summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Check return value in openssl(1) s_socket.doug2015-07-201-3/+6
| | | | | | Fixes Coverity issue 21655. ok bcook@
* Remove check that is never true.doug2015-07-201-3/+1
| | | | | | | Fixes coverity issue 78799 as group == NULL was already an error condition above here. ok beck@
* Warn when rename() fails in openssl(1) apps.doug2015-07-201-8/+36
| | | | | | Fixes Coverity issues 78795 and 78803. ok bcook@
* Free memory when finished.doug2015-07-191-2/+6
| | | | | | Fixes coverity 78835. ok bcook@
* Only close descriptor if not already closed.doug2015-07-191-3/+5
| | | | | | Fixes coverity 78916. ok miod@ bcook@
* Free variable before potentially reusing.doug2015-07-191-1/+2
| | | | | | Fixes coverity 78824. ok bcook@ miod@
* Free passin on error.doug2015-07-191-4/+4
| | | | | | Fixes coverity 78826. ok miod@ bcook@
* Fix coverity 105339, by correctly checking return from strtollbeck2015-07-191-1/+1
| | | | ok miod@ bcook@
* Remove effectively unused variable.doug2015-07-191-4/+1
| | | | | | Fixes Coverity issue 21693. ok beck@ bcook@
* fix leak, found by coverity, ID 78877beck2015-07-171-3/+3
| | | | ok miod@ jsing@
* Remove SSLv3 support from openssl(1) s_time.doug2015-07-171-13/+3
| | | | ok miod@ bcook@ beck@
* Remove SSLv3 support from openssl(1) s_server.doug2015-07-171-7/+2
| | | | ok miod@ bcook@ beck@
* Remove SSLv3 support from openssl(1) s_client.doug2015-07-171-4/+1
| | | | ok miod@ bcook@ beck@
* Remove support for SSLv3 from openssl(1) ciphers.doug2015-07-171-27/+5
| | | | ok miod@ bcook@
* Remove workaround for TLS padding bug from SSLeay days.doug2015-07-171-5/+1
| | | | | | | | | OpenSSL doesn't remember which clients were impacted and the functionality has been broken in their stable releases for 2 years. Based on OpenSSL commit a8e4ac6a2fe67c19672ecf0c6aeafa15801ce3a5. ok jsing@
* fix coverity leak - ID 78921beck2015-07-161-3/+11
| | | | ok miod@, bcook@
* kill leak, found by coverity, ID 105348beck2015-07-161-2/+5
| | | | ok miod@
* Add OPTION_ARG_LONG for handling of options with a long type.jsing2015-07-152-3/+16
| | | | ok doug@
* Make 'openssl pkeyutl -verify' return exit code 0 on success.bcook2015-07-151-4/+5
| | | | | | Previously, it returned '1' regardless of whether is succeeded or failed. This is now fixed in the OpenSSL master branch as well. Thanks to Kinichiro Inoguchi for pointing it out. ok @deraadt
* Convert openssl(1) dh to the new option handling.doug2015-07-121-98/+111
| | | | ok jsing@
* Convert openssl(1) dsa to the new option handling.doug2015-07-121-154/+208
| | | | ok jsing@
* Convert openssl(1) ec to the new option handling.doug2015-07-121-170/+247
| | | | ok jsing@
* Convert gendh.c to the new option handling.doug2015-07-121-54/+79
| | | | ok jsing@
* Convert openssl(1) dsaparam to the new option handling.doug2015-07-121-154/+123
| | | | | | | This also removes support for -timebomb related code which was only enabled for GENCB_TEST. ok jsing@
* Convert openssl(1) crl2pkcs7 to the new option handling.doug2015-07-121-95/+110
| | | | input + ok jsing@
* Convert openssl(1) dhparam to new option handling.jsing2015-07-111-121/+160
| | | | ok doug@
* switch "openssl dhparam" default from 512 to 2048 bits, ok jsing@sthen2015-07-082-6/+6
|
* Repair algorithm name array after 1.6.miod2015-07-031-4/+4
|
* Handle NIST curve names in openssl(1) ecparam.jsing2015-06-201-1/+4
| | | | From OpenSSL.
