generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
9,867 Commits 16 Branches 258 Tags 86 MiB
68b33cc5c7
Commit Graph

1401 Commits

Author SHA1 Message Date
Dr. Stephen Henson
8b354e776b PR: 2161 
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.

Make no-dsa, no-ecdsa and no-rsa compile again.
 2010-02-02 13:36:05 +00:00
Dr. Stephen Henson
ffa304c838 oops, revert more test code arghh! 2010-01-28 17:52:18 +00:00
Dr. Stephen Henson
df21765a3e In engine_table_select() don't clear out entire error queue: just clear 
out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise
errors from other sources (e.g. SSL library) can be wiped.
 2010-01-28 17:50:23 +00:00
Dr. Stephen Henson
1699389a46 Tolerate PKCS#8 DSA format with negative private key. 2010-01-22 20:17:30 +00:00
Dr. Stephen Henson
93fac08ec3 PR: 2136 
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>

Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
 2010-01-12 17:27:11 +00:00
Andy Polyakov
496cf69e40 Fix compilation on older Linux [from HEAD]. 2010-01-06 21:25:22 +00:00
Dr. Stephen Henson
675564835c New option to enable/disable connection to unpatched servers 2009-12-16 20:28:30 +00:00
Dr. Stephen Henson
b52a2738d4 Add ctrl and macro so we can determine if peer support secure renegotiation. 2009-12-08 13:42:32 +00:00
Dr. Stephen Henson
3d5d81bf39 Replace the broken SPKAC certification with the correct version. 2009-12-02 14:41:24 +00:00
Richard Levitte
370f48da2a Typo 2009-11-12 14:03:57 +00:00
Dr. Stephen Henson
73582b8117 add missing parts of reneg port, fix apps patch 2009-11-11 14:51:29 +00:00
Dr. Stephen Henson
5c33091cfa commit missing apps code for reneg fix 2009-11-11 14:10:09 +00:00
Dr. Stephen Henson
4a7f7171f5 Add missing functions to allow access to newer X509_STORE_CTX status 
information. Add more informative message to verify callback to indicate
when CRL path validation is taking place.
 2009-10-31 19:21:47 +00:00
Dr. Stephen Henson
961092281f Add option to allow in-band CRL loading in verify utility. Add function 
load_crls and tidy up load_certs. Remove useless purpose variable from
verify utility: now done with args_verify.
 2009-10-31 13:34:19 +00:00
Dr. Stephen Henson
90528846e8 Add -no_cache option to s_server 2009-10-28 17:49:37 +00:00
Dr. Stephen Henson
c679fb298e Add new function X509_STORE_set_verify_cb and use it in apps 2009-10-18 14:42:27 +00:00
Dr. Stephen Henson
595e804ae3 Fix for WIN32 (and possibly other platforms) which don't define in_port_t. 2009-10-15 18:48:47 +00:00
Dr. Stephen Henson
28418076b2 PR: 2069 
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

IPv6 support for DTLS.
 2009-10-15 17:41:44 +00:00
Dr. Stephen Henson
abdfdb029e PR: 1847 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Integrated patches to CA.sh to bring it into line with CA.pl functionality.
 2009-10-15 17:27:47 +00:00
Dr. Stephen Henson
8465b81d50 PR: 2066 
Submitted by: Guenter <lists@gknw.net>
Approved by: steve@openssl.org

Add -r option to dgst to produce format compatible with core utilities.
 2009-10-15 17:18:03 +00:00
Dr. Stephen Henson
2280f82fc6 Fix warnings about ignoring fgets return value 2009-10-04 16:43:21 +00:00
Dr. Stephen Henson
804196a418 PR: 2061 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct i2b_PVK_bio error handling in rsa.c, dsa.c
 2009-10-01 00:26:07 +00:00
Dr. Stephen Henson
0c690586e0 PR: 2064, 728 
Submitted by: steve@openssl.org

Add support for custom headers in OCSP requests.
 2009-09-30 21:41:53 +00:00
Dr. Stephen Henson
bc8c5fe58d Free SSL_CTX after BIO 2009-09-30 21:35:26 +00:00
Dr. Stephen Henson
80afb40ae3 Submitted by: Julia Lawall <julia@diku.dk> 
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
 2009-09-13 11:27:27 +00:00
Dr. Stephen Henson
e7209103e6 PR: 2038 
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Approved by: steve@openssl.org

