Richard Levitte [Tue, 8 Apr 2003 06:00:05 +0000 (06:00 +0000)]
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form
of unneeded includes of openssl/engine.h.
Richard Levitte [Mon, 7 Apr 2003 19:15:25 +0000 (19:15 +0000)]
RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function
pointers should be used. It doesn't necessarely mean it should go through
the ENGINE framework.
Richard Levitte [Mon, 7 Apr 2003 10:15:32 +0000 (10:15 +0000)]
What was I smoking? EVP_PKEY_cmp() should return with 0 if
EVP_PKEY_cmp_parameters() returned 0, otherwise it should
go on processing the public key component. Thia has nothing
to do with the proper handling of EC parameters or not.
Richard Levitte [Mon, 7 Apr 2003 10:09:44 +0000 (10:09 +0000)]
Correct a typo.
Have EVP_PKEY_cmp() call EVP_PKEY_cmp_parameters(), and make a note
about the lack of parameter comparison for EC.
Richard Levitte [Sun, 6 Apr 2003 15:31:18 +0000 (15:31 +0000)]
Constify
Richard Levitte [Sat, 5 Apr 2003 21:21:26 +0000 (21:21 +0000)]
Do not call ENGINE_setup_bsd_cryptodev() when OPENSSL_NO_ENGINE is defined.
PR: 564
Richard Levitte [Fri, 4 Apr 2003 15:10:35 +0000 (15:10 +0000)]
Convert save_serial() to work like save_index(), and add a
rotate_serial() that works like rotate_index().
Richard Levitte [Fri, 4 Apr 2003 14:39:44 +0000 (14:39 +0000)]
Add documentation on the added functionality in 'openssl ca'.
Richard Levitte [Fri, 4 Apr 2003 14:19:15 +0000 (14:19 +0000)]
make update
Richard Levitte [Fri, 4 Apr 2003 14:19:00 +0000 (14:19 +0000)]
There's no need to check for __attribute__ with ANSI functions, since
we only check to the opening parenthesis anyway...
Richard Levitte [Thu, 3 Apr 2003 23:39:48 +0000 (23:39 +0000)]
Correct a lot of printing calls. Remove extra arguments...
Richard Levitte [Thu, 3 Apr 2003 23:35:14 +0000 (23:35 +0000)]
Make %p and %# work properly, at least with pointers and floats.
Richard Levitte [Thu, 3 Apr 2003 23:06:05 +0000 (23:06 +0000)]
Add GCC attributes when compiled with gcc. This helps find out if
we're using the printing functions correctly or not.
I used the corresponding attributes found in the header files of my
Linux installation.
Richard Levitte [Thu, 3 Apr 2003 23:04:48 +0000 (23:04 +0000)]
Counter for GCC attributes.
Richard Levitte [Thu, 3 Apr 2003 23:01:20 +0000 (23:01 +0000)]
One more debug line to conditionalise.
Richard Levitte [Thu, 3 Apr 2003 22:38:31 +0000 (22:38 +0000)]
Add a CA section, to make sure the test will work with the changes in
CA.sh.
Richard Levitte [Thu, 3 Apr 2003 22:33:59 +0000 (22:33 +0000)]
Implement self-signing in 'openssl ca'. This makes it easier to have
the CA certificate part of the CA database, and combined with
'unique_subject=no', it should make operations like CA certificate
roll-over easier.
Richard Levitte [Thu, 3 Apr 2003 22:27:24 +0000 (22:27 +0000)]
Add functionality to help making self-signed certificate.
Richard Levitte [Thu, 3 Apr 2003 22:12:48 +0000 (22:12 +0000)]
It's recommended to use req rather than x509 to create self-signed certificates
Richard Levitte [Thu, 3 Apr 2003 21:55:55 +0000 (21:55 +0000)]
Typo correction
Richard Levitte [Thu, 3 Apr 2003 20:03:23 +0000 (20:03 +0000)]
Don't try to free NULL values...
Richard Levitte [Thu, 3 Apr 2003 19:10:32 +0000 (19:10 +0000)]
Reindent for readability.
Richard Levitte [Thu, 3 Apr 2003 19:07:27 +0000 (19:07 +0000)]
Remove unused variable.
Richard Levitte [Thu, 3 Apr 2003 18:50:15 +0000 (18:50 +0000)]
Reset the version number of the issuer certificate? I believe this
hasn't been tested in a long while...
