| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
avoid linking problems when OpenSSL is built with no-dsa.
Spotted by Hellan,Kim KHE <khe@kmd.dk>
|
| |
|
|
|
| |
key algorithms and leaking if the signature verify
fails.
|
| | |
|
| |
|
|
|
|
| |
'ranlib' doesn't always run on some systems. That's actually
acceptable, since all that happens if it fails is a library with an
index, which makes linking slower, but still working correctly.
|
| | |
|
| |
|
|
|
| |
of complaints from the compiler about data pointers and function
pointers not being compatible with each other.
|
| | |
|
| |
|
|
|
|
|
| |
Fix doc example, and fix BIO_find_type().
Fix PKCS7_verify(). It was using 'i' for both the
loop variable and the verify return value.
|
| |
|
|
|
| |
Added function BIO_next() otherwise you can't
traverse a chain without accessing BIO internals.
|
| | |
|
| |
|
|
| |
Add new option to PKCS7_sign to exclude S/MIME capabilities.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
initialize ex_pathlen to -1 so it isn't checked if pathlen
is not present.
set ucert to NULL in apps/pkcs12.c otherwise it gets freed
twice.
remove extraneous '\r' in MIME encoder.
Allow a NULL to be passed to X509_gmtime_adj()
Make PKCS#7 code use definite length encoding rather then
the indefinite stuff it used previously.
|
| |
|
|
| |
test utility, I added the bits to get a EVP interface, the command line utility and the speed test
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
could be done automagically, much like the numbering in libeay.num and
ssleay.num. The solution works as follows:
- New object identifiers are inserted in objects.txt, following the
syntax given in objects.README.
- objects.pl is used to process obj_mac.num and create a new
obj_mac.h.
- obj_dat.pl is used to create a new obj_dat.h, using the data in
obj_mac.h.
This is currently kind of a hack, and the perl code in objects.pl
isn't very elegant, but it works as I intended. The simplest way to
check that it worked correctly is to look in obj_dat.h and check the
array nid_objs and make sure the objects haven't moved around (this is
important!). Additions are OK, as well as consistent name changes.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
After some messing around this seems to work but needs
a few more tests. Working out the syntax for sk_set_cmp_func()
(cast it to a function that itself returns a function pointer)
was painful :-(
Needs some testing to see what other compilers think of this
syntax.
Also needs similar stuff for ASN1_SET_OF etc etc.
|
| |
|
|
|
|
| |
Also, "make update" has added some missing functions to libeay.num,
updated the TABLE for the alpha changes, and updated thousands of
dependancies that have changed from recent commits.
|
| |
|
|
|
|
|
|
|
| |
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages. That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.
This change includes all the name changes needed throughout all C files.
|
| |
|
|
| |
libeay.num and ssleay.num.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
yet tighter, and also put some heat on the rest of the library by
insisting (correctly) that compare callbacks used in stacks are prototyped
with "const" parameters. This has led to a depth-first explosion of
compiler warnings in the code where 1 constification has led to 3 or 4
more. Fortunately these have all been resolved to completion and the code
seems cleaner as a result - in particular many of the _cmp() functions
should have been prototyped with "const"s, and now are. There was one
little problem however;
X509_cmp() should by rights compare "const X509 *" pointers, and it is now
declared as such. However, it's internal workings can involve
recalculating hash values and extensions if they have not already been
setup. Someone with a more intricate understanding of the flow control of
X509 might be able to tighten this up, but for now - this seemed the
obvious place to stop the "depth-first" constification of the code by
using an evil cast (they have migrated all the way here from safestack.h).
Fortunately, this is the only place in the code where this was required
to complete these type-safety changes, and it's reasonably clear and
commented, and seemed the least unacceptable of the options. Trying to
take the constification further ends up exploding out considerably, and
indeed leads directly into generalised ASN functions which are not likely
to cooperate well with this.
|
| |
|
|
| |
Also, add in a couple of missing declarations in pkcs7 code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
enhance and tidy up the EVP interface.
This patch adds initial support for variable length ciphers
and changes S/MIME code to use this.
Some other library functions need modifying to support use
of modified cipher parameters.
Also need to change all the cipher functions that should
return error codes, but currenly don't.
And of course it needs extensive testing...
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order. Thusly fixed.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
because it added them manually and as part of SMIME_crlf_copy().
Removed the manual add.
|
| | |
|
| |
|
|
|
| |
Make EVP_CIPHER_type() return NID_undef if the cipher has no
ASN1 OID, modify code to handle this.
|
| |
|
|
|
|
|
|
| |
the old functionality.
Various warning fixes.
Initial EVP symmetric cipher docs.
|
| |
|
|
|
|
|
|
|
|
| |
designed for that. This removes the potential error to mix data and
function pointers.
Please note that I'm a little unsure how incorrect calls to the old
ctrl functions should be handled, in som cases. I currently return 0
and that's it, but it may be more correct to generate a genuine error
in those cases.
|
| | |
|
| |
|
|
|
| |
OpenSSL_add_all_algorithms(). Move these into
separate files so they work properly.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
are not guaranteed to be unpredictable.
|
| | |
|
| |
|
|
|
|
| |
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
|
| | |
|
| |
|
|
|
| |
Fix so CRLDistributionPoints relativeName option uses
the correct type.
|
| |
|
|
| |
the middle of the OID table so the diff is rather large :-(
|
| |
|
|
| |
again.
|
| |
|
|
| |
encrypted mail. Also update the smime docs.
|
| |
|
|
| |
and not excluding parameters with DSA keys.
|
