openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity
35,260 Commits 26 Branches 374 Tags 509 MiB
Commit Graph

4128 Commits

Author SHA1 Message Date
Dr. Stephen Henson 4aeb94b801 Oops! Get the pmatch test the right way round. 1999-05-16 21:50:26 +00:00
Dr. Stephen Henson 1b266dabf5 Fix various less obvious bugs in PKCS#7 handling: such as not zeroing 
the secret key before we've encrypted it and using the right NID for RC2-64.
Add various arguments to the experimental programs 'dec' and 'enc' to make
testing less painful.

This stuff has now been tested against Netscape Messenger and it can encrypt
and decrypt S/MIME messages with RC2 (128, 64 and 40 bit) DES and triple DES.

Its still experimental though...
 1999-05-16 17:32:32 +00:00
Bodo Möller edf0bfb52b Change type of various DES function arguments from des_cblock 
(meaning pointer to char) to des_cblock * (meaning pointer to
array with 8 char elements), which allows the compiler to
do more typechecking.  (The changed argument types were of type
des_cblock * back in SSLeay, and a lot of ugly casts were
used then to turn them into pointers to elements; but it can be
done without those casts.)

Introduce new type const_des_cblock -- before, the pointers rather
than the elements pointed to were declared const, and for
some reason gcc did not complain about this (but some other
compilers did).
 1999-05-16 12:26:16 +00:00
Bodo Möller e186bf96b4 Added a comment pointing out the behaviour of "openssl x509 -conf ...", 
which cost me some time to find out about.
 1999-05-16 12:17:20 +00:00
Bodo Möller ee86c3f53d Marked probable bug, pointed out by Anonymous. 1999-05-16 12:01:49 +00:00
Dr. Stephen Henson a74c55cd8f Various Win32 fixes. Change args in do_ms.bat to put platform last. Fix 
unsigned/signed cmp error in asn1parse. Change various pem_all.c args to
use pem_password_cb.
 1999-05-15 20:33:15 +00:00
Bodo Möller 127640b449 Update dependencies. 1999-05-15 13:38:48 +00:00
Ben Laurie 531b2cf7e9 Get rid of the cast. 1999-05-15 11:54:21 +00:00
Ulf Möller 09feda5cec Cut&paste error. 1999-05-13 17:25:05 +00:00
Bodo Möller b56bce4fc7 New structure type SESS_CERT used instead of CERT inside SSL_SESSION. 
While modifying the sources, I found some inconsistencies on the use of
s->cert vs. s->session->sess_cert; I don't know if those could
really have caused problems, but possibly this is a proper bug-fix
and not just a clean-up.
 1999-05-13 15:09:38 +00:00
Ulf Möller 5c83b4c93f Remove redundant ifdef. 1999-05-13 13:29:41 +00:00
Ulf Möller 75e0770d96 VMS support bug fixes. 1999-05-13 13:21:17 +00:00
Ulf Möller 7d7d2cbcb0 VMS support. 
Submitted by: Richard Levitte <richard@levitte.org>
 1999-05-13 11:37:32 +00:00
Dr. Stephen Henson f5eac85edc Add new -out option to asn1parse to allow the parsed data to be output. 
Fixed -strparse option: it didn't work if used more than once (this was due
to the d2i_ASN1_TYPE call parsing a freed buffer). On Win32 the file wincrypt.h
#define's X509_NAME and PKCS7_SIGNER_INFO causing clashes so these are #undef'ed
 1999-05-12 01:56:27 +00:00
Bodo Möller 54a29df0ec argc counting bug fixed. 
Submitted by: Tomas Hulek
Reviewed by:
PR:
 1999-05-11 15:44:58 +00:00
Ulf Möller 7af62c3cbb Move openssl.cnf out of lib/. 
