Commit Graph

400 Commits

Author SHA1 Message Date
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Nils Larsch
f763e0b5ae make sure error queue is totally emptied
PR: 359
2005-04-07 22:53:35 +00:00
Nils Larsch
70f34a5841 some const fixes and cleanup 2005-04-05 10:29:43 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Andy Polyakov
f7f2125522 Avoid re-build avalanches with HP-UX make. 2005-03-12 09:12:44 +00:00
Richard Levitte
6951c23afd Add functionality needed to process proxy certificates. 2004-12-28 00:21:35 +00:00
Richard Levitte
3c97bd833b Change libeay.num so it's synchronised with additions in 0.9.7-stable.
make update
2004-12-13 22:57:08 +00:00
Dr. Stephen Henson
a0e7c8eede Add lots of checks for memory allocation failure, error codes to indicate
failure and freeing up memory if a failure occurs.

PR:620
2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
8544a80776 Add couple of OIDs. Resync NIDs for consistency with 0.9.7. 2004-12-01 18:09:53 +00:00
Richard Levitte
a2ac429da2 Don't use $(EXHEADER) directly in for loops, as most shells will break
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Richard Levitte
914d36ba19 make update 2004-05-31 13:16:08 +00:00
Andy Polyakov
6bca8e3886 objects.txt update for SHA-224/-256/-384/-512. SHA-224 ids still appear
"draft," but we have to start somewhere...

Submitted by: Nils Larsch <nlarsch@compuserve.de>
2004-05-31 13:07:19 +00:00
Geoff Thorpe
9c52d2cc75 After the latest round of header-hacking, regenerate the dependencies in
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
2004-05-17 19:26:06 +00:00
Richard Levitte
875a644a90 Constify d2i, s2i, c2i and r2i functions and other associated
functions and macros.

This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const.  Those will be removed when this change has been
properly reviewed.
2004-03-15 23:15:26 +00:00
Dr. Stephen Henson
edec614efd Support for inhibitAnyPolicy extension. 2004-03-08 13:56:31 +00:00
Richard Levitte
8d1ebe0bd1 Add the missing parts for DES CFB1 and CFB8.
Add the corresponding AES parts while I'm at it.
make update
2004-01-28 19:05:35 +00:00
Richard Levitte
075521725d Fix Perl problems on sparc64.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:13:18 +00:00
Richard Levitte
79b42e7654 Use sh explicitely to run point.sh
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:59:07 +00:00
Richard Levitte
d420ac2c7d Use BUF_strlcpy() instead of strcpy().
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:40:17 +00:00
Richard Levitte
0d78bc3356 Add IPSec/IKE/Oakley curves.
PR: 768
Submitted by: Vadim Fedukovich <vf@unity.net>
2003-11-29 09:25:59 +00:00
Bodo Möller
968766cad8 updates for draft-ietf-tls-ecc-03.txt
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
2003-07-22 12:34:21 +00:00
Richard Levitte
f9d183c209 Replace CCITT with ITU-T. Keep CCITT around as an alias.
make update

PR: 80
2003-07-04 15:45:04 +00:00
Richard Levitte
c89f31def0 make update 2003-06-26 10:27:11 +00:00
Richard Levitte
54dbdd9837 Some variables were uninitialised... 2003-04-29 20:45:36 +00:00
Richard Levitte
ea5240a5ed Add an extended variant of OBJ_bsearch() that can be given a few
flags.
2003-04-29 20:25:21 +00:00
Dr. Stephen Henson
1c2d141238 Name Constraints OID. 2003-03-24 00:56:09 +00:00
Dr. Stephen Henson
6f528cac5a Typo: OID should be policyMappings 2003-03-20 17:14:27 +00:00
Dr. Stephen Henson
ba5df66a8b Add some OIDs. 2003-03-13 23:37:55 +00:00
Bodo Möller
d745af4b0c avoid potential confusion about curves (prime192v1 and prime256v1 are
also known as secp192r1 and secp256r1, respectively)

Submitted by: Nils Larsch, Bodo Moeller
2003-01-16 16:05:23 +00:00
Bodo Möller
b05645902a "!Cname surname" has now become redundant ... 2003-01-13 15:57:33 +00:00
Bodo Möller
54d4f8c320 undo part of a recent change: it's "surname", not "surName"
(see X.520 aka ISO/IEC 9594-6)
2003-01-13 15:52:04 +00:00
Richard Levitte
c9ecb1edd8 Keep the internal lowercase 'surname', for programmer's sake. 2002-12-20 09:39:34 +00:00
Richard Levitte
8baf5fdca0 Be consistent with capitalisation of object names. 2002-12-20 09:24:17 +00:00
Richard Levitte
aafafa314d Be consistent with capitalisation of object names. 2002-12-20 09:18:18 +00:00
Richard Levitte
6dc78bf7e8 make update 2002-11-15 11:20:43 +00:00
Richard Levitte
ce4f169ff9 A few more Microsoft OIDs added 2002-11-15 11:17:50 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Richard Levitte
001ab3abad Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:25:12 +00:00
Dr. Stephen Henson
2af52de7b5 Fix typo in OBJ_txt2obj which incorrectly passed the content
length, instead of the encoding length to d2i_ASN1_OBJECT.

