Piotr Sikora
edc687ba0f
Fix compilation with no-nextprotoneg.
...
PR#3106
2013-11-14 01:20:58 +00:00
Dr. Stephen Henson
57912ed329
Add code to download CRLs based on CRLDP extension.
...
Just a sample, real world applications would have to be cleverer.
2013-01-18 15:38:13 +00:00
Dr. Stephen Henson
e318431e54
New option to add CRLs for s_client and s_server.
2013-01-18 14:37:14 +00:00
Dr. Stephen Henson
7c283d9e97
add option to get a certificate or CRL from a URL
2013-01-17 16:08:02 +00:00
Dr. Stephen Henson
5477ff9ba2
make JPAKE work again, fix memory leaks
2012-12-29 23:58:44 +00:00
Dr. Stephen Henson
fde8dc1798
add Suite B verification flags
2012-12-26 16:57:39 +00:00
Dr. Stephen Henson
70cd3c6b95
Integrate host, email and IP address checks into X509_verify.
...
Add new verify options to set checks.
(backport from HEAD)
2012-12-19 15:14:10 +00:00
Dr. Stephen Henson
45da1efcdb
Backport X509 hostname, IP address and email checking code from HEAD.
2012-12-19 15:01:59 +00:00
Dr. Stephen Henson
9a1f59cd31
New verify flag to return success if we have any certificate in the trusted
...
store instead of the default which is to return an error if we can't build
the complete chain. [backport from HEAD]
2012-12-14 14:30:46 +00:00
Dr. Stephen Henson
38680fa466
check mval for NULL too
2012-12-04 17:26:04 +00:00
Dr. Stephen Henson
a902b6bd98
fix leak
2012-12-03 16:33:15 +00:00
Dr. Stephen Henson
9d2006d8ed
add -trusted_first option and verify flag (backport from HEAD)
2012-09-26 13:50:42 +00:00
Dr. Stephen Henson
c714e43c8d
PR: 2717
...
Submitted by: Tim Rice <tim@multitalents.net>
Make compilation work on OpenServer 5.0.7
2012-02-11 23:38:49 +00:00
Dr. Stephen Henson
26c6857a59
PR: 2710
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Check return codes for load_certs_crls.
2012-02-10 19:54:46 +00:00
Dr. Stephen Henson
f2e590942e
implement -attime option as a verify parameter then it works with all relevant applications
2011-12-10 00:37:42 +00:00
Ben Laurie
68b33cc5c7
Add Next Protocol Negotiation.
2011-11-13 21:55:42 +00:00
Richard Levitte
01d2e27a2b
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 09:47:47 +00:00
Dr. Stephen Henson
84fbc56fd0
PR: 2366
...
Submitted by: Damien Miller <djm@mindrot.org>
Reviewed by: steve
Stop pkeyutl crashing if some arguments are missing. Also make str2fmt
tolerate NULL parameter.
2010-11-11 14:42:34 +00:00
Dr. Stephen Henson
e97359435e
Fix warnings (From HEAD, original patch by Ben).
2010-06-15 17:25:15 +00:00
Dr. Stephen Henson
6938440d68
PR: 2262
...
Submitted By: Victor Wagner <vitus@cryptocom.ru>
Fix error reporting in load_key function.
2010-05-27 14:09:13 +00:00
Dr. Stephen Henson
5b0a79a27a
PR: 2220
...
Fixes to make OpenSSL compile with no-rc4
2010-04-06 11:18:32 +00:00
Dr. Stephen Henson
961092281f
Add option to allow in-band CRL loading in verify utility. Add function
...
load_crls and tidy up load_certs. Remove useless purpose variable from
verify utility: now done with args_verify.
2009-10-31 13:34:19 +00:00
Dr. Stephen Henson
4386445c18
Change STRING to OPENSSL_STRING etc as common words such
...
as "STRING" cause conflicts with other headers/libraries.
2009-07-27 21:08:53 +00:00
Dr. Stephen Henson
fa07f00aaf
Update from HEAD.
2009-06-29 16:09:58 +00:00
Dr. Stephen Henson
710c1c34d1
Allow checking of self-signed certifictes if a flag is set.
