#
8389ec4b |
| 18-Jul-2017 |
Rich Salz |
Add --with-rand-seed Add a new config param to specify how the CSPRNG should be seeded. Illegal values or nonsensical combinations (e.g., anything other than "os" on VMS or HP VOS et
Add --with-rand-seed Add a new config param to specify how the CSPRNG should be seeded. Illegal values or nonsensical combinations (e.g., anything other than "os" on VMS or HP VOS etc) result in build failures. Add RDSEED support. Add RDTSC but leave it disabled for now pending more investigation. Refactor and reorganization all seeding files (rand_unix/win/vms) so that they are simpler. Only require 128 bits of seeding material. Many document improvements, including why to not use RAND_add() and the limitations around using load_file/write_file. Document RAND_poll(). Cleanup Windows RAND_poll and return correct status More completely initialize the default DRBG. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/3965)
show more ...
|
#
2234212c |
| 12-Jun-2017 |
Paul Yang |
Clean up a bundle of codingstyle stuff in apps directory Mostly braces and NULL pointer check and also copyright year bump Signed-off-by: Paul Yang <paulyang.inf@gmail.com>
Clean up a bundle of codingstyle stuff in apps directory Mostly braces and NULL pointer check and also copyright year bump Signed-off-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3657)
show more ...
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0, OpenSSL_1_1_0-pre6, OpenSSL-fips-2_0_13, OpenSSL_1_0_1t, OpenSSL_1_0_2h, OpenSSL_1_1_0-pre5, OpenSSL_1_1_0-pre4 |
|
#
44c83ebd |
| 13-Mar-2016 |
FdaSilvaYY |
Constify command options Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from ht
Constify command options Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1694)
show more ...
|
#
846e33c7 |
| 17-May-2016 |
Rich Salz |
Copyright consolidation 01/10 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
#
9021a5df |
| 18-Apr-2016 |
Rich Salz |
Rename some lowercase API's Make OBJ_name_cmp internal Rename idea_xxx to IDEA_xxx Rename get_rfc_xxx to BN_get_rfc_xxx Rename v3_addr and v3_asid functions to X509v3_...
Rename some lowercase API's Make OBJ_name_cmp internal Rename idea_xxx to IDEA_xxx Rename get_rfc_xxx to BN_get_rfc_xxx Rename v3_addr and v3_asid functions to X509v3_... Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
909289df |
| 16-Mar-2016 |
Richard Levitte |
Have 'openssl version -a' output the default engines directory as well Reviewed-by: Rich Salz <rsalz@openssl.org>
|
Revision tags: OpenSSL_1_0_1s, OpenSSL_1_0_2g, OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12 |
|
#
01a2ade0 |
| 10-Feb-2016 |
Dr. Stephen Henson |
typo Reviewed-by: Rich Salz <rsalz@openssl.org>
|
#
e09621ff |
| 10-Feb-2016 |
Richard Levitte |
Make it possible to get ENGINESDIR info from OpenSSL_versions Have apps/openssl display the result along with OPENSSLDIR As part of this, add ENGINESDIR in util/mk1mf.pl Re
