wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2075 commits 20 branches 302 tags 153 MiB
Commit graph

271 commits

Author SHA1 Message Date
Richard Levitte
82271cee5b In Message-ID: <003201bfb332$14a07520$0801a8c0@janm.transactionsite.com>, 
"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order.  Thusly fixed.
 2000-05-02 12:16:01 +00:00
Richard Levitte
7a807ad8a7 "make update" 2000-04-09 12:52:40 +00:00
Bodo Möller
1d90f28029 In theory, TLS v1 ciphersuites are not the same as SSL v3 ciphersuites 2000-04-06 22:33:14 +00:00
Bodo Möller
46b3bd5454 Avoid memory leak. 2000-04-06 22:25:49 +00:00
Bodo Möller
98e04f9eeb Comments for SSL_get_peer_cert_chain inconsistency. 2000-03-27 18:07:45 +00:00
Bodo Möller
617d71bc12 NeXT workaround. 2000-03-26 12:27:30 +00:00
Bodo Möller
448e2f9ba7 Use correct function names in SSLerr macros. 2000-03-14 14:10:56 +00:00
Bodo Möller
7d2509b6df Update usage info 2000-03-13 19:30:59 +00:00
Bodo Möller
65b002f399 Update test suite so that 'make test' succeeds in 'no-rsa' configuration. 2000-03-13 19:24:39 +00:00
Bodo Möller
e11f0de67f Copy DH key (if available) in addition to the bare parameters 
in SSL_new.
If SSL_OP_SINGLE_DH_USE is set, don't waste time in SSL_[CTX_]set_tmp_dh
on computing a DH key that will be ignored anyway.

ssltest -dhe1024dsa (w/ 160-bit sub-prime) had an unfair performance
advantage over -dhe1024 (safe prime): SSL_OP_SINGLE_DH_USE was
effectively always enabled because SSL_new ignored the DH key set in
the SSL_CTX.  Now -dhe1024 takes the server only about twice as long
as -dhe1024dsa instead of three times as long (for 1024 bit RSA
with 1024 bit DH).
 2000-03-13 17:07:04 +00:00
Bodo Möller
563f1503a8 Connection timings (using ISO C function clock()). 2000-03-13 15:06:54 +00:00
Bodo Möller
863fe2ecac cleaning up a little 2000-03-12 23:27:14 +00:00
Bodo Möller
e458958280 Always use fixed DH parameters created with 'dhparam -C', 
don't dynamically create them.  This allows using ssltest
for approximate performance comparisons:
   $ time ./ssltest -num 50 -tls1 -cert ../apps/server2.pem \
     [-no_dhe|-dhe1024dsa|-dhe1024]
(server2.pem contains a 1024 bit RSA key, the default has only
512 bits.) Note that these timings contain both the server's and
the client's computations, they are not a good indicator for
server workload in different configurations.
 2000-03-10 13:23:20 +00:00
Bodo Möller
4013f3bf1e Fix the indentation, and avoid a compiler warning. 2000-03-06 10:21:57 +00:00
Richard Levitte
fe10275da8 Let's not lie to the people. 2000-03-06 07:31:17 +00:00
Bodo Möller
59fc2b0fc2 Preserve reason strings in automatically build tables. 2000-03-05 00:19:36 +00:00
Richard Levitte
cde28e18bf New logical names to skip algorithms are now supported. 2000-02-27 10:41:31 +00:00
Dr. Stephen Henson
8ab59e7a49 Fix shadow warning. 2000-02-26 02:16:36 +00:00
Richard Levitte
1e7396beeb Some time in history, SSL_CTX_sessions() disappeared. It is now 
restored, but not as a macro this time...
 2000-02-25 22:50:28 +00:00
Bodo Möller
87a025cbb4 Use unsigned loop index to make compilers happy 2000-02-25 16:36:07 +00:00
Bodo Möller
b08b07b8ae The previous revision should have generated _more_ warnings, not less ... 
The return value of handshake_func is signed, not unsigned.
 2000-02-25 15:32:36 +00:00
Geoff Thorpe
4621a00063 More VC++ pickiness. (destest.c doesn't have a "return" and the usual 
signed/unsigned stuff in s3_pkt.c)

