summaryrefslogtreecommitdiff
path: root/src/usr.bin (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove redundant NULL checks before free - BN_free(), BIO_free_all() andjsing2014-12-141-17/+12
| | | | EC_GROUP_free() all have implicit NULL checks.
* unifdef OPENSSL_NO_NEXTPROTONEGjsing2014-12-144-41/+4
|
* Add ALPN support to openssl(1).jsing2014-12-102-11/+95
| | | | Based on OpenSSL.
* Remove unused variable.jsing2014-12-071-5/+1
| | | | From Benjamin Baier <programmer at netzbasis.de>
* Handle GF(2^m) EC curves for C code generation.jsing2014-12-071-5/+7
| | | | From Minux Ma.
* Move Windows OS-specific functions to make porting easier.bcook2014-12-034-31/+165
| | | | | | | | | | | | Several functions that need to be redefined for a Windows port are right in the middle of other code that is relatively portable. This patch isolates the functions that need Windows-specific implementations so they can be built conditionally in the portable tree. Add calls to BIO_sock_init() as-needed to openssl(1) so that socket IO works on Windows. Sorry, these are no-op on other platforms. ok jsing@ deraadt@
* convert select() to poll(). This is one of the most complicatedderaadt2014-12-022-40/+63
| | | | | | conversions in the tree, because the original code is very rotten and fragile. Please test and report any failures. Assistance from millert, bcook, and jsing.
* Conversion of braindead select() path to braindead poll() path.deraadt2014-12-021-17/+17
| | | | Also looked at by bcook
* Mention the -no_tls1_[12] optionsguenther2014-11-231-6/+10
|
* Nuke more obvious #include duplications.krw2014-11-181-2/+1
| | | | ok deraadt@ millert@ tedu@
* More OPENSSL_NO_TLSEXT clean up.jsing2014-11-073-11/+11
|
* Document the -servername option for openssl(1) s_client.jsing2014-11-071-2/+7
| | | | Based on a diff from Rusty (rustyl at outband dot net) and OpenSSL.
* TLS is pretty boring without TLS extensions... unifdef OPENSSL_NO_TLSEXT,jsing2014-11-062-76/+2
| | | | which was already done for libssl some time back.
* ssl_sock_init() does nothing, so remove it...jsing2014-11-061-17/+1
|
* simple select() to poll() conversion; reviewed by millert and dougderaadt2014-11-041-9/+9
|
* Remove ephemeral RSA key handling.jsing2014-10-311-43/+4
|
* Use automatic DH ephemeral parameters instead of fixed 512 bit.jsing2014-10-311-38/+23
| | | | Based on OpenSSL.
* my mistake. we already did increase buffers to 16k; increasing to 64ktedu2014-10-301-2/+2
| | | | would be the next stage of embiggening. restore 16k.
* rework the poll loop to poll in both directions so it doesn't get stucktedu2014-10-301-47/+211
| | | | | if one pipe stalls out. from a diff by Arne Becker. (buffer size left alone for now)
* POLLIN is not guaranteed to be set in revents for EOF so check formillert2014-10-261-3/+3
| | | | POLLHUP too. OK deraadt@
* Remove unnecessary include: netinet/in_systm.h is not needed by theselteo2014-10-241-2/+1
| | | | | | programs. ok deraadt@ millert@
* Use arc4random_buf() instead of RAND(_pseudo)?_bytes().jsing2014-10-228-36/+19
| | | | ok bcook@
* None of these need <openssl/rand.h>jsing2014-10-223-6/+3
|
* s_client: don't call shutdown on a non-existent socket descriptor.bcook2014-10-201-3/+1
| | | | | from Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> ok beck@, deraadt@
* Repair BUF_strdup() breakage.jsing2014-10-162-4/+6
|
* prefer C99 array initialization syntax.bcook2014-10-135-10/+10
| | | | | | | | use C99 array initialization syntax for strict C compilers. from kinichiro, found building with HP/UX compiler ok deraadt@, guenther@
* Use O_NONBLOCK over FIONBIO.bcook2014-10-132-11/+7
| | | | | | | | | Prefer this because it is the POSIX standard and has consistent behavior across platforms. Use BIO_socket_nbio consistently across the tree. from Jonas 'Sortie' Termansen, ok deraadt@
* fix an indentation that makes me upsetderaadt2014-10-081-2/+2
|
* Switch "openssl req" to using SHA256 for hashes and AES256 to encrypt on-disksthen2014-10-012-12/+12
| | | | | | | | | | keys by default (instead of SHA1/3DES) and update documentation to match. Another way to do this is s/NID_sha1/NID_sha256/ in src/crypto/rsa/rsa_ameth.c ("case ASN1_PKEY_CTRL_DEFAULT_MD_NID") but going with the more targetted method above that only affects "openssl req" for now. Help/OK jsing@. OKs on earlier diffs changing openssl.cnf from phessler@ aja@
* Remove unused #define.lteo2014-09-171-3/+1
| | | | ok jsing@
* a little less sendmail specific;jmc2014-09-161-4/+3
|
* Disable -Wshadow again, since it breaks builds on vax with gcc3.jsing2014-09-101-2/+2
|
* Enable -Wshadow in openssl(1) and fix a few shadow warnings.doug2014-09-015-25/+21
| | | | ok jsing@
* Convert ecparam to new option/usage handling.jsing2014-09-011-197/+215
|
* Improve option usage output.jsing2014-09-011-7/+20
| | | | | | | If the option/argument string exceeds the given width, add a hanging indent prior to displaying the description. Also, if the description includes newlines, wrap and indent for each newline so that the indentation is correctly maintained.
* Convert openssl(1) version to new option/usage handling.jsing2014-08-301-34/+90
|
* Move the callback function pointer outside the opt union so that the optionjsing2014-08-302-4/+10
| | | | | values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
* OpenSSL_add_all_algorithms() is called from openssl_startup() - it does notjsing2014-08-286-13/+6
| | | | need to also be called from some of the applications.
* openssl_setup() calls SSL_load_error_strings(), which happens to calljsing2014-08-2827-60/+30
| | | | | ERR_load_crypto_strings() - as such, we do not need to call the same function from most of the applications.
* Add option handling with a callback function for argument processing.jsing2014-08-282-2/+10
|
* Convert openssl(1) crl to new option/usage handling.jsing2014-08-281-186/+246
|
* Given the usage option name/argument name width a few more characters.jsing2014-08-281-2/+2
|
* Ensure that a format option argument is a known specifier.jsing2014-08-281-2/+10
|
* Add option handling for ordered flags.jsing2014-08-282-2/+8
|
* Add option handling for input/output formats.jsing2014-08-282-2/+8
|
* Convert openssl(1) prime to the new options/usage handling.jsing2014-08-271-60/+81
|
* Reset the config struct before calling options_parse(), otherwise configjsing2014-08-271-1/+3
| | | | options from the previous run stick in interactive mode.
* Add an option type that handles argument to integer conversion.jsing2014-08-272-4/+22
|
* Implement table-driven option parsing that allows an application tojsing2014-08-273-76/+192
| | | | | | | | | | | | | | | | | specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync. This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application. As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up). With input from doug@. ok bcook@ doug@
* remove nginx referencesrobert2014-08-261-2/+1
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-02 08:17:04 +0000