Dr. Stephen Henson
3d14b9d04a
Add support for MS "fast SGC".
2000-01-02 18:52:58 +00:00
Bodo Möller
47134b7864
Don't request client certificate in anonymous ciphersuites
...
except when following the specs is bound to fail.
1999-12-29 17:43:03 +00:00
Bodo Möller
45fd4dbb84
Fix SSL_CTX_add_session: When two SSL_SESSIONs have the same ID,
...
they can sometimes be different memory structures.
1999-12-29 14:29:32 +00:00
Bodo Möller
9535f8c165
Delete NO_PROTO section (which apparently was just a typo for NOPROTO --
...
if anyone had actually ever needed that they should have fixed this typo)
1999-12-29 14:27:35 +00:00
Bodo Möller
891e465607
fix comment
1999-12-29 14:25:35 +00:00
Dr. Stephen Henson
dd4134101f
Change the trust and purpose code so it doesn't need init
...
either and has a static and dynamic mix.
1999-12-02 02:33:56 +00:00
Dr. Stephen Henson
bb7cd4e3eb
Remainder of SSL purpose and trust code: trust and purpose setting in
...
SSL_CTX and SSL, functions to set them and defaults if no values set.
1999-11-29 22:35:00 +00:00
Dr. Stephen Henson
13938aceca
Add part of chain verify SSL support code: not complete or doing anything
...
yet.
Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.
Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
1999-11-29 01:09:25 +00:00
Bodo Möller
1088e27ca8
Restore traditional SSL_get_session behaviour so that s_client and s_server
...
don't leak tons of memory.
1999-11-17 21:36:13 +00:00
Bodo Möller
b1fe6ca175
Store verify_result with sessions to avoid potential security hole.
1999-11-16 23:15:41 +00:00
Mark J. Cox
b7cfcfb7f8
This corrects the reference count handling in SSL_get_session.
...
Previously, the returned SSL_SESSION didn't have its reference count
incremented so the SSL_SESSION could be freed at any time causing
seg-faults if the pointer was subsequently used. Code that uses
SSL_get_session must now make a corresponding SSL_SESSION_free() call when
it is done to avoid memory leaks (or blocked up session caches).
Submitted By: Geoff Thorpe <geoff@eu.c2.net>
1999-11-15 16:31:31 +00:00
Richard Levitte
c96ab5101a
Make sure installed files are world readable
1999-11-12 01:42:59 +00:00
Bodo Möller
798757762a
Improve support for running everything as a monolithic application.
...
Submitted by: Lennart Bång, Bodo Möller
1999-10-25 19:36:01 +00:00
Ulf Möller
de808df47b
Cosmetic changes.
1999-09-29 22:14:47 +00:00
Ben Laurie
ca7fea9656
Fix warnings.
1999-09-24 19:10:57 +00:00
Dr. Stephen Henson
1c80019a2c
Add new sign and verify members to RSA_METHOD and change SSL code to use sign
...
and verify rather than direct encrypt/decrypt.
1999-09-18 22:37:44 +00:00
Bodo Möller
0d3118bed3
Update dependencies.
1999-09-14 15:07:22 +00:00
Bodo Möller
4dd60b3b96
typo in a comment
1999-09-14 15:06:25 +00:00
Bodo Möller
ac7da00048
Set s->version correctly for "natural" SSL 3.0 client hello
1999-09-13 13:02:07 +00:00
Andy Polyakov
17f389bbbf
Initial support for MacOS.
...
This will soon be complemented with MacOS specific source code files and
INSTALL.MacOS.
I (Andy) have decided to get rid of a number of #include <sys/types.h>.
I've verified it's ok (both by examining /usr/include/*.h and compiling)
on a number of Unix platforms. Unfortunately I don't have Windows box
to verify this on. I really appreciate if somebody could try to compile
it and contact me a.s.a.p. in case a problem occurs.
Submitted by: Roy Wood <roy@centricsystems.ca>
Reviewed by: Andy Polyakov <appro@fy.chalmers.se>
1999-09-11 17:54:18 +00:00
Bodo Möller
5bdae1675c
Fix yet another bug for client hello handling.
1999-09-11 10:36:41 +00:00
Bodo Möller
cb0369d885
Repair another bug in s23_get_client_hello:
...
tls1 did not survive to restarts, so get rid of it.