This wasn't visible before becuse ASN1_get_object() used
to read past the length of the supplied buffer.
2002-08-14 00:48:02 +00:00
Bodo Möller
16dc1cfb5c Add more WAP/WTLS elliptic curve OIDs.
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-02 12:28:34 +00:00
Lutz Jänicke
c046fffa16 OpenSSL Security Advisory [30 July 2002]
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
2002-07-30 13:04:04 +00:00
Richard Levitte
17085b022c Pass CFLAG to dependency makers, so non-standard system include paths are
handled properly.
Part of PR 75
2002-06-27 16:39:25 +00:00
Lutz Jänicke
82869b3c8d Add OIDs for Secure Electronic Transactions (SET)
Submitted by: Vadim Fedukovich <vf@unity.net>
Reviewed by: Lutz Jaenicke
PR: 80
2002-06-13 11:52:56 +00:00
Lutz Jänicke
0f7b63c834 Make sure that settings are passed back and forth when walking around
in the tree during build.
Reinstall default PERL settings in Makefiles, as the real reason for the
failure was that the settings were not passed.
2002-06-06 10:16:59 +00:00
Lutz Jänicke
345731731a New OID for X509 usage: pseudonym
Submitted by: Michael Bell <michael.bell@rz.hu-berlin.de>
Reviewed by: Lutz Jaenicke
PR: 83
2002-06-06 07:33:00 +00:00
Lutz Jänicke
bb0db9c491 The correct PERL interpreter is passed via commandline. 2002-06-05 07:03:17 +00:00
Richard Levitte
9cdf87f194 Check the return values where memory allocation failures may happen.
PR: 49
2002-05-30 16:47:45 +00:00
Lutz Jänicke
f1e6643751 Add generationQualifier OID (proposed by Fiel Cabral). 2002-04-25 18:03:13 +00:00
Lutz Jänicke
d5d007abe3 Optimize: better shortcut evaluation ("Howard Chu" <hyc@highlandsun.com>). 2002-04-18 11:54:06 +00:00
Lutz Jänicke
ea7fc0311c Use the "mail" short name according to RFC2798 (Michael Bell
<michael.bell@rz.hu-berlin.de>).
2002-04-15 13:30:41 +00:00
Lutz Jänicke
30911232c1 Some more OID enhancements. 2002-04-15 10:41:38 +00:00
Richard Levitte
083100e2ab Check error code from a2d_ASN1_OBJECT(). 2002-04-11 22:13:58 +00:00
Lutz Jänicke
0ae1661ba2 Apply OID fixes for elliptic curves as supplied by
Nils Larsch <nlarsch@compuserve.de>.
2002-04-08 15:49:53 +00:00
Richard Levitte
a18894d159 make update (libeay.num has been edited to match 0.9.7-stable) 2002-04-06 19:16:12 +00:00
Lutz Jänicke
4825092bbe Fix buggy object definitions (Svenning Sorensen <sss@sss.dnsalias.net>). 2002-04-04 17:48:37 +00:00
Lutz Jänicke
ffbe98b763 Make short names of objects RFC2256-compliant. 2002-03-26 17:18:48 +00:00
Bodo Möller
1d28453529 add OIDs for WAP/TLS curves 2002-03-14 13:18:57 +00:00
Bodo Möller
36c194638e add SECG OIDs
Submitted by: Nils Larsch
2002-03-06 13:47:32 +00:00
Bodo Möller
2d9b1b3ffa more X9.62 OIDs
Submitted by: Nils Larsch <nla@trustcenter.de>
2002-03-05 12:39:19 +00:00
Richard Levitte
ab1dee1efc Adjust the NID names for the AES modes OFB and CFB to contain the number
of feedback bits
2002-02-16 12:15:30 +00:00
Bodo Möller
4d7072f4b5 remove redundant ERR_load_... declarations 2001-12-17 19:22:23 +00:00
Richard Levitte
d4704d5245 UID was never a lable for uniqueIdentifier. However, LDAP and certain
RFCs concerning X.500 directories use UID as a shorter name for the
attribute type userId, which is defined by CCITT and available through
RFCs 1274 and 2247.

