Bodo Möller
38b3e9edde
Fix SSL handshake functions and SSL_clear() such that SSL_clear()
...
never resets s->method to s->ctx->method when called from within one
of the SSL handshake functions.
2001-10-24 19:05:26 +00:00
Bodo Möller
9ccadf1c6f
In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
...
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
2001-10-20 17:52:40 +00:00
Bodo Möller
1147fa5a5f
the previous commit accidentily removed 'ret = 1' from the SSL_ST_OK
...
case of ssl3_accept
2001-10-15 17:40:22 +00:00
Bodo Möller
f8845509b6
Disable session related stuff in SSL_ST_OK case of ssl3_accept if we
...
just sent a HelloRequest.
2001-09-21 07:01:04 +00:00
Bodo Möller
3f98e1dd11
Bugfix: correct cleanup after sending a HelloRequest
2001-09-21 00:03:00 +00:00
Bodo Möller
e53afa9e9b
fix ssl3_accept: don't call ssl_init_wbio_buffer() in HelloRequest case
2001-09-20 21:36:39 +00:00
Bodo Möller
10981a5c84
add comment
2001-09-14 13:48:37 +00:00
Bodo Möller
9cf8888149
Increase permissible ClientKeyExchange message length as in main
...
branch (revision 1.50, 2000-11-17)
2001-09-14 13:32:03 +00:00
Lutz Jänicke
a04baf9b5c
Allow client certificate lists > 16kB ("Douglas E. Engert" <deengert@anl.gov>.)
2001-08-25 11:48:35 +00:00
Bodo Möller
83583e9479
Fix Bleichenbacher PKCS #1 1.5 countermeasure.
...
(The attack against SSL 3.1 and TLS 1.0 is impractical anyway,
otherwise this would be a security relevant patch.)
2001-06-01 09:43:23 +00:00
Dr. Stephen Henson
de0b3ab7fb
Zero the premaster secret after deriving the master secret in DH
...
ciphersuites.
2001-01-25 13:20:39 +00:00
Bodo Möller
bbb8de0966
Avoid abort() throughout the library, except when preprocessor
...
symbols for debugging are defined.
2000-09-04 15:34:43 +00:00
Bodo Möller
93d8bfcdc4
typo
2000-05-25 11:24:42 +00:00
Bodo Möller
2c05c494c0
Implement SSL_OP_TLS_ROLLBACK_BUG for servers.
...
Call dh_tmp_cb with correct 'is_export' flag.
Avoid tabs in CHANGES.
2000-05-25 09:50:40 +00:00
Bodo Möller
98e04f9eeb
Comments for SSL_get_peer_cert_chain inconsistency.
2000-03-27 18:07:45 +00:00
Dr. Stephen Henson
fbb41ae0ad
Allow code which calls RSA temp key callback to cope
...
with a failure.
Fix typos in some error codes.
2000-02-25 00:23:48 +00:00
Ulf Möller
4c5fac4ac4
Fix NO_RSA (misplaced #endif).
2000-02-24 04:41:03 +00:00
Bodo Möller
a2a0158959
Fix some bugs and document others
2000-02-21 17:09:54 +00:00
Bodo Möller
745c70e565
Move MAC computations for Finished from ssl3_read_bytes into
...
ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client.
2000-02-21 10:16:30 +00:00
Dr. Stephen Henson
de469ef21e
Fix for Netscape "hang" bug.
2000-02-15 14:19:44 +00:00
Ulf Möller
657e60fa00
ispell (and minor modifications)
2000-02-03 23:23:24 +00:00
Ulf Möller
9d1a01be8f
Source code cleanups: Use void * rather than char * in lhash,
...
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
2000-01-30 22:20:28 +00:00
Bodo Möller
a87030a1ed
Make DSA_generate_parameters, and fix a couple of bug
...
(including another problem in the s3_srvr.c state machine).
2000-01-30 02:23:03 +00:00
Dr. Stephen Henson
018e57c74d
Apply Lutz Behnke's 56 bit cipher patch with a few
...
minor changes.
Docs haven't been added at this stage. They are probably
best included in the 'ciphers' program docs.
2000-01-22 03:17:06 +00:00
Ulf Möller
e7f97e2d22
Check RAND_bytes() return value or use RAND_pseudo_bytes().
