| #
87eee750 |
| 13-Jun-2022 |
Tomas Mraz |
c_rehash: Drop the issuer_name_hash= prefix from the CRL hash
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| #
ce60b137 |
| 29-May-2022 |
Daniel Fiala |
Fix file operations in c_rehash.
CVE-2022-2068
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| #
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
|
| #
7c332707 |
| 26-Apr-2022 |
Tomas Mraz |
c_rehash: Do not use shell to invoke openssl
Except on VMS where it is safe.
This fixes CVE-2022-1292.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
R
c_rehash: Do not use shell to invoke openssl
Except on VMS where it is safe.
This fixes CVE-2022-1292.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
| #
ea0d79db |
| 29-Aug-2021 |
Viktor Szakats |
convert tabs to spaces in two distributed Perl scripts
Also fix indentation in c_rehash.in to 4 spaces, where a mixture of 4 and 8
spaces was used before, in addition to tabs.
C
convert tabs to spaces in two distributed Perl scripts
Also fix indentation in c_rehash.in to 4 spaces, where a mixture of 4 and 8
spaces was used before, in addition to tabs.
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16459)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha17 |
|
| #
da51dc5f |
| 17-May-2021 |
Richard Levitte |
Move some OpenSSL perl utility functions to OpenSSL::Util
quotify1() and quotify_l() were in OpenSSL::Template, but should be
more widely usable.
configdata.pm.in's out_item() i
Move some OpenSSL perl utility functions to OpenSSL::Util
quotify1() and quotify_l() were in OpenSSL::Template, but should be
more widely usable.
configdata.pm.in's out_item() is also more widely useful and is
therefore moved to OpenSSL::Util as well, and renamed to dump_data().
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15310)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
| #
8020d79b |
| 11-Mar-2021 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14512)
|
| #
2d968951 |
| 24-Feb-2021 |
Mark |
Fix filename escaping in c_rehash
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@o
Fix filename escaping in c_rehash
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14301)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
| #
9059ab42 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in util/, tools/
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7766)
|
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3 |
|
| #
b0edda11 |
| 20-Mar-2018 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5689)
|
| #
abe256e7 |
| 06-Mar-2018 |
Richard Levitte |
Make "make variables" config attributes for overridable flags
With the support of "make variables" comes the possibility for the
user to override them. However, we need to make a differ
Make "make variables" config attributes for overridable flags
With the support of "make variables" comes the possibility for the
user to override them. However, we need to make a difference between
defaults that we use (and that should be overridable by the user) and
flags that are crucial for building OpenSSL (should not be
overridable).
Typically, overridable flags are those setting optimization levels,
warnings levels, that kind of thing, while non-overridable flags are,
for example, macros that indicate aspects of how the config target
should be treated, such as L_ENDIAN and B_ENDIAN.
We do that differentiation by allowing upper case attributes in the
config targets, named exactly like the "make variables" we support,
and reserving the lower case attributes for non-overridable project
flags.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5534)
show more ...
|
|
Revision tags: OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g, OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a |
|
| #
7d959c35 |
| 12-Sep-2016 |
Rich Salz |
Add -h and -help for c_rehash script and app
Resolves GH1515 and GH1509.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Revision tags: OpenSSL_1_1_0, OpenSSL_1_1_0-pre6 |
|
| #
d513369b |
| 02-Jul-2016 |
Richard Levitte |
perl: Separate compile-time environment from runtime environment
Make it possible to have a separate and different perl command string
for installable scripts than we use when building,
perl: Separate compile-time environment from runtime environment
Make it possible to have a separate and different perl command string
for installable scripts than we use when building, with the
environment variable HASHBANGPERL. Its value default to the same as
the environment PERL if it's defined, otherwise '/usr/bin/env perl'.
Note: this is only relevant for Unix-like environments.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
show more ...
|
|
Revision tags: OpenSSL-fips-2_0_13 |
|
| #
b1ffe8db |
| 25-May-2016 |
Rich Salz |
GH1123: sort dir before rehash
This is needed to generate stable output names/symlinks.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| #
44c8a5e2 |
| 01-Jun-2016 |
Rich Salz |
Add final(?) set of copyrights.
Add copyright to missing assembler files.
Add copyrights to missing test/* files.
Add copyrights
Various source and misc files.
Reviewed-
Add final(?) set of copyrights.
Add copyright to missing assembler files.
Add copyrights to missing test/* files.
