Commit graph

10684 commits

Author SHA1 Message Date
Dr. Stephen Henson
b9e1488865 typo 2011-12-23 15:03:03 +00:00
Dr. Stephen Henson
e43bfb2906 recognise DECLARE_PEM_write_const, update ordinals 2011-12-23 14:58:30 +00:00
Dr. Stephen Henson
9c52c3e07c delete unimplemented function from header file, update ordinals 2011-12-23 14:09:30 +00:00
Dr. Stephen Henson
1394b29120 sync and update ordinals 2011-12-22 16:11:47 +00:00
Dr. Stephen Henson
b646fc409d remove prototype for deleted SRP function 2011-12-22 16:05:02 +00:00
Dr. Stephen Henson
f9b0b45238 New ctrl values to clear or retrieve extra chain certs from an SSL_CTX.
New function to retrieve compression method from SSL_SESSION structure.

Delete SSL_SESSION_get_id_len and SSL_SESSION_get0_id functions
as they duplicate functionality of SSL_SESSION_get_id. Note: these functions
have never appeared in any release version of OpenSSL.
2011-12-22 15:14:32 +00:00
Dr. Stephen Henson
ad89bf7894 PR: 2563
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve

Improved PRNG seeding for VOS.
2011-12-19 17:01:37 +00:00
Andy Polyakov
e75440d2c9 update CHANGES. 2011-12-19 14:48:49 +00:00
Dr. Stephen Henson
188c53f7e8 update CHANGES 2011-12-19 14:41:03 +00:00
Andy Polyakov
7aba22ba28 apps/speed.c: fix typo in last commit. 2011-12-19 14:33:09 +00:00
Andy Polyakov
bdba45957a apps/speed.c: Cygwin alarm() fails sometimes.
PR: 2655
2011-12-15 22:30:03 +00:00
Andy Polyakov
0e1467a64c vpaes-x86.pl: revert previous commit and solve the problem through x86masm.pl.
PR: 2657
2011-12-15 22:20:05 +00:00
Dr. Stephen Henson
f2fc30751e PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Remove unnecessary code for srp and to add some comments to
s_client.

- the callback to provide a user during client connect is
no longer necessary since rfc 5054 a connection attempt
with an srp cipher and no user is terminated when the
cipher is acceptable

