#
1.37 |
|
21-May-2024 |
jsg |
remove prototypes with no matching function and externs with no var partly checked by millert@
|
#
1.36 |
|
18-May-2024 |
jsg |
remove extern with no matching var; ok tb@
|
#
1.35 |
|
18-May-2024 |
jsg |
remove prototypes with no matching function; ok tb@
|
Revision tags: OPENBSD_7_4_BASE OPENBSD_7_5_BASE
|
#
1.34 |
|
11-Jun-2023 |
jsg |
remove unused args_st struct ok tb@
|
#
1.33 |
|
11-Jun-2023 |
jsg |
remove chopup_args() unused since apps.c rev 1.31 ok tb@
|
#
1.32 |
|
14-Apr-2023 |
tb |
Drop policy printing from openssl
Nothing really uses the policy tree. It's desgined with built-in DoS capabilities directly from the RFC. It will be removed from the attack surface and replaced with something equivalent that doesn't grow exponentially with the depth.
This removes the only reason the policy tree itself ever leaked out of the library.
ok jsing
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE OPENBSD_7_3_BASE
|
#
1.31 |
|
10-Jan-2022 |
tb |
Implement openssl pkey -{,pub}check and pkeyparam -check
These expose EVP_PKEY_{,public_,param_}check() to the command line. They are currently noops and will be enabled in the upcoming bump.
ok inoguchi jsing
|
#
1.30 |
|
26-Nov-2021 |
tb |
openssl(1): drop support for netscape certificates and server gated keys.
ok inoguchi jsing
|
#
1.29 |
|
20-Nov-2021 |
tb |
typo in comment
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
02-Sep-2021 |
inoguchi |
Add DB_TYPE_SUSP
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.27 |
|
31-Mar-2021 |
tb |
Remove workarounds for SSL_is_dtls()
Reminded by inoguchi jsing
|
#
1.26 |
|
28-Mar-2021 |
inoguchi |
Fix duplicate SSL_is_dtls in libssl and apps.c
Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed.
ok jsing@
|
#
1.25 |
|
24-Mar-2021 |
inoguchi |
Add option type OPTION_ORDER
To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.36 |
|
18-May-2024 |
jsg |
remove extern with no matching var; ok tb@
|
#
1.35 |
|
18-May-2024 |
jsg |
remove prototypes with no matching function; ok tb@
|
Revision tags: OPENBSD_7_4_BASE OPENBSD_7_5_BASE
|
#
1.34 |
|
11-Jun-2023 |
jsg |
remove unused args_st struct ok tb@
|
#
1.33 |
|
11-Jun-2023 |
jsg |
remove chopup_args() unused since apps.c rev 1.31 ok tb@
|
#
1.32 |
|
14-Apr-2023 |
tb |
Drop policy printing from openssl
Nothing really uses the policy tree. It's desgined with built-in DoS capabilities directly from the RFC. It will be removed from the attack surface and replaced with something equivalent that doesn't grow exponentially with the depth.
This removes the only reason the policy tree itself ever leaked out of the library.
ok jsing
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE OPENBSD_7_3_BASE
|
#
1.31 |
|
10-Jan-2022 |
tb |
Implement openssl pkey -{,pub}check and pkeyparam -check
These expose EVP_PKEY_{,public_,param_}check() to the command line. They are currently noops and will be enabled in the upcoming bump.
ok inoguchi jsing
|
#
1.30 |
|
26-Nov-2021 |
tb |
openssl(1): drop support for netscape certificates and server gated keys.
ok inoguchi jsing
|
#
1.29 |
|
20-Nov-2021 |
tb |
typo in comment
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
02-Sep-2021 |
inoguchi |
Add DB_TYPE_SUSP
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.27 |
|
31-Mar-2021 |
tb |
Remove workarounds for SSL_is_dtls()
Reminded by inoguchi jsing
|
#
1.26 |
|
28-Mar-2021 |
inoguchi |
Fix duplicate SSL_is_dtls in libssl and apps.c
Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed.
