Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
23b795d3 |
| 20-Feb-2021 |
FdaSilvaYY |
apps: directly inclusion of "e_os.h when needed Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/
apps: directly inclusion of "e_os.h when needed Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14344)
show more ...
|
#
7ed6de99 |
| 05-Sep-2024 |
Tomas Mraz |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes
|
#
81202237 |
| 09-Aug-2023 |
Stephan Wurm |
apps: ca,req,x509: Add explicit start and end dates options - Added options `-not_before` (start date) and `-not-after` (end date) for explicit setting of the validity period of a cert
apps: ca,req,x509: Add explicit start and end dates options - Added options `-not_before` (start date) and `-not-after` (end date) for explicit setting of the validity period of a certificate in the apps `ca`, `req` and `x509` - The new options accept time strings or "today" - In app `ca`, use the new options as aliases of the already existing options `-startdate` and `-enddate` - When used in apps `req` and `x509`, the end date must be >= the start date, in app `ca` end date < start date is also accepted - In any case, `-not-after` overrides the `-days` option - Added helper function `check_cert_time_string` to validate given certificate time strings - Use the new helper function in apps `ca`, `req` and `x509` - Moved redundant code for time string checking into `set_cert_times` helper function. - Added tests for explicit start and end dates in apps `req` and `x509` - test: Added auxiliary functions for parsing fields from `-text` formatted output to `tconversion.pl` - CHANGES: Added to new section 3.4 Signed-off-by: Stephan Wurm <atomisirsi@gsklan.de> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21716)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
b7782687 |
| 16-May-2023 |
Dr. David von Oheimb |
APPS: replace awkward and error-prone pattern by calls to new app_conf_try_number() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by
APPS: replace awkward and error-prone pattern by calls to new app_conf_try_number() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20971)
show more ...
|
#
da7f81d3 |
| 16-May-2023 |
Dr. David von Oheimb |
APPS: replace awkward and error-prone pattern by calls to new app_conf_try_string() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by
APPS: replace awkward and error-prone pattern by calls to new app_conf_try_string() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20971)
show more ...
|
#
a75f707f |
| 21-Apr-2023 |
Tianjia Zhang |
apps: silent warning when loading CSR files with vfyopt option When verifying or signing a CSR file with the -vfyopt option, a warning message similar to the following will appear:
apps: silent warning when loading CSR files with vfyopt option When verifying or signing a CSR file with the -vfyopt option, a warning message similar to the following will appear: Warning: CSR self-signature does not match the contents This happens especially when the SM2 algorithm is used and the distid parameter is added. Pass the vfyopts parameter to the do_X509_REQ_verify() function to eliminate the warning message. Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20799)
show more ...
|
#
0e89b396 |
| 26-Aug-2022 |
Dr. David von Oheimb |
apps/x509 etc.: allow private key input when public key is expected Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David
apps/x509 etc.: allow private key input when public key is expected Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19076)
show more ...
|
#
342e3652 |
| 24-Sep-2022 |
Dr. David von Oheimb |
APPS: generated certs bear X.509 V3, unless -x509v1 option of req app is given Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by:
APPS: generated certs bear X.509 V3, unless -x509v1 option of req app is given Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19271)
show more ...
|
#
200d8447 |
| 06-Jul-2021 |
Dr. David von Oheimb |
APPS: Move load_csr_autofmt() from apps/cmp.c to apps.c and use it also for apps, too Also add related references to FR #15725. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
APPS: Move load_csr_autofmt() from apps/cmp.c to apps.c and use it also for apps, too Also add related references to FR #15725. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18900)
show more ...
|
#
ec8a3409 |
| 30-May-2022 |
Dr. David von Oheimb |
APPS/x509: With -CA but both -CAserial and -CAcreateserial not given, use random serial. Also improve openssl-x509.pod.in and error handling of load_serial() in apps.c. Reviewed-by:
APPS/x509: With -CA but both -CAserial and -CAcreateserial not given, use random serial. Also improve openssl-x509.pod.in and error handling of load_serial() in apps.c. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18373)
show more ...