Avoid double call to BIO_free().
 2009-09-11 11:03:31 +00:00
Dr. Stephen Henson
b7e3cb31a5 PR: 2031 
Submitted by: steve@openssl.org

Tolerate application/timestamp-response which some servers send out.
 2009-09-07 17:57:02 +00:00
Dr. Stephen Henson
c0688f1aef Make update, deleting bogus DTLS error code 2009-09-06 15:55:54 +00:00
Dr. Stephen Henson
2e9802b7a7 PR: 2028 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.
 2009-09-04 17:42:06 +00:00
Dr. Stephen Henson
196dcf93bc PR: 2020 
Submitted by: Keith Beckman <kbeckman@mcg.edu>,  Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org

Fix improperly capitalized references to WWW::Curl::Easy.
 2009-09-02 15:57:12 +00:00
Dr. Stephen Henson
e5eb96c83a PR: 2013 
Submitted by: steve@openssl.org

Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.

Add error checking to CRL generation in ca utility when nextUpdate is being
set.
 2009-09-02 13:55:22 +00:00
Dr. Stephen Henson
c9add317a9 Tidy up and fix verify callbacks to avoid structure dereference, use of 
obsolete functions and enhance to handle new conditions such as policy
printing.
 2009-09-02 12:45:19 +00:00
Richard Levitte
82f35daaaf Moving up the inclusion of e_os.h was a bad idea. 
Put it back where it was and place an inclusion of e_os2.h to get platform
macros defined...
 2009-08-26 11:21:50 +00:00
Richard Levitte
cb0d89705b Define EXE_DIR earlier. 
Make sure S_SOCKET also gets compiled with _POSIX_C_SOURCE defined.

Submitted by Zoltan Arpadffy <zoli@polarhome.com>
 2009-08-25 07:25:55 +00:00
Richard Levitte
f49353b42f Move up the inclusion of e_os.h so OPENSSL_SYS_VMS_DECC has a chance 
to be properly defined.
 2009-08-25 07:23:21 +00:00
Dr. Stephen Henson
209abea1db Stop unused variable warning on WIN32 et al. 2009-08-18 11:14:12 +00:00
Dr. Stephen Henson
5a96822f2c Update default dependency flags. 
Make error name discrepancies a fatal error.
Fix error codes.
make update
 2009-08-12 17:08:44 +00:00
Dr. Stephen Henson
a4bade7aac PR: 1997 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS timeout handling fix.
 2009-08-12 13:21:26 +00:00
Dr. Stephen Henson
e322b5d167 Typo 2009-08-10 15:53:11 +00:00
Dr. Stephen Henson
01af4edcfe PR: 1999 
Submitted by: "Bayram Kurumahmut" <kbayram@ubicom.com>
Approved by: steve@openssl.org

Don't use HAVE_FORK in apps/speed.c it can conflict with configured version.
 2009-08-10 15:30:29 +00:00
Dr. Stephen Henson
f45e8c7bdd PR: 2000 
Submitted by: 	Vadim Zeitlin <vz-openssl@zeitlins.org>
Approved by: steve@openssl.org

Make no-comp compile without warnings.
 2009-08-05 15:29:14 +00:00
Dr. Stephen Henson
4386445c18 Change STRING to OPENSSL_STRING etc as common words such 
as "STRING" cause conflicts with other headers/libraries.
 2009-07-27 21:08:53 +00:00
Dr. Stephen Henson
b4c81fb6db Update from 0.9.8-stable 2009-07-24 11:15:55 +00:00
Dr. Stephen Henson
5fda10c6f1 Oops, use right function name... 2009-07-14 15:14:39 +00:00
Dr. Stephen Henson
0190aa7353 Update from HEAD. 2009-07-13 11:40:46 +00:00
Dr. Stephen Henson
a2da5c7daa Make update. 2009-07-08 09:13:24 +00:00
Dr. Stephen Henson
e323afb0ce Update from HEAD. 2009-06-30 16:10:24 +00:00
Dr. Stephen Henson
6e07229564 PR: 1966 
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Reviewed by: steve@openssl.org

