Commit graph

96 commits

Author SHA1 Message Date
Dr. Stephen Henson
961092281f Add option to allow in-band CRL loading in verify utility. Add function
load_crls and tidy up load_certs. Remove useless purpose variable from
verify utility: now done with args_verify.
2009-10-31 13:34:19 +00:00
Dr. Stephen Henson
0c690586e0 PR: 2064, 728
Submitted by: steve@openssl.org

Add support for custom headers in OCSP requests.
2009-09-30 21:41:53 +00:00
Dr. Stephen Henson
f45e8c7bdd PR: 2000
Submitted by: 	Vadim Zeitlin <vz-openssl@zeitlins.org>
Approved by: steve@openssl.org

Make no-comp compile without warnings.
2009-08-05 15:29:14 +00:00
Dr. Stephen Henson
4386445c18 Change STRING to OPENSSL_STRING etc as common words such
as "STRING" cause conflicts with other headers/libraries.
2009-07-27 21:08:53 +00:00
Dr. Stephen Henson
79bd20fd17 Update from stable-branch. 2008-11-24 17:27:08 +00:00
Ben Laurie
f3b7bdadbc Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks. 2008-11-16 12:47:12 +00:00
Dr. Stephen Henson
ed551cddf7 Update from stable branch. 2008-11-12 17:28:18 +00:00
Ben Laurie
6caa4edd3e Add JPAKE. 2008-10-26 18:40:52 +00:00
Geoff Thorpe
4c3296960d Remove the dual-callback scheme for numeric and pointer thread IDs,
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).

Thanks to Bodo, for invaluable review and feedback.
2008-08-06 15:54:15 +00:00
Geoff Thorpe
5f834ab123 Revert my earlier CRYPTO_THREADID commit, I will commit a reworked
version some time soon.
2008-07-03 19:59:25 +00:00
Dr. Stephen Henson
c451bd828f Avoid case in ca.c fix. 2008-06-02 12:10:06 +00:00
Dr. Stephen Henson
dd043cd501 Stop const mismatch warning in VC++. 2008-05-31 18:55:23 +00:00
Ben Laurie
3c1d6bbc92 LHASH revamp. make depend. 2008-05-26 11:24:29 +00:00
Geoff Thorpe
f7ccba3edf There was a need to support thread ID types that couldn't be reliably cast
to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed
version was added but it required portable code to check *both* modes to
determine equality. This commit maintains the availability of both thread
ID types, but deprecates the type-specific accessor APIs that invoke the
callbacks - instead a single type-independent API is used.  This simplifies
software that calls into this interface, and should also make it less
error-prone - as forgetting to call and compare *both* thread ID accessors
could have led to hard-to-debug/infrequent bugs (that might only affect
certain platforms or thread implementations). As the CHANGES note says,
there were corresponding deprecations and replacements in the
thread-related functions for BN_BLINDING and ERR too.
2008-03-28 02:49:43 +00:00
Dr. Stephen Henson
8931b30d84 And so it begins...
Initial support for CMS.

Add zlib compression BIO.

Add AES key wrap implementation.

Generalize S/MIME MIME code to support CMS and/or PKCS7.
2008-03-12 21:14:28 +00:00
Dr. Stephen Henson
67c8e7f414 Support for certificate status TLS extension. 2007-09-26 21:56:59 +00:00
Dr. Stephen Henson
2022cfe07e New -mac and -macopt options to dgst utility. Reimplement -hmac option in
terms of new API.
2007-04-11 17:20:40 +00:00
Dr. Stephen Henson
7bf7333d68 If we include winsock2.h then FD_SET wants an unsigned type for an fd. 2006-04-17 12:22:13 +00:00
Dr. Stephen Henson
4a3dc3c0e3 Add RSA ctrl for padding mode, add ctrl support in pkeyutl. 2006-04-09 12:42:09 +00:00
Dr. Stephen Henson
a9164153d1 Reformat pkeyutl.c, add support for verify operation but nothing actually
supports it (yet).
2006-04-08 22:25:47 +00:00
Dr. Stephen Henson
246e09319c Fix bug where freed OIDs could be accessed in EVP_cleanup() by
defering freeing in OBJ_cleanup().
2006-03-28 17:23:48 +00:00
Andy Polyakov
0a39d8f207 Collect timing procedures in apps/apps.c. It's a bit cruel patch, as it
temporarily[!] removes support for couple of esoteric platforms [well,
Netware, vxWorks and VMS].
2005-11-06 11:40:59 +00:00
Andy Polyakov
a1ad253f17 Eliminate remaining calls to stat in apps/apps.c and unify WIN32_rename for
all Windows targets.
2005-11-04 16:12:05 +00:00
Andy Polyakov
ffa101872f Eliminate dependency on read/write/stat in apps under _WIN32. 2005-11-04 09:30:55 +00:00
Andy Polyakov
53261831f1 Get rid of arcane reference to _fmode in apps/apps.h. Binary open is
handles properly by bss_file.c, which renders _fmode redundant.
2005-11-03 16:42:57 +00:00
Dr. Stephen Henson
a0156a926f Integrated support for PVK files. 2005-08-31 16:37:54 +00:00
Dr. Stephen Henson
eea374fd19 Command line support for RSAPublicKey format. 2005-08-21 00:18:26 +00:00
Dr. Stephen Henson
f68854b4c3 Various Win32 and other fixes for warnings and compilation errors.
Fix Win32 build system to use 'Makefile' instead of 'Makefile.ssl'.
2005-04-19 00:12:36 +00:00
Nils Larsch
ff990440ee const fixes 2005-04-15 18:29:33 +00:00
Nils Larsch
7d727231b7 some const fixes 2005-04-05 19:11:19 +00:00
Dr. Stephen Henson
c431798e82 Reformat smime utility.
Add support for policy checking in verify utility.
2004-09-07 18:38:46 +00:00
Dr. Stephen Henson
5d7c222db8 New X509_VERIFY_PARAM structure and associated functionality.
This tidies up verify parameters and adds support for integrated policy
checking.

