b1fe6ca175
Store verify_result with sessions to avoid potential security hole.
1999-11-16 23:15:41 +00:00
91895a5938
Fix for a bug in PKCS#7 code and non-detached data.
...
Remove rc4-64 from ciphers since it doesn't exist...
1999-11-16 14:54:50 +00:00
fd699ac55f
Add a salt to the key derivation using the 'enc' program.
1999-11-16 02:49:25 +00:00
e947f39689
New function X509_cmp().
1999-11-16 00:56:03 +00:00
b7cfcfb7f8
This corrects the reference count handling in SSL_get_session.
...
Previously, the returned SSL_SESSION didn't have its reference count
incremented so the SSL_SESSION could be freed at any time causing
seg-faults if the pointer was subsequently used. Code that uses
SSL_get_session must now make a corresponding SSL_SESSION_free() call when
it is done to avoid memory leaks (or blocked up session caches).
Submitted By: Geoff Thorpe <geoff@eu.c2.net>
1999-11-15 16:31:31 +00:00
06556a1744
'req' fixes. Reinstate length check one request fields.
...
Fix to stop null being added to attributes.
Modify X509_LOOKUP, X509_INFO to handle auxiliary info.
1999-11-14 23:10:50 +00:00
a0e9f529a4
Add support for the 40 and 64 bit RC2 and RC4 ciphers in 'enc'
...
add documentation for 'enc'.
1999-11-14 03:23:17 +00:00
71d7526b72
Avoid some silly compiler warnings, and add the change log I forgot :-)
1999-11-12 03:12:46 +00:00
954ef7ef69
Merge some common functionality in the apps, delete
...
the encryption option in the pkcs7 utility (they never
did anything) and add a couple more options to pkcs7.
1999-11-12 01:42:25 +00:00
af29811edd
Add password command line options to some utils. Fix and update man
...
pages.
1999-11-11 18:41:31 +00:00
aba3e65f2c
Very preliminary POD format documentation for some
...
of the openssl utility commands...
1999-11-10 02:52:17 +00:00
a0ad17bb6c
Fix to the -revoke option in ca. It was leaking memory, crashing and just
...
plain not working :-(
Also fix some memory leaks in the new X509_NAME code.
Fix so new app_rand code doesn't crash 'x509' and move #include so it compiles
under Win32.
1999-11-08 13:58:08 +00:00
ce1b4fe146
Allow additional information to be attached to a
...
certificate: currently this includes trust settings
and a "friendly name".
1999-11-04 00:45:35 +00:00
ce2c95b2a2
Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). The
...
problem was that one of the replacement routines had not been working since
SSLeay releases. For now the offending routine has been replaced with
non-optimised assembler. Even so, this now gives around 95% performance
improvement for 1024 bit RSA signs.
1999-11-03 14:10:10 +00:00
9716a8f9f2
Fix to PKCS#7 routines so it can decrypt some oddball RC2 handling.
1999-10-29 13:06:25 +00:00
74400f7348
Continued multibyte character support.
...
Add a bunch of functions to simplify the creation of X509_NAME structures.
Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.
1999-10-27 00:15:11 +00:00
62ac293801
Always hash the pid in the first iteration in ssleay_rand_bytes,
...
don't try to detect fork()s by looking at getpid().
The reason is that threads sharing the same memory can have different
PIDs; it's inefficient to run RAND_seed each time a different thread
calls RAND_bytes.
1999-10-26 16:26:48 +00:00
c1e744b912
Make md_rand.c more robust.
1999-10-26 14:49:12 +00:00
99e87569fd
Don't be overly paranoid.
1999-10-26 11:19:42 +00:00
a31011e8e0
Various randomness handling bugfixes and improvements --
...
some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.
1999-10-26 01:56:29 +00:00
462f79ec44
New function ASN1_mbstring_copy() to handle ASN1 string copying. Ultimately
...
this will be used to clear up the horrible DN mess.
1999-10-21 13:20:49 +00:00
08e9c1af6c
Replace the macros in asn1.h with function equivalents. Also make UTF8Strings
...
tolerated in certificates.
1999-10-20 01:50:23 +00:00
673b102c5b
Initial support for certificate purpose checking: this will
...
ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.
1999-10-13 01:11:56 +00:00
56a3fec1b1
Add EX_DATA support to X509.
...
Fix a bug in the X509_get_d2i() functions which didn't check if crit was NULL.
1999-10-11 01:30:04 +00:00
4654ef985b
New functions to parse and get extensions.
