Richard Levitte
a9d9b07167
Merge from HEAD:
...
2003-04-03 22:03 levitte
* apps/apps.c (1.70): Don't try to free NULL values...
Notified by "Steven Reddie" <smr@essemer.com.au>
2004-03-19 00:20:12 +00:00
Mark J. Cox
494593845c
After tagging
2004-03-17 12:03:38 +00:00
Mark J. Cox
82d63d3028
Fix null-pointer assignment in do_change_cipher_spec() revealed
...
by using the Codenomicon TLS Test Tool (CAN-2004-0079)
Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
(CAN-2004-0112)
Ready for 0.9.7d build
Submitted by: Steven Henson
Reviewed by: Joe Orton
Approved by: Mark Cox
2004-03-17 12:01:19 +00:00
Dr. Stephen Henson
8e6a84e730
Avoid warnings.
2004-03-16 13:50:18 +00:00
Richard Levitte
95475b1c7a
As in 0.9.8-dev, make sure we use unsigned constants, or some
...
compilers may complain.
2004-03-15 23:06:59 +00:00
Andy Polyakov
86f941c936
Fix typo in "IRIX 6.x shared build fix-up."
2004-03-12 21:33:04 +00:00
Andy Polyakov
387fd00c47
IRIX 6.x shared build fix-up.
2004-03-12 21:24:45 +00:00
Dr. Stephen Henson
00b9c1be7d
Incorporate crlNumber functionality from 0.9.8 except it is commented out
...
in openssl.cnf .
2004-03-08 13:07:07 +00:00
Richard Levitte
051bb5c457
Incorporate the following changes from 0.9.8-dev:
...
2003-04-04 17:10 levitte
* apps/: apps.c (1.72), apps.h (1.56), ca.c (1.135), x509.c (1.82):
Convert save_serial() to work like save_index(), and add a
rotate_serial() that works like rotate_index().
2003-04-03 20:07 levitte
* apps/: apps.c (1.69), ca.c (1.130): Conditionalise all debug
strings.
2003-04-03 18:33 levitte
* apps/apps.c (1.68), apps/apps.h (1.55), apps/ca.c (1.129),
apps/ocsp.c (1.31), apps/openssl.cnf (1.24), apps/x509.c (1.80),
CHANGES (1.1139): Make it possible to have multiple active
certificates with the same subject.
2004-03-08 02:53:46 +00:00
Dr. Stephen Henson
931a031916
Cleanup ASN1 OID module when it exits.
2004-03-05 23:47:39 +00:00
Dr. Stephen Henson
be21fe59aa
Call autoconfig code in pkcs7 utility.
2004-03-05 23:45:08 +00:00
Dr. Stephen Henson
ef3565aed2
Memory leak fix.
2004-03-05 23:39:12 +00:00
Dr. Stephen Henson
01fc051e8a
Various X509 fixes. Disable broken certificate workarounds
...
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in
CRL issuer certificates. Reject CRLs with unhandled (any)
critical extensions.
2004-03-05 17:16:06 +00:00
Dr. Stephen Henson
ae43f344af
-passin argument to rsautl
2004-03-04 21:58:13 +00:00
Dr. Stephen Henson
0902c559fb
Typos.
...
Reported by: Jose Castejon-Amenedo <Jose.Castejon-Amenedo@hp.com>
2004-03-04 21:41:59 +00:00
Richard Levitte
58b6a165a5
Make our page with pointers to binary distributions visible in the FAQ
2004-03-04 07:48:00 +00:00
Dr. Stephen Henson
641c55342b
More configuration docs.
2004-03-02 12:46:30 +00:00
Dr. Stephen Henson
e390f5d684
Documentation of the KISS autoconfig functions.
2004-03-02 01:00:24 +00:00
Dr. Stephen Henson
078a97791d
More autoconfig docs.
2004-03-01 19:15:54 +00:00
Richard Levitte
4d6b383680
Avoid a memory leak in OCSP_parse_url().
...
Notified by Paul Siegel <psiegel@corestreet.com>
2004-03-01 14:58:25 +00:00
Dr. Stephen Henson
489885cf84
Fix from head.
2004-03-01 13:23:41 +00:00
Dr. Stephen Henson
850be8f18d
Initial docs for the OpenSSL library configuration via openssl.cnf
2004-03-01 01:04:58 +00:00
Richard Levitte
a22d40dde2
AES is spelled AES, not ASE. Oops...
2004-02-27 02:24:54 +00:00
Richard Levitte
ee121033dc
Make sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also.
...
PR: 833
2004-02-26 22:07:47 +00:00
Richard Levitte
4090b56b4d
Document the AES options for 'openssl smime'.
...
PR: 834
2004-02-26 21:44:43 +00:00
Dr. Stephen Henson
33ad6eca7a
Use an OCTET STRING for the encoding of an OCSP nonce value.
...
