- 05 12月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
failure and freeing up memory if a failure occurs. PR:620
-
- 03 12月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 01 12月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 29 11月, 2004 1 次提交
-
-
由 Richard Levitte 提交于
-
- 26 11月, 2004 2 次提交
-
-
由 Andy Polyakov 提交于
-
由 Dr. Stephen Henson 提交于
-
- 17 11月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add command line options -certform, -keyform and -pass to s_client and s_server. This supports the use of alternative passphrase sources, key formats and keys handled by an ENGINE. Update docs.
-
- 05 10月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 07 9月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
This tidies up verify parameters and adds support for integrated policy checking. Add support for policy related command line options. Currently only in smime application. WARNING: experimental code subject to change.
-
- 05 8月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
-
- 07 7月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 18 6月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
-
- 31 5月, 2004 1 次提交
-
-
由 Andy Polyakov 提交于
-
- 16 5月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
PR: 851
-
- 13 5月, 2004 1 次提交
-
-
由 Andy Polyakov 提交于
-
- 04 5月, 2004 1 次提交
-
-
由 Bodo Möller 提交于
- update from current 0.9.7-stable CHANGES file: Now here we have "CHANGES between 0.9.7e and 0.9.8", and I hope that all patches mentioned for 0.9.7d and 0.9.7e actually are in the CVS HEAD, i.e. what is to become 0.9.8. I have rewritten the 'openssl ca -create_serial' entry (0.9.8) so that it explains the earlier change that is now listed (0.9.7e). The ENGINE_set_default typo bug entry has been moved from 0.9.8 to 0.9.7b, which is where it belongs.
-
- 26 4月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
proposed the change and submitted the patch, I jiggled it slightly and adjusted the other parts of openssl that were affected. PR: 867 Submitted by: Jelte Jansen Reviewed by: Geoff Thorpe
-
- 21 4月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
0.9.7-stable as well as HEAD (and doesn't apply to the 0.9.6-engine variant).
-
- 20 4月, 2004 2 次提交
-
-
由 Dr. Stephen Henson 提交于
initial serial numbers. PR: 842
-
由 Geoff Thorpe 提交于
changes are the fallout). As this could break source code that doesn't directly include headers for interfaces it uses, changes to recursive includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to define this when building and using openssl, and then adapt code where necessary - this is how to stay current. However the mechanism exists for the lethargic.
-
- 31 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 29 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
appropriate form, for example correct DES parity. Update S/MIME code and EVP_SealInit to use new functions. PR: 700
-
- 28 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
verified structure can contain its own CRLs (such as PKCS#7 signedData). Tidy up some of the verify code.
-
- 27 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 25 3月, 2004 2 次提交
-
-
由 Geoff Thorpe 提交于
little TODO list in there as well as the debugging code (only enabled if BN_CTX_DEBUG is defined). I'd appreciate as much review and testing as can be spared for this. I'll commit some changes to other parts of the bignum code shortly to make better use of this implementation (no more fixed size limitations). Note also that under identical optimisations, I'm seeing a noticable speed increase over openssl-0.9.7 - so any feedback to confirm/deny this on other systems would also be most welcome.
-
由 Geoff Thorpe 提交于
operations no longer require two distinct BN_CTX structures. This may put more "strain" on the current BN_CTX implementation (which has a fixed limit to the number of variables it will hold), but so far this limit is not triggered by any of the tests pass and I will be changing BN_CTX in the near future to avoid this problem anyway. This also changes the default RSA implementation code to use the BN_CTX in favour of initialising some of its variables locally in each function.
-
- 23 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
This is currently *very* experimental and needs to be more fully integrated with the main verification code.
-
- 18 3月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
porting efforts. Also, add Richard's name to the prior change.
-
- 16 3月, 2004 1 次提交
-
-
由 Richard Levitte 提交于
functions and macros. This change has associated tags: LEVITTE_before_const and LEVITTE_after_const. Those will be removed when this change has been properly reviewed.
-
- 14 3月, 2004 2 次提交
-
-
由 Geoff Thorpe 提交于
Remove certain redundant BN_zero() initialisations, because BN_CTX_get(), BN_init(), [etc] already initialise to zero. Correct error checking in bn_sqr.c, and be less wishy-wash about how/why the result's 'top' value is set (note also, 'max' is always > 0 at this point).
-
由 Geoff Thorpe 提交于
change to work properly; BN_zero() should set 'neg' to zero as well as 'top' to match the behaviour of BN_new().
-
- 08 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 06 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in CRL issuer certificates. Reject CRLs with unhandled (any) critical extensions.
-
- 20 2月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
The old raw format can't be handled by some implementations and updates to RFC2560 will make this mandatory.
-
- 01 2月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
memory allocate when calling EVP_MD_CTX_copy_ex(). Without this HMAC is several times slower than < 0.9.7.
-
- 10 11月, 2003 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 05 11月, 2003 1 次提交
-
-
由 Geoff Thorpe 提交于
is itself experimental, and in addition may cause execution to break on existing openssl "bugs" that previously were harmless or at least invisible.
-
- 30 10月, 2003 1 次提交
-
-
由 Geoff Thorpe 提交于
except internally to the allocator BN_CTX_new(), as such this deprecates the use of BN_CTX_init() in the API. Moreover, the structure definition of BN_CTX is taken out of bn_lcl.h and moved into bn_ctx.c itself. NDEBUG should probably only be "forced" in the top-level configuration, but until it is I will avoid removing it from bn_ctx.c which might surprise people with massive slow-downs in their keygens. So I've left it in bn_ctx.c but tidied up the preprocessor logic a touch and made it more tolerant of debugging efforts.
-
- 29 10月, 2003 2 次提交
-
-
由 Geoff Thorpe 提交于
choice but to have to cast away "const" qualifiers from their prototypes. This does not remove constification restrictions from hash/compare callbacks, but allows destructor commands to be run over a tables' elements without bad casts.
-
由 Geoff Thorpe 提交于
linux system (namely mine) chokes on our definitions and uses of the "HZ" symbol in crypto/tmdiff.[ch] and apps/speed.c as a "bad function cast" (when in fact there is no function casting involved at all). In both cases, it is easily worked around by not defining a cast into the macro and jiggling the expressions slightly. In addition - this highlights some cruft in openssl that needs sorting out. The tmdiff.h header is exported as part of the openssl API despite the fact that it is ugly as the driven sludge and not used anywhere in the library, applications, or utilities. More weird still, almost identical code exists in apps/speed.c though it looks to be slightly tweaked - so either tmdiff should be updated and used by speed.c, or it should be dumped because it's obviously not useful enough. Rather than removing it for now, I've changed the API for tmdiff to at least make sense. This involves taking the object type (MS_TM) from the implementation and using it in the header rather than using "char *" in the API and casting mercilessly in the code (ugh). If someone doesn't like "MS_TM" and the "ms_time_***" naming, by all means change it. This should be a harmless improvement, because the existing API is clearly not very useful (eg. we reimplement it rather than using it in our own utils). However, someone still needs to take a hack at consolidating speed.c and tmdiff.[ch] somehow.
-