| Age | Commit message (Collapse) | Author |
|---|
|
|
|
is made to directly cast a function of one type to what it considers and
incompatible type. In particular gcc 3.4.2.
Add new openssl_fcast macro to place functions into a form where the compiler
will allow them to be cast.
The current version achives this by casting to: void function(void).
|
|
|
|
(void * != char *)
|
|
|
|
Fix Win32 build system to use 'Makefile' instead of 'Makefile.ssl'.
|
|
|
|
|
|
|
|
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
|
|
|
|
|
|
This tidies up verify parameters and adds support for integrated policy
checking.
Add support for policy related command line options. Currently only in smime
application.
WARNING: experimental code subject to change.
|
|
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
|
|
some similar code elsewhere.
Thanks to Francesco Petruzzi for bringing this to my attention.
|
|
|
|
|
|
This is currently *very* experimental and needs to be more fully integrated
with the main verification code.
|
|
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
|
|
|
|
|
|
not to mention the OBJ_BSEARCH_* macros.
|
|
even if an exact match wasn't found.
|
|
|
|
|
|
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
|
|
handled properly.
Part of PR 75
|
|
|
|
Incomplete, largely untested and subject to change/deletion.
|
|
needed.
|
|
|
|
|
|
|
|
|
|
|
|
a bit of weird code in sk_new.
|
|
like des_read_password and friends (backward compatibility functions
using this new API are provided). The purpose is to remove prompting
functions from the DES code section as well as provide for prompting
through dialog boxes in a window system and the like.
|
|
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
|
|
and make all files the depend on it include it without prefixing it
with openssl/.
This means that all Makefiles will have $(TOP) as one of the include
directories.
|
|
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
|
|
|
|
of status info. Check nonce values. Option to disable
verify. Update usage message.
Rename status to string functions and make them global.
|
|
to main trunk.
Lets see if the makes it to openssl-cvs :-)
|
|
|
|
acceptable, since all that happens if it fails is a library with
an index, which makes linking slower, but still working correctly.
|
|
can't be used as a function pointer according the the standards. Use
a 0 instead and there will be no trouble.
|
|
|
|
The old code was painfully primitive and couldn't handle
distinct certificates using the same subject name.
The new code performs several tests on a candidate issuer
certificate based on certificate extensions.
It also adds several callbacks to X509_VERIFY_CTX so its
behaviour can be customised.
Unfortunately some hackery was needed to persuade X509_STORE
to tolerate this. This should go away when X509_STORE is
replaced, sometime...
This must have broken something though :-(
|
|
|
|
could be done automagically, much like the numbering in libeay.num and
ssleay.num. The solution works as follows:
- New object identifiers are inserted in objects.txt, following the
syntax given in objects.README.
- objects.pl is used to process obj_mac.num and create a new
obj_mac.h.
- obj_dat.pl is used to create a new obj_dat.h, using the data in
obj_mac.h.
This is currently kind of a hack, and the perl code in objects.pl
isn't very elegant, but it works as I intended. The simplest way to
check that it worked correctly is to look in obj_dat.h and check the
array nid_objs and make sure the objects haven't moved around (this is
important!). Additions are OK, as well as consistent name changes.
|
