Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | From 0.9.8-stable: | Richard Levitte | 2005-06-04 | 1 | -1/+1 |
| | | | | handshake_write_seq is an unsigned short, so treat it like one | ||||
* | clear error queue on success and return NULL if no cert could be read | Nils Larsch | 2005-06-01 | 1 | -3/+13 |
| | | | | PR: 1088 | ||||
* | Synchronise more with the Unix build. | Richard Levitte | 2005-05-31 | 2 | -1/+3 |
| | |||||
* | pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't | Richard Levitte | 2005-05-30 | 6 | -75/+169 |
| | | | | | | | have a uniform representation for those over all architectures, so a little bit of hackery is needed. Contributed by nagendra modadugu <nagendra@cs.stanford.edu> | ||||
* | We have some source with \r\n as line ends. DEC C informs about that, | Richard Levitte | 2005-05-29 | 1 | -1/+1 |
| | | | | and I really can't be bothered... | ||||
* | When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in | Richard Levitte | 2005-05-21 | 2 | -2/+2 |
| | | | | | | http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html. Notified by David Wolfe <dwolfe5272@yahoo.com> | ||||
* | Further BUILDENV refinement, further fool-proofing of Makefiles and | Andy Polyakov | 2005-05-16 | 1 | -3/+5 |
| | | | | | [most importantly] put back dependencies accidentaly eliminated in check-in #13342. | ||||
* | ecc api cleanup; summary: | Nils Larsch | 2005-05-16 | 3 | -89/+105 |
| | | | | | | | | | | - hide the EC_KEY structure definition in ec_lcl.c + add some functions to use/access the EC_KEY fields - change the way how method specific data (ecdsa/ecdh) is attached to a EC_KEY - add ECDSA_sign_ex and ECDSA_do_sign_ex functions with additional parameters for pre-computed values - rebuild libeay.num from 0.9.7 | ||||
* | Fool-proofing Makefiles | Andy Polyakov | 2005-05-15 | 1 | -4/+1 |
| | |||||
* | Fix from stable branch. | Dr. Stephen Henson | 2005-05-12 | 1 | -1/+1 |
| | |||||
* | fix msg_callback() arguments for SSL 2.0 compatible client hello | Bodo Möller | 2005-05-12 | 1 | -1/+1 |
| | | | | (previous revision got this wrong) | ||||
* | Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled | Bodo Möller | 2005-05-11 | 7 | -64/+174 |
| | | | | with the SSL_OP_NO_SSLv2 option. | ||||
* | use 'p' as conversion specifier for printf to avoid truncation of | Nils Larsch | 2005-05-10 | 1 | -2/+2 |
| | | | | | | | pointers on 64 bit platforms. Patch supplied by Daniel Gryniewicz via Mike Frysinger <vapier@gentoo.org>. PR: 1064 | ||||
* | give EC_GROUP_new_by_nid a more meanigful name: | Nils Larsch | 2005-05-10 | 2 | -3/+3 |
| | | | | EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name | ||||
* | Update util/ck_errf.pl script, and have it run automatically | Bodo Möller | 2005-05-09 | 1 | -1/+1 |
| | | | | | | | | during "make errors" and thus during "make update". Fix lots of bugs that util/ck_errf.pl can detect automatically. Various others of these are still left to fix; that's why "make update" will complain loudly when run now. | ||||
* | give EC_GROUP_*_nid functions a more meaningful name | Nils Larsch | 2005-05-08 | 1 | -1/+1 |
| | | | | | EC_GROUP_get_nid -> EC_GROUP_get_curve_name EC_GROUP_set_nid -> EC_GROUP_set_curve_name | ||||
* | backport fix from the stable branch | Nils Larsch | 2005-05-03 | 2 | -0/+24 |
| | |||||
* | check return value of RAND_pseudo_bytes; backport from the stable branch | Nils Larsch | 2005-04-29 | 6 | -11/+24 |
| | |||||
* | Lots of Win32 fixes for DTLS. | Dr. Stephen Henson | 2005-04-27 | 6 | -48/+48 |
| | | | | | | | | 1. "unsigned long long" isn't portable changed: to BN_ULLONG. 2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used. 2. Avoid lots of compiler warnings about signed/unsigned mismatches. 3. Include new library directory pqueue in mk1mf build system. 4. Update symbols. | ||||
* | Fix various incorrect error function codes. | Bodo Möller | 2005-04-26 | 7 | -10/+11 |
| | | | | ("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.) | ||||
* | remove some functions from exported headers | Bodo Möller | 2005-04-26 | 3 | -57/+27 |
| | |||||
* | make update | Bodo Möller | 2005-04-26 | 1 | -299/+471 |
| | |||||
* | fix SSLerr stuff for DTLS1 code; | Bodo Möller | 2005-04-26 | 10 | -159/+221 |
| | | | | | move some functions from exported header <openssl/dtl1.h> into "ssl_locl.h"; fix silly indentation (a TAB is *not* always 4 spaces) | ||||
* | Fixes for signed/unsigned warnings and shadows. | Dr. Stephen Henson | 2005-04-26 | 2 | -9/+9 |
