- 13 7月, 2001 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Allow OCSP server to handle multiple requests. Document new OCSP options.
-
由 Dr. Stephen Henson 提交于
Initial OCSP server support, using index.txt format. This can process internal requests or behave like a mini responder. Todo: documentation, update usage info.
-
- 12 7月, 2001 1 次提交
-
-
由 Geoff Thorpe 提交于
things), especially as the RSA keys are fixed. However, DSA only fixes the DSA parameters and then generates the public and private components on the fly each time - this commit hard-codes some sampled key values so that this is no longer the case.
-
- 11 7月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
-
- 10 7月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
SSL according to RFC 2712. His comment is: This is a patch to openssl-SNAP-20010702 to support Kerberized SSL authentication. I'm expecting to have the full kssl-0.5 kit up on sourceforge by the end of the week. The full kit includes patches for mod-ssl, apache, and a few text clients. The sourceforge URL is http://sourceforge.net/projects/kssl/ . Thanks to a note from Simon Wilkinson I've replaced my KRB5 AP_REQ message with a real KerberosWrapper struct. I think this is fully RFC 2712 compliant now, including support for the optional authenticator field. I also added openssl-style ASN.1 macros for a few Kerberos structs; see crypto/krb5/ if you're interested.
-
- 08 7月, 2001 2 次提交
-
-
由 Ben Laurie 提交于
-
由 Ben Laurie 提交于
-
- 03 7月, 2001 1 次提交
-
-
由 Lutz Jänicke 提交于
(found by Andy Brown <logic@warthog.com>).
-
- 02 7月, 2001 1 次提交
-
-
由 Ben Laurie 提交于
-
- 28 6月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Modify apps to use NCONF code instead of old CONF code. Add new extension functions which work with NCONF. Tidy up extension config routines and remove redundant code. Fix NCONF_get_number(). Todo: more testing of apps to see they still work...
-
- 27 6月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
-
- 25 6月, 2001 3 次提交
-
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
-
- 24 6月, 2001 4 次提交
-
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
to go the monolith way (does anyone do that these days?). NOTE: a few applications are missing in this commit. I've a few more changes in them that I haven't tested yet.
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
password callbak doesn't need to check for sizes any more.
-
- 23 6月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 20 6月, 2001 5 次提交
-
-
由 Richard Levitte 提交于
commands appropriately.
-
由 Dr. Stephen Henson 提交于
Change all calls to low level digest routines in the library and applications to use EVP. Add missing calls to HMAC_cleanup() and don't assume HMAC_CTX can be copied using memcpy(). Note: this is almost identical to the patch submitted to openssl-dev by Verdon Walker <VWalker@novell.com> except some redundant EVP_add_digest_()/EVP_cleanup() calls were removed and some changes made to avoid compiler warnings.
-
由 Dr. Stephen Henson 提交于
-
由 Richard Levitte 提交于
file part of the password prompt unless it's standard input... More will be added...
-
由 Richard Levitte 提交于
prompting, even when done through the callback.
-
- 19 6月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 18 6月, 2001 2 次提交
-
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
everywhere.
-
- 11 6月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 06 6月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
-
- 30 5月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
string (some engines may have certificates protected by a PIN!) and a description to put into error messages. Also, have our own password callback that we can send both a password and some prompt info to. The default password callback in EVP assumes that the passed parameter is a password, which isn't always the right thing, and the ENGINE code (at least the nCipher one) makes other assumptions... Also, in spite of having the functions to load keys, some utilities did the loading all by themselves... That's changed too.
-
- 22 5月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
-
- 09 5月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
inherited from X509_STORE. Add CRL checking options to other applications.
-
- 08 5月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Initial CRL based revocation checking.
-
- 30 4月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
define LLONG properly for VC++. stop compiler complaining about signed/unsigned mismatch in apps/engine.c
-
- 27 4月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
-
- 19 4月, 2001 1 次提交
-
-
由 Geoff Thorpe 提交于
ENGINE. * Extra verbosity can be added with more "v"'s, eg. '-vvv' gives information about input flags and descriptions for each control command in each ENGINE. Check the output of "openssl engine -vvv" for example. * '-pre <cmd>' and '-post <cmd>' can be used to invoke control commands on the specified ENGINE (or on all of them if no engine id is specified, although that usually gets pretty ugly). '-post' commands are only attempted if '-t' is specified and the engine successfully initialises. '-pre' commands are always attempted whether or not '-t' causes an initialisation to be tried afterwards. Multiple '-pre' and/or '-post' commands can be specified and they will be called in the order they occur on the command line. Parameterised commands (the normal case, there are currently no unparameterised ones) are split into command and argument via a separating colon. Eg. "openssl engine -pre SO_PATH:/lib/libdriver.so <id>" results in the call; ENGINE_ctrl_cmd_string(e, "SO_PATH", "/lib/libdriver.so", 0); Application code should similarly allow arbitrary name-value string pairs to be passed into ENGINEs in a manner matching that in apps/engine.c, either using the same colon-separated format, or entered as two distinct strings. Eg. as stored in a registry. The last parameter of ENGINE_ctrl_cmd_string can be changed from 0 to 1 if the command should only be attempted if it's supported by the specified ENGINE (eg. for commands like "FORK_CHECK:1" that may or may not apply to the run-time ENGINE).
-
- 11 4月, 2001 4 次提交
-
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
to subjectAltName when signing a certificate.
-
由 Richard Levitte 提交于
-