- Dec 13, 2013
-
-
Dr. Stephen Henson authored
Move the IP, email and host checking fields from the public X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID structure. By doing this the structure can be modified in future without risk of breaking any applications.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
For consistency with other cases if we are performing partial chain verification with just one certificate notify the callback with ok==1.
-
Dr. Stephen Henson authored
New functions to retrieve internal pointers to X509_VERIFY_PARAM for SSL_CTX and SSL structures.
-
Dr. Stephen Henson authored
-
- Dec 10, 2013
-
-
Dr. Stephen Henson authored
We need to lock when *not* in FIPS mode.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Dec 09, 2013
-
-
Andy Polyakov authored
-
Andy Polyakov authored
-
Andy Polyakov authored
(cherry picked from commit d1671f4f)
-
Andy Polyakov authored
Add MULX/AD*X code paths and optimize even original code path.
-
Andy Polyakov authored
(cherry picked from commit 667053a2)
-
Andy Polyakov authored
(cherry picked from commit 41965a84)
-
- Dec 08, 2013
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
PR: 3176. In FIPS mode ssleay_rand_bytes is only used for PRNG seeding and is performed in either a single threaded context (when the PRNG is first initialised) or under a lock (reseeding). To avoid multiple locks disable use of CRYPTO_LOCK_RAND in FIPS mode in ssleay_rand_bytes.
-
- Dec 03, 2013
-
-
Andy Polyakov authored
PR: 3189 Submitted by: Oscar Ciurana (cherry picked from commit c5d5f5bd)
-
Andy Polyakov authored
(cherry picked from commit 8bd7ca99)
-
Andy Polyakov authored
rsaz_exp.c: harmonize line terminating; asm/rsaz-*.pl: minor optimizations. asm/rsaz-x86_64.pl: sync from master. (cherry picked from commit 31ed9a21)
-
Andy Polyakov authored
(cherry picked from commit 6efef384)
-
- Dec 01, 2013
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Nov 27, 2013
-
-
Dr. Stephen Henson authored
-
- Nov 18, 2013
-
-
Dr. Stephen Henson authored
New functions to retrieve current certificate or private key from an SSL_CTX. Constify SSL_get_private_key(). (cherry picked from commit a25f9adc)
-
Dr. Stephen Henson authored
(cherry picked from commit 60aeb187)
-
- Nov 17, 2013
-
-
Dr. Stephen Henson authored
(cherry picked from commit fdeaf55b)
-
- Nov 14, 2013
-
-
Dr. Stephen Henson authored
-
Piotr Sikora authored
PR#3106
-
- Nov 13, 2013
-
-
Dr. Stephen Henson authored
If pointer comparison for current certificate fails check to see if a match using X509_cmp succeeds for the current certificate: this is useful for cases where the certificate pointer is not available. (cherry picked from commit 6856b288a6e66edd23907b7fa264f42e05ac9fc7)
-
Rob Stradling authored
PR#3169 This patch, which currently applies successfully against master and 1_0_2, adds the following functions: SSL_[CTX_]select_current_cert() - set the current certificate without disturbing the existing structure. SSL_[CTX_]get0_chain_certs() - get the current certificate's chain. SSL_[CTX_]clear_chain_certs() - clear the current certificate's chain. The patch also adds these functions to, and fixes some existing errors in, SSL_CTX_add1_chain_cert.pod. (cherry picked from commit 2f56c9c015dbca45379c9a725915b3b8e765a119)
-
Krzysztof Kwiatkowski authored
PR#3172 (cherry picked from commit 4f055e34c3598cad00fca097d812fa3e6436d967)
-
- Nov 12, 2013
-
-
Andy Polyakov authored
PR: 3165 Submitted by: Daniel Richard G. (cherry picked from commit 2df9ec01)
-
Andy Polyakov authored
PR: 3165
-
Andy Polyakov authored
PR: 3165 (cherry picked from commit d1cf23ac)
-
- Nov 11, 2013
-
-
Dr. Stephen Henson authored
(cherry picked from commit 16bc45ba)
-