1999-10-09 02:54:10 +00:00
7e102e28e1
RC4 tune-up featuring 30-40% performance improvement on most RISC
...
platforms. See crypto/rc4/rc4_enc.c for further details.
1999-10-07 12:10:26 +00:00
d71c6bc5a4
Fix for bug in pkcs12 program and typo in ASN1_tag2str().
1999-10-05 13:10:21 +00:00
2d681b779c
Fix for bug in pkcs12 program and typo in ASN1_tag2str().
1999-10-05 12:57:50 +00:00
3908cdf442
New option -dhparam to s_server to allow the DH parameter file to be set
...
explicitly. Previously it couldn't be changed because it was hard coded as
"server.pem".
1999-10-04 23:56:06 +00:00
3ea23631d4
Add support for public key input and output in rsa and dsa utilities with some
...
new DSA public key functions that were missing.
Also beginning of a cache for X509_EXTENSION structures: this will allow them
to be accessed more quickly for things like certificate chain verification...
1999-10-04 21:17:47 +00:00
393f2c651d
Fix for d2i_ASN1_bytes and stop PKCS#7 routines crashing is signed message
...
contains no certificates.
Also fix typo in RANLIB changes.
1999-10-04 12:08:59 +00:00
4579dd5dc6
Fix for base64 BIO decoding bug
1999-10-02 13:33:06 +00:00
0f7e6fe10c
Fix typo that I introduced when reformatting lines.
1999-09-24 20:24:24 +00:00
96c2201bef
Keep line lengths < 80 characters.
1999-09-21 13:33:15 +00:00
06f4536a61
Fix to make s_client and s_server work under Windows. A bit of a hack but
...
an improvement on not working at all.
1999-09-20 22:09:17 +00:00
1c80019a2c
Add new sign and verify members to RSA_METHOD and change SSL code to use sign
...
and verify rather than direct encrypt/decrypt.
1999-09-18 22:37:44 +00:00
090d848ea8
Various CRL enhancements tidies and workaround for broken CRLs.
1999-09-18 01:42:02 +00:00
6f7af1524e
Use non-copying BIO interface in ssltest.c.
1999-09-10 14:03:21 +00:00
396f631458
some more patches for avoiding problems with non-automatic variables
1999-09-08 21:58:13 +00:00
4a61a64f50
This is preliminary support for an "RSA null" cipher. Unfortunately when
...
OpenSSL is compiled with NO_RSA, no RSA operations can be used: including
key generation storage and display of RSA keys. Since these operations are
not covered by the RSA patent (my understanding is it only covers encrypt,
decrypt, sign and verify) they can be included: this is an often requested
feature, attempts to use the patented operations return an error code.
This is enabled by setting RSA_NULL. This means that if a particular application
has its own legal US RSA implementation then it can use that instead by setting
it as the default RSA method.
Still experimental and needs some fiddling of the other libraries so they have
some options that don't attempt to use RSA if it isn't allowed.
1999-09-08 18:02:25 +00:00
c1082a90bb
Non-copying interface to BIO pairs.
...
It's still totally untested ...
1999-09-07 21:37:09 +00:00
a785abc324
New function to convert ASN1 tag values to strings. Also fix typo in asn1.h
1999-09-07 12:16:29 +00:00
aef838fc95
New UTF8 utility functions to parse/generate UTF8 strings.
1999-09-04 17:19:55 +00:00
074309b7ee
Fix server behaviour when facing backwards-compatible client hellos.
1999-09-03 16:33:11 +00:00
8ce97163a2
Add new 'spkac' utility and several SPKAC utility functions.
1999-09-03 01:08:34 +00:00
2d4287da34
RIPEMD160 shape-up. Final touch.
1999-08-28 13:18:25 +00:00
87a25f9032
Allow the extension section specified in config files to be overridden
...
on the command line for various utilities.
1999-08-27 00:08:17 +00:00
f9150e5421
Allow the 1.OU="my OU" syntax in 'ca' for SPKACs.
1999-08-25 23:18:23 +00:00
c79b16e11d
Allow extensions to be added to certificate requests, update the sample
...
config file (change RAW to DER).
1999-08-25 16:59:26 +00:00
7b65c3298f
Fix for a bug which meant encrypting BIOs sometimes wouldn't read the final
...
block.
1999-08-24 13:21:35 +00:00
Bodo Möller
Dr. Stephen Henson
Mark J. Cox
Richard Levitte
Andy Polyakov