Dr. Stephen Henson
cf56663fb7
Option to disable SSL auto chain build
2003-02-12 17:06:02 +00:00
Bodo Möller
8537943e8b
first section is now "Changes between 0.9.7a and 0.9.8", not "... 0.9.7 and 0.9.8"
2003-02-11 16:42:30 +00:00
Bodo Möller
24893ca999
typo
2003-02-06 19:32:06 +00:00
Bodo Möller
37c660ff9b
implement fast point multiplication with precomputation
...
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
2003-02-06 19:25:12 +00:00
Dr. Stephen Henson
4e5d3a7f98
IPv6 display and input support for extensions usingh GeneralName.
2003-02-05 00:34:31 +00:00
Richard Levitte
0b13e9f055
Add the possibility to build without the ENGINE framework.
...
PR: 287
2003-01-30 17:39:26 +00:00
Geoff Thorpe
96f7065f63
Summarise the last couple of commits.
2003-01-30 15:52:40 +00:00
Bodo Möller
c1862f9136
consistency
2003-01-24 22:28:32 +00:00
Dr. Stephen Henson
d3b5cb5343
Check return value of gmtime() and add error codes
...
where it fails in ASN1_TIME_set().
Edit asn1.h so the new error code is the same in 0.9.7
and 0.9.8, rebuild new error codes.
Clear error queue in req.c if *_min or *_max is absent.
2003-01-24 01:12:01 +00:00
Lutz Jänicke
a74333f905
Fix initialization sequence to prevent freeing of unitialized objects.
...
Submitted by: Nils Larsch <nla@trustcenter.de>
PR: 459
2003-01-15 14:54:59 +00:00
Lutz Jänicke
8ec16ce711
Really fix SSLv2 session ID handling
...
PR: 377
2003-01-15 09:51:22 +00:00
Geoff Thorpe
0e4aa0d2d2
As with RSA, which was modified recently, this change makes it possible to
...
override key-generation implementations by placing handlers in the methods
for DSA and DH. Also, parameter generation for DSA and DH is possible by
another new handler for each method.
2003-01-15 02:01:55 +00:00
Richard Levitte
04aff67de4
Merge from 0.9.7-stable.
2003-01-13 17:16:25 +00:00
Bodo Möller
9d5390a049
document BN_GENCB API by adding an example
2003-01-13 13:44:20 +00:00
Richard Levitte
afd41c9fc7
Add better support for FreeBSD on non-x86 machines.
...
Add specific support for FreeBSD on sparc64.
PR: 427
2003-01-12 04:43:44 +00:00
Richard Levitte
4a9476dd8d
When preparing a separate build tree, don't make softlinks to softlinks.
...
Add instructions in INSTALL, for easy access.
PR: 437
2003-01-10 10:56:14 +00:00
Richard Levitte
7a1c6aa2a3
It's rather silly to believe we'd release 0.9.7a in 2002 :-).
...
It's even more silly to pretend we know which year 0.9.8 will be
released.
2002-12-31 01:00:06 +00:00
Richard Levitte
948dcdb81b
Merge in changes from 0.9.7-stable.
2002-12-31 00:02:10 +00:00
Richard Levitte
08101d72ce
Merge in changes from 0.9.7-stable.
2002-12-30 23:56:09 +00:00
Lutz Jänicke
21cde7a41c
Fix wrong handling of session ID in SSLv2 client code.
...
PR: 377
2002-12-29 20:59:35 +00:00
Richard Levitte
9cd16b1dea
We stupidly had a separate LIBKRB5 variable for KRB5 library dependencies,
...
and then didn't support it very well. And that when there already is a
useful variable for exactly this kind of thing; EX_LIBS...
2002-12-19 22:10:12 +00:00
Richard Levitte
a1457874c6
OK, there's at least one application author who has provided dynamic locking
...
callbacks
2002-12-13 07:30:53 +00:00
Richard Levitte
14676ffcd6
Document the modifications in 0.9.7 that will make the hw_ncipher.c
...
engine work properly even in bad situations.
2002-12-12 17:40:15 +00:00
Richard Levitte
fdaea9ed2e
Since it's defined in draft-ietf-tls-compression-04.txt, let's make
...
ZLIB a known compression method, with the identity 1.
2002-12-08 09:31:41 +00:00
Geoff Thorpe
e9224c7177
This is a first-cut at improving the callback mechanisms used in
...
key-generation and prime-checking functions. Rather than explicitly passing
callback functions and caller-defined context data for the callbacks, a new
structure BN_GENCB is defined that encapsulates this; a pointer to the
structure is passed to all such functions instead.
