![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / openssl
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.36 / (download) - annotate - [select for diffs], Sat May 18 08:48:31 2024 UTC (21 hours, 24 minutes ago) by jsg
Branch: MAIN
CVS Tags: HEAD
Changes since 1.35: +1 -2 lines
Diff to previous 1.35 (colored)
remove extern with no matching var; ok tb@
Revision 1.35 / (download) - annotate - [select for diffs], Sat May 18 08:47:13 2024 UTC (21 hours, 25 minutes ago) by jsg
Branch: MAIN
Changes since 1.34: +1 -2 lines
Diff to previous 1.34 (colored)
remove prototypes with no matching function; ok tb@
Revision 1.34 / (download) - annotate - [select for diffs], Sun Jun 11 13:02:10 2023 UTC (11 months, 1 week ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.33: +1 -6 lines
Diff to previous 1.33 (colored)
remove unused args_st struct ok tb@
Revision 1.33 / (download) - annotate - [select for diffs], Sun Jun 11 12:35:00 2023 UTC (11 months, 1 week ago) by jsg
Branch: MAIN
Changes since 1.32: +1 -2 lines
Diff to previous 1.32 (colored)
remove chopup_args() unused since apps.c rev 1.31 ok tb@
Revision 1.32 / (download) - annotate - [select for diffs], Fri Apr 14 15:27:13 2023 UTC (13 months ago) by tb
Branch: MAIN
Changes since 1.31: +1 -2 lines
Diff to previous 1.31 (colored)
Drop policy printing from openssl Nothing really uses the policy tree. It's desgined with built-in DoS capabilities directly from the RFC. It will be removed from the attack surface and replaced with something equivalent that doesn't grow exponentially with the depth. This removes the only reason the policy tree itself ever leaked out of the library. ok jsing
Revision 1.31 / (download) - annotate - [select for diffs], Mon Jan 10 12:17:49 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.30: +3 -1 lines
Diff to previous 1.30 (colored)
Implement openssl pkey -{,pub}check and pkeyparam -check
These expose EVP_PKEY_{,public_,param_}check() to the command line.
They are currently noops and will be enabled in the upcoming bump.
ok inoguchi jsing
Revision 1.30 / (download) - annotate - [select for diffs], Fri Nov 26 16:23:27 2021 UTC (2 years, 5 months ago) by tb
Branch: MAIN
Changes since 1.29: +2 -6 lines
Diff to previous 1.29 (colored)
openssl(1): drop support for netscape certificates and server gated keys. ok inoguchi jsing
Revision 1.29 / (download) - annotate - [select for diffs], Sat Nov 20 15:55:00 2021 UTC (2 years, 5 months ago) by tb
Branch: MAIN
Changes since 1.28: +3 -3 lines
Diff to previous 1.28 (colored)
typo in comment
Revision 1.28 / (download) - annotate - [select for diffs], Thu Sep 2 11:30:15 2021 UTC (2 years, 8 months ago) by inoguchi
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.27: +2 -1 lines
Diff to previous 1.27 (colored)
Add DB_TYPE_SUSP
Revision 1.27 / (download) - annotate - [select for diffs], Wed Mar 31 17:13:54 2021 UTC (3 years, 1 month ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.26: +1 -3 lines
Diff to previous 1.26 (colored)
Remove workarounds for SSL_is_dtls() Reminded by inoguchi jsing
Revision 1.26 / (download) - annotate - [select for diffs], Sun Mar 28 12:38:52 2021 UTC (3 years, 1 month ago) by inoguchi
Branch: MAIN
Changes since 1.25: +3 -1 lines
Diff to previous 1.25 (colored)
Fix duplicate SSL_is_dtls in libssl and apps.c Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed. ok jsing@
Revision 1.25 / (download) - annotate - [select for diffs], Wed Mar 24 12:07:39 2021 UTC (3 years, 1 month ago) by inoguchi
Branch: MAIN
Changes since 1.24: +4 -1 lines
Diff to previous 1.24 (colored)
Add option type OPTION_ORDER To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD. ok tb@ and "I'd move forward with your current plan." from jsing@
Revision 1.24 / (download) - annotate - [select for diffs], Wed Sep 9 12:47:46 2020 UTC (3 years, 8 months ago) by inoguchi
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.23: +4 -1 lines
Diff to previous 1.23 (colored)
Add option type OPTION_UL_VALUE_OR ok tb@
Revision 1.23 / (download) - annotate - [select for diffs], Sun Jul 14 03:30:45 2019 UTC (4 years, 10 months ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.22: +4 -4 lines
Diff to previous 1.22 (colored)
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro ok deraadt@ inoguchi@
Revision 1.22 / (download) - annotate - [select for diffs], Sat Feb 9 06:27:37 2019 UTC (5 years, 3 months ago) by inoguchi
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.21: +3 -1 lines
Diff to previous 1.21 (colored)
Summarize the 4 same name functions and move it to apps.c ok tb@ jsing@
Revision 1.21 / (download) - annotate - [select for diffs], Fri Jul 13 18:36:56 2018 UTC (5 years, 10 months ago) by cheloha
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.20: +5 -5 lines
Diff to previous 1.20 (colored)
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET Much more apt than the current operation names. Names suggested by jca@ ages ago. ok jca, jsing
Revision 1.20 / (download) - annotate - [select for diffs], Tue Dec 5 15:02:06 2017 UTC (6 years, 5 months ago) by jca
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.19: +3 -2 lines
Diff to previous 1.19 (colored)
Seperate real and user timer interfaces Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps. Discussed with Scott Cheloha
Revision 1.19 / (download) - annotate - [select for diffs], Tue Aug 30 14:34:59 2016 UTC (7 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.18: +2 -1 lines
Diff to previous 1.18 (colored)
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
Revision 1.18 / (download) - annotate - [select for diffs], Tue Aug 30 11:30:14 2016 UTC (7 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.17: +2 -1 lines
Diff to previous 1.17 (colored)
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
Revision 1.17 / (download) - annotate - [select for diffs], Sat Oct 10 22:28:51 2015 UTC (8 years, 7 months ago) by doug
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.16: +4 -1 lines
Diff to previous 1.16 (colored)
Initial support for pledges in openssl(1) commands. openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands. We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command. This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options. deraadt@ and beck@ are roughly fine with this approach.
