summaryrefslogtreecommitdiff
path: root/src/usr.bin (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Add openssl(1) speed support for AEAD algorithms.bcook2015-09-121-17/+96
| | | | | | | This adds aes-128-gcm aes-256-gcm chacha20-poly1305 from Adam Langley's original patch for OpenSSL ok beck@ jsing@
* Fix the openssl(1) prime command: When checking a decimal number forlteo2015-09-121-3/+2
| | | | | | | | | primality, do not unnecessarily convert the original decimal number to hex in the output. Hex numbers explicitly specified with -hex remain unchanged. ok beck@ deraadt@ jsing@ miod@
* use SOCK_CLOEXEC instead of fnctl; ok guenther beck jsingderaadt2015-09-121-12/+16
|
* fix previous;jmc2015-09-122-31/+48
|
* spaces found during a readderaadt2015-09-111-19/+18
|
* Add TLS suppport to nc. Provides a useful little test and script tool.beck2015-09-113-45/+346
| | | | ok jsing@ bluhm@
* unifdef -DOPENSSL_NO_RC5jsing2015-09-112-42/+2
|
* kill evil commentbeck2015-09-111-3/+1
| | | | ok deraadt@
* fix unchecked mallocs - coverity 130454 and 130455beck2015-09-111-6/+15
| | | | ok jsing@
* "Shutdown" should be "Shut down" in the usage for s_time's -no_shutdownlteo2015-09-111-2/+2
| | | | flag. Pointed out by jmc@'s commit to the openssl(1) man page.
* Remove engine command and parameters from openssl(1).bcook2015-09-1140-1726/+184
| | | | | | | We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all. ok jsing@
* remove stupid castsderaadt2015-09-111-4/+4
|
* shutdown (n.) -> shut down (v.);jmc2015-09-111-2/+2
|
* Change the default behavior of the s_time command so that it willlteo2015-09-111-2/+7
| | | | | | | | | | | | | | | | perform a proper shutdown by sending a "close notify" alert to the server. This allows s_time to benchmark a full TLS connection more accurately. Introduce a new flag called -no_shutdown to make s_time adopt the previous behavior (i.e. shut down the connection without notifying the server) so that comparisons can still be made with OpenSSL's version. The idea of using a flag (which replaces a #define) was suggested by bcook@. Thanks to millert@ and miod@ as well for their feedback on an earlier diff which resulted in this change. ok bcook@ beck@
* *** empty log message ***lteo2015-09-111-19/+24
|
* Nuke references to DTLS1_BAD_VER and unbreak the tree.jsing2015-09-101-5/+2
|
* Remove call to CRYPTO_malloc_init(), which does nothing.jsing2015-09-101-2/+1
|
* Correct spelling of OPENSSL_cleanse.jsing2015-09-106-17/+17
|
* Fix shadowed verify_error in s_server by removing the unused global.bcook2015-09-104-10/+8
| | | | | | 's_time -verify 1' will now actually verify the peer certificate. ok beck@
* Remove SOCKET_PROTOCOL, a redundant define that was only used once.lteo2015-09-101-4/+2
| | | | | | No binary change. ok millert@ miod@
* Remove unused defines. No binary change.lteo2015-09-102-9/+2
| | | | ok deraadt@ miod@
* Netcat could hang during write(2) although poll(2) reports that thebluhm2015-09-081-15/+6
| | | | | | | | | socket is writeable. This happens because netcat tries to write more than the low water mark of the socket write buffer. With a non-blocking socket you may get a short write, otherwise it blocks. The latter could cause a total hang of the netcat process depending on the upper protocol. So make the network connection non-blocking. OK claudio@ millert@
* synchronize synopsis and usage.sobrado2015-09-031-2/+2
|
* Remove all duplicate prototypes for *_main functions (these are alreadyjsing2015-08-2242-185/+102
| | | | | | | | | provided by progs.h). Also, move the FUNCTION type (and flags) into openssl.c since that is the only place of use. Lastly, remove pointless 'extern' from the prototypes and use char **argv instead of char *argv[] (the former is used elsewhere). ok deraadt@ doug@
* bring prototypes into scope, requires movement of a large global objectderaadt2015-08-198-202/+208
| | | | | out of .h file ok jsing
* Improve openssl s_client -starttls xmpp support.landry2015-08-112-7/+28
| | | | | | | | | From https://rt.openssl.org/Ticket/Display.html?id=2860&user=guest&pass=guest - add a -xmpphost option to specify the xmpp virtual host - fix an infinite loop when the vhost isnt what the server expects - fix communication with openfire & prosody servers with tweaks & ok bcook@ doug@ manpage bits jmc@
* remove ssl3 bits; ok dougjmc2015-08-021-58/+14
|
* use file system path (.Pa) semantic markup macros where appropriate.sobrado2015-07-271-7/+7
| | | | ok jmc@
* remove unused variablechl2015-07-261-2/+2
| | | | ok tedu@
* Revert ca.c r1.7 - BN_to_ASN1_INTEGER() only allocates an ASN.1 integerjsing2015-07-221-6/+2
| | | | | | | | | when it is not passed a reference to one. In this case, it is passed a reference to an ASN.1 integer that is part of the X509 ASN.1 data structure. Freeing this causes bad things to happen, since it is used and then freed later on. Found the hard way by kinichiro inoguchi.
