generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
12,704 Commits 16 Branches 258 Tags
Commit Graph

6451 Commits

Author SHA1 Message Date
Ben Laurie
f00c54ae2e Fix warning. 2013-01-06 19:03:48 +00:00
Dr. Stephen Henson
c1faa8b5b2 make no-comp compile 2012-12-30 16:04:51 +00:00
Dr. Stephen Henson
bdcf772aa5 Portability fix: use BIO_snprintf and pick up strcasecmp alternative 
definitions from e_os.h
 2012-12-26 23:51:56 +00:00
Dr. Stephen Henson
2dabd82236 Make partial chain checking work if we only have the EE certificate in 
the trust store.
 2012-12-21 18:31:32 +00:00
Dr. Stephen Henson
0028a23b9f revert OCSP_basic_verify changes: they aren't needed now we support partial chain verification and can pass verify options to ocsp utility 2012-12-20 18:51:00 +00:00
Andy Polyakov
0a2d5003df dso/dso_win32.c: fix compiler warning. 2012-12-18 18:19:54 +00:00
Andy Polyakov
f469880c61 d1_lib.c,bss_dgram.c: eliminate dependency on _ftime. 2012-12-16 19:02:59 +00:00
Dr. Stephen Henson
e9754726d2 Check chain is not NULL before assuming we have a validated chain. 
The modification to the OCSP helper purpose breaks normal OCSP verification.
It is no longer needed now we can trust partial chains.
 2012-12-15 02:58:00 +00:00
Dr. Stephen Henson
2a21cdbe6b Use new partial chain flag instead of modifying input parameters. 2012-12-13 18:20:47 +00:00
Dr. Stephen Henson
51e7a4378a New verify flag to return success if we have any certificate in the 
trusted store instead of the default which is to return an error if
we can't build the complete chain.
 2012-12-13 18:14:46 +00:00
Ben Laurie
b204ab6506 Update ignores. 2012-12-11 15:52:10 +00:00
Ben Laurie
ec40e5ff42 Tabification. Remove accidental duplication. 2012-12-10 16:52:17 +00:00
Ben Laurie
30c278aa6b Fix OCSP checking. 2012-12-07 18:47:47 +00:00
Dr. Stephen Henson
abd2ed012b Fix two bugs which affect delta CRL handling: 
Use -1 to check all extensions in CRLs.
Always set flag for freshest CRL.
 2012-12-06 18:24:28 +00:00
Dr. Stephen Henson
3bf15e2974 Integrate host, email and IP address checks into X509_verify. 
Add new verify options to set checks.

Remove previous -check* commands from s_client and s_server.
 2012-12-05 18:35:20 +00:00
Andy Polyakov
8df400cf8d aes-s390x.pl: fix XTS bugs in z196-specific code path. 2012-12-05 17:44:45 +00:00
Andy Polyakov
3766e7ccab ghash-sparcv9.pl: shave off one more xmulx, improve T3 performance by 7%. 2012-12-04 20:21:24 +00:00
Dr. Stephen Henson
2e8cb108dc initial support for delta CRL generations by diffing two full CRLs 2012-12-04 18:35:36 +00:00
Andy Polyakov
f91926a240 cryptlib.c: fix logical error. 2012-12-01 18:24:20 +00:00
Andy Polyakov
9282c33596 aesni-x86_64.pl: CTR face lift, +25% on Bulldozer. 2012-12-01 18:20:39 +00:00
Andy Polyakov
c3cddeaec8 aes-s390x.pl: harmonize software-only code path [and minor optimization]. 2012-12-01 11:06:19 +00:00
Dr. Stephen Henson
2fceff5ba3 PR: 2803 
Submitted by: jean-etienne.schwartz@bull.net

