.bat script: no_asm' ->
no-asm'
...
Submitted by: Rainer W. Gerling <gerling@mpg-gv.mpg.de>
Reviewed by: Ralf S. Engelschall
1999-01-30 11:36:05 +00:00
Dr. Stephen Henson
79dfa97555
New program 'nseq' added to apps to allow Netscape certificate sequences to
...
be pulled apart and built.
1999-01-29 23:34:19 +00:00
Dr. Stephen Henson
9fe84296a4
Allow the -certfile argument to be used multiple times in crl2pkcs7.
...
Also fix typos in the usage messages: "inout" instead of "input".
1999-01-29 01:53:55 +00:00
Mark J. Cox
a0a5407901
Fixes to BN code. Previously the default was to define BN_RECURSION
...
but the BN code had some problems that would cause failures when
doing certificate verification and some other functions.
Submitted by: Eric A Young from a C2Net version of SSLeay
Reviewed by: Mark J Cox
PR:
1999-01-28 10:40:38 +00:00
Dr. Stephen Henson
92c046cac0
Add ASN1 code for netscape certificate sequences.
1999-01-28 00:16:44 +00:00
Dr. Stephen Henson
a27598bf7e
Add a few extended key usage OIDs.
1999-01-26 23:13:14 +00:00
Dr. Stephen Henson
b2347661ce
Still more X509 V3 stuff. Modify ca.c to work with the new code and modify
...
openssl.cnf for the new syntax.
1999-01-26 01:19:27 +00:00
Dr. Stephen Henson
f317aa4c9c
More X509 V3 stuff. Add support for extensions in the 'req' application
...
so that: openssl req -x509 -new -out cert.pem
will take extensions from openssl.cnf a sample for a CA is included.
Also change the directory order so pem is nearer the end. Otherwise 'make links'
wont work because pem.h can't be built.
1999-01-25 01:09:21 +00:00
Dr. Stephen Henson
834eeef995
Continuing adding X509 V3 support. This starts to integrate the code with
...
the main library, but only with printing at present. To see this try:
openssl x509 -in cert.pem -text
on a certificate with some extensions in it.
1999-01-24 17:50:32 +00:00
Dr. Stephen Henson
9aeaf1b4a7
Initial addition of new X509 V3 files, tidy of old files.
1999-01-24 00:50:01 +00:00
Dr. Stephen Henson
9b5cc156f3
Continued patches so certificates and CRLs now can support and use
...
GeneralizedTime.
1999-01-20 00:14:40 +00:00
Ben Laurie
8039257dbc
Finally lay dependencies to rest (I hope!).
1999-01-19 21:36:31 +00:00
Ben Laurie
b13a155492
Spelling mistake.
1999-01-19 19:18:20 +00:00
Dr. Stephen Henson
6c8abdd744
New err_code.pl script to retain old error codes. This should allow the use
...
of 'make errors' without causing huge re-organisations of files when a new
code is added.
1999-01-18 22:18:38 +00:00
Ben Laurie
649cdb7be9
Fix major cockup with short keys in CAST-128.
1999-01-17 16:26:24 +00:00
Dr. Stephen Henson
fdd3b64215
Update CHANGES for GeneralizedTime info.
1999-01-17 15:10:33 +00:00
Ben Laurie
dabba1104b
Correct Linux 1 recognition.
...
Contributed by: Ulf Möller <ulf@fitug.de>
1999-01-17 14:20:20 +00:00
Ben Laurie
512d222830
Remove pointless MD5 hash.
...
Contributed by: Anonymous <nobody@replay.com>
1999-01-17 14:14:41 +00:00
Ben Laurie
2c1ef383ae
Generate an error on an invalid directory.
1999-01-17 14:10:08 +00:00
Ben Laurie
c3ae9a4851
More prototypes.
1999-01-16 18:46:23 +00:00
Dr. Stephen Henson
ee13f9b165
Fix parameters to dummy function BN_ref_mod_exp().
1999-01-14 18:25:07 +00:00
Dr. Stephen Henson
27eb622b78
Submitted by: Neil Costigan <neil.costigan@celocom.com>
...
PR:
1999-01-14 18:21:57 +00:00
Dr. Stephen Henson
2d723902a0
Fix OBJ_txt2nid(): old function was broken when input used the "dot" form, e.g.
...
1.2.3.4 . Also added new function OBJ_txt2obj().
1999-01-12 18:40:33 +00:00
Ben Laurie
a6801a91cd
Add prototype, fix parameter passing bug.
1999-01-10 20:36:02 +00:00
Ben Laurie
50acf46b92
Sort openssl functions by name.
1999-01-09 19:15:59 +00:00
Dr. Stephen Henson
7f9b7b074d
Fix the gendsa program and add it to the app list. The progs.h file is
...
auto generated but not auto updated so it is included. Also remove the
encryption from the sample DSA keys.
1999-01-09 17:29:34 +00:00
Ben Laurie
e03ddfae7e
Accept NULL in *_free.
1999-01-07 19:15:59 +00:00
Ben Laurie
6fa89f94c4
Fix DH key generation.
...
Contributed by: Anonymous <nobody@replay.com>
1999-01-07 00:37:01 +00:00
Ben Laurie
c13d4799dd
Send the right CAs to the client.
1999-01-07 00:16:37 +00:00
Ben Laurie
bc4deee07a
Fix numeric -newkey args.
...
Contributed by: Bodo Moeller <3moeller@informatik.uni-hamburg.de>
1999-01-07 00:10:32 +00:00
Ben Laurie
5b00115ab0
Fix export tests.
1999-01-06 23:18:08 +00:00
Ben Laurie
f8c3c05db9
Make the world a safer place (if people object to this kind of change, speak up
...
soon - I intend to do a lot of it!).
