openssl

Author	SHA1	Message	Date
Andy Polyakov	90acf770b5	DTLS fixes from 0.9.8-stable.	2007-10-13 10:57:02 +00:00
Dr. Stephen Henson	67c8e7f414	Support for certificate status TLS extension.	2007-09-26 21:56:59 +00:00
Bodo Möller	761772d7e1	Implement the Opaque PRF Input TLS extension (draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and bugfixes on the way. In particular, this fixes the buffer bounds checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext(). Note that the opaque PRF Input TLS extension is not compiled by default; see CHANGES.	2007-09-21 06:54:24 +00:00
Ben Laurie	aaa4f448cf	The other half of make errors.	2007-09-19 14:51:28 +00:00
Bodo Möller	1b827d7b6f	Clean up error codes a bit. (engines/ccgost/ remains utter chaos, though; "make errors" is not happy.)	2007-09-19 00:58:58 +00:00
Dr. Stephen Henson	81025661a9	Update ssl code to support digests other than MD5+SHA1 in handshake. Submitted by: Victor B. Wagner <vitus@cryptocom.ru>	2007-08-31 12:42:53 +00:00
Dr. Stephen Henson	94d511cdbd	Add ctrls to set and get RFC4507bis keys to enable several contexts to reuse the same tickets.	2007-08-28 01:08:45 +00:00
Dr. Stephen Henson	6434abbfc6	RFC4507 (including RFC4507bis) TLS stateless session resumption support for OpenSSL.	2007-08-11 23:18:29 +00:00
Dr. Stephen Henson	3c07d3a3d3	Finish gcc 4.2 changes.	2007-06-07 13:14:42 +00:00
Dr. Stephen Henson	b948e2c59e	Update ssl library to support EVP_PKEY MAC API. Include generic MAC support.	2007-06-04 17:04:40 +00:00
Bodo Möller	a291745eeb	fix function codes for error	2007-04-24 01:06:19 +00:00
Bodo Möller	96afc1cfd5	Add SEED encryption algorithm. PR: 1503 Submitted by: KISA Reviewed by: Bodo Moeller	2007-04-23 23:48:59 +00:00
Bodo Möller	0a05123a6c	Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a ciphersuite string such as "DEFAULT:RSA" cannot enable authentication-only ciphersuites. Also, change ssl_create_cipher_list() so that it no longer starts with an arbitrary ciphersuite ordering, but instead uses the logic that we previously had in SSL_DEFEAULT_CIPHER_LIST. SSL_DEFAULT_CIPHER_LIST simplifies into just "ALL:!aNULL:!eNULL".	2007-02-19 18:41:41 +00:00
Bodo Möller	52b8dad8ec	Reorganize the data used for SSL ciphersuite pattern matching. This change resolves a number of problems and obviates multiple kludges. A new feature is that you can now say "AES256" or "AES128" (not just "AES", which enables both). In some cases the ciphersuite list generated from a given string is affected by this change. I hope this is just in those cases where the previous behaviour did not make sense.	2007-02-17 06:45:38 +00:00
Nils Larsch	fec38ca4ed	fix typos PR: 1354, 1355, 1398, 1408	2006-12-21 21:13:27 +00:00
Nils Larsch	7806f3dd4b	replace macros with functions Submitted by: Tracy Camp <tracyx.e.camp@intel.com>	2006-11-29 20:54:57 +00:00
Nils Larsch	1611b9ed80	remove SSLEAY_MACROS code	2006-11-06 19:53:39 +00:00
Bodo Möller	ed3ecd801e	Error messages for client ECC cert verification. Also, change the default ciphersuite to give some prefererence to ciphersuites with forwared secrecy (rather than using a random order).	2006-06-15 19:58:22 +00:00
Bodo Möller	89bbe14c50	Ciphersuite string bugfixes, and ECC-related (re-)definitions.	2006-06-14 17:40:31 +00:00
Bodo Möller	6635b48cd1	Make sure that AES ciphersuites get priority over Camellia ciphersuites in the default cipher string.	2006-06-14 13:58:48 +00:00
Bodo Möller	f3dea9a595	Camellia cipher, contributed by NTT Submitted by: Masashi Fujita Reviewed by: Bodo Moeller	2006-06-09 15:44:59 +00:00
Richard Levitte	7e76e56387	Someone made a mistake, and some function and reason codes got duplicate numbers. Renumbering.	2006-05-12 15:27:52 +00:00
Bodo Möller	332737217a	Implement Supported Elliptic Curves Extension. Submitted by: Douglas Stebila	2006-03-30 02:44:56 +00:00
Bodo Möller	019fdc7850	fix sign problems	2006-03-13 09:55:06 +00:00
Bodo Möller	b6acb8d0de	udpate Supported Point Formats Extension code Submitted by: Douglas Stebila	2006-03-13 01:24:38 +00:00