Revision 1.16 / (download) - annotate - [select for diffs], Sun Sep 13 12:41:01 2015 UTC (8 years, 8 months ago) by bcook
Branch: MAIN
Changes since 1.15: +10 -3 lines
Diff to previous 1.15 (colored)
Factor out setup_up / destroy_ui functions. This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode ui_read/write are also simplified.
Revision 1.15 / (download) - annotate - [select for diffs], Fri Sep 11 14:30:23 2015 UTC (8 years, 8 months ago) by bcook
Branch: MAIN
Changes since 1.14: +8 -15 lines
Diff to previous 1.14 (colored)
Remove engine command and parameters from openssl(1). We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all. ok jsing@
Revision 1.14 / (download) - annotate - [select for diffs], Wed Jul 15 13:54:34 2015 UTC (8 years, 10 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.13: +3 -1 lines
Diff to previous 1.13 (colored)
Add OPTION_ARG_LONG for handling of options with a long type. ok doug@
Revision 1.13 / (download) - annotate - [select for diffs], Thu Jan 1 14:28:00 2015 UTC (9 years, 4 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.12: +4 -1 lines
Diff to previous 1.12 (colored)
Provide option types for binary AND, binary OR and silently discarding an option.
Revision 1.12 / (download) - annotate - [select for diffs], Sun Dec 28 16:22:37 2014 UTC (9 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.11: +2 -0 lines
Diff to previous 1.11 (colored)
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
Revision 1.11 / (download) - annotate - [select for diffs], Sun Dec 28 15:48:52 2014 UTC (9 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.10: +2 -1 lines
Diff to previous 1.10 (colored)
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
Revision 1.10 / (download) - annotate - [select for diffs], Sun Dec 28 14:21:42 2014 UTC (9 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.9: +3 -2 lines
Diff to previous 1.9 (colored)
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
Revision 1.9 / (download) - annotate - [select for diffs], Sun Dec 14 14:42:06 2014 UTC (9 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.8: +1 -3 lines
Diff to previous 1.8 (colored)
unifdef OPENSSL_NO_NEXTPROTONEG
Revision 1.8 / (download) - annotate - [select for diffs], Fri Nov 7 14:16:48 2014 UTC (9 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)
More OPENSSL_NO_TLSEXT clean up.
Revision 1.7 / (download) - annotate - [select for diffs], Sat Aug 30 15:14:03 2014 UTC (9 years, 8 months ago) by jsing
Branch: MAIN
Changes since 1.6: +3 -2 lines
Diff to previous 1.6 (colored)
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
Revision 1.6 / (download) - annotate - [select for diffs], Thu Aug 28 14:15:28 2014 UTC (9 years, 8 months ago) by jsing
Branch: MAIN
Changes since 1.5: +3 -1 lines
Diff to previous 1.5 (colored)
Add option handling with a callback function for argument processing.
Revision 1.5 / (download) - annotate - [select for diffs], Thu Aug 28 13:39:07 2014 UTC (9 years, 8 months ago) by jsing
Branch: MAIN
Changes since 1.4: +1 -0 lines
Diff to previous 1.4 (colored)
Add option handling for ordered flags.
Revision 1.4 / (download) - annotate - [select for diffs], Thu Aug 28 13:37:41 2014 UTC (9 years, 8 months ago) by jsing
Branch: MAIN
Changes since 1.3: +2 -1 lines
Diff to previous 1.3 (colored)
Add option handling for input/output formats.
Revision 1.3 / (download) - annotate - [select for diffs], Wed Aug 27 15:51:41 2014 UTC (9 years, 8 months ago) by jsing
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
Add an option type that handles argument to integer conversion.
Revision 1.2 / (download) - annotate - [select for diffs], Wed Aug 27 14:59:44 2014 UTC (9 years, 8 months ago) by jsing
Branch: MAIN
Changes since 1.1: +21 -1 lines
Diff to previous 1.1 (colored)
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync. This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application. As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up). With input from doug@. ok bcook@ doug@
Revision 1.1 / (download) - annotate - [select for diffs], Tue Aug 26 17:47:24 2014 UTC (9 years, 8 months ago) by jsing
Branch: MAIN
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl. ok deraadt@ miod@