wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9259 commits 20 branches 302 tags 153 MiB
Commit graph

1059 commits

Author SHA1 Message Date
Dr. Stephen Henson
f45e8c7bdd PR: 2000 
Submitted by: 	Vadim Zeitlin <vz-openssl@zeitlins.org>
Approved by: steve@openssl.org

Make no-comp compile without warnings.
 2009-08-05 15:29:14 +00:00
Dr. Stephen Henson
d7406b1528 PR: 1993 
Fix from 0.9.8-stable.
 2009-07-24 11:52:32 +00:00
Dr. Stephen Henson
5135d6b985 Fix error codes and indentation. 2009-07-15 11:32:58 +00:00
Dr. Stephen Henson
c8f759ec74 Stop warning of signed/unsigned compare. 2009-07-14 15:28:44 +00:00
Dr. Stephen Henson
cddd00166c PR: 1984 
Submitted by: Michael Tüxen <Michael.Tuexen@lurchi.franken.de>
Approved by: steve@openssl.org

Don't concatenate reads in DTLS.
 2009-07-13 11:44:04 +00:00
Dr. Stephen Henson
c155d83f5b Delete MD2 from algorithm tables and default compilation. 2009-07-08 08:50:53 +00:00
Dr. Stephen Henson
5a03e3ac3f Fix from HEAD. 2009-07-04 12:05:14 +00:00
Dr. Stephen Henson
08b2097967 Update from HEAD. 2009-07-04 11:44:01 +00:00
Dr. Stephen Henson
2b3cd246e5 PR: 1962 
Submitted by: Daniel Mentz <daniel.m@sent.com>
Reviewed by: steve@openssl.org

Fix "for dtls1_get_record() returns a bad record in one edge case" bug.
 2009-07-01 11:29:01 +00:00
Dr. Stephen Henson
76ec9151d1 Update from 0.9.8-stable. 2009-06-30 22:26:28 +00:00
Dr. Stephen Henson
6c24dd9005 Typo. 2009-06-30 20:55:55 +00:00
Dr. Stephen Henson
29b0c4a01c Add "missing" functions for setting all verify parameters for SSL_CTX and SSL 
structures.
 2009-06-30 11:57:24 +00:00
Dr. Stephen Henson
b824f0f458 Redundant check: s->param is always non-NULL, it is set in SSL_new(). 2009-06-30 11:41:35 +00:00
Dr. Stephen Henson
43ea53a04a Inherit parameters properly in SSL contexts: any parameters set should 
replace those in the current list.
 2009-06-30 11:21:00 +00:00
Dr. Stephen Henson
dbb834ffeb Update from 0.9.8-stable. 2009-06-28 16:24:11 +00:00
Dr. Stephen Henson
887c250852 Update from 0.9.8-stable. 2009-06-26 15:04:22 +00:00
Dr. Stephen Henson
0cb76e79df PR: 1748 
Fix nasty SSL BIO pop bug. Since this changes the behaviour of SSL BIOs and
will break applications that worked around the bug only included in 1.0.0 and
later.
 2009-06-25 11:26:45 +00:00
Dr. Stephen Henson
72d668c332 Update from HEAD. 2009-06-24 13:30:07 +00:00
Dr. Stephen Henson
3492c47b18 Update from HEAD. 2009-06-17 11:38:26 +00:00
Dr. Stephen Henson
85d9b02d16 Update from HEAD. 2009-06-16 16:55:01 +00:00
Dr. Stephen Henson
bfd502f027 Updates from HEAD. 2009-06-16 16:39:20 +00:00
Ben Laurie
6cfab29b71 Make depend. 2009-06-14 02:37:22 +00:00
Dr. Stephen Henson
55708796af Update from HEAD. 2009-06-13 20:47:09 +00:00
Dr. Stephen Henson
7074f1df07 Stop gcc bracket warning. 2009-06-05 14:57:10 +00:00
Dr. Stephen Henson
4e63da0669 PR: 1950 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve@openssl.org

