summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Collapse)Author
2005-04-13More cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...Andy Polyakov
2005-04-12Rebuild error codes.Dr. Stephen Henson
2005-04-11Add emacs cache files to .cvsignore.Richard Levitte
2005-04-09Make kerberos ciphersuite code work with newer header filesDr. Stephen Henson
2005-04-09Added restrictions on the use of proxy certificates, as they may poseRichard Levitte
a security threat on unexpecting applications. Document and test.
2005-04-08add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()Nils Larsch
and SSL_use_PrivateKey_file() PR: 1035 Submitted by: Walter Goulet Reviewed by: Nils Larsch
2005-04-07get rid of very buggy and very imcomplete DH cert supportNils Larsch
Reviewed by: Bodo Moeller
2005-04-01really clear the error queue hereNils Larsch
PR: 860
2005-04-01use SSL3_VERSION_MAJOR instead of SSL3_VERSION etc.Nils Larsch
PR: 658
2005-03-31Give everything prototypes (well, everything that's actually used).Ben Laurie
2005-03-30Blow away Makefile.ssl.Ben Laurie
2005-03-30Constification.Ben Laurie
2005-03-22Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server andDr. Stephen Henson
client random values.
2005-03-20some const fixesNils Larsch
2005-01-19Apparently, at least with my VMS C environment, defining _XOPEN_SOURCERichard Levitte
gets _POSIX_C_SOURC and _ANSI_C_SOURCE defined, which stops u_int from being defined, and that breaks havock into the rest of the standard headers... *sigh*
2005-01-18Small thing. It seems like we have to defined _XOPEN_SOURCE to getRichard Levitte
isascii() on DEC/Compaq/HP C for VMS.
2005-01-17Changes concering RFC 3820 (proxy certificates) integration:Richard Levitte
- Enforce that there should be no policy settings when the language is one of id-ppl-independent or id-ppl-inheritAll. - Add functionality to ssltest.c so that it can process proxy rights and check that they are set correctly. Rights consist of ASCII letters, and the condition is a boolean expression that includes letters, parenthesis, &, | and ^. - Change the proxy certificate configurations so they get proxy rights that are understood by ssltest.c. - Add a script that tests proxy certificates with SSL operations. Other changes: - Change the copyright end year in mkerr.pl. - make update.
2005-01-12Small typo, `mask' got the same value ORed to it twice instead ofRichard Levitte
`mask' and `emask' getting that operation done once each. Patch supplied by Nils Larsch <nils.larsch@cybertrust.com>
2004-11-02Don't use $(EXHEADER) directly in for loops, as most shells will breakRichard Levitte
if $(EXHEADER) is empty. Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-10-25Fix race condition when SSL ciphers are initialized.Dr. Stephen Henson
2004-09-06New X509_VERIFY_PARAM structure and associated functionality.Dr. Stephen Henson
This tidies up verify parameters and adds support for integrated policy checking. Add support for policy related command line options. Currently only in smime application. WARNING: experimental code subject to change.
2004-07-10make updateRichard Levitte
2004-07-10Use the new directory reading functions.Richard Levitte
2004-05-20Move some COMP functions to be inside the #ifndef OPENSSL_NO_COMPRichard Levitte
wrapping preprocessor directive. This also removes a duplicate declaration.
2004-05-17After the latest round of header-hacking, regenerate the dependencies inGeoff Thorpe
the Makefiles. NB: this commit is probably going to generate a huge posting and it is highly uninteresting to read.
2004-05-17Deprecate quite a few recursive includes from the ssl.h API header andGeoff Thorpe
remove some unnecessary includes from the internal header ssl_locl.h. This then requires adding includes for bn.h in four C files.
