Trevor Perrin
6da498991c
Various custom extension fixes.
...
Force no SSL2 when custom extensions in use.
Don't clear extension state when cert is set.
Clear on renegotiate.
Conflicts:
ssl/t1_lib.c
2013-09-16 18:40:53 +01:00
Dr. Stephen Henson
bc200e691c
SSL/TLS record tracing code (backport from HEAD).
2012-12-26 22:40:46 +00:00
Dr. Stephen Henson
ccf6a19e2d
Add three Suite B modes to TLS code, supporting RFC6460.
...
(backport from HEAD)
2012-12-26 16:17:40 +00:00
Ben Laurie
8a02a46a5c
RFC 5878 support.
2012-05-29 17:27:48 +00:00
Andy Polyakov
f69abd5321
s23_clnt.c: ensure interoperability by maitaining client "version capability"
...
vector contiguous [from HEAD].
PR: 2802
2012-04-25 22:07:03 +00:00
Dr. Stephen Henson
48e0f6667b
Additional workaround for PR#2771
...
If OPENSSL_MAX_TLS1_2_CIPHER_LENGTH is set then limit the size of client
ciphersuites to this value. A value of 50 should be sufficient.
Document workarounds in CHANGES.
2012-04-17 14:47:14 +00:00
Dr. Stephen Henson
32213fb25a
Partial workaround for PR#2771.
...
Some servers hang when presented with a client hello record length exceeding
255 bytes but will work with longer client hellos if the TLS record version
in client hello does not exceed TLS v1.0. Unfortunately this doesn't fix all
cases...
2012-04-17 13:20:37 +00:00
Dr. Stephen Henson
7043fa702f
add FIPS support to ssl: doesn't do anything on this branch yet as there is no FIPS compilation support
2011-05-19 18:22:16 +00:00
Dr. Stephen Henson
9472baae0d
Backport TLS v1.2 support from HEAD.
...
This includes TLS v1.2 server and client support but at present
client certificate support is not implemented.
2011-05-11 13:37:52 +00:00
Dr. Stephen Henson
80b3d7a3c9
Remove redundant check to stop compiler warning.
2011-03-12 17:05:58 +00:00
Ben Laurie
4bd48de60c
Fix warning.
2011-03-12 12:18:34 +00:00
Dr. Stephen Henson
b4b15f68c0
Backport TLS v1.1 support from HEAD, ssl/ changes
2010-06-27 14:22:11 +00:00
Dr. Stephen Henson
45d6a15ae9
PR: 2171
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Since SSLv2 doesn't support renegotiation at all don't reject it if
legacy renegotiation isn't enabled.
Also can now use SSL2 compatible client hello because RFC5746 supports it.
2010-02-16 14:20:40 +00:00
Dr. Stephen Henson
5ddbb8f41a
Don't use SSLv2 compatible client hello if we don't tolerate legacy renegotiation
2009-11-18 14:45:32 +00:00
Dr. Stephen Henson
f45e8c7bdd
PR: 2000
...
Submitted by: Vadim Zeitlin <vz-openssl@zeitlins.org>
Approved by: steve@openssl.org
Make no-comp compile without warnings.
2009-08-05 15:29:14 +00:00
Dr. Stephen Henson
9ae5743515
Disable SSLv2 cipher suites by default and avoid SSLv2 compatible client
...
hello if no SSLv2 cipher suites are included. This effectively disables
the broken SSLv2 use by default.
2009-04-07 17:01:07 +00:00
Ben Laurie
d41c785d69
Document dead code.
2008-12-30 13:02:02 +00:00
Dr. Stephen Henson
0702150f53
Make no-tlsext compile.
2008-09-03 12:29:57 +00:00
Ben Laurie
8671b89860
Memory saving patch.
2008-06-03 02:48:34 +00:00
Dr. Stephen Henson
67c8e7f414
Support for certificate status TLS extension.
2007-09-26 21:56:59 +00:00
Bodo Möller
761772d7e1
Implement the Opaque PRF Input TLS extension
...
(draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and
bugfixes on the way. In particular, this fixes the buffer bounds
checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext().
Note that the opaque PRF Input TLS extension is not compiled by default;
see CHANGES.
2007-09-21 06:54:24 +00:00
Bodo Möller
1e24b3a09e
fix support for receiving fragmented handshake messages
2006-11-29 14:45:50 +00:00
Bodo Möller
6ad47e83b4
improvements for alert handling
2006-01-11 07:18:35 +00:00
Bodo Möller
241520e66d
More TLS extension related changes.
...
Submitted by: Peter Sylvester
2006-01-11 06:10:40 +00:00
Bodo Möller
739a543ea8
Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)
2006-01-08 19:42:30 +00:00
Bodo Möller
f1fd4544a3
Various changes in the new TLS extension code, including the following:
...
