Skip to content
  1. Dec 28, 2004
  2. Dec 05, 2004
  3. Dec 03, 2004
  4. Dec 01, 2004
  5. Nov 29, 2004
  6. Nov 26, 2004
  7. Nov 25, 2004
  8. Nov 16, 2004
    • Dr. Stephen Henson's avatar
      PR: 910 · 826a42a0
      Dr. Stephen Henson authored
      Add command line options -certform, -keyform and -pass to s_client and
      s_server. This supports the use of alternative passphrase sources, key formats
      and keys handled by an ENGINE.
      
      Update docs.
      826a42a0
  9. Oct 04, 2004
  10. Sep 06, 2004
  11. Aug 04, 2004
  12. Jul 06, 2004
  13. Jun 17, 2004
  14. May 31, 2004
  15. May 15, 2004
  16. May 13, 2004
  17. May 04, 2004
    • Bodo Möller's avatar
      - update from current 0.9.6-stable CHANGES file · d5f686d8
      Bodo Möller authored
      - update from current 0.9.7-stable CHANGES file:
      
        Now here we have "CHANGES between 0.9.7e and 0.9.8", and I hope
        that all patches mentioned for 0.9.7d and 0.9.7e actually are
        in the CVS HEAD, i.e. what is to become 0.9.8.
      
        I have rewritten the 'openssl ca -create_serial' entry (0.9.8)
        so that it explains the earlier change that is now listed (0.9.7e).
      
        The ENGINE_set_default typo bug entry has been moved from 0.9.8
        to 0.9.7b, which is where it belongs.
      d5f686d8
  18. Apr 26, 2004
  19. Apr 21, 2004
  20. Apr 20, 2004
  21. Apr 19, 2004
    • Geoff Thorpe's avatar
      Reduce header interdependencies, initially in engine.h (the rest of the · 3a87a9b9
      Geoff Thorpe authored
      changes are the fallout). As this could break source code that doesn't
      directly include headers for interfaces it uses, changes to recursive
      includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
      define this when building and using openssl, and then adapt code where
      necessary - this is how to stay current. However the mechanism exists for
      the lethargic.
      3a87a9b9
  22. Mar 31, 2004
  23. Mar 28, 2004
  24. Mar 27, 2004
  25. Mar 25, 2004
    • Geoff Thorpe's avatar
      Replace the BN_CTX implementation with my current work. I'm leaving the · 5c98b2ca
      Geoff Thorpe authored
      little TODO list in there as well as the debugging code (only enabled if
      BN_CTX_DEBUG is defined).
      
      I'd appreciate as much review and testing as can be spared for this. I'll
      commit some changes to other parts of the bignum code shortly to make
      better use of this implementation (no more fixed size limitations). Note
      also that under identical optimisations, I'm seeing a noticable speed
      increase over openssl-0.9.7 - so any feedback to confirm/deny this on other
      systems would also be most welcome.
      5c98b2ca
    • Geoff Thorpe's avatar
      By adding a BN_CTX parameter to the 'rsa_mod_exp' callback, private key · 46ef873f
      Geoff Thorpe authored
      operations no longer require two distinct BN_CTX structures. This may put
      more "strain" on the current BN_CTX implementation (which has a fixed limit
      to the number of variables it will hold), but so far this limit is not
      triggered by any of the tests pass and I will be changing BN_CTX in the
      near future to avoid this problem anyway.
      
      This also changes the default RSA implementation code to use the BN_CTX in
      favour of initialising some of its variables locally in each function.
      46ef873f
  26. Mar 23, 2004
  27. Mar 17, 2004
  28. Mar 15, 2004
  29. Mar 13, 2004
  30. Mar 08, 2004
  31. Mar 05, 2004
  32. Feb 19, 2004
  33. Feb 01, 2004
  34. Nov 10, 2003
  35. Nov 04, 2003
  36. Oct 29, 2003
    • Geoff Thorpe's avatar
      BN_CTX is opaque and the static initialiser BN_CTX_init() is not used · 2ce90b9b
      Geoff Thorpe authored
      except internally to the allocator BN_CTX_new(), as such this deprecates
      the use of BN_CTX_init() in the API. Moreover, the structure definition of
      BN_CTX is taken out of bn_lcl.h and moved into bn_ctx.c itself.
      
      NDEBUG should probably only be "forced" in the top-level configuration, but
      until it is I will avoid removing it from bn_ctx.c which might surprise
      people with massive slow-downs in their keygens. So I've left it in
      bn_ctx.c but tidied up the preprocessor logic a touch and made it more
      tolerant of debugging efforts.
      2ce90b9b
    • Geoff Thorpe's avatar
      Relax some over-zealous constification that gave some lhash-based code no · 8dc344cc
      Geoff Thorpe authored
      choice but to have to cast away "const" qualifiers from their prototypes.
      This does not remove constification restrictions from hash/compare
      callbacks, but allows destructor commands to be run over a tables' elements
      without bad casts.
      8dc344cc