* contrib/hbssl/evpmd.c
* contrib/hbssl/hbssl.h
* moved hb_EVP_MD_ptr_to_id() function from static to public area
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/hbssl.hbm
+ contrib/hbssl/d2i.c
* added new functions to extract asynchronous keys and certificates
from DER data:
D2I_PUBKEY( <cDER> ) -> <pEVPKey>
D2I_RSAPUBLICKEY( <cDER> ) -> <pRSAKey>
D2I_X509( <cDER> ) -> <pX509Cert>
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/evppkey.c
+ added new functions to get/set RSA asymmetric keys parameters
encapsulated in EVP_PKEY structures:
EVP_PKEY_CTX_get_RSA_padding()
EVP_PKEY_CTX_set_RSA_padding()
EVP_PKEY_CTX_get_RSA_OAEP_md()
EVP_PKEY_CTX_set_RSA_OAEP_md()
EVP_PKEY_CTX_get_RSA_MGF1_md()
EVP_PKEY_CTX_set_RSA_MGF1_md()
* src/common/hbdate.c
* accept up to 9 fractional digits (nanoseconds) in timestamp strings
though only first three ones (milliseconds) are significant.
Recently some tools begin to generate such timestamp values and
Harbour had problems with decoding them correctly.
* src/compiler/hbmain.c
+ allow to pass file name for source code compiled by hb_compileFromBuf()
It works like in all other versions of hb_compile*() functions - it's
enough to pass it as argument without option prefix (option prefix
is "-" on all platforms and also "/" on DOS, OS2, MS-Win).
Please remember that first parameter after control ones is used as
compiler name in generated output messages regardless of its option
prefix.
* contrib/hbssl/hbssl.h
* contrib/hbssl/evppkey.c
* contrib/hbssl/rsa.c
* reenabled hb_RSA_par_remove() for old OpenSSL() versions (<=0.9.6) which
do not support RSA_up_ref()
* contrib/hbssl/ssl.c
! use
x509 = X509_dup( x509 );
X509_check_purpose( x509, -1, 0 );
instead of
X509_up_ref( x509 );
in OpenSSL versions prior 0x10100000L - they do not support X509_up_ref()
* contrib/hbssl/x509.c
* check passed parameters more strictly
* return NIL when X509 certificate cannot be allocated/accessed
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/bio.c
! fixed BIO_set_conn_int_port() to work with OpenSSL >= 1.1
(emulation with BIO_set_conn_port())
! fixed BIO_get_conn_ip() to work with OpenSSL >= 1.1
(emulation with BIO_get_conn_address() and BIO_ADDR_hostname_string())
+ added BIO_get_conn_address(), it returns HB_SOCKET compatible array
with address
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/sslctx.c
+ added new function SSL_CTX_use_RSAPrivateKey()
! respect OPENSSL_NO_RSA macro in other SSL_CTX_use_RSA*() functions
* contrib/hbssl/evp.c
! use EVP_CIPHER_key_length() and EVP_CIPHER_iv_length() in
EVP_BytesToKey() to detect the exact key and iv length.
* contrib/hbssl/hbssl.h
* contrib/hbssl/evppkey.c
* contrib/hbssl/rsa.c
* removed hb_RSA_par_remove() function, use RSA_up_ref() instead
* contrib/hbssl/hbssl.h
* contrib/hbssl/x509.c
* contrib/hbssl/pem.c
* contrib/hbssl/ssl.c
* removed 2-nd parameter ( HB_BOOL fRelease ) from hb_X509_ret(),
use X509_up_ref() instead
* contrib/hbssl/pem.c
* respect OPENSSL_NO_DSA, OPENSSL_NO_DH and OPENSSL_NO_RSA macros
* contrib/hbssl/ssl_sock.c
* added casting to pacify SSL_set_fd() warning and updated link with
description of the problem
* contrib/hbssl/bio.c
! added missing BIO_free() call in HB_BIO destructor
! fixed BIO_free() function to properly operate on HB_BIO structure
* contrib/hbssl/evpciph.c
! accept EVP_KEY Harbour pointer items in EVP_SealInit()
* contrib/hbssl/hbssl.h
* contrib/hbssl/rsa.c
* contrib/hbssl/evppkey.c
! accept EVP_KEY Harbour pointer items in EVP_PKEY_assign_RSA()
; above are only few fixes for chosen problems and still there are many others
; most of HBSSL code should be rewritten to work with OpenSSL 3.0 API
* contrib/hbssl/hbssl.h
* contrib/hbssl/evppkey.c
+ added new C function
void hb_EVP_PKEY_ret( EVP_PKEY * pkey );
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/pem.c
+ added new PRG functions:
PEM_READ_PRIVATEKEY()
PEM_READ_PUBKEY()
* contrib/hbssl/ssl_sock.c
! added missing HB_SOCKET_ERR_TIMEOUT setting in hb_ssl_socketRead()
! fixed cleared to early SSL error code in hb_ssl_socketWrite()
* contrib/hbssl/tests/inetssl.prg
! interrupt test program if server thread stops
* load server certificates before listen socket is created
* src/rdd/dbfnsx/dbfnsx1.c
! code cleanup to pacify warnings in new GCC versions
* src/rtl/filesys.c
! check if child's fork() was executed successfully
* src/rtl/hbproces.c
! use hb_fsCloseRaw() instead of close() in hb_fsProcessExec() to avoid
lost handles when close() operation is interrupted by signal.
! repeat waitpid() calls interrupted by signal
* *
% remove brandings and homepage [1] from copyright header. Pass 1 - using script.
[1] nobody has access to it anymore AFAIK - and it's also just
a redirect since long
! update url in copyright header
; this should make the diff between 3.4 and 3.2 easier to manage
* (all files)
* stripped svn header
* minor cleanups
; use following command to find out the history of files:
git log
git log --follow
git blame
git annotate
