Bodo Moeller
8c149cfd83
Sync with version from master.
2013-09-17 09:55:27 +02:00
Trevor Perrin
6da498991c
Various custom extension fixes.
...
Force no SSL2 when custom extensions in use.
Don't clear extension state when cert is set.
Clear on renegotiate.
Conflicts:
ssl/t1_lib.c
2013-09-16 18:40:53 +01:00
Rob Stradling
86a66deb7e
Update CHANGES.
2013-09-16 14:03:22 +01:00
Rob Stradling
9409e18179
Tidy up comments.
2013-09-16 14:03:21 +01:00
Rob Stradling
6a0b803fc0
Use TLS version supplied by client when fingerprinting Safari.
2013-09-16 14:03:21 +01:00
Rob Stradling
5fa3b54788
Fix compilation with no-ec and/or no-tlsext.
2013-09-16 14:03:21 +01:00
Rob Stradling
07df5018be
Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
...
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
2013-09-16 14:03:21 +01:00
Bodo Moeller
1b9a59c36a
Sync CHANGES and NEWS files.
2013-09-16 14:54:34 +02:00
Bodo Moeller
8f89c33451
Merge branch 'OpenSSL_1_0_2-stable' of /usr/local/google/home/bmoeller/openssl/openssl into OpenSSL_1_0_2-stable
2013-09-16 14:51:10 +02:00
Bodo Moeller
485d7d5904
Fix overly lenient comparisons:
...
- EC_GROUP_cmp shouldn't consider curves equal just because
the curve name is the same. (They really *should* be the same
in this case, but there's an EC_GROUP_set_curve_name API,
which could be misused.)
- EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
equality (not an error).
Reported by: king cope
(cherry picked from commit 312a46791ab465cfa3bf26764361faed0e5df014)
2013-09-16 14:50:48 +02:00
Bodo Moeller
e3720888c7
Fix overly lenient comparisons:
...
- EC_GROUP_cmp shouldn't consider curves equal just because
the curve name is the same. (They really *should* be the same
in this case, but there's an EC_GROUP_set_curve_name API,
which could be misused.)
- EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
equality (not an error).
Reported by: king cope
(cherry picked from commit 312a46791ab465cfa3bf26764361faed0e5df014)
2013-09-16 13:06:30 +02:00
Andy Polyakov
d75e384ff8
Extend OPENSSL_ia32cap_P (backport from HEAD).
2013-09-15 22:13:54 +02:00
Andy Polyakov
c340c7a88c
crypto/armcap.c: fix typo in rdtsc subroutine.
...
PR: 3125
Submitted by: Kyle McMartin
(cherry picked from commit 8e52a9063a
)
2013-09-15 22:10:49 +02:00
Dr. Stephen Henson
9ecf6e93af
add -badsig option to corrupt CRL signatures for testing too
...
(cherry picked from commit 139cd16cc5
)
2013-09-14 13:53:44 +01:00
Dr. Stephen Henson
a41735288c
Add missing code from SSL_CONF backport.
2013-09-14 13:53:44 +01:00
Scott Deboy
8ae78c6bd9
Initialize next_proto in s_server - resolves incorrect attempts to free
...
Cherry pick of b0d27cb902
.
2013-09-13 11:31:39 -04:00
Adam Langley
cb3cec4adf
Add tests for ALPN functionality.
...
Cherry-picked from a898936218
.
2013-09-13 11:27:26 -04:00
Adam Langley
b0d6f3c58f
Support ALPN.
...
This change adds support for ALPN[1] in OpenSSL. ALPN is the IETF
blessed version of NPN and we'll be supporting both ALPN and NPN for
some time yet.
Cherry-picked from 6f017a8f9d
.
[1] https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-00
2013-09-13 11:27:22 -04:00
Ben Laurie
0338648426
Constification.
2013-09-10 17:58:44 +01:00
Andy Polyakov
c7dc404188
crypto/modes/asm/aesni-gcm-x86_64.pl: minor optimization.
...
Avoid occasional up to 8% performance drops.
(cherry picked from commit 7a1a12232a
)
2013-09-09 21:46:02 +02:00
Andy Polyakov
08853158b6
crypto/bn/asm/x86_64-mont.pl: minor optimization.
...
(cherry picked from commit 72a158703b
)
2013-09-09 21:42:48 +02:00
Andy Polyakov
74e0187663
Revert "x86cpuid.pl: fix extended feature flags detection."
...
This reverts commit 514f1a7835
.
2013-09-09 21:35:15 +02:00
Dr. Stephen Henson
bb4aa95c81
Remove ancient PATENTS section and FAQ reference.
...
(cherry picked from commit ce4555967e
)
2013-09-08 21:25:38 +01:00
Dr. Stephen Henson
5117d50b7e
Partial path fix.
...
When verifying a partial path always check to see if the EE certificate
is explicitly trusted: the path could contain other untrusted certificates.
(cherry picked from commit 52073b7675
)
2013-09-08 21:25:10 +01:00
Dr. Stephen Henson
593605d3ec
Document supported curve functions.
...
(cherry picked from commit c3eb33763b
)
2013-09-03 15:43:59 +01:00
Dr. Stephen Henson
c9ea4df8f9
Document -force_pubkey option.
...
(cherry picked from commit b093a06866bf632a97a9a0286e2d08f69c3cf7dd)
2013-08-21 13:41:17 +01:00
Dr. Stephen Henson
89ff56faf1
Correct ECDSA example.
...
