Dr. Stephen Henson
ea0ceb11a0
Use case insensitive compare for servername.
...
PR#3445
(cherry picked from commit 1c3e9a7c67
)
2014-07-15 00:00:03 +01:00
Dr. Stephen Henson
a07f514fc0
Usage for -hack and -prexit -verify_return_error
...
(cherry picked from commit ee724df75d
)
2014-07-06 22:48:57 +01:00
Dr. Stephen Henson
b7c9762598
s_server usage for certificate status requests
...
(cherry picked from commit a44f219c00
)
2014-07-06 22:45:44 +01:00
Andy Polyakov
0898147090
ssl/*: fix linking errors with no-srtp.
2013-02-09 19:52:07 +01:00
Dr. Stephen Henson
540f7c75ef
fix leaks
2012-11-20 00:28:56 +00:00
Dr. Stephen Henson
f929f201fb
fix memory leak
2012-09-11 13:44:38 +00:00
Dr. Stephen Henson
25da47c3c8
Fix memory leak.
...
Always perform nexproto callback argument initialisation in s_server
otherwise we use uninitialised data if -nocert is specified.
2012-07-03 16:36:10 +00:00
Ben Laurie
af454b5bb0
Reduce version skew.
2012-06-08 09:18:47 +00:00
Dr. Stephen Henson
3bf4e14cc3
Always use SSLv23_{client,server}_method in s_client.c and s_server.c,
...
the old code came from SSLeay days before TLS was even supported.
2012-03-18 18:16:05 +00:00
Dr. Stephen Henson
cdf9d6f6ed
PR: 2716
...
Submitted by: Adam Langley <agl@google.com>
Fix handling of exporter return value and use OpenSSL indentation in
s_client, s_server.
2012-02-11 23:21:09 +00:00
Dr. Stephen Henson
508bd3d1aa
PR: 2714
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Make no-srp work.
2012-02-10 19:44:00 +00:00
Andy Polyakov
9b2a29660b
Sanitize usage of <ctype.h> functions. It's important that characters
...
are passed zero-extended, not sign-extended [from HEAD].
PR: 2682
2012-01-12 16:28:03 +00:00
Dr. Stephen Henson
bd6941cfaa
PR: 2658
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Support for TLS/DTLS heartbeats.
2011-12-31 23:00:36 +00:00
Dr. Stephen Henson
b300fb7734
PR: 1794
...
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
- remove some unncessary SSL_err and permit
an srp user callback to allow a worker to obtain
a user verifier.
- cleanup and comments in s_server and demonstration
for asynchronous srp user lookup
2011-12-27 14:23:22 +00:00
Ben Laurie
b1d7429186
Add TLS exporter.
2011-11-15 23:51:22 +00:00
Ben Laurie
060a38a2c0
Add DTLS-SRTP.
2011-11-15 23:02:16 +00:00
Ben Laurie
68b33cc5c7
Add Next Protocol Negotiation.
2011-11-13 21:55:42 +00:00
Dr. Stephen Henson
6bd173fced
Don't disable TLS v1.2 by default any more.
2011-10-09 23:28:25 +00:00
Dr. Stephen Henson
7f9ef5621a
Oops, add missing declaration.
2011-05-12 13:02:25 +00:00
Dr. Stephen Henson
39348038df
make kerberos work with OPENSSL_NO_SSL_INTERN
2011-05-11 22:52:34 +00:00
Dr. Stephen Henson
9472baae0d
Backport TLS v1.2 support from HEAD.
...
This includes TLS v1.2 server and client support but at present
client certificate support is not implemented.
2011-05-11 13:37:52 +00:00
Dr. Stephen Henson
ae17b9ecd5
Typo.
2011-05-11 13:22:54 +00:00
Dr. Stephen Henson
74096890ba
Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN
...
all ssl related structures are opaque and internals cannot be directly
accessed. Many applications will need some modification to support this and
most likely some additional functions added to OpenSSL.