Make it possible to get ENGINESDIR info from OpenSSL_versions Have apps/openssl display the result along with OPENSSLDIR As part of this, add ENGINESDIR in util/mk1mf.pl Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_0_1r, OpenSSL_1_0_2f, OpenSSL_1_1_0-pre2, OpenSSL_1_1_0-pre1, OpenSSL_0_9_8zh, OpenSSL_1_0_0t, OpenSSL_1_0_1q, OpenSSL_1_0_2e |
|
#
b0700d2c |
| 27-Oct-2015 |
Rich Salz |
Replace "SSLeay" in API with OpenSSL All instances of SSLeay (any combination of case) were replaced with the case-equivalent OpenSSL. Reviewed-by: Richard Levitte <levitte@open
Replace "SSLeay" in API with OpenSSL All instances of SSLeay (any combination of case) were replaced with the case-equivalent OpenSSL. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_0_1p, OpenSSL_1_0_2d, OpenSSL-fips-2_0_11, OpenSSL_1_0_1o, OpenSSL_1_0_2c, OpenSSL_0_9_8zg, OpenSSL_1_0_0s, OpenSSL_1_0_1n, OpenSSL_1_0_2b, OpenSSL-fips-2_0_10 |
|
#
7e1b7485 |
| 24-Apr-2015 |
Rich Salz |
Big apps cleanup (option-parsing, etc) This is merges the old "rsalz-monolith" branch over to master. The biggest change is that option parsing switch from cascasding 'else if strcmp("-
Big apps cleanup (option-parsing, etc) This is merges the old "rsalz-monolith" branch over to master. The biggest change is that option parsing switch from cascasding 'else if strcmp("-foo")' to a utility routine and somethin akin to getopt. Also, an error in the command line no longer prints the full summary; use -help (or --help :) for that. There have been many other changes and code-cleanup, see bullet list below. Special thanks to Matt for the long and detailed code review. TEMPORARY: For now, comment out CRYPTO_mem_leaks() at end of main Tickets closed: RT3515: Use 3DES in pkcs12 if built with no-rc2 RT1766: s_client -reconnect and -starttls broke RT2932: Catch write errors RT2604: port should be 'unsigned short' RT2983: total_bytes undeclared #ifdef RENEG RT1523: Add -nocert to fix output in x509 app RT3508: Remove unused variable introduced by b09eb24 RT3511: doc fix; req default serial is random RT1325,2973: Add more extensions to c_rehash RT2119,3407: Updated to dgst.pod RT2379: Additional typo fix RT2693: Extra include of string.h RT2880: HFS is case-insensitive filenames RT3246: req command prints version number wrong Other changes; incompatibilities marked with *: Add SCSV support Add -misalign to speed command Make dhparam, dsaparam, ecparam, x509 output C in proper style Make some internal ocsp.c functions void Only display cert usages with -help in verify Use global bio_err, remove "BIO*err" parameter from functions For filenames, - always means stdin (or stdout as appropriate) Add aliases for -des/aes "wrap" ciphers. *Remove support for IISSGC (server gated crypto) *The undocumented OCSP -header flag is now "-header name=value" *Documented the OCSP -header flag Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
Revision tags: OpenSSL_0_9_8zf, OpenSSL_1_0_0r, OpenSSL_1_0_1m, OpenSSL_1_0_2a, OpenSSL_1_0_2, master-post-auto-reformat |
|
#
0f113f3e |
| 22-Jan-2015 |
Matt Caswell |