Unfortunately, if some applications have used the name "UID" for the
uniqueIdentifier attribute type, they will produce incorrect results.
However, I found it better to follow the standards that are out there
rather than having our own incompatible one.
2001-12-04 11:01:17 +00:00
Bodo Möller
c3fbf5d9a8 Fix: 2.5.29 is "id-ce", not "ld-ce" (sort of a typo in objects.h).
Fix (?): Delete 'ip-pda 6' (id-pda-pseudonym) because it does not exist
in RFC 3039.

Also change Perl scripts to put auto-generation warning in the
first lines of the file.
2001-12-03 13:47:22 +00:00
Richard Levitte
b476df64a1 make update
perl util/mkerr.pl -recurse -write -rebuild
2001-11-15 12:25:14 +00:00
Richard Levitte
513d4b4c16 make update 2001-10-24 08:27:22 +00:00
Richard Levitte
7ef701519b Correction of the id-pda OID's.
Submitted by Frederic.Giudicelli@INTRINsec.com
2001-10-23 14:30:57 +00:00
Richard Levitte
b8a61e7362 'make update' 2001-10-10 21:52:06 +00:00
Richard Levitte
dd5e774664 Add support for md4WithRSAEncryption. 2001-10-10 21:37:45 +00:00
Richard Levitte
b30245dae0 'make update' 2001-10-10 07:56:20 +00:00
Richard Levitte
4b12506891 A few more OIDs, contributed by Peter Sylvester <Peter.Sylvester@EdelWeb.fr> 2001-10-09 15:32:23 +00:00
Richard Levitte
f8000b9345 'make update' 2001-10-04 07:49:09 +00:00
Bodo Möller
4e1b0d8904 avoid "statement not reached" warning 2001-09-13 13:02:59 +00:00
Ben Laurie
d66ace9da5 Start to reduce some of the header bloat. 2001-08-05 18:02:16 +00:00
Richard Levitte
710e5d5639 make update 2001-07-31 17:07:24 +00:00
Ben Laurie
dbad169019 Really add the EVP and all of the DES changes. 2001-07-30 23:57:25 +00:00
Ben Laurie
c518ade1fd Clean up EVP macros, rename DES EDE3 modes correctly, temporary support for
OpenBSD /dev/crypto (this will be revamped later when the appropriate machinery
is available).
2001-07-21 10:24:07 +00:00
Dr. Stephen Henson
f2a253e0dd Add support for MS CSP Name PKCS#12 attribute. 2001-06-11 00:43:20 +00:00
Bodo Möller
14f7ee4916 Add various X9.62 OIDs. (GF(2^n) mostly left out.) 2001-03-11 21:54:51 +00:00
Bodo Möller
4e20b1a656 Instead of telling both 'make' and the user that ranlib
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
2001-03-09 14:01:42 +00:00
Bodo Möller
1d00800e88 Change obj_... generation so that it does not generate rubbish or
abort with errors if no name is defined for some object, which was the
case for 'pilotAttributeType 27'.

Also avoid this very situation by assigning the name
'pilotAttributeType27'.
2001-03-06 08:58:38 +00:00
Bodo Möller
38e3c5815c Add yet another (still empty) source code file that I forgot. 2001-03-05 20:31:49 +00:00
Richard Levitte
d88a26c489 make update
Note that all *_it variables are suddenly non-existant according to
libeay.num.  This is a bug that will be corrected.  Please be patient.
2001-02-26 10:54:08 +00:00
Richard Levitte
64b48877fa Add the CCITT pilot directory OIDs. 2001-02-26 10:27:41 +00:00
Richard Levitte
41d2a336ee e_os.h does not belong with the exported headers. Do not put it there
and make all files the depend on it include it without prefixing it
with openssl/.

This means that all Makefiles will have $(TOP) as one of the include
directories.
2001-02-22 14:45:02 +00:00
Richard Levitte
460fe31f0c With later version of DEC C on VMS, some functions (strcmp(), for
example) are declared with some extra linkage information.  This
generates a warning when using the function name as a value to a
regular function pointer with the "correct" definition of the
function.  Therefore, use a macro to cast the appropriate function on
VMS.
2001-02-20 19:13:46 +00:00
Geoff Thorpe
4dc719fc37 The callbacks in the NAME_FUNCS structure are not used directly as LHASH
callbacks, and their prototypes were consistent as they were. These casts
need reversing.

Also, I personally find line breaks during parameter lists (ie a line
ending in a comma) easier to read at a glance than line breaks at the end
of a function call and before a dereference on the return value (ie a line
ending in a closed-bracket followed by a line starting with "->").
2001-02-20 16:31:15 +00:00
Richard Levitte
b8feddae71 Get the right cast for lhash callback functions. 2001-02-20 14:00:29 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Dr. Stephen Henson
a6b7ffddac New options to 'ca' utility to support CRL entry extensions.
Add revelant new X509V3 extensions.

