aboutsummaryrefslogtreecommitdiffstats
path: root/apps
Commit message (Collapse)AuthorAgeFilesLines
* apps/s_client.c: add missing null checkKaoruToda2017-10-222-12/+18
| | | | | | | | apps/s_server.c: remove unnecessary null check Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4558)
* Remove parentheses of return.KaoruToda2017-10-1835-95/+95
| | | | | | | | | Since return is inconsistent, I removed unnecessary parentheses and unified them. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4541)
* Some cleanups to apps/ca.cFdaSilvaYY2017-10-161-56/+34
| | | | | | | | | | | | | Few code format fixup Fix limit computation; was too strict by 2 bytes. Simplify computation of buffer limits Checking is strictly same as sizeof(".pem") == 5 Simplify loop of code for certificate filename creation Fix MAX_PATH usage Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1936)
* Make '-name' option of the 's_client' more genericPaul Yang2017-10-161-13/+13
| | | | | | | | | And also make '-xmpphost' an alias of the '-name' option. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4524)
* Cleaning secret data after useEasySec2017-10-161-3/+7
| | | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4509)
* Remove email addresses from source code.Rich Salz2017-10-133-9/+1
| | | | | | | | | | Names were not removed. Some comments were updated. Replace Andy's address with openssl.org Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4516)
* apps/speed.c: add 'rand' algo to enable DRBG performance measurements.Patrick Steuer2017-10-101-2/+28
| | | | | | | | Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4481)
* apps/speed.c: fix ccm performance measurements.Patrick Steuer2017-10-101-1/+43
| | | | | | | | | | | | | CCM does not support streaming: An additional call to (EVP_...)Update must precede each call to Update to pass the total message length. The generic Update_loop calls Update one time such that in case of CCM only the total message length is passed. No encryption/decryption measured. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4480)
* set_hex() behaviour changeEasySec2017-10-101-10/+11
| | | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4488)
* Since return is inconsistent, I removed unnecessary parentheses andKaoruToda2017-10-095-6/+6
| | | | | | | | | | | unified them. - return (0); -> return 0; - return (1); -> return 1; - return (-1); -> return -1; Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4500)
* Anchor the regexp matchRich Salz2017-10-071-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4483)
* Rewrite some codeRich Salz2017-10-071-6/+2
| | | | | | | | Rewrite the -req-nodes flag from CA.pl (idea from Andy) Rewrite ERR_string_error_n Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4478)
* Remove unnecessary #include <openssl/lhash.h> directives.Pauli2017-09-294-4/+0
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4431)
* Make sure that a cert with extensions gets version number 2 (v3)Richard Levitte2017-09-261-1/+9
| | | | | | | Fixes #4419 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4420)
* Remove dhparam from SSL_CONF list.Dr. Stephen Henson2017-09-231-4/+1
| | | | | | | | Avoid duplicate assertion by removing dhparam from SSL_CONF parameter list: dhparam is handled manually by s_server. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4408)
* Fix 'key' option in s_server can be in ENGINE keyformPichulin Dmitrii2017-09-231-1/+1
| | | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Stephen Henson <steve@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4405)
* Reenable s_server -dhparam optionBenjamin Kaduk2017-09-211-0/+1
| | | | | | | | This option was lost when converting to a table-driven option parser in commit 7e1b7485706c2b11091b5fa897fe496a2faa56cc. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4398)
* Fix typo in commentBenjamin Kaduk2017-09-131-1/+1
| | | | | | | The peek result is now called 'err', not just 'e'. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4362)
* Support key check in EVP interfacePaul Yang2017-09-131-2/+38
| | | | | | | | | | | | | | | | | | | A new method is added to EVP_PKEY_METH as: int (*check) (EVP_PKEY_CTX *ctx); and to EVP_PKEY_ASN1_METHOD as: int (*pkey_check) (EVP_PKEY_CTX *ctx); This is used to check the validity of a specific key. The order of calls is: EVP_PKEY_check -> pmeth.check -> ameth.pkey_check. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4337)
* Add a recursive option to 'openssl storeutl'Richard Levitte2017-09-121-17/+56
| | | | | | | | | | Simply put, any NAME type OSS_STORE_INTO is a new object that can be looked into, and potentially lead to a whole tree of data to dive into. The recursive option allows someone to view the whole tree and its data in one go. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4336)
* Allow an endpoint to read the alert data before closing the socketMatt Caswell2017-09-081-0/+17
| | | | | | | | | | | | | | If an alert gets sent and then we close the connection immediately with data still in the input buffer then a TCP-RST gets sent. Some OSs immediately abandon data in their input buffer if a TCP-RST is received - meaning the alert data itself gets ditched. Sending a TCP-FIN before the TCP-RST seems to avoid this. This was causing test failures in MSYS2 builds. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4333)
* struct timeval include guardsPauli2017-09-011-4/+1
| | | | | | | | | | Move struct timeval includes into e_os.h (where the Windows ones were). Enaure that the include is guarded canonically. Refer #4271 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4312)
* Various review fixes for PSK early_data supportMatt Caswell2017-08-311-2/+1
| | | | | Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3926)
* Show the error stack if there was an error writing early data in s_clientMatt Caswell2017-08-311-0/+1
| | | | | Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3926)
* If no SNI has been explicitly set use the one from the sessionMatt Caswell2017-08-311-0/+20
| | | | | | | | | If we have not decided on an SNI value yet, but we are attempting to reuse a session, and SNI is set in that, then we should use that value by default. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3926)
* Enable the ability to use an external PSK for sending early_dataMatt Caswell2017-08-311-2/+4
| | | | | Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3926)
* Move OPENSSL_CONF from e_os.h to cryptlib.hPauli2017-08-301-0/+1
| | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
* Move e_os.h to be the very first include.Pauli2017-08-302-2/+2
| | | | | | | | cryptilib.h is the second. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
* Remove the X_OK define, it is unused.Pauli2017-08-301-1/+0
| | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
* e_os.h removal from other headers and source files.Pauli2017-08-301-1/+2
| | | | | | | | | | | | | Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and ssl/ssl_locl.h). Added e_os.h into the files that need it now. Directly reference internal/nelem.h when required. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
* NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guardRichard Levitte2017-08-251-3/+1
| | | | | | | This is a vestige from pre-1.1.0 OpenSSL Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4256)
* Ensure we exchange cookies in s_server even if SCTP is disabledMatt Caswell2017-08-251-3/+2
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4243)
* apps/passwd.c: Make MD5 and SHA password making EBCDIC awareRichard Levitte2017-08-241-64/+108
| | | | | | | | | | | | | This mimics the behaviour of DES_crypt, where the salt and password are expected to be in EBCDIC when CHARSET_EBCDIC is defined, and are converted internally to ASCII. This is also done with the magic ID string if it's not already ASCII. The resulting output is entirely built up of ASCII components and is converted back to EBCDIC at the end. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4229)
* apps/passwd.c: Fix code layoutRichard Levitte2017-08-241-34/+36
| | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4229)
* apps/passwd.c: Don't disable MD5 and SHA when CHARSET_EBCDIC is definedRichard Levitte2017-08-241-48/+2
| | | | | | | | Fixes #4130 Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4229)
* (Re)move some things from e_os.hRich Salz2017-08-227-10/+4
| | | | | | | | | | | Remove GETPID_IS_MEANINGLESS and osslargused. Move socket-related things to new file internal/sockets.h; this is now only needed by four(!!!) files. Compiles should be a bit faster. Remove USE_SOCKETS ifdef's Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4209)
* Remove useless macros in apps/speed.cPaul Yang2017-08-221-2/+0
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4221)
* Add random serial# support.Rich Salz2017-08-223-28/+49
| | | | | | | | | | Add -rand_serial to CA command and "serial_rand" config option. Up RAND_BITS to 159, and comment why: now confirms to CABForum guidelines (Ballot 164) as well as IETF RFC 5280 (PKIX). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4185)
* Dead code elimination.Pauli2017-08-221-9/+0
| | | | | | | | Remove the exit_main function which is never used. Remove the exit_options array which is also unreferenced. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4213)
* Fix ctype arguments.Pauli2017-08-222-2/+2
| | | | | | | | Cast arguments to the various ctype functions to unsigned char to match their documentation. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4203)
* Safely display SNI (just in case)Rich Salz2017-08-211-3/+11
| | | | | | | Thanks to Hubert Kario for pointing this out. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4193)
* Check # of arguments for remaining commands.Rich Salz2017-08-217-23/+48
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4201)
* Fix ui_write in apps/apps.cRichard Levitte2017-08-191-1/+1
| | | | | | | | | | It used the default UI reader as fallback instead of the UI writer. Fixes #4147 Fixes #4195 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4198)
* Addressed build failure because of missing #ifdef AF_UNIX guardBalaji Marisetti2017-08-181-0/+2
| | | | | | | | CLA: trivial Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4067)
* Determine the number of output columns for the list and help commands usingPauli2017-08-171-15/+35
| | | | | | | the command names rather than hard coding it (conditionally). Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4162)
* Print pathnames for 'version -r'Rich Salz2017-08-151-3/+19
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4168)
* Revert "Add some casts for %j"Rich Salz2017-08-152-6/+4
| | | | | | | This reverts commit c4d2e483a39176a476c56d35879423fe6e33c0cd. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4160)
* Add some casts for %jRich Salz2017-08-142-4/+6
| | | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4160)
* Doc fixesRich Salz2017-08-141-18/+61
| | | | | | | | | | | | Write missing prime.pod and srp.pod Implement -c in find-doc-nits (for command options) Other fixes to some manpages Use B<-I<digest|cipher>> notation Split up multiple flags into a single entry in the synopsis. Add -1 and missing-help to list command. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4144)
* Clarify CLI OCSP documentationJohannes Bauer2017-08-111-1/+1
| | | | | | | | | | This fixes issue #3043, which ultimately was reported because documentation was not clear on the meaning of the "-ignore_err" option. Update both command line documentation and add this option to manpage. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4143)
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-23 05:55:36 +0000