#
b6fbef11 |
| 14-Dec-2021 |
Dr. David von Oheimb |
Add OSSL_CMP_CTX_get0_validatedSrvCert(), correcting OSSL_CMP_validate_msg() Also change ossl_cmp_ctx_set0_validatedSrvCert() to ossl_cmp_ctx_set1_validatedSrvCert(), and add respective
Add OSSL_CMP_CTX_get0_validatedSrvCert(), correcting OSSL_CMP_validate_msg() Also change ossl_cmp_ctx_set0_validatedSrvCert() to ossl_cmp_ctx_set1_validatedSrvCert(), and add respective tests as well as the -srvcertout CLI option using the new function. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18656)
show more ...
|
#
8c094747 |
| 01-Jul-2022 |
Dr. David von Oheimb |
apps/cmp.c: fix cleanup of CMP_CTX vs. APP_HTTP_TLS_INFO in its http_cb_arg field Prevent crashes on error by making sure the info is freed after OSSL_CMP_CTX_free(), which may call OSSL
apps/cmp.c: fix cleanup of CMP_CTX vs. APP_HTTP_TLS_INFO in its http_cb_arg field Prevent crashes on error by making sure the info is freed after OSSL_CMP_CTX_free(), which may call OSSL_HTTP_close() and thus indirectly reference the info. Moreover, should not attempt to reference the cmp_ctx variable when NULL. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18702)
show more ...
|
#
d9650648 |
| 03-Dec-2021 |
Dr. David von Oheimb |
apps/cmp.c: improve print_itavs() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged fr
apps/cmp.c: improve print_itavs() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18657)
show more ...
|
#
bbaabd16 |
| 03-Dec-2021 |
Dr. David von Oheimb |
apps/cmp.c: Fix glitch in -newkeypass warning and extend warnings for genm Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo La
apps/cmp.c: Fix glitch in -newkeypass warning and extend warnings for genm Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18657)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
fd989c73 |
| 04-Jan-2022 |
Dr. David von Oheimb |
apps/cmp.c: fix coding style nits reported by check-format.pl Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17363)
|
#
e304aa87 |
| 02-Jan-2022 |
Dimitris Apostolou |
Fix typos Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17392)
|
#
b971d419 |
| 12-Jul-2021 |
Dr. David von Oheimb |
CMP mock server: add -ref_cert option and corresponding ossl_cmp_mock_srv_set1_refCert() Fixes #16041 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com
CMP mock server: add -ref_cert option and corresponding ossl_cmp_mock_srv_set1_refCert() Fixes #16041 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16050)
show more ...
|
#
068549f8 |
| 26-Nov-2021 |
Dr. David von Oheimb |
HTTP client: Work around HTTPS proxy use bug due to callback design flaw See discussion in #17088, where the real solution was postponed to 4.0. This preliminarily fixes the issue t
HTTP client: Work around HTTPS proxy use bug due to callback design flaw See discussion in #17088, where the real solution was postponed to 4.0. This preliminarily fixes the issue that the HTTP(S) proxy environment vars were neglected when determining whether a proxy should be used for HTTPS. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17310)
show more ...
|
#
ad1a1d71 |
| 06-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: improve diagnostics for presence of TLS options Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/opens
APPS/cmp: improve diagnostics for presence of TLS options Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16747)
show more ...
|
#
6be83cc6 |
| 15-Dec-2021 |
Dr. David von Oheimb |
OSSL_CMP_CTX: rename get/set function for trustedStore This makes the naming more consistent, in a backward-compatible way Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged fr
OSSL_CMP_CTX: rename get/set function for trustedStore This makes the naming more consistent, in a backward-compatible way Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17277)
show more ...
|
#
15e2b0f0 |
| 06-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: improve diagnostics for presence of TLS options Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/opens
APPS/cmp: improve diagnostics for presence of TLS options Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16747)
show more ...
|
#
79b2a2f2 |
| 18-Dec-2021 |
Dr. David von Oheimb |
add OSSL_STACK_OF_X509_free() for commonly used pattern Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17307)
|
#
a56bb5d6 |
| 07-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: Fix logic and doc of mutually exclusive -server/-use_mock_srv/-port/-rspin options Ignore -server with -rspin and exclude all of -use_mock_srv/-port/-rspin. On the other hand,
APPS/cmp: Fix logic and doc of mutually exclusive -server/-use_mock_srv/-port/-rspin options Ignore -server with -rspin and exclude all of -use_mock_srv/-port/-rspin. On the other hand, -server is required if no -use_mock_srv/-port/-rspin is given. Ignore -tls_used with -use_mock_srv and -rspin; it is not supported with -port. If -server is not given, ignore -proxy, -no_proxy, and -tls_used. Also slightly improve the documentation of the two mock server variants. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17254)
show more ...
|
#
61fa00a4 |
| 07-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: Simplify read_write_req_resp() - 'req' arg must not be NULL anyway Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17251)
|
#
83b424c3 |
| 07-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: Fix use of OPENSSL_NO_SOCK: options like -server do not make sense with no-sock Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull
APPS/cmp: Fix use of OPENSSL_NO_SOCK: options like -server do not make sense with no-sock Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17226)
show more ...
|
#
7ee0954a |
| 07-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: fix -rspin option such that it works again without -reqin Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17222)
|
#
d9f07357 |
| 27-Aug-2021 |
Dr. David von Oheimb |
APPS: Improve diagnostics on missing/extra args and unknown cipher/digest Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16450)
|
#
4599ea9f |
| 13-Jul-2021 |
Dr. David von Oheimb |
Fix HTTP server port output and allow dynamic verbosity setting Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16061)
|
#
747adb6a |
| 24-Jun-2021 |
Dr. David von Oheimb |
Add and use HAS_CASE_PREFIX(), CHECK_AND_SKIP_CASE_PREFIX(), and HAS_CASE_SUFFIX() Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15847)
|
#
92df5211 |
| 12-Jul-2021 |
Dr. David von Oheimb |
Fix verbosity of CMP client diagnostics Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16051)
|
#
03ee2e5b |
| 03-Nov-2021 |
Dr. David von Oheimb |
APPS/cmp: make the -sans option support email addresses (type rfc822Name) Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16960)
|
#
767db672 |
| 13-Oct-2021 |
Tomas Mraz |
cmp.c: Avoid dereference with negative index and use memcpy This prevents a compile-time warning on newer gcc. Also fix the related warning message. Fixes #16814 R
cmp.c: Avoid dereference with negative index and use memcpy This prevents a compile-time warning on newer gcc. Also fix the related warning message. Fixes #16814 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16821)
show more ...
|
#
39a8d4e1 |
| 11-Sep-2021 |
Dr. David von Oheimb |
APPS/cmp.c: Move warning on overlong section name to make it effective again Fixes #16585 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
APPS/cmp.c: Move warning on overlong section name to make it effective again Fixes #16585 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16586)
show more ...
|
#
08e9ff76 |
| 05-Aug-2021 |
Dr. David von Oheimb |
Fix CMP app TLS connection not respecting vpm options like -crl_check Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16225)
|