2009-06-26 11:28:52 +00:00
Dr. Stephen Henson
43dc001b62
Update from HEAD.
2009-06-17 11:33:17 +00:00
Dr. Stephen Henson
756d2074b8
PR: 1924
...
Submitted by: "Green, Paul" <Paul.Green@stratus.com>
Approved by: steve@openssl.org
Fix _POSIX_C_SOURCE usage.
2009-05-13 11:32:24 +00:00
Dr. Stephen Henson
7134507de0
Make no-rsa, no-dsa and no-dh compile again.
2009-04-23 17:16:40 +00:00
Dr. Stephen Henson
6abbc68188
PR: 1870
...
Submitted by: kilroy <kilroy@mail.zutom.sk>
Approved by: steve@openssl.org
Handle pkcs12 format correctly by not assuming PEM format straight away.
2009-04-03 17:06:35 +00:00
Dr. Stephen Henson
617298dca3
Update from stable branch.
2009-03-12 17:10:26 +00:00
Dr. Stephen Henson
79bd20fd17
Update from stable-branch.
2008-11-24 17:27:08 +00:00
Ben Laurie
f3b7bdadbc
Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks.
2008-11-16 12:47:12 +00:00
Dr. Stephen Henson
ed551cddf7
Update from stable branch.
2008-11-12 17:28:18 +00:00
Dr. Stephen Henson
c76fd290be
Fix warnings about mismatched prototypes, undefined size_t and value computed
...
not used.
2008-11-02 12:50:48 +00:00
Dr. Stephen Henson
e9eda23ae6
Fix warnings and various issues.
...
C++ style comments.
Signed/unsigned warning in apps.c
Missing targets in jpake/Makefile
2008-10-27 12:02:52 +00:00
Ben Laurie
6caa4edd3e
Add JPAKE.
2008-10-26 18:40:52 +00:00
Dr. Stephen Henson
d43c4497ce
Initial support for delta CRLs. If "use deltas" flag is set attempt to find
...
a delta CRL in addition to a full CRL. Check and search delta in addition to
the base.
2008-09-01 15:15:16 +00:00
Dr. Stephen Henson
9d84d4ed5e
Initial support for CRL path validation. This supports distinct certificate
...
and CRL signing keys.
2008-08-13 16:00:11 +00:00
Dr. Stephen Henson
002e66c0e8
Support for policy mappings extension.
...
Delete X509_POLICY_REF code.
Fix handling of invalid policy extensions to return the correct error.
Add command line option to inhibit policy mappings.
2008-08-12 10:32:56 +00:00
Dr. Stephen Henson
5cbd203302
Initial support for alternative CRL issuing certificates.
...
Allow inibit any policy flag to be set in apps.
2008-07-30 15:49:12 +00:00
Dr. Stephen Henson
dd043cd501
Stop const mismatch warning in VC++.
2008-05-31 18:55:23 +00:00
Ben Laurie
3c1d6bbc92
LHASH revamp. make depend.
2008-05-26 11:24:29 +00:00
Lutz Jänicke
44a877aa88
Fix incorrect return value in apps/apps.c:parse_yesno()
...
PR: 1607
Submitted by: "Christophe Macé" <mace.christophe@gmail.com>
2008-04-17 14:15:27 +00:00
Geoff Thorpe
7e8481afd1
Fix a nasty cast issue that my compiler was choking on.
2008-03-16 20:57:12 +00:00
Dr. Stephen Henson
52108cecc0
<strings.h> does not exist under WIN32.
2008-01-14 18:10:55 +00:00
Ben Laurie
f12797a447
Missing headers.
2008-01-12 11:22:31 +00:00
Dr. Stephen Henson
eef0c1f34c
Netware support.
...
Submitted by: Guenter Knauf <eflash@gmx.net>
2008-01-03 22:43:04 +00:00
Ben Laurie
e28eddc51f
Typo? Why did this work, anyway?
2007-09-08 15:58:51 +00:00
Dr. Stephen Henson
1bd06bd0c4
In interactive mode only config OpenSSL once.
2006-05-12 17:11:58 +00:00
Ulf Möller
fb05e1cdf6
declare as in prototype
...
Submitted by: Gisle Vanem
2006-04-12 19:24:45 +00:00