- Sep 12, 2000
-
-
Bodo Möller authored
behaviour that SSL_read may result in SSL_ERROR_WANT_READ.
-
- Sep 11, 2000
-
-
Ben Laurie authored
-
- Sep 10, 2000
-
-
Richard Levitte authored
the OpenSSL commands x50 and req work better on a EBCDIC system.
-
- Sep 07, 2000
-
-
Dr. Stephen Henson authored
Update PKCS12_parse(). Make the keyid in certificate aux info more usable.
-
Dr. Stephen Henson authored
Fix doc example, and fix BIO_find_type(). Fix PKCS7_verify(). It was using 'i' for both the loop variable and the verify return value.
-
Richard Levitte authored
process when some symbols are missing. Instead, all needed info is saved in the .num files, including what conditions are needed for a specific symbol to exist. This was needed for the work I'm doing with shared libraries under VMS.
-
- Sep 05, 2000
-
-
Dr. Stephen Henson authored
Add support for settable verify time in X509_verify_cert(). Document rsautl utility.
-
Dr. Stephen Henson authored
The old code was painfully primitive and couldn't handle distinct certificates using the same subject name. The new code performs several tests on a candidate issuer certificate based on certificate extensions. It also adds several callbacks to X509_VERIFY_CTX so its behaviour can be customised. Unfortunately some hackery was needed to persuade X509_STORE to tolerate this. This should go away when X509_STORE is replaced, sometime... This must have broken something though :-(
-
Dr. Stephen Henson authored
Add new option to PKCS7_sign to exclude S/MIME capabilities.
-
Bodo Möller authored
-
- Sep 04, 2000
-
-
Bodo Möller authored
-
Bodo Möller authored
symbols for debugging are defined.
-
- Sep 03, 2000
-
-
Dr. Stephen Henson authored
Add DER public key routines. Add -passin argument to 'ca' utility. Document sign and verify options to dgst.
-
- Sep 01, 2000
-
-
Bodo Möller authored
-
- Aug 30, 2000
-
-
Ben Laurie authored
-
Dr. Stephen Henson authored
Fix bug in read only memory BIOs so BIO_reset() works. Add sign and verify options to dgst utility, need to update docs.
-
- Aug 22, 2000
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Fixes to d2i_ASN1_OBJECT, ASN1_INTEGER_to_BN and a_strex.c
-
- Aug 21, 2000
-
-
Dr. Stephen Henson authored
initialize ex_pathlen to -1 so it isn't checked if pathlen is not present. set ucert to NULL in apps/pkcs12.c otherwise it gets freed twice. remove extraneous '\r' in MIME encoder. Allow a NULL to be passed to X509_gmtime_adj() Make PKCS#7 code use definite length encoding rather then the indefinite stuff it used previously.
-
- Aug 18, 2000
-
-
Richard Levitte authored
-
Richard Levitte authored
found myself needing it a number of times, the latter for completeness.
-
- Aug 17, 2000
-
-
Richard Levitte authored
-
Richard Levitte authored
-
- Aug 14, 2000
-
-
Richard Levitte authored
MD4 implemented. Assar Westerlund provided the digest code itself and the test utility, I added the bits to get a EVP interface, the command line utility and the speed test
-
- Aug 11, 2000
-
-
Richard Levitte authored
building a complete chain. Now added through the -CAfile and -CApath arguments.
-
- Aug 06, 2000
-
-
Dr. Stephen Henson authored
Add warning print out if duplicate names found: should end up as a fatal error but a warning for now until they problems are fixed...
-
- Aug 04, 2000
-
-
Dr. Stephen Henson authored
Fix warnings with BIO_dump_indent().
-
- Jul 29, 2000
-
-
Bodo Möller authored
-
Bodo Möller authored
test was never triggered due to an off-by-one error. In s23_clnt.c, don't use special rollback-attack detection padding (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the client; similarly, in s23_srvr.c, don't do the rollback check if SSL 2.0 is the only protocol enabled in the server.
-
- Jul 28, 2000
-
-
Dr. Stephen Henson authored
New ASN1_STRING_print_ex() and X509_NAME_print_ex() functions. These are intended to be replacements for the ancient ASN1_STRING_print() and X509_NAME_print() functions. The new functions support RFC2253 and various pretty printing options. It is also possible to display international characters if the terminal properly handles UTF8 encoding (Linux seems to tolerate this if the "unicode_start" script is run). Still needs to be documented, integrated into other utilities and extensively tested.
-
- Jul 27, 2000
-
-
Richard Levitte authored
'openssl asn1parse'. As a side effect, the functions ASN1_parse_dump and BIO_dump_indent are added.
-
- Jul 26, 2000
-
-
Dr. Stephen Henson authored
ASN1_TIME fixes. New function c2i_ASN1_OBJECT().
-
- Jul 21, 2000
-
-
Bodo Möller authored
-
Richard Levitte authored
there's support for building under Linux and True64 (using examples from the programming manuals), including versioning that is currently the same as OpenSSL versions but should really be a different series. With this change, it's up to the users to decide if they want shared libraries as well as the static ones. This decision now has to be done at configuration time (well, not really, those who know what they do can still do it the same way as before). The OpenSSL programs (openssl and the test programs) are currently always linked statically, but this may change in the future in a configurable manner. The necessary makefile variables to enable this are in place. Also note that I have done absolutely nothing about the Windows target to get something similar. On the other hand, DLLs are already the default there, but without versioning, and I've no idea what the possibilities for such a thing are there...
-
- Jul 19, 2000
-
-
Ulf Möller authored
-
- Jul 12, 2000
-
-
Dr. Stephen Henson authored
Make req seed the PRNG if signing with an already existing DSA key. Document the new smime options.
-
- Jul 10, 2000
-
-
Dr. Stephen Henson authored
call the i2c/c2i (they were not using the content length for the headers). Fix ASN1 long form tag encoding. This never worked but it was never tested since it is only used for tags > 30. New options to smime program to allow the PKCS#7 format to be specified and the content supplied externally.
-
- Jul 07, 2000
-
-
Dr. Stephen Henson authored
New ASN1 functions that just deal with content octets, not tag+length.
-
- Jul 05, 2000
-
-
Richard Levitte authored
-
- Jun 28, 2000
-
-
Richard Levitte authored
The message to everyone is "Do not hack OpenSSL when stressed"...
-