- 20 9月, 2016 2 次提交
-
-
由 FdaSilvaYY 提交于
CMS_NOOLDMIMETYPE and PKCS7_NOOLDMIMETYPE are unused in pkcs7/cms code. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1585)
-
由 FdaSilvaYY 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1585)
-
- 24 8月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Ensure it is clear to the user why there has been an error. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 18 8月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 16 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Deprecate the function ASN1_STRING_data() and replace with a new function ASN1_STRING_get0_data() which returns a constant pointer. Update library to use new function. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 25 7月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1301)
-
- 02 6月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
The make_receipt_request() function in the cms app can leak memory on an error condition. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 20 5月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
RT#1817 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 13 5月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Fix -signer option in smime utility to output signer certificates when verifying. Add support for format SMIME for -inform and -outform with cms and smime utilities. PR#4215 Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 04 5月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 4月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Give the API new names, document it. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 14 4月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
no-aes is no longer a Configure option and therefore the OPENSSL_NO_AES guards can be removed. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 23 2月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 12 2月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
PR#4246 and PR#4266 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 21 1月, 2016 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 17 12月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} Add #define's for the old names. Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 10 11月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
continue on from previous commits but in the apps directory Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 13 10月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Loading the config file after processing command line options can cause problems, e.g. where an engine provides new ciphers/digests these are not then recoginised on the command line. Move the default config file loading to before the command line option processing. Whilst we're doing this we might as well centralise this instead of doing it individually for each application. Finally if we do it before the OpenSSL_add_ssl_algorithms() call then ciphersuites provided by an engine (e.g. GOST) can be available to the apps. RT#4085 RT#4086 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 25 9月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
For those command line options that take the verification options -CApath and -CAfile, if those options are absent then the default path or file is used instead. It is not currently possible to specify *no* path or file at all. This change adds the options -no-CApath and -no-CAfile to specify that the default locations should not be used to all relevant applications. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 11 9月, 2015 1 次提交
-
-
由 Ben Laurie 提交于
-Wincompatible-pointer-types-discards-qualifiers (the latter did not require any code changes). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 06 9月, 2015 2 次提交
-
-
由 Richard Levitte 提交于
The different apps had the liberty to decide whether they would open their input and output files in binary mode or not, which could be confusing if two different apps were handling the same type of file in different ways. The solution is to centralise the decision of low level file organisation, and that the apps would use a selection of formats to state the intent of the file. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Richard Levitte 提交于
Most of all, we needed to sort out which ones are binary and which ones are text, and make sure they are treated accordingly and consistently so Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 03 6月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Here are the "rules" for handling flags that depend on #ifdef: - Do not ifdef the enum. Only ifdef the OPTIONS table. All ifdef'd entries appear at the end; by convention "engine" is last. This ensures that at run-time, the flag will never be recognized/allowed. The next two bullets entries are for silencing compiler warnings: - In the while/switch parsing statement, use #ifdef for the body to disable it; leave the "case OPT_xxx:" and "break" statements outside the ifdef/ifndef. See ciphers.c for example. - If there are multiple options controlled by a single guard, OPT_FOO, OPT_BAR, etc., put a an #ifdef around the set, and then do "#else" and a series of case labels and a break. See OPENSSL_NO_AES in cms.c for example. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 29 5月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
The module loading feature got broken a while ago, so restore it, but have it a bit more explicit this time around. Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 11 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 05 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 02 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
After the finale, the "real" final part. :) Do a recursive grep with "-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are an "if NULL" check that can be removed. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 01 5月, 2015 2 次提交
-
-
由 Rich Salz 提交于
Don't check for NULL before calling OPENSSL_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
No point in proceeding if you're out of memory. So change *all* OPENSSL_malloc calls in apps to use the new routine which prints a message and exits. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 29 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Many functions had a BIO* parameter, and it was always called with bio_err. Remove the param and just use bio_err. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 26 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Make setup_engine be a dummy if NO_ENGINE is enabled. The option is not enabled if NO_ENGINE is enabled, so the one "wasted" variable just sits there. Removes some variables and code. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 25 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This is merges the old "rsalz-monolith" branch over to master. The biggest change is that option parsing switch from cascasding 'else if strcmp("-foo")' to a utility routine and somethin akin to getopt. Also, an error in the command line no longer prints the full summary; use -help (or --help :) for that. There have been many other changes and code-cleanup, see bullet list below. Special thanks to Matt for the long and detailed code review. TEMPORARY: For now, comment out CRYPTO_mem_leaks() at end of main Tickets closed: RT3515: Use 3DES in pkcs12 if built with no-rc2 RT1766: s_client -reconnect and -starttls broke RT2932: Catch write errors RT2604: port should be 'unsigned short' RT2983: total_bytes undeclared #ifdef RENEG RT1523: Add -nocert to fix output in x509 app RT3508: Remove unused variable introduced by b09eb246 RT3511: doc fix; req default serial is random RT1325,2973: Add more extensions to c_rehash RT2119,3407: Updated to dgst.pod RT2379: Additional typo fix RT2693: Extra include of string.h RT2880: HFS is case-insensitive filenames RT3246: req command prints version number wrong Other changes; incompatibilities marked with *: Add SCSV support Add -misalign to speed command Make dhparam, dsaparam, ecparam, x509 output C in proper style Make some internal ocsp.c functions void Only display cert usages with -help in verify Use global bio_err, remove "BIO*err" parameter from functions For filenames, - always means stdin (or stdout as appropriate) Add aliases for -des/aes "wrap" ciphers. *Remove support for IISSGC (server gated crypto) *The undocumented OCSP -header flag is now "-header name=value" *Documented the OCSP -header flag Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 17 4月, 2015 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 24 3月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Start ensuring all OpenSSL "free" routines allow NULL, and remove any if check before calling them. This gets ASN1_OBJECT_free and ASN1_STRING_free. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 05 3月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error paths as I spotted them along the way. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 25 2月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
X509_V_FLAG_NO_ALT_CHAINS flag. Using this option means that when building certificate chains, the first chain found will be the one used. Without this flag, if the first chain found is not trusted then we will keep looking to see if we can build an alternative chain instead. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 22 1月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-