summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Expand M_ASN1_new_of and M_ASN1_free_of macros.jsing2019-08-119-39/+39
|
* Use arc4random_buf() instead of RAND_bytes().jsing2019-08-113-12/+8
| | | | This also removes return checks since arc4random_buf() does not fail.
* Include string.h for memcmp()/memcpy().jsing2019-08-115-5/+15
|
* Use freezero() rather than OPENSSL_clear_free().jsing2019-08-115-15/+15
|
* Use explicit_bzero() instead of OPENSSL_cleanse().jsing2019-08-112-5/+5
|
* Use malloc(3) and free(3), rather than OPENSSL_{malloc,free}().jsing2019-08-116-33/+33
|
* Convert CMSerr() to CMSerror().jsing2019-08-1111-240/+191
|
* Switch ASN.1 INT32 back to LONG.jsing2019-08-112-28/+28
|
* Expand a new macro that tried to get away...jsing2019-08-111-2/+8
|
* Expand ASN.1 macros.jsing2019-08-118-273/+1544
|
* We use DECLARE_STACK_OF rather than DEFINE_STACK_OF.jsing2019-08-112-7/+7
|
* Unlike OpenSSL we do not have our own special ssize_t.jsing2019-08-113-9/+9
|
* Re-convert and re-import the CMS manual pages from OpenSSL 1.1.1schwarze2019-08-1021-0/+3388
| | | | | | | (which are still under a free license) with pod2mdoc(1) now that jsing@ has begun work to provide these APIs. Some formatting was improved and some typos were fixed, but apart from that, little was changed, so there is still much to polish.
* Fix style(9) and whitespace.jsing2019-08-101-210/+205
|
* More style(9) and whitespace.jsing2019-08-101-335/+294
|
* More style(9), whitespace and readability fixes.jsing2019-08-1014-675/+903
| | | | Files are identical once whitespace and newlines are removed.
* First pass at style(9).jsing2019-08-1014-4174/+4174
| | | | Whitespace only and no change according to diff -w.
* Fix includes for non-installed headers.jsing2019-08-109-25/+25
|
* Include cms.h instead of cmserr.h.jsing2019-08-101-2/+2
|
* Add $OpenBSD$ tag.jsing2019-08-101-0/+1
|
* Restore the per-file license for cms.h.jsing2019-08-101-5/+49
| | | | | This reverts the removal from OpenSSL 21dcbebc6e35419f1842f39a125374ea1ba45693.
* Provide cms.h.jsing2019-08-101-0/+515
| | | | | This is OpenSSL 1.1.1 cms.h and cmserr.h combined, essentially reverting OpenSSL 52df25cf2e656146cb3b206d8220124f0417d03f.
* Add $OpenBSD$ tags.jsing2019-08-1015-0/+15
|
* Restore the original per-file licenses for CMS.jsing2019-08-1014-70/+686
| | | | These were removed in OpenSSL b1322259d93cf6b6286f9febcd468b6a9f577d91.
* Work towards supporting Cryptographic Message Syntax (CMS) in libcrypto.jsing2019-08-1015-0/+6172
| | | | | | | | | | | | | | | | Cryptographic Message Syntax (CMS) is a standard for cryptographically protecting messages, as defined in RFC 5652. It is derived from PKCS #7 version 1.5 and utilises various ASN.1 structures, making it complex and fairly heavyweight. Various protocols - including RPKI (RFC 6480) - have been built on top of it, which means it is necessary to support CMS, in order to support RPKI. This imports around 6,000 lines of code from OpenSSL 1.1.1, which is still under the original OpenSSL license. Further work will occur in tree. Requested by and discussed with many. ok deraadt@ tb@
* added /* no filesystem visibility */ above unveil("/", "") since "" is too easymestre2019-08-081-1/+2
| | | | | | to misread. as per suggestion by and OK deraadt@
* Remove -port option from s_server since it is same as -acceptinoguchi2019-08-051-4/+3
| | | | ok schwarze@
* correct mispellings of EACCES; from Kris Katterjohnlibressl-v3.0.0deraadt2019-07-291-3/+3
|
* Make proxy auth work with http 1.1 speaking webservers.benno2019-07-291-2/+3
| | | | | Diff from Alexander Koeppe format_c -AT- online -DOT- de, thanks. ok deraadt@
* Moving variables into struct in openssl(1) dgstinoguchi2019-07-291-86/+99
| | | | | | | | First step to adapt openssl(1) dgst command to new option handling. There is no functional changes by this diff, and just moving variables into dgst_config struct. ok bcook@
* Code clean up openssl(1) pkcs12inoguchi2019-07-261-61/+86
| | | | | | - Add a space before 'export_end:' - Remove space after '*' - Wrap lines by 80 columns
* Remove unnecessary NULL checks before free in openssl(1) pkcs12inoguchi2019-07-261-14/+7