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
|
Revision tags: OpenSSL_1_0_2-post-auto-reformat, OpenSSL_0_9_8-post-auto-reformat, OpenSSL_0_9_8-pre-auto-reformat, OpenSSL_1_0_0-post-auto-reformat, OpenSSL_1_0_0-pre-auto-reformat, OpenSSL_1_0_1-post-auto-reformat, OpenSSL_1_0_1-pre-auto-reformat, master-post-reformat, OpenSSL_0_9_8-pre-reformat, OpenSSL_0_9_8ze, OpenSSL_1_0_0-pre-reformat, OpenSSL_1_0_0q, OpenSSL_1_0_1-pre-reformat, OpenSSL_1_0_1l, master-pre-reformat, OpenSSL_1_0_2-pre-reformat, OpenSSL_0_9_8zd, OpenSSL_1_0_0p, OpenSSL_1_0_1k, OpenSSL_0_9_8-post-reformat, OpenSSL-fips-2_0_9, OpenSSL_1_0_1j, OpenSSL_1_0_0o, OpenSSL_0_9_8zc, OpenSSL_1_0_2-beta3, OpenSSL_0_9_8zb, OpenSSL_1_0_0n, OpenSSL_1_0_1i, OpenSSL_1_0_2-beta2, OpenSSL-fips-2_0_8, OpenSSL_1_0_1h, OpenSSL_1_0_0m, OpenSSL_0_9_8za, OpenSSL-fips-2_0_7, OpenSSL_1_0_1g, OpenSSL_1_0_2-beta1, OpenSSL_1_0_0l, OpenSSL_1_0_1f, OpenSSL-fips-2_0_6, OpenSSL-fips-2_0_5, OpenSSL-fips-2_0_4, OpenSSL-fips-2_0_3, OpenSSL_1_0_1e, OpenSSL_0_9_8y, OpenSSL_1_0_0k, OpenSSL_1_0_1d, OpenSSL-fips-2_0-pl1, OpenSSL-fips-2_0_2, OpenSSL-fips-2_0_1, OpenSSL_1_0_1c, OpenSSL_1_0_0j, OpenSSL_0_9_8x, OpenSSL_1_0_1b, OpenSSL_0_9_8w, OpenSSL_1_0_1a, OpenSSL_0_9_8v, OpenSSL_1_0_0i, OpenSSL_1_0_1, OpenSSL_1_0_0h, OpenSSL_0_9_8u, OpenSSL_1_0_1-beta3, OpenSSL_1_0_1-beta2, OpenSSL-fips-2_0, OpenSSL_1_0_0g, OpenSSL_0_9_8t, OpenSSL_0_9_8s, OpenSSL_1_0_0f, OpenSSL-fips-2_0-rc8, OpenSSL_1_0_1-beta1, OpenSSL-fips-2_0-rc7, OpenSSL-fips-2_0-rc6, OpenSSL-fips-2_0-rc5, OpenSSL-fips-2_0-rc4, OpenSSL-fips-2_0-rc3, OpenSSL-fips-2_0-rc2, OpenSSL-fips-2_0-rc1, OpenSSL-fips-1_2_3, OpenSSL-fips-1_2_2, OpenSSL-fips-1_2_1, OpenSSL_1_0_0e, OpenSSL_1_0_0d, OpenSSL_0_9_8r, OpenSSL_0_9_8q, OpenSSL_1_0_0c, OpenSSL_0_9_8p, OpenSSL_1_0_0b, OpenSSL_0_9_8o, OpenSSL_1_0_0a, OpenSSL_1_0_0, OpenSSL_0_9_8n, OpenSSL_0_9_8m, OpenSSL_0_9_8m-beta1, OpenSSL_1_0_0-beta5, OpenSSL_1_0_0-beta4, OpenSSL_0_9_8l, OpenSSL_1_0_0-beta3, OpenSSL_1_0_0-beta2, OpenSSL_1_0_0-beta1, OpenSSL_0_9_8k, OpenSSL_0_9_8j |
|
#
1581f822 |
| 20-Oct-2008 |
Lutz Jänicke |
Add missing "-d" to option list of openssl version. Submitted by: Alex Chen <alex_chen@filemaker.com>
|
Revision tags: OpenSSL_0_9_8i, OpenSSL_0_9_8h, OpenSSL_0_9_8g, OpenSSL_0_9_8f, FIPS_098_TEST_8, FIPS_098_TEST_7, FIPS_098_TEST_6, FIPS_098_TEST_5, FIPS_098_TEST_4, FIPS_098_TEST_3, FIPS_098_TEST_2, FIPS_098_TEST_1, OpenSSL_0_9_7m, OpenSSL_0_9_8e, OpenSSL_0_9_7l, OpenSSL_0_9_8d, OpenSSL_0_9_8c, OpenSSL_0_9_7k, OpenSSL_0_9_7j, OpenSSL_0_9_8b, OpenSSL_FIPS_1_0, OpenSSL_0_9_7i, OpenSSL_0_9_8a, OpenSSL_0_9_7h, OpenSSL_0_9_8, FIPS_TEST_10, OpenSSL_0_9_8-beta6, OpenSSL_0_9_8-beta5, FIPS_TEST_9, OpenSSL_0_9_8-beta4, OpenSSL_0_9_8-beta3, BEN_FIPS_TEST_8, OpenSSL_0_9_8-beta2, OpenSSL_0_9_8-beta1, OpenSSL_0_9_7g, OpenSSL_0_9_7f, BEN_FIPS_TEST_7, BEN_FIPS_TEST_6, OpenSSL_0_9_7e |
|
#
f0eae953 |
| 17-May-2004 |
Geoff Thorpe |
Remove some unnecessary recursive includes from the internal apps.h header, and include bn.h in those C files that need bignum functionality.
