summaryrefslogtreecommitdiff
path: root/src/usr.bin (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Indent labels with a single space so that diff prototypes are more useful.jsing2018-02-0745-190/+190
|
* Remove guards around *_free() calls since these functions handle NULL.jsing2018-02-0718-114/+67
|
* Remove guards around *_free() calls since these functions handle NULL.jsing2018-02-071-27/+15
|
* Remove manual shutdown and close of the socket since in this casetb2018-02-061-7/+1
| | | | | | SSL_free will do this a second time. ok jsing
* Initialize variables to avoid compiler warningsinoguchi2018-01-282-4/+4
| | | | ok jsing@
* Add s_server and s_client -tlsextdebug messagesinoguchi2018-01-151-1/+9
| | | | ok sthen@ jsing@
* Remove unused extern variable in openssl(1) s_timeinoguchi2018-01-071-2/+1
| | | | | | | | | This extern variable appears not to be used. And it is overridden by local variable in doConnection(). This causes MSVC warning C4459 "declaration of 'verify_error' hides global declaration". OK millert@
* Seperate real and user timer interfacesjca2017-12-054-17/+15
| | | | | | | | | Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps. Discussed with Scott Cheloha
* Mixing -url with any of -host, -port, or -path should be a usage errorguenther2017-11-291-7/+8
| | | | | | | instead of trying to work and then triggering a double-free(). problem noted by trondd (trondd (at) kagu-tsuchi.com) ok beck@
* Allow TLS ciphers and protocols to be specified for nc(1).jsing2017-11-282-41/+65
| | | | | | | | | | | Replace the "tlscompat" and "tlsall" options with "cipher" and "protocol" options that are key/value pairs. This allows the user to specify ciphers and protocols in a form that are accepted by tls_config_set_ciphers() and tls_config_set_protocols() respectively. ok beck@ (also ok jmc@ for a previous revision of the man page).
* Use clock_gettime and getrusage to compute real and user time.jca2017-11-241-16/+33
| | | | Better handling of clock jumps, from Scott Cheloa.
* openssl s_time -connect host:port needs dns promise for pledge(2) otherwise itmestre2017-11-021-2/+2
| | | | | | | | will SIGABRT Bug found by Scott Cheloha <scottcheloha at gmail.com> OK deraadt@
* Use a smaller buffer size too peek the receive data. The contentbluhm2017-10-241-5/+4
| | | | | | is discarded anyway, the plen variable is a leftover from the -j jumbo option. reported by Nan Xiao; OK deraadt@
* Fix cast-pasto's in commentsguenther2017-10-071-3/+3
|
* Remove SSLv23 padding mode.jsing2017-08-282-7/+5
|
* Switch to -Werror with clang for libressl.doug2017-08-131-2/+2
| | | | | Discussed with beck@ and jsing@ ok beck@
* Remove NPN support - the -nextprotoneg options now become no-ops.jsing2017-08-124-113/+13
| | | | ok bcook@ beck@ doug@
* grammar was ass backwards;jmc2017-07-151-7/+7
|
* Add a "-T tlscompat" option to nc(1), which enables the use of all TLSjsing2017-07-152-5/+12
| | | | | | | | | | protocols and "compat" ciphers. This allows for TLS connections to TLS servers that are using less than ideal cipher suites, without having to resort to "-T tlsall" which enables all known cipher suites. Diff from Kyle J. McKay <mackyle at gmail dot com> ok beck@
* remove redundant variable declarations in Makefiles, since those arelibressl-v2.6.0espie2017-07-091-2/+1
| | | | | | the default. okay millert@
* Continue the flattening of the pledge logic started in r1.184 and placetb2017-06-111-8/+8
| | | | | | a blank space somewhere else. suggested by and ok jsing
* Simple style(9) fixes from Juuso Lapinlampi, mostly whitespace andtb2017-06-111-33/+35
| | | | | | | omitting parentheses in return statements. Binary change because of return instead of exit(3) from main and because help() is now __dead. ok awolk
* If -P and -c were given, a second pledge call tried to add "rpath" to thetb2017-06-101-8/+5
