| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
|
| | |
|
| | |
|
| |
|
|
|
|
| |
PR: 1312
Submitted by: Oliver Tappe <zooey@hirschkaefer.de>
Reviewed by: Ulf Moeller
|
| |
|
|
|
|
|
| |
soon-to-be-widely-deployed implementation that doesn't support the
previous default)
Submitted by: Douglas Stebila
|
| | |
|
| | |
|
| |
|
|
|
|
| |
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
|
| |
|
|
| |
Submitted by: Peter Sylvester
|
| |
|
|
| |
Submitted by: Peter Sylvester
|
| |
|
|
| |
Submitted by: Peter Sylvester
|
| |
|
|
|
|
| |
- fix indentation
- rename some functions and macros
- fix up confusion between SSL_ERROR_... and SSL_AD_... values
|
| | |
|
| |
|
|
| |
Submitted by: Peter Sylvester
|
| | |
|
| |
|
|
| |
maximum send fragment size. Allocate I/O buffers accordingly.
|
| | |
|
| |
|
|
|
| |
pointer and make the SSL_METHOD parameter in SSL_CTX_new,
SSL_CTX_set_ssl_version and SSL_set_ssl_method const.
|
| |
|
|
|
|
|
|
| |
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
make depend all test
work again
PR: 1159
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
- hide the EC_KEY structure definition in ec_lcl.c + add
some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
|
| |
|
|
| |
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Add command line options -certform, -keyform and -pass to s_client and
s_server. This supports the use of alternative passphrase sources, key formats
and keys handled by an ENGINE.
Update docs.
|
| |
|
|
|
|
|
| |
converted to upper case or something like that), the application-
level bio_dump_cb() has a name clash with the new library function
BIO_dump_cb(). The easiest fix is to rename the function at the
application level.
|
| |
|
|
|
|
|
|
|
| |
proposed the change and submitted the patch, I jiggled it slightly and
adjusted the other parts of openssl that were affected.
PR: 867
Submitted by: Jelte Jansen
Reviewed by: Geoff Thorpe
|
| |
|
|
|
|
| |
PR: 780
Submitted by: Verdon Walker <VWalker@novell.com>
Reviewed by: Richard Levitte
|
| |
|
|
| |
and links with OPENSSL_NO_DEPRECATED defined.
|
| |
|
|
| |
PR: 669
|
| |
|
|
|
| |
In s_server, print the received Kerberos information.
PR: 693
|
| | |
|
| |
|
|
| |
PR: 287
|
| |
|
|
|
|
|
|
|
|
|
|
| |
being built with it defined - it is not a symbol to affect how openssl
itself builds, but to alter the way openssl headers can be used from an API
point of view. The "deprecated" function wrappers will always remain inside
OpenSSL at least as long as they're still being used internally. :-)
The exception is dsaparam which has been updated to the BN_GENCB-based
functions to test the new functionality. If GENCB_TEST is defined, dsaparam
will support a "-timebomb <n>" switch to cancel parameter-generation if it
gets as far as 'n' seconds without completion.
|
| |
|
|
|
|
| |
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)
|
| |
|
|
| |
I've covered all the memset()s I felt safe modifying, but may have missed some.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PR: 338
Here's the description, submitted by Gisle Vanem <giva@bgnett.no>:
1. sock_init() renamed to ssl_sock_init() in ./apps/s_socket.c due
to name-clash with Watt-32.
2. rand() renamed to Rand() in ./crypto/bn/divtest.c due to name-clash
with <stdlib.h>
3. Added calls to dbug_init()/sock_init() in some demo programs.
4. Changed cflags/lflags in configure. Watt-32 install root now taken
from $WATT_ROOT.
|
| | |
|
| |
|
|
| |
Submitted by: Lorinczy Zsigmond <lzsiga@mail.ahiv.hu>
|
| |
|
|
|
|
|
| |
EC_GROUP_new_by_nid() should be enough. This avoids a lot of
redundancy.
Submitted by: Nils Larsch
|
| |
|
|
|
| |
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
(Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)
|
| |
|
|
|
|
| |
is only used for seeding and doing it in the wrong order will mean seeding
is done before the engine randomness is hooked in.
Notified by Frederic DONNAT <frederic.donnat@zencod.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CONF_modules_unload() now calls CONF_modules_finish()
automatically.
Default use of section openssl_conf moved to
CONF_modules_load()
Load config file in several openssl utilities.
Most utilities now load modules from the config file,
though in a few (such as version) this isn't done
because it couldn't be used for anything.
In the case of ca and req the config file used is
the same as the utility itself: that is the -config
command line option can be used to specify an
alternative file.
|
| |
|
|
| |
Submitted by: Nils Larsch <nla@trustcenter.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New macros SSL[_CTX]_set_msg_callback_arg().
Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).
New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.
In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).
Add/update some OpenSSL copyright notices.
|
| | |
|