|
Revision tags: OpenSSL_0_9_7d, OpenSSL-engine-0_9_6m, OpenSSL_0_9_6m, LEVITTE_after_const, LEVITTE_before_const, BEN_FIPS_TEST_5, BEN_FIPS_TEST_4, OpenSSL-engine-0_9_6l, OpenSSL_0_9_6l, BEN_FIPS_TEST_3, BEN_FIPS_TEST_2, BEN_FIPS_TEST_1, OpenSSL-engine-0_9_6k, OpenSSL_0_9_6k, OpenSSL_0_9_7c, OpenSSL-engine-0_9_6j, OpenSSL_0_9_7b, OpenSSL_0_9_6j, OpenSSL-engine-0_9_6i, OpenSSL_0_9_6i, OpenSSL_0_9_7a, OpenSSL_0_9_7, OpenSSL_0_9_7-beta6, STATE_after_zlib, STATE_before_zlib, OpenSSL_0_9_7-beta5, OpenSSL-engine-0_9_6h, OpenSSL_0_9_6h |
|
#
1c3e4a36 |
| 03-Dec-2002 |
Richard Levitte |
EXIT() may mean return(). That's confusing, so let's have it really mean exit() in whatever way works for the intended platform, and define OPENSSL_EXIT() to have the old meaning (the name i
EXIT() may mean return(). That's confusing, so let's have it really mean exit() in whatever way works for the intended platform, and define OPENSSL_EXIT() to have the old meaning (the name is of course because it's only used in the openssl program)
show more ...
|
Revision tags: OpenSSL_0_9_7-beta4 |
|
#
f17ef241 |
| 12-Aug-2002 |
Bodo Möller |
fix previous commit (there's no SSLEAY_VERSION_TEXT)
|
#
4fde69b0 |
| 11-Aug-2002 |
Richard Levitte |
In case of shared libraries, we might run one version of the application with a different version of the library. Detect if there is a difference of versions, and print both versions in that
In case of shared libraries, we might run one version of the application with a different version of the library. Detect if there is a difference of versions, and print both versions in that case. This might prove to be a good enough debugging tool in case of doubt.
show more ...
|
Revision tags: OpenSSL-engine-0_9_6g, OpenSSL_0_9_6g, OpenSSL-engine-0_9_6f, OpenSSL_0_9_6f, OpenSSL_0_9_7-beta3, OpenSSL-engine-0_9_6e, OpenSSL_0_9_6e, OpenSSL_0_9_7-beta2, OpenSSL_0_9_7-beta1, AFTER_COMPAQ_PATCH, BEFORE_COMPAQ_PATCH, OpenSSL-engine-0_9_6d, OpenSSL_0_9_6d, OpenSSL-engine-0_9_6d-beta1, OpenSSL_0_9_6d-beta1 |
|
#
125cc35b |
| 22-Mar-2002 |
Richard Levitte |
Merge in DES changed from 0.9.7-stable.
