summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Denote multiple arguments with 'arg ...' not 'args'kn2022-12-221-4/+4
| | | | | | | | | | | | | | | | | | | | A few programs used the plural in their synopsis which doesn't read as clear as the obvious triple-dot notation. mdoc(7) .Ar defaults to "file ..." if no arguments are given and consistent use of 'arg ...' matches that behaviour. Cleanup a few markups of the same argument so the text keeps reading naturally; omit unhelpful parts like 'if optional arguments are given, they are passed along' for tools like time(1) and timeout(1) that obviously execute commands with whatever arguments where given -- just like doas(1) which doesn't mention arguments in its DESCRIPTION in the first place. For expr(1) the difference between 'expressions' and 'expression ...' is crucial, as arguments must be passed as individual words. Feedback millert jmc schwarze deraadt OK jmc
* Clean up openssl(1) command execution.joshua2022-11-111-20/+26
| | | | | | | | | This cleans up the code that handles command execution for openssl(1), displays the help message when 'openssl help' is executed, and exits with code 1 when an invalid command is executed, matching the behaviour of OpenSSL version 1.1+ and above. ok tb@
* Remove the legacy interactive mode from openssl(1).joshua2022-11-1146-376/+231
| | | | | | | | This removes the legacy interactive mode from openssl(1) since it is rarely used, complicates the code, and has also been removed from OpenSSL in version 3.x.x. ok tb@ jsing@
* fix an obvious thinko without serious consequences in the display of eespie2022-10-041-2/+2
| | | | | | for rsa and friends. okay tb@
* remove an extraneous empty linetb2022-09-141-2/+1
|
* Adjust for opaque structs in ts.htb2022-09-111-14/+24
| | | | ok jsing
* Adjust for opaque structs in pkcs12.htb2022-09-111-25/+38
| | | | ok jsing
* Avoid division by zero if no connection was made.tb2022-08-311-4/+2
| | | | CID 184043
* Check return values in ssl_print_tmp_key()tb2022-08-311-4/+9
| | | | | | | | | | Use EVP_PKEY_get0_EC_KEY() instead of the get1 version to avoid an EVP_PKEY_free(). Check return values: if either EVP_PKEY_get0_EC_KEY() or EC_KEY_get0_group() fail, a NULL dereference occurs. CID 43289 ok jsing
* Check HMAC() return value to avoid a later use of uninitializedtb2022-08-301-3/+7
| | | | CID 25421
* Add workarounds for some symbols that are hidden under !LIBRESSL_INTERNALtb2022-08-031-1/+7
| | | | until the next bump exposes new symbols that we can use.
* fix indenttb2022-07-191-2/+2
|
* Document -tls1_{1,2,3} in openssl cipherstb2022-07-191-2/+11
| | | | ok jsing
* Allow displaying ciphers according to protocol versiontb2022-07-191-4/+39
| | | | | | | | | Instead of only using the default client method, allow selecting a specific protocol version and display the supported ciphers accordingly. This removes the noop status of -tls1 and adds -tls1_{1,2,3} as in other commands. ok jsing
* Suppress output of the deprecated -tls1 option in usage() and helptb2022-07-141-3/+2
| | | | | | output. The option wasn't documented in the manpage. pointed out by jsing
* Switch to using TLS_client_method()tb2022-07-141-2/+2
| | | | | | | | | Apparently, TLSv1_client_method() is used for historical reasons. This behavior is no longer helpful if we want to know what ciphers a TLS connection could use. This could change again after further investigation of what the behavior should be... ok beck jsing
