openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	Avoid dereferencing a NULL.	doug	2015-07-20	1	-5/+7
\| \| \| \| \| \|	Move NULL check before use. Fixes Coverity issue 21746. ok miod@ jsing@
*	Remove condition that never happens and fix error handling.	doug	2015-07-20	1	-6/+5
\| \| \| \| \| \| \| \| \| \| \|	There were two issues here: 1) in == NULL is never true because it's checked above here. (Fixes Coverity 21705) 2) All error handling is in the if (in == NULL) guard, so effectively there's no error handling and it continues on. ok miod@ jsing@
*	Check return value for ENGINE_ctrl and ENGINE_ctrl_cmd.	doug	2015-07-20	1	-4/+15
\| \| \| \| \| \|	Fixes Coverity issue 21645. ok bcook@
*	Check return value in openssl(1) s_socket.	doug	2015-07-20	1	-3/+6
\| \| \| \| \| \|	Fixes Coverity issue 21655. ok bcook@
*	Remove check that is never true.	doug	2015-07-20	1	-3/+1
\| \| \| \| \| \| \|	Fixes coverity issue 78799 as group == NULL was already an error condition above here. ok beck@
*	Warn when rename() fails in openssl(1) apps.	doug	2015-07-20	1	-8/+36
\| \| \| \| \| \|	Fixes Coverity issues 78795 and 78803. ok bcook@
*	Free memory when finished.	doug	2015-07-19	1	-2/+6
\| \| \| \| \| \|	Fixes coverity 78835. ok bcook@
*	Only close descriptor if not already closed.	doug	2015-07-19	1	-3/+5
\| \| \| \| \| \|	Fixes coverity 78916. ok miod@ bcook@
*	Free variable before potentially reusing.	doug	2015-07-19	1	-1/+2
\| \| \| \| \| \|	Fixes coverity 78824. ok bcook@ miod@
*	Free passin on error.	doug	2015-07-19	1	-4/+4
\| \| \| \| \| \|	Fixes coverity 78826. ok miod@ bcook@
*	Fix coverity 105339, by correctly checking return from strtoll	beck	2015-07-19	1	-1/+1
\| \| \| \|	ok miod@ bcook@
*	Remove effectively unused variable.	doug	2015-07-19	1	-4/+1
\| \| \| \| \| \|	Fixes Coverity issue 21693. ok beck@ bcook@
*	fix leak, found by coverity, ID 78877	beck	2015-07-17	1	-3/+3
\| \| \| \|	ok miod@ jsing@
*	Remove SSLv3 support from openssl(1) s_time.	doug	2015-07-17	1	-13/+3
\| \| \| \|	ok miod@ bcook@ beck@
*	Remove SSLv3 support from openssl(1) s_server.	doug	2015-07-17	1	-7/+2
\| \| \| \|	ok miod@ bcook@ beck@
*	Remove SSLv3 support from openssl(1) s_client.	doug	2015-07-17	1	-4/+1
\| \| \| \|	ok miod@ bcook@ beck@
*	Remove support for SSLv3 from openssl(1) ciphers.	doug	2015-07-17	1	-27/+5
\| \| \| \|	ok miod@ bcook@
*	Remove workaround for TLS padding bug from SSLeay days.	doug	2015-07-17	1	-5/+1
\| \| \| \| \| \| \| \| \|	OpenSSL doesn't remember which clients were impacted and the functionality has been broken in their stable releases for 2 years. Based on OpenSSL commit a8e4ac6a2fe67c19672ecf0c6aeafa15801ce3a5. ok jsing@
*	fix coverity leak - ID 78921	beck	2015-07-16	1	-3/+11
\| \| \| \|	ok miod@, bcook@
*	kill leak, found by coverity, ID 105348	beck	2015-07-16	1	-2/+5
\| \| \| \|	ok miod@
*	Add OPTION_ARG_LONG for handling of options with a long type.	jsing	2015-07-15	2	-3/+16
\| \| \| \|	ok doug@
*	Make 'openssl pkeyutl -verify' return exit code 0 on success.	bcook	2015-07-15	1	-4/+5
\| \| \| \| \| \|	Previously, it returned '1' regardless of whether is succeeded or failed. This is now fixed in the OpenSSL master branch as well. Thanks to Kinichiro Inoguchi for pointing it out. ok @deraadt
*	Convert openssl(1) dh to the new option handling.	doug	2015-07-12	1	-98/+111
\| \| \| \|	ok jsing@
*	Convert openssl(1) dsa to the new option handling.	doug	2015-07-12	1	-154/+208
\| \| \| \|	ok jsing@
*	Convert openssl(1) ec to the new option handling.	doug	2015-07-12	1	-170/+247
\| \| \| \|	ok jsing@
*	Convert gendh.c to the new option handling.	doug	2015-07-12	1	-54/+79
\| \| \| \|	ok jsing@
*	Convert openssl(1) dsaparam to the new option handling.	doug	2015-07-12	1	-154/+123
\| \| \| \| \| \| \|	This also removes support for -timebomb related code which was only enabled for GENCB_TEST. ok jsing@
*	Convert openssl(1) crl2pkcs7 to the new option handling.	doug	2015-07-12	1	-95/+110
\| \| \| \|	input + ok jsing@
*	Convert openssl(1) dhparam to new option handling.	jsing	2015-07-11	1	-121/+160
\| \| \| \|	ok doug@
*	switch "openssl dhparam" default from 512 to 2048 bits, ok jsing@	sthen	2015-07-08	2	-6/+6
\|
*	Repair algorithm name array after 1.6.	miod	2015-07-03	1	-4/+4
\|
*	Handle NIST curve names in openssl(1) ecparam.	jsing	2015-06-20	1	-1/+4
\| \| \| \|	From OpenSSL.
