oweals/openssl.git
25 years agoFixes to BN code. Previously the default was to define BN_RECURSION
Mark J. Cox [Thu, 28 Jan 1999 10:40:38 +0000 (10:40 +0000)]
Fixes to BN code.  Previously the default was to define BN_RECURSION
but the BN code had some problems that would cause failures when
doing certificate verification and some other functions.

Submitted by: Eric A Young from a C2Net version of SSLeay
Reviewed by: Mark J Cox
PR:

25 years agoRemember to add the new file this time :-)
Dr. Stephen Henson [Thu, 28 Jan 1999 00:34:42 +0000 (00:34 +0000)]
Remember to add the new file this time :-)

25 years agoAdd ASN1 code for netscape certificate sequences.
Dr. Stephen Henson [Thu, 28 Jan 1999 00:16:44 +0000 (00:16 +0000)]
Add ASN1 code for netscape certificate sequences.

25 years agoAdd a few extended key usage OIDs.
Dr. Stephen Henson [Tue, 26 Jan 1999 23:13:14 +0000 (23:13 +0000)]
Add a few extended key usage OIDs.

25 years agoStill more X509 V3 stuff. Modify ca.c to work with the new code and modify
Dr. Stephen Henson [Tue, 26 Jan 1999 01:19:27 +0000 (01:19 +0000)]
Still more X509 V3 stuff. Modify ca.c to work with the new code and modify
openssl.cnf for the new syntax.

25 years agoOops. One header too many.
Ben Laurie [Mon, 25 Jan 1999 21:36:51 +0000 (21:36 +0000)]
Oops. One header too many.

25 years agoUpdate dependencies.
Ben Laurie [Mon, 25 Jan 1999 21:25:54 +0000 (21:25 +0000)]
Update dependencies.

25 years agoDeclare correctly on FreeBSD.
Ben Laurie [Mon, 25 Jan 1999 21:20:57 +0000 (21:20 +0000)]
Declare correctly on FreeBSD.

25 years agoReduce header dependencies.
Ben Laurie [Mon, 25 Jan 1999 21:19:12 +0000 (21:19 +0000)]
Reduce header dependencies.

25 years agoMore X509 V3 stuff. Add support for extensions in the 'req' application
Dr. Stephen Henson [Mon, 25 Jan 1999 01:09:21 +0000 (01:09 +0000)]
More X509 V3 stuff. Add support for extensions in the 'req' application
so that: openssl req -x509 -new -out cert.pem
will take extensions from openssl.cnf a sample for a CA is included.
Also change the directory order so pem is nearer the end. Otherwise 'make links'
wont work because pem.h can't be built.

25 years agoAdd file x509v3.err.
Dr. Stephen Henson [Sun, 24 Jan 1999 20:58:44 +0000 (20:58 +0000)]
Add file x509v3.err.

25 years agoMake sure people know when they need to rebuild the Makefile.
Ben Laurie [Sun, 24 Jan 1999 18:15:00 +0000 (18:15 +0000)]
Make sure people know when they need to rebuild the Makefile.

25 years agoMinor constification.
Ben Laurie [Sun, 24 Jan 1999 17:54:23 +0000 (17:54 +0000)]
Minor constification.

25 years agoContinuing adding X509 V3 support. This starts to integrate the code with
Dr. Stephen Henson [Sun, 24 Jan 1999 17:50:32 +0000 (17:50 +0000)]
Continuing adding X509 V3 support. This starts to integrate the code with
the main library, but only with printing at present. To see this try:
openssl x509 -in cert.pem -text
on a certificate with some extensions in it.

25 years agoInitial addition of new X509 V3 files, tidy of old files.
Dr. Stephen Henson [Sun, 24 Jan 1999 00:50:01 +0000 (00:50 +0000)]
Initial addition of new X509 V3 files, tidy of old files.

25 years agoStart keeping track of wishes people make on our mailing lists to make sure we
Ralf S. Engelschall [Thu, 21 Jan 1999 13:01:20 +0000 (13:01 +0000)]
Start keeping track of wishes people make on our mailing lists to make sure we
don't forget them and this way we have them bundled together.

