Commit graph

114 commits

Author SHA1 Message Date
Nils Larsch
1d42741a19 clear error queue on success and return NULL if no cert could be read
PR: 1088
2005-06-01 08:38:44 +00:00
Ben Laurie
0821bcd4de Constification. 2005-03-30 10:26:02 +00:00
Dr. Stephen Henson
5d7c222db8 New X509_VERIFY_PARAM structure and associated functionality.
This tidies up verify parameters and adds support for integrated policy
checking.

Add support for policy related command line options. Currently only in smime
application.

WARNING: experimental code subject to change.
2004-09-06 18:43:01 +00:00
Richard Levitte
4083a229b4 Use the new directory reading functions. 2004-07-10 13:17:16 +00:00
Geoff Thorpe
d095b68d63 Deprecate quite a few recursive includes from the ssl.h API header and
remove some unnecessary includes from the internal header ssl_locl.h. This
then requires adding includes for bn.h in four C files.
2004-05-17 18:53:47 +00:00
Geoff Thorpe
60a938c6bc (oops) Apologies all, that last header-cleanup commit was from the wrong
tree. This further reduces header interdependencies, and makes some
associated cleanups.
2004-04-19 18:09:28 +00:00
Richard Levitte
3822740ce3 We're getting a clash with C++ because it has a type called 'list'.
Therefore, change all instances of the symbol 'list' to something else.

PR: 758
Submitted by: Frédéric Giudicelli <groups@newpki.org>
2003-11-29 10:25:37 +00:00
Geoff Thorpe
2754597013 A general spring-cleaning (in autumn) to fix up signed/unsigned warnings.
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
2003-10-29 20:24:15 +00:00
Bodo Möller
0e9035ac98 SSL_add_dir_cert_subjects_to_stack now exists for WIN32 2003-02-05 16:40:29 +00:00
Richard Levitte
0bf23d9b20 WinCE patches 2002-11-15 22:37:18 +00:00
Bodo Möller
ea26226046 ECC ciphersuite support
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
(Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)
2002-08-09 08:56:08 +00:00
Richard Levitte
d4294c8984 Synchronise with 0.9.7-stable. 2002-04-29 10:19:19 +00:00
Richard Levitte
6176df94ed Make sure the opened directory is closed on exit.
Notified by Lorinczy Zsigmond <lzsiga@mail.ahiv.hu>
2002-04-18 16:20:13 +00:00
Bodo Möller
023ec151df Add 'void *' argument to app_verify_callback.
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
2002-02-28 10:52:56 +00:00
Richard Levitte
a3faebd104 Deprecate the macro MAC_OS_pre_X. 2001-10-24 15:32:53 +00:00
Richard Levitte
285046ec51 SSL_add_dir_cert_subjects_to_stack for Win32 finally implemented.
Submitted by Massimo Santin <msantin@santineassociati.com>.
2001-10-04 12:27:39 +00:00
Bodo Möller
6ac4e8bd6e Rename recently introduced functions for improved code clarity:
[DR]SA_up  =>  [DR]SA_up_ref
2001-09-03 13:40:07 +00:00
Geoff Thorpe
79aa04ef27 Make the necessary changes to work with the recent "ex_data" overhaul.
See the commit log message for that for more information.

NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
2001-09-01 20:02:13 +00:00
Geoff Thorpe
78435364ec Changes crypto/evp/ and ssl/ code from directly incrementing reference
counts in DH, DSA, and RSA structures. Instead they use the new "***_up()"
functions that handle this.
2001-08-25 17:28:23 +00:00
Lutz Jänicke
e32c852e1e Indent. 2001-07-31 10:19:20 +00:00
Ben Laurie
be2e2c3297 Only set the verify callback if there's one to set! 2001-07-30 17:17:26 +00:00
Lutz Jänicke
1f0c9ad7e1 Fix inconsistent behaviour with respect to verify_callback handling. 2001-07-30 11:45:34 +00:00
Richard Levitte
41d2a336ee e_os.h does not belong with the exported headers. Do not put it there
and make all files the depend on it include it without prefixing it
with openssl/.

This means that all Makefiles will have $(TOP) as one of the include
directories.
2001-02-22 14:45:02 +00:00
Richard Levitte
bc36ee6227 Use new-style system-id macros everywhere possible. I hope I haven't
missed any.