- fix indentation
- rename some functions and macros
- fix up confusion between SSL_ERROR_... and SSL_AD_... values
2006-01-03 03:27:19 +00:00
Bodo Möller
ed3883d21b
Support TLS extensions (specifically, HostName)
...
Submitted by: Peter Sylvester
2006-01-02 23:14:37 +00:00
Dr. Stephen Henson
7bbcb2f690
Avoid warnings on VC++ 2005.
2005-12-05 17:21:22 +00:00
Dr. Stephen Henson
566dda07ba
New option SSL_OP_NO_COMP to disable compression. New ctrls to set
...
maximum send fragment size. Allocate I/O buffers accordingly.
2005-10-08 00:18:53 +00:00
Nils Larsch
4ebb342fcd
Let the TLSv1_method() etc. functions return a const SSL_METHOD
...
pointer and make the SSL_METHOD parameter in SSL_CTX_new,
SSL_CTX_set_ssl_version and SSL_set_ssl_method const.
2005-08-14 21:48:33 +00:00
Dr. Stephen Henson
f3b656b246
Initialize SSL_METHOD structures at compile time. This removes the need
...
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
2005-08-05 23:56:11 +00:00
Bodo Möller
3f19bbf4e3
fix msg_callback() arguments for SSL 2.0 compatible client hello
...
(previous revision got this wrong)
2005-05-12 06:24:25 +00:00
Bodo Möller
c6c2e3135d
Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled
...
with the SSL_OP_NO_SSLv2 option.
2005-05-11 18:25:49 +00:00
Nils Larsch
7c7667b86b
check return value of RAND_pseudo_bytes; backport from the stable branch
2005-04-29 20:10:06 +00:00
Richard Levitte
8d6ad9e39d
Stop a possible memory leak.
...
(I wonder why s2_connect() handles the initial buffer allocation slightly
differently...)
PR: 416
2002-12-21 23:49:21 +00:00
Ben Laurie
54a656ef08
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
Bodo Möller
b8565a9af9
really fix race conditions
...
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
PR: 291
2002-09-25 15:38:57 +00:00
Bodo Möller
e78f137899
really fix race condition
...
PR: 262
2002-09-23 14:25:07 +00:00
Lutz Jänicke
7b63c0fa8c
Reorder inclusion of header files:
...
des_old.h redefines crypt:
#define crypt(b,s)\
DES_crypt((b),(s))
This scheme leads to failure, if header files with the OS's true definition
of crypt() are processed _after_ des_old.h was processed. This is e.g. the
case on HP-UX with unistd.h.
As evp.h now again includes des.h (which includes des_old.h), this problem
only came up after this modification.
Solution: move header files (indirectly) including e_os.h before the header
files (indirectly) including evp.h.
Submitted by:
Reviewed by:
PR:
2002-07-10 07:01:54 +00:00
Ben Laurie
45d87a1ffe
Prototype info function.
2002-01-12 15:56:13 +00:00
Bodo Möller
cf82191d77
Implement msg_callback for SSL 2.0.
...
Important SSL 2.0 bugfixes (bugs found while implementing msg_callback).
2001-11-10 01:16:28 +00:00
Bodo Möller
979689aa5c
Fix SSL handshake functions and SSL_clear() such that SSL_clear()
...
never resets s->method to s->ctx->method when called from within
one of the SSL handshake functions.
2001-10-24 19:03:22 +00:00
Richard Levitte
bc36ee6227
Use new-style system-id macros everywhere possible. I hope I haven't
...
missed any.
This compiles and runs on Linux, and external applications have no
problems with it. The definite test will be to build this on VMS.
2001-02-20 08:13:47 +00:00
Bodo Möller
aa826d88e1
Document rollback issues.
2000-07-29 19:27:20 +00:00
Bodo Möller
37569e64e8
Fix SSL 2.0 rollback checking: The previous implementation of the
...
test was never triggered due to an off-by-one error.
In s23_clnt.c, don't use special rollback-attack detection padding
(RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
client; similarly, in s23_srvr.c, don't do the rollback check if
SSL 2.0 is the only protocol enabled in the server.
2000-07-29 18:50:41 +00:00
Ulf Möller
e7f97e2d22
Check RAND_bytes() return value or use RAND_pseudo_bytes().
2000-01-21 01:15:56 +00:00
Ulf Möller
aa82db4fb4
Add missing #ifndefs that caused missing symbols when building libssl
...
as a shared library without RSA. Use #ifndef NO_SSL2 instead of
NO_RSA in ssl/s2*.c.
Submitted by: Kris Kennaway <kris@hub.freebsd.org>
Modified by Ulf Möller
2000-01-16 21:10:00 +00:00
Ulf Möller
eb952088f0
Precautions against using the PRNG uninitialized: RAND_bytes() now
...
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
2000-01-13 20:59:17 +00:00
Bodo Möller
d58d092bc9
Avoid warnings.
1999-06-10 16:29:32 +00:00
Ulf Möller
61f217eec2
Undo.
1999-04-27 11:46:13 +00:00