Andy Polyakov
25ebd9e3ce
bss_dgram.c,d1_lib.c: make it compile with mingw.
...
Submitted by: Roumen Petrov
(cherry picked from commit 972b0dc350
)
2014-03-06 14:07:16 +01:00
Andy Polyakov
2cc5142fb1
Improve WINCE support.
...
Submitted by: Pierre Delaage
(cherry picked from commit a006fef78e
)
Resolved conflicts:
crypto/bio/bss_dgram.c
ssl/d1_lib.c
util/pl/VC-32.pl
2014-02-01 22:48:56 +01:00
Dr. Stephen Henson
65a87d3cc3
Dual DTLS version methods.
...
Add new methods DTLS_*_method() which support both DTLS 1.0 and DTLS 1.2 and
pick the highest version the peer supports during negotiation.
As with SSL/TLS options can change this behaviour specifically
SSL_OP_NO_DTLSv1 and SSL_OP_NO_DTLSv1_2.
(cherry picked from commit c6913eeb76
)
Conflicts:
CHANGES
2013-09-18 13:46:02 +01:00
Dr. Stephen Henson
b60b9e7afe
Enable TLS 1.2 ciphers in DTLS 1.2.
...
Port TLS 1.2 GCM code to DTLS. Enable use of TLS 1.2 only ciphers when in
DTLS 1.2 mode too.
(cherry picked from commit 4221c0dd30
)
2013-09-18 13:46:02 +01:00
Dr. Stephen Henson
acec5a6244
Provisional DTLS 1.2 support.
...
Add correct flags for DTLS 1.2, update s_server and s_client to handle
DTLS 1.2 methods.
Currently no support for version negotiation: i.e. if client/server selects
DTLS 1.2 it is that or nothing.
(cherry picked from commit c3b344e36a
)
Conflicts:
apps/s_server.c
2013-09-18 13:46:02 +01:00
Dr. Stephen Henson
741c9959f6
DTLS revision.
...
Revise DTLS code. There was a *lot* of code duplication in the
DTLS code that generates records. This makes it harder to maintain and
sometimes a TLS update is omitted by accident from the DTLS code.
Specifically almost all of the record generation functions have code like
this:
some_pointer = buffer + HANDSHAKE_HEADER_LENGTH;
... Record creation stuff ...
set_handshake_header(ssl, SSL_MT_SOMETHING, message_len);
...
write_handshake_message(ssl);
Where the "Record creation stuff" is identical between SSL/TLS and DTLS or
in some cases has very minor differences.
By adding a few fields to SSL3_ENC to include the header length, some flags
and function pointers for handshake header setting and handshake writing the
code can cope with both cases.
(cherry picked from commit 173e72e64c
)
2013-09-18 13:46:02 +01:00
Dr. Stephen Henson
e9a3aa9721
Set s->d1 to NULL after freeing it.
...
(cherry picked from commit 04638f2fc3
)
2013-04-08 18:39:52 +01:00
Dr. Stephen Henson
f897fe4146
correct error code
2012-04-18 15:17:39 +00:00
Dr. Stephen Henson
ce1605b508
PR: 2756
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix DTLS timeout handling.
2012-03-09 15:52:20 +00:00
Dr. Stephen Henson
25bfdca16a
PR: 2755
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reduce MTU after failed transmissions.
2012-03-06 13:47:27 +00:00
Dr. Stephen Henson
bd6941cfaa
PR: 2658
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Support for TLS/DTLS heartbeats.
2011-12-31 23:00:36 +00:00
Dr. Stephen Henson
e065e6cda2
PR: 2535
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Add SCTP support for DTLS (RFC 6083).
2011-12-25 14:45:40 +00:00
Ben Laurie
b1d7429186
Add TLS exporter.
2011-11-15 23:51:22 +00:00
Dr. Stephen Henson
56f5ab43c2
PR: 2602
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS bug which prevents manual MTU setting
2011-09-23 13:35:05 +00:00
Dr. Stephen Henson
6abc406a69
PR: 2543
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Correctly handle errors in DTLSv1_handle_timeout()
2011-06-22 15:30:04 +00:00
Dr. Stephen Henson
4159ac43aa
Oops use up to date patch for PR#2506
2011-05-25 14:30:05 +00:00
Dr. Stephen Henson
88530f6b76
PR: 2506
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fully implement SSL_clear for DTLS.
2011-05-25 12:28:16 +00:00
Dr. Stephen Henson
2ab42de1ec
PR: 2462
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS Retransmission Buffer Bug
2011-04-03 17:14:48 +00:00
Dr. Stephen Henson
e995d5044e
PR: 2223
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fixes for DTLS timeout bug
2010-04-06 12:29:21 +00:00
Dr. Stephen Henson
593222afe1
PR: 2121
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Add extension support to DTLS code mainly using existing implementation for
TLS.
2009-12-08 11:38:18 +00:00
Dr. Stephen Henson
d5b8c46499
PR: 2115
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.
2009-12-01 17:41:42 +00:00
Dr. Stephen Henson
53f062d050
PR: 2033
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS listen support.
2009-09-09 17:05:42 +00:00
Richard Levitte
3798c36686
Include proper header files for time functions.
...
Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>
2009-08-25 07:10:09 +00:00
Dr. Stephen Henson
5a96822f2c
Update default dependency flags.
...
Make error name discrepancies a fatal error.
Fix error codes.
make update
2009-08-12 17:08:44 +00:00
Dr. Stephen Henson
a4bade7aac
PR: 1997
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timeout handling fix.
2009-08-12 13:21:26 +00:00
Dr. Stephen Henson
e1f09dfd84
PR: 1921
...
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Reviewed by: steve@openssl.org
Add ECDHE and PSK support to DTLS.
2009-05-31 17:11:24 +00:00
Dr. Stephen Henson
661d35dfb2
Disable ECDHE in DTLS in a cleaner way.
2009-05-16 11:16:15 +00:00
Dr. Stephen Henson
f99c9daa39
Make the stuff compile again, fix missing prototype warnings.
2009-05-16 11:14:55 +00:00
Dr. Stephen Henson
d6584eba8c
PR: 1922
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS Timer bug fix.
2009-05-15 22:58:13 +00:00
Dr. Stephen Henson
b452f43322
PR: 1751
...
Submitted by: David Woodhouse <dwmw2@infradead.org>
Approved by: steve@openssl.org
Compatibility patches for Cisco VPN client DTLS.
2009-04-19 18:03:13 +00:00
Dr. Stephen Henson
3c0ce01cea
PR: 1827
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Updated patch for PR #1827
2009-04-14 14:20:57 +00:00
Ben Laurie
babb379849
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
Andy Polyakov
5d58f1bbfe
Prohibit RC4 in DTLS.
2007-10-05 21:04:56 +00:00
Dr. Stephen Henson
42182852f5
Constify version strings is ssl lib.
2007-01-21 16:06:05 +00:00
Nils Larsch
01a9792f05
remove unused internal foo_base_method functions
2005-08-08 19:04:37 +00:00
Dr. Stephen Henson
f3b656b246
Initialize SSL_METHOD structures at compile time. This removes the need
...
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
2005-08-05 23:56:11 +00:00
Andy Polyakov
dffdb56b7f
"Liberate" dtls from BN dependency. Fix bug in replay/update.
2005-06-07 22:21:14 +00:00
Richard Levitte
188b05792f
pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't
...
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.
Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
2005-05-30 22:34:37 +00:00
Ben Laurie
36d16f8ee0
Add DTLS support.
2005-04-26 16:02:40 +00:00