Ben Laurie
0849d13811
Add syslogging BIO.
1999-02-22 21:21:08 +00:00
Ben Laurie
06ab81f9f7
Add support for new TLS export ciphersuites.
1999-02-21 20:03:24 +00:00
Dr. Stephen Henson
deff75b634
Add preliminary user level config documentation for extension stuff. Programming
...
info will come later...
Feel free to reformat and tidy this up...
1999-02-21 17:41:08 +00:00
Dr. Stephen Henson
0c8a1281d0
Make RSA_NO_PADDING really use no padding.
...
Submitted by: Ulf Moeller <ulf@fitug.de>
1999-02-21 17:39:07 +00:00
Ben Laurie
4004dbb7f6
Generate errors when public/private key check is done.
1999-02-20 11:50:07 +00:00
Dr. Stephen Henson
0ca5f8b15c
Overhaul 'crl' application, add a proper X509_CRL_print function and start
...
to support CRL extensions.
1999-02-19 01:29:29 +00:00
Dr. Stephen Henson
3d8accc3ae
Fuller authority key id support, partial support for private key usage extension
...
and really fix the ASN.1 IMPLICIT bug this time :-)
1999-02-17 23:21:01 +00:00
Ben Laurie
a49498969e
Add OAEP.
1999-02-17 21:11:08 +00:00
Mark J. Cox
413c4f45ed
Updates to the new SSL compression code
...
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
Fix so that the version number in the master secret, when passed
via RSA, checks that if TLS was proposed, but we roll back to SSLv3
(because the server will not accept higher), that the version number
is 0x03,0x01, not 0x03,0x00
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
Submitted by:
Reviewed by:
PR:
1999-02-16 09:22:21 +00:00
Dr. Stephen Henson
a8236c8c32
Fix various memory leaks in SSL, apps and DSA
1999-02-15 21:05:21 +00:00
Dr. Stephen Henson
388ff0b076
Add support for raw extensions. This means that you can include the DER encoding
...
of an arbitrary extension: e.g. 1.3.4.5=critical,RAW:12:34:56 Using this
technique currently unsupported extensions can be generated if you know their
DER encoding. Even if the extension is supported in future the raw extension
will still work: that is the raw version can always be used even if it is a
supported extension.
1999-02-14 16:48:22 +00:00
Ralf S. Engelschall
6013fa8395
Make sure latest Perl versions don't interpret some generated C array as Perl
...
array code in the crypto/err/err_genc.pl script.
Submitted by: Lars Weber <3weber@informatik.uni-hamburg.de>
Reviewed by: Ralf s. Engelschall
1999-02-14 13:21:52 +00:00
Dr. Stephen Henson
5c00879ef0
More Win32 fixes and upsdate INSTALL.W32 documentation.
1999-02-14 00:40:13 +00:00
Dr. Stephen Henson
9becf66621
Oops... add other changes this time too.
1999-02-13 23:13:32 +00:00
Ben Laurie
4e31df2cd7
Fix ghastly DES declarations, and all consequential warnings.
1999-02-13 18:52:38 +00:00
Dr. Stephen Henson
e4119b9311
Fix typo in asn1.h (PRINTABLESTRING_STRING) and fix a bug in object creation
...
perl script. It failed if the OID had any zeros in it.
1999-02-13 17:15:32 +00:00
Ben Laurie
4a71b90deb
Add support for 3DES CBCM mode.
1999-02-13 15:03:47 +00:00
Ben Laurie
436d318c80
In the absence of feedback either way, commit the fix that looks right for
...
wrong keylength with export null ciphers.
1999-02-13 12:39:50 +00:00
Dr. Stephen Henson
55a9cc6e47
Make the 'crypto' and 'ssl' options in the perl script mkdef.pl really work,
...
also add an 'update' option to automatically append any new functions to the
ssleay.num and libeay.num files.
1999-02-11 01:39:30 +00:00
Ralf S. Engelschall
8073036dd6
Overhauled the Perl interface (perl/*):
...
