Commit graph

11143 commits

Author SHA1 Message Date
Andy Polyakov
cf5ecc3e1f Update support for Intel compiler: add linux-x86_64-icc and fix problems. 2012-11-28 13:05:13 +00:00
Dr. Stephen Henson
2c340864be New functions to set lookup_crls callback and to retrieve internal X509_STORE
from X509_STORE_CTX.
2012-11-27 23:47:48 +00:00
Dr. Stephen Henson
84bafb7471 Print out point format list for clients too. 2012-11-26 18:39:38 +00:00
Dr. Stephen Henson
5087afa108 Use default point formats extension for server side as well as client
side, if possible.

Don't advertise compressed char2 for SuiteB as it is not supported.
2012-11-26 18:38:10 +00:00
Dr. Stephen Henson
93c2c9befc change inaccurate error message 2012-11-26 15:47:32 +00:00
Dr. Stephen Henson
d900c0ae14 set auto ecdh parameter selction for Suite B 2012-11-26 15:10:50 +00:00
Dr. Stephen Henson
55b66f084d set cmdline flag in s_server 2012-11-26 12:51:12 +00:00
Dr. Stephen Henson
96cfba0fb4 option to output corrupted signature in certificates for testing purposes 2012-11-25 22:29:52 +00:00
Andy Polyakov
cd68694646 AES for SPARC T4: add XTS, reorder subroutines to improve TLB locality. 2012-11-24 21:55:23 +00:00
Dr. Stephen Henson
1c16fd1f03 add Suite B 128 bit mode offering only combination 2 2012-11-24 00:59:51 +00:00
Dr. Stephen Henson
a5afc0a8f4 Don't display messages about verify depth in s_server if -quiet it set.
Add support for separate verify and chain stores in s_client.
2012-11-23 18:56:25 +00:00
Dr. Stephen Henson
20b431e3a9 Add support for printing out and retrieving EC point formats extension. 2012-11-22 15:20:53 +00:00
Dr. Stephen Henson
e83aefb3a0 reject zero length point format list or supported curves extensions 2012-11-22 14:15:44 +00:00
Dr. Stephen Henson
1740c9fbfc support -quiet with -msg or -trace 2012-11-21 17:11:42 +00:00
Dr. Stephen Henson
2588d4ca41 curves can be set in both client and server 2012-11-21 17:01:46 +00:00
Dr. Stephen Henson
878b5d07ef use correct return values when callin cmd 2012-11-21 16:59:33 +00:00
Dr. Stephen Henson
191b3f0ba9 only use a default curve if not already set 2012-11-21 16:47:25 +00:00
Dr. Stephen Henson
46a6cec699 Reorganise parameters for OPENSSL_gmtime_diff.
Make ASN1_UTCTIME_cmp_time_t more robust by using the new time functions.
2012-11-21 14:13:20 +00:00
Dr. Stephen Henson
472af806ce Submitted by: Florian Weimer <fweimer@redhat.com>
PR: 2909

Update test cases to cover internal error return values.

Remove IDNA wildcard filter.
2012-11-21 14:10:48 +00:00
Dr. Stephen Henson
5c1393bfc3 PR: 2908
Submitted by: Dmitry Belyavsky <beldmit@gmail.com>

Fix DH double free if parameter generation fails.
2012-11-21 14:02:40 +00:00
Dr. Stephen Henson
f7ac0ec89d fix printout of expiry days if -enddate is used in ca 2012-11-20 15:22:15 +00:00
Dr. Stephen Henson
598c423e65 don't use psec or pdays if NULL 2012-11-20 15:20:40 +00:00
Dr. Stephen Henson
360ef6769e first parameter is difference in days, not years 2012-11-20 15:19:53 +00:00
Dr. Stephen Henson
13cfb04343 reorganise SSL_CONF_cmd manual page and update some links 2012-11-20 01:01:33 +00:00
Dr. Stephen Henson
22b5d7c80b fix leaks 2012-11-20 00:24:52 +00:00
Dr. Stephen Henson
685755937a with -rev close connection if client sends "CLOSE" 2012-11-19 23:41:24 +00:00
Dr. Stephen Henson
7c8ac50504 update usage messages 2012-11-19 23:20:40 +00:00
Dr. Stephen Henson
095db6bdb8 correct docs 2012-11-19 20:06:44 +00:00
Dr. Stephen Henson
8dbeb110fb document -trace and -msgfile options 2012-11-19 16:37:18 +00:00
Dr. Stephen Henson
765b413794 update docs for s_server/s_client 2012-11-19 16:07:53 +00:00
Dr. Stephen Henson
d223dfe641 make depend 2012-11-19 15:13:33 +00:00
Dr. Stephen Henson
1c455bc084 new function ASN1_TIME_diff to calculate difference between two ASN1_TIME structures 2012-11-19 15:12:07 +00:00
Andy Polyakov
9f6b0635ad x86_64-gcc.c: resore early clobber constraint.
Submitted by: Florian Weimer
2012-11-19 15:02:00 +00:00
Dr. Stephen Henson
98a7edf9f0 make depend 2012-11-19 13:18:09 +00:00
Dr. Stephen Henson
7831969634 don't call gethostbyname if OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL is set 2012-11-19 12:36:04 +00:00
Dr. Stephen Henson
9ba297e49f remove obsolete code 2012-11-19 03:46:49 +00:00
Dr. Stephen Henson
ddd13d677b fix typo and warning 2012-11-19 02:46:46 +00:00
Dr. Stephen Henson
821244cf67 clarify docs 2012-11-18 18:06:16 +00:00
Dr. Stephen Henson
edb128ce00 fix manual page file name 2012-11-18 17:58:45 +00:00
Dr. Stephen Henson
642aa226db document -naccept option 2012-11-18 15:51:26 +00:00
Dr. Stephen Henson
b5cadfb564 add -naccept <n> option to s_server to automatically exit after <n> connections 2012-11-18 15:45:16 +00:00
Dr. Stephen Henson
c4fc172240 PR: 2880
Submitted by: "Florian Rüchel" <florian.ruechel@ruhr-uni-bochum.de>

Correctly handle local machine keys in the capi ENGINE.
2012-11-18 15:24:37 +00:00
Dr. Stephen Henson
d88926f181 PR: 2909
Contributed by: Florian Weimer <fweimer@redhat.com>

Fixes to X509 hostname and email address checking. Wildcard matching support.
New test program and manual page.
2012-11-18 15:13:55 +00:00
Dr. Stephen Henson
24f77b34d5 remove redundant code from demo 2012-11-18 14:47:25 +00:00
Andy Polyakov
cccf27c89a cryptlib.c: revert typo. 2012-11-17 21:42:57 +00:00
Andy Polyakov
c5cd28bd64 Extend OPENSSL_ia32cap_P with extra word to accomodate AVX2 capability. 2012-11-17 19:04:15 +00:00
Andy Polyakov
b3aee265c5 perlasm/sparcv9_modes.pl: addendum to commit#22966. 2012-11-17 18:34:17 +00:00
Dr. Stephen Henson
9fc81acae6 fix error messages 2012-11-17 15:22:50 +00:00
Dr. Stephen Henson
5d2e07f182 Delegate command line handling for many common options in s_client/s_server
to the SSL_CONF APIs.

This is complicated a little because the SSL_CTX structure is not available
when the command line is processed: so just check syntax of commands initially
and store them, ready to apply later.
2012-11-17 14:42:22 +00:00
Dr. Stephen Henson
aa714f3af4 initial decription of GCM/CCM usage via EVP 2012-11-17 14:38:20 +00:00