generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
11,982 Commits 16 Branches 258 Tags
Commit Graph

211 Commits

Author SHA1 Message Date
Dr. Stephen Henson
67c8e7f414 Support for certificate status TLS extension. 2007-09-26 21:56:59 +00:00
Bodo Möller
86d4bc3aea fix length parameter in SSL_set_tlsext_opaque_prf_input() calls 2007-09-23 11:08:59 +00:00
Bodo Möller
761772d7e1 Implement the Opaque PRF Input TLS extension 
(draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and
bugfixes on the way.  In particular, this fixes the buffer bounds
checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext().

Note that the opaque PRF Input TLS extension is not compiled by default;
see CHANGES.
 2007-09-21 06:54:24 +00:00
Dr. Stephen Henson
014f62b649 Add usage message for -sess_out, -sess_in 2007-08-23 12:20:36 +00:00
Dr. Stephen Henson
d24a9c8f5a Docs and usage messages for RFC4507bis support. 2007-08-23 11:34:48 +00:00
Dr. Stephen Henson
710069c19e Fix warnings. 2007-08-12 17:44:32 +00:00
Dr. Stephen Henson
6434abbfc6 RFC4507 (including RFC4507bis) TLS stateless session resumption support 
for OpenSSL.
 2007-08-11 23:18:29 +00:00
Lutz Jänicke
ee373e7f19 Fix problem with multi line responses in -starttls by using a buffering 
BIO and BIO_gets().
 2007-02-22 17:39:47 +00:00
Lutz Jänicke
8d72476e2b Extend SMTP and IMAP protocol handling to perform the required 
EHLO or CAPABILITY handshake before sending STARTTLS

Submitted by: Goetz Babin-Ebell <goetz@shomitefo.de>
 2007-02-21 18:20:41 +00:00
Dr. Stephen Henson
5d5ca32fa1 Updates from 0.9.8-stable branch. 2007-02-18 18:21:57 +00:00
Richard Levitte
85c6749216 Add STARTTLS support for IMAP and FTP. 
Submitted by Kees Cook <kees@outflux.net>
 2007-02-16 18:12:16 +00:00
Nils Larsch
7806f3dd4b replace macros with functions 
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
 2006-11-29 20:54:57 +00:00
Dr. Stephen Henson
5d20c4fb35 Overhaul of by_dir code to handle dynamic loading of CRLs. 2006-09-17 17:16:28 +00:00
Bodo Möller
b166f13eb5 Call 'print_stuff' even if a handshake failed. 2006-06-15 19:00:34 +00:00
Dr. Stephen Henson
7bf7333d68 If we include winsock2.h then FD_SET wants an unsigned type for an fd. 2006-04-17 12:22:13 +00:00
Ulf Möller
4700aea951 Add BeOS support. 
PR: 1312
Submitted by: Oliver Tappe <zooey@hirschkaefer.de>
Reviewed by: Ulf Moeller
 2006-04-11 21:34:21 +00:00
Nils Larsch
d916ba1ba1 check if con != NULL before using it 2006-03-18 14:24:02 +00:00
Nils Larsch
67b6f1ca88 fix problems found by coverity: remove useless code 2006-03-15 17:45:43 +00:00
Nils Larsch
e968089485 use BIO_snprintf() instead of snprintf + use BIO_FP_TEXT for text output 
Submitted by: Gisle Vanem
 2006-03-12 22:16:57 +00:00
Nils Larsch
a0aa8b4b61 fix signed vs. unsigned warning 2006-03-11 12:18:11 +00:00
Nils Larsch
ddac197404 add initial support for RFC 4279 PSK SSL ciphersuites 
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
 2006-03-10 23:06:27 +00:00
Bodo Möller
241520e66d More TLS extension related changes. 
Submitted by: Peter Sylvester
 2006-01-11 06:10:40 +00:00
Bodo Möller
a13c20f603 Further TLS extension updates 
Submitted by: Peter Sylvester
 2006-01-09 19:49:05 +00:00
Bodo Möller
1aeb3da83f Fixes for TLS server_name extension 
Submitted by: Peter Sylvester
 2006-01-06 09:08:59 +00:00
Richard Levitte
8de5b7f548 Fix signed/unsigned char clashes. 2006-01-04 12:02:43 +00:00
Bodo Möller
f1fd4544a3 Various changes in the new TLS extension code, including the following: 
- fix indentation
 - rename some functions and macros
 - fix up confusion between SSL_ERROR_... and SSL_AD_... values
 2006-01-03 03:27:19 +00:00
Bodo Möller
b1277b9902 C style fix-up 2006-01-02 23:29:12 +00:00
Bodo Möller
ed3883d21b Support TLS extensions (specifically, HostName) 
Submitted by: Peter Sylvester
 2006-01-02 23:14:37 +00:00
Andy Polyakov
ffa101872f Eliminate dependency on read/write/stat in apps under _WIN32. 2005-11-04 09:30:55 +00:00
Dr. Stephen Henson
566dda07ba New option SSL_OP_NO_COMP to disable compression. New ctrls to set 
maximum send fragment size. Allocate I/O buffers accordingly.
 2005-10-08 00:18:53 +00:00
Dr. Stephen Henson
09b6c2ef15 Make OPENSSL_NO_COMP compile again. 2005-09-30 23:35:33 +00:00
Nils Larsch
4ebb342fcd Let the TLSv1_method() etc. functions return a const SSL_METHOD 
pointer and make the SSL_METHOD parameter in SSL_CTX_new,
SSL_CTX_set_ssl_version and SSL_set_ssl_method const.
 2005-08-14 21:48:33 +00:00
Richard Levitte
b29228836a DJGPP changes. Contributed by Doug Kaufman <dkaufman@rahul.net> 2005-05-30 22:37:44 +00:00
Dr. Stephen Henson
6c61726b2a Lots of Win32 fixes for DTLS. 
1. "unsigned long long" isn't portable changed: to BN_ULLONG.
2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
2. Avoid lots of compiler warnings about signed/unsigned mismatches.
3. Include new library directory pqueue in mk1mf build system.
4. Update symbols.
 2005-04-27 16:27:14 +00:00
Dr. Stephen Henson
4e321ffaff Fixes for signed/unsigned warnings and shadows. 2005-04-26 17:43:53 +00:00
Ben Laurie
36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00
Nils Larsch
7d727231b7 some const fixes 2005-04-05 19:11:19 +00:00
Andy Polyakov
02a00bb054 DJGPP update. 
PR: 989
Submitted by: Doug Kaufman
 2005-01-04 10:28:38 +00:00
Dr. Stephen Henson
abbc186bd2 Fix s_client so it works without a certificate again. 2004-12-13 18:02:23 +00:00
Dr. Stephen Henson
826a42a088 PR: 910 
Add command line options -certform, -keyform and -pass to s_client and
s_server. This supports the use of alternative passphrase sources, key formats
and keys handled by an ENGINE.

