#
9a260103 |
| 22-Aug-2002 |
Dr. Stephen Henson |
Fix crahses and leaks in pkcs12 utility -chain option
|
Revision tags: OpenSSL-engine-0_9_6g, OpenSSL_0_9_6g, OpenSSL-engine-0_9_6f, OpenSSL_0_9_6f |
|
#
da9b9724 |
| 01-Aug-2002 |
Richard Levitte |
Make it possible to load keys from stdin, and restore that functionality in the programs that had that before. Part fo PR 164
|
Revision tags: OpenSSL_0_9_7-beta3, OpenSSL-engine-0_9_6e, OpenSSL_0_9_6e, OpenSSL_0_9_7-beta2, OpenSSL_0_9_7-beta1, AFTER_COMPAQ_PATCH, BEFORE_COMPAQ_PATCH, OpenSSL-engine-0_9_6d, OpenSSL_0_9_6d |
|
#
6991bf19 |
| 25-Apr-2002 |
Richard Levitte |
Potential memory leak removed. Notified by <threaded@totalise.co.uk>
|
Revision tags: OpenSSL-engine-0_9_6d-beta1, OpenSSL_0_9_6d-beta1 |
|
#
31188ee1 |
| 26-Feb-2002 |
Dr. Stephen Henson |
Fix new -aes command argument handling
|
#
3647bee2 |
| 22-Feb-2002 |
Dr. Stephen Henson |
Config code updates. CONF_modules_unload() now calls CONF_modules_finish() automatically. Default use of section openssl_conf moved to CONF_modules_load() Load conf
Config code updates. CONF_modules_unload() now calls CONF_modules_finish() automatically. Default use of section openssl_conf moved to CONF_modules_load() Load config file in several openssl utilities. Most utilities now load modules from the config file, though in a few (such as version) this isn't done because it couldn't be used for anything. In the case of ca and req the config file used is the same as the utility itself: that is the -config command line option can be used to specify an alternative file.
show more ...
|
#
b3dfaaa1 |
| 20-Feb-2002 |
Richard Levitte |
Add AES support in the applications that support -des and -des3.
|
Revision tags: OpenSSL-engine-0_9_6c, OpenSSL_0_9_6c |
|
#
206eb6a1 |
| 12-Dec-2001 |
Richard Levitte |
Change pkcs12 so the certificates coming from -in do not get tossed if -certfile is given as well.
|
#
1372965e |
| 12-Sep-2001 |
Geoff Thorpe |
Reduce the header dependencies on engine.h in apps/.
|
#
79aa04ef |
| 01-Sep-2001 |
Geoff Thorpe |
Make the necessary changes to work with the recent "ex_data" overhaul. See the commit log message for that for more information. NB: X509_STORE_CTX's use of "ex_data" support was actuall
Make the necessary changes to work with the recent "ex_data" overhaul. See the commit log message for that for more information. NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented (initialisation by "memset" won't/can't/doesn't work). This fixes that but requires that X509_STORE_CTX_init() be able to handle errors - so its prototype has been changed to return 'int' rather than 'void'. All uses of that function throughout the source code have been tracked down and adjusted.
show more ...
|
Revision tags: OpenSSL-engine-0_9_6b, OpenSSL_0_9_6b |
|
#
5abc8ae6 |
| 25-Jun-2001 |
Richard Levitte |
Make better use of load_cert, load_certs and load_key.
|
#
531d630b |
| 18-Jun-2001 |
Richard Levitte |
Provide an application-common setup function for engines and use it everywhere.
|
#
f2a253e0 |
| 11-Jun-2001 |
Dr. Stephen Henson |
Add support for MS CSP Name PKCS#12 attribute.
|
Revision tags: OpenSSL_0_9_6a, OpenSSL-engine-0_9_6a, OpenSSL-engine-0_9_6a-beta3, OpenSSL_0_9_6a-beta3, OpenSSL-engine-0_9_6a-beta2, OpenSSL_0_9_6a-beta2, OpenSSL-engine-0_9_6a-beta1, OpenSSL_0_9_6a-beta1 |
|
#
13588350 |
| 09-Mar-2001 |
Dr. Stephen Henson |
Change the EVP_somecipher() and EVP_somedigest() functions to return constant EVP_MD and EVP_CIPHER pointers. Update docs.
|
#
bc36ee62 |
| 20-Feb-2001 |
Richard Levitte |
Use new-style system-id macros everywhere possible. I hope I haven't missed any. This compiles and runs on Linux, and external applications have no problems with it. The definite t
Use new-style system-id macros everywhere possible. I hope I haven't missed any. This compiles and runs on Linux, and external applications have no problems with it. The definite test will be to build this on VMS.
show more ...
