Commit graph

155 commits

Author SHA1 Message Date
Dr. Stephen Henson
08c239701b Experimental renegotiation support in s_server test -www server. 2010-01-28 19:48:36 +00:00
Dr. Stephen Henson
c2963f5b87 revert wrongly committed test code 2010-01-27 17:49:33 +00:00
Dr. Stephen Henson
4ba1aa393b typo 2010-01-27 14:05:39 +00:00
Dr. Stephen Henson
35b0ea4efe Add simple external session cache to s_server. This serialises sessions
just like a "real" server making it easier to trace any problems.
2009-12-27 23:24:45 +00:00
Dr. Stephen Henson
5430200b8b Add ctrl and macro so we can determine if peer support secure renegotiation. 2009-12-08 13:42:08 +00:00
Dr. Stephen Henson
637f374ad4 Initial experimental TLSv1.1 support 2009-12-07 13:31:02 +00:00
Dr. Stephen Henson
2942dde56c commit missing apps code for reneg fix 2009-11-11 14:10:24 +00:00
Dr. Stephen Henson
d4be92896c Add -no_cache option to s_server 2009-10-28 17:49:30 +00:00
Dr. Stephen Henson
18e503f30f PR: 2064, 728
Submitted by: steve@openssl.org

Add support for custom headers in OCSP requests.
2009-09-30 21:40:55 +00:00
Dr. Stephen Henson
07a9d1a2c2 PR: 2028
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.
2009-09-04 17:42:53 +00:00
Dr. Stephen Henson
ba4526e071 Stop unused variable warning on WIN32 et al. 2009-08-18 11:15:33 +00:00
Dr. Stephen Henson
b972fbaa8f PR: 1997
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS timeout handling fix.
2009-08-12 13:19:54 +00:00
Dr. Stephen Henson
c869da8839 Update from 1.0.0-stable 2009-07-27 21:10:00 +00:00
Dr. Stephen Henson
db99779bee Use common verify parameters instead of the small ad-hoc subset in
s_client, s_server.
2009-06-30 15:56:35 +00:00
Dr. Stephen Henson
58f41a926a Updates from 1.0.0-stable 2009-06-05 14:59:26 +00:00
Dr. Stephen Henson
046f210112 Update from 1.0.0-stable. 2009-05-17 16:04:58 +00:00
Dr. Stephen Henson
8711efb498 Updates from 1.0.0-stable branch. 2009-04-20 11:33:12 +00:00
Dr. Stephen Henson
70531c147c Make no-engine work again. 2008-12-20 17:04:40 +00:00
Dr. Stephen Henson
2900fc8ae1 Don't stop -cipher from working. 2008-11-30 22:01:31 +00:00
Dr. Stephen Henson
79bd20fd17 Update from stable-branch. 2008-11-24 17:27:08 +00:00
Ben Laurie
f3b7bdadbc Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks. 2008-11-16 12:47:12 +00:00
Dr. Stephen Henson
ed551cddf7 Update from stable branch. 2008-11-12 17:28:18 +00:00
Ben Laurie
6caa4edd3e Add JPAKE. 2008-10-26 18:40:52 +00:00
Ben Laurie
babb379849 Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
Ben Laurie
5ce278a77b More type-checking. 2008-06-04 11:01:43 +00:00
Lutz Jänicke
51e00db226 Document "openssl s_server" -crl_check* options
Submitted by: Daniel Black <daniel.subs@internode.on.net>
2008-05-19 07:52:15 +00:00
Lutz Jänicke
f49c687507 Typo. (From 0.9.8-stable/S. Henson)
PR: 1672
2008-05-19 06:21:05 +00:00
Dr. Stephen Henson
b7fcc08976 Typo. 2007-09-28 17:18:18 +00:00
Dr. Stephen Henson
67c8e7f414 Support for certificate status TLS extension. 2007-09-26 21:56:59 +00:00
Bodo Möller
86d4bc3aea fix length parameter in SSL_set_tlsext_opaque_prf_input() calls 2007-09-23 11:08:59 +00:00
Bodo Möller
761772d7e1 Implement the Opaque PRF Input TLS extension
(draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and
bugfixes on the way.  In particular, this fixes the buffer bounds
checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext().

Note that the opaque PRF Input TLS extension is not compiled by default;
see CHANGES.
2007-09-21 06:54:24 +00:00
Dr. Stephen Henson
d82a612a90 Fix warning: print format option not compatible with size_t. 2007-09-07 13:34:46 +00:00
Dr. Stephen Henson
d24a9c8f5a Docs and usage messages for RFC4507bis support. 2007-08-23 11:34:48 +00:00
Dr. Stephen Henson
710069c19e Fix warnings. 2007-08-12 17:44:32 +00:00
Dr. Stephen Henson
6434abbfc6 RFC4507 (including RFC4507bis) TLS stateless session resumption support
for OpenSSL.
2007-08-11 23:18:29 +00:00
Dr. Stephen Henson
9c54e18bf0 Fixes for dgst tool. Initialize md_name, sig_name properly. Return error code
on failure. Keep output format consistent with previous versions.

Also flush stdout after printing ACCEPT in s_server.
2007-05-21 15:53:30 +00:00
Nils Larsch
7806f3dd4b replace macros with functions
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
2006-11-29 20:54:57 +00:00
Dr. Stephen Henson
5d20c4fb35 Overhaul of by_dir code to handle dynamic loading of CRLs. 2006-09-17 17:16:28 +00:00
Dr. Stephen Henson
7bf7333d68 If we include winsock2.h then FD_SET wants an unsigned type for an fd. 2006-04-17 12:22:13 +00:00
Ulf Möller
4700aea951 Add BeOS support.
PR: 1312
Submitted by: Oliver Tappe <zooey@hirschkaefer.de>
Reviewed by: Ulf Moeller
2006-04-11 21:34:21 +00:00
Bodo Möller
bcbe37b716 Change default curve (for compatibility with a
soon-to-be-widely-deployed implementation that doesn't support the
previous default)

Submitted by: Douglas Stebila
2006-03-30 02:41:30 +00:00
Nils Larsch
d916ba1ba1 check if con != NULL before using it 2006-03-18 14:24:02 +00:00
Nils Larsch
a0aa8b4b61 fix signed vs. unsigned warning 2006-03-11 12:18:11 +00:00
Nils Larsch
ddac197404 add initial support for RFC 4279 PSK SSL ciphersuites
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
2006-03-10 23:06:27 +00:00
Bodo Möller
241520e66d More TLS extension related changes.
Submitted by: Peter Sylvester
2006-01-11 06:10:40 +00:00
Bodo Möller
a13c20f603 Further TLS extension updates
Submitted by: Peter Sylvester
2006-01-09 19:49:05 +00:00
Bodo Möller
1aeb3da83f Fixes for TLS server_name extension
Submitted by: Peter Sylvester
2006-01-06 09:08:59 +00:00
Bodo Möller
f1fd4544a3 Various changes in the new TLS extension code, including the following:
- fix indentation
 - rename some functions and macros
 - fix up confusion between SSL_ERROR_... and SSL_AD_... values
2006-01-03 03:27:19 +00:00
Bodo Möller
b1277b9902 C style fix-up 2006-01-02 23:29:12 +00:00
Bodo Möller
ed3883d21b Support TLS extensions (specifically, HostName)
Submitted by: Peter Sylvester
2006-01-02 23:14:37 +00:00