Bodo Möller
7d2509b6df
Update usage info
2000-03-13 19:30:59 +00:00
Bodo Möller
65b002f399
Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
2000-03-13 19:24:39 +00:00
Bodo Möller
e11f0de67f
Copy DH key (if available) in addition to the bare parameters
...
in SSL_new.
If SSL_OP_SINGLE_DH_USE is set, don't waste time in SSL_[CTX_]set_tmp_dh
on computing a DH key that will be ignored anyway.
ssltest -dhe1024dsa (w/ 160-bit sub-prime) had an unfair performance
advantage over -dhe1024 (safe prime): SSL_OP_SINGLE_DH_USE was
effectively always enabled because SSL_new ignored the DH key set in
the SSL_CTX. Now -dhe1024 takes the server only about twice as long
as -dhe1024dsa instead of three times as long (for 1024 bit RSA
with 1024 bit DH).
2000-03-13 17:07:04 +00:00
Bodo Möller
563f1503a8
Connection timings (using ISO C function clock()).
2000-03-13 15:06:54 +00:00
Bodo Möller
863fe2ecac
cleaning up a little
2000-03-12 23:27:14 +00:00
Bodo Möller
e458958280
Always use fixed DH parameters created with 'dhparam -C',
...
don't dynamically create them. This allows using ssltest
for approximate performance comparisons:
$ time ./ssltest -num 50 -tls1 -cert ../apps/server2.pem \
[-no_dhe|-dhe1024dsa|-dhe1024]
(server2.pem contains a 1024 bit RSA key, the default has only
512 bits.) Note that these timings contain both the server's and
the client's computations, they are not a good indicator for
server workload in different configurations.
2000-03-10 13:23:20 +00:00
Bodo Möller
4013f3bf1e
Fix the indentation, and avoid a compiler warning.
2000-03-06 10:21:57 +00:00
Richard Levitte
fe10275da8
Let's not lie to the people.
2000-03-06 07:31:17 +00:00
Bodo Möller
59fc2b0fc2
Preserve reason strings in automatically build tables.
2000-03-05 00:19:36 +00:00
Richard Levitte
cde28e18bf
New logical names to skip algorithms are now supported.
2000-02-27 10:41:31 +00:00
Dr. Stephen Henson
8ab59e7a49
Fix shadow warning.
2000-02-26 02:16:36 +00:00
Richard Levitte
1e7396beeb
Some time in history, SSL_CTX_sessions() disappeared. It is now
...
restored, but not as a macro this time...
2000-02-25 22:50:28 +00:00
Bodo Möller
87a025cbb4
Use unsigned loop index to make compilers happy
2000-02-25 16:36:07 +00:00
Bodo Möller
b08b07b8ae
The previous revision should have generated _more_ warnings, not less ...
...
The return value of handshake_func is signed, not unsigned.
2000-02-25 15:32:36 +00:00
Geoff Thorpe
4621a00063
More VC++ pickiness. (destest.c doesn't have a "return" and the usual
...
signed/unsigned stuff in s3_pkt.c)
Submitted by:
Reviewed by:
PR:
2000-02-25 15:09:04 +00:00
Bodo Möller
3813046dc5
Add OpenSSL licen[cs]e.
2000-02-25 14:47:38 +00:00
Bodo Möller
e01eed0fae
Fix off-by-one error :-)
2000-02-25 14:40:11 +00:00
Bodo Möller
e5599db448
Fix warnings by using unsigned int where appropriate.
2000-02-25 14:27:31 +00:00
Ulf Möller
a3b17baf4e
signed/unsigned mismatch (VC++)
...
Submitted by: Peter 'Luna' Runestig" <peter+openssl-users@runestig.com>
2000-02-25 14:03:21 +00:00
Dr. Stephen Henson
fbb41ae0ad
Allow code which calls RSA temp key callback to cope
...
with a failure.
Fix typos in some error codes.
2000-02-25 00:23:48 +00:00
Richard Levitte
29a5374fb6
Remove structures that are no longer used.
2000-02-24 14:00:05 +00:00
Ulf Möller
4d524e10b4
nicer manpages
2000-02-24 11:55:57 +00:00
Ralf S. Engelschall
c6a33c6f61
Add missing prototypes for new functions
2000-02-24 10:48:36 +00:00
Ulf Möller
4c5fac4ac4
Fix NO_RSA (misplaced #endif).