Submitted by:
Reviewed by:
PR:
 2000-02-25 15:09:04 +00:00
Bodo Möller
3813046dc5 Add OpenSSL licen[cs]e. 2000-02-25 14:47:38 +00:00
Bodo Möller
e01eed0fae Fix off-by-one error :-) 2000-02-25 14:40:11 +00:00
Bodo Möller
e5599db448 Fix warnings by using unsigned int where appropriate. 2000-02-25 14:27:31 +00:00
Ulf Möller
a3b17baf4e signed/unsigned mismatch (VC++) 
Submitted by: Peter 'Luna' Runestig" <peter+openssl-users@runestig.com>
 2000-02-25 14:03:21 +00:00
Dr. Stephen Henson
fbb41ae0ad Allow code which calls RSA temp key callback to cope 
with a failure.

Fix typos in some error codes.
 2000-02-25 00:23:48 +00:00
Richard Levitte
29a5374fb6 Remove structures that are no longer used. 2000-02-24 14:00:05 +00:00
Ulf Möller
4d524e10b4 nicer manpages 2000-02-24 11:55:57 +00:00
Ralf S. Engelschall
c6a33c6f61 Add missing prototypes for new functions 2000-02-24 10:48:36 +00:00
Ulf Möller
4c5fac4ac4 Fix NO_RSA (misplaced #endif). 2000-02-24 04:41:03 +00:00
Richard Levitte
e6a58767c5 make update 2000-02-23 23:38:59 +00:00
Dr. Stephen Henson
3142c86d65 Allow ADH to be used but not present in the default cipher 
list.

Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.
 2000-02-23 01:11:01 +00:00
Dr. Stephen Henson
72b60351f1 Change EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md for 
the old functionality.

Various warning fixes.

Initial EVP symmetric cipher docs.
 2000-02-22 02:59:26 +00:00
Bodo Möller
1b8a8088a5 Workarounds to make broken programs happy (such as s_client and s_server). 2000-02-21 17:46:20 +00:00
Bodo Möller
a2a0158959 Fix some bugs and document others 2000-02-21 17:09:54 +00:00
Bodo Möller
e7ecc7d4dd Move ssl3_do_write from s3_pkt.c to s3_both.c. 2000-02-21 11:14:40 +00:00
Bodo Möller
745c70e565 Move MAC computations for Finished from ssl3_read_bytes into 
ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client.
 2000-02-21 10:16:30 +00:00
Richard Levitte
d3442bc780 Move the registration of callback functions to special functions 
designed for that.  This removes the potential error to mix data and
function pointers.

Please note that I'm a little unsure how incorrect calls to the old
ctrl functions should be handled, in som cases.  I currently return 0
and that's it, but it may be more correct to generate a genuine error
in those cases.
 2000-02-20 23:43:02 +00:00
Bodo Möller
dab6f09573 Workaround for irrelevant problem. 2000-02-20 23:40:01 +00:00
Bodo Möller
45206340d3 ignore Client Hellos when we're in handshake anyway 2000-02-20 23:35:31 +00:00
Bodo Möller
b35e9050f2 Tolerate fragmentation and interleaving in the SSL 3/TLS record layer. 2000-02-20 23:04:06 +00:00
Ben Laurie
c417db4675 Get rid of evil cast. 2000-02-17 09:39:22 +00:00
Dr. Stephen Henson
de469ef21e Fix for Netscape "hang" bug. 2000-02-15 14:19:44 +00:00
Dr. Stephen Henson
af57d84312 Rename SSLeay_add_all_algorithms() et al to 
OpenSSL_add_all_algorithms(). Move these into
separate files so they work properly.
 2000-02-04 14:01:38 +00:00
Bodo Möller
53002dc691 Report progress as in dsatest.c when creating a DHE key. 2000-02-04 11:21:18 +00:00
Bodo Möller
f50c049707 Use correct, not American spelling. 2000-02-04 00:56:09 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Dr. Stephen Henson
82fc1d9c28 Add new -notext option to 'ca', -pubkey option to spkac. 
Remove some "WTF??" casts from applications.

Fixes to keep VC++ happy and avoid warnings.

Docs tidy.
 2000-02-03 02:56:48 +00:00
Ulf Möller
51ca375e7e Seek out and destroy another evil cast. 2000-01-30 23:33:40 +00:00