Dr. Stephen Henson
76998a71bc
Updates to conform with draft-ietf-tls-renegotiation-03.txt:
...
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
2010-01-06 17:37:09 +00:00
Dr. Stephen Henson
e6f418bcb7
Compression handling on session resume was badly broken: it always
...
used compression algorithms in client hello (a legacy from when
the compression algorithm wasn't serialized with SSL_SESSION).
2009-12-31 14:13:30 +00:00
Dr. Stephen Henson
5e63121758
Include CHANGES entry for external cache
2009-12-31 13:58:57 +00:00
Bodo Möller
7427379e9b
Constify crypto/cast.
2009-12-22 10:58:33 +00:00
Dr. Stephen Henson
ef51b4b9b4
New option to enable/disable connection to unpatched servers
2009-12-16 20:25:59 +00:00
Dr. Stephen Henson
7661ccadf0
Add ctrls to clear options and mode.
...
Change RI ctrl so it doesn't clash.
2009-12-09 13:25:16 +00:00
Dr. Stephen Henson
82e610e2cf
Send no_renegotiation alert as required by spec.
2009-12-08 19:06:26 +00:00
Dr. Stephen Henson
5430200b8b
Add ctrl and macro so we can determine if peer support secure renegotiation.
2009-12-08 13:42:08 +00:00
Dr. Stephen Henson
13f6d57b1e
Add support for magic cipher suite value (MCSV). Make secure renegotiation
...
work in SSLv3: initial handshake has no extensions but includes MCSV, if
server indicates RI support then renegotiation handshakes include RI.
NB: current MCSV value is bogus for testing only, will be updated when we
have an official value.
Change mismatch alerts to handshake_failure as required by spec.
Also have some debugging fprintfs so we can clearly see what is going on
if OPENSSL_RI_DEBUG is set.
2009-12-08 13:14:03 +00:00
Dr. Stephen Henson
637f374ad4
Initial experimental TLSv1.1 support
2009-12-07 13:31:02 +00:00
Dr. Stephen Henson
9d9530255b
Update CHANGES.
2009-12-02 15:28:27 +00:00
Dr. Stephen Henson
d2a53c2238
Experimental CMS password based recipient Info support.
2009-11-26 18:57:39 +00:00
Bodo Möller
480af99ef4
Make CHANGES in CVS head consistent with the CHANGES files in the
...
branches.
This means that http://www.openssl.org/news/changelog.html will
finally describe 0.9.8l.
2009-11-26 18:43:17 +00:00
Dr. Stephen Henson
3d63b3966f
Split PBES2 into cipher and PBKDF2 versions. This tidies the code somewhat
...
and is a pre-requisite to adding password based CMS support.
2009-11-25 22:01:06 +00:00
Dr. Stephen Henson
e0e7997212
First cut of renegotiation extension. (port to HEAD)
2009-11-09 19:03:34 +00:00
Dr. Stephen Henson
befbd0619b
update CHANGES
2009-11-09 17:33:32 +00:00
Dr. Stephen Henson
245d2ee3d0
Add option to allow in-band CRL loading in verify utility. Add function
...
load_crls and tidy up load_certs. Remove useless purpose variable from
verify utility: now done with args_verify.
2009-10-31 13:33:57 +00:00
Dr. Stephen Henson
bb4060c5b5
Move CHANGES entry to 0.9.8l section
2009-10-30 13:29:30 +00:00
Dr. Stephen Henson
661dc1431f
Fix statless session resumption so it can coexist with SNI
2009-10-30 13:22:24 +00:00
Dr. Stephen Henson
18e503f30f
PR: 2064, 728
...
Submitted by: steve@openssl.org
Add support for custom headers in OCSP requests.
2009-09-30 21:40:55 +00:00
Dr. Stephen Henson
b6dcdbfc94
Audit libcrypto for unchecked return values: fix all cases enountered
2009-09-23 23:43:49 +00:00
Dr. Stephen Henson
acf20c7dbd
Add attribute to check if return value of certain functions is incorrectly
...
ignored.
