mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-07 19:38:33 +08:00
Code Issues Packages Projects Releases Wiki Activity
9,655 Commits 30 Branches 390 Tags 506 MiB
01bfc480c6
Commit Graph

1382 Commits

Author SHA1 Message Date
Dr. Stephen Henson
d4be92896c Add -no_cache option to s_server 2009-10-28 17:49:30 +00:00
Dr. Stephen Henson
6aa1770c6d Use new X509_STORE_set_verify_cb function instead of old macro. 2009-10-18 14:40:33 +00:00
Dr. Stephen Henson
be45636661 Fix for WIN32 and possibly other platforms which don't define in_port_t. 2009-10-15 18:49:30 +00:00
Dr. Stephen Henson
636b6b450d PR: 2069 
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

IPv6 support for DTLS.
 2009-10-15 17:41:31 +00:00
Dr. Stephen Henson
2c55c0d367 PR: 1847 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Integrated patches to CA.sh to bring it into line with CA.pl functionality.
 2009-10-15 17:27:34 +00:00
Dr. Stephen Henson
0431941ec5 Revert extra changes from previous commit. 2009-10-15 17:17:45 +00:00
Dr. Stephen Henson
42733b3bea PR: 2066 
Submitted by: Guenter <lists@gknw.net>
Approved by: steve@openssl.org

Add -r option to dgst to produce format compatible with core utilities.
 2009-10-15 17:13:54 +00:00
Dr. Stephen Henson
0e039aa797 Fix warnings about ignoring fgets return value 2009-10-04 16:42:56 +00:00
Dr. Stephen Henson
b48315d9b6 PR: 2061 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct i2b_PVK_bio error handling in rsa.c, dsa.c
 2009-10-01 00:25:24 +00:00
Dr. Stephen Henson
18e503f30f PR: 2064, 728 
Submitted by: steve@openssl.org

Add support for custom headers in OCSP requests.
 2009-09-30 21:40:55 +00:00
Dr. Stephen Henson
37fc562bd8 Free SSL_CTX after BIO 2009-09-30 21:36:17 +00:00
Dr. Stephen Henson
a25f33d28a Submitted by: Julia Lawall <julia@diku.dk> 
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
 2009-09-13 11:29:29 +00:00
Dr. Stephen Henson
08882ac5be PR: 2038 
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Approved by: steve@openssl.org

Avoid double call to BIO_free().
 2009-09-11 11:02:52 +00:00
Dr. Stephen Henson
b5ca7df5aa PR: 2031 
Submitted by: steve@openssl.org

Tolerate application/timestamp-response which some servers send out.
 2009-09-07 17:57:18 +00:00
Dr. Stephen Henson
e0d4e97c1a Make update, deleting bogus DTLS error code 2009-09-06 15:58:19 +00:00
Dr. Stephen Henson
f4274da164 PR: 1644 
Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.
 2009-09-06 15:49:46 +00:00
Dr. Stephen Henson
07a9d1a2c2 PR: 2028 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.
 2009-09-04 17:42:53 +00:00
Dr. Stephen Henson
2d1cbca960 PR: 2020 
Submitted by: Keith Beckman <kbeckman@mcg.edu>,  Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org

Fix improperly capitalized references to WWW::Curl::Easy.
 2009-09-02 15:57:24 +00:00
Dr. Stephen Henson
17b5326ba9 PR: 2013 
Submitted by: steve@openssl.org

Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.

Add error checking to CRL generation in ca utility when nextUpdate is being
set.
 2009-09-02 13:54:50 +00:00
Dr. Stephen Henson
1771668096 Tidy up and fix verify callbacks to avoid structure dereference, use of 
obsolete functions and enhance to handle new conditions such as policy printing.
 2009-09-02 12:47:28 +00:00
Dr. Stephen Henson
ba4526e071 Stop unused variable warning on WIN32 et al. 2009-08-18 11:15:33 +00:00
Dr. Stephen Henson
3ed3603b60 Update default dependency flags. 
Make error name discrepancies a fatal error.
Fix error codes.
make update
 2009-08-12 17:30:37 +00:00
Dr. Stephen Henson
b972fbaa8f PR: 1997 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS timeout handling fix.
 2009-08-12 13:19:54 +00:00
Dr. Stephen Henson
77c7f17a5e Typo 2009-08-10 15:52:49 +00:00
Dr. Stephen Henson
b318cfb169 PR: 1999 
Submitted by: "Bayram Kurumahmut" <kbayram@ubicom.com>
Approved by: steve@openssl.org