25 years agoCorrect bracketing error.
Ben Laurie [Thu, 21 Jan 1999 11:46:01 +0000 (11:46 +0000)]
Correct bracketing error.

25 years agoContinued patches so certificates and CRLs now can support and use
Dr. Stephen Henson [Wed, 20 Jan 1999 00:14:40 +0000 (00:14 +0000)]
Continued patches so certificates and CRLs now can support and use
GeneralizedTime.

25 years agoThis time, get it right.
Ben Laurie [Tue, 19 Jan 1999 23:25:22 +0000 (23:25 +0000)]
This time, get it right.

25 years agoFinally lay dependencies to rest (I hope!).
Ben Laurie [Tue, 19 Jan 1999 21:36:31 +0000 (21:36 +0000)]
Finally lay dependencies to rest (I hope!).

25 years agoSpelling mistake.
Ben Laurie [Tue, 19 Jan 1999 19:18:20 +0000 (19:18 +0000)]
Spelling mistake.

25 years agoThis is the result of a "make errors" with the new error building functionality
Dr. Stephen Henson [Mon, 18 Jan 1999 22:19:46 +0000 (22:19 +0000)]
This is the result of a "make errors" with the new error building functionality
in place.

25 years agoNew err_code.pl script to retain old error codes. This should allow the use
Dr. Stephen Henson [Mon, 18 Jan 1999 22:18:38 +0000 (22:18 +0000)]
New err_code.pl script to retain old error codes. This should allow the use
of 'make errors' without causing huge re-organisations of files when a new
code is added.

25 years agoIgnore auto-generated programs.
Ben Laurie [Sun, 17 Jan 1999 16:28:06 +0000 (16:28 +0000)]
Ignore auto-generated programs.

25 years agoDispose of generated programs.
Ben Laurie [Sun, 17 Jan 1999 16:27:15 +0000 (16:27 +0000)]
Dispose of generated programs.

25 years agoFix major cockup with short keys in CAST-128.
Ben Laurie [Sun, 17 Jan 1999 16:26:24 +0000 (16:26 +0000)]
Fix major cockup with short keys in CAST-128.

25 years agoUpdate CHANGES for GeneralizedTime info.
Dr. Stephen Henson [Sun, 17 Jan 1999 15:10:33 +0000 (15:10 +0000)]
Update CHANGES for GeneralizedTime info.

25 years agoCorrect Linux 1 recognition.
Ben Laurie [Sun, 17 Jan 1999 14:20:20 +0000 (14:20 +0000)]
Correct Linux 1 recognition.
Contributed by: Ulf Möller <ulf@fitug.de>

25 years agoOops. Missing NULL frees.
Ben Laurie [Sun, 17 Jan 1999 14:19:31 +0000 (14:19 +0000)]
Oops. Missing NULL frees.

25 years agoRemove pointless MD5 hash.
Ben Laurie [Sun, 17 Jan 1999 14:14:41 +0000 (14:14 +0000)]
Remove pointless MD5 hash.
Contributed by: Anonymous <nobody@replay.com>

25 years agoGenerate an error on an invalid directory.
Ben Laurie [Sun, 17 Jan 1999 14:10:08 +0000 (14:10 +0000)]
Generate an error on an invalid directory.

25 years agoTime to blow up the source tree :-) This is the beginning of support for
Dr. Stephen Henson [Sun, 17 Jan 1999 00:13:14 +0000 (00:13 +0000)]
Time to blow up the source tree :-) This is the beginning of support for
GeneralizedTime. At several points PKIX specifies that GeneralizedTime can be
used but OpenSSL doesn't currently support it. This patch adds several files
and a bunch of functions.

Of interest is the ASN1_TIME structure and its related functions. At several
points certificates, CRLs et al specify that a time can be expressed as a
choice of UTCTime and GeneralizedTime. Currently OpenSSL interprets this
(wrongly) as UTCTime because GeneralizedTime isn't supported. The ASN1_TIME
stuff provides this functionality.

Still todo is to trace which cert and CRL points need an ASN1_TIME and modify
the utilities appropriately and of course fix all the bugs.

Note new OpenSSL copyright in the new file a_time.c. I didn't put it in
a_gentm.c because it is a minimally modified form a_utctm.c .

Since this adds new files and error codes you will need to do a 'make errors'
at the top level to add the new codes.

