- 11 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
The s_client/s_server docs were missing documentation for this option. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6215)
-
- 20 3月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5689)
-
- 14 3月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5392)
-
- 30 11月, 2017 1 次提交
-
-
由 Todd Short 提交于
IFF the client has ChaCha first, and server cipher priority is used, and the new SSL_OP_PRIORITIZE_CHACHA_FOR_MOBILE option is used, then reprioritize ChaCha above everything else. This way, A matching ChaCha cipher will be selected if there is a match. If no ChaCha ciphers match, then the other ciphers are used. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4436)
-
- 19 10月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Add openssl-foo as a name for the openssl "foo" command. Addresses an issue found by a usability study to be published. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4553)
-
- 17 7月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Standardized the -rand flag and added a new one: -rand file... Always reads the specified files -writerand file Always writes to the file on exit For apps that use a config file, the RANDFILE config parameter reads the file at startup (to seed the RNG) and write to it on exit if the -writerand flag isn't used. Ensured that every app that took -rand also took -writerand, and made sure all of that agreed with all the documentation. Fix error reporting in write_file and -rand Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/3862)
-
- 07 7月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Also the associated configuration parameters and command line switches. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3833)
-
- 17 6月, 2017 1 次提交
-
-
由 Paul Yang 提交于
This applies both to s_client and s_server app. Reaction to Issue #3665. Signed-off-by: NPaul Yang <paulyang.inf@gmail.com> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3697)
-
- 09 6月, 2017 2 次提交
-
-
由 Benjamin Kaduk 提交于
Modern browsers are now, well, pretty modern. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3644)
-
由 Matt Caswell 提交于
List the options in the same order and in the same style as the output from "openssl s_server -help" Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3628)
-
- 06 6月, 2017 2 次提交
-
-
由 Rich Salz 提交于
Document that -psk is required to use PSK cipher [skip ci] Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3607)
-
由 Daniel Kahn Gillmor 提交于
s_server has traditionally been very brittle in PSK mode. If the client offered any PSK identity other than "Client_identity" s_server would simply abort. This is breakage for breakage's sake, and unlike most other parts of s_server, which tend to allow more flexible connections. This change accomplishes two things: * when the client's psk_identity does *not* match the identity expected by the server, just warn, don't fail. * allow the server to expect instead a different psk_identity from the client besides "Client_identity" Signed-off-by: NDaniel Kahn Gillmor <dkg@fifthhorseman.net> Reviewed-by: NBen Kaduk <kaduk@mit.edu> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3605)
-
- 28 4月, 2017 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3141)
-
- 25 4月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3305)
-
- 30 3月, 2017 1 次提交
-
-
由 Pauli 提交于
Fix capitilistion of list items. Wrap long lines. Add full stops to the ends of sentances. Change ciphersuite to cipher suite in all of doc. [skip ci] Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3082)
-
- 29 3月, 2017 1 次提交
-
-
由 Steven Collison 提交于
These were added to the help in ad775e04 but not the pods. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3065)
-
- 18 3月, 2017 1 次提交
-
-
由 Peter Wu 提交于
Add it in the options section, not the "Connected commands" section. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2977)
-
- 03 3月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
- 22 2月, 2017 1 次提交
-
-
由 Dmitry Belyavskiy 提交于
commands. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2695)
-
- 08 2月, 2017 1 次提交
-
-
由 Peter Wu 提交于
The server and client demos (s_client and s_server) are extended with a -keylogfile option. This is similar as setting the SSLKEYLOGFILE environment variable for NSS and creates a keylog file which is suitable for Wireshark. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2343)
-
- 23 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Current s_server can only get an OCSP Response from an OCSP responder. This provides the capability to instead get the OCSP Response from a DER encoded file. This should make testing of OCSP easier. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 13 11月, 2016 1 次提交
-
-
由 EasySec 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1837)
-
- 02 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Includes addition of the various options to s_server/s_client. Also adds one of the new TLS1.3 ciphersuites. This isn't "real" TLS1.3!! It's identical to TLS1.2 apart from the protocol and the ciphersuite...and the ciphersuite is just a renamed TLS1.2 one (not a "real" TLS1.3 ciphersuite). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 27 10月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Move manpages to manX directories Add Windows/VMS install fix from Richard Levitte Update README Fix typo's Remove some duplicates Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 21 9月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 15 9月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Where -curves, etc., are defined: SSL_CONF_cmd Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 08 6月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1189)
-
- 21 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Fix some code examples, trailing whitespace Fix TBA sections in verify, remove others. Remove empty sections Use Mixed Case not ALL CAPS in head2 Enhance doc-nits script. Remove extra =cut line Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 20 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Add doc-nit-check to help find future issues. Make podchecker be almost clean. Remove trailing whitespace. Tab expansion Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 19 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 03 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Date: Tue Mar 15 15:19:44 2016 +0100 This commit updates the documentation of cms, ocsp, s_client, s_server, and verify to reflect the new "-no_check_time" option introduced in commit d35ff2c0 on 2015-07-31. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 03 4月, 2016 1 次提交
-
-
由 Viktor Dukhovni 提交于
A new X509_VERIFY_PARAM_set_auth_level() function sets the authentication security level. For verification of SSL peers, this is automatically set from the SSL security level. Otherwise, for now, the authentication security level remains at (effectively) 0 by default. The new "-auth_level" verify(1) option is available in all the command-line tools that support the standard verify(1) options. New verify(1) tests added to check enforcement of chain signature and public key security levels. Also added new tests of enforcement of the verify_depth limit. Updated documentation. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 20 3月, 2016 1 次提交
-
-
由 Alex Gaynor 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 08 3月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Document the new split_send_frag, max_pipelines and read_buf options. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 24 2月, 2016 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 11 2月, 2016 1 次提交
-
-
由 Viktor Dukhovni 提交于
This was a developer debugging feature and was never a useful public interface. Added all missing X509 error codes to the verify(1) manpage, but many still need a description beyond the associated text string. Sorted the errors in x509_txt.c by error number. Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 06 2月, 2016 2 次提交
-
-
由 A J Mohan Rao 提交于
Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Viktor Dukhovni 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 15 12月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
s_server was trying to set the ECDH curve when no-ec was defined. This also highlighted the fact that the -no_ecdhe option to s_server is broken, and doesn't make any sense any more (ECDHE is on by default and the only way it can be disabled is through the cipherstring). Therefore this commit removes the option. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-