summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src/apps (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove the libssl/src directorybeck2016-09-031-348/+0
|
* Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is notjsing2014-08-2655-33619/+0
| | | | | | | | a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl. ok deraadt@ miod@
* Include <sys/select.h> to get selectbcook2014-08-244-4/+9
| | | | | | | | | These files currently depends on the wrapper <stdlib.h> file indirectly including a header that provides select(). from Jonas 'Sortie' Termansen ok deraadt@ tedu@
* Let SSL_CIPHER_description() allocate the buffer for the description,jsing2014-08-241-4/+6
| | | | | | | | | | | | | | | | rather than passing in a fixed size buffer. This is yet another example of a horribly designed API - if the given buffer is NULL then SSL_CIPHER_description() allocates one for us (great!), which we then need to free (no problem). However, if this allocation fails it returns a pointer to a static string "OPENSSL_malloc Error" - obviously bad things happen if we call free() with this pointer. Unfortunately, there is no way of knowing that the function failed, other than comparing the returned string against the string literal - so do that before calling free()... Joint work with beck@ during g2k14.
* Fix a usage string; the proper spelling of 'alot' is 'a lot'.blambert2014-07-291-2/+2
| | | | ok bcook@
* Remove SRP code. It contains a bug (this should not surprise anyone), buttedu2014-07-281-2/+1
| | | | | | | | | | | the details are under embargo. The original plan was to wait for the embargo to lift, but we've been waiting for quite some time, and there's no indication of when or even if it will end. No sense in dragging this out any longer. The SRP code has never been enabled in OpenBSD, though I understand it is in use by some other people. However, in light of this and other issues, we're officially saying SRP is outside the scope of libressl. (For now.)
* BIO_free() returns immediately when the sole input is NULL.doug2014-07-2512-46/+29
| | | | | | Remove unnecessary NULL check. ok miod@
* Handle failure of NETSCAPE_SPKI_b64_encode() and don't leak memoryguenther2014-07-221-6/+10
| | | | | | when BIO_new_{file,fp}() fails. inspired by a diff from logan@ ok miod@
* Fix strtonum range to unbreak -pass fd:0lteo2014-07-191-2/+2
| | | | ok deraadt@
* missing newlinederaadt2014-07-181-2/+2
|
* avoid errx(); Jonas Termansenderaadt2014-07-171-3/+5
|
* whitespacederaadt2014-07-1444-170/+170
|
* The bell tolls for BUF_strdup - Start the migration to usingbeck2014-07-134-13/+15
| | | | | | intrinsics. This is the easy ones, a few left to check one at a time. ok miod@ deraadt@
* In openssl_startup(), call SSL_library_init() and SSL_load_error_strings().jsing2014-07-128-28/+10
| | | | | | | | This allows us to remove the ERR_load_crypto_strings() call, along with the various SSL_load_error_strings() and OpenSSL_add_ssl_algorithms() calls scattered around the place. ok beck@
* openssl(1) is only built as a single monolithic binary, so just calljsing2014-07-1239-154/+47
| | | | | | load_config() once when we start. ok miod@
* Remove the PSK code. We don't need to drag around thisbeck2014-07-113-201/+3
| | | | | baggage. ok miod@ jsing@
* Tame the tedu... we still want to know that Compression and Expansion arejsing2014-07-101-1/+5
| | | | NONE, even if this is due to the fact that we do not support compression.