25 years agoMore prototypes.
Ben Laurie [Sat, 16 Jan 1999 18:46:23 +0000 (18:46 +0000)]
More prototypes.

25 years agoMore prototypes.
Ben Laurie [Sat, 16 Jan 1999 17:56:00 +0000 (17:56 +0000)]
More prototypes.

25 years agoMore prototypes.
Ben Laurie [Sat, 16 Jan 1999 17:49:12 +0000 (17:49 +0000)]
More prototypes.

25 years agoMore prototypes.
Ben Laurie [Sat, 16 Jan 1999 17:40:04 +0000 (17:40 +0000)]
More prototypes.

25 years agoMore prototypes.
Ben Laurie [Sat, 16 Jan 1999 17:28:15 +0000 (17:28 +0000)]
More prototypes.

25 years agoMore prototypes.
Ben Laurie [Sat, 16 Jan 1999 17:12:36 +0000 (17:12 +0000)]
More prototypes.

25 years agoFix parameters to dummy function BN_ref_mod_exp().
Dr. Stephen Henson [Thu, 14 Jan 1999 18:25:07 +0000 (18:25 +0000)]
Fix parameters to dummy function BN_ref_mod_exp().

25 years agoSubmitted by: Neil Costigan <neil.costigan@celocom.com>
Dr. Stephen Henson [Thu, 14 Jan 1999 18:21:57 +0000 (18:21 +0000)]
Submitted by: Neil Costigan <neil.costigan@celocom.com>
PR:

25 years agoFix OBJ_txt2nid(): old function was broken when input used the "dot" form, e.g.
Dr. Stephen Henson [Tue, 12 Jan 1999 18:40:33 +0000 (18:40 +0000)]
Fix OBJ_txt2nid(): old function was broken when input used the "dot" form, e.g.
1.2.3.4 . Also added new function OBJ_txt2obj().

25 years agoAdd prototype, fix parameter passing bug.
Ben Laurie [Sun, 10 Jan 1999 20:36:02 +0000 (20:36 +0000)]
Add prototype, fix parameter passing bug.

25 years agoFix comment.
Ben Laurie [Sun, 10 Jan 1999 19:41:33 +0000 (19:41 +0000)]
Fix comment.

25 years agoSort openssl functions by name.
Ben Laurie [Sat, 9 Jan 1999 19:15:59 +0000 (19:15 +0000)]
Sort openssl functions by name.

25 years agoFix the gendsa program and add it to the app list. The progs.h file is
Dr. Stephen Henson [Sat, 9 Jan 1999 17:29:34 +0000 (17:29 +0000)]
Fix the gendsa program and add it to the app list. The progs.h file is
auto generated but not auto updated so it is included. Also remove the
encryption from the sample DSA keys.

25 years agoGet rid of redundant files.
Ben Laurie [Sat, 9 Jan 1999 13:01:35 +0000 (13:01 +0000)]
Get rid of redundant files.

25 years agoAccept NULL in *_free.
Ben Laurie [Thu, 7 Jan 1999 19:15:59 +0000 (19:15 +0000)]
Accept NULL in *_free.

25 years agoFix DH key generation.
Ben Laurie [Thu, 7 Jan 1999 00:37:01 +0000 (00:37 +0000)]
Fix DH key generation.
Contributed by: Anonymous <nobody@replay.com>

25 years agoSend the right CAs to the client.
Ben Laurie [Thu, 7 Jan 1999 00:16:37 +0000 (00:16 +0000)]
Send the right CAs to the client.

25 years agoFix numeric -newkey args.
Ben Laurie [Thu, 7 Jan 1999 00:10:32 +0000 (00:10 +0000)]
Fix numeric -newkey args.
Contributed by: Bodo Moeller <3moeller@informatik.uni-hamburg.de>

25 years agoFix export tests.
Ben Laurie [Wed, 6 Jan 1999 23:18:08 +0000 (23:18 +0000)]
Fix export tests.

25 years agoMake the world a safer place (if people object to this kind of change, speak up
Ben Laurie [Wed, 6 Jan 1999 22:53:34 +0000 (22:53 +0000)]
Make the world a safer place (if people object to this kind of change, speak up
soon - I intend to do a lot of it!).

