- 30 7月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 16 7月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Remove support for RSA_NET and Netscape key format (-keyform n). Also removed documentation of SGC. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 16 6月, 2015 1 次提交
-
-
由 Rich Salz 提交于
When generating a private key, try to make the output file be readable only by the owner. Put it in CHANGES file since it might be noticeable. Add "int private" flag to apps that write private keys, and check that it's set whenever we do write a private key. Checked via assert so that this bug (security-related) gets fixed. Thanks to Viktor for help in tracing the code-paths where private keys are written. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 29 5月, 2015 2 次提交
-
-
由 Richard Levitte 提交于
The module loading feature got broken a while ago, so restore it, but have it a bit more explicit this time around. Reviewed-by: NStephen Henson <steve@openssl.org>
-
由 Rich Salz 提交于
Create app_load_config(), a routine to load config file. Remove the "always load config" from the main app. Change the places that used to load config to call the new common routine. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 23 5月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Given the pervasive nature of TLS extensions it is inadvisable to run OpenSSL without support for them. It also means that maintaining the OPENSSL_NO_TLSEXT option within the code is very invasive (and probably not well tested). Therefore it is being removed. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 21 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Typedef STRINT_PAIR to be the same as OPT_PAIR, and use that structure and a bunch of tables instead of switch statements to lookup various values out of the SSL/TLS message buffers. Shrinks a bunch of code. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 01 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
No point in proceeding if you're out of memory. So change *all* OPENSSL_malloc calls in apps to use the new routine which prints a message and exits. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 30 4月, 2015 2 次提交
-
-
由 Rich Salz 提交于
Remove need for multiple arrays, parse the X509 name one RDN at a time. Thanks to Andy for careful review. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Rich Salz 提交于
Replace ad-hoc ascii->hex with isxdigit and new app_tohex. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 29 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Many functions had a BIO* parameter, and it was always called with bio_err. Remove the param and just use bio_err. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 26 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Make setup_engine be a dummy if NO_ENGINE is enabled. The option is not enabled if NO_ENGINE is enabled, so the one "wasted" variable just sits there. Removes some variables and code. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 25 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This is merges the old "rsalz-monolith" branch over to master. The biggest change is that option parsing switch from cascasding 'else if strcmp("-foo")' to a utility routine and somethin akin to getopt. Also, an error in the command line no longer prints the full summary; use -help (or --help :) for that. There have been many other changes and code-cleanup, see bullet list below. Special thanks to Matt for the long and detailed code review. TEMPORARY: For now, comment out CRYPTO_mem_leaks() at end of main Tickets closed: RT3515: Use 3DES in pkcs12 if built with no-rc2 RT1766: s_client -reconnect and -starttls broke RT2932: Catch write errors RT2604: port should be 'unsigned short' RT2983: total_bytes undeclared #ifdef RENEG RT1523: Add -nocert to fix output in x509 app RT3508: Remove unused variable introduced by b09eb246 RT3511: doc fix; req default serial is random RT1325,2973: Add more extensions to c_rehash RT2119,3407: Updated to dgst.pod RT2379: Additional typo fix RT2693: Extra include of string.h RT2880: HFS is case-insensitive filenames RT3246: req command prints version number wrong Other changes; incompatibilities marked with *: Add SCSV support Add -misalign to speed command Make dhparam, dsaparam, ecparam, x509 output C in proper style Make some internal ocsp.c functions void Only display cert usages with -help in verify Use global bio_err, remove "BIO*err" parameter from functions For filenames, - always means stdin (or stdout as appropriate) Add aliases for -des/aes "wrap" ciphers. *Remove support for IISSGC (server gated crypto) *The undocumented OCSP -header flag is now "-header name=value" *Documented the OCSP -header flag Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 01 2月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
previously protected by this have been moved into non-public headers Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 24 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Rename OPENSSL_SYSNAME_xxx to OPENSSL_SYS_xxx Remove MS_STATIC; it's a relic from platforms <32 bits. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 22 1月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 07 7月, 2014 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reduces number of silly casts in OpenSSL code and likely most applications. Consistent with (char *) for "peername" value from X509_check_host() and X509_VERIFY_PARAM_get0_peername().
-
- 24 5月, 2014 1 次提交
-
-
由 Martin Kaiser 提交于
Add an NSS output format to sess_id to export to export the session id and the master key in NSS keylog format. PR#3352
-
- 14 11月, 2013 1 次提交
-
-
由 Piotr Sikora 提交于
PR#3106
-
- 07 10月, 2013 1 次提交
-
-
由 Ben Laurie 提交于
-
- 19 8月, 2013 1 次提交
-
-
由 Dr. Stephen Henson 提交于
(cherry picked from commit 90e7f983b573c3f3c722a02db4491a1b1cd87e8c)
-
- 28 3月, 2013 1 次提交
-
-
由 Dr. Stephen Henson 提交于
(cherry picked from commit 944bc29f9004cf8851427ebfa83ee70b8399da57)
-
- 20 1月, 2013 1 次提交
-
-
由 Andy Polyakov 提交于
Submitted by: Pierre Delaage
-
- 18 1月, 2013 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 07 12月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Just a sample, real world applications would have to be cleverer.
-
- 03 12月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 02 12月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 08 10月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
certificate. Add options to s_client, s_server and x509 utilities to print results of checks.
-
- 04 6月, 2012 1 次提交
-
-
由 Ben Laurie 提交于
-
- 30 4月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
OPENSSL_NO_SSL_INTERN all ssl related structures are opaque and internals cannot be directly accessed. Many applications will need some modification to support this and most likely some additional functions added to OpenSSL. The advantage of this option is that any application supporting it will still be binary compatible if SSL structures change.
-
- 06 9月, 2010 1 次提交
-
-
由 Ben Laurie 提交于
-
- 28 7月, 2010 1 次提交
-
-
由 Ben Laurie 提交于
-
- 14 3月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 12 3月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 31 10月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
load_crls and tidy up load_certs. Remove useless purpose variable from verify utility: now done with args_verify.
-
- 01 10月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: steve@openssl.org Add support for custom headers in OCSP requests.
-
- 05 8月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 28 7月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 25 11月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 16 11月, 2008 1 次提交
-
-
由 Ben Laurie 提交于
-