openssl

Author	SHA1	Message	Date
Ben Laurie	43a107026d	Missing error code.	2009-12-12 15:57:53 +00:00
Dr. Stephen Henson	f1784f2fd2	Move SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION out of SSL_OP_ALL	2009-12-11 00:20:58 +00:00
Dr. Stephen Henson	b41a614686	Check s3 is not NULL	2009-12-09 14:53:51 +00:00
Dr. Stephen Henson	52a08e90d1	Add ctrls to clear options and mode. Change RI ctrl so it doesn't clash.	2009-12-09 13:25:38 +00:00
Dr. Stephen Henson	6b5f0458fe	Send no_renegotiation alert as required by spec.	2009-12-08 19:06:09 +00:00
Dr. Stephen Henson	b52a2738d4	Add ctrl and macro so we can determine if peer support secure renegotiation.	2009-12-08 13:42:32 +00:00
Dr. Stephen Henson	10f99d7b77	Add support for magic cipher suite value (MCSV). Make secure renegotiation work in SSLv3: initial handshake has no extensions but includes MCSV, if server indicates RI support then renegotiation handshakes include RI. NB: current MCSV value is bogus for testing only, will be updated when we have an official value. Change mismatch alerts to handshake_failure as required by spec. Also have some debugging fprintfs so we can clearly see what is going on if OPENSSL_RI_DEBUG is set.	2009-12-08 13:15:12 +00:00
Dr. Stephen Henson	593222afe1	PR: 2121 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Add extension support to DTLS code mainly using existing implementation for TLS.	2009-12-08 11:38:18 +00:00
Dr. Stephen Henson	d5b8c46499	PR: 2115 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.	2009-12-01 17:41:42 +00:00
Dr. Stephen Henson	3e8e12a6b6	Servers can't end up talking SSLv2 with legacy renegotiation disabled	2009-11-18 15:09:35 +00:00
Dr. Stephen Henson	5ddbb8f41a	Don't use SSLv2 compatible client hello if we don't tolerate legacy renegotiation	2009-11-18 14:45:32 +00:00
Dr. Stephen Henson	3c44e92bcb	Include a more meaningful error message when rejecting legacy renegotiation	2009-11-18 14:19:52 +00:00
Dr. Stephen Henson	73582b8117	add missing parts of reneg port, fix apps patch	2009-11-11 14:51:29 +00:00
Dr. Stephen Henson	56327ebe6a	make update	2009-11-10 13:23:04 +00:00
Dr. Stephen Henson	ec4346f6f9	oops, add missing prototypes	2009-11-09 18:58:50 +00:00
Dr. Stephen Henson	bc9058d041	First cut of renegotiation extension. (port to 1.0.0-stable)	2009-11-09 18:45:42 +00:00
Dr. Stephen Henson	e3738c49b8	If it is a new session don't send the old TLS ticket: send a zero length ticket to request a new session.	2009-11-08 14:36:32 +00:00
Dr. Stephen Henson	23b97c6bb5	PR: 2089 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org DTLS Fragment size bug fix.	2009-11-02 13:37:17 +00:00
Dr. Stephen Henson	036b3f331b	Generate stateless session ID just after the ticket is received instead of when a session is loaded. This will mean that applications that just hold onto SSL_SESSION structures and never call d2i_SSL_SESSION() will still work.	2009-10-30 14:06:18 +00:00
Dr. Stephen Henson	3d0b604c14	Fix statless session resumption so it can coexist with SNI	2009-10-30 13:22:44 +00:00
Dr. Stephen Henson	257b2bfb6c	Don't attempt session resumption if no ticket is present and session ID length is zero.	2009-10-28 19:52:35 +00:00
