#
0800318a |
| 24-May-2021 |
Tomas Mraz |
Deprecate old style BIO callback calls New style BIO_debug_callback_ex() function added to provide replacement for BIO_debug_callback(). Reviewed-by: Paul Dale <pauli@openssl.or
Deprecate old style BIO callback calls New style BIO_debug_callback_ex() function added to provide replacement for BIO_debug_callback(). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15440)
show more ...
|
Revision tags: openssl-3.0.0-alpha17 |
|
#
359efeac |
| 17-May-2021 |
Dr. David von Oheimb |
DOC: Fix nits found by new check on SYNOPSIS and OPTIONS consistency Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15299)
|
#
9be5f9a8 |
| 17-May-2021 |
Dr. David von Oheimb |
Move ossl_sleep() to e_os.h and use it in apps Fixes #15304 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://githu
Move ossl_sleep() to e_os.h and use it in apps Fixes #15304 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15308)
show more ...
|
#
80a4ac57 |
| 12-May-2021 |
Dr. David von Oheimb |
apps/s_server: Add -proxy and -no_proxy options Strongly related to feature request #6965 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/ope
apps/s_server: Add -proxy and -no_proxy options Strongly related to feature request #6965 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15245)
show more ...
|
#
88d96983 |
| 12-May-2021 |
Dr. David von Oheimb |
apps/ocsp: Add -proxy and -no_proxy options Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15245)
|
#
55373bfd |
| 06-May-2021 |
Rich Salz |
Add SSL_OP_ALLOW_CLIENT_RENEGOTIATION Add -client_renegotiation flag support. The -client_renegotiation flag is equivalent to SSL_OP_ALLOW_CLIENT_RENEGOTIATION. Add support to the app,
Add SSL_OP_ALLOW_CLIENT_RENEGOTIATION Add -client_renegotiation flag support. The -client_renegotiation flag is equivalent to SSL_OP_ALLOW_CLIENT_RENEGOTIATION. Add support to the app, the config code, and the documentation. Add SSL_OP_ALLOW_CLIENT_RENEGOTIATION to the SSL tests. We don't need to always enable it, but there are so many tests so this is the easiest thing to do. Add a test where client tries to renegotiate and it fails as expected. Add a test where server tries to renegotiate and it succeeds. The second test is supported by a new flag, -immediate_renegotiation, which is ignored on the client. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15184)
show more ...
|
Revision tags: openssl-3.0.0-alpha16 |
|
#
d382e796 |
| 30-Apr-2021 |
Tomas Mraz |
Make the -inform option to be respected if possible Add OSSL_STORE_PARAM_INPUT_TYPE and make it possible to be set when OSSL_STORE_open_ex() or OSSL_STORE_attach() is called. Th
Make the -inform option to be respected if possible Add OSSL_STORE_PARAM_INPUT_TYPE and make it possible to be set when OSSL_STORE_open_ex() or OSSL_STORE_attach() is called. The input type format is enforced only in case the file type file store is used. By default we use FORMAT_UNDEF meaning the input type is not enforced. Fixes #14569 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15100)
show more ...
|
#
b0f96018 |
| 01-May-2021 |
Dr. David von Oheimb |
APPS: Replace 'OPT_ERR = -1, OPT_EOF = 0, OPT_HELP' by OPT_COMMON macro Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15111)
|
#
e9d62da6 |
| 28-Apr-2021 |
Shane Lontis |
Fix CRL app so that stdin works. Fixes #15031 The maybe_stdin needed to be passed to load_key_certs_crls(). Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Pau
Fix CRL app so that stdin works. Fixes #15031 The maybe_stdin needed to be passed to load_key_certs_crls(). Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15058)
show more ...
|
Revision tags: openssl-3.0.0-alpha15, openssl-3.0.0-alpha14 |
|
#
3ad60309 |
| 03-Apr-2021 |
Dr. David von Oheimb |
APPS: make apps strict on app_RAND_load() and app_RAND_write() failure Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14840)
|
Revision tags: OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
ea51096e |
| 05-Mar-2021 |
Tomas Mraz |
apps: Add maybe_stdin argument to load_certs and set it in pkcs12 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://
apps: Add maybe_stdin argument to load_certs and set it in pkcs12 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14449)
show more ...
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j |
|
#
7932982b |
| 28-Jan-2021 |
Dr. David von Oheimb |
OSSL_HTTP_parse_url(): Handle any userinfo, query, and fragment components Now handle [http[s]://][userinfo@]host[:port][/path][?query][#frag] by optionally providing any userinfo, query
OSSL_HTTP_parse_url(): Handle any userinfo, query, and fragment components Now handle [http[s]://][userinfo@]host[:port][/path][?query][#frag] by optionally providing any userinfo, query, and frag components. All usages of this function, which are client-only, silently ignore userinfo and frag components, while the query component is taken as part of the path. Update and extend the unit tests and all affected documentation. Document and deprecat OCSP_parse_url(). Fixes an issue that came up when discussing FR #14001. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14009)
show more ...