Add copyrights
Various source and misc files.
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_0_1t, OpenSSL_1_0_2h, OpenSSL_1_1_0-pre5, OpenSSL_1_1_0-pre4, OpenSSL_1_0_1s, OpenSSL_1_0_2g, OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12, OpenSSL_1_0_1r, OpenSSL_1_0_2f |
|
| #
9ab6fc59 |
| 25-Jan-2016 |
Richard Levitte |
Generate warning text
Now that we're using templates, we should warn people not to edit the
resulting file. We do it through util/dofile.pl, which is enhanced
with an option to tell
Generate warning text
Now that we're using templates, we should warn people not to edit the
resulting file. We do it through util/dofile.pl, which is enhanced
with an option to tell what file it was called from. We also change
the calls so the template files are on the command line instead of
being redirected through standard input. That way, we can display
something like this (example taken from include/openssl/opensslconf.h):
/* WARNING: do not edit! */
/* Generated by Configure from include/openssl/opensslconf.h.in */
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_1_0-pre2, OpenSSL_1_1_0-pre1, OpenSSL_0_9_8zh, OpenSSL_1_0_0t, OpenSSL_1_0_1q, OpenSSL_1_0_2e, OpenSSL_1_0_1p, OpenSSL_1_0_2d, OpenSSL-fips-2_0_11, OpenSSL_1_0_1o, OpenSSL_1_0_2c, OpenSSL_0_9_8zg, OpenSSL_1_0_0s, OpenSSL_1_0_1n, OpenSSL_1_0_2b |
|
| #
291e94df |
| 18-May-2015 |
Richard Levitte |
Refactor file writing - introduce template driven file writing
apps/CA.pl and tools/c_rehash are built from template files. So far,
this was done by Configure, which created its own pro
Refactor file writing - introduce template driven file writing
apps/CA.pl and tools/c_rehash are built from template files. So far,
this was done by Configure, which created its own problems as it
forced everyone to reconfigure just because one of the template files
had changed.
Instead, have those files created as part of the normal build in apps/
and in tools/.
Furthermore, this prepares for a future where Configure may produce
entirely other build files than Makefile, and the latter can't be
guaranteed to be the holder of all information for other scripts.
Instead, configdata.pm (described below) becomes the center of
configuration information.
This introduces a few new things:
%config a hash table to hold all kinds of configuration data
that can be used by any other script.
configdata.pm a perl module that Configure writes. It currently
holds the hash tables %config and %target.
util/dofile.pl a script that takes a template on STDIN and outputs
the result after applying configuration data on it.
It's supposed to be called like this:
perl -I$(TOP) -Mconfigdata < template > result
or
perl -I$(TOP) -Mconfigdata templ1 templ2 ... > result
Note: util/dofile.pl requires Text::Template.
As part of this changed, remove a number of variables that are really
just copies of entries in %target, and use %target directly. The
exceptions are $target{cflags} and $target{lflags}, they do get copied
to $cflags and $lflags. The reason for this is that those variable
potentially go through a lot of changes and would rather deserve a
place in %config. That, however, is for another commit.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| #
4c7103a5 |
| 10-Sep-2015 |
Rich Salz |
Unwriteable directories are errors
Make the script and app match the documentation.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| #
ff2f6bb0 |
| 08-Sep-2015 |
Rich Salz |
Fix rehash/c_rehash doc and behavior.
Both now warn once if directory isn't writeable.
Both now warn on file-write errors (multiple times).
Update manpage to describe both program an
Fix rehash/c_rehash doc and behavior.
Both now warn once if directory isn't writeable.
Both now warn on file-write errors (multiple times).
Update manpage to describe both program and script correctly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| #
8846adbd |
| 02-Jun-2015 |
Olaf Johansson |
GH249: Fix bad regexp in arg parsing.