2004-05-15Fixes so alerts are sent properly in s3_pkt.cDr. Stephen Henson
PR: 851
2004-04-26Allow RSA key-generation to specify an arbitrary public exponent. JelteGeoff Thorpe
proposed the change and submitted the patch, I jiggled it slightly and adjusted the other parts of openssl that were affected. PR: 867 Submitted by: Jelte Jansen Reviewed by: Geoff Thorpe
2004-04-19make updateGeoff Thorpe
2004-04-19(oops) Apologies all, that last header-cleanup commit was from the wrongGeoff Thorpe
tree. This further reduces header interdependencies, and makes some associated cleanups.
2004-03-25SSL_COMP_get_compression_method is a typo (a missing 's' at the end ofRichard Levitte
the symbol name).
2004-03-16Avoid warnings.Dr. Stephen Henson
2004-03-15Constify d2i, s2i, c2i and r2i functions and other associatedRichard Levitte
functions and macros. This change has associated tags: LEVITTE_before_const and LEVITTE_after_const. Those will be removed when this change has been properly reviewed.
2004-01-28make updateRichard Levitte
2004-01-04unintptr_t and <inttypes.h> are not strictly portable with respect toLutz Jänicke
ANSI C 89. Undo change to maintain compatibility.
2003-12-27Avoid including cryptlib.h, it's not really needed.Richard Levitte
Check if IDEA is being built or not. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27Use sh explicitely to run point.shRichard Levitte
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-03Restructure make targets to allow parallel make.Lutz Jänicke
Submitted by: Witold Filipczyk <witekfl@poczta.gazeta.pl> PR: #513
2003-11-29We're getting a clash with C++ because it has a type called 'list'.Richard Levitte
Therefore, change all instances of the symbol 'list' to something else. PR: 758 Submitted by: Frédéric Giudicelli <groups@newpki.org>
2003-11-28RSA_size() and DH_size() return the amount of bytes in a key, and weRichard Levitte
compared it to the amount of bits required... PR: 770 Submitted by: c zhang <czhang2005@hotmail.com>
2003-11-28Netware-specific changes,Richard Levitte
PR: 780 Submitted by: Verdon Walker <VWalker@novell.com> Reviewed by: Richard Levitte
2003-11-04Avoid some shadowed variable names.Geoff Thorpe
Submitted by: Nils Larsch
2003-10-29A general spring-cleaning (in autumn) to fix up signed/unsigned warnings.Geoff Thorpe
I have tried to convert 'len' type variable declarations to unsigned as a means to address these warnings when appropriate, but when in doubt I have used casts in the comparisons instead. The better solution (that would get us all lynched by API users) would be to go through and convert all the function prototypes and structure definitions to use unsigned variables except when signed is necessary. The proliferation of (signed) "int" for strictly non-negative uses is unfortunate.
2003-10-10Avoid warnings: add missing prototype, don't shadow.Dr. Stephen Henson
2003-10-06Add functionality to get information on compression methods (not quite ↵Richard Levitte
complete).
2003-10-06Make sure int SSL_COMP_add_compression_method() checks if a certainRichard Levitte
compression identity is already present among the registered compression methods, and if so, reject the addition request. Declare SSL_COMP_get_compression_method() so it can be used properly. Change ssltest.c so it checks what compression methods are available and enumerates them. As a side-effect, built-in compression methods will be automagically loaded that way. Additionally, change the identities for ZLIB and RLE to be conformant to draft-ietf-tls-compression-05.txt. Finally, make update. Next on my list: have the built-in compression methods added "automatically" instead of requiring that the author call SSL_COMP_add_compression_method() or SSL_COMP_get_compression_methods().
2003-10-02Check for errors from SSL_COMP_add_compression_method().Richard Levitte
Notified by Andrew Marlow <AMARLOW1@bloomberg.net>
2003-10-02Correct a mixup of return valuesRichard Levitte
2003-09-27Have ssl3_ssl3_send_client_verify() change the state to SSL3_ST_SW_CERT_VRFY_B.Richard Levitte
PR: 679
2003-09-27Have ssl3_send_certificate_request() change the state to SSL3_ST_SW_CERT_REQ_B.Richard Levitte
PR: 680
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 04:10:09 +0000