Submitted by: Richard Levitte <levitte@stacken.kth.se>
 1999-05-11 10:42:28 +00:00
Ulf Möller d5a2ea4b73 Move openssl.cnf out of lib/. 1999-05-10 23:59:28 +00:00
Ralf S. Engelschall 397f703892 Fix various things to let OpenSSL even pass ``egcc -pipe -O2 -Wall -Wshadow 
-Wpointer-arith -Wcast-align -Wmissing-prototypes -Wmissing-declarations
-Wnested-externs -Winline'' with EGCS 1.1.2+
 1999-05-10 08:33:56 +00:00
Dr. Stephen Henson a5ab0532ca Various Win32 fixes. Win95 doesn't support MoveFileEx() (which was used for a 
Win32 version of rename() ). There isn't a precise rename() equivalent under
Win95: the standard rename() complains if the destination already exists so
replaced with a combination of unlink() and MoveFile().
 1999-05-08 22:46:51 +00:00
Dr. Stephen Henson e40b7abeed Allows PKCS#12 password to be placed on command line and add allow config 
file name for 'ca' to come from the environment.
 1999-05-08 12:59:50 +00:00
Bodo Möller a2aa81683f This was an unused derivate of an old version of s_client.c that had 
been changed so that it almost could be used under Windows.
No one asked to keep it (and no one volunteered to bring it into useable
state), so away with it.
Submitted by:
Reviewed by:
PR:
 1999-05-08 10:12:48 +00:00
Ralf S. Engelschall 20b85fdd76 Convert casted X509_INFO stacks to type-safe STACK_OF(X509_INFO). 
PS: Feel free to move the IMPLEMENT_STACK_OF(X509_INFO) from
    crypto/asn1/x_info.c to any other place where you think it fits better.
    X509_INFO is a structure slightly spreaded over ASN.1, X509 and PEM code,
    so I found no definitive location for IMPLEMENT_STACK_OF(X509_INFO).  In
    crypto/asn1/x_info.c it's at least now bundled with X509_INFO_new() and
    friends.
 1999-05-04 08:56:51 +00:00
Ralf S. Engelschall 0f3e604589 consistency cosmetics 1999-05-04 06:50:45 +00:00
Ben Laurie 0b3f827cf5 Yet another stack. 1999-05-02 21:36:58 +00:00
Ben Laurie 5b1b044606 Update dependencies. 1999-05-01 22:36:10 +00:00
Ben Laurie d35ea5b00b Another stack. 1999-05-01 18:29:59 +00:00
Ben Laurie d500de1672 Another stack. 1999-05-01 18:08:44 +00:00
Ben Laurie 65d4927b8d Another safe stack. 1999-05-01 17:40:57 +00:00
Bodo Möller e5f3045fbf Support INSTALL_PREFIX for packagers. 
Submitted by:
Reviewed by:
PR:
 1999-04-29 21:52:08 +00:00
Ulf Möller d575d2924c Ignore Makefile.save 
Submitted by: Anonymous
 1999-04-29 16:04:54 +00:00
Bodo Möller cc98d9b68c Fix make target "install". 
Submitted by: Niels Poppe
Reviewed by:
PR:
 1999-04-29 12:30:49 +00:00
Bodo Möller ddeee82c63 Install various scripts to $(OPENSSLDIR)/misc instead of $(INSTALLTOP)/bin. 
Submitted by:
Reviewed by:
PR:
 1999-04-28 22:06:19 +00:00
Ben Laurie 8b1a3a9238 Don't shadow. 1999-04-28 12:13:45 +00:00
Bodo Möller 67a4728511 A new comment. 
Submitted by:
Reviewed by:
PR:
 1999-04-27 16:48:06 +00:00
Ulf Möller b5929507e3 Update NO_* macros. 1999-04-27 11:56:15 +00:00
Ulf Möller f5d7a031a3 New Configure option no-<cipher> (rsa, idea, rc5, ...). 1999-04-27 01:14:46 +00:00
Dr. Stephen Henson b64f825671 Add PKCS#12 documentation and new option in x509 to add certificate extensions. 1999-04-27 00:36:20 +00:00
Ulf Möller a9be3af5ad Remove NOPROTO definitions and error code comments. 1999-04-26 16:43:10 +00:00
Ulf Möller b0b7b1c5ae New Configure option --openssldir to replace ssldir.pl. 1999-04-24 23:01:36 +00:00
Dr. Stephen Henson 6d31193858 Complete rewrite of the error code generation script. It now runs as a single 
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
 1999-04-24 00:15:18 +00:00
Bodo Möller bf57da0717 "make depend" 
Submitted by:
Reviewed by:
PR:
 1999-04-23 22:50:50 +00:00
Bodo Möller ec577822f9 Change #include filenames from <foo.h> to <openssl.h>. 
