Dr. Stephen Henson
15a40af2ed
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
...
Add more extension names in s_cb.c extension printing code.
2012-03-09 18:38:35 +00:00
Dr. Stephen Henson
e7f8ff4382
New ctrls to retrieve supported signature algorithms and curves and
...
extensions to s_client and s_server to print out retrieved valued.
Extend CERT structure to cache supported signature algorithm data.
2012-03-06 14:28:21 +00:00
Dr. Stephen Henson
74b4b49494
SSL export fixes (from Adam Langley) [original from 1.0.1]
2012-02-22 15:06:56 +00:00
Dr. Stephen Henson
4817504d06
PR: 2658
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Support for TLS/DTLS heartbeats.
2011-12-31 22:59:57 +00:00
Dr. Stephen Henson
ebba6c4895
PR: 1794
...
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Make SRP conformant to rfc 5054.
Changes are:
- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.
2011-11-25 00:17:44 +00:00
Ben Laurie
e0af04056c
Add TLS exporter.
2011-11-15 23:50:52 +00:00
Ben Laurie
333f926d67
Add DTLS-SRTP.
2011-11-15 22:59:20 +00:00
Dr. Stephen Henson
6dd547398a
use client version when eliminating TLS v1.2 ciphersuites in client hello
2011-10-07 15:07:19 +00:00
Dr. Stephen Henson
28dd49faec
Expand range of ctrls for AES GCM to support retrieval and setting of
...
invocation field.
Add complete support for AES GCM ciphersuites including all those in
RFC5288 and RFC5289.
2011-08-03 15:37:22 +00:00
Dr. Stephen Henson
d09677ac45
Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support and
...
prohibit use of these ciphersuites for TLS < 1.2
2011-07-25 20:41:32 +00:00
Dr. Stephen Henson
238b63613b
use TLS1_get_version macro to check version so TLS v1.2 changes don't interfere with DTLS
2011-05-25 11:43:07 +00:00
Dr. Stephen Henson
6b7be581e5
Continuing TLS v1.2 support: add support for server parsing of
...
signature algorithms extension and correct signature format for
server key exchange.
All ciphersuites should now work on the server but no client support and
no client certificate support yet.
2011-05-06 13:00:07 +00:00
Dr. Stephen Henson
7409d7ad51
Initial incomplete TLS v1.2 support. New ciphersuites added, new version
...
checking added, SHA256 PRF support added.
At present only RSA key exchange ciphersuites work with TLS v1.2 as the
new signature format is not yet implemented.
2011-04-29 22:56:51 +00:00
Ben Laurie
edc032b5e3
Add SRP support.
2011-03-12 17:01:19 +00:00
Ben Laurie
bf48836c7c
Fixes to NPN from Adam Langley.
2010-09-05 17:14:01 +00:00
Ben Laurie
ee2ffc2794
Add Next Protocol Negotiation.
2010-07-28 10:06:55 +00:00
Dr. Stephen Henson
637f374ad4
Initial experimental TLSv1.1 support
2009-12-07 13:31:02 +00:00
Dr. Stephen Henson
7f354fa42d
Ooops...
2009-12-01 18:40:50 +00:00
Dr. Stephen Henson
6732e14278
check DSA_sign() return value properly
2009-12-01 18:39:33 +00:00
Dr. Stephen Henson
860c3dd1b6
add missing parts of reneg port, fix apps patch
2009-11-11 14:51:19 +00:00
Dr. Stephen Henson
4f761f5956
Typo.
2009-06-30 18:27:03 +00:00
Dr. Stephen Henson
caa97ef149
Update from 1.0.0-stable.
2009-05-28 18:11:29 +00:00
Dr. Stephen Henson
12bf56c017
PR: 1574
...
Submitted by: Jouni Malinen <j@w1.fi>
Approved by: steve@openssl.org
Ticket override support for EAP-FAST.
2008-11-15 17:18:12 +00:00
Dr. Stephen Henson
8a2062fefe
Update from stable branch.
2008-04-30 16:14:02 +00:00
Dr. Stephen Henson
67c8e7f414
Support for certificate status TLS extension.