Add support for policy related command line options. Currently only in smime
application.

WARNING: experimental code subject to change.
2004-09-06 18:43:01 +00:00
Geoff Thorpe
f0eae953e2 Remove some unnecessary recursive includes from the internal apps.h header,
and include bn.h in those C files that need bignum functionality.
2004-05-17 19:05:32 +00:00
Dr. Stephen Henson
64674bcc8c Reduce chances of issuer and serial number duplication by use of random
initial serial numbers.

PR: 842
2004-04-20 12:05:26 +00:00
Richard Levitte
03ddbdd9b9 Move another common functionality (reproduced so far with cut'n'paste)
to apps.c, and give it the hopefully descriptive name parse_yesno().
2003-11-28 14:45:09 +00:00
Richard Levitte
d45a098472 Forgot to change the declaration of do_subject() to one of parse_name()... 2003-11-28 14:18:05 +00:00
Richard Levitte
7ce9e425bc Allow multi-valued rdns in subjects. This adds the -multivalue-rdn option
to 'openssl req' and 'openssl ca'.

PR: 779
Submitted by: Michael Bell <michael.bell@cms.hu-berlin.de>
Reviewed by: Richard Levitte

(there will be some follow-up changes)
2003-11-28 14:04:09 +00:00
Richard Levitte
4d8743f490 Netware-specific changes,
PR: 780
Submitted by: Verdon Walker <VWalker@novell.com>
Reviewed by: Richard Levitte
2003-11-28 13:10:58 +00:00
Richard Levitte
e6fa67fa93 Generalise the definition of strcasecmp() and strncasecmp() for
platforms that don't (necessarely) have it.  In the case of VMS, this
means moving a couple of functions from apps/ to crypto/ and make them
general (although only used privately).
2003-09-09 14:48:36 +00:00
Richard Levitte
4c771796d5 Convert save_serial() to work like save_index(), and add a
rotate_serial() that works like rotate_index().
2003-04-04 15:10:35 +00:00
Richard Levitte
f85b68cd49 Make it possible to have multiple active certificates with the same
subject.
2003-04-03 16:33:03 +00:00
Richard Levitte
0b13e9f055 Add the possibility to build without the ENGINE framework.
PR: 287
2003-01-30 17:39:26 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Richard Levitte
ca80756c70 VMS below version 7 doesn't have strcasecmp, so let's roll our own on VMS.
PR: 184
2002-10-10 09:05:05 +00:00
Richard Levitte
0e2cc42cfb Make sure that the 'config' variable is correctly defined and declared
for monolithic as well as non-monolithic biuld.
More work is probably needed in this area.
PR: 144
2002-10-09 15:36:23 +00:00
Richard Levitte
da9b972466 Make it possible to load keys from stdin, and restore that
functionality in the programs that had that before.
Part fo PR 164
2002-08-01 16:28:40 +00:00
Lutz Jänicke
40889b9cd3 Add missing prototypes.
Submitted by: Goetz Babin-Ebell <babinebell@trustcenter.de>
PR: 89
2002-06-13 17:40:27 +00:00
Dr. Stephen Henson
eee6c81af8 Reorganise -subj option code, fix buffer overrun. 2002-05-19 16:31:10 +00:00
Dr. Stephen Henson
0dc092334b ENGINE module additions.
Add "init" command to control ENGINE
initialization.

Call ENGINE_finish on initialized ENGINEs on exit.

Reorder shutdown in apps.c: modules should be shut
down first.

Add test private key loader to openssl ENGINE: this
just loads a private key in PEM format.

Fix print format for dh length parameter.
2002-03-06 14:15:13 +00:00
Dr. Stephen Henson
032c49b8b3 non-Monolith fixes.
Submitted by Andrew W. Gray <agray@iconsinc.com>
2002-02-22 21:21:18 +00:00