Submitted by:
Reviewed by:
PR:
 1999-04-23 22:13:45 +00:00
Ben Laurie 61f5b6f338 Work with -pedantic! 1999-04-23 15:01:15 +00:00
Ulf Möller 95dc05bc6d Fix lots of warnings. 
Submitted by: Richard Levitte <levitte@stacken.kth.se>
 1999-04-20 22:50:42 +00:00
Ulf Möller 6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Dr. Stephen Henson 41b731f2f8 Initial support for Certificate Policies extension: print out works but setting 
isn't fully implemented (yet).
 1999-04-18 23:21:03 +00:00
Ben Laurie e778802f53 Massive constification. 1999-04-17 21:25:43 +00:00
Dr. Stephen Henson 1d48dd0019 Add initial support for r2i RAW extensions which can access the config database 
add various X509V3_CTX helper functions and support for LHASH as the config
database.
 1999-04-16 23:57:04 +00:00
Bodo Möller c1cf1eecdb /* Just some comments. */ 
Submitted by:
Reviewed by:
PR:
 1999-04-14 23:47:41 +00:00
Bodo Möller d91f8c3ce8 Cleaning up Ben's clean-ups :-) 
Submitted by:
Reviewed by:
PR:
 1999-04-14 23:10:11 +00:00
Bodo Möller f0f1b4e400 Some tiny fixes. 
Submitted by:
Reviewed by:
PR:

Submitted by:
Reviewed by:
PR:
 1999-04-14 20:17:23 +00:00
Ben Laurie f73e07cf42 Add type-safe STACKs and SETs. 1999-04-12 17:23:57 +00:00
Ben Laurie a36a1a5146 gcc claims this is a shadow, though I can't find what it is shadowing... 1999-04-12 17:17:39 +00:00
Ralf S. Engelschall f9a2593163 Add `openssl ca -revoke <certfile>' facility which revokes a certificate 
specified in <certfile> by updating the entry in the index.txt file.
This way one no longer has to edit the index.txt file manually for
revoking a certificate. The -revoke option does the gory details now.

Submitted by: Massimiliano Pala <madwolf@openca.org>
Cleaned up and integrated by: Ralf S. Engelschall
 1999-04-12 11:45:14 +00:00
Ralf S. Engelschall 2f0cd19533 Fix `openssl crl -noout -text' combination where `-noout' killed the `-text' 
option at all and this way the `-noout -text' combination was inconsistent in
`openssl crl' with the friends in `openssl x509|rsa|dsa'.
 1999-04-12 10:36:16 +00:00
Bodo Möller fc8ee06b4d Submitted by: 
Reviewed by:
PR:
 1999-04-11 02:49:35 +00:00
Ralf S. Engelschall 7c7c88515f Fix a few typos and tabs while I'm poking around in ca.c... 1999-04-10 13:15:38 +00:00
Ben Laurie 3bb307c10c Adjust renegotiation slightly. 1999-04-10 12:08:46 +00:00
Bodo Möller c7ac31e26e Bugfix: s_client occasionally would sleep in select() when it should 
have checked SSL_pending() first.
Submitted by:
Reviewed by:
PR:
 1999-04-09 20:54:25 +00:00
Ulf Möller e8d628156f Remove obsolete files from SSLeay 0.8. 1999-04-06 15:22:55 +00:00
Ben Laurie 121bd68d1c Don't shadow. 1999-04-03 14:52:01 +00:00
Bodo Möller cf897932ca Avoid EADDRINUSE for s_server. 
