- 15 1月, 2018 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5072)
-
- 08 9月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
If an alert gets sent and then we close the connection immediately with data still in the input buffer then a TCP-RST gets sent. Some OSs immediately abandon data in their input buffer if a TCP-RST is received - meaning the alert data itself gets ditched. Sending a TCP-FIN before the TCP-RST seems to avoid this. This was causing test failures in MSYS2 builds. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4333)
-
- 23 8月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Remove GETPID_IS_MEANINGLESS and osslargused. Move socket-related things to new file internal/sockets.h; this is now only needed by four(!!!) files. Compiles should be a bit faster. Remove USE_SOCKETS ifdef's Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4209)
-
- 17 7月, 2017 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3948)
-
- 26 6月, 2017 1 次提交
-
-
由 Paul Yang 提交于
BIO_sock_init returns '-1' on error, not '0', so it's needed to check explicitly istead of using '!'. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/3766)
-
- 25 4月, 2017 3 次提交
-
-
由 Matt Caswell 提交于
We were incorrectly using "res" when we meant "ai" Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3286)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3286)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3286)
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 04 5月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
The init_client() function in the apps sets up the client connection. It may try multiple addresses until it finds one that works. We should clear the error queue if we eventually get a successful connection because otherwise we get stale errors hanging around. This can cause problems in subsequent calls to SSL_get_error(), i.e. non-fatal NBIO events appear as fatal. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 22 3月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Misc fixes for no-sock Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 08 3月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This replaces SHUTDOWN/SHUTDOWN2 with BIO_closesocket. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 25 2月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 23 2月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 11 2月, 2016 3 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
由 Richard Levitte 提交于
Because some platforms won't will in any value in ai_protocol, there's no point using it if we already know what it should be. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
It seems that some platforms' getaddrinfo don't fill in the ai_protocol field properly. On those, the assertion 'protocol == BIO_ADDRINFO_protocol(res)' will fail. Best to remove it. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 04 2月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
s_socket.c gets brutally cleaned out and now consists of only two functions, one for client and the other for server. They both handle AF_INET, AF_INET6 and additionally AF_UNIX where supported. The rest is just easy adaptation. Both s_client and s_server get the new flags -4 and -6 to force the use of IPv4 or IPv6 only. Also, the default host "localhost" in s_client is removed. It's not certain that this host is set up for both IPv4 and IPv6. For example, Debian has "ip6-localhost" as the default hostname for [::1]. The better way is to default |host| to NULL and rely on BIO_lookup() to return a BIO_ADDRINFO with the appropriate loopback address for IPv4 or IPv6 as indicated by the |family| parameter. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 17 12月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} Add #define's for the old names. Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 05 10月, 2015 1 次提交
-
-
由 Andy Polyakov 提交于
Even though SOCKET is effectively declared as (void *) on Windows, it's not actually a pointer, but an index within per-process table of kernel objects. The table size is actually limited and its upper limit is far below upper limit for signed 32-bit integer. This is what makes cast in question possible. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 10 6月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Except for VMS startup code. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 06 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr) for memset and memcpy. Remove needless casts for those functions. For memset, replace alternative forms of zero with 0. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 05 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 01 5月, 2015 2 次提交
-
-
由 Rich Salz 提交于
Don't check for NULL before calling OPENSSL_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
No point in proceeding if you're out of memory. So change *all* OPENSSL_malloc calls in apps to use the new routine which prints a message and exits. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 29 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Following ANSI C rules, remove the casts from calls to OPENSSL_malloc and OPENSSL_realloc. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 25 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This is merges the old "rsalz-monolith" branch over to master. The biggest change is that option parsing switch from cascasding 'else if strcmp("-foo")' to a utility routine and somethin akin to getopt. Also, an error in the command line no longer prints the full summary; use -help (or --help :) for that. There have been many other changes and code-cleanup, see bullet list below. Special thanks to Matt for the long and detailed code review. TEMPORARY: For now, comment out CRYPTO_mem_leaks() at end of main Tickets closed: RT3515: Use 3DES in pkcs12 if built with no-rc2 RT1766: s_client -reconnect and -starttls broke RT2932: Catch write errors RT2604: port should be 'unsigned short' RT2983: total_bytes undeclared #ifdef RENEG RT1523: Add -nocert to fix output in x509 app RT3508: Remove unused variable introduced by b09eb246 RT3511: doc fix; req default serial is random RT1325,2973: Add more extensions to c_rehash RT2119,3407: Updated to dgst.pod RT2379: Additional typo fix RT2693: Extra include of string.h RT2880: HFS is case-insensitive filenames RT3246: req command prints version number wrong Other changes; incompatibilities marked with *: Add SCSV support Add -misalign to speed command Make dhparam, dsaparam, ecparam, x509 output C in proper style Make some internal ocsp.c functions void Only display cert usages with -help in verify Use global bio_err, remove "BIO*err" parameter from functions For filenames, - always means stdin (or stdout as appropriate) Add aliases for -des/aes "wrap" ciphers. *Remove support for IISSGC (server gated crypto) *The undocumented OCSP -header flag is now "-header name=value" *Documented the OCSP -header flag Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 22 1月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
This should be a one off operation (subsequent invokation of the script should not move them) Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 13 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This last one for this ticket. Removes WIN16. So long, MS_CALLBACK and MS_FAR. We won't miss you. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 31 12月, 2014 1 次提交
-
-
由 Tim Hudson 提交于
indent will not alter them when reformatting comments Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 23 12月, 2014 1 次提交
-
-
由 Rich Salz 提交于
This commit removes MPE/iX Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 09 8月, 2014 2 次提交
- 09 5月, 2014 3 次提交
-
-
由 Geoff Thorpe 提交于
The "-unix <path>" argument allows s_server and s_client to use a unix domain socket in the filesystem instead of IPv4 ("-connect", "-port", "-accept", etc). If s_server exits gracefully, such as when "-naccept" is used and the requested number of SSL/TLS connections have occurred, then the domain socket file is removed. On ctrl-C, it is likely that the stale socket file will be left over, such that s_server would normally fail to restart with the same arguments. For this reason, s_server also supports an "-unlink" option, which will clean up any stale socket file before starting. If you have any reason to want encrypted IPC within an O/S instance, this concept might come in handy. Otherwise it just demonstrates that there is nothing about SSL/TLS that limits it to TCP/IP in any way. (There might also be benchmarking and profiling use in this path, as unix domain sockets are much lower overhead than connecting over local IP addresses). Signed-off-by: NGeoff Thorpe <geoff@openssl.org>
-
由 Tim Hudson 提交于
-
由 Tim Hudson 提交于
-
- 26 4月, 2014 1 次提交
-
-
由 Geoff Thorpe 提交于
There are certainly many more constifiable strings in the various interfaces, which I hope to get to eventually. Signed-off-by: NGeoff Thorpe <geoff@openssl.org>
-
- 26 3月, 2013 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add correct flags for DTLS 1.2, update s_server and s_client to handle DTLS 1.2 methods. Currently no support for version negotiation: i.e. if client/server selects DTLS 1.2 it is that or nothing.
-
- 19 11月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-