Don't use HAVE_FORK in apps/speed.c it can conflict with configured version.
 2009-08-10 15:30:40 +00:00
Dr. Stephen Henson
f10f4447da Update from 1.0.0-stable. 2009-08-05 15:29:58 +00:00
Dr. Stephen Henson
c869da8839 Update from 1.0.0-stable 2009-07-27 21:10:00 +00:00
Dr. Stephen Henson
bdfa4ff947 Update from 0.9.8-stable 2009-07-24 11:17:10 +00:00
Dr. Stephen Henson
3f7c592082 Updates from 1.0.0-stable. 2009-07-14 15:30:05 +00:00
Dr. Stephen Henson
6053ef80e5 Use new time routines to avoid possible overflow. 2009-07-13 11:40:14 +00:00
Dr. Stephen Henson
c55d27ac33 Make update. 2009-07-08 09:19:53 +00:00
Dr. Stephen Henson
db99779bee Use common verify parameters instead of the small ad-hoc subset in 
s_client, s_server.
 2009-06-30 15:56:35 +00:00
Dr. Stephen Henson
e5b2b0f91f Updates from 1.0.0-stable 2009-06-30 15:28:16 +00:00
Dr. Stephen Henson
9a5faeaa42 Allow setting of verify depth in verify parameters (as opposed to the depth 
implemented using the verify callback).
 2009-06-29 16:09:37 +00:00
Dr. Stephen Henson
f3be6c7b7d Update from 1.0.0-stable. 2009-06-26 11:29:26 +00:00
Dr. Stephen Henson
c05353c50a Rename asc2uni and uni2asc functions to avoid clashes. 2009-06-17 12:04:56 +00:00
Dr. Stephen Henson
eddee61671 PR: 1956 
Submitted by: Guenter <lists@gknw.net>
Approved by: steve@openssl.org

Netware doesn't have strings.h
 2009-06-17 11:32:59 +00:00
Dr. Stephen Henson
58f41a926a Updates from 1.0.0-stable 2009-06-05 14:59:26 +00:00
Dr. Stephen Henson
046f210112 Update from 1.0.0-stable. 2009-05-17 16:04:58 +00:00
Richard Levitte
cc8cc9a3a1 Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda). 
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)
 2009-05-15 16:36:56 +00:00
Dr. Stephen Henson
83d8fa7dd1 Update from stable branch. 2009-05-13 11:32:46 +00:00
Dr. Stephen Henson
d4f0339c66 Update from 1.0.0-stable. 2009-04-26 22:18:22 +00:00
Richard Levitte
7184ef1210 Cast to avoid signedness confusion 2009-04-26 12:16:08 +00:00
Dr. Stephen Henson
ef236ec3b2 Merge from 1.0.0-stable branch. 2009-04-23 16:32:42 +00:00
Dr. Stephen Henson
8711efb498 Updates from 1.0.0-stable branch. 2009-04-20 11:33:12 +00:00
Dr. Stephen Henson
e5fa864f62 Updates from 1.0.0-stable. 2009-04-15 15:27:03 +00:00
Dr. Stephen Henson
645532b999 Update from 1.0.0-stable 2009-04-06 21:42:37 +00:00
Dr. Stephen Henson
06ddf8eb08 Updates from 1.0.0-stable 2009-04-04 19:54:06 +00:00
Dr. Stephen Henson
14023fe352 Merge from 1.0.0-stable branch. 2009-04-03 11:45:19 +00:00
Dr. Stephen Henson
b6b0b0d7a5 Update from 1.0.0-stable. 2009-04-01 14:59:49 +00:00
Dr. Stephen Henson
70b2186e24 Stop warnings. 2009-03-31 19:54:51 +00:00
Dr. Stephen Henson
aaf35f11d7 Allow use of algorithm and cipher names for dgsts and enc utilities instead 
of having to manually include each one.
 2009-03-30 11:31:50 +00:00
Dr. Stephen Henson
38b6e6c07b Typo in usage message. 2009-03-23 21:04:23 +00:00
Dr. Stephen Henson
e4e949192b Submitted by: Victor B. Wagner <vitus@cryptocom.ru> 
Reviewed by: steve@openssl.org

