Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Beautifying code. | Richard Levitte | 2000-03-25 | 1 | -2/+2 |
| | |||||
* | New compatability trust and purpose settings. | Dr. Stephen Henson | 2000-03-07 | 2 | -2/+10 |
| | |||||
* | Preserve reason strings in automatically build tables. | Bodo Möller | 2000-03-05 | 1 | -1/+2 |
| | |||||
* | More get0 et al. changes. Also provide fgrep targets in CHANGES | Bodo Möller | 2000-02-26 | 2 | -5/+5 |
| | | | | where the new functions are mentioned. | ||||
* | Rename functions for new convention. | Dr. Stephen Henson | 2000-02-26 | 2 | -4/+4 |
| | |||||
* | Modernise 'selfsign.c' to use new X509_NAME code | Dr. Stephen Henson | 2000-02-13 | 1 | -1/+1 |
| | | | | | and add example of extension aliasing. Also fix the extension aliasing because it didn't work :-) | ||||
* | Make gcc 2.95.2 happy again, even under ``-Wall -Wshadow -Wpointer-arith ↵ | Ralf S. Engelschall | 2000-02-11 | 2 | -2/+2 |
| | | | | | | -Wcast-align -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''. | ||||
* | Rename the X509V3_*_d2i functions to X509_get_ext_d2i() etc. | Dr. Stephen Henson | 2000-02-07 | 3 | -24/+4 |
| | | | | This better reflects their behaviour. | ||||
* | EBCDIC support. | Ulf Möller | 2000-02-01 | 2 | -0/+19 |
| | | | | Submitted by: Martin Kraemer <martin.kraemer@mch.sni.de> | ||||
* | Seek out and destroy another evil cast. | Ulf Möller | 2000-01-30 | 7 | -9/+9 |
| | |||||
* | Some more ifdefs for no-xxx options. | Ulf Möller | 2000-01-21 | 1 | -0/+2 |
| | |||||
* | Avoid converting void * to a function pointer when NULL is defined as | Richard Levitte | 2000-01-18 | 2 | -2/+2 |
| | | | | ((void *)0), by have a 0 instead. | ||||
* | #undef PKCS7_SIGNER_INFO for Win32 to avoid clashes. | Dr. Stephen Henson | 2000-01-07 | 2 | -6/+8 |
| | | | | | Fix so CRLDistributionPoints relativeName option uses the correct type. | ||||
* | Simplify the trust structure: basically zap the bit strings and | Dr. Stephen Henson | 1999-12-29 | 1 | -1/+0 |
| | | | | represent everything by OIDs. | ||||
* | Fix a bug in the modified purpose code: it wasn't updated to use the | Dr. Stephen Henson | 1999-12-03 | 1 | -1/+1 |
| | | | | | | | new purpose getting function. Update the ca-cert.pem and pca-cert.pem "CA" certificates so they really are CA certificate: that is they have the appropriate extensions. | ||||
* | Change the trust and purpose code so it doesn't need init | Dr. Stephen Henson | 1999-12-02 | 4 | -32/+72 |
| | | | | either and has a static and dynamic mix. | ||||
* | Modify the X509 V3 extension lookup code. | Dr. Stephen Henson | 1999-12-01 | 4 | -28/+197 |
| | |||||
* | Add part of chain verify SSL support code: not complete or doing anything | Dr. Stephen Henson | 1999-11-29 | 2 | -20/+20 |
| | | | | | | | | | | | yet. Add a function X509_STORE_CTX_purpose_inherit() which implements the logic of "inheriting" purpose and trust from a parent structure and using a default: this will be used in the SSL code and possibly future S/MIME. Partial documentation of the 'verify' utility. Still need to document how all the extension checking works and the various error messages. | ||||
* | Add trust setting support to the verify code. It now checks the | Dr. Stephen Henson | 1999-11-27 | 2 | -1/+6 |
| | | | | | | | | trust settings of the root CA. After a few fixes it seems to work OK. Still need to add support to SSL and S/MIME code though. | ||||
* | New options to the -verify program which can be used for chain verification. | Dr. Stephen Henson | 1999-11-26 | 2 | -36/+67 |
| | | | | | | | | Extend the X509_PURPOSE structure to include shortnames for purposed and default trust ids. Still need some extendable trust checking code and integration with the SSL and S/MIME code. | ||||
* | Support for authority information access extension. | Dr. Stephen Henson | 1999-11-23 | 5 | -3/+287 |
| | | | | Fix so EVP_PKEY_rset_*() check return codes. | ||||
* | Support for otherName in GeneralName. | Dr. Stephen Henson | 1999-11-19 | 2 | -6/+71 |
| | |||||
* | New function X509_cmp(). | Dr. Stephen Henson | 1999-11-16 | 1 | -1/+3 |
| | |||||
* | Allow additional information to be attached to a | Dr. Stephen Henson | 1999-11-04 | 2 | -9/+3 |
| | | | | | certificate: currently this includes trust settings and a "friendly name". | ||||
* | Improve support for running everything as a monolithic application. | Bodo Möller | 1999-10-25 | 3 | -15/+53 |
| | | | | Submitted by: Lennart Bång, Bodo Möller | ||||
* | Replace the macros in asn1.h with function equivalents. Also make UTF8Strings | Dr. Stephen Henson | 1999-10-20 | 17 | -96/+77 |
| | | | | tolerated in certificates. | ||||
