openssl

Author	SHA1	Message	Date
Dr. Stephen Henson	5e2187f7ee	PR: 2778(part) Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com> Time is always encoded as 4 bytes, not sizeof(Time).	2012-03-31 18:02:53 +00:00
Dr. Stephen Henson	78c5d2a9bb	use client version when deciding whether to send supported signature algorithms extension	2012-03-21 21:32:57 +00:00
Andy Polyakov	9cc42cb091	ssl/t1_enc.c: pay attention to EVP_CIPH_FLAG_CUSTOM_CIPHER [from HEAD].	2012-03-13 19:21:15 +00:00
Dr. Stephen Henson	267c950c5f	Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Add more extension names in s_cb.c extension printing code.	2012-03-09 18:37:41 +00:00
Dr. Stephen Henson	ce1605b508	PR: 2756 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix DTLS timeout handling.	2012-03-09 15:52:20 +00:00
Dr. Stephen Henson	25bfdca16a	PR: 2755 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions.	2012-03-06 13:47:27 +00:00
Dr. Stephen Henson	9c284f9651	PR: 2748 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix possible DTLS timer deadlock.	2012-03-06 13:24:16 +00:00
Dr. Stephen Henson	a54ce007e6	PR: 2739 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix padding bugs in Heartbeat support.	2012-02-27 16:38:10 +00:00
Dr. Stephen Henson	f1fa05b407	ABI compliance fixes. Move new structure fields to end of structures. Import library codes from 1.0.0 and recreate new ones.	2012-02-22 14:01:44 +00:00
Dr. Stephen Henson	b935714237	typo	2012-02-17 17:31:32 +00:00
Dr. Stephen Henson	a8314df902	Fix bug in CVE-2011-4619: check we have really received a client hello before rejecting multiple SGC restarts.	2012-02-16 15:25:39 +00:00
Dr. Stephen Henson	d40abf1689	Submitted by: Eric Rescorla <ekr@rtfm.com> Further fixes for use_srtp extension.	2012-02-11 22:53:48 +00:00
Dr. Stephen Henson	c489ea7d01	PR: 2704 Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Fix srp extension.	2012-02-10 20:08:49 +00:00
Dr. Stephen Henson	943cc09d8a	Submitted by: Eric Rescorla <ekr@rtfm.com> Fix encoding of use_srtp extension to be compliant with RFC5764	2012-02-10 00:03:37 +00:00
Dr. Stephen Henson	fc6800d19f	Modify client hello version when renegotiating to enhance interop with some servers.	2012-02-09 15:41:44 +00:00
Dr. Stephen Henson	adcea5a043	return error if md is NULL	2012-01-22 13:12:50 +00:00
Dr. Stephen Henson	2dc4b0dbe8	Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and preparing a fix. (CVE-2012-0050)	2012-01-18 18:14:56 +00:00
Andy Polyakov	c8e0b5d7b6	1.0.1-specific OPNESSL vs. OPENSSL typo. PR: 2613 Submitted by: Leena Heino	2012-01-15 13:42:50 +00:00
Dr. Stephen Henson	285d9189c7	PR: 2652 Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se> OpenVMS fixes.	2012-01-05 14:30:08 +00:00
Bodo Möller	409d2a1b71	Fix for builds without DTLS support. Submitted by: Brian Carlstrom	2012-01-05 10:22:39 +00:00
Dr. Stephen Henson	e0b9678d7f	PR: 2671 Submitted by: steve Update maximum message size for certifiate verify messages to support 4096 bit RSA keys again as TLS v1.2 messages is two bytes longer.	2012-01-05 00:28:29 +00:00
Dr. Stephen Henson	166dea6ac8	Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Send fatal alert if heartbeat extension has an illegal value.	2012-01-05 00:23:31 +00:00
Dr. Stephen Henson	0044739ae5	Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de> Reviewed by: steve Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and Kenny Paterson.	2012-01-04 23:52:05 +00:00
Dr. Stephen Henson	4e44bd3650	Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)	2012-01-04 23:13:29 +00:00
Dr. Stephen Henson	aaa3850ccd	Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)	2012-01-04 23:07:54 +00:00
Dr. Stephen Henson	1cb4d65b87	Submitted by: Adam Langley <agl@chromium.org> Reviewed by: steve Fix memory leaks.	2012-01-04 14:25:28 +00:00
