summaryrefslogtreecommitdiff
path: root/src/usr.bin (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* these do not use ioctl.hderaadt2015-10-062-4/+2
|
* BIO_get_fd() could return fd 0; fix error condition. Found atderaadt2015-10-031-2/+2
| | | | | http://marc.info/?l=openssl-dev&m=144374015404899&w=2 ok doug
* avoid sys/param.h, by using PATH_MAXderaadt2015-10-021-1/+1
|
* Another s/M_ASN1_INTEGER_free/ASN1_INTEGER_free/.jsing2015-10-011-2/+2
| | | | Found the hard way by Mark Patruck.
* avoid trailing .Ns, reduce .Xo and .Sm, drop redundant .Bkschwarze2015-09-251-12/+4
|
* add a missing NULL checkbcook2015-09-211-1/+5
| | | | noted by Bill Parker (dogbert2) on github
* add a couple of missing NULL checksbcook2015-09-211-3/+3
| | | | noted by Bill Parker (dogbert2) on github
* remove vestigial bits of sha-0 and md2 from openssl(1)bcook2015-09-215-23/+17
| | | | | | | | Noted by kinichiro on github. We probably need a better way to indicate the list of message digests that are allowed, as the current ones are nowhere near exhaustive (sigh - guenther@) OK guenther@ jmc@
* Pack the algorithm numbers, to avoid printing a useless (null) 0 0 0 0miod2015-09-201-34/+34
| | | | line in the summary.
* Temporarily revive MD4 for MS CHAP support.doug2015-09-145-16/+49
|
* Remove MD4 support from LibreSSL.doug2015-09-135-48/+15
| | | | | | | | MD4 should have been removed a long time ago. Also, RFC 6150 moved it to historic in 2011. Rides the major crank from removing SHA-0. Discussed with many including beck@, millert@, djm@, sthen@ ok jsing@, input + ok bcook@
* nc(1) seems worth an Xr in SEE ALSO now;jmc2015-09-131-1/+2
|
* Factor out setup_up / destroy_ui functions.bcook2015-09-134-58/+58
| | | | | | | | | This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode ui_read/write are also simplified.
* document extra algorithms available with openssl speed commandbcook2015-09-131-1/+4
| | | | ok jmc@
* display negotiated TLS version and cipher suite in verbose mode.beck2015-09-131-2/+3
| | | | ok jsing@
* tweak STANDARDS;jmc2015-09-131-3/+3
|
* Adapt to just committed libtls api changebeck2015-09-121-21/+14
|
* Nuke SSLEAY_CONF -- a backwards compatibility environment variable thatlteo2015-09-124-14/+5
| | | | | | | | | | has been superseded by OPENSSL_CONF and discouraged from use for almost 16 years. "Definately ok" jsing@ "burn it" deraadt@ "Kill it with fire" miod@ "KILL IT WITH FIRE!!! BURN!!!!" beck@
* Add openssl(1) speed support for AEAD algorithms.bcook2015-09-121-17/+96
| | | | | | | This adds aes-128-gcm aes-256-gcm chacha20-poly1305 from Adam Langley's original patch for OpenSSL ok beck@ jsing@
* Fix the openssl(1) prime command: When checking a decimal number forlteo2015-09-121-3/+2
| | | | | | | | | primality, do not unnecessarily convert the original decimal number to hex in the output. Hex numbers explicitly specified with -hex remain unchanged. ok beck@ deraadt@ jsing@ miod@
* use SOCK_CLOEXEC instead of fnctl; ok guenther beck jsingderaadt2015-09-121-12/+16
|
* fix previous;jmc2015-09-122-31/+48
|
* spaces found during a readderaadt2015-09-111-19/+18
|
* Add TLS suppport to nc. Provides a useful little test and script tool.beck2015-09-113-45/+346
| | | | ok jsing@ bluhm@
* unifdef -DOPENSSL_NO_RC5jsing2015-09-112-42/+2
|
* kill evil commentbeck2015-09-111-3/+1
| | | | ok deraadt@
* fix unchecked mallocs - coverity 130454 and 130455beck2015-09-111-6/+15
| | | | ok jsing@
* "Shutdown" should be "Shut down" in the usage for s_time's -no_shutdownlteo2015-09-111-2/+2
| | | | flag. Pointed out by jmc@'s commit to the openssl(1) man page.
