summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* remove ssl3 bits; ok dougjmc2015-08-021-58/+14
|
* use file system path (.Pa) semantic markup macros where appropriate.sobrado2015-07-271-7/+7
| | | | ok jmc@
* Revert ca.c r1.7 - BN_to_ASN1_INTEGER() only allocates an ASN.1 integerjsing2015-07-221-6/+2
| | | | | | | | | when it is not passed a reference to one. In this case, it is passed a reference to an ASN.1 integer that is part of the X509 ASN.1 data structure. Freeing this causes bad things to happen, since it is used and then freed later on. Found the hard way by kinichiro inoguchi.
* Convert openssl(1) nseq to new option handling.jsing2015-07-211-40/+51
| | | | ok bcook@ doug@
* Convert openssl(1) pkcs7 to new option handling.jsing2015-07-211-93/+111
| | | | ok doug@
* remove superfluous strings.hbcook2015-07-211-2/+1
|
* app_tminterval moved to apps_posix.c, we don't need sys/times.hbcook2015-07-201-2/+1
|
* No need to recheck for NULL in openssl(1) ecparam.doug2015-07-201-5/+1
| | | | | | Fixes Coverity issue 78802. ok bcook@
* Don't try to run ECDH if ecdh_checks fails in openssl(1) speed.doug2015-07-201-17/+23
| | | | | | | Coverity 72744 noticed that rsa_count was overwitten. The underlying issue is that this code is supposed to be in an else block. ok bcook@
* Avoid NULL deref in openssl(1) s_cb.doug2015-07-201-5/+14
| | | | | | Fixes Coverity issue 24956. ok bcook@
* Avoid possible NULL deref in openssl(1) s_server.doug2015-07-201-2/+5
| | | | | | Fixes Coverity issue 78873. ok miod@
* check the sigbuf value before using it.rpointel2015-07-201-2/+7
| | | | ok miod@ (thanks).
* Avoid dereferencing a NULL.doug2015-07-201-5/+7
| | | | | | Move NULL check before use. Fixes Coverity issue 21746. ok miod@ jsing@
* Remove condition that never happens and fix error handling.doug2015-07-201-6/+5
| | | | | | | | | | | There were two issues here: 1) in == NULL is never true because it's checked above here. (Fixes Coverity 21705) 2) All error handling is in the if (in == NULL) guard, so effectively there's no error handling and it continues on. ok miod@ jsing@
* Check return value for ENGINE_ctrl and ENGINE_ctrl_cmd.doug2015-07-201-4/+15
| | | | | | Fixes Coverity issue 21645. ok bcook@
* Check return value in openssl(1) s_socket.doug2015-07-201-3/+6
| | | | | | Fixes Coverity issue 21655. ok bcook@
* Remove check that is never true.doug2015-07-201-3/+1
| | | | | | | Fixes coverity issue 78799 as group == NULL was already an error condition above here. ok beck@
* Warn when rename() fails in openssl(1) apps.doug2015-07-201-8/+36
| | | | | | Fixes Coverity issues 78795 and 78803. ok bcook@
* Free memory when finished.doug2015-07-191-2/+6
| | | | | | Fixes coverity 78835. ok bcook@
* Only close descriptor if not already closed.doug2015-07-191-3/+5
| | | | | | Fixes coverity 78916. ok miod@ bcook@
* Free variable before potentially reusing.doug2015-07-191-1/+2
| | | | | | Fixes coverity 78824. ok bcook@ miod@
* Free passin on error.doug2015-07-191-4/+4
| | | | | | Fixes coverity 78826. ok miod@ bcook@
* Fix coverity 105339, by correctly checking return from strtollbeck2015-07-191-1/+1
| | | | ok miod@ bcook@
* Remove effectively unused variable.doug2015-07-191-4/+1
| | | | | | Fixes Coverity issue 21693. ok beck@ bcook@
* fix leak, found by coverity, ID 78877beck2015-07-171-3/+3
| | | | ok miod@ jsing@
* Remove SSLv3 support from openssl(1) s_time.doug2015-07-171-13/+3
| | | | ok miod@ bcook@ beck@
* Remove SSLv3 support from openssl(1) s_server.doug2015-07-171-7/+2
| | | | ok miod@ bcook@ beck@
* Remove SSLv3 support from openssl(1) s_client.doug2015-07-171-4/+1
| | | | ok miod@ bcook@ beck@
* Remove support for SSLv3 from openssl(1) ciphers.doug2015-07-171-27/+5
| | | | ok miod@ bcook@
* Remove workaround for TLS padding bug from SSLeay days.doug2015-07-171-5/+1
| | | | | | | | | OpenSSL doesn't remember which clients were impacted and the functionality has been broken in their stable releases for 2 years. Based on OpenSSL commit a8e4ac6a2fe67c19672ecf0c6aeafa15801ce3a5. ok jsing@
* fix coverity leak - ID 78921beck2015-07-161-3/+11
| | | | ok miod@, bcook@
* kill leak, found by coverity, ID 105348beck2015-07-161-2/+5
| | | | ok miod@
* Add OPTION_ARG_LONG for handling of options with a long type.jsing2015-07-152-3/+16
| | | | ok doug@
* Make 'openssl pkeyutl -verify' return exit code 0 on success.bcook2015-07-151-4/+5
| | | | | | Previously, it returned '1' regardless of whether is succeeded or failed. This is now fixed in the OpenSSL master branch as well. Thanks to Kinichiro Inoguchi for pointing it out. ok @deraadt
* Convert openssl(1) dh to the new option handling.doug2015-07-121-98/+111
| | | | ok jsing@
* Convert openssl(1) dsa to the new option handling.doug2015-07-121-154/+208
| | | | ok jsing@
* Convert openssl(1) ec to the new option handling.doug2015-07-121-170/+247
| | | | ok jsing@
* Convert gendh.c to the new option handling.doug2015-07-121-54/+79
| | | | ok jsing@
* Convert openssl(1) dsaparam to the new option handling.doug2015-07-121-154/+123
| | | | | | | This also removes support for -timebomb related code which was only enabled for GENCB_TEST. ok jsing@
* Convert openssl(1) crl2pkcs7 to the new option handling.doug2015-07-121-95/+110
| | | | input + ok jsing@
* Convert openssl(1) dhparam to new option handling.jsing2015-07-111-121/+160
| | | | ok doug@
* switch "openssl dhparam" default from 512 to 2048 bits, ok jsing@sthen2015-07-082-6/+6
|
* Repair algorithm name array after 1.6.miod2015-07-031-4/+4
|
* Handle NIST curve names in openssl(1) ecparam.jsing2015-06-201-1/+4
| | | | From OpenSSL.
* Less mdc2.jsing2015-06-201-4/+1
|
* Remove obsolete MDC-2DES from libcrypto.doug2015-06-205-43/+13
| | | | ok deraadt@ jsing@ miod@
* Add missing message digests to function table.jsing2015-06-191-3/+27
| | | | | | Diff from kinichiro via github. ok doug@
* Remove fallback dynamic engine loading support.bcook2015-06-191-18/+2
| | | | | | | | | | | | | | | | | | | | | | | Since we no longer have dynamic engines, don't bother falling back to them if a builtin engine is not found first. Before: $ openssl dgst -engine unknown invalid engine "unknown" 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=unknown 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=dynamic After: $ openssl dgst -engine unknown invalid engine "unknown" 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=unknown ok doug@
* spelling fixes from theo buehler;jmc2015-06-181-4/+4
|
* Add support for OPTION_DISCARD.doug2015-06-161-1/+4
| | | | ok jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-02 00:52:40 +0000