Richard Levitte [Thu, 3 Apr 2003 18:07:39 +0000 (18:07 +0000)]
Conditionalise all debug strings.
Richard Levitte [Thu, 3 Apr 2003 16:33:03 +0000 (16:33 +0000)]
Make it possible to have multiple active certificates with the same
subject.
Bodo Möller [Wed, 2 Apr 2003 09:50:22 +0000 (09:50 +0000)]
make RSA blinding thread-safe
Richard Levitte [Tue, 1 Apr 2003 10:59:15 +0000 (10:59 +0000)]
It seems like gcc-drivven shared library building on OpenUnix 8 requires
-shared rather than -G.
Dr. Stephen Henson [Mon, 31 Mar 2003 22:29:25 +0000 (22:29 +0000)]
Update from stable branch.
Richard Levitte [Mon, 31 Mar 2003 13:56:52 +0000 (13:56 +0000)]
No need to test -setalias twice.
PR: 556
Richard Levitte [Mon, 31 Mar 2003 13:24:02 +0000 (13:24 +0000)]
Don't feil when indent is 0.
PR: 559
Richard Levitte [Mon, 31 Mar 2003 13:06:24 +0000 (13:06 +0000)]
Add usage string for -fingerprint.
PR: 560
Dr. Stephen Henson [Sun, 30 Mar 2003 01:51:16 +0000 (01:51 +0000)]
Multi valued AVA support.
Richard Levitte [Fri, 28 Mar 2003 08:57:04 +0000 (08:57 +0000)]
OpenUNIX 8 has some problems using -G with gcc. Maybe using gnu-shared works better (will be tested tonight).
Lutz Jänicke [Thu, 27 Mar 2003 22:04:05 +0000 (22:04 +0000)]
Add warning about unwanted side effect when calling SSL_CTX_free():
sessions in the external session cache might be removed.
Submitted by: "Nadav Har'El" <nyh@math.technion.ac.il>
PR: 547
Richard Levitte [Wed, 26 Mar 2003 14:34:38 +0000 (14:34 +0000)]
Update VMS building system
Dr. Stephen Henson [Wed, 26 Mar 2003 00:46:47 +0000 (00:46 +0000)]
Update ocsp usage message and docs.
Richard Levitte [Tue, 25 Mar 2003 21:17:28 +0000 (21:17 +0000)]
Let's limit the extent of the definition of _XOPEN_SOURCE.
Richard Levitte [Tue, 25 Mar 2003 20:56:06 +0000 (20:56 +0000)]
Missed a few dollars.
PR: 528
Dr. Stephen Henson [Mon, 24 Mar 2003 17:06:25 +0000 (17:06 +0000)]
make update
Dr. Stephen Henson [Mon, 24 Mar 2003 17:04:44 +0000 (17:04 +0000)]
Support for name constraints.
Dr. Stephen Henson [Mon, 24 Mar 2003 00:56:09 +0000 (00:56 +0000)]
Name Constraints OID.
Lutz Jänicke [Sun, 23 Mar 2003 10:18:05 +0000 (10:18 +0000)]
Add SCO5 shared library scripts.
Upate SVR5 scripts for the upcoming 0.9.7b.
Submitted by: Boyd Lynn Gerber <gerberb@zenez.com>
Richard Levitte [Sat, 22 Mar 2003 22:33:52 +0000 (22:33 +0000)]
To define OPENSSL_NO_FP_API for all MSDOS type targets was unfair
against DJGPP, and much more restricted than previous definitions.
Dr. Stephen Henson [Fri, 21 Mar 2003 16:28:29 +0000 (16:28 +0000)]
make update
Dr. Stephen Henson [Fri, 21 Mar 2003 16:26:20 +0000 (16:26 +0000)]
Support for policy constraints.
Bodo Möller [Fri, 21 Mar 2003 13:11:14 +0000 (13:11 +0000)]
remove patch ID (which is supposed to appear in patched variants of
old OpenSSL releases, but not in new releases)
Richard Levitte [Fri, 21 Mar 2003 00:05:14 +0000 (00:05 +0000)]
Define COMP method function prototypes properly.
Richard Levitte [Fri, 21 Mar 2003 00:04:14 +0000 (00:04 +0000)]
Make sure to declare mem*() properly.
Richard Levitte [Thu, 20 Mar 2003 23:54:33 +0000 (23:54 +0000)]
make update
Richard Levitte [Thu, 20 Mar 2003 23:52:41 +0000 (23:52 +0000)]
Don't put configuration macro definitions on the command line, we're
just fooling ourselves and then screwing up for other applications.