* | Initial support for certificate purpose checking: this will | Dr. Stephen Henson | 1999-10-13 | 3 | -2/+425 |
| | | | | | ultimately lead to certificate chain verification. It is VERY EXPERIMENTAL at present though. | ||||
* | Add EX_DATA support to X509. | Dr. Stephen Henson | 1999-10-11 | 1 | -1/+1 |
| | | | | Fix a bug in the X509_get_d2i() functions which didn't check if crit was NULL. | ||||
* | New functions to parse and get extensions. | Dr. Stephen Henson | 1999-10-09 | 2 | -0/+75 |
| | |||||
* | Allow extensions to be added to certificate requests, update the sample | Dr. Stephen Henson | 1999-08-25 | 2 | -1/+26 |
| | | | | config file (change RAW to DER). | ||||
* | A few more ``#ifndef NO_FP_API / #endif'' pairs for consistency. | Ralf S. Engelschall | 1999-08-08 | 1 | -0/+2 |
| | | | | Hint from: Andrija Antonijevic <TheAntony2@bigfoot.com> | ||||
* | avoid some NO_<cipher> problems | Bodo Möller | 1999-08-02 | 1 | -1/+1 |
| | |||||
* | SXnet code was freeing up the extension data rather than the temporary | Dr. Stephen Henson | 1999-07-10 | 1 | -2/+2 |
| | | | | zone number. | ||||
* | Implement STACK_OF(ANS1_OBJECT) for extended key usage extension, change the | Dr. Stephen Henson | 1999-06-21 | 13 | -74/+82 |
| | | | | | documentation to reflect the STACK_OF(CONF_VALUE) change to the CONF lib and use ANSI typedefs for X509V3_EXT_I2D and X509V3_EXT_FREE. | ||||
* | "make update" | Bodo Möller | 1999-06-21 | 1 | -25/+30 |
| | |||||
* | Convert the CONF library to use a typesafe stack: a STACK_OF(CONF_VALUE). It | Dr. Stephen Henson | 1999-06-20 | 11 | -113/+136 |
| | | | | | | seemed like a good idea at the time... several hours later it was rather obvious that these are used all over the place making the changes rather extensive. | ||||
* | Document the X509V3 code and change some of the extension function pointers | Dr. Stephen Henson | 1999-06-11 | 1 | -7/+7 |
| | | | | to use 'void *' rather than 'char *' for an "arbitrary extension". | ||||
* | Set ext_list to NULL after use. | Dr. Stephen Henson | 1999-05-23 | 1 | -0/+1 |
| | |||||
* | It was a very bad idea to use #include "../e_os.h" -- when this occurs | Bodo Möller | 1999-05-21 | 1 | -194/+201 |
| | | | | | | | | | | in cryptlib.h (which is often included as "../cryptlib.h"), then the question remains relative to which directory this is to be interpreted. gcc went one further directory up, as intended; but makedepend thinks differently, and so probably do some C compilers. So the ../ must go away; thus e_os.h goes back into include/openssl (but I now use #include "openssl/e_os.h" instead of <openssl/e_os.h> to make the point) -- and we have another huge bunch of dependency changes. Argh. | ||||
* | Don't install e_os.h in include/openssl, use it only as a local | Bodo Möller | 1999-05-20 | 1 | -201/+194 |
| | | | | include file. | ||||
* | Various clarifications to extension docs: change the name of literal | Dr. Stephen Henson | 1999-05-17 | 1 | -1/+1 |
| | | | | | | extensions from RAW to DER to avoid confusion with raw extensions. Update NEWS file. | ||||
* | Update dependencies. | Bodo Möller | 1999-05-15 | 1 | -181/+188 |
| | |||||
* | Update dependencies. | Ben Laurie | 1999-05-13 | 1 | -11/+12 |
| | |||||
* | The various character predicates (isspace and the like) may not be | Bodo Möller | 1999-05-10 | 2 | -4/+4 |
| | | | | | | | | | | | used with negative char values, so I've added casts to unsigned char. Maybe what really should be done is change all those arrays and pointers to type unsigned char [] or unsigned char *, respectively; but using plain char with those predicates is just wrong, so something had to be done. Submitted by: Reviewed by: PR: | ||||
* | Fix various things to let OpenSSL even pass ``egcc -pipe -O2 -Wall -Wshadow | Ralf S. Engelschall | 1999-05-10 | 3 | -2/+5 |
| | | | | | -Wpointer-arith -Wcast-align -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline'' with EGCS 1.1.2+ | ||||
* | Kill evil casts, fix PKCS#7 and add new X509V3 Function. | Dr. Stephen Henson | 1999-05-09 | 5 | -13/+46 |
| | |||||
* | Allows PKCS#12 password to be placed on command line and add allow config | Dr. Stephen Henson | 1999-05-08 | 1 | -9/+14 |
| | | | | file name for 'ca' to come from the environment. | ||||
* | Support INSTALL_PREFIX for packagers. | Bodo Möller | 1999-04-29 | 1 | -2/+4 |
| | | | | | | Submitted by: Reviewed by: PR: | ||||
* | Ignore Makefile.save | Ulf Möller | 1999-04-29 | 1 | -0/+1 |
| | | | | Submitted by: Anonymous | ||||
* | Obey $(PERL) when running util/mklink.pl. | Bodo Möller | 1999-04-29 | 1 | -3/+3 |
| | | | | | | Submitted by: Reviewed by: PR: |