wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11603 commits 20 branches 302 tags 153 MiB
Commit graph

71 commits

Author SHA1 Message Date
Matt Caswell
ae5c8664e5 Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:31:38 +00:00
Kurt Roeckx
e9f47de1f0 Use the SSLv23 method by default 
If SSLv2 and SSLv3 are both disabled we still support SSL/TLS.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-12-02 11:28:42 +01:00
Matt Caswell
e164582690 Tidy up ocsp help output 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 5e31a40f47)

Conflicts:
	apps/ocsp.c
 2014-11-27 14:16:49 +00:00
André Guerreiro
4d3df37bc7 Add documentation on -timeout option in the ocsp utility 
PR#3612

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit de87dd46c1)
 2014-11-27 14:14:52 +00:00
Dr. Stephen Henson
361fd136e9 Typo. 
PR#3107
(cherry picked from commit 7c206db928)
 2014-06-28 12:42:59 +01:00
Dr. Stephen Henson
b9ce05acc4 Fix free errors in ocsp utility. 
Keep copy of any host, path and port values allocated by
OCSP_parse_url and free as necessary.
(cherry picked from commit 5219d3dd35)
 2014-04-09 15:45:16 +01:00
Ben Laurie
1ebaf97c44 Constification. 2013-10-07 12:44:40 +01:00
Dr. Stephen Henson
708454f010 add missing \n 2012-12-23 18:12:28 +00:00
Dr. Stephen Henson
9b157602e0 Backport enhancements to OCSP utility from HEAD: 
Support - as a file for standard input or output.

Add -badsig option to generate invalid signatures for testing.

New -rmd option to specify digest to sign OCSP responses with.
 2012-12-20 19:06:39 +00:00
Dr. Stephen Henson
67e217c84c revert, missing commit message 2012-12-20 19:01:55 +00:00
Dr. Stephen Henson
7b7b667ddc apps/ocsp.c 2012-12-20 18:59:09 +00:00
Dr. Stephen Henson
db05bc512d Return success when the responder is active. 
Don't verify our own responses.
(backport from HEAD)
 2012-12-19 15:02:58 +00:00
Ben Laurie
d65b8b2162 Backport OCSP fixes. 2012-12-14 12:53:53 +00:00
Dr. Stephen Henson
0c690586e0 PR: 2064, 728 
Submitted by: steve@openssl.org

Add support for custom headers in OCSP requests.
 2009-09-30 21:41:53 +00:00
Dr. Stephen Henson
bc8c5fe58d Free SSL_CTX after BIO 2009-09-30 21:35:26 +00:00
Dr. Stephen Henson
4386445c18 Change STRING to OPENSSL_STRING etc as common words such 
as "STRING" cause conflicts with other headers/libraries.
 2009-07-27 21:08:53 +00:00
Dr. Stephen Henson
9ccd4e224f Add USE_SOCKETS. 2009-04-02 15:19:03 +00:00
Dr. Stephen Henson
3859d7ee78 Just to be awkward Ubuntu 8.10 doesn't like _XOPEN_SOURCE_EXTENDED... 2009-02-06 16:43:52 +00:00
Richard Levitte
5871ddb016 Because DEC C - sorry, HP C - is picky about features, we need to 
define _XOPEN_SOURCE_EXTENDED to reach fd_set and timeval types and
functionality.
 2009-01-28 07:38:14 +00:00
Dr. Stephen Henson
2e5975285e Update obsolete email address... 2008-11-05 18:39:08 +00:00
Ben Laurie
5ce278a77b More type-checking. 2008-06-04 11:01:43 +00:00
Geoff Thorpe
1e26a8baed Fix a variety of warnings generated by some elevated compiler-fascism, 
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
 2008-03-16 21:05:46 +00:00
Andy Polyakov
637f90621d Cygwin compatibility fix to apps/ocsp.c. 2008-01-05 21:32:29 +00:00
Dr. Stephen Henson
eef0c1f34c Netware support. 
Submitted by: Guenter Knauf <eflash@gmx.net>
 2008-01-03 22:43:04 +00:00
Dr. Stephen Henson
341e18b497 Handle non-SHA1 digests for certids in OCSP test responder. 2007-12-14 12:43:50 +00:00
Dr. Stephen Henson
cec2538ca9 Submitted by: Victor B. Wagner <vitus@cryptocom.ru>, steve 
Use default algorithms for OCSP request and response signing. New command
line option to support other digest use for OCSP certificate IDs.
 2007-12-04 12:41:28 +00:00
Dr. Stephen Henson
67c8e7f414 Support for certificate status TLS extension. 2007-09-26 21:56:59 +00:00
Dr. Stephen Henson
710069c19e Fix warnings. 2007-08-12 17:44:32 +00:00
Dr. Stephen Henson
ad35cdac74 PR: 1516 
Revert change in 1516 because it breaks Windows build. Use a modified version
of the headers from s_client.c which has used similar functionality without
any problems.
 2007-05-16 12:16:49 +00:00
Ben Laurie
313fce7b61 Don't free a NULL. Coverity ID 112. 2007-04-04 14:59:20 +00:00
Ben Laurie
4b8747e440 Die if serial number is invalid. 2007-04-04 13:41:33 +00:00
Richard Levitte
a1d915990b Apply a more modern way to get the definition of select(), except for VMS. 
Submitted by Corinna Vinschen <vinschen@redhat.com>
 2007-03-29 18:34:57 +00:00
Richard Levitte
8bbf6bcf17 Needed definition of _XOPEN_SOURCE_EXTENDED so DEC C on VMS will see 
the declarations of fd_set, select() and so on.
 2006-12-25 10:54:14 +00:00
Nils Larsch
5dfe910023 properly initialize SSL context, check return value 2006-12-13 22:06:37 +00:00
Richard Levitte
5776c3c4c6 According to documentation, including time.h declares select() on 
OpenVMS, and possibly more.