| | | | | | | | | | | | first pledge promises, so nc exited with EPERM. To fix this, merge the pledge of the Pflag && usetls case into the first pledge block. This allows us to get rid of the second pledge block and thus to simplify the logic a bit. While there, add a missing blank to an error string. Joint effort by the #openbsd-daily code reading group, problem found and initial patch by <rain1 openmailbox org>. ok awolk
* Fix gcc warnings triggered by WARNINGS=yes.bluhm2017-05-261-9/+9
| | | | OK florian@
* typo: ket -> key.tb2017-05-161-3/+3
| | | | from "fenderq" on freenode via tj
* Implement nc -W recvlimit to terminate netcat after receiving abluhm2017-05-102-8/+28
| | | | | | number of packets. This allows to send a UDP request, receive a reply and check the result on the command line. input jmc@; OK millert@
* simplify startdate/enddate validationbeck2017-05-081-27/+5
| | | | ok jsing@
* Limit -Werror to gcc4 as was done in libcrypto/libssl/libtls to avoidjsg2017-05-071-3/+7
| | | | | | failed builds with different compilers. ok jsing@
* Fix the ca command so that certs it generates have RFC5280 conformant time.beck2017-05-041-16/+56
| | | | Problem noticed by Harald Dunkel <harald.dunkel@aixigo.de>
* use freezero() instead of 4-line conditional explicit_bzero + freederaadt2017-04-184-28/+10
|
* Move comments into a block and uses {} to unconfuse reading.deraadt2017-04-161-12/+13
|
* - -Z before -z in options listjmc2017-04-052-7/+9
| | | | - add -Z to help and usage()
* Allow nc to save the peer certificate and chain in a pem file specifiedbeck2017-04-052-4/+39
| | | | | with -Z ok jsing@
* The netcat server did not print the correct TLS error message ifbluhm2017-03-091-2/+2
| | | | | | the handshake after accept had failed. Use the context of the accepted TLS connection. OK beck@
* When netcat was started with -Uz, the exit status was always 1. Ifbluhm2017-02-091-3/+4
| | | | | | the unix connect is successful, let nc -z close the socket and exit with 0. OK jca@
* Document that -x can take an ipv6 address enclosed in square brackets.jca2017-02-091-2/+5
|
* When getaddrinfo fails, print the requested host and port.jca2017-02-091-2/+3
| | | | Should make debugging easier, especially when using -x literal_ipv6_address
* Avoid a busy loop in netcat's tls_close(). Reuse the tls_handshake()bluhm2017-02-081-18/+8
| | | | | wrapper that calls poll(2) and handles the -w timeout. OK beck@
* Avoid double close(2) in netcat. After every call to readwrite()bluhm2017-02-081-13/+5
| | | | | there is already a close(2), so do not do it in readwrite(). OK beck@
* Due to non-blocking sockets, tls_handshake() could wait in a busybluhm2017-02-081-21/+42
| | | | | | loop. Use an additional poll(2) during the handshake and also respect the -w timeout option there. From Shuo Chen; OK beck@
* Support IPv6 proxy addressesjca2017-02-051-10/+24
| | | | ok beck@
* oscp -> ocsp;jmc2017-01-261-3/+3
| | | | from holger mikolon, plus one more in nc;
* Add a -groups option to openssl s_client, which allows supported EC curvesjsing2017-01-241-7/+17
| | | | | | to be specified as a colon separated list. ok beck@
* whitespacederaadt2017-01-212-5/+5
|
* rearrange pledge promises into the canonical order; easier to eyeballderaadt2017-01-2039-77/+77
|
* fix pledge for openssl ocsp - we will need tty to ask for a cert pwbeck2017-01-201-2/+2
|
* fix openssl ocsp to not report sucess when the ocsp responder rejects usbeck2017-01-191-3/+3
| | | | ok deraadt@ krw@
* consistently spell ASN.1;jmc2017-01-031-12/+12
|
* Display details of the server ephemeral key, based on OpenSSL.jsing2016-12-303-3/+44
| | | | ok doug@
* Expand ASN1_ITEM_rptr macros here as well... used with NETSCAPE_X509 of alljsing2016-12-302-4/+4
| | | | things...
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 00:48:27 +0000