| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
| |
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This tidies up verify parameters and adds support for integrated policy
checking.
Add support for policy related command line options. Currently only in smime
application.
WARNING: experimental code subject to change.
|
| |
|
|
|
| |
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
|
| | |
|
| |
|
|
| |
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
|
| | |
|
| |
|
|
|
|
|
| |
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.
Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.
Fix ec_asn1.c (take into account the desired conversion form).
'make update'.
Submitted by: Nils Larsch
|
| |
|
|
|
| |
handled properly.
Part of PR 75
|
| |
|
|
| |
Submitted by: Nils Larsch <nla@trustcenter.de>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
built up without accessing structures directly.
Update ca.c to use new functions.
Fix ca.c so it now build CRLs correctly again.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Fix OPENSSL_IMPLEMENT_GLOBAL.
Allow Win32 to use EXPORT_VAR_AS_FN in mkdef.pl
make update.
|
| |
|
|
|
|
| |
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
|
| |
|
|
|
| |
Note that all *_it variables are suddenly non-existant according to
libeay.num. This is a bug that will be corrected. Please be patient.
|
| |
|
|
|
|
|
|
| |
and make all files the depend on it include it without prefixing it
with openssl/.
This means that all Makefiles will have $(TOP) as one of the include
directories.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
|
| | |
|
| |
|
|
|
|
| |
to main trunk.
Lets see if the makes it to openssl-cvs :-)
|
| | |
|
| |
|
|
| |
make update done.
|
| |
|
|
|
| |
acceptable, since all that happens if it fails is a library with
an index, which makes linking slower, but still working correctly.
|
| | |
|
| |
|
|
| |
test utility, I added the bits to get a EVP interface, the command line utility and the speed test
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
could be done automagically, much like the numbering in libeay.num and
ssleay.num. The solution works as follows:
- New object identifiers are inserted in objects.txt, following the
syntax given in objects.README.
- objects.pl is used to process obj_mac.num and create a new
obj_mac.h.
- obj_dat.pl is used to create a new obj_dat.h, using the data in
obj_mac.h.
This is currently kind of a hack, and the perl code in objects.pl
isn't very elegant, but it works as I intended. The simplest way to
check that it worked correctly is to look in obj_dat.h and check the
array nid_objs and make sure the objects haven't moved around (this is
important!). Additions are OK, as well as consistent name changes.
|
| |
|
|
|
|
| |
Also, "make update" has added some missing functions to libeay.num,
updated the TABLE for the alpha changes, and updated thousands of
dependancies that have changed from recent commits.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
yet.
Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.
Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
in a table. Doesn't do too much yet.
Make the -<digestname> options in 'x509' affect all relevant
options.
Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.
A few constification changes.
|
| |
|
|
|
|
|
|
| |
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.
Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
in cryptlib.h (which is often included as "../cryptlib.h"), then the
question remains relative to which directory this is to be interpreted.
gcc went one further directory up, as intended; but makedepend thinks
differently, and so probably do some C compilers. So the ../ must go away;
thus e_os.h goes back into include/openssl (but I now use
#include "openssl/e_os.h" instead of <openssl/e_os.h> to make the point) --
and we have another huge bunch of dependency changes. Argh.
|
| |
|
|
| |
include file.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Submitted by:
Reviewed by:
PR:
|
| |
|
|
|
|
| |
Submitted by:
Reviewed by:
PR:
|
| |
|
|
|
|
| |
Submitted by:
Reviewed by:
PR:
|
