aboutsummaryrefslogtreecommitdiffstats
path: root/apps/ts.c
Commit message (Collapse)AuthorAgeFilesLines
* APPS: Add missing OPENSSL_free() and combine the error handlerJiasheng Jiang2024-04-091-3/+6
| | | | | | | | | | | | | | | | | | | | | | Add the OPENSSL_free() in the error handler to release the "*md_value" allocated by app_malloc(). To make the code clear and avoid possible future errors, combine the error handler in the "err" tag. Then, we only need to use "goto err" instead of releasing the memory separately. Since the EVP_MD_get_size() may return negative numbers when an error occurs, create_query() may fail to catch the error since it only considers 0 as an error code. Therefore, unifying the error codes of create_digest() from non-positive numbers to 0 is better, which also benefits future programming. Fixes: c7235be ("RFC 3161 compliant time stamp request creation, response generation and response verification.") Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/23873)
* Copyright year updatesMatt Caswell2023-09-071-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
* APPS: replace awkward and error-prone pattern by calls to new ↵Dr. David von Oheimb2023-05-251-3/+2
| | | | | | | | | app_conf_try_string() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20971)
* Fix the checks of X509_LOOKUP_* functionsPeiwei Hu2022-06-231-4/+4
| | | | | | Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18400)
* Update copyright yearMatt Caswell2022-05-031-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
* Fix a possible NULL pointer dereference in create_cert_store()Zhou Qingyang2022-04-211-0/+4
| | | | | | | | | | | | In create_cert_store(), X509_STORE_new() is called and there is a dereference of it in following function X509_STORE_add_lookup() without check, which could lead to NULL pointer dereference. Fix this by adding a NULL check of X509_STORE_new() Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18057)
* APPS: Add check for multiple 'unknown' optionsDr. David von Oheimb2022-01-111-0/+1
| | | | | Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16416)
* APPS: Improve diagnostics on missing/extra args and unknown cipher/digestDr. David von Oheimb2021-12-071-7/+10
| | | | | Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16450)
* Rename all getters to use get/get0 in nameTomas Mraz2021-06-011-3/+3
| | | | | | | | | | | | | | For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
* APPS: Replace 'OPT_ERR = -1, OPT_EOF = 0, OPT_HELP' by OPT_COMMON macroDr. David von Oheimb2021-05-051-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15111)
* Fetch and free cipher and md'sRich Salz2021-04-201-1/+2
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/14219)
* APPS: make apps strict on app_RAND_load() and app_RAND_write() failureDr. David von Oheimb2021-04-141-1/+3
| | | | | Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14840)
* apps/ts.c: Allow -untrusted arg to refer to multiple sourcesDr. David von Oheimb2021-03-131-13/+18
| | | | | | | This requires moving generally useful functions from apps/cmp.c to apps/lib/apps.c Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14504)
* Update copyright yearMatt Caswell2021-02-181-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
* Process digest option after loading providersRich Salz2021-02-121-3/+6
| | | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14135)
* Load rand state after loading providersRich Salz2021-02-121-0/+1
| | | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14135)
* Check non-option argumentsRich Salz2020-12-151-1/+4
| | | | | | | | | | | | | Make sure all commands check to see if there are any "extra" arguments after the options, and print an error if so. Made all error messages consistent (which is to say, minimal). Fixes: #13527 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13563)
* Rename OPENSSL_CTX prefix to OSSL_LIB_CTXDr. Matthias St. Pierre2020-10-151-1/+1
| | | | | | | | | | | | Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
* Run the withlibctx.pl scriptMatt Caswell2020-10-011-4/+3
| | | | | | | | Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970)
* Add X509 related libctx changes.Shane Lontis2020-07-241-2/+6
| | | | | | | | | | | | | - In order to not add many X509_XXXX_with_libctx() functions the libctx and propq may be stored in the X509 object via a call to X509_new_with_libctx(). - Loading via PEM_read_bio_X509() or d2i_X509() should pass in a created cert using X509_new_with_libctx(). - Renamed some XXXX_ex() to XXX_with_libctx() for X509 API's. - Removed the extra parameters in check_purpose.. - X509_digest() has been modified so that it expects a const EVP_MD object() and then internally it does the fetch when it needs to (via ASN1_item_digest_with_libctx()). - Added API's that set the libctx when they load such as X509_STORE_new_with_libctx() so that the cert chains can be verified. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12153)
* Update copyright yearMatt Caswell2020-04-231-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
* Fix descriptions of credentials and verification options for various appsDr. David von Oheimb2020-04-201-1/+1
| | | | | | | | | | | | fix doc of s_client and s_server credentials and verification options fix doc of verification options also for s_time, x509, crl, req, ts, and verify correcting and extending texts regarding untrusted and trusted certs, making the order of options in the docs and help texts more consistent, etc. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11273)