25 years agoOops! update CHANGES file properly.
Dr. Stephen Henson [Wed, 6 Jan 1999 01:41:21 +0000 (01:41 +0000)]
Oops! update CHANGES file properly.

25 years agoFix things so DH_free() will be no-op when passed NULL, like RSA_free() and
Dr. Stephen Henson [Wed, 6 Jan 1999 01:39:24 +0000 (01:39 +0000)]
Fix things so DH_free() will be no-op when passed NULL, like RSA_free() and
DSA_free(): this was causing crashes when for example an attempt was made
to handle a (currently) unsupported DH public key. Also X509_PUBKEY_set()i
wasn't checking errors from d2i_PublicKey().

25 years agoFree the right thing.
Ben Laurie [Mon, 4 Jan 1999 21:43:32 +0000 (21:43 +0000)]
Free the right thing.

25 years agoOnly free if it ain't NULL.
Ben Laurie [Mon, 4 Jan 1999 21:39:34 +0000 (21:39 +0000)]
Only free if it ain't NULL.

25 years agoRemove the bugfix that was really a bug.
Ben Laurie [Mon, 4 Jan 1999 20:11:31 +0000 (20:11 +0000)]
Remove the bugfix that was really a bug.
Submitted by: Arne Ansper <arne@ats.cyber.ee>

25 years agoPass on BIO_CTRL_FLUSH.
Ben Laurie [Mon, 4 Jan 1999 19:55:12 +0000 (19:55 +0000)]
Pass on BIO_CTRL_FLUSH.
Submitted by: Arne Ansper <arne@ats.cyber.ee>

25 years agoThe dir is named util/ and better to explicitly call the
Paul C. Sutton [Mon, 4 Jan 1999 09:58:25 +0000 (09:58 +0000)]
The dir is named util/ and better to explicitly call the
perl interpreter because not everyone has it in /usr/local/bin/perl.

25 years agoMore EVP_PKEY patches for new functionality.
Dr. Stephen Henson [Sun, 3 Jan 1999 23:00:45 +0000 (23:00 +0000)]
More EVP_PKEY patches for new functionality.

25 years agoMake sure the already existing X509_STORE->depth variable is initialized
Ralf S. Engelschall [Sun, 3 Jan 1999 15:31:11 +0000 (15:31 +0000)]
Make sure the already existing X509_STORE->depth variable is initialized
in X509_STORE_new(), but document the fact that this variable is still
unused in the certificate verification process.

25 years agoThe dir is named util/ and better to explicitly call the
Ralf S. Engelschall [Sun, 3 Jan 1999 14:58:44 +0000 (14:58 +0000)]
The dir is named util/ and better to explicitly call the
perl interpreter because not everyone has it in /usr/local/bin/perl.

25 years agoMore .cvsignore stuff to make CVS quiet on our generated files.
Ralf S. Engelschall [Sun, 3 Jan 1999 13:17:47 +0000 (13:17 +0000)]
More .cvsignore stuff to make CVS quiet on our generated files.

25 years agoRemove one EVP_PKEY_free() that shouldn't be there.
Dr. Stephen Henson [Sun, 3 Jan 1999 02:15:34 +0000 (02:15 +0000)]
Remove one EVP_PKEY_free() that shouldn't be there.

25 years agoMake sure applications free up pkey structures and add netscape extension
Dr. Stephen Henson [Sun, 3 Jan 1999 01:08:33 +0000 (01:08 +0000)]
Make sure applications free up pkey structures and add netscape extension
handling to x509.c

25 years agoFix reference counting.
Ben Laurie [Sat, 2 Jan 1999 19:04:27 +0000 (19:04 +0000)]
Fix reference counting.

25 years agoDon't confuse matters by using the wrong library.
Ben Laurie [Sat, 2 Jan 1999 19:03:46 +0000 (19:03 +0000)]
Don't confuse matters by using the wrong library.

25 years agoFix tests for ssleay -> openssl.
Ben Laurie [Sat, 2 Jan 1999 19:01:41 +0000 (19:01 +0000)]
Fix tests for ssleay -> openssl.