Add OIDs.

Fix ASN1 memory leak code to pop info if external allocation used.
2001-02-16 01:35:44 +00:00
Dr. Stephen Henson
deb2c1a1c5 Fix AES code.
Update Rijndael source to v3.0

Add AES OIDs.

Change most references of Rijndael to AES.

Add new draft AES ciphersuites.
2001-02-07 18:15:18 +00:00
Ben Laurie
259810e05b Rijdael CBC mode and partial undebugged SSL support. 2001-02-06 14:09:13 +00:00
Ben Laurie
4978361212 Make depend. 2001-02-04 21:06:55 +00:00
Geoff Thorpe
3c91484052 Move all the existing function pointer casts associated with LHASH's two
"doall" functions to using type-safe wrappers. As and where required, this
can be replaced by redeclaring the underlying callbacks to use the
underlying "void"-based prototypes (eg. if performance suffers from an
extra level of function invocation).
2001-01-09 00:24:38 +00:00
Geoff Thorpe
ad2e032049 Whilst in the process of fixing outstanding function-pointer casts in the
LHASH code, this evil was uncovered. The cast was obscuring the fact that
the function was prototyped to take 2 parameters when in fact it is being
used as a callback that should take only one. Anyway, the function itself
ignores the second parameter (thankfully). A proper cure is on the way but
for now this corrects the inconsistency.
2001-01-08 22:03:27 +00:00
Dr. Stephen Henson
3c07b4c2ee Various Win32 related fixes. Doesn't compile yet on
Win32 but it is getting there...

Update mkdef.pl to handle ASN1_ANY and fix headers.

Stop various VC++ warnings.

Include some fixes from "Peter 'Luna' Runestig"
<peter@runestig.com>

Remove external declaration for des_set_weak_key_flag:
it doesn't exist.
2000-12-21 01:38:55 +00:00
Dr. Stephen Henson
f1a6a0d4dd Add support for the noCheck OCSP extension. This is
just a NULL and appears in a certificate.
2000-12-16 01:58:58 +00:00
Richard Levitte
8d28d5f81b Constification of the data of a hash table. This means the callback
functions need to be constified, and therefore meant a number of easy
changes a little everywhere.

Now, if someone could explain to me why OBJ_dup() cheats...
2000-12-13 17:15:03 +00:00
Geoff Thorpe
d0fa136ce2 Next step in tidying up the LHASH code.
DECLARE/IMPLEMENT macros now exist to create type (and prototype) safe
wrapper functions that avoid the use of function pointer casting yet retain
type-safety for type-specific callbacks. However, most of the usage within
OpenSSL itself doesn't really require the extra function because the hash
and compare callbacks are internal functions declared only for use by the
hash table. So this change catches all those cases and reimplements the
functions using the base-level LHASH prototypes and does per-variable
casting inside those functions to convert to the appropriate item type.

The exception so far is in ssl_lib.c where the hash and compare callbacks
are not static - they're exposed in ssl.h so their prototypes should not be
changed. In this last case, the IMPLEMENT_LHASH_*** macros have been left
intact.
2000-12-08 20:02:01 +00:00
Geoff Thorpe
97b1719583 Make the remaining LHASH macro changes. This should leave no remaining
cases of function pointer casting in lh_new() calls - and leave only the
lh_doall and lh_doall_arg cases to be finished.
2000-12-04 03:02:44 +00:00
Geoff Thorpe
385d81380c First step in tidying up the LHASH code. The callback prototypes (and
casts) used in the lhash code are about as horrible and evil as they can
be. For starters, the callback prototypes contain empty parameter lists.
Yuck.

This first change defines clearer prototypes - including "typedef"'d
function pointer types to use as "hash" and "compare" callbacks, as well as
the callbacks passed to the lh_doall and lh_doall_arg iteration functions.
Now at least more explicit (and clear) casting is required in all of the
dependant code - and that should be included in this commit.