The old raw format can't be handled by some implementations
and updates to RFC2560 will make the OCTET STRING mandatory.
2004-02-19 18:17:35 +00:00
Dr. Stephen Henson
dd10343e75
Fix handling of -offset and -length in asn1parse tool.
...
If -offset exceeds -length of data available exit with an error.
Don't read past end of total data available when -offset supplied.
If -length exceeds total available truncate it.
2004-02-08 13:30:33 +00:00
Andy Polyakov
ad55502092
Typo in crypto/bn/asm/x86_64.c, bn_div_words().
...
PR: 821
2004-02-07 09:46:47 +00:00
Dr. Stephen Henson
31edde3edc
Add flag to avoid continuous
...
memory allocate when calling EVP_MD_CTX_copy_ex().
Without this HMAC is several times slower than
< 0.9.7.
2004-02-01 13:37:56 +00:00
Richard Levitte
381a693c39
make update
2004-01-29 10:23:54 +00:00
Richard Levitte
86cb571e28
Have the declarations match the definitions.
2004-01-29 09:41:01 +00:00
Richard Levitte
319a2c5f65
Typo
2004-01-29 02:55:47 +00:00
Richard Levitte
9d0e895120
Make n unsigned, to avoid signed vs. unsigned conflicts.
2004-01-29 00:05:54 +00:00
Richard Levitte
44ee32ed30
-Wstrict-prototypes is too much for 0.9.7-stable (there are tons of
...
non-strict prototypes, all right? Kind of shadows the few other
warnings so I keep missing them :-)).
2004-01-29 00:03:05 +00:00
Richard Levitte
5922128732
0.9.7-stable is in freeze. That means we do bug fixes only, not new
...
functionality. Therefore, I'm backing out most of the "CFB DES
sync-up with FIPS branch" commit (I'm keeping the corrections of
DES_cfb_encrypt()).
2004-01-28 23:31:20 +00:00
Richard Levitte
cb37947a71
Unsigned vs. signed problem removed
2004-01-28 08:48:15 +00:00
Andy Polyakov
4668056fc9
CFB DES sync-up with FIPS branch.
2004-01-27 21:46:19 +00:00
Richard Levitte
de23af982a
Avoid signed vs. unsigned warnings (which are treated like errors on
...
Windows).
2004-01-27 01:16:09 +00:00
Richard Levitte
3a5a176ea0
S_IFBLK and S_IFCHR may not exist in some places (like Windows), so
...
let's check for those macros, and if they aren't defined, let's assume
there aren't Unixly devices on this platform.
2004-01-26 23:46:03 +00:00
Richard Levitte
a1d37a96df
Typo...
2004-01-22 22:36:48 +00:00
Dr. Stephen Henson
6bff79629e
Replace expired certificate.
2004-01-21 13:04:58 +00:00
Andy Polyakov
db452cdba0
TABLE update for hpux64-paric2-gcc, addenum for HPUX64 gcc build update.
2004-01-21 10:07:23 +00:00
Andy Polyakov
d435752b0a
Proper support for HP-UX64 gcc build.
...
PR: 772
2004-01-21 09:58:18 +00:00
Andy Polyakov
c8b14ca177
SHA-1 assembler tune-up for Intel P4
2004-01-21 08:19:36 +00:00
Richard Levitte
8ba5c63de9
Adding a slash between the directoryt and the file is a problem with
...
VMS. The C RTL can handle it well if the "directory" is a logical
name with no colon, therefore ending being 'logname/file'. However,
if the given logical names actually has a colon, or if you use a full
VMS-syntax directory, you end up with 'logname:/file' or
'dev:[dir1.dir2]/file', and that isn't handled in any good way.
So, on VMS, we need to check if the directory string ends with a
separator (one of ':', ']' or '>' (< and > can be used instead [ and
])), and handle that by not inserting anything between the directory
spec and the file name. In all other cases, it's assumed the
directory spec is a logical name, so we need to place a colon between
it and the file.
Notified by Kevin Greaney <kevin.greaney@hp.com>.
2004-01-10 18:04:36 +00:00
Lutz Jänicke
3a0ede0ffd
Cover all DSA setups when running tests
...
PR: #748
Submitted by: Kirill Kochetkov <kochet@ixbt.com>
2004-01-08 07:46:12 +00:00
Lutz Jänicke
9cde81c2dd
Updates to s_time manual page
...
PR: #570
Submitted by: Martin Witzel <MWITZEL@de.ibm.com>
2004-01-08 07:39:33 +00:00
Lutz Jänicke
62bd487421
One more change to merge from -dev.
2004-01-04 19:03:51 +00:00
Lutz Jänicke
4ef740a632
Add s_time manual page
...
Submitted by: "Martin Witzel" <MWITZEL@de.ibm.com>
PR: #570
2004-01-04 19:00:17 +00:00
cvs2svn
7f36acd8fe
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_7-stable'.
2004-01-04 18:59:15 +00:00