only happened when the port number wasn't parsable ot the host wasn't
possible to convert to an IP address.
Contributed by Niko Baric <Niko.Baric@epost.de>
Add protoype for OCSP_response_create().
Add OCSP_request_sign() and OCSP_basic_sign()
private key and certificate checks and make
OCSP_NOCERTS consistent with PKCS7_NOCERTS
certificates.
One is a valid CA which has no basicConstraints
but does have certSign keyUsage.
Other is S/MIME signer with nonRepudiation but
no digitalSignature.
like spaces before the semicolon, and besides, other parts of this
file makes the values without those spaces), and move spacing of
continuation lines to support BIO's that break lines after each
write.
OCSP requests. It can also query reponders and parse or
print out responses.
Still needs some more work: OCSP response checks and
of course documentation.
invalid format in OCSP request signatures.
Add spaces to OCSP HTTP header.
Change X509_NAME_set() there's no reason
why it should return an error if the
destination points to NULL... though it
should if the destination is NULL.
but will verify the signatures on a response
and locate the signers certifcate.
Still needs to implement a proper OCSP certificate
verify.
Fix warning in RAND_egd().
allocation callbacks so that it is no longer visible to applications
that these live at a different call level than conventional memory
allocation callbacks.
handling routines that need file name and line number information,
I've added a call level to our memory handling routines to allow that
kind of hooking.
only queried when the /dev/[u]random devices did not return enough
entropy. Only the amount of entropy missing to reach the required minimum
is queried, as EGD may be drained.
Queried locations are: /etc/entropy, /var/run/egd-pool
"doall" functions to using type-safe wrappers. As and where required, this
can be replaced by redeclaring the underlying callbacks to use the
underlying "void"-based prototypes (eg. if performance suffers from an
extra level of function invocation).
around the callbacks required in the LHASH code for the "doall" functions.
Also - fix the evil function pointer casting in the two lh_doall functions
by deferring to a static utility function. Previously lh_doall() was
invoking lh_doall_arg() by casting the callback to the 2-parameter
prototype and passing in a NULL argument. This appears to have been working
thus far but it's not a hot idea. If the extra level of indirection becomes
a performance hit, we can just provide two virtually identical
implementations for each variant later on.
LHASH code, this evil was uncovered. The cast was obscuring the fact that
the function was prototyped to take 2 parameters when in fact it is being
used as a callback that should take only one. Anyway, the function itself
ignores the second parameter (thankfully). A proper cure is on the way but
for now this corrects the inconsistency.