Submitted by:
Reviewed by:
PR:
 1999-04-02 23:35:43 +00:00
Ulf Möller 99aab1619f New Makefile variables $(RANLIB) and $(PERL). 1999-04-01 12:34:33 +00:00
Ben Laurie 3dcc1ffc52 Don't shadow. 1999-04-01 10:17:35 +00:00
Bodo Möller 6d02d8e444 New option "-showcerts" for s_client 
Slight cleanup in ssl/
 1999-03-31 12:06:30 +00:00
Dr. Stephen Henson ee0508d411 Include pkcs12 program as part of openssl. This completes most of the PKCS#12 
integration.
 1999-03-29 17:50:26 +00:00
Ben Laurie b4cadc6e13 Fix security hole. 1999-03-22 12:22:14 +00:00
Ben Laurie 047f1a4466 Remake cert links when the app is built. 1999-03-09 20:06:39 +00:00
Ralf S. Engelschall 15542b2847 Make it more clear what option -WWW to s_server does. 1999-03-09 13:09:07 +00:00
Ralf S. Engelschall d10f052be5 Make `openssl version' output lines consistent. 1999-03-08 12:35:01 +00:00
Dr. Stephen Henson 1756d405cc Added support for adding extensions to CRLs, also fix a memory leak and 
make 'req' check the config file syntax before it adds extensions. Added
info in the documentation as well.
 1999-03-06 19:33:29 +00:00
Ben Laurie 6242bb9c63 Put the dependencies back. 1999-03-06 14:32:48 +00:00
Ralf S. Engelschall bb8f3c5879 General source tree makefile cleanups: Made `making xxx in yyy...' display 
consistent in the source tree and replaced `/bin/rm' by `rm'.  Additonally
cleaned up the `make links' target: Remove unnecessary semicolons, subsequent
redundant removes, inline point.sh into mklink.sh to speed processing and no
longer clutter the display with confusing stuff. Instead only the actually
done links are displayed.
 1999-03-06 12:32:06 +00:00
Ben Laurie 1efa9c33c0 Update dependencies. 1999-02-27 18:41:04 +00:00
Ralf S. Engelschall ea14a91f64 Move s_server -dcert and -dkey options out of the undocumented feature area 
because they are useful for the DSA situation and should be recognized by the
users. Thanks to Steve for the original hint.
 1999-02-25 11:26:26 +00:00
Ralf S. Engelschall 7be304acdb Make `openssl x509 -noout -modulus' functional also for DSA certificates (in 
addition to RSA certificates) to match the behaviour of `openssl dsa -noout
-modulus' as it's already the case for `openssl rsa -noout -modulus'.  For RSA
the -modulus is the real "modulus" while for DSA currently the public key is
printed (a decision which was already done by `openssl dsa -modulus' in the
past) which serves a similar purpose.  Additionally the NO_RSA no longer
completely removes the whole -modulus option; it now only avoids using the RSA
stuff. Same applies to NO_DSA now, too.
 1999-02-24 17:17:31 +00:00
Dr. Stephen Henson 6b313a7365 Remove debugging fprintf from req.c and fix the code so it properly skips over 
the first leading XXX. in the DN.
 1999-02-24 00:14:21 +00:00
Ben Laurie 15799403ad Fix more warnings. 1999-02-23 12:53:49 +00:00
Ralf S. Engelschall 3a1daca9ef Get rid of a nasty debugging message which was forgotten here... 1999-02-23 08:53:04 +00:00
Ralf S. Engelschall f2f351ce9c Fix usage message on gendsa: 
1. The dsaparam argument is mandatory and not optional
2. Add a little text what this actually is: a filename
 1999-02-23 08:52:20 +00:00
Dr. Stephen Henson a43aa73e3b Redo the way 'req' and 'ca' add objects: add support for oid_section. 1999-02-23 00:07:46 +00:00
Ben Laurie 60e31c3a4b More stuff for new TLS ciphersuites. 1999-02-21 21:58:59 +00:00
Dr. Stephen Henson aa066b9e6e Add more functionality to issuer alt name and subject alt name. New options 
to include email addresses from DN and copy details from issuer certificate.
