- 09 8月, 2015 1 次提交
-
-
由 bluelineXY 提交于
Add Host Header in OCSP query if no host header is set via -header Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NBen Laurie <ben@openssl.org>
-
- 05 8月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
The -use_srtp s_client/s_server option is supposed to take a colon separated string as an argument. In master this was incorrectly set to expect a filename. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 02 8月, 2015 3 次提交
-
-
由 Ben Laurie 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Ben Laurie 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 01 8月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Thanks folks: 348 Benjamin Kaduk 317 Christian Brueffer 254 Erik Tews 253 Erik Tews 219 Carl Mehner 155 (ghost) 95 mancha 51 DominikNeubauer Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 31 7月, 2015 4 次提交
-
-
由 Kai Engert 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Adam Eijdenberg 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Adam Eijdenberg 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Adam Eijdenberg 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 30 7月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 16 7月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Remove support for RSA_NET and Netscape key format (-keyform n). Also removed documentation of SGC. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 14 7月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 13 7月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
Fixes GH#330 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 10 7月, 2015 1 次提交
-
-
由 Peter Waltenberg 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 08 7月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
The -show_chain flag to the verify command line app shows information about the chain that has been built. This commit adds the text "untrusted" against those certificates that have been used from the untrusted list. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Fills in the help text for a number of options to verify that were blank. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 07 7月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
There's no reason why we should default to a output format that is old, and confusing in some cases. This affects the commands "ca", "crl", "req" and "x509". Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 25 6月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 23 6月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Found by Kurt Cancemi. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 16 6月, 2015 1 次提交
-
-
由 Rich Salz 提交于
When generating a private key, try to make the output file be readable only by the owner. Put it in CHANGES file since it might be noticeable. Add "int private" flag to apps that write private keys, and check that it's set whenever we do write a private key. Checked via assert so that this bug (security-related) gets fixed. Thanks to Viktor for help in tracing the code-paths where private keys are written. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 15 6月, 2015 2 次提交
-
-
由 Tim Hudson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Tim Hudson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 10 6月, 2015 3 次提交
-
-
由 Emilia Kasper 提交于
This is a workaround so old that nobody remembers what buggy clients it was for. It's also been broken in stable branches for two years and nobody noticed (see https://boringssl-review.googlesource.com/#/c/1694/). Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Richard Levitte 提交于
For librypto to be complete, the stuff in both crypto/ and engines/ have to be built. Doing 'make test' or 'make apps' from a clean source tree failed to do so. Corrected by using the new 'build_libcrypto' in the top Makefile. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Rich Salz 提交于
Except for VMS startup code. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 07 6月, 2015 1 次提交
-
-
由 Rodger Combs 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 03 6月, 2015 2 次提交
-
-
由 Rich Salz 提交于
Here are the "rules" for handling flags that depend on #ifdef: - Do not ifdef the enum. Only ifdef the OPTIONS table. All ifdef'd entries appear at the end; by convention "engine" is last. This ensures that at run-time, the flag will never be recognized/allowed. The next two bullets entries are for silencing compiler warnings: - In the while/switch parsing statement, use #ifdef for the body to disable it; leave the "case OPT_xxx:" and "break" statements outside the ifdef/ifndef. See ciphers.c for example. - If there are multiple options controlled by a single guard, OPT_FOO, OPT_BAR, etc., put a an #ifdef around the set, and then do "#else" and a series of case labels and a break. See OPENSSL_NO_AES in cms.c for example. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Rich Salz 提交于
I also re-ordered some of #ifdef's. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 02 6月, 2015 1 次提交
-
-
由 Gunnar Kudrjavets 提交于
Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 31 5月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 29 5月, 2015 4 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Richard Levitte 提交于
The module loading feature got broken a while ago, so restore it, but have it a bit more explicit this time around. Reviewed-by: NStephen Henson <steve@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Rich Salz 提交于
Create app_load_config(), a routine to load config file. Remove the "always load config" from the main app. Change the places that used to load config to call the new common routine. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 26 5月, 2015 5 次提交
-
-
由 Dr. Stephen Henson 提交于
Add support for PKCS#8 private key encryption using the scrypt algorithm in the pkcs8 utility. Update documentation. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
This adds a new function which will encrypt a private key using PKCS#8 based on an X509_ALGOR structure and reimplements PKCS8_encrypt to use it. Update pkcs8 utlity to use PKCS8_set0_pbe. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Hanno Böck 提交于
The "out" variable is used for both key and csr. Close it after writing the first one so it can be re-used when writing the other. Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Rich Salz 提交于
Thanks to Brian Carpenter <brian.carpenter@gmail.com> for finding this. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Rich Salz 提交于
The 'http proxy' commit broke s_client default host/port value. Thanks to Matt for the simplest fix. Reviewed-by: NMatt Caswell <matt@openssl.org>
-