ok jsing@
|
#
1.25 |
|
24-Mar-2021 |
inoguchi |
Add option type OPTION_ORDER
To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.34 |
|
11-Jun-2023 |
jsg |
remove unused args_st struct ok tb@
|
#
1.33 |
|
11-Jun-2023 |
jsg |
remove chopup_args() unused since apps.c rev 1.31 ok tb@
|
#
1.32 |
|
14-Apr-2023 |
tb |
Drop policy printing from openssl
Nothing really uses the policy tree. It's desgined with built-in DoS capabilities directly from the RFC. It will be removed from the attack surface and replaced with something equivalent that doesn't grow exponentially with the depth.
This removes the only reason the policy tree itself ever leaked out of the library.
ok jsing
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE OPENBSD_7_3_BASE
|
#
1.31 |
|
10-Jan-2022 |
tb |
Implement openssl pkey -{,pub}check and pkeyparam -check
These expose EVP_PKEY_{,public_,param_}check() to the command line. They are currently noops and will be enabled in the upcoming bump.
ok inoguchi jsing
|
#
1.30 |
|
26-Nov-2021 |
tb |
openssl(1): drop support for netscape certificates and server gated keys.
ok inoguchi jsing
|
#
1.29 |
|
20-Nov-2021 |
tb |
typo in comment
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
02-Sep-2021 |
inoguchi |
Add DB_TYPE_SUSP
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.27 |
|
31-Mar-2021 |
tb |
Remove workarounds for SSL_is_dtls()
Reminded by inoguchi jsing
|
#
1.26 |
|
28-Mar-2021 |
inoguchi |
Fix duplicate SSL_is_dtls in libssl and apps.c
Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed.
ok jsing@
|
#
1.25 |
|
24-Mar-2021 |
inoguchi |
Add option type OPTION_ORDER
To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.32 |
|
14-Apr-2023 |
tb |
Drop policy printing from openssl
Nothing really uses the policy tree. It's desgined with built-in DoS capabilities directly from the RFC. It will be removed from the attack surface and replaced with something equivalent that doesn't grow exponentially with the depth.
This removes the only reason the policy tree itself ever leaked out of the library.
ok jsing
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE OPENBSD_7_3_BASE
|
#
1.31 |
|
10-Jan-2022 |
tb |
Implement openssl pkey -{,pub}check and pkeyparam -check
These expose EVP_PKEY_{,public_,param_}check() to the command line. They are currently noops and will be enabled in the upcoming bump.
ok inoguchi jsing
|
#
1.30 |
|
26-Nov-2021 |
tb |
openssl(1): drop support for netscape certificates and server gated keys.
ok inoguchi jsing
|
#
1.29 |
|
20-Nov-2021 |
tb |
typo in comment
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
02-Sep-2021 |
inoguchi |
Add DB_TYPE_SUSP
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.27 |
|
31-Mar-2021 |
tb |
Remove workarounds for SSL_is_dtls()
Reminded by inoguchi jsing
|
#
1.26 |
|
28-Mar-2021 |
inoguchi |
Fix duplicate SSL_is_dtls in libssl and apps.c
Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed.
ok jsing@
|
#
1.25 |
|
24-Mar-2021 |
inoguchi |
Add option type OPTION_ORDER
To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.31 |
|
10-Jan-2022 |
tb |
Implement openssl pkey -{,pub}check and pkeyparam -check
These expose EVP_PKEY_{,public_,param_}check() to the command line. They are currently noops and will be enabled in the upcoming bump.
ok inoguchi jsing
|
#
1.30 |
|
26-Nov-2021 |
tb |
openssl(1): drop support for netscape certificates and server gated keys.
ok inoguchi jsing
|
#
1.29 |
|
20-Nov-2021 |
tb |
typo in comment
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
02-Sep-2021 |
inoguchi |
Add DB_TYPE_SUSP
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.27 |
|
31-Mar-2021 |
tb |
Remove workarounds for SSL_is_dtls()
Reminded by inoguchi jsing
|
#
1.26 |
|
28-Mar-2021 |
inoguchi |
Fix duplicate SSL_is_dtls in libssl and apps.c
Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed.
