| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
| |
Add new extension functions which work with NCONF.
Tidy up extension config routines and remove redundant code.
Fix NCONF_get_number().
Todo: more testing of apps to see they still work...
|
| |
|
|
|
|
| |
everywhere.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
string (some engines may have certificates protected by a PIN!) and
a description to put into error messages.
Also, have our own password callback that we can send both a password
and some prompt info to. The default password callback in EVP assumes
that the passed parameter is a password, which isn't always the right
thing, and the ENGINE code (at least the nCipher one) makes other
assumptions...
Also, in spite of having the functions to load keys, some utilities
did the loading all by themselves... That's changed too.
|
|
|
|
|
|
|
| |
functions to return constant EVP_MD and EVP_CIPHER
pointers.
Update docs.
|
|
|
|
|
|
|
|
|
|
| |
sets the subject name for a new request or supersedes the
subject name in a given request.
Add options '-batch' and '-verbose' to 'openssl req'.
Submitted by: Massimiliano Pala <madwolf@hackmasters.net>
Reviewed by: Bodo Moeller
|
|
|
|
|
|
|
| |
missed any.
This compiles and runs on Linux, and external applications have no
problems with it. The definite test will be to build this on VMS.
|
|
|
|
|
|
|
|
|
|
|
|
| |
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
|
|
|
|
|
|
|
|
| |
Remove the old broken bio read of serial numbers in the 'ca' index
file. This would choke if a revoked certificate was specified with
a negative serial number.
Fix typo in uid.c
|
| |
|
|
|
|
| |
(e.g., use a default), we have to call ERR_clear_error().
|
|
|
|
|
| |
given. That also allows the arguments to come in any order (-new
last, for example).
|
|
|
|
|
|
| |
to main trunk.
Lets see if the makes it to openssl-cvs :-)
|
| |
|
|
|
|
| |
At the same time, add VMS support for Rijndael.
|
|
|
|
|
|
| |
Add support for X509_NAME_print_ex() in req.
Initial code for cutomizable X509 print routines.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
record-oriented fashion. That means that every write() will write a
separate record, which will be read separately by the programs trying
to read from it. This can be very confusing.
The solution is to put a BIO filter in the way that will buffer text
until a linefeed is reached, and then write everything a line at a
time, so every record written will be an actual line, not chunks of
lines and not (usually doesn't happen, but I've seen it once) several
lines in one record. Voila, BIO_f_linebuffer() is born.
Since we're so close to release time, I'm making this VMS-only for
now, just to make sure no code is needlessly broken by this. After
the release, this BIO method will be enabled on all other platforms as
well.
|
|
|
|
| |
the OpenSSL commands x50 and req work better on a EBCDIC system.
|
|
|
|
|
|
| |
an already existing DSA key.
Document the new smime options.
|
|
|
|
| |
The message to everyone is "Do not hack OpenSSL when stressed"...
|
|
|
|
| |
EGD should be used as seeding input, and where the named socket is.
|
|
|
|
|
| |
applications. Also, have it and the certificate and key loading
functions take a BIO argument for error output.
|
|
|
|
|
| |
addition to the file given through the RANDFILE option or environment
variable.
|
| |
|
|
|
|
|
| |
parameter takes precedence over the RANDFILE option in the
configuration file.
|
|
|
|
|
|
|
|
|
| |
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages. That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.
This change includes all the name changes needed throughout all C files.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
-Wcast-align
-Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''.
|
| |
|
|
|
|
|
|
| |
code.
Remove references to 'TXT' in -inform and -outform switches.
|
| |
|
|
|
|
| |
but crypto/asn1/a_strnid.c had "nombchar".
|
| |
|
|
|
|
|
|
|
| |
that can automatically determine the type of a DER encoded
"traditional" format private key and change some of the
d2i functions to use it instead of requiring the application
to work out the key type.
|
|
|
|
| |
more utilities.
|
| |
|
|
|
|
| |
either and has a static and dynamic mix.
|
| |
|
|
|
|
|
| |
Fix to stop null being added to attributes.
Modify X509_LOOKUP, X509_INFO to handle auxiliary info.
|
|
|
|
|
|
|
|
|
| |
plain not working :-(
Also fix some memory leaks in the new X509_NAME code.
Fix so new app_rand code doesn't crash 'x509' and move #include so it compiles
under Win32.
|
|
|
|
|
|
|
| |
Add a bunch of functions to simplify the creation of X509_NAME structures.
Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.
|
|
|
|
|
| |
some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.
|
| |
|
|
|
|
| |
on the command line for various utilities.
|
|
|
|
| |
config file (change RAW to DER).
|
|
|
|
|
| |
and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>
|