Dr. Stephen Henson	a9bb9d0eb4	PR: 2072 Submitted by: Tomas Mraz <tmraz@redhat.com> Approved by: steve@openssl.org Avoid potential doublefree and reuse of freed handshake_buffer.	2009-10-16 15:24:19 +00:00
Dr. Stephen Henson	cc6688d796	PR: 2073 Submitted by: Tomas Mraz <tmraz@redhat.com> Approved by: steve@openssl.org Don't access freed SSL_CTX in SSL_free().	2009-10-16 13:41:52 +00:00
Dr. Stephen Henson	ad187f8905	Fix unitialized warnings	2009-10-04 16:52:35 +00:00
Dr. Stephen Henson	3d1dab4404	PR: 2055 Submitted by: Julia Lawall <julia@diku.dk> Approved by: steve@openssl.org Correct BIO_ctrl error handling in s2_srvr.c	2009-10-01 00:07:10 +00:00
Dr. Stephen Henson	29c2fd46d2	PR: 2054 Submitted by: Julia Lawall <julia@diku.dk> Approved by: steve@openssl.org Correct BIO_ctrl error handling	2009-10-01 00:03:50 +00:00
Dr. Stephen Henson	af3d4e1b02	PR: 2039 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org DTLS listen bug fix,	2009-09-15 22:48:30 +00:00
Dr. Stephen Henson	80afb40ae3	Submitted by: Julia Lawall <julia@diku.dk> The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(), CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix so the return code is checked correctly.	2009-09-13 11:27:27 +00:00
Dr. Stephen Henson	a131de9bb2	PR: 2025 Submitted by: Tomas Mraz <tmraz@redhat.com> Approved by: steve@openssl.org Constify SSL_CIPHER_description	2009-09-12 23:18:09 +00:00
Dr. Stephen Henson	0ddd002f60	PR: 1411 Submitted by: steve@openssl.org Allow use of trusted certificates in SSL_CTX_use_chain_file()	2009-09-12 23:09:26 +00:00
Dr. Stephen Henson	53f062d050	PR: 2033 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org DTLS listen support.	2009-09-09 17:05:42 +00:00
Dr. Stephen Henson	9769137a43	Typo presumably...	2009-09-06 17:55:40 +00:00
Dr. Stephen Henson	c0688f1aef	Make update, deleting bogus DTLS error code	2009-09-06 15:55:54 +00:00
Dr. Stephen Henson	2e9802b7a7	PR: 2028 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Fix DTLS cookie management bugs.	2009-09-04 17:42:06 +00:00
Dr. Stephen Henson	54ed003ace	PR: 2009 Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com> Approved by: steve@openssl.org Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although the ticket mentions buffer overruns this isn't a security issue because the SSL_SESSION structure is generated internally and it should never be possible to supply its contents from an untrusted application (this would among other things destroy session cache security).	2009-09-02 13:20:22 +00:00
Dr. Stephen Henson	f18e10253d	PR: 2022 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Fix DTLS record header length bug.	2009-09-02 12:53:32 +00:00
Dr. Stephen Henson	17f8d8db61	PR: 2006 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Do not use multiple DTLS records for a single user message	2009-08-26 11:51:23 +00:00
Richard Levitte	3798c36686	Include proper header files for time functions. Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>	2009-08-25 07:10:09 +00:00
Dr. Stephen Henson	5a96822f2c	Update default dependency flags. Make error name discrepancies a fatal error. Fix error codes. make update	2009-08-12 17:08:44 +00:00
Dr. Stephen Henson	a4bade7aac	PR: 1997 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org DTLS timeout handling fix.	2009-08-12 13:21:26 +00:00