|
#
cf1b7d96 |
| 19-Feb-2001 |
Richard Levitte |
Make all configuration macros available for application by making sure they are available in opensslconf.h, by giving them names starting with "OPENSSL_" to avoid conflicts with other package
Make all configuration macros available for application by making sure they are available in opensslconf.h, by giving them names starting with "OPENSSL_" to avoid conflicts with other packages and by making sure e_os2.h will cover all platform-specific cases together with opensslconf.h. I've checked fairly well that nothing breaks with this (apart from external software that will adapt if they have used something like NO_KRB5), but I can't guarantee it completely, so a review of this change would be a good thing.
show more ...
|
#
ecbe0781 |
| 31-Dec-2000 |
Dr. Stephen Henson |
Rewrite PKCS#12 code and remove some of the old horrible macros. Fix two evil ASN1 bugs. Attempt to use 'ctx' when NULL if input is indefinite length constructed in asn1_check_tl
Rewrite PKCS#12 code and remove some of the old horrible macros. Fix two evil ASN1 bugs. Attempt to use 'ctx' when NULL if input is indefinite length constructed in asn1_check_tlen() and invalid pointer to ASN1_TYPE when reusing existing structure (this took *ages* to find because the new PKCS#12 code triggered it).
show more ...
|
Revision tags: rsaref |
|
#
5270e702 |
| 26-Oct-2000 |
Richard Levitte |
Merge the engine branch into the main trunk. All conflicts resolved. At the same time, add VMS support for Rijndael.
|
Revision tags: BEFORE_engine, OpenSSL_0_9_6-beta2, OpenSSL_0_9_6-beta1, OpenSSL_0_9_6, OpenSSL-engine-0_9_6, OpenSSL-engine-0_9_6-beta3, OpenSSL_0_9_6-beta3 |
|
#
645749ef |
| 20-Sep-2000 |
Richard Levitte |
On VMS, stdout may very well lead to a file that is written to in a record-oriented fashion. That means that every write() will write a separate record, which will be read separately by the
On VMS, stdout may very well lead to a file that is written to in a record-oriented fashion. That means that every write() will write a separate record, which will be read separately by the programs trying to read from it. This can be very confusing. The solution is to put a BIO filter in the way that will buffer text until a linefeed is reached, and then write everything a line at a time, so every record written will be an actual line, not chunks of lines and not (usually doesn't happen, but I've seen it once) several lines in one record. Voila, BIO_f_linebuffer() is born. Since we're so close to release time, I'm making this VMS-only for now, just to make sure no code is needlessly broken by this. After the release, this BIO method will be enabled on all other platforms as well.
show more ...
|
#
688fbf54 |
| 19-Sep-2000 |
Dr. Stephen Henson |
Fix a typo in apps/pkcs12.c which was using the wrong part of ASN1_TYPE (though they are both ASN1_STRING so it didn't cause any problems). Make 'siglen' an int in apps/dgst.c so we
Fix a typo in apps/pkcs12.c which was using the wrong part of ASN1_TYPE (though they are both ASN1_STRING so it didn't cause any problems). Make 'siglen' an int in apps/dgst.c so we can check the return value of BIO_read() etc.
show more ...
|
Revision tags: OpenSSL-engine-0_9_6-beta2 |
|
#
62324627 |
| 17-Sep-2000 |
Richard Levitte |
Use sk_*_new_null() instead of sk_*_new(NULL), since that takes care of complaints from the compiler about data pointers and function pointers not being compatible with each other.
|
Revision tags: OpenSSL-engine-0_9_6-beta1 |
|
#
eaa28181 |
| 21-Aug-2000 |
Dr. Stephen Henson |
Various fixes... initialize ex_pathlen to -1 so it isn't checked if pathlen is not present. set ucert to NULL in apps/pkcs12.c otherwise it gets freed twice. remove
Various fixes... initialize ex_pathlen to -1 so it isn't checked if pathlen is not present. set ucert to NULL in apps/pkcs12.c otherwise it gets freed twice. remove extraneous '\r' in MIME encoder. Allow a NULL to be passed to X509_gmtime_adj() Make PKCS#7 code use definite length encoding rather then the indefinite stuff it used previously.
show more ...
|
#
5ce42a7e |
| 11-Aug-2000 |
Richard Levitte |
Memory leaks fix. It now looks like all memory leaks, at least around building complete chains, are gone.
|
#
9ee1c838 |
| 11-Aug-2000 |
Richard Levitte |
Memory leaks fix. There seems to be more in other parts of OpenSSL...
|
#
88364bc2 |
| 11-Aug-2000 |
Richard Levitte |
The pkcs12 had no way of getting a CA file or path to be used when building a complete chain. Now added through the -CAfile and -CApath arguments.
|
#
f365611c |
| 28-Jun-2000 |
Richard Levitte |
Undo the changes I just made. I'm not sure what I was thinking of. The message to everyone is "Do not hack OpenSSL when stressed"...
|