Commit Graph

2347 Commits

Author SHA1 Message Date
Andy Polyakov
4e155ec47e apps/openssl.c: UTF-y Windows argv.
Windows never composes UTF-8 strings as result of user interaction
such as passing command-line argument. The only way to compose one
is programmatic conversion from WCHAR string, which in turn can be
picked up on command line.

[For reference, why not wmain, it's not an option on MinGW.]

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-01 09:52:06 +02:00
Richard J. Moore
22293ea1cc Ignore the serial number for now and just do the rest.
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1367)
2016-07-30 15:19:24 -04:00
Richard J. Moore
1421aeadd7 Make some more X509 functions const.
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1367)
2016-07-30 15:19:24 -04:00
Viktor Szakats
e5452d40be rsa.c: fix incorrect guard for pvk-* options
This update syncs the #if guard protecting the pvk-* options
with the rest of the source handling those options. Also fix
some nearby whitespace.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1365)
2016-07-30 10:46:22 -04:00
Dr. Stephen Henson
44c248b5ac print out MAC algorithm
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-29 23:25:47 +01:00
Jon Loeliger
1abd292585 RT4639: Typo when -DSSL_DEBUG
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-26 12:48:51 -04:00
FdaSilvaYY
ceab33e2cf Typo and comment fix
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)
2016-07-25 08:35:39 -04:00
FdaSilvaYY
fefa4d5507 Unused variable, and cleanups
Break two long messages.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)
2016-07-25 08:35:39 -04:00
FdaSilvaYY
5f7d5125fd Unused variable cleanup
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)
2016-07-25 08:35:39 -04:00
FdaSilvaYY
55e0d0b462 Discard a dead option
Old inactive inherited code, a code relic for sure.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)
2016-07-25 08:35:39 -04:00
Dr. Stephen Henson
3770b877ea Add mask for newly created symlink.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 12:07:13 +01:00
Dr. Stephen Henson
ee8f785873 Check suffixes properly.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 12:07:13 +01:00
Dr. Stephen Henson
f22ff0eb16 use correct name for duplicate
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 12:07:13 +01:00
FdaSilvaYY
e8aa8b6c8f Fix a few if(, for(, while( inside code.
Fix some indentation at the same time

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1292)
2016-07-20 07:21:53 -04:00
FdaSilvaYY
7606c231c9 Simplify buffer limit checking, and reuse BIO_snprintf returned value.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
2016-07-20 01:35:38 -04:00
FdaSilvaYY
edbff8da9b Code factorisation and simplification
Fix some code indentation

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
2016-07-20 01:35:38 -04:00
FdaSilvaYY
f6c460e8f6 Fix double calls to strlen
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
2016-07-20 01:35:38 -04:00
FdaSilvaYY
cdd202f254 Simplify code related to tmp_email_dn.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
2016-07-20 01:35:38 -04:00
FdaSilvaYY
1c72f70df4 Use more X509_REQ_get0_pubkey & X509_get0_pubkey
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
2016-07-20 01:35:38 -04:00
Richard Levitte
d6accd5040 Fix forgotten goto
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-19 15:26:40 +02:00
Richard Levitte
642a166ce1 Convert the last uses of sockaddr in apps/* to use BIO_ADDR instead
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-19 14:32:39 +02:00
Dr. Stephen Henson
d166ed8c11 check return values for EVP_Digest*() APIs
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-15 14:09:05 +01:00
Matt Caswell
4bbd4ba66d Disallow multiple protocol flags to s_server and s_client
We shouldn't allow both "-tls1" and "-tls1_2", or "-tls1" and "-no_tls1_2".
The only time multiple flags are allowed is where they are all "-no_<prot>".

This fixes Github Issue #1268

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-08 16:20:59 +01:00
Dr. Stephen Henson
ab6a591caa Support PKCS v2.0 print in pkcs12 utility.
Extended alg_print() in pkcs12 utility to support PBES2 algorithms.

RT#4588

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-08 02:09:02 +01:00
Richard Levitte
d513369bfa perl: Separate compile-time environment from runtime environment
Make it possible to have a separate and different perl command string
for installable scripts than we use when building, with the
environment variable HASHBANGPERL.  Its value default to the same as
the environment PERL if it's defined, otherwise '/usr/bin/env perl'.