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Revision tags: OpenSSL-fips-2_0_10, OpenSSL_0_9_8zf, OpenSSL_1_0_0r, OpenSSL_1_0_1m, OpenSSL_1_0_2a, OpenSSL_1_0_2, master-post-auto-reformat, OpenSSL_1_0_2-post-auto-reformat, OpenSSL_0_9_8-post-auto-reformat, OpenSSL_0_9_8-pre-auto-reformat, OpenSSL_1_0_0-post-auto-reformat, OpenSSL_1_0_0-pre-auto-reformat, OpenSSL_1_0_1-post-auto-reformat, OpenSSL_1_0_1-pre-auto-reformat, master-post-reformat, OpenSSL_0_9_8-pre-reformat, OpenSSL_0_9_8ze, OpenSSL_1_0_0-pre-reformat, OpenSSL_1_0_0q, OpenSSL_1_0_1-pre-reformat, OpenSSL_1_0_1l, master-pre-reformat, OpenSSL_1_0_2-pre-reformat, OpenSSL_0_9_8zd, OpenSSL_1_0_0p, OpenSSL_1_0_1k, OpenSSL_0_9_8-post-reformat, OpenSSL-fips-2_0_9, OpenSSL_1_0_1j, OpenSSL_1_0_0o, OpenSSL_0_9_8zc, OpenSSL_1_0_2-beta3 |
|
| #
6f46c3c3 |
| 11-Sep-2014 |
Rich Salz |
RT2772 update: c_rehash was broken
Move the readdir() lines out of the if statement, so
that flist is available globally.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| #
a787c259 |
| 07-Sep-2014 |
Matthias Andree |
RT2272: Add old-style hash to c_rehash
In addition to Matthias's change, I also added -n to
not remove links. And updated the manpage.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| #
5a8addc4 |
| 07-Sep-2014 |
Viktor Dkhovni |
RT1325,2973: Add more extensions to c_rehash
Regexp was bracketed wrong.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| #
80ec8d4e |
| 30-Aug-2014 |
TANABE Hiroyasu |
RT1325,2973: Add more extensions to c_rehash
Add .crt/.cer/.crl to the filenames parsed.
I also updated the podpage (since it didn't exist when
this ticket was first created, no
RT1325,2973: Add more extensions to c_rehash
Add .crt/.cer/.crl to the filenames parsed.
I also updated the podpage (since it didn't exist when
this ticket was first created, nor when it was re-created
seven years later).
Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_0_9_8zb, OpenSSL_1_0_0n, OpenSSL_1_0_1i, OpenSSL_1_0_2-beta2, OpenSSL-fips-2_0_8, OpenSSL_1_0_1h, OpenSSL_1_0_0m, OpenSSL_0_9_8za, OpenSSL-fips-2_0_7, OpenSSL_1_0_1g, OpenSSL_1_0_2-beta1, OpenSSL_1_0_0l, OpenSSL_1_0_1f, OpenSSL-fips-2_0_6, OpenSSL-fips-2_0_5, OpenSSL-fips-2_0_4, OpenSSL-fips-2_0_3, OpenSSL_1_0_1e, OpenSSL_0_9_8y, OpenSSL_1_0_0k, OpenSSL_1_0_1d, OpenSSL-fips-2_0-pl1, OpenSSL-fips-2_0_2, OpenSSL-fips-2_0_1, OpenSSL_1_0_1c, OpenSSL_1_0_0j, OpenSSL_0_9_8x, OpenSSL_1_0_1b, OpenSSL_0_9_8w, OpenSSL_1_0_1a, OpenSSL_0_9_8v, OpenSSL_1_0_0i, OpenSSL_1_0_1, OpenSSL_1_0_0h, OpenSSL_0_9_8u, OpenSSL_1_0_1-beta3, OpenSSL_1_0_1-beta2, OpenSSL-fips-2_0, OpenSSL_1_0_0g, OpenSSL_0_9_8t, OpenSSL_0_9_8s, OpenSSL_1_0_0f, OpenSSL-fips-2_0-rc8, OpenSSL_1_0_1-beta1, OpenSSL-fips-2_0-rc7, OpenSSL-fips-2_0-rc6, OpenSSL-fips-2_0-rc5, OpenSSL-fips-2_0-rc4, OpenSSL-fips-2_0-rc3, OpenSSL-fips-2_0-rc2, OpenSSL-fips-2_0-rc1, OpenSSL-fips-1_2_3, OpenSSL-fips-1_2_2, OpenSSL-fips-1_2_1, OpenSSL_1_0_0e, OpenSSL_1_0_0d, OpenSSL_0_9_8r, OpenSSL_0_9_8q, OpenSSL_1_0_0c, OpenSSL_0_9_8p, OpenSSL_1_0_0b, OpenSSL_0_9_8o, OpenSSL_1_0_0a |
|
| #
45078e6c |
| 14-Apr-2010 |
Dr. Stephen Henson |
PR: 2234
Submitted By: Matthias Andree <matthias.andree@gmx.de>
Use correct path to openssl utility in c_rehash script.
|