- ported BN stuff to OpenSSL's different BN library
- made the perl/ source tree CVS-aware
- renamed the package from SSLeay to OpenSSL (the files still contain
their history because I've copied them in the repository)
- removed obsolete files (the test scripts will be replaced
by better Test::Harness variants in the future)
1999-02-10 09:38:31 +00:00
Ralf S. Engelschall
483fdf1883
Remember the cleanup
1999-02-10 08:34:01 +00:00
Dr. Stephen Henson
175b0942ec
More extension code. Incomplete support for subject and issuer alt
...
name, issuer and authority key id. Change the i2v function parameters
and add an extra 'crl' parameter in the X509V3_CTX structure: guess
what that's for :-) Fix to ASN1 macro which messed up
IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED.
1999-02-10 01:12:59 +00:00
Dr. Stephen Henson
bceacf938f
Support for ASN1 ENUMERATED type. This copies and duplicates the ASN1_INTEGER
...
code and adds support to ASN1_TYPE and asn1parse.
1999-02-09 01:29:37 +00:00
Mark J. Cox
351d899878
Add new function, EVP_MD_CTX_copy() to replace frequent use of memcpy.
...
Submitted by: Eric A Young - from changes to C2Net SSLeay
Reviewed by: Mark Cox
PR:
1999-01-31 12:14:39 +00:00
Ralf S. Engelschall
b621d77258
Make sure make rehash' target really finds the
openssl' program.
1999-01-31 11:10:10 +00:00
Ben Laurie
a96e7810e2
Squeeze a bit more speed out of MD5 assembler.
1999-01-30 17:53:00 +00:00
Ralf S. Engelschall
e04a6c2b35
Add CygWin32 platform information to Configure script.
...
Submitted by: Alan Batie <batie@aahz.jf.intel.com>
1999-01-30 11:50:48 +00:00
Ralf S. Engelschall
0172f988c7
Fixed ms/32all.bat script: no_asm' ->
no-asm'
...
Submitted by: Rainer W. Gerling <gerling@mpg-gv.mpg.de>
Reviewed by: Ralf S. Engelschall
1999-01-30 11:36:05 +00:00
Dr. Stephen Henson
79dfa97555
New program 'nseq' added to apps to allow Netscape certificate sequences to
...
be pulled apart and built.
1999-01-29 23:34:19 +00:00
Dr. Stephen Henson
9fe84296a4
Allow the -certfile argument to be used multiple times in crl2pkcs7.
...
Also fix typos in the usage messages: "inout" instead of "input".
1999-01-29 01:53:55 +00:00
Mark J. Cox
a0a5407901
Fixes to BN code. Previously the default was to define BN_RECURSION
...
but the BN code had some problems that would cause failures when
doing certificate verification and some other functions.
Submitted by: Eric A Young from a C2Net version of SSLeay
Reviewed by: Mark J Cox
PR:
1999-01-28 10:40:38 +00:00
Dr. Stephen Henson
92c046cac0
Add ASN1 code for netscape certificate sequences.
1999-01-28 00:16:44 +00:00
Dr. Stephen Henson
a27598bf7e
Add a few extended key usage OIDs.
1999-01-26 23:13:14 +00:00
Dr. Stephen Henson
b2347661ce
Still more X509 V3 stuff. Modify ca.c to work with the new code and modify
...
openssl.cnf for the new syntax.
1999-01-26 01:19:27 +00:00
Dr. Stephen Henson
f317aa4c9c
More X509 V3 stuff. Add support for extensions in the 'req' application
...
so that: openssl req -x509 -new -out cert.pem
will take extensions from openssl.cnf a sample for a CA is included.
Also change the directory order so pem is nearer the end. Otherwise 'make links'
wont work because pem.h can't be built.
1999-01-25 01:09:21 +00:00
Dr. Stephen Henson
834eeef995
Continuing adding X509 V3 support. This starts to integrate the code with
...
the main library, but only with printing at present. To see this try:
openssl x509 -in cert.pem -text
on a certificate with some extensions in it.
1999-01-24 17:50:32 +00:00
Dr. Stephen Henson
9aeaf1b4a7
Initial addition of new X509 V3 files, tidy of old files.
1999-01-24 00:50:01 +00:00
Dr. Stephen Henson
9b5cc156f3
Continued patches so certificates and CRLs now can support and use
...
GeneralizedTime.
1999-01-20 00:14:40 +00:00
Ben Laurie
8039257dbc
Finally lay dependencies to rest (I hope!).
1999-01-19 21:36:31 +00:00
Ben Laurie
b13a155492
Spelling mistake.
