summaryrefslogtreecommitdiffstats
path: root/apps
AgeCommit message (Collapse)Author
2015-01-22apps/speed.c: make it indent-friendly.Andy Polyakov
Conflicts: apps/speed.c Conflicts: apps/speed.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix source where indent will not be able to copeMatt Caswell
Conflicts: apps/ciphers.c ssl/s3_pkt.c Conflicts: crypto/ec/ec_curve.c Conflicts: crypto/ec/ec_curve.c ssl/s3_clnt.c ssl/s3_srvr.c ssl/ssl_sess.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Additional comment changes for reformat of 1.0.0Matt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Further comment amendments to preserve formatting prior to source reformatMatt Caswell
(cherry picked from commit 4a7fa26ffd65bf36beb8d1cb8f29fc0ae203f5c5) Conflicts: crypto/x509v3/pcy_tree.c Conflicts: apps/apps.c ssl/ssltest.c Conflicts: apps/apps.c crypto/ec/ec2_oct.c crypto/ec/ecp_nistp224.c crypto/ec/ecp_nistp256.c crypto/ec/ecp_nistp521.c ssl/s3_cbc.c ssl/ssl_sess.c ssl/t1_lib.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22mark all block comments that need format preserving so thatTim Hudson
indent will not alter them when reformatting comments (cherry picked from commit 1d97c8435171a7af575f73c526d79e1ef0ee5960) Conflicts: crypto/bn/bn_lcl.h crypto/bn/bn_prime.c crypto/engine/eng_all.c crypto/rc4/rc4_utl.c crypto/sha/sha.h ssl/kssl.c ssl/t1_lib.c Conflicts: crypto/rc4/rc4_enc.c crypto/x509v3/v3_scts.c crypto/x509v3/v3nametest.c ssl/d1_both.c ssl/s3_srvr.c ssl/ssl.h ssl/ssl_locl.h ssl/ssltest.c ssl/t1_lib.c Conflicts: crypto/asn1/a_sign.c crypto/bn/bn_div.c crypto/dsa/dsa_asn1.c crypto/ec/ecp_nistp224.c crypto/ec/ecp_nistp256.c crypto/ec/ecp_nistp521.c crypto/ec/ecp_nistputil.c crypto/modes/gcm128.c crypto/opensslv.h ssl/d1_both.c ssl/heartbeat_test.c ssl/s3_clnt.c ssl/s3_srvr.c ssl/ssl_sess.c ssl/t1_lib.c test/testutil.h Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-03Updates to s_client and s_server to remove the constant 28 (for IPv4 headerMatt Caswell
and UDP header) when setting an mtu. This constant is not always correct (e.g. if using IPv6). Use the new DTLS_CTRL functions instead. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 464ce92026bd0c79186cbefa75470f39607110be)
2014-11-27Remove duplicated codeMatt Caswell
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-11-27Tidy up ocsp help outputMatt Caswell
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 5e31a40f47c6bfd09c718d2af42ba8d8fe6bb932) Conflicts: apps/ocsp.c (cherry picked from commit e16458269036f4334525009906d346f68a73b2a4)
2014-11-27Add documentation on -timeout option in the ocsp utilityAndré Guerreiro
PR#3612 Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit de87dd46c1283f899a9ecf4ccc72db74f36afbf2) (cherry picked from commit 4d3df37bc7fd33d0bec5da04d2572caa0cdbab75)
2014-10-15Make sure that disabling the MAYLOSEDATA3 warning is only done when the ↵Richard Levitte
compiler supports it. Otherwise, there are warnings about it lacking everywhere, which is quite tedious to read through while trying to check for other warnings. Reviewed-by: Tim Hudson <tjh@openssl.org> Conflicts: ssl/ssl-lib.com
2014-10-15Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsvBodo Moeller
handling out of #ifndef OPENSSL_NO_DTLS1 section. Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-15Support TLS_FALLBACK_SCSV.Bodo Moeller
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-06Fix warnings about ignored return values.Dr. Stephen Henson
(cherry picked from commit 27131fe8f7418bf22b1e3000ea6a5d7b1ec8ebd4) Reviewed-by: Matt Caswell <matt@openssl.org>
2014-07-15Don't allow -www etc options with DTLS.Dr. Stephen Henson
The options which emulate a web server don't make sense when doing DTLS. Exit with an error if an attempt is made to use them. PR#3453 (cherry picked from commit 58a2aaeade8bdecd0f9f0df41927f7cff3012547)
2014-07-15Use case insensitive compare for servername.Dr. Stephen Henson
PR#3445 (cherry picked from commit 1c3e9a7c67ccdc5e770829fe951e5832e600d377)
2014-07-06Usage for -hack and -prexit -verify_return_errorDr. Stephen Henson
(cherry picked from commit a07f514fc02b09c854ce857a8df828d29f7121d3)
2014-07-06s_server usage for certificate status requestsDr. Stephen Henson
2014-06-29Show errors on CSR verification failure.Dr. Stephen Henson
If CSR verify fails in ca utility print out error messages. Otherwise some errors give misleading output: for example if the key size exceeds the library limit. PR#2875 (cherry picked from commit a30bdb55d1361b9926eef8127debfc2e1bb8c484)
2014-06-29Make no-ssl3 no-ssl2 do more sensible things.Dr. Stephen Henson