Update docs.
 2004-11-16 17:30:59 +00:00
Richard Levitte
2549564009 On systems that use case-insensitive symbol names (i.e. they're all 
converted to upper case or something like that), the application-
level bio_dump_cb() has a name clash with the new library function
BIO_dump_cb().  The easiest fix is to rename the function at the
application level.
 2004-08-12 08:58:55 +00:00
Richard Levitte
47c1735acd NetWare fixes provided by Verdon Walker for OpenSSL 0.9.8-dev. 
The changes have been mailed to <crypt@bis.doc.gov> as well.

PR: 903
 2004-06-28 11:55:28 +00:00
Richard Levitte
4d8743f490 Netware-specific changes, 
PR: 780
Submitted by: Verdon Walker <VWalker@novell.com>
Reviewed by: Richard Levitte
 2003-11-28 13:10:58 +00:00
Geoff Thorpe
d8ec0dcf45 Avoid some shadowed variable names. 
Submitted by: Nils Larsch
 2003-11-04 00:51:32 +00:00
Richard Levitte
f44e184ec6 s_client should inform the user of any compression/expansion methods used. 2003-10-06 12:19:38 +00:00
Richard Levitte
3d7c4a5a6d Selected changes for MSDOS, contributed by Gisle Vanem <giva@bgnett.no>. 
PR: 669
 2003-09-27 21:56:08 +00:00
Lutz Jänicke
4f17dfcd75 Add minimum POP3 STLS hack to s_client.c (as was provided for STARTTLS before) 
Submitted by: dg@sunet.ru (Daniel Ginsburg)

PR: #613
 2003-05-28 20:24:57 +00:00
Richard Levitte
0b13e9f055 Add the possibility to build without the ENGINE framework. 
PR: 287
 2003-01-30 17:39:26 +00:00
Richard Levitte
1c3e4a3660 EXIT() may mean return(). That's confusing, so let's have it really mean 
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)
 2002-12-03 16:33:03 +00:00
Richard Levitte
4579924b7e Cleanse memory using the new OPENSSL_cleanse() function. 
I've covered all the memset()s I felt safe modifying, but may have missed some.
 2002-11-28 08:04:36 +00:00