Richard Levitte
88f1be140c
Correct syntax in ssl-lib.com
...
maketests.com was missing the TCP/IP options TCPIP and NONE
2002-06-05 06:45:27 +00:00
Richard Levitte
f9332da521
Recover from errors
2002-05-23 23:32:30 +00:00
Richard Levitte
7d2ff3f081
Allow the use of the TCP/IP stack keyword TCPIP and NONE
2002-05-22 11:37:02 +00:00
Dr. Stephen Henson
75a46764e5
closedir is not used on Win32.
2002-05-11 12:42:23 +00:00
Bodo Möller
ae936dae90
Fix ciphersuite list to enforce low priority for RC4.
2002-05-07 08:36:01 +00:00
Bodo Möller
67166dc05c
ensure that, for each strength, RC4 ciphers have least preference
...
in the default ciphersuite list
2002-05-07 07:59:05 +00:00
Bodo Möller
aa9fed8cc2
refer to latest draft for AES ciphersuites
2002-05-07 07:56:09 +00:00
Bodo Möller
442eb8a4c3
fix warning
2002-05-06 10:44:08 +00:00
Bodo Möller
29f6a99432
disable AES ciphersuites unless explicitly requested
2002-05-05 23:47:09 +00:00
Bodo Möller
1f13793b1a
fix casts
2002-05-05 23:01:02 +00:00
Bodo Möller
7bcf65a125
undo nonsense patch (r *is* signed or we have signedness mismatches elsewhere)
2002-04-29 11:03:38 +00:00
Richard Levitte
306009bb6a
Fix unsigned vs. signed clash
2002-04-29 10:30:34 +00:00
Richard Levitte
f84ffd0130
Make sure the opened directory is closed on exit.
...
Notified by Lorinczy Zsigmond <lzsiga@mail.ahiv.hu>
2002-04-18 16:20:21 +00:00
Bodo Möller
1dcb6c994f
fix length field we create when converting SSL 2.0 format into SSL 3.0/TLS 1.0 format
...
(the bug was introduced with message callback support)
2002-04-14 13:04:58 +00:00
Bodo Möller
a9ab63c01c
Implement known-IV countermeasure.
...
Fix length checks in ssl3_get_client_hello().
Use s->s3->in_read_app_data differently to fix ssl3_read_internal().
2002-04-13 22:51:26 +00:00
Lutz Jänicke
3671e38af4
Map new X509 verification errors to alert codes (Tom Wu <tom@arcot.com>).
...
Submitted by:
Reviewed by:
PR:
2002-03-19 16:44:26 +00:00
Dr. Stephen Henson
4fc3946111
Initialize ciph_ctx in kssl.c
2002-03-19 01:27:10 +00:00
Bodo Möller
0bdbc5a86e
fix ssl3_pending
2002-03-15 10:52:03 +00:00
Lutz Jänicke
abecef77cf
Add missing strength classification.
...
Submitted by:
Reviewed by:
PR:
2002-03-14 18:47:51 +00:00
Dr. Stephen Henson
b74dfe6e8e
Initialize cipher context in KRB5
...
("D. Russell" <russelld@aol.net>)
Allow HMAC functions to use an alternative ENGINE.
2002-03-14 18:16:49 +00:00
Bodo Möller
13962f0b15
use BIO_nwrite() more properly
2002-03-14 09:48:32 +00:00
Dr. Stephen Henson
f2cbb15468
Undo previous patch: avoid warnings by #undef'ing
...
duplicate definitions.
Suggested by "Kenneth R. Robinette" <support@securenetterm.com>
2002-03-13 13:58:33 +00:00
Dr. Stephen Henson
e38e8b29f8
Fix Kerberos warnings with VC++.
2002-03-12 19:38:16 +00:00
Dr. Stephen Henson
c03ceadfbd
Fix ASN1 additions for KRB5
2002-03-12 13:33:20 +00:00
Dr. Stephen Henson
e50baf58ab
Fix various warnings when compiling with KRB5 code.
2002-03-12 03:00:59 +00:00
Ben Laurie
91aeab0de3
ADH-DES-CBC-SHA should be LOW.
