Commit graph

58 commits

Author SHA1 Message Date
Dr. Stephen Henson
e5fa864f62 Updates from 1.0.0-stable. 2009-04-15 15:27:03 +00:00
Dr. Stephen Henson
d6e460d44c Update from 1.0.0-stable 2009-03-31 22:05:04 +00:00
Dr. Stephen Henson
12bf56c017 PR: 1574
Submitted by: Jouni Malinen <j@w1.fi>
Approved by: steve@openssl.org

Ticket override support for EAP-FAST.
2008-11-15 17:18:12 +00:00
Dr. Stephen Henson
9ab89286a2 Sync ordinals with stable branch. 2008-06-05 11:10:49 +00:00
Dr. Stephen Henson
09a6e19431 Update ordinals. 2008-06-04 11:52:36 +00:00
Dr. Stephen Henson
81025661a9 Update ssl code to support digests other than MD5+SHA1 in handshake.
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
2007-08-31 12:42:53 +00:00
Dr. Stephen Henson
525de5d335 OPENSSL_NO_TLS1 WIN32 build support. Fix so normal build works again. 2007-08-12 23:59:05 +00:00
Dr. Stephen Henson
0d7dba92c8 WIN32 VC++ build fixes. 2007-07-18 17:40:49 +00:00
Dr. Stephen Henson
a6e700e665 Import ordinals from 0.9.8 and update. 2006-11-30 13:47:22 +00:00
Dr. Stephen Henson
c20276e4ae Fix (most) WIN32 warnings and errors. 2006-04-17 12:08:22 +00:00
Nils Larsch
561d93aa00 make update 2006-03-10 23:08:31 +00:00
Ulf Möller
3b408d83fe make update 2006-02-12 23:21:56 +00:00
Bodo Möller
ee2262b8d7 rebuild (starting with state from 0.9.7-stable branch) to avoid clutter 2005-05-09 00:22:02 +00:00
Bodo Möller
0d5ea7613e make update 2005-04-26 18:09:21 +00:00
Richard Levitte
5545607c4f make update
(incidently, this also tells VMS that there exists a new symbol in the
SSL library)
2004-07-12 11:25:48 +00:00
Richard Levitte
f2bfbcef76 make update 2004-05-25 09:41:00 +00:00
Richard Levitte
0020502a07 SSL_COMP_get_compression_method is a typo (a missing 's' at the end of
the symbol name).
2004-03-25 21:32:30 +00:00
Geoff Thorpe
66b82f5aad make update 2003-10-28 22:10:47 +00:00
Richard Levitte
4d1c443123 make update 2003-10-06 12:22:42 +00:00
Richard Levitte
8242354952 Make sure int SSL_COMP_add_compression_method() checks if a certain
compression identity is already present among the registered
compression methods, and if so, reject the addition request.

Declare SSL_COMP_get_compression_method() so it can be used properly.

Change ssltest.c so it checks what compression methods are available
and enumerates them.  As a side-effect, built-in compression methods
will be automagically loaded that way.  Additionally, change the
identities for ZLIB and RLE to be conformant to
draft-ietf-tls-compression-05.txt.

Finally, make update.

Next on my list: have the built-in compression methods added
"automatically" instead of requiring that the author call
SSL_COMP_add_compression_method() or
SSL_COMP_get_compression_methods().
2003-10-06 11:00:15 +00:00
Dr. Stephen Henson
ce06265a37 make update 2003-03-20 14:21:36 +00:00
Bodo Möller
0e9035ac98 SSL_add_dir_cert_subjects_to_stack now exists for WIN32 2003-02-05 16:40:29 +00:00
Bodo Möller
74cc4903ef make update 2002-08-09 12:16:15 +00:00
Richard Levitte
025c7737b2 make update 2001-10-24 15:32:14 +00:00
Bodo Möller
6b0e9facf4 New function SSL_renegotiate_pending().
New option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION.
2001-09-20 22:54:09 +00:00
Bodo Möller
b6d0054a52 Get rid of junk (deleted/renamed function) by rebuilding
based on 0.9.6 tree.
2001-09-14 09:31:07 +00:00
Richard Levitte
99ecb90a99 make update 2001-07-31 06:40:10 +00:00
Richard Levitte
b01ab14338 make update
Note that since some private kssl functions were exported, the
simplest way to rebuild the number table was to toss everything that
was new since OpenSSL 0.9.6b.  This is safe, since those functions
have not yet been exported in an OpenSSL release.  Beware, people who
trust intermediary snapshots!
2001-07-11 21:15:03 +00:00
Richard Levitte
567671e291 make update 2001-07-10 21:00:37 +00:00
Richard Levitte
c454dbcd32 Sort platforms lexicographically as well. Also, support more than two
variants of a symbol.
2001-03-02 12:14:54 +00:00
Richard Levitte
62dc5aad06 Introduce the possibility to access global variables through
functions on platform were that's the best way to handle exporting
global variables in shared libraries.  To enable this functionality,
one must configure with "EXPORT_VAR_AS_FN" or defined the C macro
"OPENSSL_EXPORT_VAR_AS_FUNCTION" in crypto/opensslconf.h (the latter
is normally done by Configure or something similar).