ok jsing@
|
#
1.25 |
|
24-Mar-2021 |
inoguchi |
Add option type OPTION_ORDER
To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.30 |
|
26-Nov-2021 |
tb |
openssl(1): drop support for netscape certificates and server gated keys.
ok inoguchi jsing
|
#
1.29 |
|
20-Nov-2021 |
tb |
typo in comment
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
02-Sep-2021 |
inoguchi |
Add DB_TYPE_SUSP
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.27 |
|
31-Mar-2021 |
tb |
Remove workarounds for SSL_is_dtls()
Reminded by inoguchi jsing
|
#
1.26 |
|
28-Mar-2021 |
inoguchi |
Fix duplicate SSL_is_dtls in libssl and apps.c
Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed.
ok jsing@
|
#
1.25 |
|
24-Mar-2021 |
inoguchi |
Add option type OPTION_ORDER
To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.29 |
|
20-Nov-2021 |
tb |
typo in comment
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
02-Sep-2021 |
inoguchi |
Add DB_TYPE_SUSP
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.27 |
|
31-Mar-2021 |
tb |
Remove workarounds for SSL_is_dtls()
Reminded by inoguchi jsing
|
#
1.26 |
|
28-Mar-2021 |
inoguchi |
Fix duplicate SSL_is_dtls in libssl and apps.c
Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed.
ok jsing@
|
#
1.25 |
|
24-Mar-2021 |
inoguchi |
Add option type OPTION_ORDER
To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.28 |
|
02-Sep-2021 |
inoguchi |
Add DB_TYPE_SUSP
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.27 |
|
31-Mar-2021 |
tb |
Remove workarounds for SSL_is_dtls()
Reminded by inoguchi jsing
|
#
1.26 |
|
28-Mar-2021 |
inoguchi |
Fix duplicate SSL_is_dtls in libssl and apps.c
Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed.
ok jsing@
|
#
1.25 |
|
24-Mar-2021 |
inoguchi |
Add option type OPTION_ORDER
To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.27 |
|
31-Mar-2021 |
tb |
Remove workarounds for SSL_is_dtls()
Reminded by inoguchi jsing
|
#
1.26 |
|
28-Mar-2021 |
inoguchi |
Fix duplicate SSL_is_dtls in libssl and apps.c
Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed.
ok jsing@
|
#
1.25 |
|
24-Mar-2021 |
inoguchi |
Add option type OPTION_ORDER
To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.26 |
|
28-Mar-2021 |
inoguchi |
Fix duplicate SSL_is_dtls in libssl and apps.c
Currently, SSL_is_dtls exists in both libssl and apps.c, and one in libssl is guarded by LIBRESSL_INTERNAL and not exposed yet. This causes portable build broke with openssl(1) and optionstest. To solve this temporarily, rename SSL_is_dtls by apps.h. This temporary renaming will be removed when the SSL_is_dtls() is exposed.
ok jsing@
|
#
1.25 |
|
24-Mar-2021 |
inoguchi |
Add option type OPTION_ORDER
To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.25 |
|
24-Mar-2021 |
inoguchi |
Add option type OPTION_ORDER
To handle incremental order value, added new option type OPTION_ORDER. openssl(1) x509 requires this option handling, since, - -CA and -signkey require to set both filename and incremental 'num'. - -dates requires to set two variables in a row, startdate and enddate. and this couldn't be solved by OPTION_FLAG_ORD.
ok tb@ and "I'd move forward with your current plan." from jsing@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.24 |
|
09-Sep-2020 |
inoguchi |
Add option type OPTION_UL_VALUE_OR
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.23 |
|
14-Jul-2019 |
guenther |
Mark the initialized struct options arrays as both static and const. This moves them from .data to .data.rel.ro
ok deraadt@ inoguchi@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.22 |
|
09-Feb-2019 |
inoguchi |
Summarize the 4 same name functions and move it to apps.c
ok tb@ jsing@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.21 |
|
13-Jul-2018 |
cheloha |
openssl app timers: TM_START -> TM_RESET, TM_STOP -> TM_GET
Much more apt than the current operation names.