|
#
065121ff |
| 04-Feb-2022 |
Armin Fuerst |
Add tests for do_updatedb Fixes #13944 Moved "opt_printf_stderr" out of apps.c to avoid duplicate definition in tests. Added function "asn1_string_to_time_t" including test
Add tests for do_updatedb Fixes #13944 Moved "opt_printf_stderr" out of apps.c to avoid duplicate definition in tests. Added function "asn1_string_to_time_t" including tests. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17645)
show more ...
|
#
d5f9166b |
| 04-Feb-2022 |
Richard Levitte |
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to b
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to be able to stop ourselves, the better move is to move e_os.h to an include directory that's part of the inclusion path given to the compiler. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17641)
show more ...
|
#
e1cd94f2 |
| 22-Dec-2021 |
Philip Prindeville |
Standardize progress callback for dhparam, dsaparam, etc. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed
Standardize progress callback for dhparam, dsaparam, etc. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17359)
show more ...
|
#
9567fd38 |
| 23-Nov-2021 |
Rami Khaldi |
x509: Return a nonzero exit code on error when checking ip/email/host In the x509 app when doing the ip/email/host validation of a certificate we return nonzero exit code if the validati
x509: Return a nonzero exit code on error when checking ip/email/host In the x509 app when doing the ip/email/host validation of a certificate we return nonzero exit code if the validation fails. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17022)
show more ...
|
#
af16097f |
| 24-Jun-2021 |
Dr. David von Oheimb |
Move more general parts of internal/cryptlib.h to new internal/common.h Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15847)
|
#
2ff286c2 |
| 21-Jun-2021 |
Dr. David von Oheimb |
Add and use HAS_PREFIX() and CHECK_AND_SKIP_PREFIX() for checking if string has literal prefix Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/
Add and use HAS_PREFIX() and CHECK_AND_SKIP_PREFIX() for checking if string has literal prefix Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15847)
show more ...
|
#
adbd77f6 |
| 17-Aug-2021 |
Dr. David von Oheimb |
X509: Fix handling of AKID and SKID extensions according to configuration Fixes #16300 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.o
X509: Fix handling of AKID and SKID extensions according to configuration Fixes #16300 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16342)
show more ...
|
#
32f7be2a |
| 17-Aug-2021 |
Dr. David von Oheimb |
APPS: Fix result type of dump_cert_text() and behavior of print_name() on out==NULL Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged fro
APPS: Fix result type of dump_cert_text() and behavior of print_name() on out==NULL Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16344)
show more ...
|
#
3334e039 |
| 10-Jun-2021 |
Pauli |
add libctx and property query to fetch functions Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15687)
|
#
8c5bff22 |
| 01-Mar-2021 |
William Edmisten |
Add support for ISO 8601 datetime format Fixes #5430 Added the configuration file option "date_opt" to the openssl applications ca, crl and x509. Added ASN1_TIME_print_ex wh
Add support for ISO 8601 datetime format Fixes #5430 Added the configuration file option "date_opt" to the openssl applications ca, crl and x509. Added ASN1_TIME_print_ex which supports the new datetime format using the flag ASN1_DTFLGS_ISO8601 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14384)
show more ...
|
#
ef044913 |
| 09-Jun-2021 |
Shane Lontis |
Fix s_server app to not report an error when using a non DH certificate. Fixes #15071 It always tries loading the cert as DH which previously did not produce an error. The error
Fix s_server app to not report an error when using a non DH certificate. Fixes #15071 It always tries loading the cert as DH which previously did not produce an error. The errors are not suppressed for these operations. The output now matches previous versions of OpenSSL. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15670)
show more ...
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4 |
|
#
a7e4ca5b |
| 09-Jun-2020 |
Dr. David von Oheimb |
Add warning to key/param generating apps on potential delay due to missing entropy This also introduces app_keygen() and app_paramgen() and cleans up err reporting. Reviewed-by: Tom
Add warning to key/param generating apps on potential delay due to missing entropy This also introduces app_keygen() and app_paramgen() and cleans up err reporting. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12095)
show more ...
|
#
88d96983 |
| 12-May-2021 |
Dr. David von Oheimb |
apps/ocsp: Add -proxy and -no_proxy options Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15245)
|
#
82990287 |
| 03-May-2021 |
Dr. David von Oheimb |
HTTP client API: Generalize to arbitrary request and response contents Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15053)
|