Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add code to download CRLs based on CRLDP extension. | Dr. Stephen Henson | 2012-12-06 | 7 | -22/+109 |
| | | | | Just a sample, real world applications would have to be cleverer. | ||||
* | remove print_ssl_cert_checks() from openssl application: it is no longer used | Dr. Stephen Henson | 2012-12-06 | 2 | -18/+0 |
| | |||||
* | Integrate host, email and IP address checks into X509_verify. | Dr. Stephen Henson | 2012-12-05 | 3 | -46/+32 |
| | | | | | | Add new verify options to set checks. Remove previous -check* commands from s_client and s_server. | ||||
* | don't print verbose policy check messages when -quiet is selected even on error | Dr. Stephen Henson | 2012-12-04 | 1 | -1/+2 |
| | |||||
* | initial support for delta CRL generations by diffing two full CRLs | Dr. Stephen Henson | 2012-12-04 | 1 | -2/+53 |
| | |||||
* | make -subj always override config file | Dr. Stephen Henson | 2012-12-04 | 1 | -8/+5 |
| | |||||
* | check mval for NULL too | Dr. Stephen Henson | 2012-12-04 | 1 | -1/+1 |
| | |||||
* | fix leak | Dr. Stephen Henson | 2012-12-03 | 1 | -0/+3 |
| | |||||
* | oops, really check brief mode only ;-) | Dr. Stephen Henson | 2012-12-03 | 1 | -1/+1 |
| | |||||
* | don't check errno is zero, just print out message | Dr. Stephen Henson | 2012-12-03 | 1 | -1/+1 |
| | |||||
* | if no error code and -brief selected print out connection closed instead of ↵ | Dr. Stephen Henson | 2012-12-03 | 1 | -1/+4 |
| | | | | read error | ||||
* | add -badsig option to corrupt CRL signatures for testing too | Dr. Stephen Henson | 2012-12-02 | 1 | -1/+6 |
| | |||||
* | New option to add CRLs for s_client and s_server. | Dr. Stephen Henson | 2012-12-02 | 7 | -55/+162 |
| | |||||
* | add option to get a certificate or CRL from a URL | Dr. Stephen Henson | 2012-12-02 | 3 | -0/+79 |
| | |||||
* | Add new test option set the version in generated certificates: this | Dr. Stephen Henson | 2012-11-30 | 1 | -0/+18 |
| | | | | | is needed to test some profiles/protocols which reject certificates with unsupported versions. | ||||
* | Print out point format list for clients too. | Dr. Stephen Henson | 2012-11-26 | 1 | -3/+1 |
| | |||||
* | set cmdline flag in s_server | Dr. Stephen Henson | 2012-11-26 | 1 | -0/+1 |
| | |||||
* | option to output corrupted signature in certificates for testing purposes | Dr. Stephen Henson | 2012-11-25 | 1 | -1/+6 |
| | |||||
* | Don't display messages about verify depth in s_server if -quiet it set. | Dr. Stephen Henson | 2012-11-23 | 4 | -44/+65 |
| | | | | Add support for separate verify and chain stores in s_client. | ||||
* | Add support for printing out and retrieving EC point formats extension. | Dr. Stephen Henson | 2012-11-22 | 3 | -0/+43 |
| | |||||
* | support -quiet with -msg or -trace | Dr. Stephen Henson | 2012-11-21 | 2 | -2/+6 |
| | |||||
* | only use a default curve if not already set | Dr. Stephen Henson | 2012-11-21 | 4 | -60/+23 |
| | |||||
* | PR: 2908 | Dr. Stephen Henson | 2012-11-21 | 1 | -1/+0 |
| | | | | | | Submitted by: Dmitry Belyavsky <beldmit@gmail.com> Fix DH double free if parameter generation fails. | ||||
* | fix printout of expiry days if -enddate is used in ca | Dr. Stephen Henson | 2012-11-20 | 1 | -1/+7 |
| | |||||
* | fix leaks | Dr. Stephen Henson | 2012-11-20 | 2 | -0/+4 |
| | |||||
* | with -rev close connection if client sends "CLOSE" | Dr. Stephen Henson | 2012-11-19 | 1 | -0/+11 |
| | |||||
* | update usage messages | Dr. Stephen Henson | 2012-11-19 | 3 | -0/+9 |