(cherry picked from commit 7ae6a4b659facfd7ad8131238aa1d349cb3fc951)
2014-06-28Typo.Dr. Stephen Henson
PR#3107 (cherry picked from commit 7c206db9280865ae4af352dbc14e9019a6c4795d)
2014-06-27Memory leak and NULL dereference fixes.Dr. Stephen Henson
PR#3403 (cherry picked from commit d2aea038297e0c64ca66e6844cbb37377365885e)
2014-06-11Fix compilation with no-compDr. Stephen Henson
(cherry picked from commit 7239a09c7b5757ed8d0e9869f3e9b03c0e11f4d1)
2014-05-29Change default cipher in smime app to des3.Dr. Stephen Henson
PR#3357 (cherry picked from commit ca3ffd9670f2b589bf8cc04923f953e06d6fbc58)
2014-05-11Fix infinite loop. PR#3347Viktor Dukhovni
2014-05-08coverity 966576 - close socket in error pathTim Hudson
2014-05-08PR#3342 fix resource leak coverity issue 966577Tim Hudson
2014-04-09Fix free errors in ocsp utility.Dr. Stephen Henson
Keep copy of any host, path and port values allocated by OCSP_parse_url and free as necessary. (cherry picked from commit 5219d3dd350cc74498dd49daef5e6ee8c34d9857)
2014-04-04Use correct length when prompting for password.Dr. Stephen Henson
Use bufsiz - 1 not BUFSIZ - 1 when prompting for a password in the openssl utility. Thanks to Rob Mackinnon, Leviathan Security for reporting this issue. (cherry picked from commit 7ba08a4d73c1bdfd3aced09a628b1d7d7747cdca)
2014-04-03Add option to generate old hash format.Tim Hudson
New -hash_old to generate CRL hashes using old (before OpenSSL 1.0.0) algorithm. (cherry picked from commit de2d97cd799f38024d70847bab37d91aa5a2536e)
2014-02-25Avoid Windows 8 Getversion deprecated errors.Dr. Stephen Henson
Windows 8 SDKs complain that GetVersion() is deprecated. We only use GetVersion like this: (GetVersion() < 0x80000000) which checks if the Windows version is NT based. Use a macro check_winnt() which uses GetVersion() on older SDK versions and true otherwise. (cherry picked from commit a4cc3c8041104896d51ae12ef7b678c31808ce52)
2014-02-14Use defaults bits in req when not givenKurt Roeckx
If you use "-newkey rsa" it's supposed to read the default number of bits from the config file. However the value isn't used to generate the key, but it does print it's generating such a key. The set_keygen_ctx() doesn't call EVP_PKEY_CTX_set_rsa_keygen_bits() and you end up with the default set in pkey_rsa_init() (1024). Afterwards the number of bits gets read from the config file, but nothing is done with that anymore. We now read the config first and use the value from the config file when no size is given. PR: 2592 (cherry picked from commit 3343220327664680420d4068e1fbe46d2236f1b0)
2014-02-14Fix various spelling errorsScott Schaefer
(cherry picked from commit 2b4ffc659eabec29f76821f0ac624a2b8c19e4c7)
2014-01-23Use default digest implementation in dgst.cDr. Stephen Henson
Use default instead of ENGINE version of digest. Without this errors will occur if you use an ENGINE for a private key and it doesn't implement the digest in question. (cherry picked from commit 4eedf86a163284478140c46edb7b462d33898c93)
2012-12-23add missing \nDr. Stephen Henson
2012-12-04check mval for NULL tooDr. Stephen Henson
2012-12-03fix leakDr. Stephen Henson
2012-11-21PR: 2908Dr. Stephen Henson
Submitted by: Dmitry Belyavsky <beldmit@gmail.com> Fix DH double free if parameter generation fails.
2012-11-20fix leaksDr. Stephen Henson
2012-09-11fix memory leakDr. Stephen Henson
2012-06-19oops, add -debug_decrypt option which was accidenatally left outDr. Stephen Henson
2012-03-18Always use SSLv23_{client,server}_method in s_client.c and s_server.c,Dr. Stephen Henson
the old code came from SSLeay days before TLS was even supported.
2012-03-14cipher should only be set to PSK if JPAKE is used.Richard Levitte
2012-02-12PR: 2717Dr. Stephen Henson
Submitted by: Tim Rice <tim@multitalents.net> Make compilation work on OpenServer 5.0.7
2012-02-10PR: 2710Dr. Stephen Henson
Submitted by: Tomas Mraz <tmraz@redhat.com> Check return codes for load_certs_crls.
2012-01-12Sanitize usage of <ctype.h> functions. It's important that charactersAndy Polyakov
are passed zero-extended, not sign-extended [from HEAD]. PR: 2682
2012-01-05Fix usage indentationBodo Möller
2012-01-04make updateDr. Stephen Henson
2011-12-06The default CN prompt message can be confusing when often the CN needs toDr. Stephen Henson
be the server FQDN: change it. [Reported by PSW Group]
2011-09-23use keyformat for -x509toreq, don't hard code PEMDr. Stephen Henson
2011-09-23PR: 2347Dr. Stephen Henson
Submitted by: Tomas Mraz <tmraz@redhat.com> Reviewed by: steve Fix usage message.
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-30 11:42:55 +0000