To implement a global variable, use the macro OPENSSL_IMPLEMENT_GLOBAL
in the source file (foo.c) like this:

	OPENSSL_IMPLEMENT_GLOBAL(int,foo)=1;
	OPENSSL_IMPLEMENT_GLOBAL(double,bar);

To declare a global variable, use the macros OPENSSL_DECLARE_GLOBAL
and OPENSSL_GLOBAL_REF in the header file (foo.h) like this:

	OPENSSL_DECLARE_GLOBAL(int,foo);
	#define foo OPENSSL_GLOBAL_REF(foo)
	OPENSSL_DECLARE_GLOBAL(double,bar);
	#define bar OPENSSL_GLOBAL_REF(bar)

The #defines are very important, and therefore so is including the
header file everywere where the defined globals are used.

The macro OPENSSL_EXPORT_VAR_AS_FUNCTION also affects the definition
of ASN.1 items, but that structure is a bt different.

The largest change is in util/mkdef.pl which has been enhanced with
better and easier to understand logic to choose which symbols should
go into the Windows .def files as well as a number of fixes and code
cleanup (among others, algorithm keywords are now sorted
lexicographically to avoid constant rewrites).
2001-03-02 10:38:19 +00:00
Richard Levitte
d88a26c489 make update
Note that all *_it variables are suddenly non-existant according to
libeay.num.  This is a bug that will be corrected.  Please be patient.
2001-02-26 10:54:08 +00:00
Richard Levitte
41d2a336ee e_os.h does not belong with the exported headers. Do not put it there
and make all files the depend on it include it without prefixing it
with openssl/.

This means that all Makefiles will have $(TOP) as one of the include
directories.
2001-02-22 14:45:02 +00:00
Geoff Thorpe
dc644fe229 This change allows a callback to be used to override the generation of
SSL/TLS session IDs in a server. According to RFC2246, the session ID is an
arbitrary value chosen by the server. It can be useful to have some control
over this "arbitrary value" so as to choose it in ways that can aid in
things like external session caching and balancing (eg. clustering). The
default session ID generation is to fill the ID with random data.

The callback used by default is built in to ssl_sess.c, but registering a
callback in an SSL_CTX or in a particular SSL overrides this. BTW: SSL
callbacks will override SSL_CTX callbacks, and a new SSL structure inherits
any callback set in its 'parent' SSL_CTX. The header comments describe how
this mechanism ticks, and source code comments describe (hopefully) why it
ticks the way it does.

Man pages are on the way ...

[NB: Lutz was also hacking away and helping me to figure out how best to do
this.]
2001-02-21 18:06:26 +00:00
Richard Levitte
941181ec0f 'make update' 2001-02-21 14:12:50 +00:00
Richard Levitte
701adceb12 "make update" plus a rewrite of both .num files. 2000-12-29 00:19:12 +00:00
Richard Levitte
4d0c6b2936 I started with a make update, but a rewrite was actually needed.
Perhaps we should make rewrites the default thing to do?
2000-09-11 11:45:02 +00:00
Richard Levitte
724f9694a6 *.num rewitten to include the extra information. 2000-09-07 08:44:13 +00:00
Geoff Thorpe
7edd20916a "make update" + stripping the type-specific stack functions out of
libeay.num and ssleay.num.
2000-06-01 06:07:19 +00:00
Richard Levitte
7bd3a58022 make update 2000-02-26 04:48:22 +00:00
Bodo Möller
a7b991bd68 Don't define platform-dependent preprocessor symbols for OPENSSL_THREAD_DEFINES.
"make update".
2000-02-24 18:19:50 +00:00
Bodo Möller
52732b38da Some comments added, and slight code clean-ups. 2000-01-26 22:36:55 +00:00
Ulf Möller
9ea76b951d Submitted by:
Reviewed by:
PR:
2000-01-07 03:30:36 +00:00
Dr. Stephen Henson
bb7cd4e3eb Remainder of SSL purpose and trust code: trust and purpose setting in
SSL_CTX and SSL, functions to set them and defaults if no values set.
1999-11-29 22:35:00 +00:00
Bodo Möller
74678cc2f8 Additional user data argument to pem_password_cb function type
and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>
1999-07-21 20:57:16 +00:00
Dr. Stephen Henson
f598cd13a3 Various changes to stop VC++ choking under Win32. 1999-07-11 17:09:04 +00:00
Bodo Möller
21419a7413 Update. 1999-05-15 12:20:56 +00:00
Dr. Stephen Henson
a5ab0532ca Various Win32 fixes. Win95 doesn't support MoveFileEx() (which was used for a
Win32 version of rename() ). There isn't a precise rename() equivalent under
Win95: the standard rename() complains if the destination already exists so
replaced with a combination of unlink() and MoveFile().
1999-05-08 22:46:51 +00:00
Dr. Stephen Henson
f5fedc0497 Various fixes so Win32 compile may work. Convert GeneralNames to use safe stack. 1999-04-20 01:10:33 +00:00
Ben Laurie
b4cadc6e13 Fix security hole. 1999-03-22 12:22:14 +00:00