Dr. Stephen Henson
cbb0b734c7
If cipher list contains a match for an explicit ciphersuite only match that
...
one suite.
2006-04-15 00:22:34 +00:00
Nils Larsch
41d4d6721c
fix no-dh configure option; patch supplied by Peter Meerwald
2006-02-24 17:58:35 +00:00
Nils Larsch
22d1087e16
backport recent changes from the cvs head
2006-02-08 19:16:33 +00:00
Dr. Stephen Henson
9f85fcefdc
Update filenames in makefiles
2006-02-04 01:49:36 +00:00
Nils Larsch
45803988ce
make "./configure no-ssl2" work again
...
PR: 1217
2006-01-15 16:57:01 +00:00
Nils Larsch
82a2cb6f51
fix cipher list order
2006-01-15 07:14:38 +00:00
Bodo Möller
c55d882fab
Avoid contradictive error code assignments.
...
"make error".
2006-01-08 21:52:46 +00:00
Bodo Möller
2e885232c2
Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)
2006-01-08 19:41:25 +00:00
Bodo Möller
a14afd0804
Rewrite timeout computation in a way that is less prone to overflow.
...
(Problem reported by Peter Sylvester.)
2005-12-30 23:51:57 +00:00
Bodo Möller
bc9320452c
update TLS-ECC code
...
Submitted by: Douglas Stebila
2005-12-13 07:41:47 +00:00
Dr. Stephen Henson
974d52fdb8
Fix from HEAD.
2005-12-05 17:32:22 +00:00
Mark J. Cox
64932f9e4a
Add fixes for CAN-2005-2969
...
Bump release ready for OpenSSL_0_9_8a tag
2005-10-11 10:16:21 +00:00
Dr. Stephen Henson
416b6fd115
Make OPENSSL_NO_COMP work on Win32.
2005-10-02 12:26:06 +00:00
Dr. Stephen Henson
f685cf920b
As HEAD.
2005-10-01 00:41:24 +00:00
Dr. Stephen Henson
54f51116b2
Update from HEAD.
2005-09-30 23:38:20 +00:00
Dr. Stephen Henson
daa657fb78
Fix from HEAD.
2005-09-21 00:57:28 +00:00
Nils Larsch
7f622f6c04
fix warnings when building openssl with (gcc 3.3.1):
...
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
-Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
-Wstrict-prototypes -Wreturn-type -Wpointer-arith -W -Wunused
-Wno-unused-parameter -Wuninitialized
2005-08-28 23:20:52 +00:00
Ben Laurie
801136bcc2
Fix warnings.
2005-08-27 12:05:23 +00:00
Nils Larsch
3c0e39c539
Keep cipher lists sorted in the source instead of sorting them at
...
runtime, thus removing the need for a lock. Add a test to ssltest
to verify that the cipher lists are sorted.
2005-08-25 07:43:04 +00:00
Nils Larsch
cd9911fdf8
initialize cipher/digest methods table in SSL_library_init() and hence remove the need for a lock
2005-08-21 23:06:51 +00:00
Nils Larsch
cf1546a60e
a ssl object needs it's own instance of a ecdh key; remove obsolete comment
2005-08-08 19:39:29 +00:00
Nils Larsch
e7eec05af0
fix typo
2005-08-08 19:26:35 +00:00
Dr. Stephen Henson
222f224664
Initialize SSL_METHOD structures at compile time. This removes the need
...
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
2005-08-05 23:52:08 +00:00
Andy Polyakov
2d54cc69c9
WCE update, mostly typos [from HEAD].
2005-08-03 20:04:05 +00:00
Nils Larsch
3de6d65ea3
improved error checking and some fixes
...
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
2005-07-26 20:55:17 +00:00
Nils Larsch
4913b88f70
make
...
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
make all test
work again (+ make update)
PR: 1159
2005-07-16 11:13:10 +00:00
Ben Laurie
910d193029
Did you know it was wrong to use a char as an array index?
