| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Even if the buffer is guaranteed to be NUL-terminated in a particular
case, it is still setting a bad example. Besides, it is unclear
to me whether there is any such guarantee in the case at hand.
Checking that would require auditing all of d2i_X509_bio(3),
ASN1_item_d2i_bio(&NETSCAPE_X509_it, ...), PEM_read_bio_X509_AUX(3),
and PKCS12_parse(3), since no such guarantee is documented for any
of these functions, and even then it would remain fragile with
respect to later changes of implementation details.
In the worst case, this could potentially result in a read buffer
overrun.
OK tb@ on an earlier version of this patch.
While we are here, deraadt@ requested to not use the word "string" in the
name of a variable that is not a string in the sense of the C language.
|
| |
|
|
| |
input from bcook@, ok and comments from tb@
|
| |
|
|
| |
ok and input from tb@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Apply new option handling to openssl(1) x509.
To handle incremental order value, using newly added OPTION_ORDER.
I left the descriptions for -CAform, -inform, and -outform as it was,
for now. These description would be fixed.
And digest option handler could be consolidated to one between
some subcommands in the future.
ok and comments from tb@,
and "I'd move forward with your current plan." from jsing@
|
| |
|
|
|
|
| |
While we are in here also make it notice if time values in a certificate
are bogus, and say so in the output.
ok bcook@ jsing@
|
| |
|
|
|
|
|
|
| |
openssl x509 -fingerprint
openssl crl -fingerprint
from sha1 to sha256
ok jsing@
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
things...
|
| |
|
|
| |
ok semarie@
|
| |
|
|
|
|
|
|
|
|
|
| |
it is needed in order to let libssl UI_* function plays with echo on/off when
asking for password on terminal.
passwd subcommand needs additionnal "wpath cpath" in order to let it calls
fopen("/dev/tty", "w") (O_WRONLY with O_CREAT | O_TRUNC).
problem reported by several
with and ok doug@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
openssl(1) has two mechanisms for operating: either a single execution
of one command (looking at argv[0] or argv[1]) or as an interactive
session than may execute any number of commands.
We already have a top level pledge that should cover all commands
and that's what interactive mode must continue using. However, we can
tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most
commands only need "stdio rpath wpath cpath". The pledges could be
further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
| |
|
|
| |
Found the hard way by Mark Patruck.
|
| |
|
|
| |
noted by Bill Parker (dogbert2) on github
|
| |
|
|
|
|
|
|
| |
Noted by kinichiro on github. We probably need a better way to indicate the
list of message digests that are allowed, as the current ones are nowhere near
exhaustive (sigh - guenther@)
OK guenther@ jmc@
|
| |
|
|
|
|
|
| |
We do not have any builtin or dynamic engines, meaning openssl(1) has
no way to use the engine command or parameters at all.
ok jsing@
|
| |
|
|
|
|
|
|
|
| |
provided by progs.h). Also, move the FUNCTION type (and flags) into
openssl.c since that is the only place of use. Lastly, remove pointless
'extern' from the prototypes and use char **argv instead of char *argv[]
(the former is used elsewhere).
ok deraadt@ doug@
|
| |
|
|
|
|
| |
Fixes coverity 78824.
ok bcook@ miod@
|
| |
|
|
| |
ok deraadt@ jsing@ miod@
|
| |
|
|
|
| |
ERR_load_crypto_strings() - as such, we do not need to call the same
function from most of the applications.
|
|
|
a system/superuser binary. At the same time, move the source code from its
current lib/libssl/src/apps location to a more appropriate home under
usr.bin/openssl.
ok deraadt@ miod@
|
