openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Check CMS API return value in openssl(1) cms	inoguchi	2020-01-04	1	-11/+21
\| \| \| \|	ok jsing@
*	More return value check in openssl(1) cms	inoguchi	2019-11-19	1	-23/+29
\| \| \| \| \| \|	Checking return value of sk_.*_new_null(). ok beck@ jsing@
*	Remove typedef and check sk_push return value in openssl(1) cms	inoguchi	2019-11-18	1	-23/+33
\| \| \| \| \| \| \| \|	- Remove typedef and use 'struct cms_key_param' instead - Check return value of sk_X509_push and sk_OPENSSL_STRING_push - Add a blank line to separate variable declarations from code comments from jsing@
*	Add -keyopt opiton to openssl(1) cms subcommand	inoguchi	2019-11-18	1	-8/+128
\| \| \| \| \| \| \|	This provides rsa_padding_mode:oaep for cms -encrypt, and rsa_padding_mode:pss for cms -sign. ok jsing@
*	Indent labels for diffability.	jsing	2019-11-04	1	-5/+5
\|
*	Remove spaces between * and variable names.	jsing	2019-11-04	1	-25/+25
\|
*	Remove explicit NULL checks before *_free() calls.	jsing	2019-11-04	1	-21/+14
\|
*	Currently we need to include pem.h before cms.h...	jsing	2019-11-04	1	-2/+3
\|
*	Remove engine argument from load_cert() calls.	jsing	2019-11-04	1	-8/+8
\| \| \| \|	This was cleaned up after cms went to the attic.
*	Bring openssl(1) cms back from the attic.	jsing	2019-11-04	1	-0/+1142
\|
*	bye bye cms. send it to the attic	beck	2016-09-04	1	-1142/+0
\| \| \| \|	ok jsing@
*	Exit if a pledge call fails in non-interactive mode.	doug	2015-10-17	1	-2/+4
\| \| \| \|	ok semarie@
*	add "tty" for several subcommands of openssl	semarie	2015-10-17	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \|	it is needed in order to let libssl UI_* function plays with echo on/off when asking for password on terminal. passwd subcommand needs additionnal "wpath cpath" in order to let it calls fopen("/dev/tty", "w") (O_WRONLY with O_CREAT \| O_TRUNC). problem reported by several with and ok doug@
*	Initial support for pledges in openssl(1) commands.	doug	2015-10-10	1	-1/+6
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands. We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command. This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options. deraadt@ and beck@ are roughly fine with this approach.
*	Remove engine command and parameters from openssl(1).	bcook	2015-09-11	1	-19/+2
\| \| \| \| \| \| \|	We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all. ok jsing@
*	Remove all duplicate prototypes for *_main functions (these are already	jsing	2015-08-22	1	-3/+1
\| \| \| \| \| \| \| \| \|	provided by progs.h). Also, move the FUNCTION type (and flags) into openssl.c since that is the only place of use. Lastly, remove pointless 'extern' from the prototypes and use char *argv instead of char argv[] (the former is used elsewhere). ok deraadt@ doug@
*	Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not	jsing	2014-08-26	1	-0/+1154
	a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl. ok deraadt@ miod@