The next step will be to hunt down and obliterate some of the function
pointer casting being used when it's not necessary - a particularly evil
variant exists in the implementation of lh_doall.
2000-12-01 20:31:52 +00:00
Ben Laurie
646d56956b Better handling of EVP names, add EVP to speed. 2000-11-20 04:14:19 +00:00
Ulf Möller
864170286a Minor corrections (HPUX).
From: Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-11-03 16:35:31 +00:00
Richard Levitte
3ab5651112 The experimental Rijndael code moved to the main trunk.
make update done.
2000-10-14 20:09:54 +00:00
Richard Levitte
4e20a4e688 'ranlib' doesn't always run on some systems. That's actually
acceptable, since all that happens if it fails is a library with
an index, which makes linking slower, but still working correctly.
2000-09-25 08:53:15 +00:00
Richard Levitte
62ab514e98 'make update' 2000-09-07 08:46:51 +00:00
Bodo Möller
bbb8de0966 Avoid abort() throughout the library, except when preprocessor
symbols for debugging are defined.
2000-09-04 15:34:43 +00:00
Richard Levitte
622ec449e5 Added OIDs from RFC 2247, 1155, and a few from 1700 2000-08-19 08:47:59 +00:00
Richard Levitte
3009458e2f MD4 implemented. Assar Westerlund provided the digest code itself and the test utility, I added the bits to get a EVP interface, the command line utility and the speed test 2000-08-14 14:05:53 +00:00
Richard Levitte
15c2e1260b Duplicate names detected... 2000-08-10 01:48:49 +00:00
Dr. Stephen Henson
d4fbe3182d Fix for bad sorting of object names.
Add warning print out if duplicate names found:
should end up as a fatal error but a warning for
now until they problems are fixed...
2000-08-06 18:43:32 +00:00
Richard Levitte
f944e7845c "make update" 2000-07-24 10:02:47 +00:00
Richard Levitte
27d7260075 Corrected small bug that could add ',L' when it shouldn't 2000-07-08 07:56:12 +00:00
Richard Levitte
c2bbf9cf6c I got sick and tired of having to keep track of NIDs when such a thing
could be done automagically, much like the numbering in libeay.num and
ssleay.num.  The solution works as follows:

  - New object identifiers are inserted in objects.txt, following the
    syntax given in objects.README.
  - objects.pl is used to process obj_mac.num and create a new
    obj_mac.h.
  - obj_dat.pl is used to create a new obj_dat.h, using the data in
    obj_mac.h.

This is currently kind of a hack, and the perl code in objects.pl
isn't very elegant, but it works as I intended.  The simplest way to
check that it worked correctly is to look in obj_dat.h and check the
array nid_objs and make sure the objects haven't moved around (this is
important!).  Additions are OK, as well as consistent name changes.
2000-07-05 02:45:36 +00:00
Dr. Stephen Henson
130832150c Fixes for Win32 build.
This is mostly a work around for the old VC++ problem
that it treats func() as func(void).

Various prototypes had been added to 'compare' function
pointers that triggered this. This could be fixed by removing
the prototype, adding function pointer casts to every call or
changing the passed function to use the expected arguments.
I mostly did the latter.

The mkdef.pl script was modified to remove the typesafe
functions which no longer exist.

Oh and some functions called OPENSSL_freeLibrary() were
changed back to FreeLibrary(), wonder how that happened :-)
2000-06-21 02:25:30 +00:00
Dr. Stephen Henson
3aceb94b9e Safe stack reorganisation in terms of function casts.
After some messing around this seems to work but needs
a few more tests. Working out the syntax for sk_set_cmp_func()
(cast it to a function that itself returns a function pointer)
was painful :-(

Needs some testing to see what other compilers think of this
syntax.

Also needs similar stuff for ASN1_SET_OF etc etc.
2000-06-16 23:29:26 +00:00
Geoff Thorpe
1c4f90a05d Enable DSO support on alpha (OSF1), cc and gcc.
Also, "make update" has added some missing functions to libeay.num,
updated the TABLE for the alpha changes, and updated thousands of
dependancies that have changed from recent commits.
2000-06-13 12:59:38 +00:00
Ulf Möller
44317f04b1 protoypes 2000-06-12 19:45:38 +00:00
Richard Levitte
26a3a48d65 There have been a number of complaints from a number of sources that names
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.
2000-06-01 22:19:21 +00:00
Geoff Thorpe
7edd20916a "make update" + stripping the type-specific stack functions out of
libeay.num and ssleay.num.
2000-06-01 06:07:19 +00:00
Richard Levitte
82271cee5b In Message-ID: <003201bfb332$14a07520$0801a8c0@janm.transactionsite.com>,
"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order.  Thusly fixed.
2000-05-02 12:16:01 +00:00
Ulf Möller
cee814f9d5 make update 2000-03-12 12:49:45 +00:00
Dr. Stephen Henson
c61252001b Fix typo and make ca get the CA and request fields correct. 2000-03-08 12:44:10 +00:00
Bodo Möller
59fc2b0fc2 Preserve reason strings in automatically build tables. 2000-03-05 00:19:36 +00:00
Dr. Stephen Henson
645820f273 Make name_funcs_stack static. 2000-03-03 01:37:11 +00:00
Richard Levitte
f36e02b2ef Enhance consistency by using BIO_flush() instead of fflush(). 2000-02-25 20:40:12 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Ulf Möller
51ca375e7e Seek out and destroy another evil cast. 2000-01-30 23:33:40 +00:00
Ulf Möller
9d1a01be8f Source code cleanups: Use void * rather than char * in lhash,
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
2000-01-30 22:20:28 +00:00
Richard Levitte
1e264ff325 Reimplement so only one synchronous stack is used. The benefit is
that function pointers are nicely tucker in their structure.
2000-01-29 01:22:03 +00:00
Richard Levitte
a9188d4e17 Compaq C 6.2 for VMS will complain when we want to convert
non-function pointers to function pointers and vice versa.
The current solution is to have unions that describe the
conversion we want to do, and gives us the ability to extract
the type of data we want.

