aboutsummaryrefslogtreecommitdiffstats
path: root/apps
Commit message (Collapse)AuthorAgeFilesLines
* Add code to download CRLs based on CRLDP extension.Dr. Stephen Henson2012-12-067-22/+109
| | | | Just a sample, real world applications would have to be cleverer.
* remove print_ssl_cert_checks() from openssl application: it is no longer usedDr. Stephen Henson2012-12-062-18/+0
|
* Integrate host, email and IP address checks into X509_verify.Dr. Stephen Henson2012-12-053-46/+32
| | | | | | Add new verify options to set checks. Remove previous -check* commands from s_client and s_server.
* don't print verbose policy check messages when -quiet is selected even on errorDr. Stephen Henson2012-12-041-1/+2
|
* initial support for delta CRL generations by diffing two full CRLsDr. Stephen Henson2012-12-041-2/+53
|
* make -subj always override config fileDr. Stephen Henson2012-12-041-8/+5
|
* check mval for NULL tooDr. Stephen Henson2012-12-041-1/+1
|
* fix leakDr. Stephen Henson2012-12-031-0/+3
|
* oops, really check brief mode only ;-)Dr. Stephen Henson2012-12-031-1/+1
|
* don't check errno is zero, just print out messageDr. Stephen Henson2012-12-031-1/+1
|
* if no error code and -brief selected print out connection closed instead of ↵Dr. Stephen Henson2012-12-031-1/+4
| | | | read error
* add -badsig option to corrupt CRL signatures for testing tooDr. Stephen Henson2012-12-021-1/+6
|
* New option to add CRLs for s_client and s_server.Dr. Stephen Henson2012-12-027-55/+162
|
* add option to get a certificate or CRL from a URLDr. Stephen Henson2012-12-023-0/+79
|
* Add new test option set the version in generated certificates: thisDr. Stephen Henson2012-11-301-0/+18
| | | | | is needed to test some profiles/protocols which reject certificates with unsupported versions.
* Print out point format list for clients too.Dr. Stephen Henson2012-11-261-3/+1
|
* set cmdline flag in s_serverDr. Stephen Henson2012-11-261-0/+1
|
* option to output corrupted signature in certificates for testing purposesDr. Stephen Henson2012-11-251-1/+6
|
* Don't display messages about verify depth in s_server if -quiet it set.Dr. Stephen Henson2012-11-234-44/+65
| | | | Add support for separate verify and chain stores in s_client.
* Add support for printing out and retrieving EC point formats extension.Dr. Stephen Henson2012-11-223-0/+43
|
* support -quiet with -msg or -traceDr. Stephen Henson2012-11-212-2/+6
|
* only use a default curve if not already setDr. Stephen Henson2012-11-214-60/+23
|
* PR: 2908Dr. Stephen Henson2012-11-211-1/+0
| | | | | | Submitted by: Dmitry Belyavsky <beldmit@gmail.com> Fix DH double free if parameter generation fails.
* fix printout of expiry days if -enddate is used in caDr. Stephen Henson2012-11-201-1/+7
|
* fix leaksDr. Stephen Henson2012-11-202-0/+4
|
* with -rev close connection if client sends "CLOSE"Dr. Stephen Henson2012-11-191-0/+11
|
* update usage messagesDr. Stephen Henson2012-11-193-0/+9
|
* make dependDr. Stephen Henson2012-11-191-118/+123
|
* don't call gethostbyname if OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL is setDr. Stephen Henson2012-11-191-0/+4
|
* remove obsolete codeDr. Stephen Henson2012-11-191-4/+0
|
* add -naccept <n> option to s_server to automatically exit after <n> connectionsDr. Stephen Henson2012-11-184-8/+21
|
* fix error messagesDr. Stephen Henson2012-11-171-2/+3
|
* Delegate command line handling for many common options in s_client/s_serverDr. Stephen Henson2012-11-174-219/+120
| | | | | | | | to the SSL_CONF APIs. This is complicated a little because the SSL_CTX structure is not available when the command line is processed: so just check syntax of commands initially and store them, ready to apply later.
* new command line option -stdname to ciphers utilityDr. Stephen Henson2012-11-161-1/+16
|
* contifyDr. Stephen Henson2012-11-052-7/+7
|
* oops, fix compilation errors in s_serverDr. Stephen Henson2012-10-111-3/+3
|
* New functions to check a hostname email or IP address against aDr. Stephen Henson2012-10-087-0/+111
| | | | | certificate. Add options to s_client, s_server and x509 utilities to print results of checks.
* md5-sparcv9.pl: more accurate performance result.Andy Polyakov2012-09-281-1/+1
|
* Add -rev test option to s_server to just reverse order of characters receivedDr. Stephen Henson2012-09-141-1/+147
| | | | | by client and send back to server. Also prints an abbreviated summary of the connection parameters.
* Add -brief option to s_client and s_server to summarise connection details.Dr. Stephen Henson2012-09-124-16/+121
| | | | | New option -verify_quiet to shut up the verify callback unless there is an error.
* fix memory leakDr. Stephen Henson2012-09-111-0/+6
|
* fix memory leakDr. Stephen Henson2012-09-091-0/+4
|
* New -valid option to add a certificate to the ca index.txt that is valid and ↵Dr. Stephen Henson2012-09-091-1/+18
| | | | not revoked
* new ctrl to retrive value of received temporary key in server key exchange ↵Dr. Stephen Henson2012-09-083-0/+36
| | | | message, print out details in s_client
* store and print out message digest peer signed with in TLS 1.2Dr. Stephen Henson2012-09-071-0/+3
|
* Add compilation flag to disable certain protocol checks and allow use ofDr. Stephen Henson2012-08-292-0/+8
| | | | | | | some invalid operations for testing purposes. Currently this can be used to sign using digests the peer doesn't support, EC curves the peer doesn't support and use certificates which don't match the type associated with a ciphersuite.
* Oops - didn't mean to change Makefile on previous submitBodo Möller2012-08-161-123/+118
|
* Enable message names for TLS 1.1, 1.2 with -msg.Bodo Möller2012-08-162-118/+125
|
* Add three Suite B modes to TLS code, supporting RFC6460.Dr. Stephen Henson2012-08-151-2/+2
|
* add suite B chain validation flags and associated verify errorsDr. Stephen Henson2012-08-031-0/+6
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-21 17:11:58 +0000