Dr. Stephen Henson
76c3ef7446
Fix from stable branch.
2007-10-18 11:42:47 +00:00
Andy Polyakov
659f7f3168
Don't let DTLS ChangeCipherSpec increment handshake sequence number.
...
PR: 1587
2007-10-17 21:15:48 +00:00
Dr. Stephen Henson
3d3bf9c730
Don't lookup zero length session ID.
...
PR: 1591
2007-10-17 17:31:57 +00:00
Dr. Stephen Henson
4017e8706c
Fix from stable branch.
2007-10-17 11:49:27 +00:00
Andy Polyakov
3ce54f35b3
Make ssl compile [from 098-stable, bug is masked by default].
2007-10-14 14:09:13 +00:00
Andy Polyakov
ebc06fba67
Bunch of constifications.
2007-10-13 15:51:32 +00:00
Andy Polyakov
e979c039f9
Fix warnings in d1_both.c [from 0.9.8-stable].
2007-10-13 11:00:52 +00:00
Andy Polyakov
90acf770b5
DTLS fixes from 0.9.8-stable.
2007-10-13 10:57:02 +00:00
Andy Polyakov
0d89e45690
Synchronize CHANGES between 0.9.8 and HEAD.
2007-10-13 10:55:30 +00:00
Ben Laurie
1948c7e6dd
0.9.8f.
2007-10-12 10:56:10 +00:00
Dr. Stephen Henson
a6db6a0070
Update CHANGES. Keep ordinals consistent.
2007-10-12 00:15:09 +00:00
Ben Laurie
fdb2fe6dc2
New release.
2007-10-11 19:31:29 +00:00
Andy Polyakov
a2115c5d17
Respect cookie length set by app_gen_cookie_cb.
...
Submitted by: Alex Lam
2007-10-09 19:31:18 +00:00
Andy Polyakov
4fe55663df
Make DTLS1 record layer MAC calculation RFC compliant.
...
Submitted by: Alex Lam
2007-10-09 19:19:07 +00:00
Andy Polyakov
ae1552ee99
Addendum to commit #16654 .
2007-10-09 16:37:24 +00:00
Andy Polyakov
debf380122
size_t-fy crypto/buffer.
2007-10-09 15:52:07 +00:00
Ralf S. Engelschall
ddb038d349
ignore a few additionally generated files
2007-10-09 09:56:44 +00:00
Andy Polyakov
b7cc9dffac
Addendum to commit #16651 .
2007-10-07 14:34:59 +00:00
Andy Polyakov
e1b81fed33
Make it possible to link VC static lib with either /MT or /MD application.
...
PR: 1230
2007-10-07 12:55:36 +00:00
Andy Polyakov
5d58f1bbfe
Prohibit RC4 in DTLS.
2007-10-05 21:04:56 +00:00
Dr. Stephen Henson
fcd1cb666c
Fix from fips branch.
2007-10-05 16:53:31 +00:00
Dr. Stephen Henson
4f19a9cb9f
Off by one fix from stable branch.
2007-10-04 12:07:52 +00:00
Andy Polyakov
0023adb47a
Switch to bn-s390x (it's faster on keys longer than 512 bits) and mention
...
s390x assembler pack in CHANAGES.
2007-10-01 07:38:32 +00:00
Andy Polyakov
81fe8dcfe1
Oops! This was erroneously left out commit #16632 .
2007-10-01 06:27:21 +00:00
Andy Polyakov
d527834a1d
Basic idea behind explicit IV is to make it unpredictable for attacker.
...
Until now it was xor between CBC residue and 1st block from last datagram,
or in other words still predictable.
2007-09-30 22:01:36 +00:00
Andy Polyakov
89c333e3e5
Make ChangeCipherSpec compliant with DTLS RFC4347.
2007-09-30 21:19:30 +00:00
Andy Polyakov
0d97d00b6c
DTLS RFC4347 says HelloVerifyRequest resets Finished MAC.
2007-09-30 19:34:36 +00:00
Andy Polyakov
e7adda52b3
DTLS RFC4347 requires client to use rame random field in reply to
...
HelloVerifyRequest.
2007-09-30 19:15:27 +00:00
Andy Polyakov
7432d073af
Switch to RFC-compliant version encoding in DTLS.
2007-09-30 18:53:54 +00:00
Dr. Stephen Henson
04e2ab2c02
Move no status notification to ssl_check_serverhello_tlsext() to ensure
...
no status is notified even if no server extensions are present.
2007-09-28 17:45:11 +00:00
Dr. Stephen Henson
b7fcc08976
Typo.
2007-09-28 17:18:18 +00:00
Andy Polyakov
7722e53f12
Yet another ARM update. It appears to be more appropriate to make
...
developers responsible for -march choice.
2007-09-27 16:27:03 +00:00
Andy Polyakov
2c3ee16272
Move -march=armv4t to ./config.
2007-09-27 07:43:58 +00:00
Andy Polyakov
19112771d6
Minor ARMv4 update.
2007-09-27 07:20:31 +00:00
Andy Polyakov
4c7c5ff667
ARMv4 assembler pack.
2007-09-27 07:09:46 +00:00
Andy Polyakov
d7e915616d
10% performance tweak in 64-bit mode.
2007-09-27 06:19:25 +00:00
Dr. Stephen Henson
67c8e7f414
Support for certificate status TLS extension.
2007-09-26 21:56:59 +00:00
Andy Polyakov
74eb3e0914
Make sha512-armv4.pl byte-order neutral.
2007-09-26 12:17:33 +00:00
Andy Polyakov
79fe664f19
Clarify commentary in sha512-sparcv9.pl.
2007-09-26 12:16:32 +00:00
Lutz Jänicke
5f0477f47b
Typos
...
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
2007-09-24 11:22:58 +00:00
Lutz Jänicke
7bbce69721
Port from 0.9.8-stable
2007-09-24 11:01:18 +00:00
Dr. Stephen Henson
870d6541f2
Use accept flag for new session ticket write.
2007-09-23 15:55:15 +00:00
Bodo Möller
02c27b113c
properly handle length-zero opaque PRF input values
...
(which are pointless, but still might occur)
2007-09-23 11:30:53 +00:00
Bodo Möller
86d4bc3aea
fix length parameter in SSL_set_tlsext_opaque_prf_input() calls
2007-09-23 11:08:59 +00:00
Bodo Möller
761772d7e1
Implement the Opaque PRF Input TLS extension
...
(draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and
bugfixes on the way. In particular, this fixes the buffer bounds
checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext().
Note that the opaque PRF Input TLS extension is not compiled by default;
see CHANGES.
2007-09-21 06:54:24 +00:00
Andy Polyakov
54ef01b54b
Fix indentation in d1_both.c.
2007-09-19 16:38:15 +00:00
Ben Laurie
9311c4421a
Fix dependencies. Make depend.
2007-09-19 14:53:18 +00:00
Ben Laurie
aaa4f448cf
The other half of make errors.
2007-09-19 14:51:28 +00:00
Ben Laurie
5f8b524619
make errors.
2007-09-19 14:29:59 +00:00
Bodo Möller
08111768a2
fix warning
2007-09-19 01:43:59 +00:00