Check return codes properly in md BIO and dgst command.
 2009-03-18 18:53:08 +00:00
Dr. Stephen Henson
617298dca3 Update from stable branch. 2009-03-12 17:10:26 +00:00
Dr. Stephen Henson
33ab2e31f3 PR: 1854 
Submitted by: Oliver Martin <oliver@volatilevoid.net>
Reviewed by: steve@openssl.org

Support GeneralizedTime in ca utility.
 2009-03-09 13:59:07 +00:00
Ben Laurie
73bfcf2226 Don't ask for -iv for ciphers that need no IV. 2009-03-03 15:14:33 +00:00
Dr. Stephen Henson
0ed6b52687 Stop warning about use of *printf() without a format. 2009-02-15 15:29:59 +00:00
Dr. Stephen Henson
30b1b28aff Return correct exit code. 2009-02-12 18:06:11 +00:00
Dr. Stephen Henson
46400c97a9 Avoid leaks in pkcs8 app, tidy code up. 2009-02-12 18:02:47 +00:00
Dr. Stephen Henson
3859d7ee78 Just to be awkward Ubuntu 8.10 doesn't like _XOPEN_SOURCE_EXTENDED... 2009-02-06 16:43:52 +00:00
Bodo Möller
d615bceb2d For -hex, print just one \n 2009-02-02 00:40:29 +00:00
Bodo Möller
7ca1cfbac3 -hex option for openssl rand 
PR: 1831
Submitted by: Damien Miller
 2009-02-02 00:01:28 +00:00
Richard Levitte
5871ddb016 Because DEC C - sorry, HP C - is picky about features, we need to 
define _XOPEN_SOURCE_EXTENDED to reach fd_set and timeval types and
functionality.
 2009-01-28 07:38:14 +00:00
Dr. Stephen Henson
bab534057b Updatde from stable branch. 2009-01-07 23:44:27 +00:00
Ben Laurie
0eab41fb78 If we're going to return errors (no matter how stupid), then we should 
test for them!
 2008-12-29 16:11:58 +00:00
Andy Polyakov
2140659b00 Incidentally http://cvs.openssl.org/chngview?cn=17710 also made it possible 
to build the library without -D_CRT_NONSTDC_NO_DEPRECATE. This commit
expands it even to apps catalog and actually omits the macro in question
from Configure.
 2008-12-22 14:05:42 +00:00
Dr. Stephen Henson
70531c147c Make no-engine work again. 2008-12-20 17:04:40 +00:00
Lutz Jänicke
d88d941c87 apps/speed.c: children should not inherit buffered I/O 
PR: 1787
Submitted by: Artur Klauser <aklauser@google.com>
 2008-12-10 08:03:47 +00:00
Bodo Möller
7a76219774 Implement Configure option pattern "experimental-foo" 
(specifically, "experimental-jpake").
 2008-12-02 01:21:39 +00:00
Dr. Stephen Henson
2900fc8ae1 Don't stop -cipher from working. 2008-11-30 22:01:31 +00:00
Dr. Stephen Henson
79bd20fd17 Update from stable-branch. 2008-11-24 17:27:08 +00:00
Ben Laurie
f3b7bdadbc Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks. 2008-11-16 12:47:12 +00:00
Ben Laurie
774b2fe700 Aftermath of a clashing size_t fix (now only format changes). 2008-11-13 09:48:47 +00:00
Dr. Stephen Henson
ed551cddf7 Update from stable branch. 2008-11-12 17:28:18 +00:00
Geoff Thorpe
6343829a39 Revert the size_t modifications from HEAD that had led to more 
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
 2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2e5975285e Update obsolete email address... 2008-11-05 18:39:08 +00:00
Dr. Stephen Henson
70d71f6185 Fix warnings: printf format mismatches on 64 bit platforms. 
Change assert to OPENSSL_assert().
Fix e_padlock prototype.
 2008-11-02 15:41:30 +00:00
Dr. Stephen Henson
c76fd290be Fix warnings about mismatched prototypes, undefined size_t and value computed 
not used.
 2008-11-02 12:50:48 +00:00
Ben Laurie
4d6e1e4f29 size_tification. 2008-11-01 14:37:00 +00:00
Dr. Stephen Henson
e9eda23ae6 Fix warnings and various issues. 
C++ style comments.
Signed/unsigned warning in apps.c
Missing targets in jpake/Makefile
 2008-10-27 12:02:52 +00:00
Ben Laurie
6caa4edd3e Add JPAKE. 2008-10-26 18:40:52 +00:00
Dr. Stephen Henson
ac786241a2 Add support for -crlnumber option in crl utility. 2008-10-22 19:54:55 +00:00
Lutz Jänicke
020d67fb89 Allow detection of input EOF in quiet mode by adding -no_ign_eof option 
to s_client application.
PR: #1761
Submitted by: David Woodhouse <dwmw2@infradead.org>
 2008-10-22 06:46:14 +00:00
Lutz Jänicke
1581f82243 Add missing "-d" to option list of openssl version. 
Submitted by: Alex Chen <alex_chen@filemaker.com>
 2008-10-20 12:53:36 +00:00
Dr. Stephen Henson
640b86cb24 Fix Warning... 2008-10-19 17:22:34 +00:00
Ben Laurie
d5bbead449 Add XMPP STARTTLS support. 2008-10-14 19:11:26 +00:00
Ben Laurie
babb379849 Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
Dr. Stephen Henson
87d3a0cd90 Experimental new date handling routines. These fix issues with X509_time_adj() 
and should avoid any OS date limitations such as the year 2038 bug.
 2008-10-07 22:55:27 +00:00
Bodo Möller
1a489c9af1 From branch OpenSSL_0_9_8-stable: Allow soft-loading engines. 
Also, fix CHANGES (consistency with stable branch).
 2008-09-15 20:41:24 +00:00
Dr. Stephen Henson
0702150f53 Make no-tlsext compile. 2008-09-03 12:29:57 +00:00
Dr. Stephen Henson
d43c4497ce Initial support for delta CRLs. If "use deltas" flag is set attempt to find 
a delta CRL in addition to a full CRL. Check and search delta in addition to
the base.
 2008-09-01 15:15:16 +00:00
Dr. Stephen Henson
9d84d4ed5e Initial support for CRL path validation. This supports distinct certificate 
and CRL signing keys.
 2008-08-13 16:00:11 +00:00
Dr. Stephen Henson
002e66c0e8 Support for policy mappings extension. 
Delete X509_POLICY_REF code.