25 years agoA few train of thoughts about the build procedure mess
Ralf S. Engelschall [Sat, 2 Jan 1999 16:28:51 +0000 (16:28 +0000)]
A few train of thoughts about the build procedure mess

25 years agoUpdate scripts to use "openssl" instead of "ssleay"
Paul C. Sutton [Sat, 2 Jan 1999 16:02:24 +0000 (16:02 +0000)]
Update scripts to use "openssl" instead of "ssleay"

25 years agoReflect change from "ssleay" to "openssl" as the main binary name.
Paul C. Sutton [Sat, 2 Jan 1999 15:53:22 +0000 (15:53 +0000)]
Reflect change from "ssleay" to "openssl" as the main binary name.
Also document "sh config" as an easier alternative to "./Configure
system".

25 years agoVarious ssleay to openssl fixups
Paul C. Sutton [Sat, 2 Jan 1999 15:52:11 +0000 (15:52 +0000)]
Various ssleay to openssl fixups

25 years agoBinary is now apps/openssl not apps/ssleay so use the new name when
Paul C. Sutton [Sat, 2 Jan 1999 15:08:29 +0000 (15:08 +0000)]
Binary is now apps/openssl not apps/ssleay so use the new name when
rehashing the test certs

25 years agoA couple more ssleay.cnf to openssl.cnf changes
Paul C. Sutton [Sat, 2 Jan 1999 15:05:08 +0000 (15:05 +0000)]
A couple more ssleay.cnf to openssl.cnf changes

25 years agoSome more changes for renaming the binary from ssleay to openssl.
Paul C. Sutton [Sat, 2 Jan 1999 14:42:23 +0000 (14:42 +0000)]
Some more changes for renaming the binary from ssleay to openssl.
I wonder what eay.c is?

25 years agoFirst cut of a cleanup for apps/. First the `ssleay' program is now named
Ralf S. Engelschall [Sat, 2 Jan 1999 12:59:33 +0000 (12:59 +0000)]
First cut of a cleanup for apps/. First the `ssleay' program is now named
`openssl' and second, the shortcut symlinks for the `openssl <command>' are no
longer created. This way we have a single and consistent command line
interface `openssl <command>', similar to `cvs <command>'.

Notice, the openssl.cnf, openssl.c and progs.pl files were changed after a
repository copy, i.e. they still contain the complete file history.

25 years agoMake GCC happy by removing an unused variable defintion.
Ralf S. Engelschall [Sat, 2 Jan 1999 12:10:43 +0000 (12:10 +0000)]
Make GCC happy by removing an unused variable defintion.

25 years agoMove DSA test in ca.c inside #ifdef and make pubkey BIT STRING always have
Dr. Stephen Henson [Sat, 2 Jan 1999 01:53:06 +0000 (01:53 +0000)]
Move DSA test in ca.c inside #ifdef and make pubkey BIT STRING always have
zero unused bits.

25 years agoAdd extended key usage OID and update STATUS file.
Dr. Stephen Henson [Fri, 1 Jan 1999 18:43:44 +0000 (18:43 +0000)]
Add extended key usage OID and update STATUS file.

25 years agocleanup of apps/ and an answer
Ralf S. Engelschall [Fri, 1 Jan 1999 15:58:14 +0000 (15:58 +0000)]
cleanup of apps/ and an answer

25 years agossldir.pl did not correctly set the directory in utils/mk1mk.pl when
Paul C. Sutton [Fri, 1 Jan 1999 14:17:55 +0000 (14:17 +0000)]
ssldir.pl did not correctly set the directory in utils/mk1mk.pl when
perl5 was used.

25 years agoAdd votes
Paul C. Sutton [Fri, 1 Jan 1999 14:13:59 +0000 (14:13 +0000)]
Add votes

25 years agoMake the installation documentation easier to follow.
Paul C. Sutton [Fri, 1 Jan 1999 14:04:07 +0000 (14:04 +0000)]
Make the installation documentation easier to follow.

