root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
24,187 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

23 Commits

Author SHA1 Message Date
Sam Roberts df4439186f Remove unnecessary trailing whitespace 
Trim trailing whitespace. It doesn't match OpenSSL coding standards,
AFAICT, and it can cause problems with git tooling.

Trailing whitespace remains in test data and external source.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8092)
 2019-02-05 16:25:11 +01:00
Bernd Edlinger 0f58220973 Create the .rnd file it it does not exist 
It's a bit annoying, since some commands try to read a .rnd file,
and print an error message if the file does not exist.

But previously a .rnd file was created on exit, and that does no longer
happen.

Fixed by continuing in app_RAND_load_conf regardless of the error in
RAND_load_file.

If the random number generator is still not initalized on exit, the
function RAND_write_file will fail and no .rnd file would be created.

Remove RANDFILE from openssl.cnf

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/7217)
 2018-09-23 08:26:19 +02:00
Tomas Mraz b524b808a1 Add support for .include directive in config files 
Either files or directories of *.cnf or *.conf files
can be included.
Recursive inclusion of directories is not supported.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5351)
 2018-03-05 13:32:40 +00:00
Marek Klein f0ef20bf38 Added support for ESSCertIDv2 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/771)
 2017-05-03 09:04:23 +02:00
Rich Salz a7be5759cf RT3809: basicConstraints is critical 
This is really a security bugfix, not enhancement any more.
Everyone knows critical extensions.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2016-06-13 09:18:22 -04:00
Rich Salz 3e9e810f2e Remove outdated legacy crypto options 
Many options for supporting optimizations for legacy crypto on legacy
platforms have been removed.  This simplifies the source code and
does not really penalize anyone.
        DES_PTR (always on)
        DES_RISC1, DES_RISC2 (always off)
        DES_INT (always 'unsigned int')
        DES_UNROLL (always on)
        BF_PTR (always on) BF_PTR2 (removed)
        MD2_CHAR, MD2_LONG (always 'unsigned char')
        IDEA_SHORT, IDEA_LONG (always 'unsigned int')
        RC2_SHORT, RC2_LONG (always 'unsigned int')
        RC4_LONG (only int and char (for assembler) are supported)
        RC4_CHUNK (always long), RC_CHUNK_LL (removed)
        RC4_INDEX (always on)
And also make D_ENCRYPT macro more clear (@appro)

This is done in consultation with Andy.

Reviewed-by: Andy Polyakov <appro@openssl.org>
 2016-01-27 19:05:50 -05:00
Rich Salz 39a6a4a707 Update to SHA256 for TSA signing digest. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-30 18:18:08 -05:00
Dr. Stephen Henson 2cc7acd273 Use better defaults for TSA. 
Use SHA256 for TSA and setted permitted digests to a sensible value.

Based on PR#4141

Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-11-20 13:40:53 +00:00
Dr. Stephen Henson e20b472751 Add support for signer_digest option in TS. 
Based on PR#2145

Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-11-20 13:40:53 +00:00
Emilia Kasper 455b65dfab RT3067: simplify patch 
(Original commit adb46dbc6d)

Use the new constant-time methods consistently in s3_srvr.c

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-09-24 15:35:02 +02:00
Veres Lajos 478b50cf67 misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
Dr. Stephen Henson 84b6e277d4 make update 2011-12-27 14:46:03 +00:00
Dr. Stephen Henson ef236ec3b2 Merge from 1.0.0-stable branch. 2009-04-23 16:32:42 +00:00
Bodo Möller 96afc1cfd5 Add SEED encryption algorithm. 
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
 2007-04-23 23:48:59 +00:00
Richard Levitte 98bf13c36b make update 2006-05-12 15:31:28 +00:00
Richard Levitte 9ab899a660 Synchronise with openss.cnf 2006-02-26 10:48:40 +00:00
Ulf Möller c7235be6e3 RFC 3161 compliant time stamp request creation, response generation 
and response verification.

Submitted by: Zoltan Glozik <zglozik@opentsa.org>
Reviewed by: Ulf Moeller
 2006-02-12 23:11:56 +00:00
Nils Larsch e7076c5a80 make update 2005-04-22 20:17:17 +00:00
Richard Levitte 6951c23afd Add functionality needed to process proxy certificates. 2004-12-28 00:21:35 +00:00
Richard Levitte d1739eb2d6 make update 2004-05-13 21:38:47 +00:00
Richard Levitte 849c0fe240 Adjust to changes in apps/openssl.cnf 1999-11-12 01:59:47 +00:00
Ulf Möller 9dff4cc051 Bring VMS in sync with the recent changes. 
Submitted by: Richard Levitte <levitte@stacken.kth.se>
 1999-05-20 21:00:29 +00:00
Ulf Möller 7d7d2cbcb0 VMS support. 
Submitted by: Richard Levitte <richard@levitte.org>
 1999-05-13 11:37:32 +00:00