Fix handling of invalid policy extensions to return the correct error.

Add command line option to inhibit policy mappings.
 2008-08-12 10:32:56 +00:00
Geoff Thorpe
4c3296960d Remove the dual-callback scheme for numeric and pointer thread IDs, 
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).

Thanks to Bodo, for invaluable review and feedback.
 2008-08-06 15:54:15 +00:00
Dr. Stephen Henson
5cbd203302 Initial support for alternative CRL issuing certificates. 
Allow inibit any policy flag to be set in apps.
 2008-07-30 15:49:12 +00:00
Ralf S. Engelschall
6bcbac0abb remove a doubled entry for '-binary' in the usage message 2008-07-27 15:51:35 +00:00
Dr. Stephen Henson
db50661fce X509 verification fixes. 
Ignore self issued certificates when checking path length constraints.

Duplicate OIDs in policy tree in case they are allocated.

Use anyPolicy from certificate cache and not current tree level.
 2008-07-13 14:25:36 +00:00
Dr. Stephen Henson
d4cdbab99b Avoid warnings with -pedantic, specifically: 
Conversion between void * and function pointer.
Value computed not used.
Signed/unsigned argument.
 2008-07-04 23:12:52 +00:00
Geoff Thorpe
5f834ab123 Revert my earlier CRYPTO_THREADID commit, I will commit a reworked 
version some time soon.
 2008-07-03 19:59:25 +00:00