New err_code.pl script to retain old error codes. This should allow the use
of 'make errors' without causing huge re-organisations of files when a new
code is added.
Time to blow up the source tree :-) This is the beginning of support for
GeneralizedTime. At several points PKIX specifies that GeneralizedTime can be
used but OpenSSL doesn't currently support it. This patch adds several files
and a bunch of functions.
Of interest is the ASN1_TIME structure and its related functions. At several
points certificates, CRLs et al specify that a time can be expressed as a
choice of UTCTime and GeneralizedTime. Currently OpenSSL interprets this
(wrongly) as UTCTime because GeneralizedTime isn't supported. The ASN1_TIME
stuff provides this functionality.
Still todo is to trace which cert and CRL points need an ASN1_TIME and modify
the utilities appropriately and of course fix all the bugs.
Note new OpenSSL copyright in the new file a_time.c. I didn't put it in
a_gentm.c because it is a minimally modified form a_utctm.c .
Since this adds new files and error codes you will need to do a 'make errors'
at the top level to add the new codes.
Fix the gendsa program and add it to the app list. The progs.h file is
auto generated but not auto updated so it is included. Also remove the
encryption from the sample DSA keys.
Fix things so DH_free() will be no-op when passed NULL, like RSA_free() and
DSA_free(): this was causing crashes when for example an attempt was made
to handle a (currently) unsupported DH public key. Also X509_PUBKEY_set()i
wasn't checking errors from d2i_PublicKey().
Make sure the already existing X509_STORE->depth variable is initialized
in X509_STORE_new(), but document the fact that this variable is still
unused in the certificate verification process.
First cut of a cleanup for apps/. First the `ssleay' program is now named
`openssl' and second, the shortcut symlinks for the `openssl <command>' are no
longer created. This way we have a single and consistent command line
interface `openssl <command>', similar to `cvs <command>'.
Notice, the openssl.cnf, openssl.c and progs.pl files were changed after a
repository copy, i.e. they still contain the complete file history.
Puhhh... now we've documented the prototypes of all 214 API "functions". This
is a pain to do, because of the various macro definitions which I had to
expand manually to get their prototype :-(
What's now needed is a volunteer who wants to write down one or two sentences
per API function to document it a little bit...
1. The already released version was 0.9.1c and not 0.9.1b
2. The next release should be 0.9.2 and not 0.9.1d, because
first the changes are already too large, second we should avoid any more
0.9.1x confusions and third, the Apache version semantics of
VERSION.REVISION.PATCHLEVEL for the version string is reasonable (and here
.2 is already just a patchlevel and not major change).
tVS: ----------------------------------------------------------------------
stephen [Thu, 31 Dec 1998 00:59:02 +0000 (00:59 +0000)]
Fix for sk_insert bug: it never worked properly.
Allow explicit tag asn macros to handle indefinite length constructed stuff:
without this certain "certificates" can't be read in.
They are written in Perl's POD format for two reasons: First Perl is already
needed for SSLeay and second, POD is easy to write and maintain _AND_ created
nice looking NRoff manpages.
The idea is to have three manual pages:
openssl(1) ... The manpage for the `openssl' program (formerly ssleay)
crypto(3) .... The manpage for crypto.h/libcrypto.a
ssl(3) ....... The manpage for ssl.h/libssl.a
The openssl(1) should be very similar to cvs(1), i.e. it should document all
commands in a compact way. And I've even created the first cut for an
overview of all 243 functions of the SSL API for ssl.pod. More to come...
projects / openssl / log