wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6822 commits 20 branches 302 tags 153 MiB
Commit graph

684 commits

Author SHA1 Message Date
Andy Polyakov
44eff497e8 Fix typo in ssl/d1_pkt.c. 2005-06-20 19:36:34 +00:00
Andy Polyakov
50ec3951dc Handle wrap-arounds and revive missing assignment. 2005-06-20 12:40:37 +00:00
Richard Levitte
fbd63d0784 Do not undefine _XOPEN_SOURCE. This is currently experimental, and 
will be firmed up as soon as it's been verified not to break anything.
 2005-06-16 22:20:55 +00:00
Nils Larsch
f0747cd950 - let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an 
error if the cipher list is empty
- fix last commit in ssl_create_cipher_list
- clean up ssl_create_cipher_list
 2005-06-10 19:55:26 +00:00
Nils Larsch
052ec89927 use "=" instead of "|=", fix typo 2005-06-08 22:22:33 +00:00
Nils Larsch
cbed917fee ssl_create_cipher_list should return an error if no cipher could be 
collected (see SSL_CTX_set_cipher_list manpage). Fix handling of
"cipher1+cipher2" expressions in ssl_cipher_process_rulestr.

PR: 836 + 1005
 2005-06-08 21:19:14 +00:00
Andy Polyakov
dffdb56b7f "Liberate" dtls from BN dependency. Fix bug in replay/update. 2005-06-07 22:21:14 +00:00
Richard Levitte
d1acb9b44f Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER 
and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true),
depending on which is true.  Use those flags everywhere else to provide
the correct implementation for handling certain operations in q PQ_64BIT.
 2005-06-06 00:32:11 +00:00
Richard Levitte
02c5ddf91e From 0.9.8-stable: 
handshake_write_seq is an unsigned short, so treat it like one
 2005-06-04 04:18:26 +00:00
Nils Larsch
1d42741a19 clear error queue on success and return NULL if no cert could be read 
PR: 1088
 2005-06-01 08:38:44 +00:00
Richard Levitte
75c00536ba Synchronise more with the Unix build. 2005-05-31 20:28:41 +00:00
Richard Levitte
188b05792f pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't 
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.

Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
 2005-05-30 22:34:37 +00:00
Richard Levitte
80b168a5a9 We have some source with \r\n as line ends. DEC C informs about that, 
and I really can't be bothered...
 2005-05-29 12:13:51 +00:00
Richard Levitte
fe8bf9560d When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in 
http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html.

Notified by David Wolfe <dwolfe5272@yahoo.com>
 2005-05-21 17:39:43 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and 
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
 2005-05-16 16:55:47 +00:00
Nils Larsch
9dd8405341 ecc api cleanup; summary: 
- hide the EC_KEY structure definition in ec_lcl.c + add
  some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
  attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
  additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
 2005-05-16 10:11:04 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
f795123c4a Fix from stable branch. 2005-05-12 22:39:42 +00:00
Bodo Möller
3f19bbf4e3 fix msg_callback() arguments for SSL 2.0 compatible client hello 
(previous revision got this wrong)
 2005-05-12 06:24:25 +00:00
Bodo Möller
c6c2e3135d Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled 
with the SSL_OP_NO_SSLv2 option.
 2005-05-11 18:25:49 +00:00
Nils Larsch
35e8510e60 use 'p' as conversion specifier for printf to avoid truncation of 
pointers on 64 bit platforms. Patch supplied by Daniel Gryniewicz
via Mike Frysinger <vapier@gentoo.org>.

PR: 1064
 2005-05-10 11:55:28 +00:00
Nils Larsch
8b15c74018 give EC_GROUP_new_by_nid a more meanigful name: 
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
 2005-05-10 11:37:47 +00:00
Bodo Möller
fbeaa3c47d Update util/ck_errf.pl script, and have it run automatically 
during "make errors" and thus during "make update".

Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.
 2005-05-09 00:27:37 +00:00
Nils Larsch
7dc17a6cf0 give EC_GROUP_*_nid functions a more meaningful name 
EC_GROUP_get_nid -> EC_GROUP_get_curve_name
	EC_GROUP_set_nid -> EC_GROUP_set_curve_name
 2005-05-08 22:09:12 +00:00
Nils Larsch
9e5790ce21 backport fix from the stable branch 2005-05-03 10:00:16 +00:00
Nils Larsch
7c7667b86b check return value of RAND_pseudo_bytes; backport from the stable branch 2005-04-29 20:10:06 +00:00
Dr. Stephen Henson
6c61726b2a Lots of Win32 fixes for DTLS. 
1. "unsigned long long" isn't portable changed: to BN_ULLONG.
2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
2. Avoid lots of compiler warnings about signed/unsigned mismatches.
3. Include new library directory pqueue in mk1mf build system.
4. Update symbols.
 2005-04-27 16:27:14 +00:00
Bodo Möller
aa4ce7315f Fix various incorrect error function codes. 
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
 2005-04-26 18:53:22 +00:00
Bodo Möller
480506bd49 remove some functions from exported headers 2005-04-26 18:18:35 +00:00
Bodo Möller
0d5ea7613e make update 2005-04-26 18:09:21 +00:00
Bodo Möller
beb056b303 fix SSLerr stuff for DTLS1 code; 
move some functions from exported header <openssl/dtl1.h> into "ssl_locl.h";
fix silly indentation (a TAB is *not* always 4 spaces)
 2005-04-26 18:08:00 +00:00
Dr. Stephen Henson
4e321ffaff Fixes for signed/unsigned warnings and shadows. 2005-04-26 17:43:53 +00:00
Ben Laurie
36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00
Nils Larsch
965a1cb92e change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible 2005-04-23 10:11:16 +00:00
Dr. Stephen Henson
384dba6edb Make kerberos ciphersuite code compile again. 
Avoid more shadow warnings.
 2005-04-20 21:48:48 +00:00
Andy Polyakov
3ed449e94a More cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more... 2005-04-13 21:46:30 +00:00
Dr. Stephen Henson
29dc350813 Rebuild error codes. 2005-04-12 16:15:22 +00:00
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Dr. Stephen Henson
0858b71b41 Make kerberos ciphersuite code work with newer header files 2005-04-09 23:55:55 +00:00
Richard Levitte
d9bfe4f97c Added restrictions on the use of proxy certificates, as they may pose 
a security threat on unexpecting applications.  Document and test.
 2005-04-09 16:07:12 +00:00
Nils Larsch
dc0ed30cfe add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file() 
and SSL_use_PrivateKey_file()

PR: 1035
Submitted by: Walter Goulet
Reviewed by:  Nils Larsch
 2005-04-08 22:52:42 +00:00
Nils Larsch
6049399baf get rid of very buggy and very imcomplete DH cert support 
Reviewed by: Bodo Moeller
 2005-04-07 23:19:17 +00:00
Nils Larsch
48c832b6b7 really clear the error queue here 
PR: 860
 2005-04-01 17:50:09 +00:00
Nils Larsch
f3e427f6f9 use SSL3_VERSION_MAJOR instead of SSL3_VERSION etc. 
PR: 658
 2005-04-01 17:35:32 +00:00
Ben Laurie
41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Ben Laurie
0821bcd4de Constification. 2005-03-30 10:26:02 +00:00
Dr. Stephen Henson
59b6836ab2 Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server and 
client random values.
 2005-03-22 14:11:06 +00:00
Nils Larsch
f4bfd357e5 some const fixes 2005-03-20 22:56:07 +00:00
Richard Levitte
a963395a7b Apparently, at least with my VMS C environment, defining _XOPEN_SOURCE 
gets _POSIX_C_SOURC and _ANSI_C_SOURCE defined, which stops u_int from
being defined, and that breaks havock into the rest of the standard
headers...  *sigh*
 2005-01-19 17:03:07 +00:00