- 19 10月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
In apps/apps.c, one can set up an engine with setup_engine(). However, we freed the structural reference immediately, which means that for engines that don't already have a structural reference somewhere else (because it's a built in engine), we end up returning an invalid reference. Instead, the function release_engine() is added, and called at the end of the routines that call setup_engine(). Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1643)
-
- 15 10月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1694)
-
- 16 6月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NStephen Henson <steve@openssl.org> Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 06 4月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Move rsa_st away from public headers. Add accessor/writer functions for the public RSA data. Adapt all other source to use the accessors and writers. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 10 2月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This also closes RT 4123 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 07 1月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 10 11月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
continue on from previous commits but in the apps directory Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 13 10月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Loading the config file after processing command line options can cause problems, e.g. where an engine provides new ciphers/digests these are not then recoginised on the command line. Move the default config file loading to before the command line option processing. Whilst we're doing this we might as well centralise this instead of doing it individually for each application. Finally if we do it before the OpenSSL_add_ssl_algorithms() call then ciphersuites provided by an engine (e.g. GOST) can be available to the apps. RT#4085 RT#4086 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 06 9月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
The different apps had the liberty to decide whether they would open their input and output files in binary mode or not, which could be confusing if two different apps were handling the same type of file in different ways. The solution is to centralise the decision of low level file organisation, and that the apps would use a selection of formats to state the intent of the file. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 31 7月, 2015 1 次提交
-
-
由 Adam Eijdenberg 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 16 6月, 2015 1 次提交
-
-
由 Rich Salz 提交于
When generating a private key, try to make the output file be readable only by the owner. Put it in CHANGES file since it might be noticeable. Add "int private" flag to apps that write private keys, and check that it's set whenever we do write a private key. Checked via assert so that this bug (security-related) gets fixed. Thanks to Viktor for help in tracing the code-paths where private keys are written. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 29 5月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
The module loading feature got broken a while ago, so restore it, but have it a bit more explicit this time around. Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 02 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
After the finale, the "real" final part. :) Do a recursive grep with "-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are an "if NULL" check that can be removed. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 01 5月, 2015 2 次提交
-
-
由 Rich Salz 提交于
Don't check for NULL before calling OPENSSL_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
This gets BN_.*free: BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd dead code in engines/e_ubsec. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 26 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Make setup_engine be a dummy if NO_ENGINE is enabled. The option is not enabled if NO_ENGINE is enabled, so the one "wasted" variable just sits there. Removes some variables and code. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 25 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This is merges the old "rsalz-monolith" branch over to master. The biggest change is that option parsing switch from cascasding 'else if strcmp("-foo")' to a utility routine and somethin akin to getopt. Also, an error in the command line no longer prints the full summary; use -help (or --help :) for that. There have been many other changes and code-cleanup, see bullet list below. Special thanks to Matt for the long and detailed code review. TEMPORARY: For now, comment out CRYPTO_mem_leaks() at end of main Tickets closed: RT3515: Use 3DES in pkcs12 if built with no-rc2 RT1766: s_client -reconnect and -starttls broke RT2932: Catch write errors RT2604: port should be 'unsigned short' RT2983: total_bytes undeclared #ifdef RENEG RT1523: Add -nocert to fix output in x509 app RT3508: Remove unused variable introduced by b09eb246 RT3511: doc fix; req default serial is random RT1325,2973: Add more extensions to c_rehash RT2119,3407: Updated to dgst.pod RT2379: Additional typo fix RT2693: Extra include of string.h RT2880: HFS is case-insensitive filenames RT3246: req command prints version number wrong Other changes; incompatibilities marked with *: Add SCSV support Add -misalign to speed command Make dhparam, dsaparam, ecparam, x509 output C in proper style Make some internal ocsp.c functions void Only display cert usages with -help in verify Use global bio_err, remove "BIO*err" parameter from functions For filenames, - always means stdin (or stdout as appropriate) Add aliases for -des/aes "wrap" ciphers. *Remove support for IISSGC (server gated crypto) *The undocumented OCSP -header flag is now "-header name=value" *Documented the OCSP -header flag Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 25 3月, 2015 2 次提交
-
-
由 Rich Salz 提交于
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free BIO_free BIO_free_all BIO_vfree Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Rich Salz 提交于
Start ensuring all OpenSSL "free" routines allow NULL, and remove any if check before calling them. This gets DH_free, DSA_free, RSA_free Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 22 1月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 13 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This last one for this ticket. Removes WIN16. So long, MS_CALLBACK and MS_FAR. We won't miss you. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 19 12月, 2014 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 11 12月, 2014 1 次提交
-
-
由 Rich Salz 提交于
I also replaced some exit/return wrappers in various programs (from main) to standardize on return. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 09 12月, 2014 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 09 9月, 2014 1 次提交
-
-
由 Kurt Roeckx 提交于
This is a more comprehensive fix. It changes all keygen apps to use 2K keys. It also changes the default to use SHA256 not SHA1. This is from Kurt's upstream Debian changes. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 08 1月, 2013 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 24 4月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 01 3月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 07 4月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 24 4月, 2007 1 次提交
-
-
由 Bodo Möller 提交于
PR: 1503 Submitted by: KISA Reviewed by: Bodo Moeller
-
- 09 6月, 2006 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Masashi Fujita Reviewed by: Bodo Moeller
-
- 16 7月, 2005 1 次提交
-
-
由 Nils Larsch 提交于
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa] make depend all test work again PR: 1159
-
- 26 4月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
proposed the change and submitted the patch, I jiggled it slightly and adjusted the other parts of openssl that were affected. PR: 867 Submitted by: Jelte Jansen Reviewed by: Geoff Thorpe
-
- 29 10月, 2003 1 次提交
-
-
由 Geoff Thorpe 提交于
and links with OPENSSL_NO_DEPRECATED defined.
-
- 31 1月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
PR: 287
-
- 08 12月, 2002 1 次提交
-
-
由 Geoff Thorpe 提交于
being built with it defined - it is not a symbol to affect how openssl itself builds, but to alter the way openssl headers can be used from an API point of view. The "deprecated" function wrappers will always remain inside OpenSSL at least as long as they're still being used internally. :-) The exception is dsaparam which has been updated to the BN_GENCB-based functions to test the new functionality. If GENCB_TEST is defined, dsaparam will support a "-timebomb <n>" switch to cancel parameter-generation if it gets as far as 'n' seconds without completion.
-
- 04 12月, 2002 1 次提交
-
-
由 Richard Levitte 提交于
exit() in whatever way works for the intended platform, and define OPENSSL_EXIT() to have the old meaning (the name is of course because it's only used in the openssl program)
-
- 22 2月, 2002 1 次提交
-
-
由 Dr. Stephen Henson 提交于
CONF_modules_unload() now calls CONF_modules_finish() automatically. Default use of section openssl_conf moved to CONF_modules_load() Load config file in several openssl utilities. Most utilities now load modules from the config file, though in a few (such as version) this isn't done because it couldn't be used for anything. In the case of ca and req the config file used is the same as the utility itself: that is the -config command line option can be used to specify an alternative file.
-
- 21 2月, 2002 1 次提交
-
-
由 Richard Levitte 提交于
-