25 years agoMakefiles updated to exit if an error occurs in a sub-directory make
Paul C. Sutton [Fri, 1 Jan 1999 12:51:11 +0000 (12:51 +0000)]
Makefiles updated to exit if an error occurs in a sub-directory make
(including if user presses ^C)

25 years agoThis is a quick hack conversion of the 'CA.sh' script to perl. It fixes one
stephen [Fri, 1 Jan 1999 00:54:48 +0000 (00:54 +0000)]
This is a quick hack conversion of the 'CA.sh' script to perl. It fixes one
bug in the original but is otherwise just as horrible :-)

25 years agoRemove more old temporary files from CVS
Ralf S. Engelschall [Thu, 31 Dec 1998 21:51:27 +0000 (21:51 +0000)]
Remove more old temporary files from CVS

25 years agoDocument recent changes.
Ben Laurie [Thu, 31 Dec 1998 17:11:46 +0000 (17:11 +0000)]
Document recent changes.

25 years agoFix name delete problem.
Ben Laurie [Thu, 31 Dec 1998 17:08:34 +0000 (17:08 +0000)]
Fix name delete problem.

25 years agoFix pem/err ordering.
Ben Laurie [Thu, 31 Dec 1998 16:50:03 +0000 (16:50 +0000)]
Fix pem/err ordering.

25 years agoA hint about the license
Ralf S. Engelschall [Thu, 31 Dec 1998 12:52:23 +0000 (12:52 +0000)]
A hint about the license

25 years agoSome issues for voting
Ralf S. Engelschall [Thu, 31 Dec 1998 12:14:27 +0000 (12:14 +0000)]
Some issues for voting

25 years agoMore structuring and sorting of the SSL API documentation.
Ralf S. Engelschall [Thu, 31 Dec 1998 11:18:15 +0000 (11:18 +0000)]
More structuring and sorting of the SSL API documentation.
And the first steps to descriptions in prosa.

25 years agoPuhhh... now we've documented the prototypes of all 214 API "functions". This
Ralf S. Engelschall [Thu, 31 Dec 1998 10:33:17 +0000 (10:33 +0000)]
Puhhh... now we've documented the prototypes of all 214 API "functions".  This
is a pain to do, because of the various macro definitions which I had to
expand manually to get their prototype :-(

What's now needed is a volunteer who wants to write down one or two sentences
per API function to document it a little bit...

25 years agoFix version stuff:
Ralf S. Engelschall [Thu, 31 Dec 1998 09:36:40 +0000 (09:36 +0000)]
Fix version stuff:

1. The already released version was 0.9.1c and not 0.9.1b

2. The next release should be 0.9.2 and not 0.9.1d, because
   first the changes are already too large, second we should avoid any more
   0.9.1x confusions and third, the Apache version semantics of
   VERSION.REVISION.PATCHLEVEL for the version string is reasonable (and here
   .2 is already just a patchlevel and not major change).
tVS: ----------------------------------------------------------------------

25 years agoUpdate CHANGES file for latest additions
stephen [Thu, 31 Dec 1998 01:35:07 +0000 (01:35 +0000)]
Update CHANGES file for latest additions

25 years agoFix for sk_insert bug: it never worked properly.
stephen [Thu, 31 Dec 1998 00:59:02 +0000 (00:59 +0000)]
Fix for sk_insert bug: it never worked properly.
Allow explicit tag asn macros to handle indefinite length constructed stuff:
without this certain "certificates" can't be read in.

25 years agoMIME encoding and ISO chars at the same time messes up the stuff
Ralf S. Engelschall [Wed, 30 Dec 1998 23:09:13 +0000 (23:09 +0000)]
MIME encoding and ISO chars at the same time messes up the stuff

25 years agoOps, forgot to commit the changes entry in recent commit...
Ralf S. Engelschall [Wed, 30 Dec 1998 23:07:32 +0000 (23:07 +0000)]
Ops, forgot to commit the changes entry in recent commit...

25 years agoCleanup of doc/ directory: The old/obsolete SSLeay files are now assembled
Ralf S. Engelschall [Wed, 30 Dec 1998 22:58:47 +0000 (22:58 +0000)]
Cleanup of doc/ directory: The old/obsolete SSLeay files are now assembled
together in a ssleay.txt file.

25 years agofix pk7_doit.c for new i2d_ASN1_SET argument
stephen [Wed, 30 Dec 1998 20:34:50 +0000 (20:34 +0000)]
fix pk7_doit.c for new i2d_ASN1_SET argument