2000-01-21 01:15:56 +00:00
Ulf Möller
eb952088f0
Precautions against using the PRNG uninitialized: RAND_bytes() now
...
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
2000-01-13 20:59:17 +00:00
Bodo Möller
c51ae173a6
Clean up some of the SSL server code.
2000-01-11 01:07:26 +00:00
Ben Laurie
752d706aaf
Make NO_RSA compile with pedantic.
2000-01-08 21:06:24 +00:00
Bodo Möller
f2d9a32cf4
Use separate arrays for certificate verify and for finished hashes.
2000-01-06 00:24:24 +00:00
Bodo Möller
c44f754047
Slight code cleanup for handling finished labels.
2000-01-05 23:11:51 +00:00
Dr. Stephen Henson
3d14b9d04a
Add support for MS "fast SGC".
2000-01-02 18:52:58 +00:00
Bodo Möller
47134b7864
Don't request client certificate in anonymous ciphersuites
...
except when following the specs is bound to fail.
1999-12-29 17:43:03 +00:00
Bodo Möller
b1fe6ca175
Store verify_result with sessions to avoid potential security hole.
1999-11-16 23:15:41 +00:00
Ben Laurie
ca7fea9656
Fix warnings.
1999-09-24 19:10:57 +00:00
Dr. Stephen Henson
1c80019a2c
Add new sign and verify members to RSA_METHOD and change SSL code to use sign
...
and verify rather than direct encrypt/decrypt.
1999-09-18 22:37:44 +00:00
Bodo Möller
5bdae1675c
Fix yet another bug for client hello handling.
1999-09-11 10:36:41 +00:00
Bodo Möller
074309b7ee
Fix server behaviour when facing backwards-compatible client hellos.
1999-09-03 16:33:11 +00:00
Bodo Möller
8876bc0548
Let ssl_get_prev_session reliably work in multi-threaded settings.
1999-05-23 13:07:03 +00:00
Bodo Möller
b56bce4fc7
New structure type SESS_CERT used instead of CERT inside SSL_SESSION.
...
While modifying the sources, I found some inconsistencies on the use of
s->cert vs. s->session->sess_cert; I don't know if those could
really have caused problems, but possibly this is a proper bug-fix
and not just a clean-up.
1999-05-13 15:09:38 +00:00
Bodo Möller
9d5cceac6f
No actual change, but the cert_st member of struct ssl_session_st is now
...
called sess_cert instead of just cert. This is in preparation of further
changes: Probably often when s->session->sess_cert is used, we should
use s->cert instead; s->session->sess_cert should be a new structure
containing only the stuff that is for just one connection (e.g.
the peer's certificate, which the SSL client implementations currently
store in s->session->[sess_]cert, which is a very confusing thing to do).
Submitted by:
Reviewed by:
PR:
1999-05-09 21:22:45 +00:00
Bodo Möller
ca8e5b9b8a
Create a duplicate of the SSL_CTX's CERT in SSL_new instead of copying
...
pointers. The cert_st handling is changed by this in various ways.
Submitted by:
Reviewed by:
PR:
1999-05-09 20:12:44 +00:00
Bodo Möller
8051996a5b
Annotate a bug.
...
Submitted by:
Reviewed by:
PR:
1999-05-02 04:03:22 +00:00
Ulf Möller
d02f751ce1
Message digest stuff.
1999-04-27 04:18:53 +00:00
Ulf Möller
79df9d6272
New Configure option no-<cipher> (rsa, idea, rc5, ...).
1999-04-27 03:19:12 +00:00
Ulf Möller
a9be3af5ad
Remove NOPROTO definitions and error code comments.
1999-04-26 16:43:10 +00:00
Bodo Möller
ec577822f9
Change #include filenames from <foo.h> to <openssl.h>.
...
Submitted by:
Reviewed by:
PR:
1999-04-23 22:13:45 +00:00
Bodo Möller
5cc146f344
Fixed some race conditions.
...
Submitted by:
Reviewed by:
PR:
1999-04-22 13:37:46 +00:00
Ulf Möller
6b691a5c85
Change functions to ANSI C.
1999-04-19 21:31:43 +00:00
Ben Laurie
f73e07cf42
Add type-safe STACKs and SETs.
1999-04-12 17:23:57 +00:00
Ben Laurie
b4cadc6e13
Fix security hole.
1999-03-22 12:22:14 +00:00