Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | ECDSA support | Bodo Möller | 2002-02-13 | 9 | -650/+1843 |
| | | | | Submitted by: Nils Larsch <nla@trustcenter.de> | ||||
* | 'make update' | Richard Levitte | 2002-02-05 | 1 | -1/+4 |
| | |||||
* | HP-UX 32bit: | Lutz Jänicke | 2002-01-29 | 1 | -1/+7 |
| | | | | | | | | | | | | | | | | | | | | * When linking against shared libraries, the absolute path is remembered. - When linking against -L.., '..' is remembered inside the executable, so it will fail after "make install" or when not called from inside the "apps/" subdirectory of the build tree. - When using the "+cdp" option of "ld", the ".." information can be exchanged against $(INSTALL_TOP)/lib. In this case the executable will however refuse to work before "make install" has been called. This makes testing the 'openssl' executable a problem. * Solution 1: Relink the "openssl" executable, when "make install" is called. This would however require significant changes to the toplevel Makefile and the apps/ Makefile. * Solution 2: Statically link against libssl and libcrypto, so that the "openssl" executable is no longer dependant on the openssl shared libraries. Select option 2 for HP-UX 32bit, as this requires the smallest change. | ||||
* | Apply patch from Toomas Kiisk <vix@cyber.ee> and complete it. | Richard Levitte | 2002-01-29 | 1 | -1/+1 |
| | |||||
* | Apply the following changes by Toomas Kiisk <vix@cyber.ee>: | Richard Levitte | 2002-01-25 | 3 | -58/+80 |
| | | | | | | | | * make openssl rsa work with -engine chil * misc changes, including debug-linux-ppro Configure target and FORMAT_NETSCAPE-aware load_{,pub}key() This completes the application of his changes. | ||||
* | I must learn to compile before I commit... | Richard Levitte | 2002-01-25 | 1 | -1/+1 |
| | |||||
* | Add -keyform. Document -engine. | Richard Levitte | 2002-01-25 | 1 | -0/+6 |
| | |||||
* | Prototype info function. | Ben Laurie | 2002-01-12 | 2 | -2/+2 |
| | |||||
* | make update | Richard Levitte | 2002-01-02 | 1 | -21/+22 |
| | |||||
* | Implement speed measurement for AES. | Richard Levitte | 2002-01-02 | 1 | -13/+117 |
| | | | | | Submitted by Stephen Sprunk <stephen@sprunk.org> as part of his AES integration patch. | ||||
* | RSA counter should only be defined of RSA is available. | Richard Levitte | 2002-01-02 | 1 | -1/+2 |
| | |||||
* | Change pkcs12 so the certificates coming from -in do not get tossed if | Richard Levitte | 2001-12-12 | 1 | -2/+8 |
| | | | | -certfile is given as well. | ||||
* | Improve back compatibility. | Ben Laurie | 2001-12-09 | 1 | -3/+3 |
| | |||||
* | fix warnings (one of them was clearly justified) | Bodo Möller | 2001-12-07 | 1 | -3/+3 |
| | |||||
* | Add -pubkey option to req command. | Dr. Stephen Henson | 2001-12-01 | 1 | -10/+33 |
| | |||||
* | check OPENSSL_NO_... before including header files that might be | Bodo Möller | 2001-11-22 | 1 | -5/+15 |
| | | | | disabled | ||||
* | In this particular error condition, the structural reference wasn't being | Geoff Thorpe | 2001-11-22 | 1 | -0/+1 |
| | | | | released. | ||||
* | Make it possible to give digest names as -evp arguments. | Richard Levitte | 2001-11-15 | 1 | -27/+49 |
| | |||||
* | If an engine isn't built in, try loading it as a shareable library | Richard Levitte | 2001-11-15 | 1 | -2/+21 |
| | | | | | instead. This also makes it possible for users to simply give said shareable library as argument for the -engine option. | ||||
* | make update | Richard Levitte | 2001-11-15 | 1 | -26/+25 |
| | | | | perl util/mkerr.pl -recurse -write -rebuild | ||||
* | Change the order of events so the capabilities of loaded engines can | Richard Levitte | 2001-11-14 | 1 | -6/+8 |
| | | | | get listed as well. | ||||
* | Implement STARTTLS for certain protocols, currently only supporting SMTP. | Richard Levitte | 2001-11-14 | 1 | -2/+33 |
| | |||||
* | more output for SSL 2.0 in our msg_callback | Bodo Möller | 2001-11-10 | 1 | -0/+61 |
| | |||||
* | Win32 fixes. | Dr. Stephen Henson | 2001-11-06 | 1 | -8/+11 |
| | |||||
* | Fix email address delete code. | Dr. Stephen Henson | 2001-11-06 | 1 | -1/+1 |
| | |||||
* | DOS and Windows do not like unistd.h | Richard Levitte | 2001-11-05 | 2 | -0/+4 |
| | |||||
* | If verify fails, say why. | Ben Laurie | 2001-11-02 | 1 | -0/+1 |
| | |||||
* | Change the shared library support so the shared libraries get built | Richard Levitte | 2001-10-30 | 1 | -1/+4 |