The current solution is a quick fix, and can probably be made
in a more general or elegant way.
2000-01-18 09:30:51 +00:00
Dr. Stephen Henson
f45f40ffff Add OIDs for idea and blowfish. Unfortunately these are in
the middle of the OID table so the diff is rather large :-(
1999-12-29 02:59:18 +00:00
Dr. Stephen Henson
525f51f6c9 Add PKCS#8 utility functions and add PBE options. 1999-12-23 02:02:42 +00:00
Andy Polyakov
9a1e34e5de MacOS updates. 1999-12-19 16:07:19 +00:00
Dr. Stephen Henson
b216664f66 Various S/MIME fixes. 1999-12-11 20:04:06 +00:00
Dr. Stephen Henson
d4cec6a13d New options to the -verify program which can be used for chain verification.
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.

Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
1999-11-26 00:27:07 +00:00
Dr. Stephen Henson
6d3724d3b0 Support for authority information access extension.
Fix so EVP_PKEY_rset_*() check return codes.
1999-11-23 18:50:28 +00:00
Dr. Stephen Henson
f769ce3ea4 More multibyte character support.
Functions to get keys from EVP_PKEY structures.
1999-10-25 02:00:09 +00:00
Ulf Möller
49e747e670 Generate obj_dat.h in "make update". 1999-09-29 21:03:02 +00:00
Bodo Möller
5671876d1d "make update" 1999-09-10 15:34:55 +00:00
Ulf Möller
43ca6c02dc make update. 1999-08-24 17:45:16 +00:00
Dr. Stephen Henson
fd52057729 Add functions to allow extensions to be added to certificate requests.
Modify obj_dat.pl to take its files from the command line. Usage is now
perl obj_dat.pl objects.h obj_dat.h
this should avoid redirection shell escape problems under Win32.
1999-08-11 13:08:58 +00:00
Dr. Stephen Henson
87c49f622e Support for parsing of certificate extensions in PKCS#10 requests: these are
used by things like Xenroll. Also include documentation for extendedKeyUsage
extension.
1999-08-09 22:38:05 +00:00
Bodo Möller
4c8319c0f5 Revert erroneous change. 1999-08-03 06:05:54 +00:00
Bodo Möller
50ccbc13f6 automatically use no-mdc2 if no-des is requested. 1999-08-02 22:13:46 +00:00
Ulf Möller
7463ca9acc obj_dat.h is autogenerated (it was in the CVS because old versions of
Configure didn't generate the file in Windows builds).
1999-07-29 14:10:20 +00:00
Dr. Stephen Henson
3e3d2ea2fc New function OBJ_obj2txt() 1999-07-27 22:22:58 +00:00
Dr. Stephen Henson
8e21c14607 More PKCS#5 v2.0 development. Add a function to setup a PKCS#5 v2.0
AlgorithmIdentifier and make various ASN1 fixes.
1999-06-06 23:34:44 +00:00
Dr. Stephen Henson
b0c6fb8064 The rest of the PKCS#5, PKCS#8 patch I forgot before :-) 1999-06-04 23:33:48 +00:00
Ulf Möller
a53955d8ab Support the EBCDIC character set and BS2000/OSD-POSIX (work in progress).
Submitted by: Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>
1999-06-04 21:35:58 +00:00
Bodo Möller
7e70181723 It was a very bad idea to use #include "../e_os.h" -- when this occurs
in cryptlib.h (which is often included as "../cryptlib.h"), then the
question remains relative to which directory this is to be interpreted.
gcc went one further directory up, as intended; but makedepend thinks
differently, and so probably do some C compilers.  So the ../ must go away;
thus e_os.h goes back into include/openssl (but I now use
#include "openssl/e_os.h" instead of <openssl/e_os.h> to make the point) --
and we have another huge bunch of dependency changes.  Argh.
1999-05-21 11:16:48 +00:00
Bodo Möller
d6847aed10 Add a kludge :-(
There were problems with putting e_os.h just into the top directory,
because the test programs are compiled within test/ in the "standard"
case in in their original directories in the makefile.one case;
and in the latter symlinks may not be available.
1999-05-20 22:18:49 +00:00
Bodo Möller
17e3dd1c62 Don't install e_os.h in include/openssl, use it only as a local
include file.
1999-05-20 21:59:20 +00:00
Dr. Stephen Henson
e84240d422 New functions sk_set, sk_value and sk_num to replace existing macros: this is
to minimise the effects on existing code.
1999-05-19 12:45:16 +00:00
Bodo Möller
127640b449 Update dependencies. 1999-05-15 13:38:48 +00:00
Dr. Stephen Henson
10243d97fd Various PKCS#7 related fixes,tidies and comments. 1999-05-11 00:52:46 +00:00
Bodo Möller
84a370a400 The various character predicates (isspace and the like) may not be
used with negative char values, so I've added casts to unsigned char.
Maybe what really should be done is change all those arrays and
pointers to type unsigned char [] or unsigned char *, respectively;
but using plain char with those predicates is just wrong, so something
had to be done.
Submitted by:
Reviewed by:
PR:
1999-05-10 11:18:26 +00:00
Dr. Stephen Henson
884e8ec615 Various PKCS#7 fixes to properly (maybe!) handle PKCS#7 enveloped data.
Containts elements of code by Sebastian Akerman <sak@parallelconsulting.com>
and made a bit less "naughty" by Steve.
1999-05-10 00:47:42 +00:00
Ben Laurie
5b1b044606 Update dependencies. 1999-05-01 22:36:10 +00:00
Bodo Möller
e5f3045fbf Support INSTALL_PREFIX for packagers.
Submitted by:
Reviewed by:
PR:
1999-04-29 21:52:08 +00:00
Ulf Möller
d575d2924c Ignore Makefile.save
Submitted by: Anonymous
1999-04-29 16:04:54 +00:00
Bodo Möller
1314c344ac Obey $(PERL) when running util/mklink.pl.
Submitted by:
Reviewed by:
PR:
1999-04-29 12:46:59 +00:00
Bodo Möller
6e6acfd4b9 Use util/mklink.pl instead of util/mklink.sh.
Submitted by:
Reviewed by:
PR:
1999-04-28 22:33:54 +00:00
Ulf Möller
f5d7a031a3 New Configure option no-<cipher> (rsa, idea, rc5, ...). 1999-04-27 01:14:46 +00:00
Ulf Möller
a9be3af5ad Remove NOPROTO definitions and error code comments. 1999-04-26 16:43:10 +00:00
Dr. Stephen Henson
7393480047 Change the command line options of mkerr.pl so -static is now default and
a -write option is needed to actually change anything. Second attempt at
getting rid of ERR, ERRC definitions: it might even work this time :-)
1999-04-24 17:28:43 +00:00
Bodo Möller
c76b0f751f Restore ERRC definitions that are needed to compile the library.
Submitted by:
Reviewed by:
PR:

