wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9157 commits 20 branches 302 tags 153 MiB
Commit graph

1026 commits

Author SHA1 Message Date
Dr. Stephen Henson
6cef3a7f9c Servers can't end up talking SSLv2 with legacy renegotiation disabled 2009-11-18 15:09:44 +00:00
Dr. Stephen Henson
4d09323a63 Don't use SSLv2 compatible client hello if we don't tolerate legacy renegotiation 2009-11-18 14:45:48 +00:00
Dr. Stephen Henson
64abf5e657 Include a more meaningful error message when rejecting legacy renegotiation 2009-11-18 14:20:21 +00:00
Richard Levitte
0a02d1db34 Update from 1.0.0-stable 2009-11-12 17:03:10 +00:00
Dr. Stephen Henson
860c3dd1b6 add missing parts of reneg port, fix apps patch 2009-11-11 14:51:19 +00:00
Dr. Stephen Henson
e0e7997212 First cut of renegotiation extension. (port to HEAD) 2009-11-09 19:03:34 +00:00
Dr. Stephen Henson
7ba3838a4b If it is a new session don't send the old TLS ticket: send a zero length 
ticket to request a new session.
 2009-11-08 14:36:12 +00:00
Dr. Stephen Henson
4398222457 Ooops, revert committed conflict. 2009-11-07 22:22:40 +00:00
Dr. Stephen Henson
71af26b57b PR: 2089 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS Fragment size bug fix.
 2009-11-02 13:38:22 +00:00
Dr. Stephen Henson
4b4ba6a887 Generate stateless session ID just after the ticket is received instead 
of when a session is loaded. This will mean that applications that
just hold onto SSL_SESSION structures and never call d2i_SSL_SESSION()
will still work.
 2009-10-30 14:06:03 +00:00
Dr. Stephen Henson
661dc1431f Fix statless session resumption so it can coexist with SNI 2009-10-30 13:22:24 +00:00
Dr. Stephen Henson
213f08a65a Don't attempt session resumption if no ticket is present and session 
ID length is zero.
 2009-10-28 19:52:18 +00:00
Dr. Stephen Henson
3e24d43931 oops! 2009-10-28 19:50:59 +00:00
Dr. Stephen Henson
b57329ba90 PR: 2085 
Submitted by: Mike Frysinger <vapier@gentoo.org>
Approved by: steve@openssl.org

Change domd test to match 1.0.0+ version: check $MAKEDEPEND
ends in "gcc" to support cross compilers.
 2009-10-28 19:48:09 +00:00
Dr. Stephen Henson
c6bec6ef0d PR: 2072 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Avoid potential doublefree and reuse of freed handshake_buffer.
 2009-10-16 15:24:07 +00:00
Dr. Stephen Henson
7c3908dd19 PR: 2073 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Don't access freed SSL_CTX in SSL_free().
 2009-10-16 13:41:39 +00:00
Dr. Stephen Henson
04f9095d9e Fix unitialized warnings 2009-10-04 16:52:51 +00:00
Dr. Stephen Henson
d4778ae47e PR: 2055 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_ctrl error handling in s2_srvr.c
 2009-10-01 00:06:14 +00:00
Dr. Stephen Henson
ff613640e2 PR: 2054 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_ctrl error handling
 2009-10-01 00:02:52 +00:00
Dr. Stephen Henson
e9f613acea PR: 2039 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS listen bug fix,
 2009-09-15 22:48:57 +00:00
Dr. Stephen Henson
a25f33d28a Submitted by: Julia Lawall <julia@diku.dk> 
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
 2009-09-13 11:29:29 +00:00
Dr. Stephen Henson
7689ed34d3 PR: 2025 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Constify SSL_CIPHER_description
 2009-09-12 23:17:39 +00:00
Dr. Stephen Henson
33130b07ce PR: 1411 
Submitted by: steve@openssl.org