|
Revision tags: OpenSSL-engine-0_9_6c, OpenSSL_0_9_6c |
|
#
4f94d1a8 |
| 22-Nov-2001 |
Bodo Möller |
check OPENSSL_NO_... before including header files that might be disabled
|
#
c2e4f17c |
| 24-Oct-2001 |
Richard Levitte |
Due to an increasing number of clashes between modern OpenSSL and libdes (which is still used out there) or other des implementations, the OpenSSL DES functions are renamed to begin with DES_
Due to an increasing number of clashes between modern OpenSSL and libdes (which is still used out there) or other des implementations, the OpenSSL DES functions are renamed to begin with DES_ instead of des_. Compatibility routines are provided and declared by including openssl/des_old.h. Those declarations are the same as were in des.h when the OpenSSL project started, which is exactly how libdes looked at that time, and hopefully still looks today. The compatibility functions will be removed in some future release, at the latest in version 1.0.
show more ...
|
#
a661b653 |
| 20-Oct-2001 |
Bodo Möller |
New functions SSL[_CTX]_set_msg_callback(). New macros SSL[_CTX]_set_msg_callback_arg(). Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet). New '-msg' option f
New functions SSL[_CTX]_set_msg_callback(). New macros SSL[_CTX]_set_msg_callback_arg(). Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet). New '-msg' option for 'openssl s_client' and 'openssl s_server' that enable a message callback that displays all protocol messages. In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if client_version is smaller than the protocol version in use. Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the client will at least see that alert. Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic pointer). Add/update some OpenSSL copyright notices.
show more ...
|
#
dbad1690 |
| 30-Jul-2001 |
Ben Laurie |
Really add the EVP and all of the DES changes.
|
Revision tags: OpenSSL-engine-0_9_6b, OpenSSL_0_9_6b |
|
#
c04f8cf4 |
| 23-Jun-2001 |
Richard Levitte |
Use apps_shutdown() in all applications, in case someone decides not to go the monolith way (does anyone do that these days?). NOTE: a few applications are missing in this commit. I've
Use apps_shutdown() in all applications, in case someone decides not to go the monolith way (does anyone do that these days?). NOTE: a few applications are missing in this commit. I've a few more changes in them that I haven't tested yet.
show more ...
|
Revision tags: OpenSSL_0_9_6a, OpenSSL-engine-0_9_6a, OpenSSL-engine-0_9_6a-beta3, OpenSSL_0_9_6a-beta3, OpenSSL-engine-0_9_6a-beta2, OpenSSL_0_9_6a-beta2, OpenSSL-engine-0_9_6a-beta1, OpenSSL_0_9_6a-beta1 |
|
#
cf1b7d96 |
| 19-Feb-2001 |
Richard Levitte |
Make all configuration macros available for application by making sure they are available in opensslconf.h, by giving them names starting with "OPENSSL_" to avoid conflicts with other package
Make all configuration macros available for application by making sure they are available in opensslconf.h, by giving them names starting with "OPENSSL_" to avoid conflicts with other packages and by making sure e_os2.h will cover all platform-specific cases together with opensslconf.h. I've checked fairly well that nothing breaks with this (apart from external software that will adapt if they have used something like NO_KRB5), but I can't guarantee it completely, so a review of this change would be a good thing.
show more ...
|
#
673b3fde |
| 10-Jan-2001 |
Bodo Möller |
Add SSLEAY_DIR argument code for SSLeay_version. Add '-d' option for 'openssl version' (included in '-a').
|
Revision tags: rsaref, BEFORE_engine, OpenSSL_0_9_6-beta2, OpenSSL_0_9_6-beta1, OpenSSL_0_9_6, OpenSSL-engine-0_9_6, OpenSSL-engine-0_9_6-beta3, OpenSSL_0_9_6-beta3, OpenSSL-engine-0_9_6-beta2, OpenSSL-engine-0_9_6-beta1, OpenSSL_0_9_5, OpenSSL_0_9_5a, OpenSSL_0_9_5a-beta2, OpenSSL_0_9_5a-beta1, OpenSSL_0_9_5beta2, OpenSSL_0_9_5beta1 |
|
#
667ac4ec |
| 11-Feb-2000 |
Ralf S. Engelschall |
Make gcc 2.95.2 happy again, even under ``-Wall -Wshadow -Wpointer-arith -Wcast-align -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''.
|