This wrapper structure allows the encapsulation of "old" and "new" style
callbacks - "new" callbacks return a boolean result on the understanding
that returning FALSE should terminate keygen/primality processing. The
BN_GENCB abstraction will allow future callback modifications without
needing to break binary compatibility nor change the API function
prototypes. The new API functions have been given names ending in "_ex" and
the old functions are implemented as wrappers to the new ones. The
OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined,
declaration of the older functions will be skipped. NB: Some
openssl-internal code will stick with the older callbacks for now, so
appropriate "#undef" logic will be put in place - this is in case the user
is *building* openssl (rather than *including* its headers) with this
symbol defined.
There is another change in the new _ex functions; the key-generation
functions do not return key structures but operate on structures passed by
the caller, the return value is a boolean. This will allow for a smoother
transition to having key-generation as "virtual function" in the various
***_METHOD tables.
2002-12-08 05:24:31 +00:00
Richard Levitte
43ecece595
Merge in relevant changes from the OpenSSL 0.9.6h release.
2002-12-05 21:50:13 +00:00
Dr. Stephen Henson
2053c43de2
In asn1_d2i_read_bio, don't assume BIO_read will
...
return the requested number of bytes when reading
content.
2002-12-03 23:50:59 +00:00
Richard Levitte
df29cc8f77
Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler
...
and linker optimizations.
PR: 343
2002-11-27 12:24:05 +00:00
Richard Levitte
17582ccf21
Heimdal isn't really supported right now. Say so, and offer a possibility
...
to force the use of Heimdal, and warn if that's used.
PR: 346
2002-11-26 10:11:58 +00:00
Lutz Jänicke
6a8afe2201
Fix bug introduced by the attempt to fix client side external session
...
caching (#288 ): now internal caching failed (#351 ):
Make sure, that cipher_id is set before comparing.
Submitted by:
Reviewed by:
PR: 288 (and 351)
2002-11-20 10:48:58 +00:00
Richard Levitte
20199ca809
Document the addition of certificate pairs.
2002-11-18 23:56:15 +00:00
Richard Levitte
0bf23d9b20
WinCE patches
2002-11-15 22:37:18 +00:00
Richard Levitte
6f17f16fd5
Changes to make shared library building and use work better with Cygwin
2002-11-15 16:48:38 +00:00
Richard Levitte
84034f7aec
Document the change to remove the 'done' flag variable in the
...
OpenSSL_add_all_*() routines
2002-11-15 13:58:11 +00:00
Richard Levitte
0a5942093e
We need to read one more byte of the REQUEST-CERTIFICATE message.
...
PR: 300
2002-11-15 09:15:55 +00:00
Bodo Möller
2b2ab52354
harmonize with 0.9.7 tree
2002-11-14 12:17:47 +00:00
Richard Levitte
83411793b6
Handle last lines that aren't properly terminated.
...
PR: 308
2002-11-14 06:51:18 +00:00
Ben Laurie
54a656ef08
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
Richard Levitte
c81a15099a
X509_NAME_cmp() now compares PrintableString and emailAddress with a value of type
...
ia5String correctly.
PR: 244
2002-11-09 21:52:20 +00:00
Bodo Möller
b53e44e572
implement and use new macros BN_get_sign(), BN_set_sign()
...
Submitted by: Nils Larsch
2002-11-04 13:17:22 +00:00
Geoff Thorpe
9c3db400dc
The recent CHANGES note between 0.9.6g and 0.9.6h needs copying into the
...
other branches.
2002-10-29 18:01:08 +00:00
Bodo Möller
19b8d06a79
clean up new code for NIST primes
...
create new lock CRYPTO_LOCK_BN to avoid race condition
2002-10-28 14:02:19 +00:00
Bodo Möller
5c6bf03117
fast reduction for NIST curves
...
Submitted by: Nils Larsch
2002-10-28 13:23:24 +00:00
Richard Levitte
874fee478c
Clarify where the engines are by default.
2002-10-12 16:07:31 +00:00
Richard Levitte
6f7c2cb31e
Step 14 of move of engines: Final step, document the change.
2002-10-11 22:06:44 +00:00
Bodo Möller
3e06fb754e
synchronize with 0.9.7-stable version of this file
2002-10-11 17:56:34 +00:00
Richard Levitte
30afcc072a
Move the shared library construction stuff to Makefile.shared, a
...
helper makefile that generalises our way of building shared libraries
and is designed to take care of almost anything (I hope).
2002-10-11 00:37:11 +00:00
Richard Levitte
7ba3a4c3d2
RFC 2712 redefines the codes for use of Kerberos 5 in SSL/TLS.
...
PR: 189
2002-10-10 07:59:03 +00:00
Dr. Stephen Henson
fc6a6a1030
Add version info to Win32 DLLs.
...
We might want to edit the strings a bit...
Maybe add to 0.9.7 too?
2002-10-04 21:22:47 +00:00
Dr. Stephen Henson
9a48b07ee4
Various enhancements to PKCS#12 code, new
...
medium level API, improved PKCS12_create
and additional functionality in pkcs12
utility.
2002-10-03 23:53:52 +00:00