Nils Larsch	6adbcb9755	fix comment Submitted by: Peter Sylvester	2006-03-12 23:00:32 +00:00
Bodo Möller	36ca4ba63d	Implement the Supported Point Formats Extension for ECC ciphersuites Submitted by: Douglas Stebila	2006-03-11 23:46:37 +00:00
Nils Larsch	ddac197404	add initial support for RFC 4279 PSK SSL ciphersuites PR: 1191 Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation Reviewed by: Nils Larsch	2006-03-10 23:06:27 +00:00
Bodo Möller	e67ed82877	move new member of SSL_SESSION to the end (minimize changes to binary format) Submitted by: Peter Sylvester	2006-02-07 14:26:43 +00:00
Bodo Möller	a13c20f603	Further TLS extension updates Submitted by: Peter Sylvester	2006-01-09 19:49:05 +00:00
Bodo Möller	51eb1b81f6	Avoid contradictive error code assignments. "make errors".	2006-01-08 21:54:24 +00:00
Bodo Möller	739a543ea8	Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)	2006-01-08 19:42:30 +00:00
Bodo Möller	3ff94a009b	complete and correct RFC3546 error codes	2006-01-07 20:28:11 +00:00
Bodo Möller	1aeb3da83f	Fixes for TLS server_name extension Submitted by: Peter Sylvester	2006-01-06 09:08:59 +00:00
Bodo Möller	f1fd4544a3	Various changes in the new TLS extension code, including the following: - fix indentation - rename some functions and macros - fix up confusion between SSL_ERROR_... and SSL_AD_... values	2006-01-03 03:27:19 +00:00
Bodo Möller	ed3883d21b	Support TLS extensions (specifically, HostName) Submitted by: Peter Sylvester	2006-01-02 23:14:37 +00:00
Bodo Möller	72dce7685e	Add fixes for CAN-2005-2969. (This were in 0.9.7-stable and 0.9.8-stable, but not in HEAD so far.)	2005-10-26 19:40:45 +00:00
Dr. Stephen Henson	c1de1a190d	Avoid warning on Win32.	2005-10-08 17:31:18 +00:00
Dr. Stephen Henson	566dda07ba	New option SSL_OP_NO_COMP to disable compression. New ctrls to set maximum send fragment size. Allocate I/O buffers accordingly.	2005-10-08 00:18:53 +00:00
Nils Larsch	4ebb342fcd	Let the TLSv1_method() etc. functions return a const SSL_METHOD pointer and make the SSL_METHOD parameter in SSL_CTX_new, SSL_CTX_set_ssl_version and SSL_set_ssl_method const.	2005-08-14 21:48:33 +00:00
Nils Larsch	f0747cd950	- let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an error if the cipher list is empty - fix last commit in ssl_create_cipher_list - clean up ssl_create_cipher_list	2005-06-10 19:55:26 +00:00
Bodo Möller	aa4ce7315f	Fix various incorrect error function codes. ("perl util/ck_errf.pl /.c //*.c" still reports many more.)	2005-04-26 18:53:22 +00:00
Bodo Möller	beb056b303	fix SSLerr stuff for DTLS1 code; move some functions from exported header <openssl/dtl1.h> into "ssl_locl.h"; fix silly indentation (a TAB is not always 4 spaces)	2005-04-26 18:08:00 +00:00
Ben Laurie	36d16f8ee0	Add DTLS support.	2005-04-26 16:02:40 +00:00
Ben Laurie	41a15c4f0f	Give everything prototypes (well, everything that's actually used).	2005-03-31 09:26:39 +00:00
Ben Laurie	0821bcd4de	Constification.	2005-03-30 10:26:02 +00:00
Dr. Stephen Henson	5d7c222db8	New X509_VERIFY_PARAM structure and associated functionality. This tidies up verify parameters and adds support for integrated policy checking. Add support for policy related command line options. Currently only in smime application. WARNING: experimental code subject to change.	2004-09-06 18:43:01 +00:00
Richard Levitte	6713a4835f	Move some COMP functions to be inside the #ifndef OPENSSL_NO_COMP wrapping preprocessor directive. This also removes a duplicate declaration.	2004-05-20 23:47:57 +00:00
Geoff Thorpe	d095b68d63	Deprecate quite a few recursive includes from the ssl.h API header and remove some unnecessary includes from the internal header ssl_locl.h. This then requires adding includes for bn.h in four C files.	2004-05-17 18:53:47 +00:00
Richard Levitte	0020502a07	SSL_COMP_get_compression_method is a typo (a missing 's' at the end of the symbol name).	2004-03-25 21:32:30 +00:00

1 2 3 4 5

204 Commits