2007-09-26 21:56:59 +00:00
Bodo Möller
761772d7e1
Implement the Opaque PRF Input TLS extension
...
(draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and
bugfixes on the way. In particular, this fixes the buffer bounds
checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext().
Note that the opaque PRF Input TLS extension is not compiled by default;
see CHANGES.
2007-09-21 06:54:24 +00:00
Dr. Stephen Henson
81025661a9
Update ssl code to support digests other than MD5+SHA1 in handshake.
...
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
2007-08-31 12:42:53 +00:00
Dr. Stephen Henson
94d511cdbd
Add ctrls to set and get RFC4507bis keys to enable several contexts to
...
reuse the same tickets.
2007-08-28 01:08:45 +00:00
Dr. Stephen Henson
6434abbfc6
RFC4507 (including RFC4507bis) TLS stateless session resumption support
...
for OpenSSL.
2007-08-11 23:18:29 +00:00
Dr. Stephen Henson
b948e2c59e
Update ssl library to support EVP_PKEY MAC API. Include generic MAC support.
2007-06-04 17:04:40 +00:00
Bodo Möller
96afc1cfd5
Add SEED encryption algorithm.
...
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:48:59 +00:00
Bodo Möller
5b57fe0a1e
Disable invalid ciphersuites
2006-06-14 17:51:46 +00:00
Bodo Möller
f3dea9a595
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:44:59 +00:00
Bodo Möller
b6acb8d0de
udpate Supported Point Formats Extension code
...
Submitted by: Douglas Stebila
2006-03-13 01:24:38 +00:00
Bodo Möller
36ca4ba63d
Implement the Supported Point Formats Extension for ECC ciphersuites
...
Submitted by: Douglas Stebila
2006-03-11 23:46:37 +00:00
Nils Larsch
ddac197404
add initial support for RFC 4279 PSK SSL ciphersuites
...
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
2006-03-10 23:06:27 +00:00
Bodo Möller
241520e66d
More TLS extension related changes.
...
Submitted by: Peter Sylvester
2006-01-11 06:10:40 +00:00
Bodo Möller
a13c20f603
Further TLS extension updates
...
Submitted by: Peter Sylvester
2006-01-09 19:49:05 +00:00
Bodo Möller
01c76c6606
There's no such things as DTLS1_AD_MISSING_HANDSHAKE_MESSAGE.
...
For now, anyway.
2006-01-07 20:44:29 +00:00
Bodo Möller
3ff94a009b
complete and correct RFC3546 error codes
2006-01-07 20:28:11 +00:00
Bodo Möller
1aeb3da83f
Fixes for TLS server_name extension
...
Submitted by: Peter Sylvester
2006-01-06 09:08:59 +00:00
Bodo Möller
f1fd4544a3
Various changes in the new TLS extension code, including the following:
...
- fix indentation
- rename some functions and macros
- fix up confusion between SSL_ERROR_... and SSL_AD_... values
2006-01-03 03:27:19 +00:00
Bodo Möller
ed3883d21b
Support TLS extensions (specifically, HostName)
...
Submitted by: Peter Sylvester
2006-01-02 23:14:37 +00:00
Bodo Möller
d56349a2aa
update TLS-ECC code
...
Submitted by: Douglas Stebila
2005-12-13 07:33:35 +00:00
Bodo Möller
d804f86b88
disable some invalid ciphersuites
2005-11-15 23:32:11 +00:00
Bodo Möller
968766cad8
updates for draft-ietf-tls-ecc-03.txt
...
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
2003-07-22 12:34:21 +00:00
Bodo Möller
259cdf2af9
Sun has agreed to removing the covenant language from most files.
...
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
2002-10-29 10:59:32 +00:00
Bodo Möller
ea26226046
ECC ciphersuite support
...
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
(Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)
2002-08-09 08:56:08 +00:00
Bodo Möller
ea4f109c99
AES cipher suites are now official (RFC3268)
2002-07-04 08:51:09 +00:00
Bodo Möller
f257d984b7
refer to latest draft for AES ciphersuites
2002-05-07 07:55:36 +00:00