| | | | | | | | | sooner and the programs get built against the shared libraries. This requires a bit more work. Things like -rpath and the possibility to still link the programs statically should be included. Some cleanup is also needed. This will be worked on. | ||||
* | Addapt VMS scripts to the newer disk layout system ODS-5, which allows more ↵ | Richard Levitte | 2001-10-29 | 1 | -0/+1 |
| | | | | than one period and mixed size characters in file names | ||||
* | Another noemailDN fix. | Dr. Stephen Henson | 2001-10-27 | 1 | -6/+3 |
| | |||||
* | Allow ca to certify requests containing BMPStrings and UTF8Strings. | Dr. Stephen Henson | 2001-10-27 | 1 | -7/+10 |
| | |||||
* | Bugfixes for noemailDN option. Make it use the | Dr. Stephen Henson | 2001-10-27 | 1 | -17/+15 |
| | | | | | | correct name (instead of NULL) if nomailDN is not set, fix memory leaks and retain DN structure when deleting emailAddress. | ||||
* | New options to allow req to accept UTF8 strings as input. | Dr. Stephen Henson | 2001-10-26 | 1 | -24/+44 |
| | |||||
* | Make sure openssl speed is compilable on systems where fork() doesn't | Richard Levitte | 2001-10-25 | 1 | -1/+18 |
| | | | | exist. For now, that's all the ones we "support" except Unix. | ||||
* | Add paralellism to speed - note that this currently causes a weird memory leak. | Ben Laurie | 2001-10-25 | 1 | -171/+369 |
| | |||||
* | Add '-noemailDN' option to 'openssl ca'. This prevents inclusion of | Bodo Möller | 2001-10-25 | 1 | -38/+98 |
| | | | | | | | | the e-mail address in the DN (i.e., it will go into a certificate extension only). The new configuration file option 'email_in_dn = no' has the same effect. Submitted by: Massimiliano Pala madwolf@openca.org | ||||
* | Due to an increasing number of clashes between modern OpenSSL and | Richard Levitte | 2001-10-24 | 4 | -51/+54 |
| | | | | | | | | | | | | libdes (which is still used out there) or other des implementations, the OpenSSL DES functions are renamed to begin with DES_ instead of des_. Compatibility routines are provided and declared by including openssl/des_old.h. Those declarations are the same as were in des.h when the OpenSSL project started, which is exactly how libdes looked at that time, and hopefully still looks today. The compatibility functions will be removed in some future release, at the latest in version 1.0. | ||||
* | Reject certificates with unhandled critical extensions. | Dr. Stephen Henson | 2001-10-21 | 1 | -0/+3 |
| | |||||
* | Stop spurious "unable to load config info" errors in req | Dr. Stephen Henson | 2001-10-21 | 2 | -2/+7 |
| | |||||
* | New functions SSL[_CTX]_set_msg_callback(). | Bodo Möller | 2001-10-20 | 9 | -10/+650 |
| | | | | | | | | | | | | | | | | | | | | | New macros SSL[_CTX]_set_msg_callback_arg(). Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet). New '-msg' option for 'openssl s_client' and 'openssl s_server' that enable a message callback that displays all protocol messages. In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if client_version is smaller than the protocol version in use. Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the client will at least see that alert. Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic pointer). Add/update some OpenSSL copyright notices. | ||||
* | Add missing EVP_CIPHER_CTX_{init,cleanup} | Dr. Stephen Henson | 2001-10-20 | 1 | -0/+2 |
| | |||||
* | Modify EVP cipher behaviour in a similar way | Dr. Stephen Henson | 2001-10-17 | 1 | -4/+4 |
| | | | | to digests to retain compatibility. | ||||
* | Flush buffers to prevent mixed output (Adam Back <adam@cypherspace.org>). | Lutz Jänicke | 2001-10-16 | 1 | -0/+2 |
| | |||||
* | Retain compatibility of EVP_DigestInit() and EVP_DigestFinal() | Dr. Stephen Henson | 2001-10-16 | 2 | -12/+13 |
| | | | | | | with existing code. Modify library to use digest *_ex() functions. | ||||
* | Add support for md4WithRSAEncryption. | Richard Levitte | 2001-10-10 | 1 | -1/+1 |
| | |||||
* | 'make update' | Richard Levitte | 2001-10-10 | 1 | -2/+2 |
| | |||||
* | 'make update' | Richard Levitte | 2001-10-10 | 1 | -2/+2 |
| | |||||
* | 'make update' | Richard Levitte | 2001-10-04 | 1 | -245/+245 |
| | |||||
* | Because there's chances we clash with the system's types.h, rename our | Richard Levitte | 2001-10-04 | 1 | -1/+1 |
| | | | | types.h to ossl_typ.h. | ||||
* | sch isn't an array, how did this pass through gcc? | Richard Levitte | 2001-10-02 | 1 | -1/+1 |
| |