Submitted by:
Reviewed by:
PR:
1999-04-24 15:57:02 +00:00
Dr. Stephen Henson
6e781e8e07 Delete the unnecessary ERR and ERRC lines in makefiles, add some functionality
to error code script: it can now find untranslatable function codes (usually
because the function is static and not defined in a header: occasionally because
of a typo...) and unreferenced function and reason codes. To see this try:
perl util/mkerr.pl -recurse -debug
Also fixed some typos in crypto/pkcs12 that this found :-)
Also tidy up some error calls that had to be all on one line: the old error
script couldn't find codes unless the call was all on one line.
1999-04-24 13:28:57 +00:00
Dr. Stephen Henson
6d31193858 Complete rewrite of the error code generation script. It now runs as a single
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
1999-04-24 00:15:18 +00:00
Bodo Möller
bf57da0717 "make depend"
Submitted by:
Reviewed by:
PR:
1999-04-23 22:50:50 +00:00
Bodo Möller
ec577822f9 Change #include filenames from <foo.h> to <openssl.h>.
Submitted by:
Reviewed by:
PR:
1999-04-23 22:13:45 +00:00
Ben Laurie
61f5b6f338 Work with -pedantic! 1999-04-23 15:01:15 +00:00
Ulf Möller
8e10f2b3ac Move all autogenerated header file parts to crypto/opensslconf.h. 1999-04-21 17:31:05 +00:00
Ulf Möller
6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Dr. Stephen Henson
c83e523d7f Allow asn1parse to print out VISIBLESTRING and some code needed for certificate
policies extension.
1999-04-17 23:55:39 +00:00
Ben Laurie
e778802f53 Massive constification. 1999-04-17 21:25:43 +00:00
Ben Laurie
5a88a6eabf Rid the world of more evil casts. 1999-04-10 10:36:19 +00:00
Dr. Stephen Henson
d2e26dccd1 Add PKCS#5 v2.0 ASN1 structures. 1999-04-08 23:55:42 +00:00
Ulf Möller
99aab1619f New Makefile variables $(RANLIB) and $(PERL). 1999-04-01 12:34:33 +00:00
Dr. Stephen Henson
4b518c2601 This is the beginning of PKCS#12 integration. This just adds the PKCS#12
objects to objects.h