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
#
574ca403 |
| 15-Feb-2021 |
Petr Gotthard |
Replace SSL_CTX_new by SSL_CTX_new_ex in apps/s_server + s_client The `openssl s_server` and `openssl s_client` currently ignore the `-propquery` parameter. Fix patch fixes this.
Replace SSL_CTX_new by SSL_CTX_new_ex in apps/s_server + s_client The `openssl s_server` and `openssl s_client` currently ignore the `-propquery` parameter. Fix patch fixes this. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14195)
show more ...
|
#
6d2a1eff |
| 05-Feb-2021 |
Matt Caswell |
Deprecate the low level SRP APIs The OTC decided that all low level APIs should be deprecated. This extends to SRP, even though at the current time there is no "EVP" interface to it.
Deprecate the low level SRP APIs The OTC decided that all low level APIs should be deprecated. This extends to SRP, even though at the current time there is no "EVP" interface to it. This could be added in a future release. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14132)
show more ...
|
#
51e5df0e |
| 08-Feb-2021 |
Rich Salz |
Load rand state after loading providers Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
Load rand state after loading providers Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14135)
show more ...
|
Revision tags: openssl-3.0.0-alpha11, openssl-3.0.0-alpha10 |
|
#
3a1ee3c1 |
| 17-Dec-2020 |
Richard Levitte |
Drop OPENSSL_NO_RSA everywhere The configuration option 'no-rsa' was dropped with OpenSSL 1.1.0, so this is simply a cleanup of the remains. Reviewed-by: Tomas Mraz <tmraz@fedor
Drop OPENSSL_NO_RSA everywhere The configuration option 'no-rsa' was dropped with OpenSSL 1.1.0, so this is simply a cleanup of the remains. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13700)
show more ...
|
Revision tags: OpenSSL_1_1_1i |
|
#
c2403f36 |
| 02-Dec-2020 |
Richard Levitte |
Drop unnecessary checks of OPENSSL_NO_DH, OPENSSL_NO_DSA and OPENSSL_NO_EC The apps, the CMS library and the X.509 library are primarly affected. Reviewed-by: Tomas Mraz <tmraz@fedo
Drop unnecessary checks of OPENSSL_NO_DH, OPENSSL_NO_DSA and OPENSSL_NO_EC The apps, the CMS library and the X.509 library are primarly affected. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13589)
show more ...
|
#
021410ea |
| 28-Nov-2020 |
Rich Salz |
Check non-option arguments Make sure all commands check to see if there are any "extra" arguments after the options, and print an error if so. Made all error messages consistent
Check non-option arguments Make sure all commands check to see if there are any "extra" arguments after the options, and print an error if so. Made all error messages consistent (which is to say, minimal). Fixes: #13527 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13563)
show more ...
|
Revision tags: openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b, OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1 |
|
#
9c73e48a |
| 14-Dec-2017 |
David von Oheimb |
Minor cleanup of error output for various apps Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/4930)
|
#
13c45372 |
| 16-Oct-2020 |
Matt Caswell |
Only disabled what we need to in a no-dh build no-dh disables the low level API for DH. However, since we're now using the high level EVP API in most places we don't need to disable quit
Only disabled what we need to in a no-dh build no-dh disables the low level API for DH. However, since we're now using the high level EVP API in most places we don't need to disable quite so much. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13368)
show more ...
|
#
163f6dc1 |
| 15-Oct-2020 |
Matt Caswell |
Implement a replacement for SSL_set_tmp_dh() The old function took a DH as a parameter. In the new version we pass an EVP_PKEY instead. Similarly for the SSL_CTX version of this function
Implement a replacement for SSL_set_tmp_dh() The old function took a DH as a parameter. In the new version we pass an EVP_PKEY instead. Similarly for the SSL_CTX version of this function. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13368)
show more ...
|
#
9912be1b |
| 14-Oct-2020 |
Matt Caswell |
Remove deprecated functionality from s_server This will be added back in by a later commit Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/ope
Remove deprecated functionality from s_server This will be added back in by a later commit Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13368)
show more ...
|
#
22dddfb9 |
| 24-Oct-2020 |
Richard Levitte |
APPS: Remove the format argument where it's not used Also, restore a behaviour change, where load_cert() would look at stdin when the input file name is NULL, and make sure to call l
APPS: Remove the format argument where it's not used Also, restore a behaviour change, where load_cert() would look at stdin when the input file name is NULL, and make sure to call load_cert_pass() with a corresponding argument where load_cert() was used in OpenSSL 1.1.1. Fixes #13235 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13236)
show more ...
|
#
50eb2a50 |
| 16-Sep-2020 |
Dr. David von Oheimb |
load_key_certs_crls(): Restore output of fatal errors Also improve credentials loading diagnostics for many apps. Fixes #12840 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.
load_key_certs_crls(): Restore output of fatal errors Also improve credentials loading diagnostics for many apps. Fixes #12840 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12893)
show more ...
|