Ref: http://h71000.www7.hp.com/doc/82final/6529/6529pro_019.html#r_select
 2006-08-20 05:54:35 +00:00
Dr. Stephen Henson
b589427941 WIN32 fixes signed/unsigned issues and slightly socket semantics. 2006-07-17 18:52:51 +00:00
Dr. Stephen Henson
454dbbc593 Add -timeout option to ocsp utility. 2006-07-17 13:26:54 +00:00
Geoff Thorpe
f0eae953e2 Remove some unnecessary recursive includes from the internal apps.h header, 
and include bn.h in those C files that need bignum functionality.
 2004-05-17 19:05:32 +00:00
Dr. Stephen Henson
560dfd2a02 New -ignore_err option in ocsp application to stop the server 
exiting on the first error in a request.
 2003-09-03 23:56:01 +00:00
Richard Levitte
3ae70939ba Correct a lot of printing calls. Remove extra arguments... 2003-04-03 23:39:48 +00:00
Richard Levitte
f85b68cd49 Make it possible to have multiple active certificates with the same 
subject.
 2003-04-03 16:33:03 +00:00
Dr. Stephen Henson
e5b0508a14 Update ocsp usage message and docs. 2003-03-26 00:46:47 +00:00
Richard Levitte
e270cf9c5e Pay attention to disabled SSL versions. 
PR: 500
 2003-02-14 05:24:22 +00:00
Richard Levitte
85d686e723 Make it possible to disable OCSP, the speed application, and the use of sockets. 
PR: 358
 2003-02-14 01:02:58 +00:00
Richard Levitte
1c3e4a3660 EXIT() may mean return(). That's confusing, so let's have it really mean 
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)
 2002-12-03 16:33:03 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Richard Levitte
2245cd87d4 BN_bn2hex() returns "0" instead of "00" for zero. This disrputs the 
requirement that the serial number always be an even amount of characters.
PR: 248
 2002-10-11 09:38:56 +00:00
Richard Levitte
da9b972466 Make it possible to load keys from stdin, and restore that 
functionality in the programs that had that before.
Part fo PR 164
 2002-08-01 16:28:40 +00:00
Richard Levitte
5575f781ad Cut'n'paste error with other reposnder certificates cleared. 
PR: 190
 2002-08-01 13:39:39 +00:00
Lutz Jänicke
7b63c0fa8c Reorder inclusion of header files: 
des_old.h redefines crypt:
#define crypt(b,s)\
        DES_crypt((b),(s))

This scheme leads to failure, if header files with the OS's true definition
of crypt() are processed _after_ des_old.h was processed. This is e.g. the
case on HP-UX with unistd.h.
As evp.h now again includes des.h (which includes des_old.h), this problem
only came up after this modification.
Solution: move header files (indirectly) including e_os.h before the header
files (indirectly) including evp.h.
Submitted by:
Reviewed by:
PR:
 2002-07-10 07:01:54 +00:00