| #
1c25dff2 |
| 26-Aug-2024 |
tb <tb@openbsd.org> |
ts.c: typo flaf -> flag
|
| #
5a216ca0 |
| 25-Mar-2024 |
tb <tb@openbsd.org> |
Clean up create_digest()
The ts code is its own kind of special. I only sent this diff out to hear
beck squeal. This diff doesn't actually fix anything, apart from (maybe)
appeasing some obscure sta
Clean up create_digest()
The ts code is its own kind of special. I only sent this diff out to hear
beck squeal. This diff doesn't actually fix anything, apart from (maybe)
appeasing some obscure static analyzer. It is decidedly less bad than a
similar change in openssl's issue tracker.
ok beck
show more ...
|
| #
c3585e1c |
| 19-Nov-2023 |
tb <tb@openbsd.org> |
openssl ts: convert to X509_ALGOR_set0()
ok jsing
|
| #
e7718ada |
| 06-Mar-2023 |
tb <tb@openbsd.org> |
Rename struct ${app}_config to plain cfg
All the structs are static and we need to reach into them many times.
Having a shorter name is more concise and results in less visual clutter.
It also avoid
Rename struct ${app}_config to plain cfg
All the structs are static and we need to reach into them many times.
Having a shorter name is more concise and results in less visual clutter.
It also avoids many overlong lines and we will be able to get rid of some
unfortunate line wrapping down the road.
Discussed with jsing
show more ...
|
| #
46f4e7fa |
| 11-Nov-2022 |
joshua <joshua@openbsd.org> |
Remove the legacy interactive mode from openssl(1).
This removes the legacy interactive mode from openssl(1) since it is
rarely used, complicates the code, and has also been removed from
OpenSSL in
Remove the legacy interactive mode from openssl(1).
This removes the legacy interactive mode from openssl(1) since it is
rarely used, complicates the code, and has also been removed from
OpenSSL in version 3.x.x.
ok tb@ jsing@
show more ...
|
| #
54d91a7f |
| 11-Sep-2022 |
tb <tb@openbsd.org> |
Adjust for opaque structs in ts.h
ok jsing
|
| #
814fd41b |
| 27-Mar-2022 |
inoguchi <inoguchi@openbsd.org> |
Check EVP_Digest* functions return value in openssl(1) ts
Move up md_ctx and add EVP_MD_CTX_free under the 'err:' label.
CID 149810
comment and ok jsing@
|
| #
79564bee |
| 24-Mar-2022 |
inoguchi <inoguchi@openbsd.org> |
Check function return value
|
| #
30f6ef3a |
| 24-Mar-2022 |
inoguchi <inoguchi@openbsd.org> |
Compare pointer value with NULL
|
| #
e04fe004 |
| 24-Mar-2022 |
inoguchi <inoguchi@openbsd.org> |
Wrap long lines
|
| #
b58dfa54 |
| 24-Mar-2022 |
inoguchi <inoguchi@openbsd.org> |
Remove space between asterisk and variable name
|
| #
d572171b |
| 24-Mar-2022 |
inoguchi <inoguchi@openbsd.org> |
Convert openssl(1) ts option handling
Apply new option handling to openssl(1) ts, and there is no functional
changes here.
usage strings are comes from manual page.
comments and ok jsing@
|
| #
ddeea89c |
| 12-Dec-2021 |
tb <tb@openbsd.org> |
Use correct spelling of NULL
ok inoguchi
|
| #
387397ab |
| 12-Dec-2021 |
tb <tb@openbsd.org> |
Make ts.c compile with opaque EVP_MD_CTX.
ok inoguchi
|
| #
1020b5f1 |
| 07-Feb-2018 |
jsing <jsing@openbsd.org> |
Indent labels with a single space so that diff prototypes are more useful.
|
| #
51811ead |
| 20-Jan-2017 |
deraadt <deraadt@openbsd.org> |
rearrange pledge promises into the canonical order; easier to eyeball
|
| #
e370f0ee |
| 17-Oct-2015 |
doug <doug@openbsd.org> |
Exit if a pledge call fails in non-interactive mode.