* Document openssl ciphers -stb2022-07-141-3/+5
| | | | ok beck jsing
* Add -s option to openssl cipherstb2022-07-141-4/+20
| | | | | | | With this option, the command only shows the ciphers supported by the SSL method. ok beck jsing
* Fix comparison in openssl(1) pkcs12inoguchi2022-04-281-3/+3
| | | | comment from tb@
* Compare pointer value with NULL in openssl(1) pkcs12inoguchi2022-04-281-31/+31
| | | | ok tb@
* man pages: add missing commas between subordinate and main clausesnaddy2022-03-311-22/+22
| | | | | | | jmc@ dislikes a comma before "then" in a conditional, so leave those untouched. ok jmc@
* Change internal functions to static in openssl(1) pkcs12inoguchi2022-03-281-24/+30
| | | | ok tb@
* Remove unused function cert_load in openssl(1) pkcs12inoguchi2022-03-281-19/+1
| | | | ok tb@
* Check EVP_Digest* functions return value in openssl(1) tsinoguchi2022-03-271-5/+16
| | | | | | | Move up md_ctx and add EVP_MD_CTX_free under the 'err:' label. CID 149810 comment and ok jsing@
* Check function return valueinoguchi2022-03-241-2/+3
|
* Compare pointer value with NULLinoguchi2022-03-241-63/+63
|
* Wrap long linesinoguchi2022-03-241-39/+44
|
* Remove space between asterisk and variable nameinoguchi2022-03-241-22/+22
|
* Convert openssl(1) ts option handlinginoguchi2022-03-241-153/+285
| | | | | | | | Apply new option handling to openssl(1) ts, and there is no functional changes here. usage strings are comes from manual page. comments and ok jsing@
* openssl cms: avoid NULL derefs on option parsingtb2022-03-231-1/+3
| | | | | | | Two missing initializations in the new option handling cause a segfault when -nodetach or -noindef is passed to openssl cms. ok inoguchi jsing miod
* prefer https links in man pagesjsg2022-02-181-3/+3
| | | | ok gnezdo@ miod@ jmc@
* Unindent and unwrap lines. Pull up a NULL check. No functional change.tb2022-02-031-28/+26
|
* Remove commented variable declarationstb2022-02-031-6/+1
|
* Use X509_*get0_pubkey() wherever possible to simplify and clean uptb2022-02-033-36/+22
| | | | | | the code. Also add error checking where possible. ok jsing
* Remove some stale comments.tb2022-02-031-21/+1
| | | | ok jsing
* Avoid memory leak in error path with openssl(1) smimeinoguchi2022-01-161-1/+2
| | | | | | CID 345316 ok tb@
* Avoid memory leak in error path with openssl(1) cmsinoguchi2022-01-161-1/+3
| | | | | | CID 345314 345320 ok tb@
* Enable openssl pkey -{,pub}check and pkeyparam -checktb2022-01-142-6/+2
|
* openssl(1) dgst: fix build after clones removaltb2022-01-141-4/+1
| | | | ok inoguchi jsing
* Convert openssl(1) speed for opaque EVP_AEAD_CTXtb2022-01-141-13/+31
| | | | ok inoguchi jsing
* Convert openssl(1) rsa.c for opaque RSAtb2022-01-141-2/+2
| | | | ok inoguchi jsing
* openssl(1) genrsa: simplify access to rsa->etb2022-01-141-5/+3
| | | | ok inoguchi jsing
* Convert openssl(1) gendsa.c to opaque DSAtb2022-01-141-2/+2
| | | | ok inoguchi jsing
* Convert openssl(1) dsaparam to opaque dsatb2022-01-141-11/+13
| | | | ok inoguchi jsing
* Convert openssl(1) dsa.c to opaque DSAtb2022-01-141-2/+2
| | | | ok inoguchi jsing
* Convert openssl(1) dhparam to opaque DHtb2022-01-141-12/+14
| | | | ok inoguchi jsing
* Convert openssl(1) dh.c to opaque DHtb2022-01-141-10/+12
| | | | ok inoguchi jsing
* zap some stray whitespacetb2022-01-121-2/+2
|
* Wrap long linesinoguchi2022-01-111-42/+74
|
* Check function return valueinoguchi2022-01-111-32/+57
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 07:41:54 +0000