DTLS fragment retransmission bug.
 2009-06-05 14:46:49 +00:00
Dr. Stephen Henson
4e66723517 Update from HEAD. 2009-06-02 11:23:30 +00:00
Dr. Stephen Henson
e1f09dfd84 PR: 1921 
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Reviewed by: steve@openssl.org

Add ECDHE and PSK support to DTLS.
 2009-05-31 17:11:24 +00:00
Dr. Stephen Henson
6e87cc8da6 Need definition of struct timeval for dtls1.h which broke WIN32 builds, 
so include winsock.h. (might be a cleaner way to do this...)
 2009-05-28 20:53:16 +00:00
Dr. Stephen Henson
cc1cb996f1 Submitted by: Artem Chuprina <ran@cryptocom.ru> 
Reviewed by: steve@openssl.org

Fix to match latest GOST in TLS draft.
 2009-05-28 18:10:47 +00:00
Dr. Stephen Henson
0454f2c490 PR: 1929 
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Updated DTLS MTU bug fix.
 2009-05-17 16:04:21 +00:00
Dr. Stephen Henson
abda7c1147 PR: 1931 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix fragment handling memory leak.
 2009-05-16 16:22:11 +00:00
Dr. Stephen Henson
88b48dc680 PR: 1930 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Limit size of DTLS record buffer queue.
 2009-05-16 16:17:46 +00:00
Dr. Stephen Henson
661d35dfb2 Disable ECDHE in DTLS in a cleaner way. 2009-05-16 11:16:15 +00:00
Dr. Stephen Henson
f99c9daa39 Make the stuff compile again, fix missing prototype warnings. 2009-05-16 11:14:55 +00:00
Dr. Stephen Henson
d6584eba8c PR: 1922 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS Timer bug fix.
 2009-05-15 22:58:13 +00:00
Richard Levitte
006c7c6bb1 Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda). 
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)
 2009-05-15 16:37:08 +00:00
Dr. Stephen Henson
b3620451b2 PR: 1921 
Submitted by: steve@openssl.org

Our DTLS implementation doesn't currently handle ECDHE so don't include
unsupported ciphers in client hello.
 2009-05-13 16:25:35 +00:00
Dr. Stephen Henson
d2f17d9615 Print out DTLS versions too. 2009-05-13 16:24:12 +00:00
Dr. Stephen Henson
561cbe5678 PR: 1923 
Submitted by: Daniel Mentz <daniel.m@sent.com>, Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Don't access freed data structure.
 2009-05-13 11:51:30 +00:00
Dr. Stephen Henson
4e50f02638 If an SSLv2 method is explicitly asked for use the SSLv2 cipher string: 
assume an application *really* wants SSLv2 if they do that.

Otherwise stick with the default which excludes all SSLv2 cipher suites.
 2009-04-29 14:12:54 +00:00
Dr. Stephen Henson
174ea15647 Typo. 2009-04-28 22:35:42 +00:00
Dr. Stephen Henson
18f8258a87 PR: 1629 
Submitted by: Kaspar Brand <ossl-rt@velox.ch>
Approved by: steve@openssl.org

Don't use extensions if using SSLv3: this chokes some broken servers.
 2009-04-28 22:01:53 +00:00
Dr. Stephen Henson
82ae57136b Some no-ec fixes (not complete yet). 2009-04-23 15:24:27 +00:00
Dr. Stephen Henson
b61a84c8e6 Fix WIN32 warnings. 2009-04-22 15:40:54 +00:00
Dr. Stephen Henson
a543ea44bc Fix WIN32 warning. 2009-04-22 12:17:02 +00:00
Dr. Stephen Henson
b0dd3d1b94 Another kerberos fix. 2009-04-21 22:30:54 +00:00
Dr. Stephen Henson
21fb688d26 Some fixes for kerberos builds. 2009-04-21 22:20:12 +00:00
Dr. Stephen Henson
dfc8e96daa Fix warning. 2009-04-21 15:11:59 +00:00
Dr. Stephen Henson
b452f43322 PR: 1751 
Submitted by: David Woodhouse <dwmw2@infradead.org>
Approved by: steve@openssl.org

