Commit graph

11926 commits

Author SHA1 Message Date
Dr. Stephen Henson
717cc85895 Fix demo comment: 0.9.9 never released. 2014-01-28 15:15:26 +00:00
Dr. Stephen Henson
e933f91f50 Add loaded dynamic ENGINEs to list.
Always add a dynamically loaded ENGINE to list. Otherwise it can cause
problems when multiply loaded, especially if it adds new public key methods.
For all current engines we only want a single implementation anyway.
2014-01-28 13:51:58 +00:00
Dr. Stephen Henson
cbb6744827 New function to set compression methods so they can be safely freed. 2014-01-27 14:30:29 +00:00
Dr. Stephen Henson
ec492c8a5a Compare encodings in X509_cmp as well as hash. 2014-01-26 16:29:50 +00:00
Dr. Stephen Henson
3323314fc1 Add cert callback retry test. 2014-01-26 16:29:50 +00:00
Dr. Stephen Henson
46ab9bbd7f Certificate callback doc. 2014-01-26 16:29:43 +00:00
Dr. Stephen Henson
0ebc965b9c Support retries in certificate callback 2014-01-26 02:44:34 +00:00
Dr. Stephen Henson
ba168244a1 Add new function SSL_CTX_get_ssl_method().
Partial fix for PR#3183.
2014-01-16 14:07:46 +00:00
Kaspar Brand
d0b039d4a3 Omit initial status request callback check.
PR#3178
2014-01-16 13:46:31 +00:00
Dr. Stephen Henson
9f10e9293b typo 2014-01-12 14:13:48 +00:00
Dr. Stephen Henson
ef643cc7bd Use rdrand as additional entropy source.
If available rdrand is used as an additional entropy source for the
PRNG and for additional input in FIPS mode.
2014-01-11 14:19:25 +00:00
Jeff Trawick
4b64e0cbdb typo 2014-01-10 23:01:30 +00:00
Jeff Trawick
5edce5685f typo 2014-01-10 23:00:50 +00:00
Dr. Stephen Henson
8f4077ca69 Fix bug in X509_V_FLAG_IGNORE_CRITICAL CRL handling. 2014-01-09 22:52:49 +00:00
Daniel Kahn Gillmor
0ecfd920e5 update remaining documentation to move from EDH to DHE
change documentation and comments to indicate that we prefer the
standard "DHE" naming scheme everywhere over the older "EDH"
2014-01-09 15:43:28 +00:00
Daniel Kahn Gillmor
4b5cce664c Replace EDH-RSA-DES-CBC-SHA, etc. with DHE-RSA-DES-CBC-SHA
Replace the full ciphersuites with "EDH-" in their labels with "DHE-"
so that all DHE ciphersuites are referred to in the same way.

Leave backward-compatible aliases for the ciphersuites in question so
that configurations which specify these explicitly will continue
working.
2014-01-09 15:43:28 +00:00
Daniel Kahn Gillmor
889f39c70f change SSL3_CK_EDH_* to SSL_CK_DHE_* (with backward-compatibility)
This change normalizes the SSL_CK_DHE_ #defines to use the common term
"DHE", while permitting older code that uses the more uncommon "EDH"
constants to compile properly.
2014-01-09 15:43:28 +00:00
Daniel Kahn Gillmor
0b30fc903f documentation should use "DHE" instead of "EDH" 2014-01-09 15:43:28 +00:00
Daniel Kahn Gillmor
5a21cadbeb use SSL_kDHE throughout instead of SSL_kEDH
DHE is the standard term used by the RFCs and by other TLS
implementations.  It's useful to have the internal variables use the
standard terminology.

This patch leaves a synonym SSL_kEDH in place, though, so that older
code can still be built against it, since that has been the
traditional API.  SSL_kEDH should probably be deprecated at some
point, though.
2014-01-09 15:43:28 +00:00
Daniel Kahn Gillmor
75cb3771b4 emit "DHE" instead of "edh" for kX packet trace output
other parts of packet tracing emit the standard "DHE" label instead of
"edh".  This change brings the output of ssl_print_client_keyex() and
ssl_print_server_keyex() into accordance with the standard term.
2014-01-09 15:43:27 +00:00
Daniel Kahn Gillmor
7988163c3b Allow "DHE" and "kDHE" as synonyms of "EDH" and "kEDH" when specifiying ciphers
The standard terminology in https://tools.ietf.org/html/rfc5426 is
"DHE".  "openssl ciphers" outputs "DHE" (for the most part).  But
users of the library currently cannot specify "DHE", they must
currently specify "EDH".

This change allows users to specify the common term in cipher suite
strings without breaking backward compatibility.
2014-01-09 15:43:27 +00:00
Daniel Kahn Gillmor
4082fea81c use SSL_kECDHE throughout instead of SSL_kEECDH
ECDHE is the standard term used by the RFCs and by other TLS
implementations.  It's useful to have the internal variables use the
standard terminology.

This patch leaves a synonym SSL_kEECDH in place, though, so that older
code can still be built against it, since that has been the
traditional API.  SSL_kEECDH should probably be deprecated at some
point, though.
2014-01-09 15:43:27 +00:00
Daniel Kahn Gillmor
0be085d34a emit "ECDHE" instead of "EECDH" for kX packet trace output
other parts of packet tracing emit the standard "ECDHE" label instead
of "EECDH".  This change brings the output of ssl_print_client_keyex()
and ssl_print_server_keyex() into accordance with the standard term.
2014-01-09 15:43:27 +00:00
Daniel Kahn Gillmor
7963ddeb44 Allow "ECDHE" as a synonym of "EECDH" when specifiying ciphers
The standard terminology in https://tools.ietf.org/html/rfc4492 is
ECDHE.  "openssl ciphers" outputs ECDHE.  But users of the library
currently cannot specify ECDHE, they must specify EECDH.