Names suggested by jca@ ages ago.
ok jca, jsing
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|
#
1.20 |
|
05-Dec-2017 |
jca |
Seperate real and user timer interfaces
Use more descriptive names, and make it clearer that real and user timers work on different static storage. The end goal is to be able to reuse those timer functions, instead of inlining other timer implementations subject to clock jumps.
Discussed with Scott Cheloha
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.19 |
|
30-Aug-2016 |
deraadt |
Add OPTION_ARG_TIME for parsing a (64 bit if needed) time_t prodding & ok jsing
|
#
1.18 |
|
30-Aug-2016 |
deraadt |
Fix 32-bit time handling, using time_t and make it work on systems where that is long long. ok beck guenther
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
10-Oct-2015 |
doug |
Initial support for pledges in openssl(1) commands.
openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands.
We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command.
This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options.
deraadt@ and beck@ are roughly fine with this approach.
|
#
1.16 |
|
13-Sep-2015 |
bcook |
Factor out setup_up / destroy_ui functions.
This pulls out and renames setup_ui/destroy_ui so we have something that can be replaced as-needed, moving the the console setup code for Windows to app_win.c in -portable, instead of needing a local patch to enable binary console mode
ui_read/write are also simplified.
|
#
1.15 |
|
11-Sep-2015 |
bcook |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has no way to use the engine command or parameters at all.
ok jsing@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.14 |
|
15-Jul-2015 |
jsing |
Add OPTION_ARG_LONG for handling of options with a long type.
ok doug@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.13 |
|
01-Jan-2015 |
jsing |
Provide option types for binary AND, binary OR and silently discarding an option.
|
#
1.12 |
|
28-Dec-2014 |
jsing |
Provide an option type that allows for a callback function to consume an arbitrary number of arguments. This will allow for more complex option handling as required by some of the openssl(1) applications.
|
#
1.11 |
|
28-Dec-2014 |
jsing |
Provide a mechanism for option parsing to return the number of arguments that it has consumed. This allows for the handling of multiple unnamed arguments, including lists of filenames.
|
#
1.10 |
|
28-Dec-2014 |
jsing |
Provide two different function pointers for option function callbacks. This allows for simpler code in the common cases and will allow for further extension to support the complex cases.
|
#
1.9 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.8 |
|
07-Nov-2014 |
jsing |
More OPENSSL_NO_TLSEXT clean up.
|
#
1.7 |
|
30-Aug-2014 |
jsing |
Move the callback function pointer outside the opt union so that the option values are useable by the function. Also provide an option type that calls a function without consuming/passing an argument.
|
#
1.6 |
|
28-Aug-2014 |
jsing |
Add option handling with a callback function for argument processing.
|
#
1.5 |
|
28-Aug-2014 |
jsing |
Add option handling for ordered flags.
|
#
1.4 |
|
28-Aug-2014 |
jsing |
Add option handling for input/output formats.
|
#
1.3 |
|
27-Aug-2014 |
jsing |
Add an option type that handles argument to integer conversion.
|
#
1.2 |
|
27-Aug-2014 |
jsing |
Implement table-driven option parsing that allows an application to specify what its valid options are and where it wants them to be stored. This also allows for usage to be generated, almost for free, ensuring that the options and usage are automatically kept in sync.
This will allow for a single option parsing implementation, rather than the current one-hand-rolled-option-parsing-and-random-usage-implementation per application.
As a starting point, port the openssl(1) rand application to the new option parsing and usage (along with associated code clean up).
With input from doug@.
ok bcook@ doug@
|
#
1.1 |
|
26-Aug-2014 |
jsing |
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl.
ok deraadt@ miod@
|