| #
b6fbef11 |
| 14-Dec-2021 |
Dr. David von Oheimb |
Add OSSL_CMP_CTX_get0_validatedSrvCert(), correcting OSSL_CMP_validate_msg()
Also change ossl_cmp_ctx_set0_validatedSrvCert() to ossl_cmp_ctx_set1_validatedSrvCert(),
and add respective
Add OSSL_CMP_CTX_get0_validatedSrvCert(), correcting OSSL_CMP_validate_msg()
Also change ossl_cmp_ctx_set0_validatedSrvCert() to ossl_cmp_ctx_set1_validatedSrvCert(),
and add respective tests as well as the -srvcertout CLI option using the new function.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18656)
show more ...
|
| #
8c094747 |
| 01-Jul-2022 |
Dr. David von Oheimb |
apps/cmp.c: fix cleanup of CMP_CTX vs. APP_HTTP_TLS_INFO in its http_cb_arg field
Prevent crashes on error by making sure the info is freed after OSSL_CMP_CTX_free(),
which may call OSSL
apps/cmp.c: fix cleanup of CMP_CTX vs. APP_HTTP_TLS_INFO in its http_cb_arg field
Prevent crashes on error by making sure the info is freed after OSSL_CMP_CTX_free(),
which may call OSSL_HTTP_close() and thus indirectly reference the info.
Moreover, should not attempt to reference the cmp_ctx variable when NULL.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18702)
show more ...
|
| #
d9650648 |
| 03-Dec-2021 |
Dr. David von Oheimb |
apps/cmp.c: improve print_itavs()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged fr
apps/cmp.c: improve print_itavs()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18657)
show more ...
|
| #
bbaabd16 |
| 03-Dec-2021 |
Dr. David von Oheimb |
apps/cmp.c: Fix glitch in -newkeypass warning and extend warnings for genm
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo La
apps/cmp.c: Fix glitch in -newkeypass warning and extend warnings for genm
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18657)
show more ...
|
| #
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
|
| #
fd989c73 |
| 04-Jan-2022 |
Dr. David von Oheimb |
apps/cmp.c: fix coding style nits reported by check-format.pl
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17363)
|
| #
e304aa87 |
| 02-Jan-2022 |
Dimitris Apostolou |
Fix typos
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17392)
|
| #
b971d419 |
| 12-Jul-2021 |
Dr. David von Oheimb |
CMP mock server: add -ref_cert option and corresponding ossl_cmp_mock_srv_set1_refCert()
Fixes #16041
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com
CMP mock server: add -ref_cert option and corresponding ossl_cmp_mock_srv_set1_refCert()
Fixes #16041
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16050)
show more ...
|
| #
068549f8 |
| 26-Nov-2021 |
Dr. David von Oheimb |
HTTP client: Work around HTTPS proxy use bug due to callback design flaw
See discussion in #17088, where the real solution was postponed to 4.0.
This preliminarily fixes the issue t
HTTP client: Work around HTTPS proxy use bug due to callback design flaw
See discussion in #17088, where the real solution was postponed to 4.0.
This preliminarily fixes the issue that the HTTP(S) proxy environment vars
were neglected when determining whether a proxy should be used for HTTPS.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17310)
show more ...
|
| #
ad1a1d71 |
| 06-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: improve diagnostics for presence of TLS options
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/opens
APPS/cmp: improve diagnostics for presence of TLS options
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16747)
show more ...
|
| #
6be83cc6 |
| 15-Dec-2021 |
Dr. David von Oheimb |
OSSL_CMP_CTX: rename get/set function for trustedStore
This makes the naming more consistent, in a backward-compatible way
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged fr
OSSL_CMP_CTX: rename get/set function for trustedStore
This makes the naming more consistent, in a backward-compatible way
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17277)
show more ...
|
| #
15e2b0f0 |
| 06-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: improve diagnostics for presence of TLS options
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/opens
APPS/cmp: improve diagnostics for presence of TLS options
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16747)
show more ...
|
| #
79b2a2f2 |
| 18-Dec-2021 |
Dr. David von Oheimb |
add OSSL_STACK_OF_X509_free() for commonly used pattern
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17307)
|
| #
a56bb5d6 |
| 07-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: Fix logic and doc of mutually exclusive -server/-use_mock_srv/-port/-rspin options
Ignore -server with -rspin and exclude all of -use_mock_srv/-port/-rspin.
On the other hand,
APPS/cmp: Fix logic and doc of mutually exclusive -server/-use_mock_srv/-port/-rspin options
Ignore -server with -rspin and exclude all of -use_mock_srv/-port/-rspin.
On the other hand, -server is required if no -use_mock_srv/-port/-rspin is given.
Ignore -tls_used with -use_mock_srv and -rspin; it is not supported with -port.
If -server is not given, ignore -proxy, -no_proxy, and -tls_used.
Also slightly improve the documentation of the two mock server variants.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17254)
show more ...
|
| #
61fa00a4 |
| 07-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: Simplify read_write_req_resp() - 'req' arg must not be NULL anyway
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17251)
|
| #
83b424c3 |
| 07-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: Fix use of OPENSSL_NO_SOCK: options like -server do not make sense with no-sock
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull
APPS/cmp: Fix use of OPENSSL_NO_SOCK: options like -server do not make sense with no-sock
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17226)
show more ...
|
| #
7ee0954a |
| 07-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: fix -rspin option such that it works again without -reqin
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17222)
|
| #
d9f07357 |
| 27-Aug-2021 |
Dr. David von Oheimb |
APPS: Improve diagnostics on missing/extra args and unknown cipher/digest
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16450)
|
| #
4599ea9f |
| 13-Jul-2021 |
Dr. David von Oheimb |
Fix HTTP server port output and allow dynamic verbosity setting
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16061)
|
| #
747adb6a |
| 24-Jun-2021 |
Dr. David von Oheimb |
Add and use HAS_CASE_PREFIX(), CHECK_AND_SKIP_CASE_PREFIX(), and HAS_CASE_SUFFIX()
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15847)
|
| #
92df5211 |
| 12-Jul-2021 |
Dr. David von Oheimb |
Fix verbosity of CMP client diagnostics
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16051)
|
| #
03ee2e5b |
| 03-Nov-2021 |
Dr. David von Oheimb |
APPS/cmp: make the -sans option support email addresses (type rfc822Name)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16960)
|
| #
767db672 |
| 13-Oct-2021 |
Tomas Mraz |
cmp.c: Avoid dereference with negative index and use memcpy
This prevents a compile-time warning on newer gcc.
Also fix the related warning message.
Fixes #16814
R
cmp.c: Avoid dereference with negative index and use memcpy
This prevents a compile-time warning on newer gcc.
Also fix the related warning message.
Fixes #16814
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16821)
show more ...
|
| #
39a8d4e1 |
| 11-Sep-2021 |
Dr. David von Oheimb |
APPS/cmp.c: Move warning on overlong section name to make it effective again
Fixes #16585
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
APPS/cmp.c: Move warning on overlong section name to make it effective again
Fixes #16585
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16586)
show more ...
|
| #
08e9ff76 |
| 05-Aug-2021 |
Dr. David von Oheimb |
Fix CMP app TLS connection not respecting vpm options like -crl_check
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16225)
|