Dr. Stephen Henson	7b2dd292bc	only send heartbeat extension from server if client sent one	2012-01-03 22:03:07 +00:00
Dr. Stephen Henson	d9834ff24b	make update	2012-01-02 16:41:11 +00:00
Dr. Stephen Henson	bd6941cfaa	PR: 2658 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Support for TLS/DTLS heartbeats.	2011-12-31 23:00:36 +00:00
Dr. Stephen Henson	5c05f69450	make update	2011-12-27 14:38:27 +00:00
Dr. Stephen Henson	b300fb7734	PR: 1794 Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Reviewed by: steve - remove some unncessary SSL_err and permit an srp user callback to allow a worker to obtain a user verifier. - cleanup and comments in s_server and demonstration for asynchronous srp user lookup	2011-12-27 14:23:22 +00:00
Dr. Stephen Henson	f89af47438	PR: 2326 Submitted by: Tianjie Mao <tjmao@tjmao.net> Reviewed by: steve Fix incorrect comma expressions and goto f_err as alert has been set.	2011-12-26 19:38:09 +00:00
Dr. Stephen Henson	e065e6cda2	PR: 2535 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Add SCTP support for DTLS (RFC 6083).	2011-12-25 14:45:40 +00:00
Dr. Stephen Henson	60553cc209	typo	2011-12-23 15:03:16 +00:00
Dr. Stephen Henson	2d4c9ab518	delete unimplemented function from header file, update ordinals	2011-12-23 14:10:35 +00:00
Dr. Stephen Henson	242f8d644c	remove prototype for deleted SRP function	2011-12-22 16:01:23 +00:00
Dr. Stephen Henson	f5575cd167	New ctrl values to clear or retrieve extra chain certs from an SSL_CTX. New function to retrieve compression method from SSL_SESSION structure. Delete SSL_SESSION_get_id_len and SSL_SESSION_get0_id functions as they duplicate functionality of SSL_SESSION_get_id. Note: these functions have never appeared in any release version of OpenSSL.	2011-12-22 15:01:16 +00:00
Ben Laurie	dd0ddc3e78	Fix DTLS.	2011-12-20 15:05:03 +00:00
Dr. Stephen Henson	b8a22c40e0	PR: 1794 Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Reviewed by: steve Remove unnecessary code for srp and to add some comments to s_client. - the callback to provide a user during client connect is no longer necessary since rfc 5054 a connection attempt with an srp cipher and no user is terminated when the cipher is acceptable - comments to indicate in s_client the (non-)usefulness of th primalaty tests for non known group parameters.	2011-12-14 22:18:03 +00:00
Ben Laurie	96fe35e7d4	Remove redundant TLS exporter.	2011-12-13 14:35:12 +00:00
Ben Laurie	e87afb1518	SSL export fixes (from Adam Langley).	2011-12-13 14:25:11 +00:00
Dr. Stephen Henson	7454cba4fa	fix error discrepancy	2011-12-07 12:28:50 +00:00
Ben Laurie	a0cf79e841	Fix exporter.	2011-12-02 16:49:32 +00:00
Ben Laurie	825e1a7c56	Fix warnings.	2011-12-02 14:39:41 +00:00
Bodo Möller	9f2b453338	Resolve a stack set-up race condition (if the list of compression methods isn't presorted, it will be sorted on first read). Submitted by: Adam Langley	2011-12-02 12:51:41 +00:00
Dr. Stephen Henson	2c7d978c2d	PR: 1794 Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Reviewed by: steve Make SRP conformant to rfc 5054. Changes are: - removal of the addition state after client hello - removal of all pre-rfc srp alert ids - sending a fatal alert when there is no srp extension but when the server wants SRP - removal of unnecessary code in the client.	2011-11-25 00:18:10 +00:00
Ben Laurie	8cd897a42c	Don't send NPN during renegotiation.	2011-11-24 18:22:06 +00:00
Ben Laurie	1dc44d3130	Indent.	2011-11-24 16:51:15 +00:00
Dr. Stephen Henson	d7125d8d85	move internal functions to ssl_locl.h	2011-11-21 22:52:01 +00:00
Dr. Stephen Henson	43716567f5	bcmp doesn't exist on all platforms, replace with memcmp	2011-11-21 22:29:16 +00:00

1 2 3 4 5 ...

1240 commits