Commit graph

394 commits

Author SHA1 Message Date
Dr. Stephen Henson
a2317c3ffd fix error discrepancy 2014-02-09 21:12:12 +00:00
Dr. Stephen Henson
295fd057ce fix error number clash 2014-02-09 19:57:27 +00:00
Ben Laurie
8acf1ff4b4 More cleanup.
(cherry picked from commit 5eda213ebe)
Conflicts:
	apps/s_client.c
	apps/s_server.c
2014-02-09 08:07:04 -08:00
Ben Laurie
130ebe34c8 Fix whitespace, new-style comments. 2014-02-08 16:19:30 -08:00
Scott Deboy
7612511b3b Re-add alert variables removed during rebase
Whitespace fixes

(cherry picked from commit e9add063b5)
Conflicts:
	ssl/s3_clnt.c
2014-02-08 16:19:01 -08:00
Scott Deboy
fc213217e8 Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert.
If multiple TLS extensions are expected but not received, the TLS extension and supplemental data 'generate' callbacks are the only chance for the receive-side to trigger a specific TLS alert during the handshake.

Removed logic which no-op'd TLS extension generate callbacks (as the generate callbacks need to always be called in order to trigger alerts), and updated the serverinfo-specific custom TLS extension callbacks to track which custom TLS extensions were received by the client, where no-ops for 'generate' callbacks are appropriate.

(cherry picked from commit ac20719d99)
Conflicts:
	ssl/t1_lib.c
2014-02-08 16:17:24 -08:00
Scott Deboy
038bec784e Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.

(cherry picked from commit 36086186a9)
Conflicts:
	Configure
	apps/s_client.c
	apps/s_server.c
	ssl/ssl.h
	ssl/ssl3.h
	ssl/ssltest.c
2014-02-08 16:12:15 -08:00
Dr. Stephen Henson
c41e242e5c Return previous compression methods when setting them.
(cherry picked from commit b45e874d7c)
2014-02-06 13:58:18 +00:00
Dr. Stephen Henson
e0d4272a58 Return per-certificate chain if extra chain is NULL.
If an application calls the macro SSL_CTX_get_extra_chain_certs
return either the old "shared" extra certificates or those associated
with the current certificate.

This means applications which call SSL_CTX_use_certificate_chain_file
and retrieve the additional chain using SSL_CTX_get_extra_chain_certs
will still work. An application which only wants to check the shared
extra certificates can call the new macro
SSL_CTX_get_extra_chain_certs_only
(cherry picked from commit a51f767645)
2014-02-05 17:06:56 +00:00
Dr. Stephen Henson
e2f06800bc New ctrl to set current certificate.
New ctrl sets current certificate based on certain criteria. Currently
two options: set the first valid certificate as current and set the
next valid certificate as current. Using these an application can
iterate over all certificates in an SSL_CTX or SSL structure.
(cherry picked from commit 0f78819c8c)
2014-02-02 23:12:06 +00:00
Dr. Stephen Henson
9f1979b94a New function to set compression methods so they can be safely freed.
(cherry picked from commit cbb6744827)
2014-01-27 14:32:44 +00:00
Dr. Stephen Henson
c4f01c533b Add new function SSL_CTX_get_ssl_method().
Partial fix for PR#3183.
(cherry picked from commit ba168244a1)
2014-01-16 14:08:42 +00:00
Dr. Stephen Henson
b17d6b8d1d Restore SSL_OP_MSIE_SSLV2_RSA_PADDING
The flag SSL_OP_MSIE_SSLV2_RSA_PADDING hasn't done anything since OpenSSL
0.9.7h but deleting it will break source compatibility with any software
that references it. Restore it but #define to zero.
2014-01-04 13:58:51 +00:00
Dr. Stephen Henson
bf4863b3f5 Verify parameter retrieval functions.
New functions to retrieve internal pointers to X509_VERIFY_PARAM
for SSL_CTX and SSL structures.
2013-12-13 15:29:26 +00:00
Dr. Stephen Henson
6859f3fc12 Fix warnings. 2013-12-01 23:08:13 +00:00
Dr. Stephen Henson
2a1b7bd380 New functions to retrieve certificate from SSL_CTX
New functions to retrieve current certificate or private key
from an SSL_CTX.

