| Age | Commit message (Collapse) | Author |
|---|
|
Show timing parameters and timing functions used.
It looks like some Linuxen have very weird settings for CLK_TCK. I'm
very unsure about this change and will investigate further.
|
|
|
|
crypto/engine/README for details.
|
|
|
|
|
|
|
|
|
|
|
|
macros in apps.h.
|
|
|
|
|
|
|
|
|
|
(Working file: progs.h
revision 1.24
date: 2001/02/19 16:06:03; author: levitte; state: Exp; lines: +59 -59
Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
[...])
|
|
CRYPTO_set_mem_debug_options() instead of CRYPTO_dbg_set_options(),
which is the default implementation of the former and should usually
not be directly used by applications (at least if we assume that the
options accepted by the default implementation will also be meaningful
to any other implementations).
Also fix apps/openssl.c and ssl/ssltest such that environment variable
setting 'OPENSSL_DEBUG_MEMORY=off' actively disables the compiled-in
library defaults (i.e. such that CRYPTO_MDEBUG is ignored in this
case).
|
|
|
|
|
|
See the commit log message for that for more information.
NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
|
|
|
|
(found by Massimiliano Pala <madwolf@hackmasters.net>).
|
|
connection so it can prompt for pass phrase on startup
instead of after the first connection.
Add -port switch to usage message.
|
|
|
|
Fix leak in ca.c when using -passin.
|
|
built up without accessing structures directly.
Update ca.c to use new functions.
Fix ca.c so it now build CRLs correctly again.
|
|
|
|
|
|
|
|
|
|
Document new OCSP options.
|
|
This can process internal requests or behave like a
mini responder.
Todo: documentation, update usage info.
|
|
things), especially as the RSA keys are fixed. However, DSA only fixes the
DSA parameters and then generates the public and private components on the
fly each time - this commit hard-codes some sampled key values so that this
is no longer the case.
|
|
|
|
SSL according to RFC 2712. His comment is:
This is a patch to openssl-SNAP-20010702 to support Kerberized SSL
authentication. I'm expecting to have the full kssl-0.5 kit up on
sourceforge by the end of the week. The full kit includes patches
for mod-ssl, apache, and a few text clients. The sourceforge URL
is http://sourceforge.net/projects/kssl/ .
Thanks to a note from Simon Wilkinson I've replaced my KRB5 AP_REQ
message with a real KerberosWrapper struct. I think this is fully
RFC 2712 compliant now, including support for the optional
authenticator field. I also added openssl-style ASN.1 macros for
a few Kerberos structs; see crypto/krb5/ if you're interested.
|
|
|
|
|
|
(found by Andy Brown <logic@warthog.com>).
|
|
|
|
Add new extension functions which work with NCONF.
Tidy up extension config routines and remove redundant code.
Fix NCONF_get_number().
Todo: more testing of apps to see they still work...
|
|
|
|
|
|
|
|
|
|
|
|
to go the monolith way (does anyone do that these days?).
NOTE: a few applications are missing in this commit. I've a few more
changes in them that I haven't tested yet.
|
|
|
|
password callbak doesn't need to check for sizes any more.
|
|
|
|
commands appropriately.
|
|
applications to use EVP. Add missing calls to HMAC_cleanup() and
don't assume HMAC_CTX can be copied using memcpy().
Note: this is almost identical to the patch submitted to openssl-dev
by Verdon Walker <VWalker@novell.com> except some redundant
EVP_add_digest_()/EVP_cleanup() calls were removed and some changes
made to avoid compiler warnings.
|
|
|