| | | | ok bcook@ tb@
* remove superfluous commentbcook2019-07-251-2/+1
|
* zero tmpkeyiv buffer after use when encryptingbcook2019-07-251-2/+4
| | | | from Steven Roberts
* Capitalize cipher name and mode in help message as sync with pkcs12inoguchi2019-07-242-20/+20
|
* Convert openssl(1) pkcs12 to the newer style of option handlinginoguchi2019-07-241-214/+409
| | | | | | | | Adapt openssl(1) pkcs12 command to new option handling. Added pkcs12_options struct, and replaced for-if-strcmp handling with options_parse(). ok and comments jsing@
* Moving variables into struct in openssl(1) pkcs12inoguchi2019-07-231-125/+136
| | | | | | | | | First step to adapt openssl(1) pkcs12 command to new option handling. There is no functional changes by this diff, and just moving variables into pkcs12_config struct. I still keep long lines more than 80 for this review to minimize diffs. ok jsing@ tb@
* Update appstest.shinoguchi2019-07-171-6/+4
| | | | | - Add -modulus for dsa sub command - Remove -nextprotoneg
* Fix long line by wrapping with 80 charsinoguchi2019-07-161-6/+9
|
* Move option handlers up to option definition struct in gendsa.cinoguchi2019-07-161-53/+50
| | | | | As we did in other openssl sub command, move up option handlers above option definition struct. No functional changes and just move up and remove prototype.
* Fix typo and -keyform argument in openssl(1) manualinoguchi2019-07-161-6/+8
| | | | | | - s/outputed/outputted/ - s/trused/trusted/ - add der as argument and describe pem is the default
* Mark the initialized struct options arrays as both static and const.guenther2019-07-1434-71/+71
| | | | | | This moves them from .data to .data.rel.ro ok deraadt@ inoguchi@
* explain the acronym "CRT"; suggested by tb@schwarze2019-07-132-6/+8
|
* Fix manual openssl(1) s_serverinoguchi2019-07-121-18/+94
| | | | | | | | | | | | | | | | | | | - Add undocumented options below. -alpn, -cert2, -certform, -dcertform, -dkeyform, -dpass, -dtls1, -key2, -keyform, -keymatexport, -keymatexportlen, -mtu, -named_curve, -no_cache, -no_ecdhe, -no_ticket, -pass, -port, -servername, -servername_fatal, -status, -status_timeout, -status_url, -status_verbose, -timeout, -tlsextdebug, -use_srtp, -verify_return_error - Remove -hack, -psk and -psk_hint since not exist in source code. I didn't add these 5 options since these were no-op. -chain, -legacy_renegotiation, -nextprotoneg, -no_comp, -no_ssl2 This option was removed from manual in the past. -no_ssl3 ok and suggestions from jmc@
* Using pthread_atfork instead of __register_atfork with uClibc on noMMUinoguchi2019-07-111-2/+2
| | | | | | | | uClibc on noMMU doesn't provide __register_atfork(). Reported by redbirdtek on Github issue. https://github.com/libressl-portable/portable/issues/538 ok bcook@
* Fix manual openssl(1) s_clientinoguchi2019-07-111-14/+80
| | | | | | | | | | | | | | | | | | - Add undocumented options below. -alpn, -certform, -dtls1, -host, -keyform, -keymatexport, -keymatexportlen, -legacy_server_connect, -mtu, -no_ign_eof, -no_legacy_server_connect, -pass -port, -serverpref, -sess_in, -sess_out, -status, -timeout, -use_srtp, -verify_return_error - Remove -psk and -psk_identity since not exist in source code. I didn't add these 4 options since these were no-op. -nextprotoneg, -legacy_renegotiation, -no_comp, -no_ssl2 This option was removed from manual in the past. -no_ssl3 ok jmc@
* Add missing option openssl dsa -modulusinoguchi2019-07-101-2/+8
| | | | ok bcook@ jsing@
* Group tls_{handshake,read,write,close}() return values documentation.jsing2019-07-091-21/+21
| | | | | | | | | | Move the documentation for tls_error() down so that both the special return values for tls_{handshake,read,write,close}() directly follow the standard return values for the same functions. Prompted by deraadt@. ok deraadt@ schwarze@
* Fix manual openssl(1) genrsainoguchi2019-07-091-6/+14
| | | | | | Add missing -camellia*/-idea description to genrsa section. ok jmc@
* Convert openssl(1) genrsa to the newer style of option handlinginoguchi2019-07-091-70/+183
| | | | ok tb@ jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 15:54:00 +0000