2005-06-28 13:27:53 +00:00
Andy Polyakov
beae6324e5
Eliminate dependency on UNICODE macro.
2005-06-27 21:21:12 +00:00
Richard Levitte
a50a2126cf
DCC doesn't like argument names in returned function pointers.
...
PR: 1122
2005-06-23 21:35:20 +00:00
Richard Levitte
c58a1f76f8
Do not undefine _XOPEN_SOURCE. This is currently experimental, and
...
will be firmed up as soon as it's been verified not to break anything.
2005-06-16 22:19:14 +00:00
Nils Larsch
cac0d4ee6f
- let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an
...
error if the cipher list is empty
- fix last commit in ssl_create_cipher_list
- clean up ssl_create_cipher_list
2005-06-10 19:51:16 +00:00
Nils Larsch
898d3ecce0
use "=" instead of "|=", fix typo
2005-06-08 22:20:24 +00:00
Nils Larsch
4e2a0e58f2
ssl_create_cipher_list should return an error if no cipher could be
...
collected (see SSL_CTX_set_cipher_list manpage). Fix handling of
"cipher1+cipher2" expressions in ssl_cipher_process_rulestr
PR: 836 + 1005
2005-06-08 21:13:52 +00:00
Richard Levitte
0fb4d54068
Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER
...
and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true),
depending on which is true. Use those flags everywhere else to provide
the correct implementation for handling certain operations in q PQ_64BIT.
2005-06-06 00:32:30 +00:00
Richard Levitte
d28b7799dd
handshake_write_seq is an unsigned short, so treat it like one
2005-06-02 17:26:17 +00:00
Nils Larsch
7ea61df414
clear error queue on success and return NULL if cert could be read
...
PR: 1088
2005-06-01 08:31:22 +00:00
Richard Levitte
335ed97263
Synchronise more with the Unix build
2005-05-31 20:28:55 +00:00
Richard Levitte
3d37d5e24a
Forgottent make update. These files will be retagged.
2005-05-30 23:20:32 +00:00
Richard Levitte
e2ac4732cd
pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't
...
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.
Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
2005-05-30 22:34:28 +00:00
Richard Levitte
e96025755d
We have some source with \r\n as line ends. DEC C informs about that,
...
and I really can't be bothered...
2005-05-29 12:13:20 +00:00
Richard Levitte
dd890f0776
make update
2005-05-24 03:39:37 +00:00
Dr. Stephen Henson
69762c75fa
Fix WIN32+KRB5 issues.
2005-05-23 00:32:55 +00:00
Richard Levitte
b9927cfa2d
When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in
...
http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html .
Notified by David Wolfe <dwolfe5272@yahoo.com>
2005-05-21 17:39:53 +00:00
Andy Polyakov
ce92b6eb9c
Further BUILDENV refinement, further fool-proofing of Makefiles and
...
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342 .
2005-05-16 16:55:47 +00:00
Nils Larsch
9dd8405341
ecc api cleanup; summary:
...
- hide the EC_KEY structure definition in ec_lcl.c + add
some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
2005-05-16 10:11:04 +00:00
Andy Polyakov
81a86fcf17
Fool-proofing Makefiles
2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
f795123c4a
Fix from stable branch.
2005-05-12 22:39:42 +00:00
Bodo Möller
3f19bbf4e3
fix msg_callback() arguments for SSL 2.0 compatible client hello
...
(previous revision got this wrong)
2005-05-12 06:24:25 +00:00
Bodo Möller
c6c2e3135d
Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled
...
with the SSL_OP_NO_SSLv2 option.
2005-05-11 18:25:49 +00:00
Nils Larsch
35e8510e60
use 'p' as conversion specifier for printf to avoid truncation of
...
pointers on 64 bit platforms. Patch supplied by Daniel Gryniewicz
via Mike Frysinger <vapier@gentoo.org>.
PR: 1064
2005-05-10 11:55:28 +00:00