If some other thread deletes the BIO that one thread needs for
BIO_write, then there's a lot of trouble anyway; there's
nothing special about calling the callback.
Returning -1 for an attempt to read from an empty buffer is empty is
not an error that should be signalled via the error queue, it's a
'retry read' condition and is signalled as such.
This allows intermediate CAs to be created more easily.
PKCS12_create() now checks private key matches certificate.
Fix typo in x509 app.
Update docs.
New function ASN1_STRING_to_UTF8() converts any ASN1_STRING
type to UTF8.
initialize ex_pathlen to -1 so it isn't checked if pathlen
is not present.
set ucert to NULL in apps/pkcs12.c otherwise it gets freed
twice.
remove extraneous '\r' in MIME encoder.
Allow a NULL to be passed to X509_gmtime_adj()
Make PKCS#7 code use definite length encoding rather then
the indefinite stuff it used previously.
records, EVP_EncodeUpdate() may misbehave. This happens when there's
a record boundary between the two ending b64 equal signs, which makes
EVP_EncodeUpdate think there has been more than one EOF, and therefore
add an extra NUL at the end of the output buffer. This fix corrects
that problem.
test was never triggered due to an off-by-one error.
In s23_clnt.c, don't use special rollback-attack detection padding
(RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
client; similarly, in s23_srvr.c, don't do the rollback check if
SSL 2.0 is the only protocol enabled in the server.
functions. These are intended to be replacements
for the ancient ASN1_STRING_print() and X509_NAME_print()
functions.
The new functions support RFC2253 and various pretty
printing options. It is also possible to display
international characters if the terminal properly handles
UTF8 encoding (Linux seems to tolerate this if the
"unicode_start" script is run).
Still needs to be documented, integrated into other
utilities and extensively tested.
size) through the base64 filter, b64_write() messes up it's parameters
in such a way that instead of writing correct base64 output, the first
4 characters of that output is repeated over and over. This fix
corrects that problem.
it wants to stir the pool using ssleay_rand_add. This fix provides the
possibility to call ssleay_rand_add inside a locked state by simply telling
it not to do any locking through a static variable. This isn't the most
elegant way one could do this, but it does retain thread safety during the
stirring process.