Include examples in openssl.cnf, update Win32 ordinals.
 1999-02-21 01:46:45 +00:00
Dr. Stephen Henson 0ca5f8b15c Overhaul 'crl' application, add a proper X509_CRL_print function and start 
to support CRL extensions.
 1999-02-19 01:29:29 +00:00
Dr. Stephen Henson 0be9747b39 Oops! Remeber to include the other patches this time... 1999-02-17 23:22:57 +00:00
Dr. Stephen Henson a8236c8c32 Fix various memory leaks in SSL, apps and DSA 1999-02-15 21:05:21 +00:00
Dr. Stephen Henson 388ff0b076 Add support for raw extensions. This means that you can include the DER encoding 
of an arbitrary extension: e.g. 1.3.4.5=critical,RAW:12:34:56 Using this
technique currently unsupported extensions can be generated if you know their
DER encoding. Even if the extension is supported in future the raw extension
will still work: that is the raw version can always be used even if it is a
supported extension.
 1999-02-14 16:48:22 +00:00
Dr. Stephen Henson 5c00879ef0 More Win32 fixes and upsdate INSTALL.W32 documentation. 1999-02-14 00:40:13 +00:00
Ben Laurie 08853ba82d Finally(?) fix DES stuff. 1999-02-13 21:49:34 +00:00
Ben Laurie 4e31df2cd7 Fix ghastly DES declarations, and all consequential warnings. 1999-02-13 18:52:38 +00:00
Dr. Stephen Henson 3773d138ce Delete a few unused files in apps, restore CAST WIN32 ASM file to main 
tree.
 1999-02-11 00:07:39 +00:00
Dr. Stephen Henson 175b0942ec More extension code. Incomplete support for subject and issuer alt 
name, issuer and authority key id. Change the i2v function parameters
and add an extra 'crl' parameter in the X509V3_CTX structure: guess
what that's for :-) Fix to ASN1 macro which messed up
IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED.
 1999-02-10 01:12:59 +00:00
Ben Laurie 7ec218eb4a Process extensions when they are there. 1999-02-06 17:46:23 +00:00
Ben Laurie 9f7646da25 Diagnose errors. 1999-02-06 15:20:44 +00:00
Ben Laurie 29d2824788 Typo in arguments. 1999-02-06 15:19:16 +00:00
Ben Laurie c106c6132c Clear error we don't care about. 1999-02-06 13:30:37 +00:00
Ralf S. Engelschall 5810a5f4c7 Reflect correct filename 1999-01-31 11:19:17 +00:00
Mark J. Cox d1f4c83ce5 Fix some more typos 
Submitted by:
Reviewed by:
PR:
 1999-01-31 09:59:54 +00:00
Mark J. Cox bc2646ef11 fix typo 
Submitted by:
Reviewed by:
PR:
 1999-01-31 09:57:00 +00:00
Ben Laurie 59ff713462 Break circular dependency between pem and err. 1999-01-30 13:40:34 +00:00
Ben Laurie fc8c1a5c67 Update dependencies. 1999-01-30 12:05:42 +00:00
Dr. Stephen Henson 79dfa97555 New program 'nseq' added to apps to allow Netscape certificate sequences to 
be pulled apart and built.
 1999-01-29 23:34:19 +00:00
Dr. Stephen Henson 9fe84296a4 Allow the -certfile argument to be used multiple times in crl2pkcs7. 
Also fix typos in the usage messages: "inout" instead of "input".
 1999-01-29 01:53:55 +00:00
Ralf S. Engelschall 7ae01d4adc One more incorrect name in usage page 1999-01-28 14:48:31 +00:00
Ralf S. Engelschall b6cff93dcf Fix names in usage page of s_time, s_server and s_client 1999-01-28 14:44:08 +00:00
Dr. Stephen Henson b2347661ce Still more X509 V3 stuff. Modify ca.c to work with the new code and modify 
openssl.cnf for the new syntax.
