1. 24 5月, 2016 1 次提交
  2. 18 5月, 2016 1 次提交
  3. 18 4月, 2016 2 次提交
  4. 10 3月, 2016 1 次提交
  5. 27 1月, 2016 1 次提交
    • R
      Remove /* foo.c */ comments · 34980760
      Rich Salz 提交于
      This was done by the following
              find . -name '*.[ch]' | /tmp/pl
      where /tmp/pl is the following three-line script:
              print unless $. == 1 && m@/\* .*\.[ch] \*/@;
              close ARGV if eof; # Close file to reset $.
      
      And then some hand-editing of other files.
      Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
      34980760
  6. 08 1月, 2016 2 次提交
  7. 11 12月, 2015 1 次提交
  8. 30 9月, 2015 1 次提交
    • D
      Fix no-stdio build · 984d6c60
      David Woodhouse 提交于
      Much related/similar work also done by
      Ivan Nestlerode <ivan.nestlerode@sonos.com>
      
         +Replace FILE BIO's with dummy ops that fail.
         +Include <stdio.h> for sscanf() even with no-stdio (since the declaration
          is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment
          variable, since it can be larger than a 'long'. And we don't rely on the
          availability of strtoull().
         +Remove OPENSSL_stderr(); not used.
         +Make OPENSSL_showfatal() do nothing (currently without stdio there's
          nothing we can do).
         +Remove file-based functionality from ssl/. The function
          prototypes were already gone, but not the functions themselves.
         +Remove unviable conf functionality via SYS_UEFI
         +Add fallback definition of BUFSIZ.
         +Remove functions taking FILE * from header files.
         +Add missing DECLARE_PEM_write_fp_const
         +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out,
          so remove its prototype.
         +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid().
         +Eliminate SRP_VBASE_init() and supporting functions. Users will need to
          build the verifier manually instead.
         +Eliminate compiler warning for unused do_pk8pkey_fp().
         +Disable TEST_ENG_OPENSSL_PKEY.
         +Disable GOST engine as is uses [f]printf all over the place.
         +Eliminate compiler warning for unused send_fp_chars().
      Signed-off-by: NRich Salz <rsalz@akamai.com>
      Reviewed-by: NTim Hudson <tjh@openssl.org>
      984d6c60
  9. 23 9月, 2015 1 次提交
  10. 04 9月, 2015 1 次提交
    • D
      Revert "OPENSSL_NO_xxx cleanup: RFC3779" · 47bbaa5b
      David Woodhouse 提交于
      This reverts the non-cleanup parts of commit c73ad690. We do actually
      have a reasonable use case for OPENSSL_NO_RFC3779 in the EDK2 UEFI
      build, since we don't have a strspn() function in our runtime environment
      and we don't want the RFC3779 functionality anyway.
      
      In addition, it changes the default behaviour of the Configure script so
      that RFC3779 support isn't disabled by default. It was always disabled
      from when it was first added in 2006, right up until the point where
      OPENSSL_NO_RFC3779 was turned into a no-op, and the code in the
      Configure script was left *trying* to disable it, but not actually
      working.
      Signed-off-by: NRich Salz <rsalz@akamai.com>
      Reviewed-by: NTim Hudson <tjh@openssl.org>
      47bbaa5b
  11. 02 9月, 2015 1 次提交
  12. 01 4月, 2015 1 次提交
  13. 12 3月, 2015 1 次提交
  14. 06 2月, 2015 1 次提交
  15. 27 1月, 2015 1 次提交
  16. 22 1月, 2015 2 次提交
  17. 08 9月, 2014 2 次提交
  18. 07 7月, 2014 1 次提交
  19. 05 7月, 2014 1 次提交
  20. 13 6月, 2014 1 次提交
    • V
      Client-side namecheck wildcards. · a09e4d24
      Viktor Dukhovni 提交于
      A client reference identity of ".example.com" matches a server
      certificate presented identity that is any sub-domain of "example.com"
      (e.g. "www.sub.example.com).
      
      With the X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS flag, it matches
      only direct child sub-domains (e.g. "www.sub.example.com").
      a09e4d24
  21. 21 5月, 2014 1 次提交
    • V
      Fixes to host checking. · 397a8e74
      Viktor Dukhovni 提交于
      Fixes to host checking wild card support and add support for
      setting host checking flags when verifying a certificate
      chain.
      397a8e74
  22. 18 11月, 2012 1 次提交
    • D
      PR: 2909 · d88926f1
      Dr. Stephen Henson 提交于
      Contributed by: Florian Weimer <fweimer@redhat.com>
      
      Fixes to X509 hostname and email address checking. Wildcard matching support.
      New test program and manual page.
      d88926f1
  23. 08 10月, 2012 1 次提交
  24. 04 3月, 2010 1 次提交
  25. 25 2月, 2010 1 次提交
  26. 24 2月, 2010 1 次提交
  27. 28 7月, 2009 1 次提交
  28. 20 4月, 2009 1 次提交
  29. 06 11月, 2008 1 次提交
  30. 12 10月, 2008 1 次提交
  31. 01 9月, 2008 1 次提交
  32. 29 8月, 2008 1 次提交
  33. 08 8月, 2008 1 次提交
  34. 04 8月, 2008 1 次提交
  35. 13 7月, 2008 1 次提交
    • D
      X509 verification fixes. · db50661f
      Dr. Stephen Henson 提交于
      Ignore self issued certificates when checking path length constraints.
      
      Duplicate OIDs in policy tree in case they are allocated.
      
      Use anyPolicy from certificate cache and not current tree level.
      db50661f
  36. 04 6月, 2008 1 次提交