Constify SSL_get_private_key().
(cherry picked from commit a25f9adc77)
2013-11-18 18:59:18 +00:00
Dr. Stephen Henson
4bba0bda61 Don't define SSL_select_next_proto if OPENSSL_NO_TLSEXT set
(cherry picked from commit 60aeb18750)
2013-11-18 18:59:03 +00:00
Piotr Sikora
edc687ba0f Fix compilation with no-nextprotoneg.
PR#3106
2013-11-14 01:20:58 +00:00
Rob Stradling
dc4bdf592f Additional "chain_cert" functions.
PR#3169

This patch, which currently applies successfully against master and
1_0_2, adds the following functions:

SSL_[CTX_]select_current_cert() - set the current certificate without
disturbing the existing structure.

SSL_[CTX_]get0_chain_certs() - get the current certificate's chain.

SSL_[CTX_]clear_chain_certs() - clear the current certificate's chain.

The patch also adds these functions to, and fixes some existing errors
in, SSL_CTX_add1_chain_cert.pod.
(cherry picked from commit 2f56c9c015dbca45379c9a725915b3b8e765a119)
2013-11-13 23:47:37 +00:00
Dr. Stephen Henson
044f8ca87d Extend SSL_CONF
Extend SSL_CONF to return command value types.

Add certificate and key options.

Update documentation.
(cherry picked from commit ec2f7e568e)
2013-11-02 13:41:19 +00:00
Nick Mathewson
d757097bbc Do not include a timestamp in the Client/ServerHello Random field.
Instead, send random bytes, unless SSL_SEND_{CLIENT,SERVER}RANDOM_MODE
is set.

This is a forward-port of commits:
  4af793036f
  f4c93b46ed
  3da721dac9
  2583270191

While the gmt_unix_time record was added in an ostensible attempt to
mitigate the dangers of a bad RNG, its presence leaks the host's view
of the current time in the clear.  This minor leak can help
fingerprint TLS instances across networks and protocols... and what's
worse, it's doubtful thet the gmt_unix_time record does any good at
all for its intended purpose, since:

    * It's quite possible to open two TLS connections in one second.

    * If the PRNG output is prone to repeat itself, ephemeral
      handshakes (and who knows what else besides) are broken.
2013-10-20 15:03:24 -07:00
Ben Laurie
63fe322160 Merge remote-tracking branch 'agl/1.0.2alpn' into agl-alpn
Conflicts:
	ssl/ssl3.h
	ssl/t1_lib.c
2013-10-01 12:20:02 +01:00
Ben Laurie
379f21ce5c Show useful errors. 2013-09-24 23:13:22 +01:00
Dr. Stephen Henson
d307176931 Suite B support for DTLS 1.2
Check for Suite B support using method flags instead of version numbers:
anything supporting TLS 1.2 cipher suites will also support Suite B.

Return an error if an attempt to use DTLS 1.0 is made in Suite B mode.
(cherry picked from commit 4544f0a691)
2013-09-18 13:46:03 +01:00
Dr. Stephen Henson
65a87d3cc3 Dual DTLS version methods.
Add new methods DTLS_*_method() which support both DTLS 1.0 and DTLS 1.2 and
pick the highest version the peer supports during negotiation.

As with SSL/TLS options can change this behaviour specifically
SSL_OP_NO_DTLSv1 and SSL_OP_NO_DTLSv1_2.
(cherry picked from commit c6913eeb76)

Conflicts:

	CHANGES
2013-09-18 13:46:02 +01:00
Dr. Stephen Henson
acec5a6244 Provisional DTLS 1.2 support.
Add correct flags for DTLS 1.2, update s_server and s_client to handle
DTLS 1.2 methods.

