| Age | Commit message (Collapse) | Author |
|---|
|
PR: 287
|
|
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)
|
|
I've covered all the memset()s I felt safe modifying, but may have missed some.
|
|
|
|
PR: 338
Here's the description, submitted by Gisle Vanem <giva@bgnett.no>:
1. sock_init() renamed to ssl_sock_init() in ./apps/s_socket.c due
to name-clash with Watt-32.
2. rand() renamed to Rand() in ./crypto/bn/divtest.c due to name-clash
with <stdlib.h>
3. Added calls to dbug_init()/sock_init() in some demo programs.
4. Changed cflags/lflags in configure. Watt-32 install root now taken
from $WATT_ROOT.
|
|
|
|
is only used for seeding and doing it in the wrong order will mean seeding
is done before the engine randomness is hooked in.
Notified by Frederic DONNAT <frederic.donnat@zencod.com>
|
|
CONF_modules_unload() now calls CONF_modules_finish()
automatically.
Default use of section openssl_conf moved to
CONF_modules_load()
Load config file in several openssl utilities.
Most utilities now load modules from the config file,
though in a few (such as version) this isn't done
because it couldn't be used for anything.
In the case of ca and req the config file used is
the same as the utility itself: that is the -config
command line option can be used to specify an
alternative file.
|
|
|
|
New macros SSL[_CTX]_set_msg_callback_arg().
Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).
New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.
In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).
Add/update some OpenSSL copyright notices.
|
|
|
|
|
|
to go the monolith way (does anyone do that these days?).
NOTE: a few applications are missing in this commit. I've a few more
changes in them that I haven't tested yet.
|
|
everywhere.
|
|
inherited from X509_STORE.
Add CRL checking options to other applications.
|
|
|
|
correctly defined.
|
|
missed any.
This compiles and runs on Linux, and external applications have no
problems with it. The definite test will be to build this on VMS.
|
|
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
|
|
|
|
the clients choice; in SSLv2 the client uses the server's preferences.
|
|
Implemented by Vern Staats <staatsvr@asc.hpc.mil>, further hacked and distributed by Jeffrey Altman <jaltnab@columbia.edu>
|
|
At the same time, add VMS support for Rijndael.
|
|
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages. That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.
This change includes all the name changes needed throughout all C files.
|
|
Contributed by Yoichiro Okabe <okabe@wizsoft.co.jp>
|
|
still not be quiet. Also make it clear that -quiet implicitely means
-ign_eof as well.
|
|
|
|
-Wcast-align
-Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''.
|
|
OpenSSL_add_all_algorithms(). Move these into
separate files so they work properly.
|
|
|
|
Remove some "WTF??" casts from applications.
Fixes to keep VC++ happy and avoid warnings.
Docs tidy.
|
|
Update docs.
|
|
as a shared library without RSA. Use #ifndef NO_SSL2 instead of
NO_RSA in ssl/s2*.c.
Submitted by: Kris Kennaway <kris@hub.freebsd.org>
Modified by Ulf Möller
|
|
functions so it doesn't crash. Document s_client.
|
|
either and has a static and dynamic mix.
|
|
SSL_CTX and SSL, functions to set them and defaults if no values set.
|
|
some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.
|
|
an improvement on not working at all.
|
|
|
|
|
|
LFs into CRLFs when forwarding data from stdin to the TLS connection.
This is necessary for properly talking HTTP.
Because of the code freeze this change is by default disabled for now;
without -DAPPS_CRLF, the code is exactly as before.
|
|
Submitted by: Richard Levitte <levitte@stacken.kth.se>
|
|
Submitted by: Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>
|
|
Pointed out by Sergio Rabellino <Rabellino@di.unito.it>
|
|
SSL2 implementation), show at least the server certificate.
|
|
|
|
Submitted by: Richard Levitte <richard@levitte.org>
|
|
Submitted by:
Reviewed by:
PR:
|
|
|
|
|