| | |||||
* | Add DTLS support. | Ben Laurie | 2005-04-26 | 25 | -90/+6409 |
| | |||||
* | change prototype of the ecdh KDF: make input parameter const and the outlen ↵ | Nils Larsch | 2005-04-23 | 2 | -4/+8 |
| | | | | argument more flexible | ||||
* | Make kerberos ciphersuite code compile again. | Dr. Stephen Henson | 2005-04-20 | 3 | -10/+11 |
| | | | | Avoid more shadow warnings. | ||||
* | More cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more... | Andy Polyakov | 2005-04-13 | 2 | -2/+2 |
| | |||||
* | Rebuild error codes. | Dr. Stephen Henson | 2005-04-12 | 1 | -383/+387 |
| | |||||
* | Add emacs cache files to .cvsignore. | Richard Levitte | 2005-04-11 | 1 | -0/+2 |
| | |||||
* | Make kerberos ciphersuite code work with newer header files | Dr. Stephen Henson | 2005-04-09 | 3 | -8/+20 |
| | |||||
* | Added restrictions on the use of proxy certificates, as they may pose | Richard Levitte | 2005-04-09 | 1 | -1/+16 |
| | | | | a security threat on unexpecting applications. Document and test. | ||||
* | add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file() | Nils Larsch | 2005-04-08 | 1 | -0/+10 |
| | | | | | | | | and SSL_use_PrivateKey_file() PR: 1035 Submitted by: Walter Goulet Reviewed by: Nils Larsch | ||||
* | get rid of very buggy and very imcomplete DH cert support | Nils Larsch | 2005-04-07 | 2 | -93/+19 |
| | | | | Reviewed by: Bodo Moeller | ||||
* | really clear the error queue here | Nils Larsch | 2005-04-01 | 1 | -1/+1 |
| | | | | PR: 860 | ||||
* | use SSL3_VERSION_MAJOR instead of SSL3_VERSION etc. | Nils Larsch | 2005-04-01 | 1 | -3/+3 |
| | | | | PR: 658 | ||||
* | Give everything prototypes (well, everything that's actually used). | Ben Laurie | 2005-03-31 | 10 | -48/+52 |
| | |||||
* | Blow away Makefile.ssl. | Ben Laurie | 2005-03-30 | 1 | -4/+3 |
| | |||||
* | Constification. | Ben Laurie | 2005-03-30 | 12 | -120/+130 |
| | |||||
* | Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server and | Dr. Stephen Henson | 2005-03-22 | 2 | -2/+2 |
| | | | | client random values. | ||||
* | some const fixes | Nils Larsch | 2005-03-20 | 2 | -5/+5 |
| | |||||
* | Apparently, at least with my VMS C environment, defining _XOPEN_SOURCE | Richard Levitte | 2005-01-19 | 1 | -3/+4 |
| | | | | | | gets _POSIX_C_SOURC and _ANSI_C_SOURCE defined, which stops u_int from being defined, and that breaks havock into the rest of the standard headers... *sigh* | ||||
* | Small thing. It seems like we have to defined _XOPEN_SOURCE to get | Richard Levitte | 2005-01-18 | 1 | -0/+2 |
| | | | | isascii() on DEC/Compaq/HP C for VMS. | ||||
* | Changes concering RFC 3820 (proxy certificates) integration: | Richard Levitte | 2005-01-17 | 1 | -21/+468 |
| | | | | | | | | | | | | | | | | | - Enforce that there should be no policy settings when the language is one of id-ppl-independent or id-ppl-inheritAll. - Add functionality to ssltest.c so that it can process proxy rights and check that they are set correctly. Rights consist of ASCII letters, and the condition is a boolean expression that includes letters, parenthesis, &, | and ^. - Change the proxy certificate configurations so they get proxy rights that are understood by ssltest.c. - Add a script that tests proxy certificates with SSL operations. Other changes: - Change the copyright end year in mkerr.pl. - make update. | ||||
* | Small typo, `mask' got the same value ORed to it twice instead of | Richard Levitte | 2005-01-12 | 1 | -1/+1 |
| | | | | | | `mask' and `emask' getting that operation done once each. Patch supplied by Nils Larsch <nils.larsch@cybertrust.com> | ||||
* | Don't use $(EXHEADER) directly in for loops, as most shells will break | Richard Levitte | 2004-11-02 | 1 | -1/+1 |
| | | | | | | if $(EXHEADER) is empty. Notified by many, solution suggested by Carson Gaspar <carson@taltos.org> | ||||
* | Fix race condition when SSL ciphers are initialized. | Dr. Stephen Henson | 2004-10-25 | 1 | -1/+1 |
| | |||||
* | New X509_VERIFY_PARAM structure and associated functionality. | Dr. Stephen Henson | 2004-09-06 | 3 | -18/+47 |
| | | | | | | | | | | This tidies up verify parameters and adds support for integrated policy checking. Add support for policy related command line options. Currently only in smime application. WARNING: experimental code subject to change. | ||||
* | make update | Richard Levitte | 2004-07-10 | 1 | -20/+20 |
| | |||||
* | Use the new directory reading functions. | Richard Levitte | 2004-07-10 | 1 | -109/+18 |
| |