 1999-01-26 01:19:27 +00:00
Dr. Stephen Henson f317aa4c9c More X509 V3 stuff. Add support for extensions in the 'req' application 
so that: openssl req -x509 -new -out cert.pem
will take extensions from openssl.cnf a sample for a CA is included.
Also change the directory order so pem is nearer the end. Otherwise 'make links'
wont work because pem.h can't be built.
 1999-01-25 01:09:21 +00:00
Dr. Stephen Henson 834eeef995 Continuing adding X509 V3 support. This starts to integrate the code with 
the main library, but only with printing at present. To see this try:
openssl x509 -in cert.pem -text
on a certificate with some extensions in it.
 1999-01-24 17:50:32 +00:00
Dr. Stephen Henson 9b5cc156f3 Continued patches so certificates and CRLs now can support and use 
GeneralizedTime.
 1999-01-20 00:14:40 +00:00
Ben Laurie 6f93539970 This time, get it right. 1999-01-19 23:25:22 +00:00
Ben Laurie 8039257dbc Finally lay dependencies to rest (I hope!). 1999-01-19 21:36:31 +00:00
Ben Laurie 512d222830 Remove pointless MD5 hash. 
Contributed by: Anonymous <nobody@replay.com>
 1999-01-17 14:14:41 +00:00
Ben Laurie 50acf46b92 Sort openssl functions by name. 1999-01-09 19:15:59 +00:00
Dr. Stephen Henson 7f9b7b074d Fix the gendsa program and add it to the app list. The progs.h file is 
auto generated but not auto updated so it is included. Also remove the
encryption from the sample DSA keys.
 1999-01-09 17:29:34 +00:00
Ben Laurie c13d4799dd Send the right CAs to the client. 1999-01-07 00:16:37 +00:00
Ben Laurie bc4deee07a Fix numeric -newkey args. 
Contributed by: Bodo Moeller <3moeller@informatik.uni-hamburg.de>
 1999-01-07 00:10:32 +00:00
Dr. Stephen Henson 10061c7c47 More EVP_PKEY patches for new functionality. 1999-01-03 23:00:45 +00:00
Dr. Stephen Henson cfcf645356 Make sure applications free up pkey structures and add netscape extension 
handling to x509.c
 1999-01-03 01:08:33 +00:00
Paul C. Sutton c142bdf725 Update scripts to use "openssl" instead of "ssleay" 1999-01-02 16:02:24 +00:00
Paul C. Sutton e170a5c050 Some more changes for renaming the binary from ssleay to openssl. 
I wonder what eay.c is?
 1999-01-02 14:42:23 +00:00
Ralf S. Engelschall 06d5b16225 First cut of a cleanup for apps/. First the `ssleay' program is now named 
`openssl' and second, the shortcut symlinks for the `openssl <command>' are no
longer created. This way we have a single and consistent command line
interface `openssl <command>', similar to `cvs <command>'.

Notice, the openssl.cnf, openssl.c and progs.pl files were changed after a
repository copy, i.e. they still contain the complete file history.
 1999-01-02 12:59:33 +00:00
Dr. Stephen Henson c35f549e8b Move DSA test in ca.c inside #ifdef and make pubkey BIT STRING always have 
zero unused bits.
 1999-01-02 01:53:06 +00:00
stephen 8f3e97bac3 This is a quick hack conversion of the 'CA.sh' script to perl. It fixes one 
bug in the original but is otherwise just as horrible :-)
 1999-01-01 00:54:48 +00:00
Ralf S. Engelschall 13e91dd365 Incorporation of RSEs assembled patches 1998-12-22 15:59:57 +00:00
Ralf S. Engelschall 651d0aff98 Various cleanups and fixed by Marc and Ralf to start the OpenTLS project 1998-12-22 15:04:48 +00:00
Ralf S. Engelschall dfeab0689f Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:56 +00:00
Ralf S. Engelschall 58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Ralf S. Engelschall d02b48c63a Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00