*	Less mdc2.	jsing	2015-06-20	1	-4/+1
\|
*	Remove obsolete MDC-2DES from libcrypto.	doug	2015-06-20	5	-43/+13
\| \| \| \|	ok deraadt@ jsing@ miod@
*	Add missing message digests to function table.	jsing	2015-06-19	1	-3/+27
\| \| \| \| \| \|	Diff from kinichiro via github. ok doug@
*	Remove fallback dynamic engine loading support.	bcook	2015-06-19	1	-18/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Since we no longer have dynamic engines, don't bother falling back to them if a builtin engine is not found first. Before: $ openssl dgst -engine unknown invalid engine "unknown" 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=unknown 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=dynamic After: $ openssl dgst -engine unknown invalid engine "unknown" 27256010481532:error:2606A074:engine routines:ENGINE_by_id:no such engine:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/engine/eng_list.c:384:id=unknown ok doug@
*	spelling fixes from theo buehler;	jmc	2015-06-18	1	-4/+4
\|
*	Add support for OPTION_DISCARD.	doug	2015-06-16	1	-1/+4
\| \| \| \|	ok jsing@
*	Remove ancient compat hack SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG.	doug	2015-06-15	1	-29/+1
\| \| \| \| \|	This was imported into OpenSSL from SSLeay. It was recently deleted in OpenSSL commit 7a4dadc3a6a487db92619622b820eb4f7be512c9
*	Only set the cipher list if one was specified and actually check the return	jsing	2015-04-15	1	-7/+12
\| \| \| \| \| \| \|	value from SSL_CTX_set_cipher_list(). Also remove pointless getenv() handling. ok bcook@ doug@
*	Move verify externs into the header file.	jsing	2015-04-14	4	-12/+8
\|
*	Convert openssl(1) s_time to new option handling.	jsing	2015-04-14	1	-201/+178
\| \| \| \|	ok doug@
*	Clean up and improve openssl(1) errstr:	jsing	2015-04-14	1	-21/+28
\| \| \| \| \| \| \| \| \|	- Use BIO_new_fp() instead of BIO_new()/BIO_set_fp() and handle NULL return value in a more appropriate manner. - Use stroul() instead of sscanf() with appropriate error checking. ok doug@
*	Convert openssl(1) errstr to new option handling.	jsing	2015-04-13	1	-6/+34
\| \| \| \|	ok bcook@ doug@
*	Put back a goto end that was unintentionally removed.	jsing	2015-04-11	1	-1/+2
\| \| \| \|	Spotted by doug@
*	Convert openssl(1) pkeyparam to new option handling.	jsing	2015-04-11	1	-61/+74
\|
*	Since Windows needs BIO_sock_init() before you can call any networking	bcook	2015-03-22	2	-12/+7
\| \| \| \| \| \| \| \| \|	functions, and ocsp and s_time need networking enabled too, this just moves BIO_sock_init() up into main() as a catch-all for all of the commands. Of course, it is a no-op on any other platform. ok @guenther
*	subtraction is not comparison. the difference of two longs is not good	tedu	2015-03-05	1	-1/+1
\| \| \| \| \|	to place in an int. from Christian Neukirchen ok deraadt
*	use correct formatter (int, because of type promotion after operations)	bcook	2015-03-02	1	-2/+2
\| \| \| \|	ok jsing@
*	Reduce usage of predefined strings in manpages.	bentley	2015-02-28	1	-7/+7
\| \| \| \| \| \| \| \| \| \| \|	Predefined strings are not very portable across troff implementations, and they make the source much harder to read. Usually the intended character can be written directly. No output changes, except for two instances where the incorrect escape was used in the first place. tweaks + ok schwarze@