1999-09-10 16:41:01 +00:00
Bodo Möller
6f7af1524e
Use non-copying BIO interface in ssltest.c.
1999-09-10 14:03:21 +00:00
Bodo Möller
396f631458
some more patches for avoiding problems with non-automatic variables
1999-09-08 21:58:13 +00:00
Bodo Möller
c1082a90bb
Non-copying interface to BIO pairs.
...
It's still totally untested ...
1999-09-07 21:37:09 +00:00
Bodo Möller
ba3a6e7262
use explicit constant 11 just once
1999-09-03 22:37:38 +00:00
Bodo Möller
f70df1b887
Make previous bugfix actually work
1999-09-03 16:49:11 +00:00
Bodo Möller
074309b7ee
Fix server behaviour when facing backwards-compatible client hellos.
1999-09-03 16:33:11 +00:00
Bodo Möller
77fa04a9bc
-no_dhe option for ssltest.c
1999-09-03 16:31:36 +00:00
Bodo Möller
de1915e48c
Fix horrible (and hard to track down) bug in ssl23_get_client_hello:
...
In case of a restart, v[0] and v[1] were incorrectly initialised.
This was interpreted by ssl3_get_client_key_exchange as an RSA decryption
failure (don't ask me why) and caused it to create a _random_ master key
instead (even weirder), which obviously led to incorrect input to
ssl3_generate_master_secret and thus caused "block cipher pad is
wrong" error messages from ssl3_enc for the client's Finished message.
Arrgh.
1999-08-18 17:14:42 +00:00
Bodo Möller
29159a42d2
BIO_write and BIO_read could, in theory, return -2.
1999-08-09 16:33:34 +00:00
Bodo Möller
385be6eb20
Provide fixed seed for parameter generation to speed up -dhe1024.
1999-08-09 12:59:10 +00:00
Bodo Möller
204cf1abb0
Comments.
1999-08-08 14:21:04 +00:00
Bodo Möller
5e63691972
add comments
1999-08-08 14:07:30 +00:00
Ralf S. Engelschall
b1816a0408
typo while I poke around...
1999-08-05 13:31:42 +00:00
Bodo Möller
48c843c367
New function DSA_dup_DH, and fixes for bugs that were found
...
while implementing and using it.
1999-08-05 11:50:18 +00:00
Bodo Möller
2b8e4959fb
generate error message
1999-08-02 21:41:46 +00:00
Bodo Möller
f3e67ac1bc
fix previous modification -- if ssl->cert is NULL, don't follow the pointer.
1999-08-02 20:09:23 +00:00
Bodo Möller
a63a3f58fd
The SSL_CTX's cert structure is not relevant for the SSL
...
(because now SSL_new makes a copy).
1999-08-02 18:40:36 +00:00
Bodo Möller
a40f6dce87
correct error signalling for opendir() failure
1999-07-30 10:43:34 +00:00
Ulf Möller
8c197cc55e
VMS updates.
...
Submitted by: Richard Levitte <levitte@stacken.kth.se>
1999-07-28 23:25:59 +00:00
Bodo Möller
74678cc2f8
Additional user data argument to pem_password_cb function type
...
and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>
1999-07-21 20:57:16 +00:00
Bodo Möller
7eea36bb48
cosmetic changes
1999-07-12 18:50:34 +00:00
Bodo Möller
5059658219
fix memory leak in s3_clnt.c
1999-07-12 17:15:42 +00:00
Bodo Möller
6b521df33c
Looks like another memory leak ...
1999-07-12 15:20:08 +00:00
Bodo Möller
777ab7e611
Fix memory checking.
1999-07-09 16:27:30 +00:00
Bodo Möller
11b1adadbd
typo
1999-07-02 17:52:21 +00:00
Bodo Möller
1afd8b3942
typo
1999-07-02 14:23:33 +00:00
Bodo Möller
e105643595
New functions SSL[_CTX]_{set,get}_mode; the initial set of mode flags is
...
SSL_MODE_ENABLE_PARTIAL_WRITE, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
1999-07-02 13:55:32 +00:00
Bodo Möller
a14d1a03ec
Fix comments.
...
Submitted by: Anonymous
1999-06-28 12:14:06 +00:00