1999-01-19 19:18:20 +00:00
Dr. Stephen Henson
6c8abdd744
New err_code.pl script to retain old error codes. This should allow the use
...
of 'make errors' without causing huge re-organisations of files when a new
code is added.
1999-01-18 22:18:38 +00:00
Ben Laurie
649cdb7be9
Fix major cockup with short keys in CAST-128.
1999-01-17 16:26:24 +00:00
Dr. Stephen Henson
fdd3b64215
Update CHANGES for GeneralizedTime info.
1999-01-17 15:10:33 +00:00
Ben Laurie
dabba1104b
Correct Linux 1 recognition.
...
Contributed by: Ulf Möller <ulf@fitug.de>
1999-01-17 14:20:20 +00:00
Ben Laurie
512d222830
Remove pointless MD5 hash.
...
Contributed by: Anonymous <nobody@replay.com>
1999-01-17 14:14:41 +00:00
Ben Laurie
2c1ef383ae
Generate an error on an invalid directory.
1999-01-17 14:10:08 +00:00
Ben Laurie
c3ae9a4851
More prototypes.
1999-01-16 18:46:23 +00:00
Dr. Stephen Henson
ee13f9b165
Fix parameters to dummy function BN_ref_mod_exp().
1999-01-14 18:25:07 +00:00
Dr. Stephen Henson
27eb622b78
Submitted by: Neil Costigan <neil.costigan@celocom.com>
...
PR:
1999-01-14 18:21:57 +00:00
Dr. Stephen Henson
2d723902a0
Fix OBJ_txt2nid(): old function was broken when input used the "dot" form, e.g.
...
1.2.3.4 . Also added new function OBJ_txt2obj().
1999-01-12 18:40:33 +00:00
Ben Laurie
a6801a91cd
Add prototype, fix parameter passing bug.
1999-01-10 20:36:02 +00:00
Ben Laurie
50acf46b92
Sort openssl functions by name.
1999-01-09 19:15:59 +00:00
Dr. Stephen Henson
7f9b7b074d
Fix the gendsa program and add it to the app list. The progs.h file is
...
auto generated but not auto updated so it is included. Also remove the
encryption from the sample DSA keys.
1999-01-09 17:29:34 +00:00
Ben Laurie
e03ddfae7e
Accept NULL in *_free.
1999-01-07 19:15:59 +00:00
Ben Laurie
6fa89f94c4
Fix DH key generation.
...
Contributed by: Anonymous <nobody@replay.com>
1999-01-07 00:37:01 +00:00
Ben Laurie
c13d4799dd
Send the right CAs to the client.
1999-01-07 00:16:37 +00:00
Ben Laurie
bc4deee07a
Fix numeric -newkey args.
...
Contributed by: Bodo Moeller <3moeller@informatik.uni-hamburg.de>
1999-01-07 00:10:32 +00:00
Ben Laurie
5b00115ab0
Fix export tests.
1999-01-06 23:18:08 +00:00
Ben Laurie
f8c3c05db9
Make the world a safer place (if people object to this kind of change, speak up
...
soon - I intend to do a lot of it!).
1999-01-06 22:53:34 +00:00
Dr. Stephen Henson
384c479c85
Oops! update CHANGES file properly.
1999-01-06 01:41:21 +00:00
Dr. Stephen Henson
ad65ce755e
Fix things so DH_free() will be no-op when passed NULL, like RSA_free() and
...
DSA_free(): this was causing crashes when for example an attempt was made
to handle a (currently) unsupported DH public key. Also X509_PUBKEY_set()i
wasn't checking errors from d2i_PublicKey().
1999-01-06 01:39:24 +00:00
Ben Laurie
e416ad9772
Free the right thing.
1999-01-04 21:43:32 +00:00
Ben Laurie
4a18cddd16
Only free if it ain't NULL.
1999-01-04 21:39:34 +00:00
Ben Laurie
bb65e20b1c
Remove the bugfix that was really a bug.
...
Submitted by: Arne Ansper <arne@ats.cyber.ee>
1999-01-04 20:11:31 +00:00
Ben Laurie
b5e406f755
Pass on BIO_CTRL_FLUSH.
...
Submitted by: Arne Ansper <arne@ats.cyber.ee>
1999-01-04 19:55:12 +00:00
Ralf S. Engelschall
cb0f35d716
Make sure the already existing X509_STORE->depth variable is initialized
...
in X509_STORE_new(), but document the fact that this variable is still
unused in the certificate verification process.