Compatibility patches for Cisco VPN client DTLS.
 2009-04-19 18:03:13 +00:00
Dr. Stephen Henson
9990cb75c1 PR: 1894 
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org

Fix various typos and stuff.
 2009-04-16 17:22:51 +00:00
Dr. Stephen Henson
a5cc69c7ae PR: 1900 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Remove unnecessary included header file.
 2009-04-16 16:42:02 +00:00
Dr. Stephen Henson
c900a78c99 PR: 1828 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Updated DTLS Rentransmission bug patch.
 2009-04-15 14:49:36 +00:00
Dr. Stephen Henson
46ffb2dc97 PR #1828 reverted: state save/restore incompatible with 1.0.0-stable. 2009-04-14 15:29:34 +00:00
Dr. Stephen Henson
aab790a656 PR: 1829 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS Timer Bug fix.
 2009-04-14 14:33:12 +00:00
Dr. Stephen Henson
1319aad994 PR: 1647 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Update patch for PR#1647.
 2009-04-14 14:22:26 +00:00
Dr. Stephen Henson
3c0ce01cea PR: 1827 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Updated patch for PR #1827
 2009-04-14 14:20:57 +00:00
Dr. Stephen Henson
9fcbefebdb PR: 1828 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Update from 0.9.8-stable.
 2009-04-14 14:19:46 +00:00
Dr. Stephen Henson
017d2a887f PR: 1838 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Updated patch from 0.9.8-stable.
 2009-04-14 14:18:16 +00:00
Dr. Stephen Henson
9ae5743515 Disable SSLv2 cipher suites by default and avoid SSLv2 compatible client 
hello if no SSLv2 cipher suites are included. This effectively disables
the broken SSLv2 use by default.
 2009-04-07 17:01:07 +00:00
Dr. Stephen Henson
c184b140df Update from 0.9.8-stable. 2009-04-07 16:30:32 +00:00
Dr. Stephen Henson
9d80aa7e3f Update from 0.9.8-stable 2009-04-07 12:10:59 +00:00
Dr. Stephen Henson
c9a1778134 Fix error codes. 2009-04-05 11:54:34 +00:00
Dr. Stephen Henson
2dd5ca1fbc Make no-ssl2 work including on Win32 builds. 2009-04-04 17:57:34 +00:00
Dr. Stephen Henson
c6196da587 Update from 0.9.8-stable. 2009-04-02 22:28:52 +00:00
Dr. Stephen Henson
78625cac82 Submitted by: Victor Duchovni <Victor.Duchovni@morganstanley.com> 
Reviewed by: steve@openssl.org

Check return value of sk_SSL_COMP_find() properly.
 2009-03-12 17:30:29 +00:00
Ben Laurie
7587347bc4 Fix memory leak. 2009-02-23 16:40:59 +00:00
Ben Laurie
b3f3407850 Use new common flags and fix resulting warnings. 2009-02-15 14:08:51 +00:00
Dr. Stephen Henson
477fd4596f PR: 1835 
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org