(cherry picked from commit 3a918ea2bbf4175d9461f81be1403d3781b2c0dc)
2013-08-20 17:30:16 +01:00
Dr. Stephen Henson
9855026c43
fix printout of expiry days if -enddate is used in ca
...
(cherry picked from commit f7ac0ec89d
)
2013-08-19 21:55:07 +01:00
Dr. Stephen Henson
904348a492
Time difference functions.
...
Backport of ASN1_TIME_diff and OPENSSL_gmtime_diff functions from master
branch.
2013-08-19 21:55:07 +01:00
Dr. Stephen Henson
aaaa18392d
new command line option -stdname to ciphers utility
...
(cherry picked from commit 51b9115b6d
)
2013-08-19 20:25:39 +01:00
Dr. Stephen Henson
8c33e40d2e
Add new test option set the version in generated certificates: this
...
is needed to test some profiles/protocols which reject certificates
with unsupported versions.
(cherry picked from commit df316fd43c
)
2013-08-19 18:10:04 +01:00
Dr. Stephen Henson
0d04af1e72
option to output corrupted signature in certificates for testing purposes
...
(cherry picked from commit 96cfba0fb4
)
2013-08-19 18:09:44 +01:00
Dr. Stephen Henson
8f17495800
update usage messages
...
(cherry picked from commit 7c8ac50504
)
2013-08-19 18:09:26 +01:00
Dr. Stephen Henson
95c1a24853
add -naccept <n> option to s_server to automatically exit after <n> connections
...
(cherry picked from commit b5cadfb564
)
2013-08-19 17:42:02 +01:00
Dr. Stephen Henson
08374de10f
with -rev close connection if client sends "CLOSE"
...
(cherry picked from commit 685755937a
)
2013-08-19 14:14:05 +01:00
Dr. Stephen Henson
506e70a216
Add simple external session cache to s_server. This serialises sessions
...
just like a "real" server making it easier to trace any problems.
(manually applied from commit 35b0ea4efe
)
2013-08-19 14:13:56 +01:00
Dr. Stephen Henson
0cca92cdd3
Remove commented out debug line.
2013-08-19 14:13:38 +01:00
Dr. Stephen Henson
5b430cfc44
Make no-ec compilation work.
...
(cherry picked from commit 14536c8c9c
)
2013-08-19 14:13:38 +01:00
Dr. Stephen Henson
171c4da568
Add -rev test option to s_server to just reverse order of characters received
...
by client and send back to server. Also prints an abbreviated summary of
the connection parameters.
(cherry picked from commit 4f3df8bea2
)
2013-08-19 14:13:38 +01:00
Dr. Stephen Henson
04611fb0f1
Add -brief option to s_client and s_server to summarise connection details.
...
New option -verify_quiet to shut up the verify callback unless there is
an error.
(manually applied from commit 2a7cbe77b3
)
2013-08-19 14:13:24 +01:00
Dr. Stephen Henson
df430489cf
Add documentation.
...
Preliminary documentation for chain and verify stores and certificate chain
setting functions.
(cherry picked from commit eeb15452a0
)
2013-08-18 13:53:32 +01:00
Dr. Stephen Henson
5085e57fb5
Return 1 when setting ECDH auto mode.
...
(cherry picked from commit 42082eda6f
)
2013-08-18 13:53:00 +01:00
Michael Tuexen
75b81247a0
DTLS message_sequence number wrong in rehandshake ServerHello
...
This fix ensures that
* A HelloRequest is retransmitted if not responded by a ClientHello
* The HelloRequest "consumes" the sequence number 0. The subsequent
ServerHello uses the sequence number 1.
* The client also expects the sequence number of the ServerHello to
be 1 if a HelloRequest was received earlier.
This patch fixes the RFC violation.
(cherry picked from commit b62f4daac0
)
2013-08-13 18:55:16 +01:00
Michael Tuexen
2c1a5c1039
DTLS handshake fix.
...
Reported by: Prashant Jaikumar <rmstar@gmail.com>
Fix handling of application data received before a handshake.
(cherry picked from commit 0c75eeacd3
)
2013-08-08 13:31:54 +01:00
Dr. Stephen Henson
71c34b7f2d
Fix verify loop with CRL checking.
...
PR #3090
Reported by: Franck Youssef <fry@open.ch>
If no new reason codes are obtained after checking a CRL exit with an
error to avoid repeatedly checking the same CRL.
This will only happen if verify errors such as invalid CRL scope are
overridden in a callback.
(cherry picked from commit 4b26645c1a
)
2013-08-06 16:08:04 +01:00
Kaspar Brand
b0cfaf58ad
Fix for PEM_X509_INFO_read_bio.
...
PR: 3028
Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys
correctly if they appeared first.
(cherry picked from commit 5ae8d6bcba
)
2013-08-06 16:04:52 +01:00
Andy Polyakov
9dc07f04c3
crypto/evp/e_aes.c: fix logical pre-processor bug and formatting.
...
Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by
Ard Biesheuvel of Linaro.
(cherry picked from commit 044f63086051d7542fa9485a1432498c39c4d8fa)
2013-08-03 17:09:37 +02:00
Andy Polyakov
f15c16200b
crypto/bn/asm/rsax-x86_64.pl: make it work on Darwin.
...
(cherry picked from commit fd8ad019e1
)
2013-08-03 16:30:40 +02:00
Andy Polyakov
4e09add6f8
crypto/sha/asm/sha*-x86_64.pl: comply with Win64 ABI.
...
(cherry picked from commit 006784378d
)
2013-07-31 23:52:21 +02:00
Trevor
355a6236be
Cosmetic touchups.
2013-07-31 16:38:43 +01:00