Allow use of trusted certificates in SSL_CTX_use_chain_file()
 2009-09-12 23:09:45 +00:00
Dr. Stephen Henson
1fc3ac806d PR: 2033 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS listen support.
 2009-09-09 17:05:18 +00:00
Dr. Stephen Henson
14b148d390 Typo presumably.... 2009-09-06 17:56:30 +00:00
Dr. Stephen Henson
e0d4e97c1a Make update, deleting bogus DTLS error code 2009-09-06 15:58:19 +00:00
Dr. Stephen Henson
07a9d1a2c2 PR: 2028 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.
 2009-09-04 17:42:53 +00:00
Dr. Stephen Henson
3d9b105fe0 PR: 2009 
Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com>
Approved by: steve@openssl.org

Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although
the ticket mentions buffer overruns this isn't a security issue because
the SSL_SESSION structure is generated internally and it should never be
possible to supply its contents from an untrusted application (this would
among other things destroy session cache security).
 2009-09-02 13:20:32 +00:00
Dr. Stephen Henson
70dc09ebe4 PR: 2022 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS record header length bug.
 2009-09-02 12:53:52 +00:00
Dr. Stephen Henson
480b9e5d29 PR: 2006 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Do not use multiple DTLS records for a single user message
 2009-08-26 11:51:57 +00:00
Dr. Stephen Henson
3ed3603b60 Update default dependency flags. 
Make error name discrepancies a fatal error.
Fix error codes.
make update
 2009-08-12 17:30:37 +00:00
Dr. Stephen Henson
b972fbaa8f PR: 1997 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS timeout handling fix.
 2009-08-12 13:19:54 +00:00
Dr. Stephen Henson
f10f4447da Update from 1.0.0-stable. 2009-08-05 15:29:58 +00:00
Dr. Stephen Henson
0f65d5eba5 PR: 1993 
Fix from 0.9.8-stable.
 2009-07-24 11:52:55 +00:00
Dr. Stephen Henson
4b06d778ad Update from 1.0.0-stable. 2009-07-15 11:33:24 +00:00
Dr. Stephen Henson
3f7c592082 Updates from 1.0.0-stable. 2009-07-14 15:30:05 +00:00
Dr. Stephen Henson
5c168710ac Update from 1.0.0-stable. 2009-07-13 11:44:30 +00:00
Dr. Stephen Henson
c55d27ac33 Make update. 2009-07-08 09:19:53 +00:00
Dr. Stephen Henson
4e9de7aa3a Delete MD2 from algorithm tables as in 0.9.8-stable. However since this is 
a new branch we can also disable it by default.
 2009-07-08 08:49:17 +00:00
Dr. Stephen Henson
fc007d021e Fix warnings. 2009-07-04 12:04:06 +00:00
Dr. Stephen Henson
baacd8d4e5 PR: 1981 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS record header bugfix.
 2009-07-04 11:38:40 +00:00
Dr. Stephen Henson
9458530d45 Update from 1.0.0-stable 2009-07-01 11:29:25 +00:00
Dr. Stephen Henson
9de014a7f8 Update from 0.9.8-stable 2009-06-30 22:27:33 +00:00
Dr. Stephen Henson
4f761f5956 Typo. 2009-06-30 18:27:03 +00:00
Dr. Stephen Henson
ccf117510d Update from 1.0.0-stable. 2009-06-30 11:58:10 +00:00
Dr. Stephen Henson
746570e575 Update from 1.0.0-stable. 2009-06-30 11:42:04 +00:00
Dr. Stephen Henson
508c535221 Update from 1.0.0-stable 2009-06-30 11:24:57 +00:00
Dr. Stephen Henson
d2f6d28298 Update from 0.9.8-stable. 2009-06-28 16:24:37 +00:00
Dr. Stephen Henson
ce92bb54d1 Update from 0.9.8-stable. 2009-06-26 15:03:35 +00:00
Dr. Stephen Henson
e30dd20c0e Update from 1.0.0-stable 2009-06-25 11:29:30 +00:00