Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2001-02-10 | Fix CRL printing to correctly show when there are no revoked certificates. | Dr. Stephen Henson | 5 | -5/+11 | |
Make ca.c correctly initialize the revocation date. Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() set the string type: so they can initialize ASN1_TIME structures properly. | |||||
2001-02-10 | Simplify BN_rand_range | Bodo Möller | 5 | -13/+8 | |
2001-02-09 | New Option SSL_OP_CIPHER_SERVER_PREFERENCE allows TLS/SSLv3 server to override | Lutz Jänicke | 9 | -28/+102 | |
the clients choice; in SSLv2 the client uses the server's preferences. | |||||
2001-02-09 | Typo | Lutz Jänicke | 1 | -1/+1 | |
2001-02-09 | Fix "wierd" typo as submitted by Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>. | Lutz Jänicke | 2 | -2/+2 | |
2001-02-09 | Various Win32 related fixed. Make no-krb5 work in mkdef.pl . | Dr. Stephen Henson | 5 | -15/+8 | |
Fix warning in apps/engine.c Remove definitions of deleted functions. Add missing definition of X509_VAL. | |||||
2001-02-09 | Various updates to mkdef.pl to cope with new aes | Dr. Stephen Henson | 2 | -7/+44 | |
and ASN1 code. | |||||
2001-02-09 | fix editing error | Bodo Möller | 1 | -1/+1 | |
2001-02-09 | add linux-s390 configuration (based on information submitted by | Bodo Möller | 2 | -1/+3 | |
Denis Beauchemin <Denis.Beauchemin@Courrier.USherb.ca>) | |||||
2001-02-09 | Add missing \n's to ocsp usage message. | Dr. Stephen Henson | 1 | -9/+9 | |
2001-02-08 | Allow various options to be included for signing and verify of | Dr. Stephen Henson | 2 | -29/+87 | |
OCSP responses. Documentation to follow... Urgh.. this conflicted with the -VAfile patch I hope I haven't broken it. | |||||
2001-02-08 | The check for request including a nonce and response not having it was | Richard Levitte | 1 | -1/+1 | |
inversed. Corrected. Hopefully, this will make it work without dumping core. | |||||
2001-02-08 | Add the -VAfile option to 'openssl ocsp'. This option will give the | Richard Levitte | 2 | -1/+22 | |
client code certificates to use to only check response signatures. I'm not entirely sure if the way I just implemented the verification is the right way to do it, and would be happy if someone would like to review this. | |||||
2001-02-08 | use <= instead of == | Ulf Möller | 1 | -1/+1 | |
2001-02-08 | point out that RAND_load_file() etc are only for seed files, not for | Ulf Möller | 1 | -0/+3 | |
entropy devices or sockets. | |||||
2001-02-08 | Note that EGD is used automatically. | Ulf Möller | 1 | -0/+3 | |
2001-02-08 | cleanup | Ulf Möller | 1 | -6/+5 | |
2001-02-08 | Another comment change. (Previous comment does not apply | Bodo Möller | 1 | -2/+2 | |
for range = 11000000... or range = 100000...) | |||||
2001-02-08 | Change comments. (The expected number of iterations in BN_rand_range | Bodo Möller | 1 | -2/+2 | |
never exceeds 1.333...). | |||||
2001-02-08 | oops -- remove observation code | Bodo Möller | 1 | -4/+0 | |
2001-02-08 | Integrate my implementation of a countermeasure against | Bodo Möller | 6 | -12/+67 | |
Bleichenbacher's DSA attack. With this implementation, the expected number of iterations never exceeds 2. New semantics for BN_rand_range(): BN_rand_range(r, min, range) now generates r such that min <= r < min+range. (Previously, BN_rand_range(r, min, max) generated r such that min <= r < max. It is more convenient to have the range; also the previous prototype was misleading because max was larger than the actual maximum.) | |||||