The advantage of this option is that any application supporting it will still
be binary compatible if SSL structures change.
(backport from HEAD).
2011-05-11 12:56:38 +00:00
Ben Laurie
a149b2466e
Add SRP.
2011-03-16 11:26:40 +00:00
Dr. Stephen Henson
251431ff4f
add TLS v1.1 options to s_server
2010-11-13 12:44:17 +00:00
Dr. Stephen Henson
1eb1cf452b
Backport TLS v1.1 support from HEAD
2010-06-27 14:15:02 +00:00
Dr. Stephen Henson
e97359435e
Fix warnings (From HEAD, original patch by Ben).
2010-06-15 17:25:15 +00:00
Dr. Stephen Henson
ffa304c838
oops, revert more test code arghh!
2010-01-28 17:52:18 +00:00
Dr. Stephen Henson
df21765a3e
In engine_table_select() don't clear out entire error queue: just clear
...
out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise
errors from other sources (e.g. SSL library) can be wiped.
2010-01-28 17:50:23 +00:00
Dr. Stephen Henson
b52a2738d4
Add ctrl and macro so we can determine if peer support secure renegotiation.
2009-12-08 13:42:32 +00:00
Dr. Stephen Henson
5c33091cfa
commit missing apps code for reneg fix
2009-11-11 14:10:09 +00:00
Dr. Stephen Henson
90528846e8
Add -no_cache option to s_server
2009-10-28 17:49:37 +00:00
Dr. Stephen Henson
0c690586e0
PR: 2064, 728
...
Submitted by: steve@openssl.org
Add support for custom headers in OCSP requests.
2009-09-30 21:41:53 +00:00
Dr. Stephen Henson
2e9802b7a7
PR: 2028
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix DTLS cookie management bugs.
2009-09-04 17:42:06 +00:00
Dr. Stephen Henson
209abea1db
Stop unused variable warning on WIN32 et al.
2009-08-18 11:14:12 +00:00
Dr. Stephen Henson
a4bade7aac
PR: 1997
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timeout handling fix.
2009-08-12 13:21:26 +00:00
Dr. Stephen Henson
4386445c18
Change STRING to OPENSSL_STRING etc as common words such
...
as "STRING" cause conflicts with other headers/libraries.
2009-07-27 21:08:53 +00:00
Dr. Stephen Henson
e323afb0ce
Update from HEAD.
2009-06-30 16:10:24 +00:00
Dr. Stephen Henson
67d8ab07e6
Stop warning if dtls disabled.
2009-06-05 14:56:48 +00:00
Dr. Stephen Henson
0454f2c490
PR: 1929
...
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org
Updated DTLS MTU bug fix.
2009-05-17 16:04:21 +00:00
Dr. Stephen Henson
9990cb75c1
PR: 1894
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org
Fix various typos and stuff.
2009-04-16 17:22:51 +00:00
Dr. Stephen Henson
70531c147c
Make no-engine work again.
2008-12-20 17:04:40 +00:00
Dr. Stephen Henson
2900fc8ae1
Don't stop -cipher from working.
2008-11-30 22:01:31 +00:00
Dr. Stephen Henson
79bd20fd17
Update from stable-branch.
2008-11-24 17:27:08 +00:00
Ben Laurie
f3b7bdadbc
Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks.
2008-11-16 12:47:12 +00:00
Dr. Stephen Henson
ed551cddf7
Update from stable branch.
2008-11-12 17:28:18 +00:00
Ben Laurie
6caa4edd3e
Add JPAKE.
2008-10-26 18:40:52 +00:00
Ben Laurie
babb379849
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
Ben Laurie
5ce278a77b
More type-checking.
2008-06-04 11:01:43 +00:00
Lutz Jänicke
51e00db226
Document "openssl s_server" -crl_check* options
...
Submitted by: Daniel Black <daniel.subs@internode.on.net>
2008-05-19 07:52:15 +00:00