Richard Levitte [Thu, 20 Mar 2003 23:51:35 +0000 (23:51 +0000)]
Sometimes, we have partial comments on the same line as other stuff we
parse. Make sure to read in the whole comment, so it can be entirely
removed.
Richard Levitte [Thu, 20 Mar 2003 23:34:28 +0000 (23:34 +0000)]
Make sure we get the definition of OPENSSL_NO_RSA.
Richard Levitte [Thu, 20 Mar 2003 23:34:08 +0000 (23:34 +0000)]
Make sure we get the definition of OPENSSL_NO_HMAC and OPENSSL_NO_SHA.
Richard Levitte [Thu, 20 Mar 2003 23:32:16 +0000 (23:32 +0000)]
Make sure we get the definition of OPENSSL_NO_SHA.
Richard Levitte [Thu, 20 Mar 2003 23:31:56 +0000 (23:31 +0000)]
Make sure we get the definition of OPENSSL_NO_RIPEMD.
Richard Levitte [Thu, 20 Mar 2003 23:31:44 +0000 (23:31 +0000)]
Make sure we get the definition of OPENSSL_NO_MDC2.
Richard Levitte [Thu, 20 Mar 2003 23:31:34 +0000 (23:31 +0000)]
Make sure we get the definition of OPENSSL_NO_MD5.
Richard Levitte [Thu, 20 Mar 2003 23:31:24 +0000 (23:31 +0000)]
Make sure we get the definition of OPENSSL_NO_MD4.
Richard Levitte [Thu, 20 Mar 2003 23:30:04 +0000 (23:30 +0000)]
Make sure we get the definition of OPENSSL_NO_MD2.
Richard Levitte [Thu, 20 Mar 2003 23:29:38 +0000 (23:29 +0000)]
Make sure we get the definition of OPENSSL_NO_DES.
Richard Levitte [Thu, 20 Mar 2003 23:29:26 +0000 (23:29 +0000)]
Make sure we get the definition of OPENSSL_NO_RC5.
Richard Levitte [Thu, 20 Mar 2003 23:29:17 +0000 (23:29 +0000)]
Make sure we get the definition of OPENSSL_NO_RC4.
Richard Levitte [Thu, 20 Mar 2003 23:29:06 +0000 (23:29 +0000)]
Make sure we get the definition of OPENSSL_NO_RC2.
Richard Levitte [Thu, 20 Mar 2003 23:28:55 +0000 (23:28 +0000)]
Make sure we get the definition of OPENSSL_NO_IDEA.
Richard Levitte [Thu, 20 Mar 2003 23:28:27 +0000 (23:28 +0000)]
Make sure we get the definition of OPENSSL_NO_CAST.
Richard Levitte [Thu, 20 Mar 2003 23:28:16 +0000 (23:28 +0000)]
Make sure we get the definition of OPENSSL_NO_BF.
Richard Levitte [Thu, 20 Mar 2003 23:28:03 +0000 (23:28 +0000)]
Make sure we get the definition of OPENSSL_NO_AES.
Richard Levitte [Thu, 20 Mar 2003 23:27:17 +0000 (23:27 +0000)]
Make sure we get the definition of a number of OPENSSL_NO_* macros.
Richard Levitte [Thu, 20 Mar 2003 23:26:46 +0000 (23:26 +0000)]
Make sure we get the definition of OPENSSL_NO_BIO.
Richard Levitte [Thu, 20 Mar 2003 23:26:32 +0000 (23:26 +0000)]
Include e_os.h correctly.
Richard Levitte [Thu, 20 Mar 2003 23:24:59 +0000 (23:24 +0000)]
Make sure we get the definition of OPENSSL_NO_MD2.
Richard Levitte [Thu, 20 Mar 2003 23:24:47 +0000 (23:24 +0000)]
Make sure we get the definition of OPENSSL_NO_FP_API.
Richard Levitte [Thu, 20 Mar 2003 23:24:32 +0000 (23:24 +0000)]
Make sure we get the definition of OPENSSL_NO_IDEA and IDEA_INT.
Richard Levitte [Thu, 20 Mar 2003 23:23:43 +0000 (23:23 +0000)]
Make sure we get the definition of OPENSSL_NO_HMAC.