2000-02-24 04:41:03 +00:00
Richard Levitte
e6a58767c5
make update
2000-02-23 23:38:59 +00:00
Dr. Stephen Henson
3142c86d65
Allow ADH to be used but not present in the default cipher
...
list.
Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.
2000-02-23 01:11:01 +00:00
Dr. Stephen Henson
72b60351f1
Change EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md for
...
the old functionality.
Various warning fixes.
Initial EVP symmetric cipher docs.
2000-02-22 02:59:26 +00:00
Bodo Möller
1b8a8088a5
Workarounds to make broken programs happy (such as s_client and s_server).
2000-02-21 17:46:20 +00:00
Bodo Möller
a2a0158959
Fix some bugs and document others
2000-02-21 17:09:54 +00:00
Bodo Möller
e7ecc7d4dd
Move ssl3_do_write from s3_pkt.c to s3_both.c.
2000-02-21 11:14:40 +00:00
Bodo Möller
745c70e565
Move MAC computations for Finished from ssl3_read_bytes into
...
ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client.
2000-02-21 10:16:30 +00:00
Richard Levitte
d3442bc780
Move the registration of callback functions to special functions
...
designed for that. This removes the potential error to mix data and
function pointers.
Please note that I'm a little unsure how incorrect calls to the old
ctrl functions should be handled, in som cases. I currently return 0
and that's it, but it may be more correct to generate a genuine error
in those cases.
2000-02-20 23:43:02 +00:00
Bodo Möller
dab6f09573
Workaround for irrelevant problem.
2000-02-20 23:40:01 +00:00
Bodo Möller
45206340d3
ignore Client Hellos when we're in handshake anyway
2000-02-20 23:35:31 +00:00
Bodo Möller
b35e9050f2
Tolerate fragmentation and interleaving in the SSL 3/TLS record layer.
2000-02-20 23:04:06 +00:00
Ben Laurie
c417db4675
Get rid of evil cast.
2000-02-17 09:39:22 +00:00
Dr. Stephen Henson
de469ef21e
Fix for Netscape "hang" bug.
2000-02-15 14:19:44 +00:00
Dr. Stephen Henson
af57d84312
Rename SSLeay_add_all_algorithms() et al to
...
OpenSSL_add_all_algorithms(). Move these into
separate files so they work properly.
2000-02-04 14:01:38 +00:00
Bodo Möller
53002dc691
Report progress as in dsatest.c when creating a DHE key.
2000-02-04 11:21:18 +00:00
Bodo Möller
f50c049707
Use correct, not American spelling.
2000-02-04 00:56:09 +00:00
Ulf Möller
657e60fa00
ispell (and minor modifications)
2000-02-03 23:23:24 +00:00
Dr. Stephen Henson
82fc1d9c28
Add new -notext option to 'ca', -pubkey option to spkac.
...
Remove some "WTF??" casts from applications.
Fixes to keep VC++ happy and avoid warnings.
Docs tidy.
2000-02-03 02:56:48 +00:00
Ulf Möller
51ca375e7e
Seek out and destroy another evil cast.
2000-01-30 23:33:40 +00:00
Ulf Möller
9d1a01be8f
Source code cleanups: Use void * rather than char * in lhash,
...
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
2000-01-30 22:20:28 +00:00
Bodo Möller
a87030a1ed
Make DSA_generate_parameters, and fix a couple of bug
...
(including another problem in the s3_srvr.c state machine).
2000-01-30 02:23:03 +00:00
Bodo Möller
52732b38da
Some comments added, and slight code clean-ups.
2000-01-26 22:36:55 +00:00
Bodo Möller
2557eaeac8
Avoid a race condition.
2000-01-24 17:57:56 +00:00
Dr. Stephen Henson
dd9d233e2a
Tidy up CRYPTO_EX_DATA structures.
2000-01-23 23:41:49 +00:00
Dr. Stephen Henson
64287002ce
Minor patch: check only match @STRENGTH and remove eNULL
...
comment.
Add documentation for the ciphers command including a full
description of cipher lists.
2000-01-22 23:34:44 +00:00
Dr. Stephen Henson
018e57c74d
Apply Lutz Behnke's 56 bit cipher patch with a few
...
minor changes.
Docs haven't been added at this stage. They are probably
best included in the 'ciphers' program docs.
2000-01-22 03:17:06 +00:00