Note: this is only relevant for Unix-like environments.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-07-04 15:40:31 +02:00
Richard Levitte
0483f58652 Simplify INCLUDE statements in build.info files
Now that INCLUDE considers both the source and build trees, no need
for the rel2abs perl fragment hacks any more.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-01 18:36:08 +02:00
FdaSilvaYY
6b4a77f56e Whitespace cleanup in apps
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1264)
2016-06-29 09:56:39 -04:00
David Benjamin
748e85308e Fix BN_is_prime* calls.
This function returns a tri-state -1 on error. See BoringSSL's
53409ee3d7595ed37da472bc73b010cd2c8a5ffd.

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1251
2016-06-25 11:01:30 +02:00
Rich Salz
3b5bea3604 Add -ciphers flag to enc command
Don't print the full list of ciphers as part of the -help output.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-24 16:39:05 -04:00
mmiyashita
1d8b4eb2b4 segmentation fault with 'openssl s_client -prexit -keymatexport'
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1243)
2016-06-21 17:30:46 -04:00
Richard Levitte
a392ef20f0 Allow proxy certs to be present when verifying a chain
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-06-20 21:34:37 +02:00
Richard Levitte
14d3c0dd2c apps/req.c: Increment the right variable when parsing '+'
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-20 20:11:07 +02:00
Jiri Horky
fb0303f3ce RT3136: Remove space after issuer/subject
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-20 09:25:12 -04:00
FdaSilvaYY
a8db2cfa4b Add a comment after some #endif at end of apps source code.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
2016-06-18 16:30:24 -04:00
FdaSilvaYY
823146d65f Useless header include of openssl/rand.h
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
2016-06-18 16:30:24 -04:00
Matt Caswell
1dcb8ca2a4 Use a STACK_OF(OPENSSL_CSTRING) for const char * stacks
Better than losing the const qualifier.

RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-18 15:34:03 +01:00
Matt Caswell
d012c1a179 Replace 4 casts with 1
Changing the type of the |str| variable in asn1pars enables us to remove
4 casts with just 1. This silences an OpenBSD warning along the way.

RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-18 15:34:03 +01:00
FdaSilvaYY
0ad69cd6c0 Spelling fixes
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1219)
2016-06-16 15:08:57 -04:00
Matt Caswell
f219a1b048 Revert "RT4526: Call TerminateProcess, not ExitProcess"
This reverts commit 9c1a9ccf65.

TerminateProcess is asynchronous, so the code as written in the above
commit is not correct. It is also probably not needed in the speed
case. Reverting in order to figure out the correct solution.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-16 17:37:37 +01:00
Richard Levitte
2ac6115d9e Deal with the consequences of constifying getters
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-06-15 20:09:27 +02:00
Rich Salz
9c1a9ccf65 RT4526: Call TerminateProcess, not ExitProcess
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-15 13:38:51 -04:00
FdaSilvaYY
82643254d6 Constify X509_TRUST_add method.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
2016-06-15 13:22:38 -04:00
Matt Caswell
d285b5418e Avoid a double-free in crl2pl7
The variable |crtflst| could get double freed in an error path.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-14 11:27:10 +01:00
Matt Caswell
a45dca668e Add missing break statement
The -psk option processing was falling through to the -srp option
processing in the ciphers app.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-14 11:21:44 +01:00
Rich Salz
a7be5759cf RT3809: basicConstraints is critical
This is really a security bugfix, not enhancement any more.
Everyone knows critical extensions.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-06-13 09:18:22 -04:00
Dr. Stephen Henson
6ec6d52071 Don't skip leading zeroes in PSK keys.
Don't use BN_hex2bn() for PSK key conversion as the conversion to
BN and back removes leading zeroes, use OPENSSL_hexstr2buf() instead.

RT#4554

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-12 19:44:17 +01:00
John Denker
a3ef2c1679 RT2759: Don't read TTY when already at EOF.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-12 08:52:40 -04:00
Rich Salz
7315ce80de Avoid memory leaks if options repeated.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-12 08:02:46 -04:00
Rich Salz
fe08bd76e2 GH1183: Fix -unix and -connect, etc., override
If a user specifies -unix, -6, etc., then the program tries to
use the last one specified.  This is confusing code and leads to
scripting errors.  Instead, allow only one type.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-10 10:45:49 -04:00
Rich Salz
b1ffe8dbee GH1123: sort dir before rehash
This is needed to generate stable output names/symlinks.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-02 15:12:50 -04:00