Commit graph

1357 commits

Author SHA1 Message Date
Richard Levitte
d2f098b33d Spelling 2010-04-13 14:34:48 +00:00
Dr. Stephen Henson
5b0a79a27a PR: 2220
Fixes to make OpenSSL compile with no-rc4
2010-04-06 11:18:32 +00:00
Dr. Stephen Henson
75ece4b5cf don't leave bogus errors in the queue 2010-03-10 13:48:21 +00:00
Dr. Stephen Henson
3b3f71121b PR: 2183
PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
2010-03-03 19:56:17 +00:00
Dr. Stephen Henson
2e630b1847 use supplied ENGINE in genrsa 2010-03-01 14:22:02 +00:00
Dr. Stephen Henson
7366f0b304 PR: 2170
Submitted by: Magnus Lilja <lilja.magnus@gmail.com>

Make -c option in dgst work again.
2010-02-12 17:07:24 +00:00
Dr. Stephen Henson
8b354e776b PR: 2161
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.

Make no-dsa, no-ecdsa and no-rsa compile again.
2010-02-02 13:36:05 +00:00
Dr. Stephen Henson
ffa304c838 oops, revert more test code arghh! 2010-01-28 17:52:18 +00:00
Dr. Stephen Henson
df21765a3e In engine_table_select() don't clear out entire error queue: just clear
out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise
errors from other sources (e.g. SSL library) can be wiped.
2010-01-28 17:50:23 +00:00
Dr. Stephen Henson
1699389a46 Tolerate PKCS#8 DSA format with negative private key. 2010-01-22 20:17:30 +00:00
Dr. Stephen Henson
93fac08ec3 PR: 2136
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>

Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
2010-01-12 17:27:11 +00:00
Andy Polyakov
496cf69e40 Fix compilation on older Linux [from HEAD]. 2010-01-06 21:25:22 +00:00
Dr. Stephen Henson
675564835c New option to enable/disable connection to unpatched servers 2009-12-16 20:28:30 +00:00
Dr. Stephen Henson
b52a2738d4 Add ctrl and macro so we can determine if peer support secure renegotiation. 2009-12-08 13:42:32 +00:00
Dr. Stephen Henson
3d5d81bf39 Replace the broken SPKAC certification with the correct version. 2009-12-02 14:41:24 +00:00
Richard Levitte
370f48da2a Typo 2009-11-12 14:03:57 +00:00
Dr. Stephen Henson
73582b8117 add missing parts of reneg port, fix apps patch 2009-11-11 14:51:29 +00:00
Dr. Stephen Henson
5c33091cfa commit missing apps code for reneg fix 2009-11-11 14:10:09 +00:00
Dr. Stephen Henson
4a7f7171f5 Add missing functions to allow access to newer X509_STORE_CTX status
information. Add more informative message to verify callback to indicate
when CRL path validation is taking place.
2009-10-31 19:21:47 +00:00
Dr. Stephen Henson
961092281f Add option to allow in-band CRL loading in verify utility. Add function
load_crls and tidy up load_certs. Remove useless purpose variable from
verify utility: now done with args_verify.
2009-10-31 13:34:19 +00:00
Dr. Stephen Henson
90528846e8 Add -no_cache option to s_server 2009-10-28 17:49:37 +00:00
Dr. Stephen Henson
c679fb298e Add new function X509_STORE_set_verify_cb and use it in apps 2009-10-18 14:42:27 +00:00
Dr. Stephen Henson
595e804ae3 Fix for WIN32 (and possibly other platforms) which don't define in_port_t. 2009-10-15 18:48:47 +00:00
Dr. Stephen Henson
28418076b2 PR: 2069
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

IPv6 support for DTLS.
2009-10-15 17:41:44 +00:00
Dr. Stephen Henson
abdfdb029e PR: 1847
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Integrated patches to CA.sh to bring it into line with CA.pl functionality.
2009-10-15 17:27:47 +00:00
Dr. Stephen Henson
8465b81d50 PR: 2066
Submitted by: Guenter <lists@gknw.net>
Approved by: steve@openssl.org