ok semarie@
|
| #
41f935bf |
| 17-Oct-2015 |
semarie <semarie@openbsd.org> |
add "tty" for several subcommands of openssl
it is needed in order to let libssl UI_* function plays with echo on/off when
asking for password on terminal.
passwd subcommand needs additionnal "wpat
add "tty" for several subcommands of openssl
it is needed in order to let libssl UI_* function plays with echo on/off when
asking for password on terminal.
passwd subcommand needs additionnal "wpath cpath" in order to let it calls
fopen("/dev/tty", "w") (O_WRONLY with O_CREAT | O_TRUNC).
problem reported by several
with and ok doug@
show more ...
|
| #
9bc487ad |
| 10-Oct-2015 |
doug <doug@openbsd.org> |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution
of one command (looking at argv[0] or argv[1]) or as an interactive
session
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution
of one command (looking at argv[0] or argv[1]) or as an interactive
session than may execute any number of commands.
We already have a top level pledge that should cover all commands
and that's what interactive mode must continue using. However, we can
tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most
commands only need "stdio rpath wpath cpath". The pledges could be
further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
show more ...
|
| #
fdb25de3 |
| 21-Sep-2015 |
bcook <bcook@openbsd.org> |
remove vestigial bits of sha-0 and md2 from openssl(1)
Noted by kinichiro on github. We probably need a better way to indicate the
list of message digests that are allowed, as the current ones are n
remove vestigial bits of sha-0 and md2 from openssl(1)
Noted by kinichiro on github. We probably need a better way to indicate the
list of message digests that are allowed, as the current ones are nowhere near
exhaustive (sigh - guenther@)
OK guenther@ jmc@
show more ...
|
| #
00b7ba7e |
| 14-Sep-2015 |
doug <doug@openbsd.org> |
Temporarily revive MD4 for MS CHAP support.
|
| #
327941a7 |
| 13-Sep-2015 |
doug <doug@openbsd.org> |
Remove MD4 support from LibreSSL.
MD4 should have been removed a long time ago. Also, RFC 6150 moved it to
historic in 2011. Rides the major crank from removing SHA-0.
Discussed with many includi
Remove MD4 support from LibreSSL.
MD4 should have been removed a long time ago. Also, RFC 6150 moved it to
historic in 2011. Rides the major crank from removing SHA-0.
Discussed with many including beck@, millert@, djm@, sthen@
ok jsing@, input + ok bcook@
show more ...
|
| #
647aff48 |
| 12-Sep-2015 |
lteo <lteo@openbsd.org> |
Nuke SSLEAY_CONF -- a backwards compatibility environment variable that
has been superseded by OPENSSL_CONF and discouraged from use for almost
16 years.
"Definately ok" jsing@
"burn it" deraadt@
"K
Nuke SSLEAY_CONF -- a backwards compatibility environment variable that
has been superseded by OPENSSL_CONF and discouraged from use for almost
16 years.
"Definately ok" jsing@
"burn it" deraadt@
"Kill it with fire" miod@
"KILL IT WITH FIRE!!! BURN!!!!" beck@
show more ...
|
| #
5284dfea |
| 11-Sep-2015 |
bcook <bcook@openbsd.org> |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has
no way to use the engine command or parameters at all.
ok jsing@
|
| #
20c6dab5 |
| 22-Aug-2015 |
jsing <jsing@openbsd.org> |
Remove all duplicate prototypes for *_main functions (these are already
provided by progs.h). Also, move the FUNCTION type (and flags) into
openssl.c since that is the only place of use. Lastly, remo
Remove all duplicate prototypes for *_main functions (these are already
provided by progs.h). Also, move the FUNCTION type (and flags) into
openssl.c since that is the only place of use. Lastly, remove pointless
'extern' from the prototypes and use char **argv instead of char *argv[]
(the former is used elsewhere).
ok deraadt@ doug@
show more ...
|