- 09 9月, 2014 2 次提交
-
-
由 Kurt Roeckx 提交于
This is a more comprehensive fix. It changes all keygen apps to use 2K keys. It also changes the default to use SHA256 not SHA1. This is from Kurt's upstream Debian changes. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
由 Rich Salz 提交于
For consistency. Reviewed-by: NBodo Moeller <bodo@openssl.org>
-
- 08 9月, 2014 17 次提交
-
-
由 Matthias Andree 提交于
In addition to Matthias's change, I also added -n to not remove links. And updated the manpage. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Bjoern Zeeb 提交于
The EXT_BITSTRING and EXT_IA5STRING are defined in x509v3.h, but the low-level functions are not public. They are useful, no need to make them static. Note that BITSTRING already was exposed since this RT was created, so now we just export IA5STRING functions. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Rich Salz 提交于
The documentation is wrong about what happens when the session cache fills up. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Erik Auerswald 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dario B 提交于
I added some error-checking while integrating this patch. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Scott Schaefer 提交于
pod2man now complains when item tags are not sequential. Also complains about missing =back and other tags. Silence the warnings; most were already done. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Rich Salz 提交于
The original RT request included a patch. By the time we got around to doing it, however, the callback scheme had changed. So I wrote a new function RSA_check_key_ex() that uses the BN_GENCB callback. But thanks very much to Vinet Sharma <vineet.sharma@gmail.com> for the initial implementation. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Robin Lee 提交于
Copy the ifdef/undef stanza from x509.h to x509v3.h Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Rich Salz 提交于
In the current code, the check isn't redundant. And in fact the REAL check was missing. This avoids a NULL-deref crash. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Martin Olsson 提交于
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Martin Olsson 提交于
Also, I (rsalz) changed "#ifdef undef" to "#if 0" Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Rich Salz 提交于
empty merge; script hiccup. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Rich Salz 提交于
The function returns 0 or 1, only. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Rich Salz 提交于
The function returns 0 or 1, only. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Alon Bar-Lev 提交于
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Viktor Dkhovni 提交于
Regexp was bracketed wrong. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 05 9月, 2014 5 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NDr Stephen Henson <steve@openssl.org>
-
由 Emilia Kasper 提交于
i2d_re_X509_tbs re-encodes the TBS portion of the certificate. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NDr Stephen Henson <steve@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Adam Langley 提交于
Fix a bug in handling of 128 byte long PSK identity in psk_client_callback. OpenSSL supports PSK identities of up to (and including) 128 bytes in length. PSK identity is obtained via the psk_client_callback, implementors of which are expected to provide a NULL-terminated identity. However, the callback is invoked with only 128 bytes of storage thus making it impossible to return a 128 byte long identity and the required additional NULL byte. This CL fixes the issue by passing in a 129 byte long buffer into the psk_client_callback. As a safety precaution, this CL also zeroes out the buffer before passing it into the callback, uses strnlen for obtaining the length of the identity returned by the callback, and aborts the handshake if the identity (without the NULL terminator) is longer than 128 bytes. (Original patch amended to achieve strnlen in a different way.) Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 04 9月, 2014 2 次提交
-
-
由 Richard Levitte 提交于
string returns 0 with errno = ENOENT. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Phil Mesnier 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 03 9月, 2014 1 次提交
-
-
由 Clang via Jeffrey Walton 提交于
Can't really happen, but the flow of control isn't obvious. Add an initializer. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 02 9月, 2014 1 次提交
-
-
由 Emilia Kasper 提交于
"inline" without static is not correct as the compiler may choose to ignore it and will then either emit an external definition, or expect one. Reviewed-by: NGeoff Thorpe <geoff@openssl.org>
-
- 01 9月, 2014 3 次提交
-
-
由 Kurt Cancemi 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Adam Williamson 提交于
RT842, closed back in 2004, changed the default serial number to be a random number rather than zero. Finally time to update the doc Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 31 8月, 2014 4 次提交
-
-
由 TANABE Hiroyasu 提交于
Add .crt/.cer/.crl to the filenames parsed. I also updated the podpage (since it didn't exist when this ticket was first created, nor when it was re-created seven years later). Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 30 8月, 2014 5 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Rich Salz 提交于
Andy pointed out there is also darwin64, so tweak the pattern. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Rich Salz 提交于
Re-order algorithm list. Be consistent in command synopsis. Add content about signing. Add EXAMPLE section Add some missing options: -r, -fips-fingerprint -non-fips-allow Various other fixes. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Rich Salz 提交于
Andy found an additional typo "can be can be". Now I have that silly "Que sera sera" song stuck in my head. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 James Westby 提交于
Add the file written by James Westby, graciously contributed under the terms of the OpenSSL license. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-