- 09 3月, 2016 1 次提交
-
-
由 Alessandro Ghedini 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 02 3月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 27 1月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 19 1月, 2016 1 次提交
-
-
由 Viktor Dukhovni 提交于
It seems risky in the context of cross-signed certificates when the same certificate might have multiple potential issuers. Also rarely used, since chains in OpenSSL typically only employ self-signed trust-anchors, whose self-signatures are not checked, while untrusted certificates are generally ephemeral. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 02 12月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 24 11月, 2015 1 次提交
-
-
由 Rich Salz 提交于
And a scalar !x --> x==0 test Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 15 10月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 03 10月, 2015 1 次提交
-
-
由 Kurt Roeckx 提交于
Thanks to David Benjamin <davidben@google.com> for pointing them out. Reviewed-by: NSteve Henson <steve@openssl.org> MR #1198
-
- 23 9月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 22 9月, 2015 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 9月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 17 9月, 2015 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 15 9月, 2015 1 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NDr. Stephen Henson <steve@openssl.org> MR #1005
-
- 04 9月, 2015 1 次提交
-
-
由 David Woodhouse 提交于
This reverts the non-cleanup parts of commit c73ad690. We do actually have a reasonable use case for OPENSSL_NO_RFC3779 in the EDK2 UEFI build, since we don't have a strspn() function in our runtime environment and we don't want the RFC3779 functionality anyway. In addition, it changes the default behaviour of the Configure script so that RFC3779 support isn't disabled by default. It was always disabled from when it was first added in 2006, right up until the point where OPENSSL_NO_RFC3779 was turned into a no-op, and the code in the Configure script was left *trying* to disable it, but not actually working. Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 14 5月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and adapt the affected source code and Makefiles. The header files that got moved are: crypto/cryptolib.h crypto/md32_common.h Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 01 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Don't check for NULL before calling OPENSSL_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 17 4月, 2015 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 19 3月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reported by the LibreSSL project as a follow on to CVE-2015-0209 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 27 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Remove OPENSSL_NO_RFCF3779. Also, makevms.com was ignored by some of the other cleanups, so I caught it up. Sorry I ignored you, poor little VMS... Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 22 1月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 05 9月, 2014 1 次提交
-
-
由 Emilia Kasper 提交于
i2d_re_X509_tbs re-encodes the TBS portion of the certificate. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NDr Stephen Henson <steve@openssl.org>
-
- 13 6月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 04 10月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
this means that some implementations will be used automatically, e.g. aesni, we do this for cryptodev anyway. Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
-
- 08 8月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
TODO: robustness checking on name forms.
-
- 06 12月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 27 11月, 2006 1 次提交
-
-
由 Ben Laurie 提交于
-
- 24 7月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 02 9月, 2005 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 21 8月, 2005 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 31 3月, 2005 1 次提交
-
-
由 Ben Laurie 提交于
-
- 23 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
This is currently *very* experimental and needs to be more fully integrated with the main verification code.
-
- 16 3月, 2004 1 次提交
-
-
由 Richard Levitte 提交于
functions and macros. This change has associated tags: LEVITTE_before_const and LEVITTE_after_const. Those will be removed when this change has been properly reviewed.
-
- 02 9月, 2001 1 次提交
-
-
由 Geoff Thorpe 提交于
See the commit log message for that for more information. NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented (initialisation by "memset" won't/can't/doesn't work). This fixes that but requires that X509_STORE_CTX_init() be able to handle errors - so its prototype has been changed to return 'int' rather than 'void'. All uses of that function throughout the source code have been tracked down and adjusted.
-
- 13 8月, 2001 1 次提交
-
-
由 Geoff Thorpe 提交于
setting stack (actually, array) values in ex_data. So only increment the global counters if the underlying CRYPTO_get_ex_new_index() call succeeds. This change doesn't make "ex_data" right (see the comment at the head of ex_data.c to know why), but at least makes the source code marginally less frustrating.
-
- 27 7月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
More linker bloat reorganisation: Split private key PEM and normal PEM handling. Private key handling needs to link in stuff like PKCS#8. Relocate the ASN1 *_dup() functions, to the relevant ASN1 modules using new macro IMPLEMENT_ASN1_DUP_FUNCTION. Previously these were all in crypto/x509/x_all.c along with every ASN1 BIO/fp function which linked in *every* ASN1 function if a single dup was used. Move the authority key id ASN1 structure to a separate file. This is used in the X509 routines and its previous location linked in all the v3 extension code. Also move ASN1_tag2bit to avoid linking in a_bytes.c which is now largely obsolete. So far under Linux stripped binary with single PEM_read_X509 is now 238K compared to 380K before these changes.
-
- 23 2月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
prototype hack. This unfortunately means that every ASN1_*_END construct cannot have a trailing ;
-
- 09 12月, 2000 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Merge from the ASN1 branch of new ASN1 code to main trunk. Lets see if the makes it to openssl-cvs :-)
-
- 06 9月, 2000 1 次提交
-
-
由 Dr. Stephen Henson 提交于
The old code was painfully primitive and couldn't handle distinct certificates using the same subject name. The new code performs several tests on a candidate issuer certificate based on certificate extensions. It also adds several callbacks to X509_VERIFY_CTX so its behaviour can be customised. Unfortunately some hackery was needed to persuade X509_STORE to tolerate this. This should go away when X509_STORE is replaced, sometime... This must have broken something though :-(
-