generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
13,370 Commits 16 Branches 258 Tags
Commit Graph

432 Commits

Author SHA1 Message Date
Geoff Thorpe
93825dddad static 2004-03-10 01:20:26 +00:00
Dr. Stephen Henson
a4e3150f00 Fix policy constraints syntax. 2004-03-08 18:15:32 +00:00
Dr. Stephen Henson
edec614efd Support for inhibitAnyPolicy extension. 2004-03-08 13:56:31 +00:00
Dr. Stephen Henson
bc50157010 Various X509 fixes. Disable broken certificate workarounds 
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in
CRL issuer certificates. Reject CRLs with unhandled (any)
critical extensions.
 2004-03-05 17:16:35 +00:00
Richard Levitte
79b42e7654 Use sh explicitely to run point.sh 
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 14:59:07 +00:00
Richard Levitte
d420ac2c7d Use BUF_strlcpy() instead of strcpy(). 
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 14:40:17 +00:00
Dr. Stephen Henson
a8287a90ea Give CRLDP its standard name. 
Max req -x509 use V1 if extensions section absent.
 2003-11-20 22:45:06 +00:00
Geoff Thorpe
2754597013 A general spring-cleaning (in autumn) to fix up signed/unsigned warnings. 
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
 2003-10-29 20:24:15 +00:00
Richard Levitte
3c02e24bb3 Change the indentation from 12 to indent+4. 
PR: 657
 2003-09-27 22:48:33 +00:00
Dr. Stephen Henson
60790aff6f PR: 627 
Allocate certificatePolicies correctly if CPS field is absent.

Fix various memory leaks in certificatePolicies.
 2003-05-28 17:28:11 +00:00
Dr. Stephen Henson
e19d0ef068 PR: 631 
Submitted by: Doug Sauder <dws+001@hunnysoft.com>

Fix bug in X509V3_get_d2i() when idx in not NULL.
 2003-05-28 16:57:08 +00:00
Dr. Stephen Henson
b9d2d20086 Make DER option work again. 
Fix typo.
 2003-05-02 11:41:40 +00:00
Richard Levitte
3ae70939ba Correct a lot of printing calls. Remove extra arguments... 2003-04-03 23:39:48 +00:00
Richard Levitte
8382ec5d37 Reindent for readability. 2003-04-03 19:10:32 +00:00
Richard Levitte
6dd6da6005 Don't feil when indent is 0. 
PR: 559
 2003-03-31 13:24:02 +00:00
Dr. Stephen Henson
1a15c89988 Multi valued AVA support. 2003-03-30 01:51:16 +00:00
Dr. Stephen Henson
81bd0446a9 make update 2003-03-24 17:06:25 +00:00
Dr. Stephen Henson
520b76ffd9 Support for name constraints. 2003-03-24 17:04:44 +00:00
Dr. Stephen Henson
5cc5ec1bba make update 2003-03-21 16:28:29 +00:00
Dr. Stephen Henson
f80153e20b Support for policy constraints. 2003-03-21 16:26:20 +00:00
Dr. Stephen Henson
b24668626e make update 2003-03-20 17:59:39 +00:00
Dr. Stephen Henson
ea3675b5b6 New ASN1 macros to just implement and declare the new and free functions 
and changes to mkdef.pl so it recognises them.

Use these in policyMappings extension.
 2003-03-20 17:58:33 +00:00
Dr. Stephen Henson
a1d12daed2 Support for policyMappings 2003-03-20 17:26:44 +00:00
Dr. Stephen Henson
f0dc08e656 Support for dirName from config files in GeneralName extensions. 2003-02-27 01:54:11 +00:00
Richard Levitte
85d686e723 Make it possible to disable OCSP, the speed application, and the use of sockets. 
PR: 358
 2003-02-14 01:02:58 +00:00
Dr. Stephen Henson
4e5d3a7f98 IPv6 display and input support for extensions usingh GeneralName. 2003-02-05 00:34:31 +00:00
Richard Levitte
b637670f03 DVCS (see RFC 3029) was missing among the possible purposes. 
Notified privately to me by Peter Sylvester <Peter.Sylvester@EdelWeb.fr>,
one of the authors of said RFC
 2003-01-29 15:06:35 +00:00
Richard Levitte
0c055b201e Adjust the parameter lists in some not commonly used files. 
PR: 428
 2003-01-01 23:41:46 +00:00
Richard Levitte
5e42f9ab46 make update 2002-12-29 01:38:15 +00:00
Dr. Stephen Henson
65caee44ff Fix get_email: 0 is a valid return value 2002-11-14 00:46:11 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Dr. Stephen Henson
2232e262bf Fix memory leak in s2i_ASN_INTEGER and return an error 
if any invalid characters are present.
 2002-11-13 00:40:51 +00:00
Dr. Stephen Henson
9ea1b87862 Initial ASN1 generation code. This can construct 
arbitrary encodings from strings and config files.

