- 29 5月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
The module loading feature got broken a while ago, so restore it, but have it a bit more explicit this time around. Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 16 5月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Continuing from the previous commit this changes the way we do client side version negotiation. Similarly all of the s23* "up front" state machine code has been avoided and again things now work much the same way as they already did for DTLS, i.e. we just do most of the work in the ssl3_get_server_hello() function. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 14 5月, 2015 2 次提交
-
-
由 Rich Salz 提交于
Had old patch, forgot to push/patch this to master Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Rich Salz 提交于
Various bugs found by Viktor, Emilia, Matt, etc. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 02 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
After the finale, the "real" final part. :) Do a recursive grep with "-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are an "if NULL" check that can be removed. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 01 5月, 2015 3 次提交
-
-
由 Rich Salz 提交于
Don't check for NULL before calling OPENSSL_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Don't check for NULL before calling free function. This gets: NAME_CONSTRAINTS_free GENERAL_SUBTREE_free ECDSA_METHOD_free JPAKE_CTX_free OCSP_REQ_CTX_free SCT_free SRP_VBASE_free SRP_gN_free SRP_user_pwd_free TXT_DB_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Don't check for NULL before calling a free routine. This gets X509_.*free: x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free X509_STORE_free X509_STORE_CTX_free X509_PKEY_free X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 30 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 27 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
A variable declaration got dropped during a merge. And if a compiler inlines strcmp() and you put a strcmp in an assert message, the resultant stringification exceeds ANSI string limits. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 26 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 25 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This is merges the old "rsalz-monolith" branch over to master. The biggest change is that option parsing switch from cascasding 'else if strcmp("-foo")' to a utility routine and somethin akin to getopt. Also, an error in the command line no longer prints the full summary; use -help (or --help :) for that. There have been many other changes and code-cleanup, see bullet list below. Special thanks to Matt for the long and detailed code review. TEMPORARY: For now, comment out CRYPTO_mem_leaks() at end of main Tickets closed: RT3515: Use 3DES in pkcs12 if built with no-rc2 RT1766: s_client -reconnect and -starttls broke RT2932: Catch write errors RT2604: port should be 'unsigned short' RT2983: total_bytes undeclared #ifdef RENEG RT1523: Add -nocert to fix output in x509 app RT3508: Remove unused variable introduced by b09eb246 RT3511: doc fix; req default serial is random RT1325,2973: Add more extensions to c_rehash RT2119,3407: Updated to dgst.pod RT2379: Additional typo fix RT2693: Extra include of string.h RT2880: HFS is case-insensitive filenames RT3246: req command prints version number wrong Other changes; incompatibilities marked with *: Add SCSV support Add -misalign to speed command Make dhparam, dsaparam, ecparam, x509 output C in proper style Make some internal ocsp.c functions void Only display cert usages with -help in verify Use global bio_err, remove "BIO*err" parameter from functions For filenames, - always means stdin (or stdout as appropriate) Add aliases for -des/aes "wrap" ciphers. *Remove support for IISSGC (server gated crypto) *The undocumented OCSP -header flag is now "-header name=value" *Documented the OCSP -header flag Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 11 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Avoid checking for NULL before calling free functions. This gets ssl.*free: ssl_sess_cert_free ssl_free ssl_excert_free ssl_cert_free SSL_free SSL_SRP_CTX_free SSL_SESSION_free SSL_CTX_free SSL_CTX_SRP_CTX_free SSL_CONF_CTX_free Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 25 3月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free BIO_free BIO_free_all BIO_vfree Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 05 3月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 25 2月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
X509_V_FLAG_NO_ALT_CHAINS flag. Using this option means that when building certificate chains, the first chain found will be the one used. Without this flag, if the first chain found is not trusted then we will keep looking to see if we can build an alternative chain instead. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 22 1月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 02 12月, 2014 1 次提交
-
-
由 Kurt Roeckx 提交于
If SSLv2 and SSLv3 are both disabled we still support SSL/TLS. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 27 11月, 2014 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 André Guerreiro 提交于
PR#3612 Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 29 6月, 2014 1 次提交
-
-
由 Rich Salz 提交于
-
- 28 6月, 2014 1 次提交
-
-
由 Dr. Stephen Henson 提交于
PR#3107
-
- 20 6月, 2014 1 次提交
-
-
由 Hubert Kario 提交于
Add -trusted_first description to help messages and man pages of tools that deal with certificate verification.
-
- 09 4月, 2014 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Keep copy of any host, path and port values allocated by OCSP_parse_url and free as necessary.
-
- 21 2月, 2014 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 19 2月, 2014 1 次提交
-
-
由 Rob Stradling 提交于
Add the extension parser in the s_client, ocsp and x509 apps.
-
- 07 10月, 2013 1 次提交
-
-
由 Ben Laurie 提交于
-
- 22 12月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 16 12月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 15 12月, 2012 5 次提交
-
-
由 Dr. Stephen Henson 提交于
Don't verify our own responses.
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
Recognise verification arguments.
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 10 12月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 08 12月, 2012 1 次提交
-
-
由 Ben Laurie 提交于
-
- 01 10月, 2009 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: steve@openssl.org Add support for custom headers in OCSP requests.
-
由 Dr. Stephen Henson 提交于
-
- 28 7月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 03 4月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-