Dr. Stephen Henson
a8287a90ea
Give CRLDP its standard name.
...
Max req -x509 use V1 if extensions section absent.
2003-11-20 22:45:06 +00:00
Lutz Jänicke
95de3d204f
Make sure to initialize AES counters to obtain proper results.
...
Submitted by: Kirill Kochetkov <kochet@ixbt.com>
PR: #748
2003-11-18 18:27:12 +00:00
Lutz Jänicke
f35232e6f3
Catch error condition to prevent NULL pointer dereference.
...
Submitted by: Goetz Babin-Ebell <babin-ebell@trustcenter.de>
PR: #766
2003-11-16 16:30:39 +00:00
Geoff Thorpe
d8ec0dcf45
Avoid some shadowed variable names.
...
Submitted by: Nils Larsch
2003-11-04 00:51:32 +00:00
Richard Levitte
cfd06a6223
Let exit codes propagate from within for loops.
2003-10-31 06:58:24 +00:00
Geoff Thorpe
bc3c578208
Copy-n-paste bug (don't mix variable declarations and code). This sets the
...
callback structure just before it is needed.
2003-10-29 22:30:45 +00:00
Geoff Thorpe
2754597013
A general spring-cleaning (in autumn) to fix up signed/unsigned warnings.
...
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
2003-10-29 20:24:15 +00:00
Geoff Thorpe
0991f07034
For whatever reason (compiler or header bugs), at least one commonly-used
...
linux system (namely mine) chokes on our definitions and uses of the "HZ"
symbol in crypto/tmdiff.[ch] and apps/speed.c as a "bad function cast"
(when in fact there is no function casting involved at all). In both cases,
it is easily worked around by not defining a cast into the macro and
jiggling the expressions slightly.
In addition - this highlights some cruft in openssl that needs sorting out.
The tmdiff.h header is exported as part of the openssl API despite the fact
that it is ugly as the driven sludge and not used anywhere in the library,
applications, or utilities. More weird still, almost identical code exists
in apps/speed.c though it looks to be slightly tweaked - so either tmdiff
should be updated and used by speed.c, or it should be dumped because it's
obviously not useful enough.
Rather than removing it for now, I've changed the API for tmdiff to at
least make sense. This involves taking the object type (MS_TM) from the
implementation and using it in the header rather than using "char *" in the
API and casting mercilessly in the code (ugh). If someone doesn't like
"MS_TM" and the "ms_time_***" naming, by all means change it. This should
be a harmless improvement, because the existing API is clearly not very
useful (eg. we reimplement it rather than using it in our own utils).
However, someone still needs to take a hack at consolidating speed.c and
tmdiff.[ch] somehow.
2003-10-29 04:40:13 +00:00
Geoff Thorpe
2aaec9cced
Update any code that was using deprecated functions so that everything builds
...
and links with OPENSSL_NO_DEPRECATED defined.
2003-10-29 04:14:08 +00:00
Dr. Stephen Henson
a08ced78c8
Avoid warnings: add missing prototype, don't shadow.
2003-10-10 23:07:24 +00:00
Richard Levitte
f44e184ec6
s_client should inform the user of any compression/expansion methods used.
2003-10-06 12:19:38 +00:00
Richard Levitte
3d7c4a5a6d
Selected changes for MSDOS, contributed by Gisle Vanem <giva@bgnett.no>.
...
PR: 669
2003-09-27 21:56:08 +00:00
Richard Levitte
253e893c2b
Include the instance in the Kerberos ticket information.
...
In s_server, print the received Kerberos information.
PR: 693
2003-09-27 17:55:13 +00:00
Dr. Stephen Henson
dfe399e7d9
Add -passin support to rsautl
2003-09-21 02:20:02 +00:00
Dr. Stephen Henson
7068c8b1a6
In order to get the expected self signed error when
...
calling X509_verify_cert() in x509.c the cert should
not be added to the trusted store.
2003-09-21 02:18:15 +00:00
Richard Levitte
e6fa67fa93
Generalise the definition of strcasecmp() and strncasecmp() for
...
platforms that don't (necessarely) have it. In the case of VMS, this
means moving a couple of functions from apps/ to crypto/ and make them
general (although only used privately).
2003-09-09 14:48:36 +00:00
Dr. Stephen Henson
560dfd2a02
New -ignore_err option in ocsp application to stop the server
...
exiting on the first error in a request.
2003-09-03 23:56:01 +00:00
Bodo Möller
563c05e2dc
fix out-of-bounds check in lock_dbg_cb (was too lose to detect all
...
invalid cases)
PR: 674
2003-08-14 10:33:56 +00:00
Bodo Möller
968766cad8
updates for draft-ietf-tls-ecc-03.txt
...
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
2003-07-22 12:34:21 +00:00
Richard Levitte
94805c84d1
Add -issuer_hash and make -subject_hash the default way to get the
...
subject hash, with -hash a synonym kept around for backward
compatibility reasons.
