- 03 2月, 2016 1 次提交
-
-
由 Viktor Dukhovni 提交于
Also fix option processing in pkeyutl to allow use of (formerly) "out-of-order" switches that were needless implementation limitations. Handle documented "ENGINE" form with -keyform and -peerform. Better handling of OPENSSL_NO_ENGINE and OPENSSL_NO_RSA. RT2018 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 13 10月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Loading the config file after processing command line options can cause problems, e.g. where an engine provides new ciphers/digests these are not then recoginised on the command line. Move the default config file loading to before the command line option processing. Whilst we're doing this we might as well centralise this instead of doing it individually for each application. Finally if we do it before the OpenSSL_add_ssl_algorithms() call then ciphersuites provided by an engine (e.g. GOST) can be available to the apps. RT#4085 RT#4086 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 06 9月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
The different apps had the liberty to decide whether they would open their input and output files in binary mode or not, which could be confusing if two different apps were handling the same type of file in different ways. The solution is to centralise the decision of low level file organisation, and that the apps would use a selection of formats to state the intent of the file. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 29 5月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
The module loading feature got broken a while ago, so restore it, but have it a bit more explicit this time around. Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 01 5月, 2015 2 次提交
-
-
由 Rich Salz 提交于
Don't check for NULL before calling OPENSSL_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
No point in proceeding if you're out of memory. So change *all* OPENSSL_malloc calls in apps to use the new routine which prints a message and exits. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 26 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Make setup_engine be a dummy if NO_ENGINE is enabled. The option is not enabled if NO_ENGINE is enabled, so the one "wasted" variable just sits there. Removes some variables and code. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 25 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This is merges the old "rsalz-monolith" branch over to master. The biggest change is that option parsing switch from cascasding 'else if strcmp("-foo")' to a utility routine and somethin akin to getopt. Also, an error in the command line no longer prints the full summary; use -help (or --help :) for that. There have been many other changes and code-cleanup, see bullet list below. Special thanks to Matt for the long and detailed code review. TEMPORARY: For now, comment out CRYPTO_mem_leaks() at end of main Tickets closed: RT3515: Use 3DES in pkcs12 if built with no-rc2 RT1766: s_client -reconnect and -starttls broke RT2932: Catch write errors RT2604: port should be 'unsigned short' RT2983: total_bytes undeclared #ifdef RENEG RT1523: Add -nocert to fix output in x509 app RT3508: Remove unused variable introduced by b09eb246 RT3511: doc fix; req default serial is random RT1325,2973: Add more extensions to c_rehash RT2119,3407: Updated to dgst.pod RT2379: Additional typo fix RT2693: Extra include of string.h RT2880: HFS is case-insensitive filenames RT3246: req command prints version number wrong Other changes; incompatibilities marked with *: Add SCSV support Add -misalign to speed command Make dhparam, dsaparam, ecparam, x509 output C in proper style Make some internal ocsp.c functions void Only display cert usages with -help in verify Use global bio_err, remove "BIO*err" parameter from functions For filenames, - always means stdin (or stdout as appropriate) Add aliases for -des/aes "wrap" ciphers. *Remove support for IISSGC (server gated crypto) *The undocumented OCSP -header flag is now "-header name=value" *Documented the OCSP -header flag Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 05 3月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error paths as I spotted them along the way. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 22 1月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 27 4月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 06 11月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 17 4月, 2008 1 次提交
-
-
由 Lutz Jänicke 提交于
PR: 1659
-
- 16 7月, 2005 1 次提交
-
-
由 Nils Larsch 提交于
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa] make depend all test work again PR: 1159
-
- 29 5月, 2005 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 20 4月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
-
- 21 9月, 2003 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 31 1月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
PR: 287
-
- 02 8月, 2002 1 次提交
-
-
由 Richard Levitte 提交于
functionality in the programs that had that before. Part fo PR 164
-
- 22 2月, 2002 1 次提交
-
-
由 Dr. Stephen Henson 提交于
CONF_modules_unload() now calls CONF_modules_finish() automatically. Default use of section openssl_conf moved to CONF_modules_load() Load config file in several openssl utilities. Most utilities now load modules from the config file, though in a few (such as version) this isn't done because it couldn't be used for anything. In the case of ca and req the config file used is the same as the utility itself: that is the -config command line option can be used to specify an alternative file.
-
- 26 1月, 2002 2 次提交
-
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
-
- 12 9月, 2001 1 次提交
-
-
由 Geoff Thorpe 提交于
-
- 18 6月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
everywhere.
-
- 30 5月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
string (some engines may have certificates protected by a PIN!) and a description to put into error messages. Also, have our own password callback that we can send both a password and some prompt info to. The default password callback in EVP assumes that the passed parameter is a password, which isn't always the right thing, and the ENGINE code (at least the nCipher one) makes other assumptions... Also, in spite of having the functions to load keys, some utilities did the loading all by themselves... That's changed too.
-
- 20 2月, 2001 2 次提交
-
-
由 Richard Levitte 提交于
missed any. This compiles and runs on Linux, and external applications have no problems with it. The definite test will be to build this on VMS.
-
由 Richard Levitte 提交于
sure they are available in opensslconf.h, by giving them names starting with "OPENSSL_" to avoid conflicts with other packages and by making sure e_os2.h will cover all platform-specific cases together with opensslconf.h. I've checked fairly well that nothing breaks with this (apart from external software that will adapt if they have used something like NO_KRB5), but I can't guarantee it completely, so a review of this change would be a good thing.
-
- 29 10月, 2000 1 次提交
-
-
由 Richard Levitte 提交于
applications.
-
- 26 10月, 2000 1 次提交
-
-
由 Bodo Möller 提交于
-
- 20 9月, 2000 1 次提交
-
-
由 Richard Levitte 提交于
record-oriented fashion. That means that every write() will write a separate record, which will be read separately by the programs trying to read from it. This can be very confusing. The solution is to put a BIO filter in the way that will buffer text until a linefeed is reached, and then write everything a line at a time, so every record written will be an actual line, not chunks of lines and not (usually doesn't happen, but I've seen it once) several lines in one record. Voila, BIO_f_linebuffer() is born. Since we're so close to release time, I'm making this VMS-only for now, just to make sure no code is needlessly broken by this. After the release, this BIO method will be enabled on all other platforms as well.
-
- 10 9月, 2000 1 次提交
-
-
由 Richard Levitte 提交于
-
- 06 9月, 2000 3 次提交
-
-
由 Bodo Möller 提交于
-
由 Bodo Möller 提交于
-
由 Dr. Stephen Henson 提交于
Add support for settable verify time in X509_verify_cert(). Document rsautl utility.
-
- 04 9月, 2000 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add DER public key routines. Add -passin argument to 'ca' utility. Document sign and verify options to dgst.
-