Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Don't free a NULL. Coverity ID 112. | Ben Laurie | 2007-04-04 | 1 | -2/+2 |
| | |||||
* | Die if serial number is invalid. | Ben Laurie | 2007-04-04 | 1 | -0/+1 |
| | |||||
* | Apply a more modern way to get the definition of select(), except for VMS. | Richard Levitte | 2007-03-29 | 1 | -1/+6 |
| | | | | Submitted by Corinna Vinschen <vinschen@redhat.com> | ||||
* | Needed definition of _XOPEN_SOURCE_EXTENDED so DEC C on VMS will see | Richard Levitte | 2006-12-25 | 1 | -0/+4 |
| | | | | the declarations of fd_set, select() and so on. | ||||
* | properly initialize SSL context, check return value | Nils Larsch | 2006-12-13 | 1 | -0/+6 |
| | |||||
* | According to documentation, including time.h declares select() on | Richard Levitte | 2006-08-20 | 1 | -0/+1 |
| | | | | | | OpenVMS, and possibly more. Ref: http://h71000.www7.hp.com/doc/82final/6529/6529pro_019.html#r_select | ||||
* | WIN32 fixes signed/unsigned issues and slightly socket semantics. | Dr. Stephen Henson | 2006-07-17 | 1 | -4/+17 |
| | |||||
* | Add -timeout option to ocsp utility. | Dr. Stephen Henson | 2006-07-17 | 1 | -6/+94 |
| | |||||
* | Remove some unnecessary recursive includes from the internal apps.h header, | Geoff Thorpe | 2004-05-17 | 1 | -0/+1 |
| | | | | and include bn.h in those C files that need bignum functionality. | ||||
* | New -ignore_err option in ocsp application to stop the server | Dr. Stephen Henson | 2003-09-03 | 1 | -0/+5 |
| | | | | exiting on the first error in a request. | ||||
* | Correct a lot of printing calls. Remove extra arguments... | Richard Levitte | 2003-04-03 | 1 | -2/+2 |
| | |||||
* | Make it possible to have multiple active certificates with the same | Richard Levitte | 2003-04-03 | 1 | -36/+10 |
| | | | | subject. | ||||
* | Update ocsp usage message and docs. | Dr. Stephen Henson | 2003-03-26 | 1 | -3/+3 |
| | |||||
* | Pay attention to disabled SSL versions. | Richard Levitte | 2003-02-14 | 1 | -0/+9 |
| | | | | PR: 500 | ||||
* | Make it possible to disable OCSP, the speed application, and the use of sockets. | Richard Levitte | 2003-02-14 | 1 | -0/+11 |
| | | | | PR: 358 | ||||
* | EXIT() may mean return(). That's confusing, so let's have it really mean | Richard Levitte | 2002-12-03 | 1 | -1/+1 |
| | | | | | | exit() in whatever way works for the intended platform, and define OPENSSL_EXIT() to have the old meaning (the name is of course because it's only used in the openssl program) | ||||
* | Security fixes brought forward from 0.9.7. | Ben Laurie | 2002-11-13 | 1 | -1/+1 |
| | |||||
* | BN_bn2hex() returns "0" instead of "00" for zero. This disrputs the | Richard Levitte | 2002-10-11 | 1 | -1/+4 |
| | | | | | requirement that the serial number always be an even amount of characters. PR: 248 | ||||
* | Make it possible to load keys from stdin, and restore that | Richard Levitte | 2002-08-01 | 1 | -2/+2 |
| | | | | | functionality in the programs that had that before. Part fo PR 164 | ||||
* | Cut'n'paste error with other reposnder certificates cleared. | Richard Levitte | 2002-08-01 | 1 | -2/+2 |
| | | | | PR: 190 | ||||
* | Reorder inclusion of header files: | Lutz Jänicke | 2002-07-10 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | des_old.h redefines crypt: #define crypt(b,s)\ DES_crypt((b),(s)) This scheme leads to failure, if header files with the OS's true definition of crypt() are processed _after_ des_old.h was processed. This is e.g. the case on HP-UX with unistd.h. As evp.h now again includes des.h (which includes des_old.h), this problem only came up after this modification. Solution: move header files (indirectly) including e_os.h before the header files (indirectly) including evp.h. Submitted by: Reviewed by: PR: | ||||
* | Fix ext_dat.h extension ordering. | Dr. Stephen Henson | 2002-06-13 | 1 | -2/+16 |
| | | | | | | | | | Reinstate -reqout code. Avoid coredump in ocsp if setup_verify fails. Fix typo in ocsp usage message. | ||||
* | Config code updates. | Dr. Stephen Henson | 2002-02-22 | 1 | -0/+3 |
