summaryrefslogtreecommitdiff
path: root/src/usr.bin (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Add missing option openssl dsa -modulusinoguchi2019-07-101-2/+8
| | | | ok bcook@ jsing@
* Fix manual openssl(1) genrsainoguchi2019-07-091-6/+14
| | | | | | Add missing -camellia*/-idea description to genrsa section. ok jmc@
* Convert openssl(1) genrsa to the newer style of option handlinginoguchi2019-07-091-70/+183
| | | | ok tb@ jsing@
* Fix manual openssl(1) dsa, ocsp, rsa and smimeinoguchi2019-07-081-12/+56
| | | | | | | | | | | | | - dsa : add missing -pvk-none, -pvk-strong and -pvk-weak add pvk format to -inform and -outform - ocsp : add missing -header, -ignore_err, -no_explicit and -timeout - rsa : add missing -pvk-none, -pvk-strong and -pvk-weak add missing -RSAPublicKey_in and -RSAPublicKey_out add pvk format to -inform and -outform - smime : add missing -nosmimecap - add pvk description at common format part ok jmc@
* Fix manual openssl(1) pkcs12, req, verify and x509inoguchi2019-07-071-13/+76
| | | | | | | | | | - For pkcs12, add -camellia*/-idea, -LMK and -password - For req, add -multivalue-rdn, -pkeyopt and -sigopt - For verify, add -CRLfile and -trusted, and down -check_ss_sig description - For x509, add -next_serial and -sigopt - Remove the escape in -multivalue-rdn from ca section ok jmc@
* Fix manual openssl(1) ec, enc and pkcs7inoguchi2019-07-051-2/+9
| | | | | | | | - For ec, add -param_out description - For enc, add -v usage and description - For pkcs7, add -print usage and description ok jmc@
* Fix manual openssl(1) dgstinoguchi2019-07-051-3/+5
| | | | | | - Add undocumented option -r ok jmc@
* Fix manual openssl(1) crlinoguchi2019-07-041-1/+13
| | | | | | - Add undocumented options -crlnumber, -hash_old, -nameopt and -verify ok jmc@
* Fix manual openssl(1) cainoguchi2019-07-041-8/+15
| | | | | | | - Add undocumented options -crlsec and -sigopt - Sync argument name between usage and options description ok jmc@
* snprintf/vsnprintf return < 0 on error, rather than -1.deraadt2019-07-035-18/+18
|
* When system calls indicate an error they return -1, not some arbitraryderaadt2019-06-285-39/+39
| | | | | | value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
* Some asprintf() calls were checked < 0, rather than the precise == -1.deraadt2019-06-271-3/+3
| | | | ok millert nicm tb, etc
* Move variables into struct in openssl(1) genrsainoguchi2019-06-191-25/+33
| | | | | | | - Move local variables in genrsa_main() to struct genrsa_config - Leave long lines more than 80, still ok bcook@
* tidy up the formatting of gendsa synopsis a little;jmc2019-06-071-5/+3
|
* Convert openssl(1) gendsa to the newer style of option handlinginoguchi2019-06-072-84/+178
| | | | | | | | - Adapt openssl(1) gendsa command to new option handling. - Add lacking ciphers and passout description in openssl.1 manpage. - Describe paramfile as argument in openssl.1 manpage. ok bcook@
* Sort.jsing2019-04-011-3/+3
|
* Make the openssl(1) enc -iter flag actually work.jsing2019-04-011-2/+2
| | | | Diff from Steven Roberts <sroberts at fenderq dot com> - thanks!