1999-01-03 15:31:11 +00:00
Dr. Stephen Henson
cfcf645356
Make sure applications free up pkey structures and add netscape extension
...
handling to x509.c
1999-01-03 01:08:33 +00:00
Ben Laurie
cdbb8c2f26
Fix reference counting.
1999-01-02 19:04:27 +00:00
Ralf S. Engelschall
06d5b16225
First cut of a cleanup for apps/. First the `ssleay' program is now named
...
`openssl' and second, the shortcut symlinks for the `openssl <command>' are no
longer created. This way we have a single and consistent command line
interface `openssl <command>', similar to `cvs <command>'.
Notice, the openssl.cnf, openssl.c and progs.pl files were changed after a
repository copy, i.e. they still contain the complete file history.
1999-01-02 12:59:33 +00:00
Dr. Stephen Henson
c35f549e8b
Move DSA test in ca.c inside #ifdef and make pubkey BIT STRING always have
...
zero unused bits.
1999-01-02 01:53:06 +00:00
Dr. Stephen Henson
ebc828cad9
Add extended key usage OID and update STATUS file.
1999-01-01 18:43:44 +00:00
Paul C. Sutton
79e259e3ce
Make the installation documentation easier to follow.
1999-01-01 14:04:07 +00:00
Paul C. Sutton
56ee3117a5
Makefiles updated to exit if an error occurs in a sub-directory make
...
(including if user presses ^C)
1999-01-01 12:51:11 +00:00
Ben Laurie
6063b27bb6
Document recent changes.
1998-12-31 17:11:46 +00:00
Ralf S. Engelschall
9cb0969f65
Fix version stuff:
...
1. The already released version was 0.9.1c and not 0.9.1b
2. The next release should be 0.9.2 and not 0.9.1d, because
first the changes are already too large, second we should avoid any more
0.9.1x confusions and third, the Apache version semantics of
VERSION.REVISION.PATCHLEVEL for the version string is reasonable (and here
.2 is already just a patchlevel and not major change).
tVS: ----------------------------------------------------------------------
1998-12-31 09:36:40 +00:00
stephen
792a90020f
Update CHANGES file for latest additions
1998-12-31 01:35:07 +00:00
Ralf S. Engelschall
88fce97953
MIME encoding and ISO chars at the same time messes up the stuff
1998-12-30 23:09:13 +00:00
Ralf S. Engelschall
ce72df1c6a
Ops, forgot to commit the changes entry in recent commit...
1998-12-30 23:07:32 +00:00
Ben Laurie
4098e89cbf
Fix incorrect DER encoding of SETs and all knock-ons from that.
1998-12-29 21:43:55 +00:00
Ben Laurie
03f8b04277
Add prototypes. Make Montgomery stuff explicitly for that purpose.
1998-12-29 17:22:31 +00:00
Ben Laurie
8d7ed6ff90
Deal with generated files.
1998-12-28 21:58:19 +00:00
Ben Laurie
9228157c07
Typo.
1998-12-28 17:15:43 +00:00
Ben Laurie
5dcdcd475c
Autodetect FreeBSD 3.
1998-12-28 17:14:28 +00:00
Ben Laurie
1641cb6043
Add strictness, fix variable substition bugs.
1998-12-28 17:08:48 +00:00
Ralf S. Engelschall
ae82b46ffb
Test for new CVS repository
1998-12-26 12:42:56 +00:00
Ralf S. Engelschall
320a14cb5b
*** empty log message ***
1998-12-23 12:09:47 +00:00
Ralf S. Engelschall
f10a5c2a96
*** empty log message ***
1998-12-23 08:18:47 +00:00
Ralf S. Engelschall
9ce5db45be
*** empty log message ***
1998-12-23 07:58:53 +00:00
Ralf S. Engelschall
9acc2aa6d1
*** empty log message ***
1998-12-23 07:42:26 +00:00
Ralf S. Engelschall
f1c236f849
Switch to OpenSSL name
1998-12-23 07:38:54 +00:00
Ralf S. Engelschall
13e91dd365
Incorporation of RSEs assembled patches
1998-12-22 15:59:57 +00:00
Ralf S. Engelschall
651d0aff98
Various cleanups and fixed by Marc and Ralf to start the OpenTLS project
1998-12-22 15:04:48 +00:00