Currently no support for version negotiation: i.e. if client/server selects
DTLS 1.2 it is that or nothing.
(cherry picked from commit c3b344e36a)

Conflicts:

	apps/s_server.c
2013-09-18 13:46:02 +01:00
Rob Stradling
07df5018be Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
2013-09-16 14:03:21 +01:00
Adam Langley
b0d6f3c58f Support ALPN.
This change adds support for ALPN[1] in OpenSSL. ALPN is the IETF
blessed version of NPN and we'll be supporting both ALPN and NPN for
some time yet.

Cherry-picked from 6f017a8f9d.

[1] https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-00
2013-09-13 11:27:22 -04:00
Trevor
e27711cfdd Trying cherrypick:
Add support for arbitrary TLS extensions.

Contributed by Trevor Perrin.

Conflicts:

	CHANGES
	ssl/ssl.h
	ssl/ssltest.c
	test/testssl

Fix compilation due to #endif.

Cherrypicking more stuff.

Cleanup of custom extension stuff.

serverinfo rejects non-empty extensions.

Omit extension if no relevant serverinfo data.

Improve error-handling in serverinfo callback.

Cosmetic cleanups.

s_client documentation.

s_server documentation.

SSL_CTX_serverinfo documentation.

Cleaup -1 and NULL callback handling for custom extensions, add tests.

Cleanup ssl_rsa.c serverinfo code.

Whitespace cleanup.

Improve comments in ssl.h for serverinfo.

Whitespace.

Cosmetic cleanup.

Reject non-zero-len serverinfo extensions.

Whitespace.

Make it build.

Conflicts:

	test/testssl
2013-07-03 11:53:30 +01:00
Ben Laurie
83e2ff8c51 Fix missing/incorrect prototype. 2013-06-04 16:17:30 +01:00
Andy Polyakov
e815d72b1f RFC6689 support: add missing commit (git noob alert). 2013-05-15 20:41:51 +02:00
Dr. Stephen Henson
50b5966e57 Add support for broken protocol tests (backport from master branch) 2013-01-15 16:18:13 +00:00
Dr. Stephen Henson
49ef33fa34 add SSL_CONF functions and documentation (backport from HEAD) 2012-12-29 13:30:56 +00:00
Dr. Stephen Henson
bc200e691c SSL/TLS record tracing code (backport from HEAD). 2012-12-26 22:40:46 +00:00
Dr. Stephen Henson
78b5d89ddf Add support for printing out and retrieving EC point formats extension.
(backport from HEAD)
2012-12-26 18:13:49 +00:00
Dr. Stephen Henson
b79df62eff return error if Suite B mode is selected and TLS 1.2 can't be used.
(backport from HEAD)
2012-12-26 17:39:02 +00:00
Dr. Stephen Henson
1520e6c084 Add ctrl and utility functions to retrieve raw cipher list sent by client in
client hello message. Previously this could only be retrieved on an initial
connection and it was impossible to determine the cipher IDs of any uknown
ciphersuites.
(backport from HEAD)
2012-12-26 16:25:06 +00:00
Dr. Stephen Henson
2001129f09 new ctrl to retrive value of received temporary key in server key exchange message, print out details in s_client
(backport from HEAD)
2012-12-26 16:23:36 +00:00
Dr. Stephen Henson
a50ecaee56 store and print out message digest peer signed with in TLS 1.2
(backport from HEAD)
2012-12-26 16:23:13 +00:00
Dr. Stephen Henson
67d9dcf003 perform sanity checks on server certificate type as soon as it is received instead of waiting until server key exchange
(backport from HEAD)
2012-12-26 16:22:19 +00:00
Dr. Stephen Henson
79dcae32ef give more meaningful error if presented with wrong certificate type by server
(backport from HEAD)
2012-12-26 16:18:15 +00:00
Dr. Stephen Henson
ccf6a19e2d Add three Suite B modes to TLS code, supporting RFC6460.
(backport from HEAD)
2012-12-26 16:17:40 +00:00
Dr. Stephen Henson
6660baee66 Make tls1_check_chain return a set of flags indicating checks passed
by a certificate chain. Add additional tests to handle client
certificates: checks for matching certificate type and issuer name
comparison.