* Less mdc2.jsing2015-06-201-4/+1
|
* Remove obsolete MDC-2DES from libcrypto.doug2015-06-205-43/+13
| | | | ok deraadt@ jsing@ miod@
* Add missing message digests to function table.jsing2015-06-191-3/+27
| | | | | | Diff from kinichiro via github. ok doug@
* Remove fallback dynamic engine loading support.bcook2015-06-191-18/+2
| | | | | | | | | | | | | | | | | | | | | | | Since we no longer have dynamic engines, don't bother falling back to them if a builtin engine is not found first. Before: $ openssl dgst -engine unknown invalid engine "unknown" 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=unknown 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=dynamic After: $ openssl dgst -engine unknown invalid engine "unknown" 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=unknown ok doug@
* spelling fixes from theo buehler;jmc2015-06-181-4/+4
|
* Add support for OPTION_DISCARD.doug2015-06-161-1/+4
| | | | ok jsing@
* Remove ancient compat hack SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG.doug2015-06-151-29/+1
| | | | | This was imported into OpenSSL from SSLeay. It was recently deleted in OpenSSL commit 7a4dadc3a6a487db92619622b820eb4f7be512c9
* Only set the cipher list if one was specified and actually check the returnjsing2015-04-151-7/+12
| | | | | | | value from SSL_CTX_set_cipher_list(). Also remove pointless getenv() handling. ok bcook@ doug@
* Move verify externs into the header file.jsing2015-04-144-12/+8
|
* Convert openssl(1) s_time to new option handling.jsing2015-04-141-201/+178
| | | | ok doug@
* Clean up and improve openssl(1) errstr:jsing2015-04-141-21/+28
| | | | | | | | | - Use BIO_new_fp() instead of BIO_new()/BIO_set_fp() and handle NULL return value in a more appropriate manner. - Use stroul() instead of sscanf() with appropriate error checking. ok doug@
* Convert openssl(1) errstr to new option handling.jsing2015-04-131-6/+34
| | | | ok bcook@ doug@
* Put back a goto end that was unintentionally removed.jsing2015-04-111-1/+2
| | | | Spotted by doug@
* Convert openssl(1) pkeyparam to new option handling.jsing2015-04-111-61/+74
|
* Since Windows needs BIO_sock_init() before you can call any networkingbcook2015-03-222-12/+7
| | | | | | | | | functions, and ocsp and s_time need networking enabled too, this just moves BIO_sock_init() up into main() as a catch-all for all of the commands. Of course, it is a no-op on any other platform. ok @guenther
* subtraction is not comparison. the difference of two longs is not goodtedu2015-03-051-1/+1
| | | | | to place in an int. from Christian Neukirchen ok deraadt
* use correct formatter (int, because of type promotion after operations)bcook2015-03-021-2/+2
| | | | ok jsing@
* Reduce usage of predefined strings in manpages.bentley2015-02-281-7/+7
| | | | | | | | | | | Predefined strings are not very portable across troff implementations, and they make the source much harder to read. Usually the intended character can be written directly. No output changes, except for two instances where the incorrect escape was used in the first place. tweaks + ok schwarze@
* No need to use O_DIRECTORY when opening ".", O_RDONLY will suffice.millert2015-02-251-1/+1
| | | | OK guenther@
* Avoid NULL pointer deref in hashinfo_free() when calling from error paths.doug2015-02-251-2/+3
| | | | | | Also, nuke debugging printfs per jsing and bcook. ok bcook@, jsing@
* While slick, this isn't accessing multiple directories concurrently, soguenther2015-02-221-29/+35
| | | | | | | | using *at functions is equivalent to chdir()ing, which eases portability. Tested with mixes of absolute and relative paths. Eliminate a FILE leak too. prodded by jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-24 17:49:47 +0000