Dr. Stephen Henson	f45e8c7bdd	PR: 2000 Submitted by: Vadim Zeitlin <vz-openssl@zeitlins.org> Approved by: steve@openssl.org Make no-comp compile without warnings.	2009-08-05 15:29:14 +00:00
Dr. Stephen Henson	d7406b1528	PR: 1993 Fix from 0.9.8-stable.	2009-07-24 11:52:32 +00:00
Dr. Stephen Henson	5135d6b985	Fix error codes and indentation.	2009-07-15 11:32:58 +00:00
Dr. Stephen Henson	c8f759ec74	Stop warning of signed/unsigned compare.	2009-07-14 15:28:44 +00:00
Dr. Stephen Henson	cddd00166c	PR: 1984 Submitted by: Michael TÃÂ¼xen <Michael.Tuexen@lurchi.franken.de> Approved by: steve@openssl.org Don't concatenate reads in DTLS.	2009-07-13 11:44:04 +00:00
Dr. Stephen Henson	c155d83f5b	Delete MD2 from algorithm tables and default compilation.	2009-07-08 08:50:53 +00:00
Dr. Stephen Henson	5a03e3ac3f	Fix from HEAD.	2009-07-04 12:05:14 +00:00
Dr. Stephen Henson	08b2097967	Update from HEAD.	2009-07-04 11:44:01 +00:00
Dr. Stephen Henson	2b3cd246e5	PR: 1962 Submitted by: Daniel Mentz <daniel.m@sent.com> Reviewed by: steve@openssl.org Fix "for dtls1_get_record() returns a bad record in one edge case" bug.	2009-07-01 11:29:01 +00:00
Dr. Stephen Henson	76ec9151d1	Update from 0.9.8-stable.	2009-06-30 22:26:28 +00:00
Dr. Stephen Henson	6c24dd9005	Typo.	2009-06-30 20:55:55 +00:00
Dr. Stephen Henson	29b0c4a01c	Add "missing" functions for setting all verify parameters for SSL_CTX and SSL structures.	2009-06-30 11:57:24 +00:00
Dr. Stephen Henson	b824f0f458	Redundant check: s->param is always non-NULL, it is set in SSL_new().	2009-06-30 11:41:35 +00:00
Dr. Stephen Henson	43ea53a04a	Inherit parameters properly in SSL contexts: any parameters set should replace those in the current list.	2009-06-30 11:21:00 +00:00
Dr. Stephen Henson	dbb834ffeb	Update from 0.9.8-stable.	2009-06-28 16:24:11 +00:00
Dr. Stephen Henson	887c250852	Update from 0.9.8-stable.	2009-06-26 15:04:22 +00:00
Dr. Stephen Henson	0cb76e79df	PR: 1748 Fix nasty SSL BIO pop bug. Since this changes the behaviour of SSL BIOs and will break applications that worked around the bug only included in 1.0.0 and later.	2009-06-25 11:26:45 +00:00
Dr. Stephen Henson	72d668c332	Update from HEAD.	2009-06-24 13:30:07 +00:00
Dr. Stephen Henson	3492c47b18	Update from HEAD.	2009-06-17 11:38:26 +00:00
Dr. Stephen Henson	85d9b02d16	Update from HEAD.	2009-06-16 16:55:01 +00:00
Dr. Stephen Henson	bfd502f027	Updates from HEAD.	2009-06-16 16:39:20 +00:00
Ben Laurie	6cfab29b71	Make depend.	2009-06-14 02:37:22 +00:00
Dr. Stephen Henson	55708796af	Update from HEAD.	2009-06-13 20:47:09 +00:00
Dr. Stephen Henson	7074f1df07	Stop gcc bracket warning.	2009-06-05 14:57:10 +00:00
Dr. Stephen Henson	4e63da0669	PR: 1950 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve@openssl.org DTLS fragment retransmission bug.	2009-06-05 14:46:49 +00:00
Dr. Stephen Henson	4e66723517	Update from HEAD.	2009-06-02 11:23:30 +00:00
Dr. Stephen Henson	e1f09dfd84	PR: 1921 Submitted by: Michael Tuexen <tuexen@fh-muenster.de> Reviewed by: steve@openssl.org Add ECDHE and PSK support to DTLS.	2009-05-31 17:11:24 +00:00
Dr. Stephen Henson	6e87cc8da6	Need definition of struct timeval for dtls1.h which broke WIN32 builds, so include winsock.h. (might be a cleaner way to do this...)	2009-05-28 20:53:16 +00:00