* forgot to decompress here tootedu2014-07-102-17/+2
|
* check return value of write.bcook2014-07-101-4/+15
| | | | ok beck@ jsing@
* unfidef RL_DEBUG. hopefully it's been debugged by nowtedu2014-07-092-50/+2
|
* firebomb some MDEBUG leftoverstedu2014-07-091-87/+1
|
* unifdef a whole bunch of NO RSA/DSA/ECDH defines i deleted from libssltedu2014-07-0912-190/+12
|
* clean up if 0/if 1 code. we don't care anymore.tedu2014-07-092-119/+3
|
* move a commenttedu2014-07-091-3/+3
|
* Remove typecasts on password_callback.bcook2014-07-093-20/+15
| | | | | | | Rather than casting password_callback to the correct function pointer signature at every call site, change it to match the signature instead. ok miod@ deraadt@ tedu@
* Free "data" when it's no longer in use.logan2014-06-291-1/+2
| | | | | | (Thanks to Brent Cook) OK from jsing@
* Fix file descriptor leaklogan2014-06-291-1/+2
| | | | | | (Thanks to Brent Cook) OK from jsing@
* Use strtonum() instead of atoi(), and then impose what are we thinkderaadt2014-06-2813-102/+211
| | | | | | are the current range checks. Help from millert and lteo. Please test now that it is deployed and let us know if any numbers are off.. ok lteo
* Fix memory leak.logan2014-06-241-2/+4
| | | | | | Thanks to Brenk Cook. OK from miod@
* Remove support for the `opaque PRF input' extension, which draft has expiredmiod2014-06-133-18/+3
| | | | | | | | 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major. With help and enlightenment from Brendan MacDonell.
* tags as requested by miod and teduderaadt2014-06-1255-57/+55
|
* c-file-style hints, begone; ok beckderaadt2014-06-112-2/+2
|
* /* on some platforms time_t may be a float */deraadt2014-06-071-3/+3
| | | | | | | | In the past, time_t's type was underspecified. But a floating point type would not have worked in practice. Newer specifications effectively forbid it. While cleaning this up, get partly ready for Y2038. ok miod
* malloc() result does not need a cast.deraadt2014-06-0710-17/+17
| | | | ok miod
* Remove RANDFILE remnants.jsing2014-06-022-3/+0
|
* Stop pretending that openssl(1) applications support the -rand option.jsing2014-06-0215-123/+11
| | | | | | | | | | | | The underlying code has long been removed, making this a no-op. If your random subsystem actually requires that you seed it from a file, then you really should go and buy a new random subsystem that was built after 1990. Diff from Brent Cook. ok deraadt@
* Make usage for -quiet match the manpage and fix a misspellingguenther2014-06-011-2/+2
|
* Rework parse_name() so that variable declaration is separate from functionjsing2014-05-301-37/+50
| | | | | | | based initialisation, use more readable variable names and use a goto rather than duplicating the frees for the error and non-error paths... ok beck@
* no need for null check before free. from Brendan MacDonelltedu2014-05-301-6/+3
|
* trivial realloc -> reallocarrayderaadt2014-05-291-2/+1
|
* ok, next pass after review: when possible, put the reallocarray argumentsderaadt2014-05-293-3/+3
| | | | in the "size_t nmemb, size_t size"
* convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53deraadt2014-05-295-9/+9
| | | | | | | | | potential integer overflows easily changed into an allocation return of NULL, with errno nicely set if need be. checks for an allocations returning NULL are commonplace, or if the object is dereferenced (quite normal) will result in a nice fault which can be detected & repaired properly. ok tedu
* There is no need to include <openssl/e_os2.h> here, except for the factjsing2014-05-265-5/+2
| | | | | that it brings in <openssl/opensslconf.h>, so just do that instead (currently via apps.h).
* Fix resource descriptor leaks.logan2014-05-251-0/+4
| | | | | | CID: 966576 & 966577 OK from guenther@ and "Yup. looks good." from tedu@
* -noout mentions a CRL, which is incorrect. Use "no output of encoded sessionlogan2014-05-251-1/+1
| | | | | | | | info." instead. From Martin Kaiser. OK from tedu@
* There is little interest in supporting Watt-32 TCP/IP debugging. Forderaadt2014-05-251-7/+0
| | | | | reference, check out http://www.watt-32.net/ ok jsing
* signal.h is not needed here.jsing2014-05-231-1/+0
|
* Stop pulling signal.h into apps.h - just include it from openssl.c wherejsing2014-05-232-2/+1
| | | | it is needed.
* Calling signal once to ignore SIGPIPE is sufficient - we do not need to dojsing2014-05-2337-67/+0
| | | | | | this again in each app. ok miod@
* Move include to the top and nuke pointless comments.jsing2014-05-231-8/+1
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.