* Don't compile commands if disabledRich Salz2020-04-101-25/+21
| | | | | | | | | Rather than wrapping whole files in "ifndef OPENSSL_NO_xxx" we handle the changes in build.info Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/11250)
* cmdline app: add provider commandline options.Pauli2020-03-071-1/+6
| | | | | | | | | | Add a -provider option to allow providers to be loaded. This option can be specified multiple times. Add a -provider_path option to allow the path to providers to be specified. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11167)
* Check return value after loading config filekinichiro2019-12-131-1/+2
| | | | | | | | CLA: trivial Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10607)
* Add "sections" to -help outputRich Salz2019-11-081-37/+41
| | | | | | | | | | | | | Remove "Valid options" label, since all commands have sections (and [almost] always the first one is "General options"). Have "list --options" ignore section headers Reformat ts's additional help Add output section Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9953)
* Add -CAstore and similar to all openssl commands that have -CApathRichard Levitte2019-11-031-15/+34
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8442)
* Fix typo and create compatibility macroAndreas Schnebinger2019-10-161-1/+1
| | | | | | | | | CLA:trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/9472)
* Explicitly test against NULL; do not use !p or similarRich Salz2019-10-091-1/+2
| | | | | | | | Also added blanks lines after declarations in a couple of places. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9916)
* ts: Use sha256 as default digest for TS queryTomas Mraz2019-06-121-1/+1
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7900)
* Following the license change, modify the boilerplates in apps/Richard Levitte2018-12-061-1/+1
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7765)
* Update copyright yearMatt Caswell2018-02-131-1/+1
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* apps: Don't include progs.h in apps.hRichard Levitte2018-01-311-0/+1
| | | | | | | | | | | | | Everything in apps includes apps.h, because that one declares apps internal library routines. However, progs.h doesn't declare library routines, but rather the main commands and their options, and there's no reason why the library modules should include it. So, remove the inclusion of progs.h from apps.h and add that inclusion in all command source files. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5222)
* Remove parentheses of return.KaoruToda2017-10-181-1/+1
| | | | | | | | | Since return is inconsistent, I removed unnecessary parentheses and unified them. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4541)
* Standardize apps use of -rand, etc.Rich Salz2017-07-161-18/+7
| | | | | | | | | | | | | | | | | | | | Standardized the -rand flag and added a new one: -rand file... Always reads the specified files -writerand file Always writes to the file on exit For apps that use a config file, the RANDFILE config parameter reads the file at startup (to seed the RNG) and write to it on exit if the -writerand flag isn't used. Ensured that every app that took -rand also took -writerand, and made sure all of that agreed with all the documentation. Fix error reporting in write_file and -rand Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/3862)
* Clean up a bundle of codingstyle stuff in apps directoryPaul Yang2017-06-121-6/+8
| | | | | | | | | Mostly braces and NULL pointer check and also copyright year bump Signed-off-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3657)
* -inkey can be an identifier, not just a fileRich Salz2017-05-211-1/+1
| | | | | | update pkcs12, smime, ts apps. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3507)
* Added support for ESSCertIDv2Marek Klein2017-05-031-0/+2
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/771)
* mem leak on error path and error propagation fixYuchi2017-02-141-1/+7
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2559)
* Constify command optionsFdaSilvaYY2016-10-141-1/+1
| | | | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1694)
* Add -Wswitch-enumRich Salz2016-09-221-9/+6
| | | | | | | Change code so when switching on an enumeration, have case's for all enumeration values. Reviewed-by: Andy Polyakov <appro@openssl.org>
* Fix various missing option help messages ...FdaSilvaYY2016-09-191-1/+1
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1585)
* Constify char* input parameters in apps codeFdaSilvaYY2016-08-171-43/+46
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* spelling fixes, just comments and readme.klemens2016-08-051-1/+1
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1413)
* check return values for EVP_Digest*() APIsDr. Stephen Henson2016-07-151-9/+14
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Whitespace cleanup in appsFdaSilvaYY2016-06-291-2/+2
| | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1264)
* Add a comment after some #endif at end of apps source code.FdaSilvaYY2016-06-181-1/+1
| | | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1168)
* Fix ts app help messageFdaSilvaYY2016-05-181-2/+2
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Copyright consolidation 01/10Rich Salz2016-05-171-54/+5
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Don't load same config file twice.Dr. Stephen Henson2016-05-161-1/+1
| | | | | | RT#4215 Reviewed-by: Richard Levitte <levitte@openssl.org>
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-22 07:06:16 +0000