This compiles and runs on Linux, and external applications have no
problems with it.  The definite test will be to build this on VMS.
2001-02-20 08:13:47 +00:00
Bodo Möller
3ac82faae5 Locking issues. 2000-12-15 16:40:35 +00:00
Bodo Möller
38b40c624c mark a bug 2000-11-29 19:29:47 +00:00
Bodo Möller
3c758be86e include 'err' label only when it is actually used 2000-11-17 13:08:57 +00:00
Richard Levitte
62324627aa Use sk_*_new_null() instead of sk_*_new(NULL), since that takes care
of complaints from the compiler about data pointers and function
pointers not being compatible with each other.
2000-09-17 18:21:27 +00:00
Richard Levitte
26a3a48d65 There have been a number of complaints from a number of sources that names
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.
2000-06-01 22:19:21 +00:00
Geoff Thorpe
ccd86b68ef The previous commit to crypto/stack/*.[ch] pulled the type-safety strings
yet tighter, and also put some heat on the rest of the library by
insisting (correctly) that compare callbacks used in stacks are prototyped
with "const" parameters. This has led to a depth-first explosion of
compiler warnings in the code where 1 constification has led to 3 or 4
more. Fortunately these have all been resolved to completion and the code
seems cleaner as a result - in particular many of the _cmp() functions
should have been prototyped with "const"s, and now are. There was one
little problem however;

X509_cmp() should by rights compare "const X509 *" pointers, and it is now
declared as such. However, it's internal workings can involve
recalculating hash values and extensions if they have not already been
setup. Someone with a more intricate understanding of the flow control of
X509 might be able to tighten this up, but for now - this seemed the
obvious place to stop the "depth-first" constification of the code by
using an evil cast (they have migrated all the way here from safestack.h).

Fortunately, this is the only place in the code where this was required
to complete these type-safety changes, and it's reasonably clear and
commented, and seemed the least unacceptable of the options. Trying to
take the constification further ends up exploding out considerably, and
indeed leads directly into generalised ASN functions which are not likely
to cooperate well with this.
2000-06-01 02:36:58 +00:00
Bodo Möller
2ea0910031 Avoid sprintf, and harmonize indentation. 2000-05-21 14:14:30 +00:00
Bodo Möller
448e2f9ba7 Use correct function names in SSLerr macros. 2000-03-14 14:10:56 +00:00
Bodo Möller
e11f0de67f Copy DH key (if available) in addition to the bare parameters
in SSL_new.
If SSL_OP_SINGLE_DH_USE is set, don't waste time in SSL_[CTX_]set_tmp_dh
on computing a DH key that will be ignored anyway.

ssltest -dhe1024dsa (w/ 160-bit sub-prime) had an unfair performance
advantage over -dhe1024 (safe prime): SSL_OP_SINGLE_DH_USE was
effectively always enabled because SSL_new ignored the DH key set in
the SSL_CTX.  Now -dhe1024 takes the server only about twice as long
as -dhe1024dsa instead of three times as long (for 1024 bit RSA
with 1024 bit DH).
2000-03-13 17:07:04 +00:00
Dr. Stephen Henson
dd9d233e2a Tidy up CRYPTO_EX_DATA structures. 2000-01-23 23:41:49 +00:00
Dr. Stephen Henson
bb7cd4e3eb Remainder of SSL purpose and trust code: trust and purpose setting in
SSL_CTX and SSL, functions to set them and defaults if no values set.
1999-11-29 22:35:00 +00:00
Andy Polyakov
17f389bbbf Initial support for MacOS.
This will soon be complemented with MacOS specific source code files and
INSTALL.MacOS.

I (Andy) have decided to get rid of a number of #include <sys/types.h>.
I've verified it's ok (both by examining /usr/include/*.h and compiling)
on a number of Unix platforms. Unfortunately I don't have Windows box
to verify this on. I really appreciate if somebody could try to compile
it and contact me a.s.a.p. in case a problem occurs.

Submitted by: Roy Wood <roy@centricsystems.ca>
Reviewed by: Andy Polyakov <appro@fy.chalmers.se>
1999-09-11 17:54:18 +00:00
Bodo Möller
204cf1abb0 Comments. 1999-08-08 14:21:04 +00:00
Bodo Möller
a40f6dce87 correct error signalling for opendir() failure 1999-07-30 10:43:34 +00:00
Bodo Möller
74678cc2f8 Additional user data argument to pem_password_cb function type
and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>
1999-07-21 20:57:16 +00:00
Ben Laurie
838d25a1ec More safe stack. 1999-05-30 14:13:19 +00:00
Ulf Möller
1444ba8d78 NeXT doesn't have dirent.
Pointed out by Juergen Moellenhoff <jurgen@oic.de>
1999-05-20 17:58:42 +00:00
Bodo Möller
2a82c7cf25 Various bugfixes: Uses locking for some more of the stuff that is not
thread-safe (where thread-safe counterparts are not available on all
platforms), and don't memcpy to NULL-pointers
Submitted by: Anonymous
Reviewed by: Bodo Moeller