NOTE: during this integration it will not be possible to compile my PKCS#12
program against OpenSSL because there will be conflicts between the external
functionality and that being added to the core code.
1999-03-28 01:00:56 +00:00
Dr. Stephen Henson
785cdf2048 Add initial support for Thawte strong extranet certificate extensions and
include an 'indent' option to V3 stuff.
1999-03-27 14:06:25 +00:00
Ben Laurie
b4cadc6e13 Fix security hole. 1999-03-22 12:22:14 +00:00
Ben Laurie
6242bb9c63 Put the dependencies back. 1999-03-06 14:32:48 +00:00
Ralf S. Engelschall
bb8f3c5879 General source tree makefile cleanups: Made `making xxx in yyy...' display
consistent in the source tree and replaced `/bin/rm' by `rm'.  Additonally
cleaned up the `make links' target: Remove unnecessary semicolons, subsequent
redundant removes, inline point.sh into mklink.sh to speed processing and no
longer clutter the display with confusing stuff. Instead only the actually
done links are displayed.
1999-03-06 12:32:06 +00:00
Dr. Stephen Henson
0ca5f8b15c Overhaul 'crl' application, add a proper X509_CRL_print function and start
to support CRL extensions.
1999-02-19 01:29:29 +00:00
Dr. Stephen Henson
388ff0b076 Add support for raw extensions. This means that you can include the DER encoding
of an arbitrary extension: e.g. 1.3.4.5=critical,RAW:12:34:56 Using this
technique currently unsupported extensions can be generated if you know their
DER encoding. Even if the extension is supported in future the raw extension
will still work: that is the raw version can always be used even if it is a
supported extension.
1999-02-14 16:48:22 +00:00
Ben Laurie
4e31df2cd7 Fix ghastly DES declarations, and all consequential warnings. 1999-02-13 18:52:38 +00:00
Dr. Stephen Henson
e4119b9311 Fix typo in asn1.h (PRINTABLESTRING_STRING) and fix a bug in object creation
perl script. It failed if the OID had any zeros in it.
1999-02-13 17:15:32 +00:00
Dr. Stephen Henson
a27598bf7e Add a few extended key usage OIDs. 1999-01-26 23:13:14 +00:00
Dr. Stephen Henson
834eeef995 Continuing adding X509 V3 support. This starts to integrate the code with
the main library, but only with printing at present. To see this try:
openssl x509 -in cert.pem -text
on a certificate with some extensions in it.
1999-01-24 17:50:32 +00:00
Ben Laurie
6f93539970 This time, get it right. 1999-01-19 23:25:22 +00:00
Ben Laurie
8039257dbc Finally lay dependencies to rest (I hope!). 1999-01-19 21:36:31 +00:00
Dr. Stephen Henson
6c8abdd744 New err_code.pl script to retain old error codes. This should allow the use
of 'make errors' without causing huge re-organisations of files when a new
code is added.
1999-01-18 22:18:38 +00:00
Ben Laurie
f9e6fac357 Oops. Missing NULL frees. 1999-01-17 14:19:31 +00:00
Dr. Stephen Henson
2d723902a0 Fix OBJ_txt2nid(): old function was broken when input used the "dot" form, e.g.
1.2.3.4 . Also added new function OBJ_txt2obj().
1999-01-12 18:40:33 +00:00
Ralf S. Engelschall
06d5b16225 First cut of a cleanup for apps/. First the `ssleay' program is now named
`openssl' and second, the shortcut symlinks for the `openssl <command>' are no
longer created. This way we have a single and consistent command line
interface `openssl <command>', similar to `cvs <command>'.

Notice, the openssl.cnf, openssl.c and progs.pl files were changed after a
repository copy, i.e. they still contain the complete file history.
1999-01-02 12:59:33 +00:00
Dr. Stephen Henson
ebc828cad9 Add extended key usage OID and update STATUS file. 1999-01-01 18:43:44 +00:00
Ralf S. Engelschall
651d0aff98 Various cleanups and fixed by Marc and Ralf to start the OpenTLS project 1998-12-22 15:04:48 +00:00
Ralf S. Engelschall
dfeab0689f Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00