Fix various typos.
 2009-02-14 21:49:38 +00:00
Bodo Möller
d8e8fc4803 Put back a variable deleted by the previous revision, 
but used in the code.
 2009-02-01 01:08:13 +00:00
Richard Levitte
c7ba21493a Hopefully resolve signed vs unsigned issue. 2009-01-28 07:09:23 +00:00
Dr. Stephen Henson
d7ecd42255 Fix warnings properly this time ;-) 2009-01-11 20:34:23 +00:00
Dr. Stephen Henson
211655fcdd Fix sign-compare warnings. 2009-01-11 15:58:51 +00:00
Dr. Stephen Henson
bab534057b Updatde from stable branch. 2009-01-07 23:44:27 +00:00
Lutz Jänicke
fceac0bc74 Fix compilation with -no-comp by adding some more #ifndef OPENSSL_NO_COMP 
Some #include statements were not properly protected. This will go unnoted
on most systems as openssl/comp.h tends to be installed as a system header
file by default but may become visible when cross compiling.
 2009-01-05 14:43:05 +00:00
Ben Laurie
4a94003a51 srvr_ecdh cannot be NULL at this point (Coverity ID 232). 2009-01-02 12:49:07 +00:00
Ben Laurie
d41c785d69 Document dead code. 2008-12-30 13:02:02 +00:00
Ben Laurie
2bd45dc94c Apparently s->ctx could be NULL. (Coverity ID 147). 2008-12-29 16:15:27 +00:00
Ben Laurie
121f9e743c Apparently s->ctx could be NULL at this point (see earlier 
test). (Coverity ID 148).
 2008-12-29 16:13:49 +00:00
Ben Laurie
0eab41fb78 If we're going to return errors (no matter how stupid), then we should 
test for them!
 2008-12-29 16:11:58 +00:00
Ben Laurie
8aa02e97a7 Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash. 
(Coverity ID 135).
 2008-12-29 13:35:08 +00:00
Ben Laurie
85e878f224 Die earlier if hash is NULL. (Coverity IDs 137 & 138). 2008-12-29 11:54:56 +00:00
Ben Laurie
fe1c7fecf1 Reverse incorrect earlier fix. 2008-12-29 11:47:08 +00:00
Ben Laurie
0e941da6fa Die earlier if we have no hash function. 2008-12-29 11:46:44 +00:00
Ben Laurie
9b9cb004f7 Deal with the unlikely event that EVP_MD_CTX_size() returns an error. 
(Coverity ID 140).
 2008-12-27 02:09:24 +00:00
Ben Laurie
6ba71a7173 Handle the unlikely event that BIO_get_mem_data() returns -ve. 2008-12-27 02:00:38 +00:00
Dr. Stephen Henson
70531c147c Make no-engine work again. 2008-12-20 17:04:40 +00:00
Ben Laurie
a9dbe71ee0 Back out pointless change. 2008-12-13 17:45:49 +00:00
Ben Laurie
ecd3370ba0 *** empty log message *** 2008-12-13 17:45:27 +00:00
Dr. Stephen Henson
349e78e2e8 Stop warning about different const qualifiers. 2008-11-24 17:39:42 +00:00
Ben Laurie
f3b7bdadbc Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks. 2008-11-16 12:47:12 +00:00
Dr. Stephen Henson
12bf56c017 PR: 1574 
Submitted by: Jouni Malinen <j@w1.fi>
Approved by: steve@openssl.org

Ticket override support for EAP-FAST.
 2008-11-15 17:18:12 +00:00
Ben Laurie
774b2fe700 Aftermath of a clashing size_t fix (now only format changes). 2008-11-13 09:48:47 +00:00
Geoff Thorpe
6343829a39 Revert the size_t modifications from HEAD that had led to more 
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
 2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
7b808412c9 Make -DKSSL_DEBUG work again. 2008-11-10 19:08:37 +00:00
Dr. Stephen Henson
c76fd290be Fix warnings about mismatched prototypes, undefined size_t and value computed 
not used.
 2008-11-02 12:50:48 +00:00
Ben Laurie
5e4430e70d More size_tification. 2008-11-01 16:40:37 +00:00
Ben Laurie
bfaead2b12 Fix warning. 2008-10-29 05:10:09 +00:00
Dr. Stephen Henson
ab7e09f59b Win32 fixes... add new directory to build system. Fix warnings. 2008-10-27 12:31:13 +00:00
Dr. Stephen Henson
e19106f5fb Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros 
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.

This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
 2008-10-22 15:43:01 +00:00
Dr. Stephen Henson
606f6c477a Fix a shed load or warnings: 
Duplicate const.
Use of ; outside function.
 2008-10-20 15:12:00 +00:00