In OCSP_basic_varify return an error if X509_STORE_CTX_init fails.
 2012-11-29 19:15:14 +00:00
Dr. Stephen Henson
f404278186 add wrapper function for certificate download 2012-11-29 01:15:09 +00:00
Dr. Stephen Henson
68f5500d31 constify 2012-11-29 01:13:38 +00:00
Dr. Stephen Henson
6f9076ff37 Generalise OCSP I/O functions to support dowloading of other ASN1 
structures using HTTP. Add wrapper function to handle CRL download.
 2012-11-28 16:22:53 +00:00
Andy Polyakov
904732f68b C64x+ assembly pack: improve EABI support. 2012-11-28 13:19:10 +00:00
Andy Polyakov
cf5ecc3e1f Update support for Intel compiler: add linux-x86_64-icc and fix problems. 2012-11-28 13:05:13 +00:00
Dr. Stephen Henson
2c340864be New functions to set lookup_crls callback and to retrieve internal X509_STORE 
from X509_STORE_CTX.
 2012-11-27 23:47:48 +00:00
Andy Polyakov
cd68694646 AES for SPARC T4: add XTS, reorder subroutines to improve TLB locality. 2012-11-24 21:55:23 +00:00
Dr. Stephen Henson
46a6cec699 Reorganise parameters for OPENSSL_gmtime_diff. 
Make ASN1_UTCTIME_cmp_time_t more robust by using the new time functions.
 2012-11-21 14:13:20 +00:00
Dr. Stephen Henson
472af806ce Submitted by: Florian Weimer <fweimer@redhat.com> 
PR: 2909

Update test cases to cover internal error return values.

Remove IDNA wildcard filter.
 2012-11-21 14:10:48 +00:00
Dr. Stephen Henson
598c423e65 don't use psec or pdays if NULL 2012-11-20 15:20:40 +00:00
Dr. Stephen Henson
360ef6769e first parameter is difference in days, not years 2012-11-20 15:19:53 +00:00
Dr. Stephen Henson
d223dfe641 make depend 2012-11-19 15:13:33 +00:00
Dr. Stephen Henson
1c455bc084 new function ASN1_TIME_diff to calculate difference between two ASN1_TIME structures 2012-11-19 15:12:07 +00:00
Andy Polyakov
9f6b0635ad x86_64-gcc.c: resore early clobber constraint. 
Submitted by: Florian Weimer
 2012-11-19 15:02:00 +00:00
Dr. Stephen Henson
98a7edf9f0 make depend 2012-11-19 13:18:09 +00:00
Dr. Stephen Henson
d88926f181 PR: 2909 
Contributed by: Florian Weimer <fweimer@redhat.com>

Fixes to X509 hostname and email address checking. Wildcard matching support.
New test program and manual page.
 2012-11-18 15:13:55 +00:00
Andy Polyakov
cccf27c89a cryptlib.c: revert typo. 2012-11-17 21:42:57 +00:00
Andy Polyakov
c5cd28bd64 Extend OPENSSL_ia32cap_P with extra word to accomodate AVX2 capability. 2012-11-17 19:04:15 +00:00
Andy Polyakov
b3aee265c5 perlasm/sparcv9_modes.pl: addendum to commit#22966. 2012-11-17 18:34:17 +00:00
Andy Polyakov
68c06bf6b2 Support for SPARC T4 MONT[MUL|SQR] instructions. 
Submitted by: David Miller, Andy Polyakov
 2012-11-17 10:34:11 +00:00
Andy Polyakov
98dc178494 aes-x86_64.pl: Atom-specific optimizations, +10%. 
vpaes-x86_64.pl: minor performance squeeze.
 2012-11-12 17:52:41 +00:00
Andy Polyakov
89f1eb8213 aes-586.pl: Atom-specific optimization, +44/29%, minor improvement on others. 
vpaes-x86.pl: minor performance squeeze.
 2012-11-12 17:50:19 +00:00
Andy Polyakov
f717abd7c1 ppccap.c: fix typo. 2012-11-10 20:27:18 +00:00
Andy Polyakov
d5630dd60e ppccap.c: restrict features on AIX 5. 2012-11-10 20:24:51 +00:00
Andy Polyakov
134c00659a bn_word.c: fix overflow bug in BN_add_word. 2012-11-09 13:58:40 +00:00
Andy Polyakov
96a4cf8c29 crypto/modes: even more strict aliasing fixes [and fix bug in cbc128.c from 
previous cbc128.c commit].
 2012-11-05 17:03:39 +00:00
Ben Laurie
da01515c40 More strict aliasing fix. 2012-11-05 14:23:55 +00:00
Dr. Stephen Henson
7c43ea50fd correct error function code 2012-11-05 13:34:29 +00:00