- Feb 26, 2014
-
-
Andy Polyakov authored
-
- Feb 25, 2014
-
-
Andy Polyakov authored
PR: 3201
-
Andy Polyakov authored
-
Dr. Stephen Henson authored
(cherry picked from commit 3678161d)
-
Dr. Stephen Henson authored
Not all platforms define BN_ULLONG. Define SCTS_TIMESTAMP as a type which should work on all platforms. (cherry picked from commit 66344167)
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Windows 8 SDKs complain that GetVersion() is deprecated. We only use GetVersion like this: (GetVersion() < 0x80000000) which checks if the Windows version is NT based. Use a macro check_winnt() which uses GetVersion() on older SDK versions and true otherwise.
-
Rob Stradling authored
-
- Feb 24, 2014
-
-
Andy Polyakov authored
Allegedly formwarding to NUL: sometimes creates NUL file in file system. PR: 3250
-
Andy Polyakov authored
PR: 3251 Suggested by: Thorsten Schning
-
Andy Polyakov authored
when adding duplicates in add_cert_dir. PR: 3261 Reported by: Marian Done
-
Andy Polyakov authored
-
- Feb 23, 2014
-
-
Dr. Stephen Henson authored
When setting the current certificate check that it has a corresponding private key.
-
Dr. Stephen Henson authored
New flags to build certificate chains. The can be used to rearrange the chain so all an application needs to do is add all certificates in arbitrary order and then build the chain to check and correct them. Add verify error code when building chain. Update docs.
-
- Feb 21, 2014
-
-
Dr. Stephen Henson authored
-
Andy Polyakov authored
-
- Feb 20, 2014
-
-
Dr. Stephen Henson authored
(cherry picked from commit b709f8ef)
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Feb 19, 2014
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Ben Laurie authored
-
Ben Laurie authored
-
Ben Laurie authored
-
-
Rob Stradling authored
Add the extension parser in the s_client, ocsp and x509 apps.
-
- Feb 18, 2014
-
-
Dr. Stephen Henson authored
-
- Feb 16, 2014
-
-
Dr. Stephen Henson authored
The flag SSL_OP_MSIE_SSLV2_RSA_PADDING hasn't done anything since OpenSSL 0.9.7h but deleting it will break source compatibility with any software that references it. Restore it but #define to zero. (cherry picked from commit b17d6b8d1d49fa4732deff17cfd1833616af0d9c)
-
- Feb 15, 2014
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Klaus-Peter Junghanns authored
This can be used to speed up SRTP with libsrtp, e.g. on TI omap/sitara based devices.
-
- Feb 14, 2014
-
-
Rob Stradling authored
Add the RFC6962 OIDs to the objects table.
-
Kurt Roeckx authored
If you use "-newkey rsa" it's supposed to read the default number of bits from the config file. However the value isn't used to generate the key, but it does print it's generating such a key. The set_keygen_ctx() doesn't call EVP_PKEY_CTX_set_rsa_keygen_bits() and you end up with the default set in pkey_rsa_init() (1024). Afterwards the number of bits gets read from the config file, but nothing is done with that anymore. We now read the config first and use the value from the config file when no size is given. PR: 2592
-
Kurt Roeckx authored
-
Scott Schaefer authored
-
Scott Schaefer authored
apps/pkcs12.c accepts -password as an argument. The document author almost certainly meant to write "-password, -passin". However, that is not correct, either. Actually the code treats -password as equivalent to -passin, EXCEPT when -export is also specified, in which case -password as equivalent to -passout.
-
Andy Polyakov authored
-
Andy Polyakov authored
-
Andy Polyakov authored
Improve CBC decrypt and CTR by ~13/16%, which adds up to ~25/33% improvement over "pre-Silvermont" version. [Add performance table to aesni-x86.pl].
-
Dr. Stephen Henson authored
When a chain is complete and ends in a trusted root checks are also performed on the TA and the callback notified with ok==1. For consistency do the same for chains where the TA is not self signed.
-