* Add the SM4 block cipher from the Chinese standard GB/T 32907-2016.tb2019-03-171-1/+8
| | | | | Patch from Daniel Wyatt ok inoguchi, jsing
* Correctly handle tls_read() and tls_write() failures.jsing2019-02-261-5/+9
| | | | | | | Otherwise a TLS error (for example the remote end sent a fatal alert) is silently ignored. ok bluhm@ tb@
* Convert openssl(1) pkeyutl to the newer style of option handling.inoguchi2019-02-171-198/+278
| | | | ok jsing@ tb@
* Fix weird wrap showing cipher list in interactive modeinoguchi2019-02-096-13/+23
| | | | ok jsing@ tb@
* Summarize the 4 same name functions and move it to apps.cinoguchi2019-02-097-72/+26
| | | | ok tb@ jsing@
* Add islower check to show_ciphers in pkey.c and rsa.c.inoguchi2019-02-052-2/+10
| | | | | suggested by jsing@ ok tb@
* Convert openssl(1) pkey to the newer style of option handling.inoguchi2019-02-051-96/+171
| | | | ok jsing@
* Document missing command line options for the rsautl command.tb2019-02-042-9/+16
| | | | ok jsing, "looks good!" jmc
* zap spaces before tabstb2019-02-031-5/+5
|
* Convert openssl(1) rsautl to the newer style of option handling.jsing2019-02-031-121/+196
| | | | ok beck@ inoguchi@ tb@
* Remove SSLv23 padding mode from rsautl's usage (left behind in a removaltb2019-01-291-2/+1
| | | | | | from code and manual in 2017). Reported by KEINOS in github issue #101.
* spelling;jmc2019-01-281-3/+3
|
* Fix BN_is_prime_* calls in openssl(1), the API returns -1 on error.tb2019-01-201-4/+8
| | | | | | | Found thanks to BoringSSL's commit 53409ee3d7595ed37da472bc73b010cd2c8a5ffd by David Benjamin. ok djm, jsing
* change the default digest used byjsg2019-01-192-4/+4
| | | | | | | | openssl x509 -fingerprint openssl crl -fingerprint from sha1 to sha256 ok jsing@
* switch the default algorithm for the dgst command from MD5 to SHA256naddy2019-01-182-6/+6
| | | | ok deraadt@
* Add -iter and -pbkdf2 to the usage synopsis.naddy2019-01-181-15/+17
| | | | | | Reorder option descriptions so -iter and -pbkdf2 show up alphabetically. Add missing argument name for -iter. ok jmc@
* tweak previous;jmc2019-01-181-7/+7
|
* Add the -iter and -pbkdf2 argumenst to encbeck2019-01-181-2/+11
|
* Change the default digest type to sha256, and add support forbeck2019-01-181-5/+44
| | | | | pbkdf2 with OpenSSL compatible flags ok jsing@
* Revert back previous commit and stop including strings.hmestre2019-01-102-9/+7
| | | | | | | Use memset(3) instead of bzero(3) since POSIX recommends using the former and because it's also more portable (conforms to ANSI C standard) OK tedu@ tb@
* Include strings.h for bzero in usr.bin/ncinoguchi2019-01-092-2/+4
| | | | | | bzero is defined in strings.h. ok deraadt@
* too many words in previous;jmc2018-12-271-2/+2
|
* port ranges can be ambiguous with hypenated port-names.tedu2018-12-272-6/+7
| | | | | | specify that ranges must be numeric, and only check for range if first argument is a digit. identified by danj, fix suggest by sthen
* Keep usage in sync with logic if OPENSSL_NO_DES is set.tobias2018-12-091-1/+3
| | | | ok jmc@, jsing@
* update for libtls default cert changes.tedu2018-11-291-5/+6
| | | | bonus: this exposed a few missing const qualifiers.
* didn't found -> didn't find.tb2018-11-141-2/+2
| | | | From Edgar Pettijohn III
* Add sm3 to the 'openssl dgst' command.tb2018-11-111-1/+5
| | | | ok beck inoguchi
* Add automatic threading initialization for libcrypto.bcook2018-11-111-53/+1
| | | | | | | | | | | | | | This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks. This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed. ok beck@, tb@, looks sane guenther@
* In verbose mode netcat reports to stderr when the listen systembluhm2018-11-091-16/+29
| | | | | | call has finished. This allows to write race free scripts as they can check that the server is up and running. OK sthen@ tb@
* Use TLS_CA_CERT_FILE instead of a separate define.jsing2018-11-061-3/+2
| | | | ok beck@ bluhm@ tb@
* Unbreak following elliptic curves to supported groups rename.jsing2018-11-061-3/+3
| | | | Reported by Katherine <luigi30 at gmail dot com> on tech@
* Make the documentation of -conv_form match reality. It defaultstb2018-11-011-6/+6
| | | | | | to uncompressed rather than compressed. From Jacqueline Jolicoeur
* show what went wrong with a unix domain socket, rather than fail silentlydlg2018-10-261-2/+4
| | | | | | handy if you type the path wrong or don't have permission... ok deraadt@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 13:34:26 +0000