Print out results of checks for each candidate chain tested in
s_server/s_client.
(backport from HEAD)
2012-12-26 15:27:44 +00:00
Dr. Stephen Henson
25d4c9254c Abort handshake if signature algorithm used not supported by peer.
(backport from HEAD)
2012-12-26 15:27:24 +00:00
Dr. Stephen Henson
44adfeb6c0 check EC tmp key matches preferences
(backport from HEAD)
2012-12-26 15:27:04 +00:00
Dr. Stephen Henson
5ff2ef79e6 typo 2012-12-26 15:23:16 +00:00
Dr. Stephen Henson
b762acadeb Add support for certificate stores in CERT structure. This makes it
possible to have different stores per SSL structure or one store in
the parent SSL_CTX. Include distint stores for certificate chain
verification and chain building. New ctrl SSL_CTRL_BUILD_CERT_CHAIN
to build and store a certificate chain in CERT structure: returing
an error if the chain cannot be built: this will allow applications
to test if a chain is correctly configured.

Note: if the CERT based stores are not set then the parent SSL_CTX
store is used to retain compatibility with existing behaviour.
(backport from HEAD)
2012-12-26 15:21:53 +00:00
Dr. Stephen Henson
a897502cd9 Add new ctrl to retrieve client certificate types, print out
details in s_client.

Also add ctrl to set client certificate types. If not used sensible values
will be included based on supported signature algorithms: for example if
we don't include any DSA signing algorithms the DSA certificate type is
omitted.

Fix restriction in old code where certificate types would be truncated
if it exceeded TLS_CT_NUMBER.
(backport from HEAD)
2012-12-26 14:51:37 +00:00
Dr. Stephen Henson
731abd3bd7 new function SSL_is_server to which returns 1 is the corresponding SSL context is for a server
(backport from HEAD)
2012-12-26 14:45:46 +00:00
Dr. Stephen Henson
04c32cddaa Separate client and server permitted signature algorithm support: by default
the permitted signature algorithms for server and client authentication
are the same but it is now possible to set different algorithms for client
authentication only.
(backport from HEAD)
2012-12-26 14:44:56 +00:00
Dr. Stephen Henson
623a5e24cb Add certificate callback. If set this is called whenever a certificate
is required by client or server. An application can decide which
certificate chain to present based on arbitrary criteria: for example
supported signature algorithms. Add very simple example to s_server.
This fixes many of the problems and restrictions of the existing client
certificate callback: for example you can now clear existing certificates
and specify the whole chain.
(backport from HEAD)
2012-12-26 14:43:51 +00:00
Dr. Stephen Henson
484f876235 Add new "valid_flags" field to CERT_PKEY structure which determines what
the certificate can be used for (if anything). Set valid_flags field
in new tls1_check_chain function. Simplify ssl_set_cert_masks which used
to have similar checks in it.

Add new "cert_flags" field to CERT structure and include a "strict mode".
This enforces some TLS certificate requirements (such as only permitting
certificate signature algorithms contained in the supported algorithms
extension) which some implementations ignore: this option should be used
with caution as it could cause interoperability issues.
(backport from HEAD)
2012-12-26 14:26:53 +00:00
Dr. Stephen Henson
c70a1fee71 Reorganise supported signature algorithm extension processing.
Only store encoded versions of peer and configured signature algorithms.
Determine shared signature algorithms and cache the result along with NID
equivalents of each algorithm.
(backport from HEAD)
2012-12-26 14:26:16 +00:00
Dr. Stephen Henson
0b362de5f5 Add support for application defined signature algorithms for use with
TLS v1.2. These are sent as an extension for clients and during a certificate
request for servers.