This change allows users to specify the common term in cipher suite
strings without breaking backward compatibility.
2014-01-09 15:43:27 +00:00
Andy Polyakov
eedab5241e bn/asm/x86_64-mont5.pl: fix compilation error on Solaris. 2014-01-09 13:44:59 +01:00
Dr. Stephen Henson
e02614417d update FAQ 2014-01-08 14:16:24 +00:00
Andy Polyakov
5dc52b919b PPC assembly pack: relax 64-bit requirement for little-endian support. 2014-01-07 22:44:21 +01:00
Andy Polyakov
1fb83a3bc2 aes/asm/vpaes-ppc.pl: add little-endian support. 2014-01-07 16:48:04 +01:00
Dr. Stephen Henson
f0170ebb97 update NEWS 2014-01-07 15:44:35 +00:00
Dr. Stephen Henson
8d65fdb62e Add fix for CVE-2013-4353
(cherry picked from commit 6b42ed4e7104898f4b5b69337589719913b36404)
2014-01-07 15:39:21 +00:00
Dr. Stephen Henson
9bd1e2b54a Sync NEWS. 2014-01-06 21:55:15 +00:00
Andy Polyakov
ad0d2579cf sha/asm/sha256-armv4.pl: add NEON code path.
(and shave off cycle even from integer-only code)
2014-01-04 18:04:53 +01:00
Andy Polyakov
25f7117f0e aesni-sha1-x86_64.pl: refine Atom-specific optimization.
(and update performance data, and fix typo)
2014-01-04 17:13:57 +01:00
Dr. Stephen Henson
5b7f36e857 Add ServerInfoFile to SSL_CONF, update docs. 2014-01-03 23:14:23 +00:00
Dr. Stephen Henson
a4339ea3ba Use algorithm specific chains for certificates.
Fix a limitation in SSL_CTX_use_certificate_chain_file(): use algorithm
specific chains instead of the shared chain.

Update docs.
2014-01-03 22:39:49 +00:00
Andy Polyakov
e8b0dd57c0 ssl/t1_enc.c: optimize PRF (suggested by Intel). 2014-01-03 21:52:49 +01:00
Andy Polyakov
2f3af3dc36 aesni-sha1-x86_64.pl: add stiched decrypt procedure,
but keep it disabled, too little gain... Add some Atom-specific
optimization.
2014-01-03 21:40:08 +01:00
Dr. Stephen Henson
b77b58a398 Don't change version number if session established
When sending an invalid version number alert don't change the
version number to the client version if a session is already
established.

Thanks to Marek Majkowski for additional analysis of this issue.

PR#3191
2014-01-02 15:05:44 +00:00
Dr. Stephen Henson
f6dfbeed3c Update curve list size.
(cherry picked from commit cfa86987a8d9d2b8cc5e5fea2d3260c46542cdb9)
2013-12-29 16:30:35 +00:00
Andy Polyakov
926725b3d7 sparcv9cap.c: omit random detection.
PR: 3202
2013-12-28 13:31:14 +01:00
Andy Polyakov
e796666d34 FAQ: why SIGILL? 2013-12-28 13:20:14 +01:00
Andy Polyakov
2218c296b4 ARM assembly pack: make it work with older toolchain. 2013-12-28 12:17:08 +01:00
Dr. Stephen Henson
cd30f03ac5 Canonicalise input in CMS_verify.
If content is detached and not binary mode translate the input to
CRLF format. Before this change the input was verified verbatim
which lead to a discrepancy between sign and verify.
2013-12-22 00:35:29 +00:00
Dr. Stephen Henson
20b82b514d Fix DTLS retransmission from previous session.
For DTLS we might need to retransmit messages from the previous session
so keep a copy of write context in DTLS retransmission buffers instead
of replacing it after sending CCS. CVE-2013-6450.
(cherry picked from commit 34628967f1)
2013-12-20 23:46:16 +00:00
Dr. Stephen Henson
560b34f2b0 Ignore NULL parameter in EVP_MD_CTX_destroy.
(cherry picked from commit a6c62f0c25)
2013-12-20 23:32:25 +00:00
Andy Polyakov
fc0503a25c sha1-x86_64.pl: harmonize Win64 SE handlers for SIMD code pathes.
(and ensure stack alignment in the process)
2013-12-18 22:12:08 +01:00
Andy Polyakov
e9c80e04c1 evp/e_[aes|camellia].c: fix typo in CBC subroutine.
It worked because it was never called.
2013-12-18 21:42:46 +01:00
Andy Polyakov
f0f4b8f126 PPC assembly pack update addendum. 2013-12-18 21:39:15 +01:00
Andy Polyakov
cdd1acd788 sha512.c: fullfull implicit API contract in SHA512_Transform.
SHA512_Transform was initially added rather as tribute to tradition
than for practucal reasons. But use was recently found in ssl/s3_cbc.c
and it turned to be problematic on platforms that don't tolerate
misasligned references to memory and lack assembly subroutine.
2013-12-18 21:27:35 +01:00
Andy Polyakov
128e1d101b PPC assembly pack: improve AIX support (enable vpaes-ppc). 2013-12-18 21:19:08 +01:00