wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8103 commits 20 branches 302 tags 153 MiB
Commit graph

30 commits

Author SHA1 Message Date
Ben Laurie
c2b78c31d6 First cut of renegotiation extension. 2009-11-08 14:51:54 +00:00
Dr. Stephen Henson
a1dc0336dd Re-revert (re-insert?) temporary change that made renegotiation work again 
and add a proper fix: specifically if it is a new session don't send the old
TLS ticket, send a zero length ticket to request a new session.
 2009-11-08 14:30:22 +00:00
Dr. Stephen Henson
2a8834cf89 Fix stateless session resumption so it can coexist with SNI 2009-10-30 13:28:07 +00:00
Dr. Stephen Henson
197ab47bdd PR: 2028 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.
 2009-09-04 17:53:30 +00:00
Dr. Stephen Henson
5d577d7eb0 Update from 1.0.0-stable. 2009-04-28 22:02:16 +00:00
Dr. Stephen Henson
8f59c61d1d If tickets disabled behave as if no ticket received to support 
stateful resume.
 2008-09-03 22:13:04 +00:00
Mark J. Cox
d3b3a6d389 Fix double-free in TLS server name extensions which could lead to a remote 
crash found by Codenomicon TLS test suite (CVE-2008-0891)

Reviewed by: openssl-security@openssl.org

Obtained from: jorton@redhat.com
 2008-05-28 07:26:33 +00:00
Dr. Stephen Henson
db533c96e3 TLS ticket key setting callback: this allows and application to set 
its own TLS ticket keys.
 2008-04-30 16:11:33 +00:00
Dr. Stephen Henson
5f95651316 Ensure the ticket expected flag is reset when a stateless resumption is 
successful.
 2007-10-18 11:39:11 +00:00
Dr. Stephen Henson
a523276786 Backport certificate status request TLS extension support to 0.9.8. 2007-10-12 00:00:36 +00:00
Bodo Möller
4ab0088bfe More changes from HEAD: 
- no need to disable SSL 2.0 for SSL_CTRL_SET_TLSEXT_HOSTNAME
  now that ssl23_client_hello takes care of that

- fix buffer overrun checks in ssl_add_serverhello_tlsext()
 2007-09-21 14:05:08 +00:00
Dr. Stephen Henson
3bd1690bfb Fixes from HEAD. 2007-09-21 13:40:51 +00:00
Dr. Stephen Henson
afdbadc704 Update from HEAD. 2007-08-20 12:44:22 +00:00
Dr. Stephen Henson
865a90eb4f Backport of TLS extension code to OpenSSL 0.9.8. 
Include server name and RFC4507bis support.

This is not compiled in by default and must be explicitly enabled with
the Configure option enable-tlsext
 2007-08-12 18:59:03 +00:00
Dr. Stephen Henson
4479ce9c1c Update from HEAD. 2007-01-21 16:07:25 +00:00
Dr. Stephen Henson
222f224664 Initialize SSL_METHOD structures at compile time. This removes the need 
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
 2005-08-05 23:52:08 +00:00
Ben Laurie
36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00
Ben Laurie
41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Richard Levitte
d3442bc780 Move the registration of callback functions to special functions 
designed for that.  This removes the potential error to mix data and
function pointers.

Please note that I'm a little unsure how incorrect calls to the old
ctrl functions should be handled, in som cases.  I currently return 0
and that's it, but it may be more correct to generate a genuine error
in those cases.
 2000-02-20 23:43:02 +00:00
Ulf Möller
9d1a01be8f Source code cleanups: Use void * rather than char * in lhash, 
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
 2000-01-30 22:20:28 +00:00
Ulf Möller
de808df47b Cosmetic changes. 1999-09-29 22:14:47 +00:00
Bodo Möller
ec577822f9 Change #include filenames from <foo.h> to <openssl.h>. 
Submitted by:
Reviewed by:
PR:
 1999-04-23 22:13:45 +00:00
Ulf Möller
6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Ben Laurie
b4cadc6e13 Fix security hole. 1999-03-22 12:22:14 +00:00
Ralf S. Engelschall
9cb0969f65 Fix version stuff: 
1. The already released version was 0.9.1c and not 0.9.1b

2. The next release should be 0.9.2 and not 0.9.1d, because
   first the changes are already too large, second we should avoid any more
   0.9.1x confusions and third, the Apache version semantics of
   VERSION.REVISION.PATCHLEVEL for the version string is reasonable (and here
   .2 is already just a patchlevel and not major change).
tVS: ----------------------------------------------------------------------
 1998-12-31 09:36:40 +00:00
Ralf S. Engelschall
320a14cb5b *** empty log message *** 1998-12-23 12:09:47 +00:00
Ralf S. Engelschall
5f32680329 Switch version string to SSLeay/OpenSSL 1998-12-23 07:53:55 +00:00
Ralf S. Engelschall
651d0aff98 Various cleanups and fixed by Marc and Ralf to start the OpenTLS project 1998-12-22 15:04:48 +00:00
Ralf S. Engelschall
dfeab0689f Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00