| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-01-24 | Convert openssl(1) sess_id to the new option handling. | Doug Hogan | |
| input + ok jsing@ | |||
| 2015-01-24 | Convert openssl(1)'s rsa.c to the new option handling code. | Doug Hogan | |
| input + ok jsing@ | |||
| 2015-01-13 | Document the openssl s_client -proxy feature. | Alexander Bluhm | |
| OK jmc@ | |||
| 2015-01-13 | Add the possibility to use the openssl s_client tool with an http | Alexander Bluhm | |
| proxy. Implement the -proxy feature in the same hackish way as -starttls. OK jsing@ | |||
| 2015-01-13 | Implement more thorough error checks: | Lawrence Teo | |
| - Check the return value of every relevant function call. - If BIO_new() returns NULL instead of a valid BIO, do not attempt to blindly use the NULL value as a BIO throughout the rest of the code. - Ensure that bio_out is freed by BIO_free_all() at the end of all error paths. ok doug@ | |||
| 2015-01-08 | Convert spkac.c to the new option handling code. | Doug Hogan | |
| input + ok jsing@ | |||
| 2015-01-08 | Convert pkcs8.c to the new option handling code. | Doug Hogan | |
| Minor KNF in a few places too. input + ok jsing@ | |||
| 2015-01-08 | Convert asn1pars.c to the new option handling. | Doug Hogan | |
| Also, removed a few useless if null checks. input from bcook@ input + ok jsing@ | |||
| 2015-01-05 | Convert openssl(1) passwd to new option handling. | Joel Sing | |
| ok doug@ | |||
| 2015-01-05 | Zap a reference to .rnd, which is likely the last RANDFILE remnant on | Lawrence Teo | |
| this man page. ok jsing@ | |||
| 2015-01-03 | Check the return values of several reallocarray() calls. While here, | Lawrence Teo | |
| also check the return value of an adjacent malloc() call. ok jsing@ | |||
| 2015-01-02 | Remove ifdef statements for TIMES and USE_TOD; they don't do anything, | Lawrence Teo | |
| apart from introducing a bug where the -elapsed option is not listed in the usage output when it should be. feedback/ok bcook@ jsing@ | |||
| 2015-01-01 | Provide option types for binary AND, binary OR and silently discarding an | Joel Sing | |
| option. | |||
| 2015-01-01 | Convert the openssl(1) enc command to the new option parsing and usage. | Joel Sing | |
| With input from doug@ | |||
| 2014-12-28 | Fix subtle typo. | Joel Sing | |
| 2014-12-28 | Allow a default option to be specified by having a NULL name, but a valid | Joel Sing | |
| option type. In this case process the option as per normal. | |||
| 2014-12-28 | Provide an option type that allows for a callback function to consume an | Joel Sing | |
| arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications. | |||
| 2014-12-28 | Teach option parsing that a single hyphen denotes the end of named options | Joel Sing | |
| (as currently only implemented by some of the openssl(1) applications). | |||
| 2014-12-28 | Provide a mechanism for option parsing to return the number of arguments | Joel Sing | |
| that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames. | |||
| 2014-12-28 | Only accept a single unnamed argument - the existing behaviour is to | Joel Sing | |
| silently accept multiple unnamed arguments, ignoring all except the last. This behaviour was already inconsistent between openssl(1) applications; apply the principal of least surprise. This will also simplify the addition of upcoming functionality. | |||
| 2014-12-28 | Slightly simplify options parsing logic. | Joel Sing | |
| 2014-12-28 | Provide two different function pointers for option function callbacks. This | Joel Sing | |
| allows for simpler code in the common cases and will allow for further extension to support the complex cases. | |||
| 2014-12-24 | Clean up CIPHERS and related sections: | Lawrence Teo | |
| - Sync cipher strings with the ones that are actually implemented. - Remove CIPHERS SUITE NAMES (the actual cipher suites can be obtained via "openssl ciphers -v"), CIPHERS NOTES, and CIPHERS HISTORY sections. - Stop mentioning export cipher suites since they have already been removed. feedback from deraadt@ and jmc@ ok jmc@ | |||