2002-03-06 16:59:12 +00:00
Bodo Möller
2be9b88135
use ERR_peek_last_error() instead of ERR_peek_error()
2002-02-28 14:10:13 +00:00
Richard Levitte
421d474332
Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated
2002-02-28 12:44:05 +00:00
Bodo Möller
48781ef7f7
Add 'void *' argument to app_verify_callback.
...
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
2002-02-28 10:55:52 +00:00
Lutz Jänicke
21f422ca5e
Fix the fix (Yoram Zahavi)...
...
Submitted by:
Reviewed by:
PR:
2002-02-27 11:24:39 +00:00
Lutz Jänicke
3b79d2789d
Make sure that bad sessions are removed in SSL_clear() (found by
...
Yoram Zahavi).
Submitted by:
Reviewed by:
PR:
2002-02-26 21:44:07 +00:00
Dr. Stephen Henson
cfe1c195c4
non-Monolith fixes.
...
Submitted by Andrew W. Gray <agray@iconsinc.com>
2002-02-22 21:27:47 +00:00
Lutz Jänicke
acfe628b6e
Make removal from session cache more robust.
2002-02-10 12:46:41 +00:00
Lutz Jänicke
4de920c91d
Do not store unneeded data.
2002-02-08 15:15:04 +00:00
Bodo Möller
8c74b5e56c
Bugfix: In ssl3_accept, don't use a local variable 'got_new_session'
...
to indicate that a real handshake is taking place (the value will be
lost during multiple invocations). Set s->new_session to 2 instead.
2002-01-14 23:40:26 +00:00
Bodo Möller
c59ba5b528
Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c) if
...
the SSL_R_LENGTH_MISMATCH error is detected.
2002-01-14 12:37:59 +00:00
Ben Laurie
45d87a1ffe
Prototype info function.
2002-01-12 15:56:13 +00:00
Ben Laurie
a3feb21bbe
Add client_cert_cb prototype.
2002-01-12 13:15:40 +00:00
Ulf Möller
dcbbf83dba
ssl3_read_bytes bug fix
...
Submitted by: D P Chang <dpc@qualys.com>
Reviewed by: Bodo
2001-12-28 17:14:35 +00:00
Bodo Möller
4d7072f4b5
remove redundant ERR_load_... declarations
2001-12-17 19:22:23 +00:00
Ben Laurie
ff3fa48fc7
Improve back compatibility.
2001-12-09 21:53:31 +00:00
Bodo Möller
47ff5c6279
For future portability reasons MIT is moving all macros to function
...
calls. This patch allows compilation either way.
Submitted by: Jeffrey Altman <jaltman@columbia.edu>
2001-11-23 21:50:50 +00:00
Bodo Möller
c23d16ac19
cast to unsigned int, not to int to avoid the warning -- all these
...
values really are unsigned
2001-11-14 21:18:35 +00:00
Richard Levitte
3102792161
unsigned int vs. int.
2001-11-14 10:55:29 +00:00
Bodo Möller
2b90b1f344
make code a little more similar to what it looked like before the fixes,
...
call ssl2_part_read again to parse error message
2001-11-10 10:44:15 +00:00
Bodo Möller
cf82191d77
Implement msg_callback for SSL 2.0.
...
Important SSL 2.0 bugfixes (bugs found while implementing msg_callback).
2001-11-10 01:16:28 +00:00
Richard Levitte
a7b42009c4
Change the shared library support so the shared libraries get built
...
sooner and the programs get built against the shared libraries.
This requires a bit more work. Things like -rpath and the possibility
to still link the programs statically should be included. Some
cleanup is also needed. This will be worked on.
2001-10-30 08:00:59 +00:00
Richard Levitte
7b5ffd6834
Addapt VMS scripts to the newer disk layout system ODS-5, which allows more than one period and mixed size characters in file names
2001-10-29 13:05:28 +00:00
Bodo Möller
4d635a7001
Consistency with s2_... and s23_... variants (no real functional
...
change)
2001-10-25 08:17:53 +00:00
Bodo Möller
ba1c602281
Assume TLS 1.0 when ClientHello fragment is too short.
2001-10-25 06:09:51 +00:00