![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / openssl
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.21 / (download) - annotate - [select for diffs], Fri Apr 14 15:27:13 2023 UTC (13 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
HEAD
Changes since 1.20: +1 -4 lines
Diff to previous 1.20 (colored)
Drop policy printing from openssl Nothing really uses the policy tree. It's desgined with built-in DoS capabilities directly from the RFC. It will be removed from the attack surface and replaced with something equivalent that doesn't grow exponentially with the depth. This removes the only reason the policy tree itself ever leaked out of the library. ok jsing
Revision 1.20 / (download) - annotate - [select for diffs], Wed Aug 31 07:12:30 2022 UTC (20 months, 2 weeks ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.19: +9 -4 lines
Diff to previous 1.19 (colored)
Check return values in ssl_print_tmp_key() Use EVP_PKEY_get0_EC_KEY() instead of the get1 version to avoid an EVP_PKEY_free(). Check return values: if either EVP_PKEY_get0_EC_KEY() or EC_KEY_get0_group() fail, a NULL dereference occurs. CID 43289 ok jsing
Revision 1.19 / (download) - annotate - [select for diffs], Tue Aug 30 20:40:14 2022 UTC (20 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.18: +7 -3 lines
Diff to previous 1.18 (colored)
Check HMAC() return value to avoid a later use of uninitialized CID 25421
Revision 1.18 / (download) - annotate - [select for diffs], Thu Feb 3 18:40:34 2022 UTC (2 years, 3 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.17: +26 -28 lines
Diff to previous 1.17 (colored)
Unindent and unwrap lines. Pull up a NULL check. No functional change.
Revision 1.17 / (download) - annotate - [select for diffs], Thu Feb 3 18:35:24 2022 UTC (2 years, 3 months ago) by tb
Branch: MAIN
Changes since 1.16: +1 -6 lines
Diff to previous 1.16 (colored)
Remove commented variable declarations
Revision 1.16 / (download) - annotate - [select for diffs], Thu Feb 3 17:42:54 2022 UTC (2 years, 3 months ago) by tb
Branch: MAIN
Changes since 1.15: +1 -21 lines
Diff to previous 1.15 (colored)
Remove some stale comments. ok jsing
Revision 1.15 / (download) - annotate - [select for diffs], Fri Apr 2 10:19:19 2021 UTC (3 years, 1 month ago) by inoguchi
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.14: +6 -2 lines
Diff to previous 1.14 (colored)
Show DTLS1.2 message with openssl(1) s_server and s_client ok jsing@ tb@
Revision 1.14 / (download) - annotate - [select for diffs], Sun Apr 26 02:09:21 2020 UTC (4 years ago) by inoguchi
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.13: +49 -7 lines
Diff to previous 1.13 (colored)
Display TLSv1.3 extension type with openssl(1) -tlsextdebug Add TLSv1.3 extension type, and sort by the definition order in tls1.h. This helps that openssl(1) s_server and s_client with -tlsextdebug displays the TLS extension type instead of "unknown". ok beck@ jsing@ tb@
Revision 1.13 / (download) - annotate - [select for diffs], Sat Jan 25 05:29:10 2020 UTC (4 years, 3 months ago) by tb
Branch: MAIN
Changes since 1.12: +4 -1 lines
Diff to previous 1.12 (colored)
add a couple of XXX for future cleanup
Revision 1.12 / (download) - annotate - [select for diffs], Fri Jan 24 09:42:32 2020 UTC (4 years, 3 months ago) by tb
Branch: MAIN
Changes since 1.11: +17 -2 lines
Diff to previous 1.11 (colored)
Teach openssl s_client a bit about TLSv1.3. ok beck jsing
Revision 1.11 / (download) - annotate - [select for diffs], Tue Nov 6 05:45:50 2018 UTC (5 years, 6 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.10: +3 -3 lines
Diff to previous 1.10 (colored)
Unbreak following elliptic curves to supported groups rename. Reported by Katherine <luigi30 at gmail dot com> on tech@
Revision 1.10 / (download) - annotate - [select for diffs], Wed Apr 25 07:12:33 2018 UTC (6 years ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.9: +3 -2 lines
Diff to previous 1.9 (colored)
The cookie in the cookie verify callback needs to be const. ok jsing (as part of a larger diff)
Revision 1.9 / (download) - annotate - [select for diffs], Mon Jan 15 11:02:07 2018 UTC (6 years, 4 months ago) by inoguchi
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.8: +9 -1 lines
Diff to previous 1.8 (colored)
Add s_server and s_client -tlsextdebug messages ok sthen@ jsing@
Revision 1.8 / (download) - annotate - [select for diffs], Sat Aug 12 21:04:33 2017 UTC (6 years, 9 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.7: +1 -7 lines
Diff to previous 1.7 (colored)
Remove NPN support - the -nextprotoneg options now become no-ops. ok bcook@ beck@ doug@
Revision 1.7 / (download) - annotate - [select for diffs], Fri Dec 30 17:25:48 2016 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.6: +38 -1 lines
Diff to previous 1.6 (colored)
Display details of the server ephemeral key, based on OpenSSL. ok doug@
Revision 1.6 / (download) - annotate - [select for diffs], Thu Sep 10 19:08:46 2015 UTC (8 years, 8 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.5: +2 -5 lines
Diff to previous 1.5 (colored)
Nuke references to DTLS1_BAD_VER and unbreak the tree.
Revision 1.5 / (download) - annotate - [select for diffs], Thu Sep 10 06:36:45 2015 UTC (8 years, 8 months ago) by bcook
Branch: MAIN
Changes since 1.4: +1 -4 lines
Diff to previous 1.4 (colored)
Fix shadowed verify_error in s_server by removing the unused global. 's_time -verify 1' will now actually verify the peer certificate. ok beck@
Revision 1.4 / (download) - annotate - [select for diffs], Mon Jul 20 21:52:07 2015 UTC (8 years, 10 months ago) by doug
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.3: +14 -5 lines
Diff to previous 1.3 (colored)
Avoid NULL deref in openssl(1) s_cb. Fixes Coverity issue 24956. ok bcook@
Revision 1.3 / (download) - annotate - [select for diffs], Sun Feb 8 10:22:45 2015 UTC (9 years, 3 months ago) by doug
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.2: +2 -5 lines
Diff to previous 1.2 (colored)
Delete commented out code from openssl(1) apps. From OpenSSL commits: 6f91b017bbb7140f816721141ac156d1b828a6b3 75d0ebef2aef7a2c77b27575b8da898e22f3ccd5 a2b18e657ea1a932d125154f4e13ab2258796d90 ok miod@, jsing@
Revision 1.2 / (download) - annotate - [select for diffs], Wed Oct 22 13:54:03 2014 UTC (9 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.1: +2 -7 lines
Diff to previous 1.1 (colored)
Use arc4random_buf() instead of RAND(_pseudo)?_bytes(). ok bcook@
Revision 1.1 / (download) - annotate - [select for diffs], Tue Aug 26 17:47:25 2014 UTC (9 years, 8 months ago) by jsing
Branch: MAIN
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl. ok deraadt@ miod@