| 2014-12-19 | CA.sh and CA.pl are gone | Lawrence Teo | |
| 2014-12-19 | Sync message digest algorithms with the ones actually implemented in | Lawrence Teo | |
| "openssl dgst". feedback/ok jmc@ | |||
| 2014-12-14 | Remove redundant NULL checks before free - BN_free(), BIO_free_all() and | Joel Sing | |
| EC_GROUP_free() all have implicit NULL checks. | |||
| 2014-12-14 | unifdef OPENSSL_NO_NEXTPROTONEG | Joel Sing | |
| 2014-12-10 | Add ALPN support to openssl(1). | Joel Sing | |
| Based on OpenSSL. | |||
| 2014-12-07 | Remove unused variable. | Joel Sing | |
| From Benjamin Baier <programmer at netzbasis.de> | |||
| 2014-12-07 | Handle GF(2^m) EC curves for C code generation. | Joel Sing | |
| From Minux Ma. | |||
| 2014-12-03 | Move Windows OS-specific functions to make porting easier. | Brent Cook | |
| Several functions that need to be redefined for a Windows port are right in the middle of other code that is relatively portable. This patch isolates the functions that need Windows-specific implementations so they can be built conditionally in the portable tree. Add calls to BIO_sock_init() as-needed to openssl(1) so that socket IO works on Windows. Sorry, these are no-op on other platforms. ok jsing@ deraadt@ | |||
| 2014-12-02 | convert select() to poll(). This is one of the most complicated | Theo de Raadt | |
| conversions in the tree, because the original code is very rotten and fragile. Please test and report any failures. Assistance from millert, bcook, and jsing. | |||
| 2014-12-02 | Conversion of braindead select() path to braindead poll() path. | Theo de Raadt | |
| Also looked at by bcook | |||
| 2014-11-23 | Mention the -no_tls1_[12] options | Philip Guenther | |
| 2014-11-18 | Nuke more obvious #include duplications. | Kenneth R Westerback | |
| ok deraadt@ millert@ tedu@ | |||
| 2014-11-07 | More OPENSSL_NO_TLSEXT clean up. | Joel Sing | |
| 2014-11-07 | Document the -servername option for openssl(1) s_client. | Joel Sing | |
| Based on a diff from Rusty (rustyl at outband dot net) and OpenSSL. | |||
| 2014-11-06 | TLS is pretty boring without TLS extensions... unifdef OPENSSL_NO_TLSEXT, | Joel Sing | |
| which was already done for libssl some time back. | |||
| 2014-11-06 | ssl_sock_init() does nothing, so remove it... | Joel Sing | |
| 2014-11-04 | simple select() to poll() conversion; reviewed by millert and doug | Theo de Raadt | |
| 2014-10-31 | Remove ephemeral RSA key handling. | Joel Sing | |
| 2014-10-31 | Use automatic DH ephemeral parameters instead of fixed 512 bit. | Joel Sing | |
| Based on OpenSSL. | |||
| 2014-10-22 | Use arc4random_buf() instead of RAND(_pseudo)?_bytes(). | Joel Sing | |
| ok bcook@ | |||
| 2014-10-22 | None of these need <openssl/rand.h> | Joel Sing | |
| 2014-10-20 | s_client: don't call shutdown on a non-existent socket descriptor. | Brent Cook | |
| from Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> ok beck@, deraadt@ | |||
| 2014-10-16 | Repair BUF_strdup() breakage. | Joel Sing | |
| 2014-10-13 | prefer C99 array initialization syntax. | Brent Cook | |
| use C99 array initialization syntax for strict C compilers. from kinichiro, found building with HP/UX compiler ok deraadt@, guenther@ | |||
| 2014-10-13 | Use O_NONBLOCK over FIONBIO. | Brent Cook | |
| Prefer this because it is the POSIX standard and has consistent behavior across platforms. Use BIO_socket_nbio consistently across the tree. from Jonas 'Sortie' Termansen, ok deraadt@ | |||
| 2014-10-08 | fix an indentation that makes me upset | Theo de Raadt | |
| 2014-10-01 | Switch "openssl req" to using SHA256 for hashes and AES256 to encrypt on-disk | Stuart Henderson | |
| keys by default (instead of SHA1/3DES) and update documentation to match. Another way to do this is s/NID_sha1/NID_sha256/ in src/crypto/rsa/rsa_ameth.c ("case ASN1_PKEY_CTRL_DEFAULT_MD_NID") but going with the more targetted method above that only affects "openssl req" for now. Help/OK jsing@. OKs on earlier diffs changing openssl.cnf from phessler@ aja@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |