- 23 5月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Given the pervasive nature of TLS extensions it is inadvisable to run OpenSSL without support for them. It also means that maintaining the OPENSSL_NO_TLSEXT option within the code is very invasive (and probably not well tested). Therefore it is being removed. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 09 5月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add SSL_use_certiicate_chain file functions: this is works the same way as SSL_CTX_use_certificate_chain_file but for an SSL structure. Update SSL_CONF code to use the new function. Update docs. Update ordinals. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 07 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
For the various string-compare routines (strcmp, strcasecmp, str.*cmp) use "strcmp()==0" instead of "!strcmp()" Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 06 5月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add command line switch entries to table and return SSL_CONF_TYPE_NONE for them in SSL_CONF_cmd_value_type. Update docs. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 05 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 03 5月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add OSSL_NELEM macro to e_os.h to determine the number of elements in an array. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 01 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Don't check for NULL before calling OPENSSL_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 25 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This is merges the old "rsalz-monolith" branch over to master. The biggest change is that option parsing switch from cascasding 'else if strcmp("-foo")' to a utility routine and somethin akin to getopt. Also, an error in the command line no longer prints the full summary; use -help (or --help :) for that. There have been many other changes and code-cleanup, see bullet list below. Special thanks to Matt for the long and detailed code review. TEMPORARY: For now, comment out CRYPTO_mem_leaks() at end of main Tickets closed: RT3515: Use 3DES in pkcs12 if built with no-rc2 RT1766: s_client -reconnect and -starttls broke RT2932: Catch write errors RT2604: port should be 'unsigned short' RT2983: total_bytes undeclared #ifdef RENEG RT1523: Add -nocert to fix output in x509 app RT3508: Remove unused variable introduced by b09eb246 RT3511: doc fix; req default serial is random RT1325,2973: Add more extensions to c_rehash RT2119,3407: Updated to dgst.pod RT2379: Additional typo fix RT2693: Extra include of string.h RT2880: HFS is case-insensitive filenames RT3246: req command prints version number wrong Other changes; incompatibilities marked with *: Add SCSV support Add -misalign to speed command Make dhparam, dsaparam, ecparam, x509 output C in proper style Make some internal ocsp.c functions void Only display cert usages with -help in verify Use global bio_err, remove "BIO*err" parameter from functions For filenames, - always means stdin (or stdout as appropriate) Add aliases for -des/aes "wrap" ciphers. *Remove support for IISSGC (server gated crypto) *The undocumented OCSP -header flag is now "-header name=value" *Documented the OCSP -header flag Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 25 3月, 2015 3 次提交
-
-
由 Rich Salz 提交于
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free BIO_free BIO_free_all BIO_vfree Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Support loading of key and certificate from the same file if SSL_CONF_FLAG_REQUIRE_PRIVATE is set. This is done by remembering the filename used for each certificate type and attempting to load a private key from the file when SSL_CONF_CTX_finish is called. Update docs. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Start ensuring all OpenSSL "free" routines allow NULL, and remove any if check before calling them. This gets DH_free, DSA_free, RSA_free Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 11 3月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Suggested by John Foley <foleyj@cisco.com>. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 24 1月, 2015 1 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 22 1月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 16 12月, 2014 1 次提交
-
-
由 Kurt Roeckx 提交于
RT#3625 Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 04 12月, 2014 1 次提交
-
-
由 Kurt Roeckx 提交于
The only support for SSLv2 left is receiving a SSLv2 compatible client hello. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 28 3月, 2014 1 次提交
-
-
由 Dr. Stephen Henson 提交于
(cherry picked from commit 1f44dac24d1cb752b1a06be9091bb03a88a8598e)
-
- 04 1月, 2014 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 14 11月, 2013 1 次提交
-
-
由 Krzysztof Kwiatkowski 提交于
PR#3172
-
- 02 11月, 2013 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Add -ecdh_single option to set SSL_OP_SINGLE_ECDH_USE on the command line. (cherry picked from commit f14a4a861d2d221ed565a75441a218f85b8db530)
-
由 Dr. Stephen Henson 提交于
-
- 22 10月, 2013 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 21 10月, 2013 3 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
Extend SSL_CONF to return command value types. Add certificate and key options. Update documentation.
-
由 Dr. Stephen Henson 提交于
-
- 18 8月, 2013 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 07 12月, 2012 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 02 12月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 22 11月, 2012 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 19 11月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 17 11月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-