| | | | | | | | | | | | | | | | | | | | CONF_modules_unload() now calls CONF_modules_finish() automatically. Default use of section openssl_conf moved to CONF_modules_load() Load config file in several openssl utilities. Most utilities now load modules from the config file, though in a few (such as version) this isn't done because it couldn't be used for anything. In the case of ca and req the config file used is the same as the utility itself: that is the -config command line option can be used to specify an alternative file. | ||||
* | Load OCSP responder key before waiting for an incoming | Dr. Stephen Henson | 2001-08-23 | 1 | -25/+27 |
| | | | | | | | connection so it can prompt for pass phrase on startup instead of after the first connection. Add -port switch to usage message. | ||||
* | Allow OCSP server to handle multiple requests. | Dr. Stephen Henson | 2001-07-13 | 1 | -36/+93 |
| | | | | Document new OCSP options. | ||||
* | Initial OCSP server support, using index.txt format. | Dr. Stephen Henson | 2001-07-12 | 1 | -20/+404 |
| | | | | | | | This can process internal requests or behave like a mini responder. Todo: documentation, update usage info. | ||||
* | Extend all the loading functions to take an engine pointer, a pass | Richard Levitte | 2001-05-30 | 1 | -6/+15 |
| | | | | | | | | | | | | | | string (some engines may have certificates protected by a PIN!) and a description to put into error messages. Also, have our own password callback that we can send both a password and some prompt info to. The default password callback in EVP assumes that the passed parameter is a password, which isn't always the right thing, and the ENGINE code (at least the nCipher one) makes other assumptions... Also, in spite of having the functions to load keys, some utilities did the loading all by themselves... That's changed too. | ||||
* | New function and options to check OCSP response validity. | Dr. Stephen Henson | 2001-02-24 | 1 | -3/+52 |
| | |||||
* | Fix typo. | Dr. Stephen Henson | 2001-02-20 | 1 | -1/+1 |
| | |||||
* | Initial OCSP SSL support. | Dr. Stephen Henson | 2001-02-14 | 1 | -3/+14 |
| | |||||
* | New function OCSP_parse_url() and -url option for ocsp utility. | Dr. Stephen Henson | 2001-02-13 | 1 | -2/+24 |
| | | | | Doesn't handle SSL URLs yet. | ||||
* | Modify OCSP nonce behaviour. | Dr. Stephen Henson | 2001-02-12 | 1 | -3/+8 |
| | |||||
* | Add missing \n's to ocsp usage message. | Dr. Stephen Henson | 2001-02-09 | 1 | -9/+9 |
| | |||||
* | Allow various options to be included for signing and verify of | Dr. Stephen Henson | 2001-02-08 | 1 | -29/+83 |
| | | | | | | | | | OCSP responses. Documentation to follow... Urgh.. this conflicted with the -VAfile patch I hope I haven't broken it. | ||||
* | Add the -VAfile option to 'openssl ocsp'. This option will give the | Richard Levitte | 2001-02-08 | 1 | -1/+17 |
| | | | | | | | client code certificates to use to only check response signatures. I'm not entirely sure if the way I just implemented the verification is the right way to do it, and would be happy if someone would like to review this. | ||||
* | Various function for commmon operations. | Dr. Stephen Henson | 2001-02-02 | 1 | -1/+1 |
| | |||||
* | Fixes to various ASN1_INTEGER routines for negative case. | Dr. Stephen Henson | 2001-01-19 | 1 | -1/+1 |
| | | | | Enhance s2i_ASN1_INTEGER(). | ||||
* | Additional functionality in ocsp utility: print summary | Dr. Stephen Henson | 2001-01-19 | 1 | -16/+121 |
| | | | | | | | of status info. Check nonce values. Option to disable verify. Update usage message. Rename status to string functions and make them global. | ||||
* | Implement remaining OCSP verify checks in | Dr. Stephen Henson | 2001-01-18 | 1 | -0/+2 |
| | | | | accordance with RFC2560. | ||||
* | Initial OCSP certificate verify. Not complete, | Dr. Stephen Henson | 2001-01-17 | 1 | -0/+37 |
| | | | | it just supports a "trusted OCSP global root CA". | ||||
* | Preliminary ocsp utility documentation. | Dr. Stephen Henson | 2001-01-14 | 1 | -0/+3 |
| | | | | Fix ocsp usage message. | ||||
* | New OCSP utility. This can generate, parse and print | Dr. Stephen Henson | 2001-01-13 | 1 | -0/+452 |
OCSP requests. It can also query reponders and parse or print out responses. Still needs some more work: OCSP response checks and of course documentation. |