Make no-ocsp work properly.
 2009-06-30 15:08:38 +00:00
Dr. Stephen Henson
fa07f00aaf Update from HEAD. 2009-06-29 16:09:58 +00:00
Dr. Stephen Henson
710c1c34d1 Allow checking of self-signed certifictes if a flag is set. 2009-06-26 11:28:52 +00:00
Dr. Stephen Henson
6178da0142 Update from HEAD. 2009-06-17 12:05:51 +00:00
Dr. Stephen Henson
43dc001b62 Update from HEAD. 2009-06-17 11:33:17 +00:00
Dr. Stephen Henson
67d8ab07e6 Stop warning if dtls disabled. 2009-06-05 14:56:48 +00:00
Dr. Stephen Henson
0454f2c490 PR: 1929 
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Updated DTLS MTU bug fix.
 2009-05-17 16:04:21 +00:00
Richard Levitte
006c7c6bb1 Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda). 
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)
 2009-05-15 16:37:08 +00:00
Dr. Stephen Henson
756d2074b8 PR: 1924 
Submitted by: "Green, Paul" <Paul.Green@stratus.com>
Approved by: steve@openssl.org

Fix _POSIX_C_SOURCE usage.
 2009-05-13 11:32:24 +00:00
Richard Levitte
22e1421672 Cast to avoid signedness confusion 2009-04-26 12:16:12 +00:00
Dr. Stephen Henson
7134507de0 Make no-rsa, no-dsa and no-dh compile again. 2009-04-23 17:16:40 +00:00
Dr. Stephen Henson
fe41d9853c Make no-ec work 2009-04-23 16:25:00 +00:00
Dr. Stephen Henson
87a0f4b92e PR: 1902 
Add ecdsa/ecdh algorithms to default for speed utility.
 2009-04-22 17:31:04 +00:00
Dr. Stephen Henson
71d3eaf358 make update. 2009-04-21 15:02:20 +00:00
Dr. Stephen Henson
9990cb75c1 PR: 1894 
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org

Fix various typos and stuff.
 2009-04-16 17:22:51 +00:00
Dr. Stephen Henson
791b7bc715 Fix usage messages and lookup digests later in req command. 
(part of PR #1887)
 2009-04-10 11:00:12 +00:00
Dr. Stephen Henson
19ae090787 Print out registered digest names in dgst utility instead of hard 
coding them. Modify EVP_MD_do_all() to include registered digest name.

This is a modified version of part of PR#1887.
 2009-04-10 10:30:27 +00:00
Dr. Stephen Henson
15671a90a9 PR: 1677 
Submitted by: Vennemann <rvennemann@cool.ms>
Approved by: steve@openssl.org

Call RSA_new() after ENGINE has been set up.
 2009-04-06 21:42:11 +00:00
Dr. Stephen Henson
326794e9c6 Change default openssl.cnf to only use issuer+serial option in AKID if no 
SKID.
 2009-04-04 18:09:43 +00:00
Dr. Stephen Henson
6abbc68188 PR: 1870 
Submitted by: kilroy <kilroy@mail.zutom.sk>
Approved by: steve@openssl.org

Handle pkcs12 format correctly by not assuming PEM format straight away.
 2009-04-03 17:06:35 +00:00
Dr. Stephen Henson
9ccd4e224f Add USE_SOCKETS. 2009-04-02 15:19:03 +00:00
Dr. Stephen Henson
417b8d4705 PR:1880 
Load config in ts utility.
 2009-04-01 14:59:18 +00:00
Dr. Stephen Henson
70b2186e24 Stop warnings. 2009-03-31 19:54:51 +00:00
Dr. Stephen Henson
aaf35f11d7 Allow use of algorithm and cipher names for dgsts and enc utilities instead 
of having to manually include each one.
 2009-03-30 11:31:50 +00:00
Dr. Stephen Henson
38b6e6c07b Typo in usage message. 2009-03-23 21:04:23 +00:00
Dr. Stephen Henson
e4e949192b Submitted by: Victor B. Wagner <vitus@cryptocom.ru> 
Reviewed by: steve@openssl.org