PR: 650
2003-07-03 20:45:09 +00:00
Bodo Möller
0fbffe7a71
implement PKCS #8 / SEC1 private key format for ECC
...
Submitted by: Nils Larsch
2003-06-25 21:35:05 +00:00
Richard Levitte
fd4ef69913
Implement CRL numbers.
...
Contributed in whole by Laurent Genier <Laurent.Genier@intrinsec.com>
PR: 644
2003-06-19 17:40:16 +00:00
Richard Levitte
fadd2246a0
Avoid warnings saying that the format takes a void*.
2003-06-11 22:26:02 +00:00
Dr. Stephen Henson
beab098d53
Various S/MIME bug and compatibility fixes.
2003-06-01 20:51:58 +00:00
Lutz Jänicke
4f17dfcd75
Add minimum POP3 STLS hack to s_client.c (as was provided for STARTTLS before)
...
Submitted by: dg@sunet.ru (Daniel Ginsburg)
PR: #613
2003-05-28 20:24:57 +00:00
Richard Levitte
d1465bac90
make update
2003-05-01 04:10:32 +00:00
Richard Levitte
4c771796d5
Convert save_serial() to work like save_index(), and add a
...
rotate_serial() that works like rotate_index().
2003-04-04 15:10:35 +00:00
Richard Levitte
d6df2b281f
Add documentation on the added functionality in 'openssl ca'.
2003-04-04 14:39:44 +00:00
Richard Levitte
3ae70939ba
Correct a lot of printing calls. Remove extra arguments...
2003-04-03 23:39:48 +00:00
Richard Levitte
83b23ed967
One more debug line to conditionalise.
2003-04-03 23:01:20 +00:00
Richard Levitte
16b1b03543
Implement self-signing in 'openssl ca'. This makes it easier to have
...
the CA certificate part of the CA database, and combined with
'unique_subject=no', it should make operations like CA certificate
roll-over easier.
2003-04-03 22:33:59 +00:00
Richard Levitte
db598fbce2
Don't try to free NULL values...
2003-04-03 20:03:23 +00:00
Richard Levitte
0998cfaadd
Remove unused variable.
2003-04-03 19:07:27 +00:00
Richard Levitte
c4448f60d6
Reset the version number of the issuer certificate? I believe this
...
hasn't been tested in a long while...
2003-04-03 18:50:15 +00:00
Richard Levitte
63b6fe2bf6
Conditionalise all debug strings.
2003-04-03 18:07:39 +00:00
Richard Levitte
f85b68cd49
Make it possible to have multiple active certificates with the same
...
subject.
2003-04-03 16:33:03 +00:00
Richard Levitte
d678cc07ed
No need to test -setalias twice.
...
PR: 556
2003-03-31 13:56:52 +00:00
Richard Levitte
03eeb07152
Add usage string for -fingerprint.
...
PR: 560
2003-03-31 13:06:24 +00:00
Dr. Stephen Henson
1a15c89988
Multi valued AVA support.
2003-03-30 01:51:16 +00:00
Dr. Stephen Henson
e5b0508a14
Update ocsp usage message and docs.
2003-03-26 00:46:47 +00:00
Richard Levitte
48f1fa7482
Make sure that all the library paths are modified in prepend mode, not
...
replace mode.
PR: 528
2003-03-20 11:37:47 +00:00
Dr. Stephen Henson
12d4e7b8c8
Fix PEDANTIC stuff...
2003-03-13 21:28:03 +00:00
Dr. Stephen Henson
767712fa62
Avoid warnings for no-engine and PEDANTIC
2003-03-12 02:38:57 +00:00
Bodo Möller
176f31ddec
- new ECDH_compute_key interface (KDF is no longer a fixed built-in)
...
- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary
2003-02-28 15:37:10 +00:00
Dr. Stephen Henson
e9ec63961b
Fix indefinite length encoding so EOC correctly updates
...
the buffer pointer.
Rename PKCS7_PARTSIGN to PKCS7_STREAM.
Guess what that's for :-)
2003-02-25 19:03:31 +00:00
Ulf Möller
66ecdf3bfb
more mingw related cleanups.
2003-02-22 18:00:14 +00:00
Richard Levitte
132eaa59da
Allow building applications against static libraries with Makefile.shared.
2003-02-22 14:41:34 +00:00
Dr. Stephen Henson
27068df7e0
Single pass processing to cleartext S/MIME signing.
2003-02-15 00:50:55 +00:00
Richard Levitte
c1269c81fd
Handle krb5 libraries separately and make sure only libssl.so depends
...
on it.
2003-02-14 13:12:00 +00:00
Richard Levitte
e270cf9c5e
Pay attention to disabled SSL versions.
...
PR: 500
2003-02-14 05:24:22 +00:00