summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl/s_cb.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge s_apps.h into apps.htb2025-01-021-3/+1
| | | | discussed with jsing
* Drop policy printing from openssltb2023-04-141-4/+1
| | | | | | | | | | | | Nothing really uses the policy tree. It's desgined with built-in DoS capabilities directly from the RFC. It will be removed from the attack surface and replaced with something equivalent that doesn't grow exponentially with the depth. This removes the only reason the policy tree itself ever leaked out of the library. ok jsing
* Check return values in ssl_print_tmp_key()tb2022-08-311-4/+9
| | | | | | | | | | Use EVP_PKEY_get0_EC_KEY() instead of the get1 version to avoid an EVP_PKEY_free(). Check return values: if either EVP_PKEY_get0_EC_KEY() or EC_KEY_get0_group() fail, a NULL dereference occurs. CID 43289 ok jsing
* Check HMAC() return value to avoid a later use of uninitializedtb2022-08-301-3/+7
| | | | CID 25421
* Unindent and unwrap lines. Pull up a NULL check. No functional change.tb2022-02-031-28/+26
|
* Remove commented variable declarationstb2022-02-031-6/+1
|
* Remove some stale comments.tb2022-02-031-21/+1
| | | | ok jsing
* Show DTLS1.2 message with openssl(1) s_server and s_clientinoguchi2021-04-021-2/+6
| | | | ok jsing@ tb@
* Display TLSv1.3 extension type with openssl(1) -tlsextdebuginoguchi2020-04-261-7/+49
| | | | | | | | Add TLSv1.3 extension type, and sort by the definition order in tls1.h. This helps that openssl(1) s_server and s_client with -tlsextdebug displays the TLS extension type instead of "unknown". ok beck@ jsing@ tb@
* add a couple of XXX for future cleanuptb2020-01-251-1/+4
|
* Teach openssl s_client a bit about TLSv1.3.tb2020-01-241-2/+17
| | | | ok beck jsing
* Unbreak following elliptic curves to supported groups rename.jsing2018-11-061-3/+3
| | | | Reported by Katherine <luigi30 at gmail dot com> on tech@
* The cookie in the cookie verify callback needs to be const.tb2018-04-251-2/+3
| | | | ok jsing (as part of a larger diff)
* Add s_server and s_client -tlsextdebug messagesinoguchi2018-01-151-1/+9
| | | | ok sthen@ jsing@
* Remove NPN support - the -nextprotoneg options now become no-ops.jsing2017-08-121-7/+1
| | | | ok bcook@ beck@ doug@
* Display details of the server ephemeral key, based on OpenSSL.jsing2016-12-301-1/+38
| | | | ok doug@
* Nuke references to DTLS1_BAD_VER and unbreak the tree.jsing2015-09-101-5/+2
|
* Fix shadowed verify_error in s_server by removing the unused global.bcook2015-09-101-4/+1
| | | | | | 's_time -verify 1' will now actually verify the peer certificate. ok beck@
* Avoid NULL deref in openssl(1) s_cb.doug2015-07-201-5/+14
| | | | | | Fixes Coverity issue 24956. ok bcook@
* Delete commented out code from openssl(1) apps.doug2015-02-081-5/+2
| | | | | | | | | | From OpenSSL commits: 6f91b017bbb7140f816721141ac156d1b828a6b3 75d0ebef2aef7a2c77b27575b8da898e22f3ccd5 a2b18e657ea1a932d125154f4e13ab2258796d90 ok miod@, jsing@
* Use arc4random_buf() instead of RAND(_pseudo)?_bytes().jsing2014-10-221-7/+2
| | | | ok bcook@
* Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is notjsing2014-08-261-0/+854
a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl. ok deraadt@ miod@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 00:20:05 +0000