Skip to content
  1. Feb 01, 2016
    • Richard Levitte's avatar
      unified build scheme: a first introduction · 9fe2bb77
      Richard Levitte authored
      
      
      The "unified" build scheme revolves around small information files,
      build.info, which each describe their own bit of everything that needs
      to be built, using a mini-language described in Configurations/README.
      
      The information in build.info file contain references to source files
      and final result.  Object files are not mentioned at all, they are
      simply from source files.  Because of this, all the *_obj items in
      Configurations/*.conf are renamed to *_asm_src and the files listed
      in the values are change from object files to their corresponding
      source files.  For the sake of the other build schemes, Configure
      generates corresponding *_obj entries in %target.
      
      Furthermore, the "unified" build scheme supports having a build
      directory tree separate from the source directry tree.
      
      All paths in a build.info file is assumed to be relative to its
      location, either within the source tree or within the build tree.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      9fe2bb77
    • Viktor Dukhovni's avatar
    • Viktor Dukhovni's avatar
      Compat self-signed trust with reject-only aux data · 33cc5dde
      Viktor Dukhovni authored
      
      
      When auxiliary data contains only reject entries, continue to trust
      self-signed objects just as when no auxiliary data is present.
      
      This makes it possible to reject specific uses without changing
      what's accepted (and thus overring the underlying EKU).
      
      Added new supported certs and doubled test count from 38 to 76.
      
      Reviewed-by: default avatarDr. Stephen Henson <steve@openssl.org>
      33cc5dde
    • Viktor Dukhovni's avatar
      Check chain extensions also for trusted certificates · 0daccd4d
      Viktor Dukhovni authored
      
      
      This includes basic constraints, key usages, issuer EKUs and auxiliary
      trust OIDs (given a trust suitably related to the intended purpose).
      
      Added tests and updated documentation.
      
      Reviewed-by: default avatarDr. Stephen Henson <steve@openssl.org>
      0daccd4d
  2. Jan 31, 2016
  3. Jan 30, 2016
  4. Jan 29, 2016