Kurt Roeckx
45f55f6a5b
Remove SSLv2 support
...
The only support for SSLv2 left is receiving a SSLv2 compatible client hello.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 11:55:03 +01:00
Dr. Stephen Henson
562fd0d883
Test SRP authentication ciphersuites.
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-08-09 13:21:29 +01:00
Andy Polyakov
77a27a5066
Enable multi-block support by default.
2014-06-11 20:40:51 +02:00
Adam Langley
a898936218
Add tests for ALPN functionality.
...
Conflicts:
ssl/ssltest.c
2013-07-22 15:47:48 +01:00
Trevor
9cd50f738f
Cleanup of custom extension stuff.
...
serverinfo rejects non-empty extensions.
Omit extension if no relevant serverinfo data.
Improve error-handling in serverinfo callback.
Cosmetic cleanups.
s_client documentation.
s_server documentation.
SSL_CTX_serverinfo documentation.
Cleaup -1 and NULL callback handling for custom extensions, add tests.
Cleanup ssl_rsa.c serverinfo code.
Whitespace cleanup.
Improve comments in ssl.h for serverinfo.
Whitespace.
Cosmetic cleanup.
Reject non-zero-len serverinfo extensions.
Whitespace.
Make it build.
2013-06-18 16:13:08 +01:00
Trevor
a398f821fa
Add support for arbitrary TLS extensions.
...
Contributed by Trevor Perrin.
2013-06-12 17:01:13 +01:00
Adam Langley
32620fe9d1
Fix for EXP-RC2-CBC-MD5
...
MD5 should use little endian order. Fortunately the only ciphersuite
affected is EXP-RC2-CBC-MD5 (TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5) which
is a rarely used export grade ciphersuite.
(cherry picked from commit f306b87d76
)
2013-02-06 16:11:31 +00:00
Bodo Möller
8bfc6479a8
use -no_ecdhe when using -no_dhe
2011-10-13 15:07:08 +00:00
Bodo Möller
2c472780c0
oops
2011-09-05 13:43:56 +00:00
Bodo Möller
c519e89f5c
Fix session handling.
2011-09-05 13:36:23 +00:00
Ben Laurie
edc032b5e3
Add SRP support.
2011-03-12 17:01:19 +00:00
Ben Laurie
d9a268b9f9
NPN tests.
2010-09-05 16:35:10 +00:00
Nils Larsch
ddac197404
add initial support for RFC 4279 PSK SSL ciphersuites
...
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
2006-03-10 23:06:27 +00:00
Andy Polyakov
62d27939c2
Address run-time linker problems: LD_PRELOAD issue on multi-ABI platforms
...
and SafeDllSearchMode in Windows.
Submitted by: Richard Levitte
2005-02-01 23:48:37 +00:00
Richard Levitte
0d3f2ccb62
Skip DH-specific tests when no-dh has been configured.
...
PR: 353
2002-12-12 18:43:10 +00:00
Bodo Möller
023ec151df
Add 'void *' argument to app_verify_callback.
...
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
2002-02-28 10:52:56 +00:00
Richard Levitte
23f80f46a4
Make it possible to test SSL compression
2000-11-30 11:57:31 +00:00
Bodo Möller
46c4647e3c
"openssl no-..." commands for avoiding the need to grep
...
"openssl list-standard-commands".
2000-03-13 20:31:46 +00:00
Bodo Möller
d58d6c2783
Include a timing test that works without RSA.
2000-03-13 19:44:45 +00:00
Bodo Möller
95fabd2fbc
Corrections.
...
In testss, use MD5 as digest algorithm so that the resulting
certificates can be used for testssl with RSA.
2000-03-13 19:35:37 +00:00
Bodo Möller
65b002f399
Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
2000-03-13 19:24:39 +00:00
Bodo Möller
563f1503a8
Connection timings (using ISO C function clock()).
2000-03-13 15:06:54 +00:00
Bodo Möller
e458958280
Always use fixed DH parameters created with 'dhparam -C',
...
don't dynamically create them. This allows using ssltest
for approximate performance comparisons:
$ time ./ssltest -num 50 -tls1 -cert ../apps/server2.pem \
[-no_dhe|-dhe1024dsa|-dhe1024]
(server2.pem contains a 1024 bit RSA key, the default has only
512 bits.) Note that these timings contain both the server's and
the client's computations, they are not a good indicator for
server workload in different configurations.
2000-03-10 13:23:20 +00:00
Bodo Möller
a87030a1ed
Make DSA_generate_parameters, and fix a couple of bug
...
(including another problem in the s3_srvr.c state machine).
2000-01-30 02:23:03 +00:00
Bodo Möller
cb0369d885
Repair another bug in s23_get_client_hello:
...
tls1 did not survive to restarts, so get rid of it.
1999-09-10 16:41:01 +00:00
Bodo Möller
77fa04a9bc
-no_dhe option for ssltest.c
1999-09-03 16:31:36 +00:00
Bodo Möller
95d29597b7
BIO pairs.
1999-06-12 01:03:40 +00:00
Ralf S. Engelschall
d02b48c63a
Import of old SSLeay release: SSLeay 0.8.1b
1998-12-21 10:52:47 +00:00