1999-01-06 22:53:34 +00:00
Dr. Stephen Henson
384c479c85
Oops! update CHANGES file properly.
1999-01-06 01:41:21 +00:00
Dr. Stephen Henson
ad65ce755e
Fix things so DH_free() will be no-op when passed NULL, like RSA_free() and
...
DSA_free(): this was causing crashes when for example an attempt was made
to handle a (currently) unsupported DH public key. Also X509_PUBKEY_set()i
wasn't checking errors from d2i_PublicKey().
1999-01-06 01:39:24 +00:00
Ben Laurie
e416ad9772
Free the right thing.
1999-01-04 21:43:32 +00:00
Ben Laurie
4a18cddd16
Only free if it ain't NULL.
1999-01-04 21:39:34 +00:00
Ben Laurie
bb65e20b1c
Remove the bugfix that was really a bug.
...
Submitted by: Arne Ansper <arne@ats.cyber.ee>
1999-01-04 20:11:31 +00:00
Ben Laurie
b5e406f755
Pass on BIO_CTRL_FLUSH.
...
Submitted by: Arne Ansper <arne@ats.cyber.ee>
1999-01-04 19:55:12 +00:00
Ralf S. Engelschall
cb0f35d716
Make sure the already existing X509_STORE->depth variable is initialized
...
in X509_STORE_new(), but document the fact that this variable is still
unused in the certificate verification process.
1999-01-03 15:31:11 +00:00
Dr. Stephen Henson
cfcf645356
Make sure applications free up pkey structures and add netscape extension
...
handling to x509.c
1999-01-03 01:08:33 +00:00
Ben Laurie
cdbb8c2f26
Fix reference counting.
1999-01-02 19:04:27 +00:00
Ralf S. Engelschall
06d5b16225
First cut of a cleanup for apps/. First the `ssleay' program is now named
...
`openssl' and second, the shortcut symlinks for the `openssl <command>' are no
longer created. This way we have a single and consistent command line
interface `openssl <command>', similar to `cvs <command>'.
Notice, the openssl.cnf, openssl.c and progs.pl files were changed after a
repository copy, i.e. they still contain the complete file history.
1999-01-02 12:59:33 +00:00
Dr. Stephen Henson
c35f549e8b
Move DSA test in ca.c inside #ifdef and make pubkey BIT STRING always have
...
zero unused bits.
1999-01-02 01:53:06 +00:00
Dr. Stephen Henson
ebc828cad9
Add extended key usage OID and update STATUS file.
1999-01-01 18:43:44 +00:00
Paul C. Sutton
79e259e3ce
Make the installation documentation easier to follow.
1999-01-01 14:04:07 +00:00
Paul C. Sutton
56ee3117a5
Makefiles updated to exit if an error occurs in a sub-directory make
...
(including if user presses ^C)
1999-01-01 12:51:11 +00:00
Ben Laurie
6063b27bb6
Document recent changes.
1998-12-31 17:11:46 +00:00
Ralf S. Engelschall
9cb0969f65
Fix version stuff:
...
1. The already released version was 0.9.1c and not 0.9.1b
2. The next release should be 0.9.2 and not 0.9.1d, because
first the changes are already too large, second we should avoid any more
0.9.1x confusions and third, the Apache version semantics of
VERSION.REVISION.PATCHLEVEL for the version string is reasonable (and here
.2 is already just a patchlevel and not major change).
tVS: ----------------------------------------------------------------------
1998-12-31 09:36:40 +00:00
stephen
792a90020f
Update CHANGES file for latest additions
1998-12-31 01:35:07 +00:00
Ralf S. Engelschall
88fce97953
MIME encoding and ISO chars at the same time messes up the stuff
1998-12-30 23:09:13 +00:00
Ralf S. Engelschall
ce72df1c6a
Ops, forgot to commit the changes entry in recent commit...
1998-12-30 23:07:32 +00:00
Ben Laurie
4098e89cbf
Fix incorrect DER encoding of SETs and all knock-ons from that.
1998-12-29 21:43:55 +00:00
Ben Laurie
03f8b04277
Add prototypes. Make Montgomery stuff explicitly for that purpose.
1998-12-29 17:22:31 +00:00
Ben Laurie
8d7ed6ff90
Deal with generated files.
1998-12-28 21:58:19 +00:00
Ben Laurie
9228157c07
Typo.
1998-12-28 17:15:43 +00:00
Ben Laurie
5dcdcd475c
Autodetect FreeBSD 3.
1998-12-28 17:14:28 +00:00
Ben Laurie
1641cb6043
Add strictness, fix variable substition bugs.
1998-12-28 17:08:48 +00:00
Ralf S. Engelschall
ae82b46ffb
Test for new CVS repository
1998-12-26 12:42:56 +00:00
Ralf S. Engelschall
320a14cb5b
*** empty log message ***
1998-12-23 12:09:47 +00:00
Ralf S. Engelschall
f10a5c2a96
*** empty log message ***
1998-12-23 08:18:47 +00:00
Ralf S. Engelschall
9ce5db45be
*** empty log message ***
1998-12-23 07:58:53 +00:00
Ralf S. Engelschall
9acc2aa6d1
*** empty log message ***
1998-12-23 07:42:26 +00:00
Ralf S. Engelschall
f1c236f849
Switch to OpenSSL name
1998-12-23 07:38:54 +00:00
Ralf S. Engelschall
13e91dd365
Incorporation of RSEs assembled patches
1998-12-22 15:59:57 +00:00
Ralf S. Engelschall
651d0aff98
Various cleanups and fixed by Marc and Ralf to start the OpenTLS project
1998-12-22 15:04:48 +00:00