Richard Levitte
d28f7bc74d
make update
2004-07-10 13:18:23 +00:00
Richard Levitte
4083a229b4
Use the new directory reading functions.
2004-07-10 13:17:16 +00:00
Richard Levitte
6713a4835f
Move some COMP functions to be inside the #ifndef OPENSSL_NO_COMP
...
wrapping preprocessor directive. This also removes a duplicate
declaration.
2004-05-20 23:47:57 +00:00
Geoff Thorpe
9c52d2cc75
After the latest round of header-hacking, regenerate the dependencies in
...
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
2004-05-17 19:26:06 +00:00
Geoff Thorpe
d095b68d63
Deprecate quite a few recursive includes from the ssl.h API header and
...
remove some unnecessary includes from the internal header ssl_locl.h. This
then requires adding includes for bn.h in four C files.
2004-05-17 18:53:47 +00:00
Dr. Stephen Henson
4843acc868
Fixes so alerts are sent properly in s3_pkt.c
...
PR: 851
2004-05-15 17:55:07 +00:00
Geoff Thorpe
bcfea9fb25
Allow RSA key-generation to specify an arbitrary public exponent. Jelte
...
proposed the change and submitted the patch, I jiggled it slightly and
adjusted the other parts of openssl that were affected.
PR: 867
Submitted by: Jelte Jansen
Reviewed by: Geoff Thorpe
2004-04-26 15:31:35 +00:00
Geoff Thorpe
c57bc2dc51
make update
2004-04-19 18:33:41 +00:00
Geoff Thorpe
60a938c6bc
(oops) Apologies all, that last header-cleanup commit was from the wrong
...
tree. This further reduces header interdependencies, and makes some
associated cleanups.
2004-04-19 18:09:28 +00:00
Richard Levitte
0020502a07
SSL_COMP_get_compression_method is a typo (a missing 's' at the end of
...
the symbol name).
2004-03-25 21:32:30 +00:00
Dr. Stephen Henson
4e8172d6da
Avoid warnings.
2004-03-16 13:51:11 +00:00
Richard Levitte
875a644a90
Constify d2i, s2i, c2i and r2i functions and other associated
...
functions and macros.
This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const. Those will be removed when this change has been
properly reviewed.
2004-03-15 23:15:26 +00:00
Richard Levitte
1fb724449d
make update
2004-01-28 18:38:33 +00:00
Lutz Jänicke
344e86645d
unintptr_t and <inttypes.h> are not strictly portable with respect to
...
ANSI C 89.
Undo change to maintain compatibility.
2004-01-04 17:53:21 +00:00
Richard Levitte
5fdf06666c
Avoid including cryptlib.h, it's not really needed.
...
Check if IDEA is being built or not.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:10:30 +00:00
Richard Levitte
79b42e7654
Use sh explicitely to run point.sh
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:59:07 +00:00
Lutz Jänicke
919f8bcd21
Restructure make targets to allow parallel make.
...
Submitted by: Witold Filipczyk <witekfl@poczta.gazeta.pl>
PR: #513
2003-12-03 16:29:41 +00:00
Richard Levitte
3822740ce3
We're getting a clash with C++ because it has a type called 'list'.
...
Therefore, change all instances of the symbol 'list' to something else.
PR: 758
Submitted by: Frédéric Giudicelli <groups@newpki.org>
2003-11-29 10:25:37 +00:00
Richard Levitte
70ef9c5a3d
RSA_size() and DH_size() return the amount of bytes in a key, and we
...
compared it to the amount of bits required...
PR: 770
Submitted by: c zhang <czhang2005@hotmail.com>
2003-11-28 23:03:14 +00:00
Richard Levitte
4d8743f490
Netware-specific changes,
...
PR: 780
Submitted by: Verdon Walker <VWalker@novell.com>
Reviewed by: Richard Levitte
2003-11-28 13:10:58 +00:00
Geoff Thorpe
d8ec0dcf45
Avoid some shadowed variable names.
...
Submitted by: Nils Larsch
2003-11-04 00:51:32 +00:00
Geoff Thorpe
2754597013
A general spring-cleaning (in autumn) to fix up signed/unsigned warnings.
...
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
2003-10-29 20:24:15 +00:00
Dr. Stephen Henson
a08ced78c8
Avoid warnings: add missing prototype, don't shadow.
2003-10-10 23:07:24 +00:00
Richard Levitte
377dcdba44
Add functionality to get information on compression methods (not quite complete).
2003-10-06 12:18:39 +00:00
Richard Levitte
8242354952
Make sure int SSL_COMP_add_compression_method() checks if a certain
...
compression identity is already present among the registered
compression methods, and if so, reject the addition request.
Declare SSL_COMP_get_compression_method() so it can be used properly.