2001-02-08 | platform specific CFLAGS don't belong into this Makefile | Bodo Möller | 1 | -1/+2 | |
2001-02-08 | Update documentation to match the state at 0.9.6 _and_ the recent changes. | Lutz Jänicke | 1 | -5/+43 | |
2001-02-07 | Bleichenbacher's DSA attack | Ulf Möller | 6 | -10/+28 | |
2001-02-07 | Modify access to EGD socket to deal with EINTR etc that can appear | Lutz Jänicke | 1 | -67/+156 | |
during connect() and other calls. First seen on Unixware-7. Unify access to EGD-socket for all RAND_egd_*() methods. | |||||
2001-02-07 | Fix AES code. | Dr. Stephen Henson | 23 | -5015/+2075 | |
Update Rijndael source to v3.0 Add AES OIDs. Change most references of Rijndael to AES. Add new draft AES ciphersuites. | |||||
2001-02-07 | Change preferences for sockets of EGD-style entropy daemons to a more | Lutz Jänicke | 1 | -1/+1 | |
reasonable selection. | |||||
2001-02-07 | Fix typo preventing correct usage of -out option. | Lutz Jänicke | 1 | -1/+1 | |
2001-02-06 | Rijdael CBC mode and partial undebugged SSL support. | Ben Laurie | 15 | -13/+232 | |
2001-02-06 | Improve the state machine. | Ben Laurie | 1 | -13/+34 | |
2001-02-06 | Avoid coredumps for CONF_get_...(NULL, ...) | Bodo Möller | 2 | -18/+50 | |
2001-02-06 | don't dump core | Bodo Möller | 1 | -5/+4 | |
2001-02-06 | format strings | Ulf Möller | 8 | -12/+11 | |
2001-02-06 | Fix potential buffer overrun for EBCDIC. | Ulf Möller | 2 | -6/+23 | |
2001-02-05 | Fix a memory leak in BIO_get_accept_socket(). This leak was small and | Richard Levitte | 1 | -4/+4 | |
only happened when the port number wasn't parsable ot the host wasn't possible to convert to an IP address. Contributed by Niko Baric <Niko.Baric@epost.de> | |||||
2001-02-05 | Include string.h (whis is in all relevant standards) instead of | Bodo Möller | 1 | -1/+1 | |
memory.h (which is not). | |||||
2001-02-05 | New function to copy nonce values from OCSP | Dr. Stephen Henson | 3 | -12/+21 | |
request to response. | |||||
2001-02-04 | Make depend. | Ben Laurie | 20 | -2511/+2723 | |
2001-02-04 | BN assembler is no longer option on x86. | Ben Laurie | 1 | -1/+1 | |
2001-02-04 | Can't remember why this was needed? | Ben Laurie | 1 | -1/+2 | |
2001-02-04 | Fix a warning. | Ben Laurie | 1 | -0/+1 | |
2001-02-04 | Documenting session caching, 2nd step. | Lutz Jänicke | 9 | -8/+303 | |
2001-02-04 | Fix ASN1_TIME_to_generlizedtime(). | Dr. Stephen Henson | 5 | -11/+35 | |
Add protoype for OCSP_response_create(). Add OCSP_request_sign() and OCSP_basic_sign() private key and certificate checks and make OCSP_NOCERTS consistent with PKCS7_NOCERTS | |||||
2001-02-03 | Various OCSP responder utility functions. | Dr. Stephen Henson | 8 | -227/+334 | |
Delete obsolete OCSP functions. Largely untested at present... | |||||
2001-02-03 | Clarify why SSL_CTX_use_certificate_chain_file() should be preferred. | Lutz Jänicke | 1 | -2/+14 | |
2001-02-03 | Typo: on my screen it nicely wrapped around at 80 :-) | Lutz Jänicke | 1 | -1/+2 | |
2001-02-03 | If the source has already been succesfully queried, do not try to open it | Lutz Jänicke | 1 | -2/+4 | |
again as file. | |||||
2001-02-02 | Document session caching, first step. | Lutz Jänicke | 5 | -2/+241 | |
2001-02-02 | Various function for commmon operations. | Dr. Stephen Henson | 12 | -45/+49 | |
2001-02-02 | Tidy up the mess in bss_sock.c and bss_fd.c | Dr. Stephen Henson | 2 | -130/+225 | |
by placing them socket/fd code in separate files rather than trying to have them both share the same one. |