Richard Levitte [Thu, 20 Mar 2003 23:22:31 +0000 (23:22 +0000)]
Make sure we get the definition of OPENSSL_NO_ECDSA.
Richard Levitte [Thu, 20 Mar 2003 23:22:17 +0000 (23:22 +0000)]
Make sure we get the definition of OPENSSL_NO_ECDH.
Richard Levitte [Thu, 20 Mar 2003 23:22:06 +0000 (23:22 +0000)]
Make sure we get the definition of OPENSSL_NO_EC.
Richard Levitte [Thu, 20 Mar 2003 23:21:51 +0000 (23:21 +0000)]
Make sure we get the definition of OPENSSL_NO_DSA and OPENSSL_NO_SHA.
Richard Levitte [Thu, 20 Mar 2003 23:21:27 +0000 (23:21 +0000)]
Make sure we get the definition of OPENSSL_NO_DH.
Richard Levitte [Thu, 20 Mar 2003 23:21:10 +0000 (23:21 +0000)]
Make sure we get the definition of OPENSSL_EXTERN, OPENSSL_NO_DES,
DES_LONG and OPENSSL_NO_DESCBCM.
Richard Levitte [Thu, 20 Mar 2003 23:20:15 +0000 (23:20 +0000)]
Make sure we get the definition of OPENSSL_NO_CAST.
Richard Levitte [Thu, 20 Mar 2003 23:19:41 +0000 (23:19 +0000)]
Make sure we get the definition of OPENSSL_NO_ERR.
Richard Levitte [Thu, 20 Mar 2003 23:18:32 +0000 (23:18 +0000)]
Make sure we get the definition of OPENSSL_NO_SOCK.
Richard Levitte [Thu, 20 Mar 2003 23:17:23 +0000 (23:17 +0000)]
Make sure we get the definition of OPENSSL_NO_FP_API.
Richard Levitte [Thu, 20 Mar 2003 23:17:04 +0000 (23:17 +0000)]
Make sure we get the definition of OPENSSL_NO_BF.
Richard Levitte [Thu, 20 Mar 2003 23:16:45 +0000 (23:16 +0000)]
Make sure we get the definition of OPENSSL_NO_BIO and OPENSSL_NO_RSA.
Richard Levitte [Thu, 20 Mar 2003 23:15:51 +0000 (23:15 +0000)]
Make sure we get the definition of OPENSSL_NO_AES.
Richard Levitte [Thu, 20 Mar 2003 23:14:49 +0000 (23:14 +0000)]
Because it may be needed in public header files, move the definition
of OPENSSL_NO_FP_API on existence of OPENSSL_SYS_MSDOS to e_os2.h.
Dr. Stephen Henson [Thu, 20 Mar 2003 17:59:39 +0000 (17:59 +0000)]
make update
Dr. Stephen Henson [Thu, 20 Mar 2003 17:58:33 +0000 (17:58 +0000)]
New ASN1 macros to just implement and declare the new and free functions
and changes to mkdef.pl so it recognises them.
Use these in policyMappings extension.
Bodo Möller [Thu, 20 Mar 2003 17:31:30 +0000 (17:31 +0000)]
make sure RSA blinding works when the PRNG is not properly seeded;
enable it automatically for the built-in engine
Dr. Stephen Henson [Thu, 20 Mar 2003 17:26:44 +0000 (17:26 +0000)]
Support for policyMappings
Dr. Stephen Henson [Thu, 20 Mar 2003 17:14:27 +0000 (17:14 +0000)]
Typo: OID should be policyMappings
Dr. Stephen Henson [Thu, 20 Mar 2003 17:09:46 +0000 (17:09 +0000)]
Avoid warning.
Richard Levitte [Thu, 20 Mar 2003 16:34:27 +0000 (16:34 +0000)]
Add documentation for -starttls (s_client) and -id_prefix (s_server).
PR: 542
Dr. Stephen Henson [Thu, 20 Mar 2003 14:21:36 +0000 (14:21 +0000)]
make update
Richard Levitte [Thu, 20 Mar 2003 11:44:28 +0000 (11:44 +0000)]
Some shells (ksh in this case) don't say 'command not found'.
PR: 540
Richard Levitte [Thu, 20 Mar 2003 11:41:59 +0000 (11:41 +0000)]
Spelling errors.
PR: 538
Richard Levitte [Thu, 20 Mar 2003 11:37:47 +0000 (11:37 +0000)]
Make sure that all the library paths are modified in prepend mode, not
replace mode.
PR: 528