Also, clean up htons vs. ntohs confusions.
1999-05-14 12:40:39 +00:00
Bodo Möller
224551f732 Some tiny clean-ups related to the cert_st / sess_cert_st change. 1999-05-13 15:27:45 +00:00
Bodo Möller
b56bce4fc7 New structure type SESS_CERT used instead of CERT inside SSL_SESSION.
While modifying the sources, I found some inconsistencies on the use of
s->cert vs. s->session->sess_cert; I don't know if those could
really have caused problems, but possibly this is a proper bug-fix
and not just a clean-up.
1999-05-13 15:09:38 +00:00
Ulf Möller
7d7d2cbcb0 VMS support.
Submitted by: Richard Levitte <richard@levitte.org>
1999-05-13 11:37:32 +00:00
Bodo Möller
1c3e0a1976 Changed a comment.
Submitted by:
Reviewed by:
PR:
1999-05-10 15:10:11 +00:00
Bodo Möller
ca8e5b9b8a Create a duplicate of the SSL_CTX's CERT in SSL_new instead of copying
pointers.  The cert_st handling is changed by this in various ways.
Submitted by:
Reviewed by:
PR:
1999-05-09 20:12:44 +00:00
Dr. Stephen Henson
a5ab0532ca Various Win32 fixes. Win95 doesn't support MoveFileEx() (which was used for a
Win32 version of rename() ). There isn't a precise rename() equivalent under
Win95: the standard rename() complains if the destination already exists so
replaced with a combination of unlink() and MoveFile().
1999-05-08 22:46:51 +00:00
Ben Laurie
661b361b4b Some more stack stuff. 1999-05-03 19:55:00 +00:00
Bodo Möller
7f89714e64 Support verify_depth from the SSL API without need for user-defined
callbacks.

Submitted by:
Reviewed by:
PR:
1999-05-01 03:20:40 +00:00
Bodo Möller
ec577822f9 Change #include filenames from <foo.h> to <openssl.h>.
Submitted by:
Reviewed by:
PR:
1999-04-23 22:13:45 +00:00
Ulf Möller
6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Ben Laurie
f73e07cf42 Add type-safe STACKs and SETs. 1999-04-12 17:23:57 +00:00
Ralf S. Engelschall
72e442a3a6 function names recently changed - consistency. 1999-03-22 15:50:34 +00:00
Ben Laurie
a49034aba9 Fix names of cert stack functions. 1999-03-06 14:49:11 +00:00
Dr. Stephen Henson
06c6849124 Fix the Win32 compile environment and add various changes so it will now compile
under Win32 (9X and NT) again. Note: some signed/unsigned changes recently
checked in were killing the Win32 compile.
1999-03-03 02:01:26 +00:00
Ben Laurie
eb90a483ad Add functions to add certs to stacks, used for CA file/path stuff in servers. 1999-02-28 17:41:55 +00:00
Ralf S. Engelschall
c707fb2741 Ops, the logic of the second argument has to be coupled with the != test to
work correctly for the SSL_CTX_xxx situations, too. Now "make test" passes
again fine.
1999-02-26 22:31:54 +00:00
Ralf S. Engelschall
15d21c2df4 Add a bunch of SSL_xxx() functions for configuring the temporary RSA and DH
private keys and/or callback functions which directly correspond to their
SSL_CTX_xxx() counterparts but work on a per-connection basis. This is needed
for applications which have to configure certificates on a per-connection
basis (e.g. Apache+mod_ssl) instead of a per-context basis (e.g.
s_server).

For the RSA certificate situation is makes no difference, but for the DSA
certificate situation this fixes the "no shared cipher" problem where the
OpenSSL cipher selection procedure failed because the temporary keys were not
overtaken from the context and the API provided no way to reconfigure them.

The new functions now let applications reconfigure the stuff and they are in
detail: SSL_need_tmp_RSA, SSL_set_tmp_rsa, SSL_set_tmp_dh,
SSL_set_tmp_rsa_callback and SSL_set_tmp_dh_callback.  Additionally a new
non-public-API function ssl_cert_instantiate() is used as a helper function
and also to reduce code redundancy inside ssl_rsa.c.

Submitted by: Ralf S. Engelschall
Reviewed by: Ben Laurie
1999-02-25 14:40:29 +00:00
Ben Laurie
e03ddfae7e Accept NULL in *_free. 1999-01-07 19:15:59 +00:00
Ralf S. Engelschall
651d0aff98 Various cleanups and fixed by Marc and Ralf to start the OpenTLS project 1998-12-22 15:04:48 +00:00
Ralf S. Engelschall
dfeab0689f Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00