TODO: add support for shared signature algorithms, respect shared algorithms
when deciding which ciphersuites and certificates to permit.
(backport from HEAD)
2012-12-26 14:25:29 +00:00
Dr. Stephen Henson
d312f7be37 Make it possible to delete all certificates from an SSL structure.
(backport from HEAD)
2012-12-26 14:18:50 +00:00
Ben Laurie
835d104f46 Rearrange and test authz extension. 2012-06-07 13:20:20 +00:00
Ben Laurie
68d2cf51bc Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
Ben Laurie
19eedffcaf Don't insert in the middle. 2012-05-29 18:58:43 +00:00
Ben Laurie
8a02a46a5c RFC 5878 support. 2012-05-29 17:27:48 +00:00
Dr. Stephen Henson
a6df6702c6 Change value of SSL_OP_NO_TLSv1_1 to avoid clash with SSL_OP_ALL and
OpenSSL 1.0.0. Add CHANGES entry noting the consequences.
2012-04-25 23:06:31 +00:00
Dr. Stephen Henson
fe9ce2b7d6 Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Improved localisation of TLS extension handling and code tidy.
2012-04-24 12:15:17 +00:00
Dr. Stephen Henson
f897fe4146 correct error code 2012-04-18 15:17:39 +00:00
Dr. Stephen Henson
e46c807e4f Add support for automatic ECDH temporary key parameter selection. When
enabled instead of requiring an application to hard code a (possibly
inappropriate) parameter set and delve into EC internals we just
automatically use the preferred curve.
(backport from HEAD)
2012-04-06 20:15:50 +00:00
Dr. Stephen Henson
6b870763ac Initial revision of ECC extension handling.
Tidy some code up.

Don't allocate a structure to handle ECC extensions when it is used for
default values.

Make supported curves configurable.

Add ctrls to retrieve shared curves: not fully integrated with rest of
ECC code yet.
(backport from HEAD)
2012-04-06 20:12:35 +00:00
Dr. Stephen Henson
5505818199 New ctrls to retrieve supported signature algorithms and curves and
extensions to s_client and s_server to print out retrieved valued.

Extend CERT structure to cache supported signature algorithm data.
(backport from HEAD)
2012-04-06 19:29:49 +00:00
Dr. Stephen Henson
37b16c84bb Add support for distinct certificate chains per key type and per SSL
structure.

Before this the only way to add a custom chain was in the parent SSL_CTX
(which is shared by all key types and SSL structures) or rely on auto
chain building (which is performed on each handshake) from the trust store.
(backport from HEAD)
2012-04-06 17:22:48 +00:00
Dr. Stephen Henson
736d69750d Backport: tidy/enhance certificate chain output code (from HEAD) 2012-04-06 11:58:17 +00:00
Dr. Stephen Henson
0ffa49970b Backport support for fixed DH ciphersuites (from HEAD) 2012-04-06 11:33:12 +00:00
Dr. Stephen Henson
f1fa05b407 ABI compliance fixes.
Move new structure fields to end of structures.

Import library codes from 1.0.0 and recreate new ones.
2012-02-22 14:01:44 +00:00
Dr. Stephen Henson
943cc09d8a Submitted by: Eric Rescorla <ekr@rtfm.com>
Fix encoding of use_srtp extension to be compliant with RFC5764
2012-02-10 00:03:37 +00:00
Dr. Stephen Henson
aaa3850ccd Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) 2012-01-04 23:07:54 +00:00
Dr. Stephen Henson
bd6941cfaa PR: 2658
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Support for TLS/DTLS heartbeats.
2011-12-31 23:00:36 +00:00
Dr. Stephen Henson
60553cc209 typo 2011-12-23 15:03:16 +00:00
Dr. Stephen Henson
2d4c9ab518 delete unimplemented function from header file, update ordinals 2011-12-23 14:10:35 +00:00
Dr. Stephen Henson
242f8d644c remove prototype for deleted SRP function 2011-12-22 16:01:23 +00:00
Dr. Stephen Henson
f5575cd167 New ctrl values to clear or retrieve extra chain certs from an SSL_CTX.
New function to retrieve compression method from SSL_SESSION structure.

Delete SSL_SESSION_get_id_len and SSL_SESSION_get0_id functions
as they duplicate functionality of SSL_SESSION_get_id. Note: these functions
have never appeared in any release version of OpenSSL.
2011-12-22 15:01:16 +00:00
Dr. Stephen Henson
b8a22c40e0 PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Remove unnecessary code for srp and to add some comments to
s_client.

