- 22 8月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
The following would fail, or rather, freeze: openssl genrsa -out rsa2048.pem 2048 openssl req -x509 -key rsa2048.pem -keyform PEM -out cert.pem In that case, the second command wants to read a certificate request from stdin, because -x509 wasn't fully flagged as being for creating something new. This changes makes it fully flagged. RT#4655 Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 19 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 8月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 20 7月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1284)
-
- 29 6月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1264)
-
- 21 6月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 16 6月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NStephen Henson <steve@openssl.org> Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 01 6月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
When the "req" command is used to generate a new EC key using the -newkey option it will incorrectly display: Generating a 2048 bit EC private key This commit fixes the message to not display the bit length for EC keys because we don't currently support getting that during generation. GitHub Issue #1068 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 17 5月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
RT#4215 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 13 4月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
OBJ_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 06 4月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Move rsa_st away from public headers. Add accessor/writer functions for the public RSA data. Adapt all other source to use the accessors and writers. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 05 4月, 2016 2 次提交
-
-
由 FdaSilvaYY 提交于
... comes from c5137473. Fix Travis builds. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 FdaSilvaYY 提交于
Reviewed-by: NStephen Henson <steve@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 19 3月, 2016 1 次提交
-
-
由 Schüller Felix 提交于
Don't free up passed EVP_MD_CTX in ASN1_item_sign_ctx(). This simplifies handling and retains compatiblity with previous behaviour. PR#4446 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 08 3月, 2016 1 次提交
-
-
由 Viktor Dukhovni 提交于
Bug reported by Michel Sales. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 26 2月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Simplifies calling code. Also fixed up any !ptr tests that were nearby, turning them into NULL tests. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 25 2月, 2016 1 次提交
-
-
由 Flavio Medeiros 提交于
This is also RT 4137 Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 20 2月, 2016 1 次提交
-
-
由 Kurt Roeckx 提交于
Also gives an error message when you gave it a parameter it didn't expect. Reviewed-by: NRich Salz <rsalz@openssl.org> MR: #2009
-
- 19 2月, 2016 1 次提交
-
-
由 Rich Salz 提交于
enc: - typo in -base64 option - missing help opt text ocsp, req, rsautl, s_client: - missing help opt text Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 12 2月, 2016 2 次提交
-
-
由 Emilia Kasper 提交于
Change the default keysize to 2048 bits, and the minimum to 512 bits. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
PR#4246 and PR#4266 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 06 2月, 2016 1 次提交
-
-
由 Insu Yun 提交于
Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 20 1月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 17 12月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} Add #define's for the old names. Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 08 12月, 2015 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 10 11月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
continue on from previous commits but in the apps directory Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 13 10月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Previous OpenSSL versions used -set_serial, but master was using -set-serial - so rename it back to the old version. RT#4059 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 06 9月, 2015 2 次提交
-
-
由 Richard Levitte 提交于
The different apps had the liberty to decide whether they would open their input and output files in binary mode or not, which could be confusing if two different apps were handling the same type of file in different ways. The solution is to centralise the decision of low level file organisation, and that the apps would use a selection of formats to state the intent of the file. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Richard Levitte 提交于
Most of all, we needed to sort out which ones are binary and which ones are text, and make sure they are treated accordingly and consistently so Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 01 9月, 2015 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Remove asn1-kludge option from the req utility. It was a decade old workaround for CAs and software which required an invalid encoding of PKCS#10 certificate requests: omitting the attributes field even though it is not OPTIONAL. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 31 7月, 2015 1 次提交
-
-
由 Adam Eijdenberg 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 07 7月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
There's no reason why we should default to a output format that is old, and confusing in some cases. This affects the commands "ca", "crl", "req" and "x509". Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 16 6月, 2015 1 次提交
-
-
由 Rich Salz 提交于
When generating a private key, try to make the output file be readable only by the owner. Put it in CHANGES file since it might be noticeable. Add "int private" flag to apps that write private keys, and check that it's set whenever we do write a private key. Checked via assert so that this bug (security-related) gets fixed. Thanks to Viktor for help in tracing the code-paths where private keys are written. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 15 6月, 2015 1 次提交
-
-
由 Tim Hudson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 03 6月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Here are the "rules" for handling flags that depend on #ifdef: - Do not ifdef the enum. Only ifdef the OPTIONS table. All ifdef'd entries appear at the end; by convention "engine" is last. This ensures that at run-time, the flag will never be recognized/allowed. The next two bullets entries are for silencing compiler warnings: - In the while/switch parsing statement, use #ifdef for the body to disable it; leave the "case OPT_xxx:" and "break" statements outside the ifdef/ifndef. See ciphers.c for example. - If there are multiple options controlled by a single guard, OPT_FOO, OPT_BAR, etc., put a an #ifdef around the set, and then do "#else" and a series of case labels and a break. See OPENSSL_NO_AES in cms.c for example. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 29 5月, 2015 2 次提交
-
-
由 Richard Levitte 提交于
The module loading feature got broken a while ago, so restore it, but have it a bit more explicit this time around. Reviewed-by: NStephen Henson <steve@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-