Add -r option to dgst to produce format compatible with core utilities.
2009-10-15 17:18:03 +00:00
Dr. Stephen Henson
2280f82fc6 Fix warnings about ignoring fgets return value 2009-10-04 16:43:21 +00:00
Dr. Stephen Henson
804196a418 PR: 2061
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct i2b_PVK_bio error handling in rsa.c, dsa.c
2009-10-01 00:26:07 +00:00
Dr. Stephen Henson
0c690586e0 PR: 2064, 728
Submitted by: steve@openssl.org

Add support for custom headers in OCSP requests.
2009-09-30 21:41:53 +00:00
Dr. Stephen Henson
bc8c5fe58d Free SSL_CTX after BIO 2009-09-30 21:35:26 +00:00
Dr. Stephen Henson
80afb40ae3 Submitted by: Julia Lawall <julia@diku.dk>
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
2009-09-13 11:27:27 +00:00
Dr. Stephen Henson
e7209103e6 PR: 2038
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Approved by: steve@openssl.org

Avoid double call to BIO_free().
2009-09-11 11:03:31 +00:00
Dr. Stephen Henson
b7e3cb31a5 PR: 2031
Submitted by: steve@openssl.org

Tolerate application/timestamp-response which some servers send out.
2009-09-07 17:57:02 +00:00
Dr. Stephen Henson
c0688f1aef Make update, deleting bogus DTLS error code 2009-09-06 15:55:54 +00:00
Dr. Stephen Henson
2e9802b7a7 PR: 2028
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.
2009-09-04 17:42:06 +00:00
Dr. Stephen Henson
196dcf93bc PR: 2020
Submitted by: Keith Beckman <kbeckman@mcg.edu>,  Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org

Fix improperly capitalized references to WWW::Curl::Easy.
2009-09-02 15:57:12 +00:00
Dr. Stephen Henson
e5eb96c83a PR: 2013
Submitted by: steve@openssl.org

Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.

Add error checking to CRL generation in ca utility when nextUpdate is being
set.
2009-09-02 13:55:22 +00:00
Dr. Stephen Henson
c9add317a9 Tidy up and fix verify callbacks to avoid structure dereference, use of
obsolete functions and enhance to handle new conditions such as policy
printing.
2009-09-02 12:45:19 +00:00
Richard Levitte
82f35daaaf Moving up the inclusion of e_os.h was a bad idea.
Put it back where it was and place an inclusion of e_os2.h to get platform
macros defined...
2009-08-26 11:21:50 +00:00
Richard Levitte
cb0d89705b Define EXE_DIR earlier.
Make sure S_SOCKET also gets compiled with _POSIX_C_SOURCE defined.

Submitted by Zoltan Arpadffy <zoli@polarhome.com>
2009-08-25 07:25:55 +00:00
Richard Levitte
f49353b42f Move up the inclusion of e_os.h so OPENSSL_SYS_VMS_DECC has a chance
to be properly defined.
2009-08-25 07:23:21 +00:00
Dr. Stephen Henson
209abea1db Stop unused variable warning on WIN32 et al. 2009-08-18 11:14:12 +00:00
Dr. Stephen Henson
5a96822f2c Update default dependency flags.
Make error name discrepancies a fatal error.
Fix error codes.
make update
2009-08-12 17:08:44 +00:00
Dr. Stephen Henson
a4bade7aac PR: 1997
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS timeout handling fix.
2009-08-12 13:21:26 +00:00
Dr. Stephen Henson
e322b5d167 Typo 2009-08-10 15:53:11 +00:00
Dr. Stephen Henson
01af4edcfe PR: 1999
Submitted by: "Bayram Kurumahmut" <kbayram@ubicom.com>
Approved by: steve@openssl.org

Don't use HAVE_FORK in apps/speed.c it can conflict with configured version.
2009-08-10 15:30:29 +00:00
Dr. Stephen Henson
f45e8c7bdd PR: 2000
Submitted by: 	Vadim Zeitlin <vz-openssl@zeitlins.org>
Approved by: steve@openssl.org

Make no-comp compile without warnings.
2009-08-05 15:29:14 +00:00
Dr. Stephen Henson
4386445c18 Change STRING to OPENSSL_STRING etc as common words such
as "STRING" cause conflicts with other headers/libraries.
2009-07-27 21:08:53 +00:00
Dr. Stephen Henson
b4c81fb6db Update from 0.9.8-stable 2009-07-24 11:15:55 +00:00
Dr. Stephen Henson
5fda10c6f1 Oops, use right function name... 2009-07-14 15:14:39 +00:00