* Convert openssl(1) nseq to new option handling.jsing2015-07-211-40/+51
| | | | ok bcook@ doug@
* Convert openssl(1) pkcs7 to new option handling.jsing2015-07-211-93/+111
| | | | ok doug@
* remove superfluous strings.hbcook2015-07-211-2/+1
|
* app_tminterval moved to apps_posix.c, we don't need sys/times.hbcook2015-07-201-2/+1
|
* No need to recheck for NULL in openssl(1) ecparam.doug2015-07-201-5/+1
| | | | | | Fixes Coverity issue 78802. ok bcook@
* Don't try to run ECDH if ecdh_checks fails in openssl(1) speed.doug2015-07-201-17/+23
| | | | | | | Coverity 72744 noticed that rsa_count was overwitten. The underlying issue is that this code is supposed to be in an else block. ok bcook@
* Avoid NULL deref in openssl(1) s_cb.doug2015-07-201-5/+14
| | | | | | Fixes Coverity issue 24956. ok bcook@
* Avoid possible NULL deref in openssl(1) s_server.doug2015-07-201-2/+5
| | | | | | Fixes Coverity issue 78873. ok miod@
* check the sigbuf value before using it.rpointel2015-07-201-2/+7
| | | | ok miod@ (thanks).
* Avoid dereferencing a NULL.doug2015-07-201-5/+7
| | | | | | Move NULL check before use. Fixes Coverity issue 21746. ok miod@ jsing@
* Remove condition that never happens and fix error handling.doug2015-07-201-6/+5
| | | | | | | | | | | There were two issues here: 1) in == NULL is never true because it's checked above here. (Fixes Coverity 21705) 2) All error handling is in the if (in == NULL) guard, so effectively there's no error handling and it continues on. ok miod@ jsing@
* Check return value for ENGINE_ctrl and ENGINE_ctrl_cmd.doug2015-07-201-4/+15
| | | | | | Fixes Coverity issue 21645. ok bcook@
* Check return value in openssl(1) s_socket.doug2015-07-201-3/+6
| | | | | | Fixes Coverity issue 21655. ok bcook@
* Remove check that is never true.doug2015-07-201-3/+1
| | | | | | | Fixes coverity issue 78799 as group == NULL was already an error condition above here. ok beck@
* Warn when rename() fails in openssl(1) apps.doug2015-07-201-8/+36
| | | | | | Fixes Coverity issues 78795 and 78803. ok bcook@
* Free memory when finished.doug2015-07-191-2/+6
| | | | | | Fixes coverity 78835. ok bcook@
* Only close descriptor if not already closed.doug2015-07-191-3/+5
| | | | | | Fixes coverity 78916. ok miod@ bcook@
* Free variable before potentially reusing.doug2015-07-191-1/+2
| | | | | | Fixes coverity 78824. ok bcook@ miod@
* Free passin on error.doug2015-07-191-4/+4
| | | | | | Fixes coverity 78826. ok miod@ bcook@
* Fix coverity 105339, by correctly checking return from strtollbeck2015-07-191-1/+1
| | | | ok miod@ bcook@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 11:39:00 +0000