Documentation to follow...
 2002-11-12 13:34:51 +00:00
Richard Levitte
001ab3abad Use double dashes so makedepend doesn't misunderstand the flags we 
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
 2002-10-09 13:25:12 +00:00
Bodo Möller
74cc4903ef make update 2002-08-09 12:16:15 +00:00
Lutz Jänicke
3aecef7697 "make update" 2002-07-30 12:44:33 +00:00
Bodo Möller
5dbd3efce7 Replace 'ecdsaparam' commandline utility by 'ecparam' 
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.

Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.

Fix ec_asn1.c (take into account the desired conversion form).

'make update'.

Submitted by: Nils Larsch
 2002-07-14 16:54:31 +00:00
Richard Levitte
17085b022c Pass CFLAG to dependency makers, so non-standard system include paths are 
handled properly.
Part of PR 75
 2002-06-27 16:39:25 +00:00
Dr. Stephen Henson
99889b46c9 Fix ext_dat.h extension ordering. 
Reinstate -reqout code.

Avoid coredump in ocsp if setup_verify
fails.

Fix typo in ocsp usage message.
 2002-06-13 12:56:27 +00:00
Dr. Stephen Henson
04cc76660a The new ASN1 code automatically allocates 
structures for fields that are not OPTIONAL.

However in the AUTHORITY_INFO_ACCESS case
the 'location' field was set to NULL in
the old code.

So in 0.9.7+ we should free up the field before
overwriting it in v2i_AUTHORITY_INFO_ACCESS.
 2002-06-13 00:43:27 +00:00
Richard Levitte
9cdf87f194 Check the return values where memory allocation failures may happen. 
PR: 49
 2002-05-30 16:47:45 +00:00
Bodo Möller
59dbdb51dc disable '#ifdef DEBUG' sections 2002-02-28 10:51:56 +00:00
Bodo Möller
4d94ae00d5 ECDSA support 
Submitted by: Nils Larsch <nla@trustcenter.de>
 2002-02-13 18:21:51 +00:00
Bodo Möller
072569e0f1 Undo previous change, X509_check_issued() was correct. 
[See
     Message-ID: <3BB07999.30432AD2@celocom.com>
     Date: Tue, 25 Sep 2001 13:33:29 +0100
     From: Dr S N Henson <drh@celocom.com>
     To: openssl-dev@openssl.org
     Subject: Re: Error in v3_purp.c
]
 2002-01-27 17:41:12 +00:00
Richard Levitte
63810d8566 Apply a small patch from Diego R. Lopez <diego.lopez@rediris.es>, 
making X509_check_issued() properly match an issuer that's found in a
Authority Key Identifier.
 2002-01-26 04:25:16 +00:00
Bodo Möller
4d7072f4b5 remove redundant ERR_load_... declarations 2001-12-17 19:22:23 +00:00
Dr. Stephen Henson
7d5b04db4e Add support for Subject Info Acess extension. 2001-10-27 00:16:53 +00:00
Dr. Stephen Henson
f1558bb424 Reject certificates with unhandled critical extensions. 2001-10-21 02:09:15 +00:00
Dr. Stephen Henson
20d2186c87 Retain compatibility of EVP_DigestInit() and EVP_DigestFinal() 
with existing code.

Modify library to use digest *_ex() functions.
 2001-10-16 01:24:29 +00:00
Richard Levitte
f8000b9345 'make update' 2001-10-04 07:49:09 +00:00