Age | Commit message (Collapse) | Author |
|
Check arg count and print an error message.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 13a461831ab85ec9f55806ebf2df5ffb7f3f357a)
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit a19228b7f4fc6fcb49713455b3caedbc24fb0b01)
|
|
CMS_NOOLDMIMETYPE and PKCS7_NOOLDMIMETYPE are unused in pkcs7/cms code.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1585)
(cherry picked from commit 28aef3d9558dc2e11ba56576b3a4d3faaef8a9d3)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1585)
(cherry picked from commit 12d56b2992ebd61e1b30c99ca1898dde42345cf7)
|
|
Some compilers complain about unused variables, and some tests do
not run well without OCSP.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 057c676afb2a69b7d2bb9cf6e895e720a2a62b78)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 51e5133d551b4c132f72fc2ff5bbe076f5a3e052)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit c7bdb6a31ff0fcae66b451d3f80a684ad77f4966)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 0d0723e813870c2e7a009ec47e933668a1548531)
|
|
This is needed, because on VMS, select() can only be used on sockets. being
able to use select() on all kinds of file descriptors is unique to Unix.
So, the solution for VMS is to create a layer that translates input from
standard input to socket communication.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 0d3b65832c6fa94c1d1cfa2f99335f323e3227c1)
|
|
Resolves GH1515 and GH1509.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 7d959c358a09244bcaea601121b276529ff437ce)
|
|
RT#4674
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 9f9f962d96425ed741569460791eee0280fcf942)
|
|
it appears when using gcc/mingw:
```
apps/s_client.c:815:9: warning: variable 'at_eof' set but not used [-Wunused-but-set-variable]
int at_eof = 0;
^~~~~~
```
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1512)
(cherry picked from commit d485640b8083aea895ecf31b4ea6a338ee561b67)
|
|
User can make Windows openssl.exe to treat command-line arguments
and console input as UTF-8 By setting OPENSSL_WIN32_UTF8 environment
variable (to any value). This is likely to be required for data
interchangeability with other OSes and PKCS#12 containers generated
with Windows CryptoAPI.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
OpenSSL versions before 1.1.0 didn't convert non-ASCII
UTF8 PKCS#12 passwords to Unicode correctly.
To correctly decrypt older files, if MAC verification fails
with the supplied password attempt to use the broken format
which is compatible with earlier versions of OpenSSL.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Ensure it is clear to the user why there has been an error.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
In apps/rsa.c, we were second guessing RSA_check_key() to leave error
codes lying around without returning -1 properly. However, this also
catches other errors that are lying around and that we should not care
about.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1471
|
|
Code was relying on an implicit data-sharing through duplication of
loopargs_t pointer-members made by ASYNC_start_job().
Now share structure address instead of structure content.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
The following would fail, or rather, freeze:
openssl genrsa -out rsa2048.pem 2048
openssl req -x509 -key rsa2048.pem -keyform PEM -out cert.pem
In that case, the second command wants to read a certificate request
from stdin, because -x509 wasn't fully flagged as being for creating
something new. This changes makes it fully flagged.
RT#4655
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Add mutable versions of X509_get0_notBefore and X509_get0_notAfter.
Rename X509_SIG_get0_mutable to X509_SIG_getm.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1475)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Update certificate and CRL time routines to match new standard.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
The DANE API supports a DANE_FLAG_NO_DANE_EE_NAMECHECKS option, but
there was no way to exercise/enable it via s_client. This commit
addresses that gap.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
... without any interruption.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1468)
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
The error message said "dane_tlsa_rrset" instead of "dane_tlsa_rrdata".
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Constify X509_SIG_get0() and order arguments to mactch new standard.
Add X509_SIG_get0_mutable() to support modification or initialisation
of an X509_SIG structure.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
using util/openssl-format-source on s_derver, s_client, ca.c, speed.c only...
Fix/merge some #ifndef
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1461)
|
|
If -badsig is selected corrupt the signature before printing out
any details so the output reflects the modified signature.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Deprecate the function ASN1_STRING_data() and replace with a new function
ASN1_STRING_get0_data() which returns a constant pointer. Update library
to use new function.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1378)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1413)
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|