2009-09-23 16:27:10 +00:00
Dr. Stephen Henson
a25f33d28a
Submitted by: Julia Lawall <julia@diku.dk>
...
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
2009-09-13 11:29:29 +00:00
Dr. Stephen Henson
0c28f277d1
Add new option --strict-warnings to Configure script. This is used to add
...
in devteam warnings into other configurations.
2009-09-09 16:31:32 +00:00
Dr. Stephen Henson
1771668096
Tidy up and fix verify callbacks to avoid structure dereference, use of
...
obsolete functions and enhance to handle new conditions such as policy printing.
2009-09-02 12:47:28 +00:00
Dr. Stephen Henson
6727565a84
PR: 2003
...
Make it possible to install OpenSSL in directories with name other
than "lib" for example "lib64". Based on patch from Jeremy Utley.
2009-08-10 14:48:40 +00:00
Dr. Stephen Henson
d9d0f1b52c
Reject leading 0x80 in OID subidentifiers.
2009-08-06 16:32:54 +00:00
Dr. Stephen Henson
0e4bc56347
Document MD2 deprecation.
2009-07-13 11:58:05 +00:00
Dr. Stephen Henson
9de014a7f8
Update from 0.9.8-stable
2009-06-30 22:27:33 +00:00
Dr. Stephen Henson
d2f6d28298
Update from 0.9.8-stable.
2009-06-28 16:24:37 +00:00
Dr. Stephen Henson
f3be6c7b7d
Update from 1.0.0-stable.
2009-06-26 11:29:26 +00:00
Dr. Stephen Henson
e30dd20c0e
Update from 1.0.0-stable
2009-06-25 11:29:30 +00:00
Dr. Stephen Henson
c05353c50a
Rename asc2uni and uni2asc functions to avoid clashes.
2009-06-17 12:04:56 +00:00
Dr. Stephen Henson
31db43df08
Update from 0.9.8-stable.
2009-06-15 15:01:00 +00:00
Dr. Stephen Henson
d741ccadb5
Oops, update CHANGES entry.
2009-05-31 17:13:55 +00:00
Dr. Stephen Henson
d0b72cf45b
Add CHANGES entries from 0.9.8-stable.
2009-05-18 17:37:33 +00:00
Dr. Stephen Henson
5f8f94a661
Update from 1.0.0-stable.
2009-04-28 22:10:54 +00:00
Dr. Stephen Henson
e5fa864f62
Updates from 1.0.0-stable.
2009-04-15 15:27:03 +00:00
Dr. Stephen Henson
22c98d4aad
Update from 1.0.0-stable
2009-04-08 16:16:35 +00:00
Dr. Stephen Henson
cc7399e79c
Changes from 1.0.0-stable.
2009-04-07 16:33:26 +00:00
Dr. Stephen Henson
14023fe352
Merge from 1.0.0-stable branch.
2009-04-03 11:45:19 +00:00
Dr. Stephen Henson
aaf35f11d7
Allow use of algorithm and cipher names for dgsts and enc utilities instead
...
of having to manually include each one.
2009-03-30 11:31:50 +00:00
Dr. Stephen Henson
77ea8c3002
Fix typo in CHANGES.
2009-03-25 22:21:12 +00:00
Dr. Stephen Henson
ddcfc25a6d
Update from stable branch.
2009-03-25 19:02:22 +00:00
Dr. Stephen Henson
4d7b7c62c3
Update CHANGES.
2009-03-25 12:57:50 +00:00
Dr. Stephen Henson
73ba116e96
Update from stable branch.
2009-03-25 12:54:14 +00:00
Dr. Stephen Henson
80b2ff978d
Update from stable branch.
2009-03-25 12:53:50 +00:00
Dr. Stephen Henson
7ce8c95d58
Update from stable branch.
2009-03-25 12:53:26 +00:00
Dr. Stephen Henson
b6af2c7e3e
Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
...
Reviewed by: steve@openssl.org
Update ccgost engine to support parameter files.
2009-03-17 15:38:34 +00:00
Dr. Stephen Henson
237d7b6cae
Fix from stable branch.
2009-03-15 13:37:34 +00:00