* Remove engine command and parameters from openssl(1).bcook2015-09-1140-1726/+184
| | | | | | | We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all. ok jsing@
* remove stupid castsderaadt2015-09-111-4/+4
|
* shutdown (n.) -> shut down (v.);jmc2015-09-111-2/+2
|
* Change the default behavior of the s_time command so that it willlteo2015-09-111-2/+7
| | | | | | | | | | | | | | | | perform a proper shutdown by sending a "close notify" alert to the server. This allows s_time to benchmark a full TLS connection more accurately. Introduce a new flag called -no_shutdown to make s_time adopt the previous behavior (i.e. shut down the connection without notifying the server) so that comparisons can still be made with OpenSSL's version. The idea of using a flag (which replaces a #define) was suggested by bcook@. Thanks to millert@ and miod@ as well for their feedback on an earlier diff which resulted in this change. ok bcook@ beck@
* *** empty log message ***lteo2015-09-111-19/+24
|
* Nuke references to DTLS1_BAD_VER and unbreak the tree.jsing2015-09-101-5/+2
|
* Remove call to CRYPTO_malloc_init(), which does nothing.jsing2015-09-101-2/+1
|
* Correct spelling of OPENSSL_cleanse.jsing2015-09-106-17/+17
|
* Fix shadowed verify_error in s_server by removing the unused global.bcook2015-09-104-10/+8
| | | | | | 's_time -verify 1' will now actually verify the peer certificate. ok beck@
* Remove SOCKET_PROTOCOL, a redundant define that was only used once.lteo2015-09-101-4/+2
| | | | | | No binary change. ok millert@ miod@
* Remove unused defines. No binary change.lteo2015-09-102-9/+2
| | | | ok deraadt@ miod@
* Netcat could hang during write(2) although poll(2) reports that thebluhm2015-09-081-15/+6
| | | | | | | | | socket is writeable. This happens because netcat tries to write more than the low water mark of the socket write buffer. With a non-blocking socket you may get a short write, otherwise it blocks. The latter could cause a total hang of the netcat process depending on the upper protocol. So make the network connection non-blocking. OK claudio@ millert@
* synchronize synopsis and usage.sobrado2015-09-031-2/+2
|
* Remove all duplicate prototypes for *_main functions (these are alreadyjsing2015-08-2242-185/+102
| | | | | | | | | provided by progs.h). Also, move the FUNCTION type (and flags) into openssl.c since that is the only place of use. Lastly, remove pointless 'extern' from the prototypes and use char **argv instead of char *argv[] (the former is used elsewhere). ok deraadt@ doug@
* bring prototypes into scope, requires movement of a large global objectderaadt2015-08-198-202/+208
| | | | | out of .h file ok jsing
* Improve openssl s_client -starttls xmpp support.landry2015-08-112-7/+28
| | | | | | | | | From https://rt.openssl.org/Ticket/Display.html?id=2860&user=guest&pass=guest - add a -xmpphost option to specify the xmpp virtual host - fix an infinite loop when the vhost isnt what the server expects - fix communication with openfire & prosody servers with tweaks & ok bcook@ doug@ manpage bits jmc@
* remove ssl3 bits; ok dougjmc2015-08-021-58/+14
|
* use file system path (.Pa) semantic markup macros where appropriate.sobrado2015-07-271-7/+7
| | | | ok jmc@
* remove unused variablechl2015-07-261-2/+2
| | | | ok tedu@
* Revert ca.c r1.7 - BN_to_ASN1_INTEGER() only allocates an ASN.1 integerjsing2015-07-221-6/+2
| | | | | | | | | when it is not passed a reference to one. In this case, it is passed a reference to an ASN.1 integer that is part of the X509 ASN.1 data structure. Freeing this causes bad things to happen, since it is used and then freed later on. Found the hard way by kinichiro inoguchi.
* Convert openssl(1) nseq to new option handling.jsing2015-07-211-40/+51
| | | | ok bcook@ doug@
* Convert openssl(1) pkcs7 to new option handling.jsing2015-07-211-93/+111
| | | | ok doug@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-24 04:04:10 +0000