- 24 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Add script to find unused err/reason codes Remove unused reason codes. Remove entries for unused functions Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 18 4月, 2016 2 次提交
-
-
由 Rich Salz 提交于
Give the API new names, document it. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Make OBJ_name_cmp internal Rename idea_xxx to IDEA_xxx Rename get_rfc_xxx to BN_get_rfc_xxx Rename v3_addr and v3_asid functions to X509v3_... Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 10 3月, 2016 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 27 1月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 08 1月, 2016 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Applications wishing to include their own stacks now just need to include DEFINE_STACK_OF(foo) in a header file. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 11 12月, 2015 1 次提交
-
-
由 Rob Stradling 提交于
Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NDr. Stephen Henson <steve@openssl.org> GH: #495, MR: #1435
-
- 30 9月, 2015 1 次提交
-
-
由 David Woodhouse 提交于
Much related/similar work also done by Ivan Nestlerode <ivan.nestlerode@sonos.com> +Replace FILE BIO's with dummy ops that fail. +Include <stdio.h> for sscanf() even with no-stdio (since the declaration is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment variable, since it can be larger than a 'long'. And we don't rely on the availability of strtoull(). +Remove OPENSSL_stderr(); not used. +Make OPENSSL_showfatal() do nothing (currently without stdio there's nothing we can do). +Remove file-based functionality from ssl/. The function prototypes were already gone, but not the functions themselves. +Remove unviable conf functionality via SYS_UEFI +Add fallback definition of BUFSIZ. +Remove functions taking FILE * from header files. +Add missing DECLARE_PEM_write_fp_const +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out, so remove its prototype. +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid(). +Eliminate SRP_VBASE_init() and supporting functions. Users will need to build the verifier manually instead. +Eliminate compiler warning for unused do_pk8pkey_fp(). +Disable TEST_ENG_OPENSSL_PKEY. +Disable GOST engine as is uses [f]printf all over the place. +Eliminate compiler warning for unused send_fp_chars(). Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 23 9月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 04 9月, 2015 1 次提交
-
-
由 David Woodhouse 提交于
This reverts the non-cleanup parts of commit c73ad690. We do actually have a reasonable use case for OPENSSL_NO_RFC3779 in the EDK2 UEFI build, since we don't have a strspn() function in our runtime environment and we don't want the RFC3779 functionality anyway. In addition, it changes the default behaviour of the Configure script so that RFC3779 support isn't disabled by default. It was always disabled from when it was first added in 2006, right up until the point where OPENSSL_NO_RFC3779 was turned into a no-op, and the code in the Configure script was left *trying* to disable it, but not actually working. Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 02 9月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 01 4月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
Rather than making include/openssl/foo.h a symlink to crypto/foo/foo.h, this change moves the file to include/openssl/foo.h once and for all. Likewise, move crypto/foo/footest.c to test/footest.c, instead of symlinking it there. Originally-by: NGeoff Thorpe <geoff@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 12 3月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Remove DECLARE_ASN1_SET_OF and DECLARE_PKCS12_STACK_OF these haven't been used internally in OpenSSL for some time. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 06 2月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Unused type; a pair X509 certificates. Intended for LDAP support. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 27 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Remove OPENSSL_NO_RFCF3779. Also, makevms.com was ignored by some of the other cleanups, so I caught it up. Sorry I ignored you, poor little VMS... Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 22 1月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 08 9月, 2014 2 次提交
-
-
由 Bjoern Zeeb 提交于
The EXT_BITSTRING and EXT_IA5STRING are defined in x509v3.h, but the low-level functions are not public. They are useful, no need to make them static. Note that BITSTRING already was exposed since this RT was created, so now we just export IA5STRING functions. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Robin Lee 提交于
Copy the ifdef/undef stanza from x509.h to x509v3.h Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 07 7月, 2014 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reduces number of silly casts in OpenSSL code and likely most applications. Consistent with (char *) for "peername" value from X509_check_host() and X509_VERIFY_PARAM_get0_peername().
-
- 05 7月, 2014 1 次提交
-
-
由 Viktor Dukhovni 提交于
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host(). Document modified interface.
-
- 13 6月, 2014 1 次提交
-
-
由 Viktor Dukhovni 提交于
A client reference identity of ".example.com" matches a server certificate presented identity that is any sub-domain of "example.com" (e.g. "www.sub.example.com). With the X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS flag, it matches only direct child sub-domains (e.g. "www.sub.example.com").
-
- 21 5月, 2014 1 次提交
-
-
由 Viktor Dukhovni 提交于
Fixes to host checking wild card support and add support for setting host checking flags when verifying a certificate chain.
-
- 18 11月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Contributed by: Florian Weimer <fweimer@redhat.com> Fixes to X509 hostname and email address checking. Wildcard matching support. New test program and manual page.
-
- 08 10月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
certificate. Add options to s_client, s_server and x509 utilities to print results of checks.
-
- 04 3月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 25 2月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
as issuer and subject names. Although this is an incompatible change it should have little impact in pratice because self-issued certificates that are not self-signed are rarely encountered.
-
- 24 2月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 28 7月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 20 4月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 06 11月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 12 10月, 2008 1 次提交
-
-
由 Ben Laurie 提交于
-
- 01 9月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
a delta CRL in addition to a full CRL. Check and search delta in addition to the base.
-
- 29 8月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Tidy CRL scoring system. Add new CRL path validation error.
-
- 08 8月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
TODO: robustness checking on name forms.
-
- 04 8月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
fields.
-
- 13 7月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Ignore self issued certificates when checking path length constraints. Duplicate OIDs in policy tree in case they are allocated. Use anyPolicy from certificate cache and not current tree level.
-
- 04 6月, 2008 1 次提交
-
-
由 Ben Laurie 提交于
-