- comments to indicate in s_client the (non-)usefulness of
th primalaty tests for non known group parameters.
2011-12-14 22:17:06 +00:00
Dr. Stephen Henson
1bfdb34f70 Add private keys and generation scripts for test certificates in apps
directory.
2011-12-14 22:14:47 +00:00
Andy Polyakov
405edfdcab vpaes-x86.pl: portability fix.
PR: 2657
2011-12-14 21:29:32 +00:00
Ben Laurie
3c0ff9f939 Remove redundant TLS exporter. 2011-12-13 15:57:39 +00:00
Ben Laurie
b9ef708e40 Padlock engine doesn't build (the asm parts are not built for some reason),
so remove for now.
2011-12-13 15:56:40 +00:00
Ben Laurie
e166891e0d Fix warning. 2011-12-13 15:55:35 +00:00
Ben Laurie
9a436c0f89 Back out redundant verification time change. 2011-12-13 15:00:43 +00:00
Ben Laurie
7fd5df6b12 Make it possible to set a time for verification. 2011-12-13 14:38:12 +00:00
Andy Polyakov
8c98b2591f modexp512-x86_64.pl: Solaris protability fix.
PR: 2656
2011-12-12 15:10:14 +00:00
Dr. Stephen Henson
be16cc23c6 detect and use older PKITS data 2011-12-11 16:39:25 +00:00
Dr. Stephen Henson
4fa35e7336 Updates from fips2 branch: close streams in test utilities, use cofactor ECDH
add new key and signature generation tests to fips_test_suite.
2011-12-10 13:38:34 +00:00
Dr. Stephen Henson
a3a2e3a43d add cofactor ECDH support from fips branch 2011-12-10 13:35:11 +00:00
Dr. Stephen Henson
67ef4f63f1 use different names for asm temp files to avoid problems on some platforms 2011-12-10 13:29:38 +00:00
Dr. Stephen Henson
3bfe583b8d add commented out option to allow use of older PKITS data 2011-12-10 00:49:55 +00:00
Dr. Stephen Henson
627b044536 update CHANGES 2011-12-10 00:49:05 +00:00
Dr. Stephen Henson
16363c0165 implement -attime option as a verify parameter then it works with all relevant applications 2011-12-10 00:37:22 +00:00
Andy Polyakov
7ffa48ad38 perlasm/x86gas.pl: give a hand old assemblers assembling loop instruction. 2011-12-09 19:16:20 +00:00
Andy Polyakov
5711dd8eac x86-mont.pl: fix bug in integer-only squaring path.
PR: 2648
2011-12-09 14:21:25 +00:00
Dr. Stephen Henson
990390ab52 Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
Dr. Stephen Henson
2ca873e8d8 transparently handle X9.42 DH parameters 2011-12-07 12:44:03 +00:00
Dr. Stephen Henson
7a2362611f fix error discrepancy 2011-12-07 12:28:40 +00:00
Dr. Stephen Henson
618eb125f0 Document RFC5114 "generation" options. 2011-12-07 00:42:22 +00:00
Dr. Stephen Henson
afb14cda8c Initial experimental support for X9.42 DH parameter format to handle
RFC5114 parameters and X9.42 DH public and private keys.
2011-12-07 00:32:34 +00:00
Dr. Stephen Henson
df0cdf4ceb The default CN prompt message can be confusing when often the CN needs to
be the server FQDN: change it.
[Reported by PSW Group]
2011-12-06 00:00:30 +00:00
Bodo Möller
19b0d0e75b Resolve a stack set-up race condition (if the list of compression
methods isn't presorted, it will be sorted on first read).

Submitted by: Adam Langley
2011-12-02 12:52:00 +00:00
Bodo Möller
ea8c77a55b Fix ecdsatest.c.
Submitted by: Emilia Kasper
2011-12-02 12:41:17 +00:00
Bodo Möller
a7c71d8955 Update HEAD CHANGES file. 2011-12-02 12:28:20 +00:00
Bodo Möller
390c579568 Fix BIO_f_buffer().
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
2011-12-02 12:25:03 +00:00
Dr. Stephen Henson
0798170966 Update DH_check() to peform sensible checks when q parameter is present. 2011-12-01 17:27:36 +00:00
Dr. Stephen Henson
28ff14779e Correct some parameter values. 2011-12-01 17:26:58 +00:00
Andy Polyakov
6600126825 bn/asm/mips.pl: fix typos. 2011-12-01 12:16:09 +00:00
Dr. Stephen Henson
f6c0bd641c return error if counter exceeds limit and seed value supplied 2011-11-25 16:03:42 +00:00
Dr. Stephen Henson
ea7fe214c4 check counter value against 4 * L, not 4096 2011-11-25 15:01:23 +00:00
Dr. Stephen Henson
ebba6c4895 PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Make SRP conformant to rfc 5054.

Changes are:

- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.
2011-11-25 00:17:44 +00:00
Bodo Möller
6f31dd72d2 Fix NPN implementation for renegotiation.
(Problem pointed out by Ben Murphy.)

Submitted by: Adam Langley
2011-11-24 21:07:01 +00:00
Dr. Stephen Henson
4521eda739 sync and update ordinals 2011-11-22 14:46:09 +00:00
Dr. Stephen Henson
5b6aaac9e6 add cryptlib.h to mkdef.pl 2011-11-22 14:44:58 +00:00
Dr. Stephen Henson
8ce6421803 sync and update ordinals 2011-11-21 22:57:41 +00:00