- the callback to provide a user during client connect is
no longer necessary since rfc 5054 a connection attempt
with an srp cipher and no user is terminated when the
cipher is acceptable

- comments to indicate in s_client the (non-)usefulness of
th primalaty tests for non known group parameters.
2011-12-14 22:18:03 +00:00
Ben Laurie
96fe35e7d4 Remove redundant TLS exporter. 2011-12-13 14:35:12 +00:00
Ben Laurie
a0cf79e841 Fix exporter. 2011-12-02 16:49:32 +00:00
Dr. Stephen Henson
2c7d978c2d PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Make SRP conformant to rfc 5054.

Changes are:

- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.
2011-11-25 00:18:10 +00:00
Ben Laurie
b1d7429186 Add TLS exporter. 2011-11-15 23:51:22 +00:00
Ben Laurie
060a38a2c0 Add DTLS-SRTP. 2011-11-15 23:02:16 +00:00
Ben Laurie
68b33cc5c7 Add Next Protocol Negotiation. 2011-11-13 21:55:42 +00:00
Bodo Möller
3c3f025923 Fix session handling. 2011-09-05 13:36:55 +00:00
Bodo Möller
5ff6e2dfbb Fix d2i_SSL_SESSION. 2011-09-05 13:31:07 +00:00
Dr. Stephen Henson
aed53d6c5a Backport GCM support from HEAD. 2011-08-04 11:13:28 +00:00
Dr. Stephen Henson
c8c6e9ecd9 Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support and
prohibit use of these ciphersuites for TLS < 1.2
2011-07-25 21:45:17 +00:00
Dr. Stephen Henson
376838a606 Process signature algorithms during TLS v1.2 client authentication.
Make sure message is long enough for signature algorithms.

(backport from HEAD).
2011-05-12 17:44:59 +00:00
Dr. Stephen Henson
9472baae0d Backport TLS v1.2 support from HEAD.
This includes TLS v1.2 server and client support but at present
client certificate support is not implemented.
2011-05-11 13:37:52 +00:00
Dr. Stephen Henson
74096890ba Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN
all ssl related structures are opaque and internals cannot be directly
accessed. Many applications will need some modification to support this and
most likely some additional functions added to OpenSSL.

The advantage of this option is that any application supporting it will still
be binary compatible if SSL structures change.

(backport from HEAD).
2011-05-11 12:56:38 +00:00
Dr. Stephen Henson
3393e0c02c Fix SRP error codes (from HEAD). 2011-03-16 16:55:12 +00:00
Ben Laurie
a149b2466e Add SRP. 2011-03-16 11:26:40 +00:00
Dr. Stephen Henson
c6dd154b3e oops, revert previous patch 2010-08-27 12:10:12 +00:00
Dr. Stephen Henson
35cae95032 PR: 1833
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix other cases not covered by original patch.
2010-08-27 11:57:42 +00:00
Dr. Stephen Henson
48ae85b6ff PR: 1833
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Support for abbreviated handshakes when renegotiating.
2010-08-26 14:22:40 +00:00
Dr. Stephen Henson
53e7985c8d PR: 1830
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson

Support for RFC5705 key extractor.
2010-07-18 17:39:46 +00:00
Dr. Stephen Henson
b4b15f68c0 Backport TLS v1.1 support from HEAD, ssl/ changes 2010-06-27 14:22:11 +00:00
Dr. Stephen Henson
eb17330837 Updates to conform with draft-ietf-tls-renegotiation-03.txt:
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
2010-01-06 17:37:38 +00:00
Dr. Stephen Henson
1f67a3a985 compress_meth should be unsigned 2010-01-05 16:46:39 +00:00
Dr. Stephen Henson
4cba294d79 Client side compression algorithm sanity checks: ensure old compression
algorithm matches current and give error if compression is disabled and
server requests it (shouldn't happen unless server is broken).
2010-01-01 14:39:51 +00:00