Check return codes properly in md BIO and dgst command.
 2009-03-18 18:53:08 +00:00
Dr. Stephen Henson
617298dca3 Update from stable branch. 2009-03-12 17:10:26 +00:00
Dr. Stephen Henson
33ab2e31f3 PR: 1854 
Submitted by: Oliver Martin <oliver@volatilevoid.net>
Reviewed by: steve@openssl.org

Support GeneralizedTime in ca utility.
 2009-03-09 13:59:07 +00:00
Ben Laurie
73bfcf2226 Don't ask for -iv for ciphers that need no IV. 2009-03-03 15:14:33 +00:00
Dr. Stephen Henson
0ed6b52687 Stop warning about use of *printf() without a format. 2009-02-15 15:29:59 +00:00
Dr. Stephen Henson
30b1b28aff Return correct exit code. 2009-02-12 18:06:11 +00:00
Dr. Stephen Henson
46400c97a9 Avoid leaks in pkcs8 app, tidy code up. 2009-02-12 18:02:47 +00:00
Dr. Stephen Henson
3859d7ee78 Just to be awkward Ubuntu 8.10 doesn't like _XOPEN_SOURCE_EXTENDED... 2009-02-06 16:43:52 +00:00
Bodo Möller
d615bceb2d For -hex, print just one \n 2009-02-02 00:40:29 +00:00
Bodo Möller
7ca1cfbac3 -hex option for openssl rand 
PR: 1831
Submitted by: Damien Miller
 2009-02-02 00:01:28 +00:00
Richard Levitte
5871ddb016 Because DEC C - sorry, HP C - is picky about features, we need to 
define _XOPEN_SOURCE_EXTENDED to reach fd_set and timeval types and
functionality.
 2009-01-28 07:38:14 +00:00
Dr. Stephen Henson
bab534057b Updatde from stable branch. 2009-01-07 23:44:27 +00:00
Ben Laurie
0eab41fb78 If we're going to return errors (no matter how stupid), then we should 
test for them!
 2008-12-29 16:11:58 +00:00
Andy Polyakov
2140659b00 Incidentally http://cvs.openssl.org/chngview?cn=17710 also made it possible 
to build the library without -D_CRT_NONSTDC_NO_DEPRECATE. This commit
expands it even to apps catalog and actually omits the macro in question
from Configure.
 2008-12-22 14:05:42 +00:00
Dr. Stephen Henson
70531c147c Make no-engine work again. 2008-12-20 17:04:40 +00:00
Lutz Jänicke
d88d941c87 apps/speed.c: children should not inherit buffered I/O 
PR: 1787
Submitted by: Artur Klauser <aklauser@google.com>
 2008-12-10 08:03:47 +00:00
Bodo Möller
7a76219774 Implement Configure option pattern "experimental-foo" 
(specifically, "experimental-jpake").
 2008-12-02 01:21:39 +00:00
Dr. Stephen Henson
2900fc8ae1 Don't stop -cipher from working. 2008-11-30 22:01:31 +00:00
Dr. Stephen Henson
79bd20fd17 Update from stable-branch. 2008-11-24 17:27:08 +00:00
Ben Laurie
f3b7bdadbc Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks. 2008-11-16 12:47:12 +00:00
Ben Laurie
774b2fe700 Aftermath of a clashing size_t fix (now only format changes). 2008-11-13 09:48:47 +00:00
Dr. Stephen Henson
ed551cddf7 Update from stable branch. 2008-11-12 17:28:18 +00:00
Geoff Thorpe
6343829a39 Revert the size_t modifications from HEAD that had led to more 
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
 2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2e5975285e Update obsolete email address... 2008-11-05 18:39:08 +00:00
Dr. Stephen Henson
70d71f6185 Fix warnings: printf format mismatches on 64 bit platforms. 
Change assert to OPENSSL_assert().
Fix e_padlock prototype.
 2008-11-02 15:41:30 +00:00
Dr. Stephen Henson
c76fd290be Fix warnings about mismatched prototypes, undefined size_t and value computed 
not used.
 2008-11-02 12:50:48 +00:00
Ben Laurie
4d6e1e4f29 size_tification. 2008-11-01 14:37:00 +00:00
Dr. Stephen Henson
e9eda23ae6 Fix warnings and various issues. 
C++ style comments.
Signed/unsigned warning in apps.c
Missing targets in jpake/Makefile
 2008-10-27 12:02:52 +00:00