| | |||||
* | make depend | Dr. Stephen Henson | 2012-11-19 | 1 | -118/+123 |
| | |||||
* | don't call gethostbyname if OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL is set | Dr. Stephen Henson | 2012-11-19 | 1 | -0/+4 |
| | |||||
* | remove obsolete code | Dr. Stephen Henson | 2012-11-19 | 1 | -4/+0 |
| | |||||
* | add -naccept <n> option to s_server to automatically exit after <n> connections | Dr. Stephen Henson | 2012-11-18 | 4 | -8/+21 |
| | |||||
* | fix error messages | Dr. Stephen Henson | 2012-11-17 | 1 | -2/+3 |
| | |||||
* | Delegate command line handling for many common options in s_client/s_server | Dr. Stephen Henson | 2012-11-17 | 4 | -219/+120 |
| | | | | | | | | to the SSL_CONF APIs. This is complicated a little because the SSL_CTX structure is not available when the command line is processed: so just check syntax of commands initially and store them, ready to apply later. | ||||
* | new command line option -stdname to ciphers utility | Dr. Stephen Henson | 2012-11-16 | 1 | -1/+16 |
| | |||||
* | contify | Dr. Stephen Henson | 2012-11-05 | 2 | -7/+7 |
| | |||||
* | oops, fix compilation errors in s_server | Dr. Stephen Henson | 2012-10-11 | 1 | -3/+3 |
| | |||||
* | New functions to check a hostname email or IP address against a | Dr. Stephen Henson | 2012-10-08 | 7 | -0/+111 |
| | | | | | certificate. Add options to s_client, s_server and x509 utilities to print results of checks. | ||||
* | md5-sparcv9.pl: more accurate performance result. | Andy Polyakov | 2012-09-28 | 1 | -1/+1 |
| | |||||
* | Add -rev test option to s_server to just reverse order of characters received | Dr. Stephen Henson | 2012-09-14 | 1 | -1/+147 |
| | | | | | by client and send back to server. Also prints an abbreviated summary of the connection parameters. | ||||
* | Add -brief option to s_client and s_server to summarise connection details. | Dr. Stephen Henson | 2012-09-12 | 4 | -16/+121 |
| | | | | | New option -verify_quiet to shut up the verify callback unless there is an error. | ||||
* | fix memory leak | Dr. Stephen Henson | 2012-09-11 | 1 | -0/+6 |
| | |||||
* | fix memory leak | Dr. Stephen Henson | 2012-09-09 | 1 | -0/+4 |
| | |||||
* | New -valid option to add a certificate to the ca index.txt that is valid and ↵ | Dr. Stephen Henson | 2012-09-09 | 1 | -1/+18 |
| | | | | not revoked | ||||
* | new ctrl to retrive value of received temporary key in server key exchange ↵ | Dr. Stephen Henson | 2012-09-08 | 3 | -0/+36 |
| | | | | message, print out details in s_client | ||||
* | store and print out message digest peer signed with in TLS 1.2 | Dr. Stephen Henson | 2012-09-07 | 1 | -0/+3 |
| | |||||
* | Add compilation flag to disable certain protocol checks and allow use of | Dr. Stephen Henson | 2012-08-29 | 2 | -0/+8 |
| | | | | | | | some invalid operations for testing purposes. Currently this can be used to sign using digests the peer doesn't support, EC curves the peer doesn't support and use certificates which don't match the type associated with a ciphersuite. | ||||
* | Oops - didn't mean to change Makefile on previous submit | Bodo Möller | 2012-08-16 | 1 | -123/+118 |
| | |||||
* | Enable message names for TLS 1.1, 1.2 with -msg. | Bodo Möller | 2012-08-16 | 2 | -118/+125 |
| | |||||
* | Add three Suite B modes to TLS code, supporting RFC6460. | Dr. Stephen Henson | 2012-08-15 | 1 | -2/+2 |
| | |||||
* | add suite B chain validation flags and associated verify errors | Dr. Stephen Henson | 2012-08-03 | 1 | -0/+6 |
| |