Commit graph

713 commits

Author SHA1 Message Date
Dr. Stephen Henson
cbb0b734c7 If cipher list contains a match for an explicit ciphersuite only match that
one suite.
2006-04-15 00:22:34 +00:00
Nils Larsch
41d4d6721c fix no-dh configure option; patch supplied by Peter Meerwald 2006-02-24 17:58:35 +00:00
Nils Larsch
22d1087e16 backport recent changes from the cvs head 2006-02-08 19:16:33 +00:00
Dr. Stephen Henson
9f85fcefdc Update filenames in makefiles 2006-02-04 01:49:36 +00:00
Nils Larsch
45803988ce make "./configure no-ssl2" work again
PR: 1217
2006-01-15 16:57:01 +00:00
Nils Larsch
82a2cb6f51 fix cipher list order 2006-01-15 07:14:38 +00:00
Bodo Möller
c55d882fab Avoid contradictive error code assignments.
"make error".
2006-01-08 21:52:46 +00:00
Bodo Möller
2e885232c2 Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts) 2006-01-08 19:41:25 +00:00
Bodo Möller
a14afd0804 Rewrite timeout computation in a way that is less prone to overflow.
(Problem reported by Peter Sylvester.)
2005-12-30 23:51:57 +00:00
Bodo Möller
bc9320452c update TLS-ECC code
Submitted by: Douglas Stebila
2005-12-13 07:41:47 +00:00
Dr. Stephen Henson
974d52fdb8 Fix from HEAD. 2005-12-05 17:32:22 +00:00
Mark J. Cox
64932f9e4a Add fixes for CAN-2005-2969
Bump release ready for OpenSSL_0_9_8a tag
2005-10-11 10:16:21 +00:00
Dr. Stephen Henson
416b6fd115 Make OPENSSL_NO_COMP work on Win32. 2005-10-02 12:26:06 +00:00
Dr. Stephen Henson
f685cf920b As HEAD. 2005-10-01 00:41:24 +00:00
Dr. Stephen Henson
54f51116b2 Update from HEAD. 2005-09-30 23:38:20 +00:00
Dr. Stephen Henson
daa657fb78 Fix from HEAD. 2005-09-21 00:57:28 +00:00
Nils Larsch
7f622f6c04 fix warnings when building openssl with (gcc 3.3.1):
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
-Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
-Wstrict-prototypes -Wreturn-type -Wpointer-arith  -W -Wunused
-Wno-unused-parameter -Wuninitialized
2005-08-28 23:20:52 +00:00
Ben Laurie
801136bcc2 Fix warnings. 2005-08-27 12:05:23 +00:00
Nils Larsch
3c0e39c539 Keep cipher lists sorted in the source instead of sorting them at
runtime, thus removing the need for a lock. Add a test to ssltest
to verify that the cipher lists are sorted.
2005-08-25 07:43:04 +00:00
Nils Larsch
cd9911fdf8 initialize cipher/digest methods table in SSL_library_init() and hence remove the need for a lock 2005-08-21 23:06:51 +00:00
Nils Larsch
cf1546a60e a ssl object needs it's own instance of a ecdh key; remove obsolete comment 2005-08-08 19:39:29 +00:00
Nils Larsch
e7eec05af0 fix typo 2005-08-08 19:26:35 +00:00
Dr. Stephen Henson
222f224664 Initialize SSL_METHOD structures at compile time. This removes the need
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
2005-08-05 23:52:08 +00:00
Andy Polyakov
2d54cc69c9 WCE update, mostly typos [from HEAD]. 2005-08-03 20:04:05 +00:00
Nils Larsch
3de6d65ea3 improved error checking and some fixes
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
2005-07-26 20:55:17 +00:00
Nils Larsch
4913b88f70 make
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
	make all test
work again (+ make update)

PR: 1159
2005-07-16 11:13:10 +00:00
Ben Laurie
910d193029 Did you know it was wrong to use a char as an array index? 2005-06-28 13:27:53 +00:00
Andy Polyakov
beae6324e5 Eliminate dependency on UNICODE macro. 2005-06-27 21:21:12 +00:00
Richard Levitte
a50a2126cf DCC doesn't like argument names in returned function pointers.
PR: 1122
2005-06-23 21:35:20 +00:00
Richard Levitte
c58a1f76f8 Do not undefine _XOPEN_SOURCE. This is currently experimental, and
will be firmed up as soon as it's been verified not to break anything.
2005-06-16 22:19:14 +00:00
Nils Larsch
cac0d4ee6f - let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an
error if the cipher list is empty
- fix last commit in ssl_create_cipher_list
- clean up ssl_create_cipher_list
2005-06-10 19:51:16 +00:00
Nils Larsch
898d3ecce0 use "=" instead of "|=", fix typo 2005-06-08 22:20:24 +00:00
Nils Larsch
4e2a0e58f2 ssl_create_cipher_list should return an error if no cipher could be
collected (see SSL_CTX_set_cipher_list manpage). Fix handling of
"cipher1+cipher2" expressions in ssl_cipher_process_rulestr

PR: 836 + 1005
2005-06-08 21:13:52 +00:00
Richard Levitte
0fb4d54068 Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER
and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true),
depending on which is true.  Use those flags everywhere else to provide
the correct implementation for handling certain operations in q PQ_64BIT.
2005-06-06 00:32:30 +00:00
Richard Levitte
d28b7799dd handshake_write_seq is an unsigned short, so treat it like one 2005-06-02 17:26:17 +00:00
Nils Larsch
7ea61df414 clear error queue on success and return NULL if cert could be read
PR: 1088
2005-06-01 08:31:22 +00:00
Richard Levitte
335ed97263 Synchronise more with the Unix build 2005-05-31 20:28:55 +00:00
Richard Levitte
3d37d5e24a Forgottent make update. These files will be retagged. 2005-05-30 23:20:32 +00:00
Richard Levitte
e2ac4732cd pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.

Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
2005-05-30 22:34:28 +00:00
Richard Levitte
e96025755d We have some source with \r\n as line ends. DEC C informs about that,
and I really can't be bothered...
2005-05-29 12:13:20 +00:00
Richard Levitte
dd890f0776 make update 2005-05-24 03:39:37 +00:00
Dr. Stephen Henson
69762c75fa Fix WIN32+KRB5 issues. 2005-05-23 00:32:55 +00:00
Richard Levitte
b9927cfa2d When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in
http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html.

Notified by David Wolfe <dwolfe5272@yahoo.com>
2005-05-21 17:39:53 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
2005-05-16 16:55:47 +00:00
Nils Larsch
9dd8405341 ecc api cleanup; summary:
- hide the EC_KEY structure definition in ec_lcl.c + add
  some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
  attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
  additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
2005-05-16 10:11:04 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
f795123c4a Fix from stable branch. 2005-05-12 22:39:42 +00:00
Bodo Möller
3f19bbf4e3 fix msg_callback() arguments for SSL 2.0 compatible client hello
(previous revision got this wrong)
2005-05-12 06:24:25 +00:00
Bodo Möller
c6c2e3135d Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled
with the SSL_OP_NO_SSLv2 option.
2005-05-11 18:25:49 +00:00
Nils Larsch
35e8510e60 use 'p' as conversion specifier for printf to avoid truncation of
pointers on 64 bit platforms. Patch supplied by Daniel Gryniewicz
via Mike Frysinger <vapier@gentoo.org>.

PR: 1064
2005-05-10 11:55:28 +00:00