| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Tested in a bulk build by sthen
ok jsing
|
|
|
|
|
|
|
|
| |
X509V3_get_d2i() and X509V3_extensions_print(), and one to the 'title'
argument of the latter function.
tested in a bulk build by sthen
ok jsing
|
|
|
|
|
|
|
|
|
| |
one to the last argument of each one of i2s_ASN1_OCTET_STRING(),
s2i_ASN1_OCTET_STRING(), i2s_ASN1_INTEGER(), i2s_ASN1_ENUMERATED(),
and i2s_ASN1_ENUMERATED_TABLE().
tested in a bulk build by sthen
ok jsing
|
|
|
|
|
|
|
|
|
|
|
| |
X509V3_get_value_bool(), X509V3_add_value_bool_nf(),
X509V3_get_value_int(), X509V3_get_string(), X509V3_get_section()
are now const.
While there, remove a stupid cast and two redundant checks.
tested in a bulk build by sthen
ok jsing
|
|
|
|
|
|
|
|
|
| |
arguments of X509_PURPOSE_add(3), X509_PURPOSE_get0_name(3),
X509_PURPOSE_get0_sname(3), X509_PURPOSE_get_by_sname(3),
X509_PURPOSE_get_id(3), X509_PURPOSE_get_trust(3).
tested in a bulk build by sthen
ok jsing
|
|
|
|
|
|
|
|
|
| |
X509V3_EXT_{,n}conf_nid(3), X509_EXT_{,n}conf(3)
X509V3{,_CRL,_REQ}_add_{,n}conf(3) as well as the get_string()
and get_section() members of X509_CONF_METHOD_st.
tested in a bulk build by sthen
ok jsing
|
|
|
|
|
|
|
| |
SXNET_add_id_INTEGER(3), SXNET_add_id_asc(3), SXNET_add_id_ulong(3)
tested in a bulk by sthen
ok jsing
|
|
|
|
|
|
|
| |
BIO_f_asn1() will be taken care of later.
Tested in a bulk by sthen
ok bcook jca jsing
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The certificate verification code has special cases for self-signed
certificates and without this change, self-issued certificates (which it
seems are common place with openvpn/easyrsa) were also being included in
this category.
Based on BoringSSL.
Thanks to Dale Ghent <daleg at elemental dot org> for assisting in
identifying the issue and testing this fix.
ok inoguchi@
|
| |
|
|
|
|
|
| |
nothing but markers for utils/mkstack.pl... and we removed the code that
generated more macros from these markers in 2014.
|
| |
|
|
|
|
| |
No change in preprocessed output, ignoring whitespace and line numbers.
|
|
|
|
|
|
| |
in X509_check_host, X509_check_email, X509_check_ip, and X509_check_ip_asc,
with some cleanup on the way in by myself and jsing@
ok bcook@
|
|
|
|
|
|
| |
be enabled, mostly since people use SANs instead.
ok beck@ guenther@
|
|
|
|
|
|
|
|
|
| |
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
| |
|
|
|
|
|
|
|
|
| |
This avoids a lot of ugly gymnastics to do snprintfs before sending the
bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c
where it was being called with the incorrect number of arguments and
using random things off the stack as addresses of strings.
ok krw@, jsing@
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
| |
|
|
functionality for shared libs.
Note that routines such as sslv2_init and friends that use RSA will
not work due to lack of RSA in this library.
Needs documentation and help from ports for easy upgrade to full
functionality where legally possible.
|