Change ssltest.c so it checks what compression methods are available
and enumerates them. As a side-effect, built-in compression methods
will be automagically loaded that way. Additionally, change the
identities for ZLIB and RLE to be conformant to
draft-ietf-tls-compression-05.txt.
Finally, make update.
Next on my list: have the built-in compression methods added
"automatically" instead of requiring that the author call
SSL_COMP_add_compression_method() or
SSL_COMP_get_compression_methods().
2003-10-06 11:00:15 +00:00
Richard Levitte
f82ab534c6
Check for errors from SSL_COMP_add_compression_method().
...
Notified by Andrew Marlow <AMARLOW1@bloomberg.net>
2003-10-02 10:41:48 +00:00
Richard Levitte
f6e8c19ed1
Correct a mixup of return values
2003-10-02 10:38:44 +00:00
Richard Levitte
ba9f80c5d5
Have ssl3_ssl3_send_client_verify() change the state to SSL3_ST_SW_CERT_VRFY_B.
...
PR: 679
2003-09-27 19:32:06 +00:00
Richard Levitte
e59659dc41
Have ssl3_send_certificate_request() change the state to SSL3_ST_SW_CERT_REQ_B.
...
PR: 680
2003-09-27 19:27:06 +00:00
Richard Levitte
253e893c2b
Include the instance in the Kerberos ticket information.
...
In s_server, print the received Kerberos information.
PR: 693
2003-09-27 17:55:13 +00:00
Richard Levitte
0e6c20da46
Free the Kerberos context upon freeing the SSL.
...
Contributed by Andrew Mann <amann@tccgi.com>
2003-09-27 07:35:07 +00:00
Geoff Thorpe
9ea72d3705
These should be write-locks, not read-locks.
2003-09-08 15:47:55 +00:00
Dr. Stephen Henson
14f3d7c5cc
Only accept a client certificate if the server requests
...
one, as required by SSL/TLS specs.
2003-09-03 23:47:34 +00:00
Bodo Möller
563c05e2dc
fix out-of-bounds check in lock_dbg_cb (was too lose to detect all
...
invalid cases)
PR: 674
2003-08-14 10:33:56 +00:00
Bodo Möller
643ecd2ed6
make sure no error is left in the queue that is intentionally ignored
2003-08-11 18:56:22 +00:00
Bodo Möller
968766cad8
updates for draft-ietf-tls-ecc-03.txt
...
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
2003-07-22 12:34:21 +00:00
Bodo Möller
ddc38679ce
tolerate extra data at end of client hello for SSL 3.0
...
PR: 659
2003-07-21 15:17:46 +00:00
Lutz Jänicke
f65a75786b
Fix ordering of compare functions: strncmp() must be used first, a
...
the cipher name in the list is not guaranteed to be at least "buflen"
long.
PR: 567
Submitted by: "Matt Harren" <matth@cs.berkeley.edu>
2003-04-08 06:31:36 +00:00
Richard Levitte
3ae70939ba
Correct a lot of printing calls. Remove extra arguments...
2003-04-03 23:39:48 +00:00
Richard Levitte
c4d00669a0
Let's limit the extent of the definition of _XOPEN_SOURCE.
2003-03-25 21:17:28 +00:00
Bodo Möller
33b34a9d8f
remove patch ID (which is supposed to appear in patched variants of
...
old OpenSSL releases, but not in new releases)
2003-03-21 13:11:14 +00:00
Bodo Möller
02da5bcd83
countermeasure against new Klima-Pokorny-Rosa atack
2003-03-19 19:19:53 +00:00
Bodo Möller
176f31ddec
- new ECDH_compute_key interface (KDF is no longer a fixed built-in)
...
- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary
2003-02-28 15:37:10 +00:00
Bodo Möller
57376542a0
use tabs for indentation, not spaces
2003-02-28 15:07:10 +00:00
Ulf Möller
66ecdf3bfb
more mingw related cleanups.
2003-02-22 18:00:14 +00:00
Richard Levitte
5b0b0e98ce
Security fix: Vaudenay timing attack on CBC.
...
An advisory will be posted to the web. Expect a release within the hour.
2003-02-19 12:03:59 +00:00
Geoff Thorpe
4879ec7bf3
Session cache implementations shouldn't have to access SSL_SESSION
...
elements directly, so this missing functionality is required.
PR: 276
2003-02-15 20:38:57 +00:00
Richard Levitte
85d686e723
Make it possible to disable OCSP, the speed application, and the use of sockets.
...
PR: 358
2003-02-14 01:02:58 +00:00
Dr. Stephen Henson
cf56663fb7
Option to disable SSL auto chain build
2003-02-12 17:06:02 +00:00
Bodo Möller
ea513641d0
comments
2003-02-12 14:17:41 +00:00