Dr. Stephen Henson	cc1cb996f1	Submitted by: Artem Chuprina <ran@cryptocom.ru> Reviewed by: steve@openssl.org Fix to match latest GOST in TLS draft.	2009-05-28 18:10:47 +00:00
Dr. Stephen Henson	0454f2c490	PR: 1929 Submitted by: Michael Tuexen <tuexen@fh-muenster.de> Approved by: steve@openssl.org Updated DTLS MTU bug fix.	2009-05-17 16:04:21 +00:00
Dr. Stephen Henson	abda7c1147	PR: 1931 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Fix fragment handling memory leak.	2009-05-16 16:22:11 +00:00
Dr. Stephen Henson	88b48dc680	PR: 1930 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Limit size of DTLS record buffer queue.	2009-05-16 16:17:46 +00:00
Dr. Stephen Henson	661d35dfb2	Disable ECDHE in DTLS in a cleaner way.	2009-05-16 11:16:15 +00:00
Dr. Stephen Henson	f99c9daa39	Make the stuff compile again, fix missing prototype warnings.	2009-05-16 11:14:55 +00:00
Dr. Stephen Henson	d6584eba8c	PR: 1922 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org DTLS Timer bug fix.	2009-05-15 22:58:13 +00:00
Richard Levitte	006c7c6bb1	Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda). Thank you\! (note: not tested for now, a few nightly builds should give indications though)	2009-05-15 16:37:08 +00:00
Dr. Stephen Henson	b3620451b2	PR: 1921 Submitted by: steve@openssl.org Our DTLS implementation doesn't currently handle ECDHE so don't include unsupported ciphers in client hello.	2009-05-13 16:25:35 +00:00
Dr. Stephen Henson	d2f17d9615	Print out DTLS versions too.	2009-05-13 16:24:12 +00:00
Dr. Stephen Henson	561cbe5678	PR: 1923 Submitted by: Daniel Mentz <daniel.m@sent.com>, Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Don't access freed data structure.	2009-05-13 11:51:30 +00:00
Dr. Stephen Henson	4e50f02638	If an SSLv2 method is explicitly asked for use the SSLv2 cipher string: assume an application really wants SSLv2 if they do that. Otherwise stick with the default which excludes all SSLv2 cipher suites.	2009-04-29 14:12:54 +00:00
Dr. Stephen Henson	174ea15647	Typo.	2009-04-28 22:35:42 +00:00
Dr. Stephen Henson	18f8258a87	PR: 1629 Submitted by: Kaspar Brand <ossl-rt@velox.ch> Approved by: steve@openssl.org Don't use extensions if using SSLv3: this chokes some broken servers.	2009-04-28 22:01:53 +00:00
Dr. Stephen Henson	82ae57136b	Some no-ec fixes (not complete yet).	2009-04-23 15:24:27 +00:00
Dr. Stephen Henson	b61a84c8e6	Fix WIN32 warnings.	2009-04-22 15:40:54 +00:00
Dr. Stephen Henson	a543ea44bc	Fix WIN32 warning.	2009-04-22 12:17:02 +00:00
Dr. Stephen Henson	b0dd3d1b94	Another kerberos fix.	2009-04-21 22:30:54 +00:00
Dr. Stephen Henson	21fb688d26	Some fixes for kerberos builds.	2009-04-21 22:20:12 +00:00
Dr. Stephen Henson	dfc8e96daa	Fix warning.	2009-04-21 15:11:59 +00:00
Dr. Stephen Henson	b452f43322	PR: 1751 Submitted by: David Woodhouse <dwmw2@infradead.org> Approved by: steve@openssl.org Compatibility patches for Cisco VPN client DTLS.	2009-04-19 18:03:13 +00:00
Dr. Stephen Henson	9990cb75c1	PR: 1894 Submitted by: Ger Hobbelt <ger@hobbelt.com> Approved by: steve@openssl.org Fix various typos and stuff.	2009-04-16 17:22:51 +00:00
Dr. Stephen Henson	a5cc69c7ae	PR: 1900 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Remove unnecessary included header file.	2009-04-16 16:42:02 +00:00
Dr. Stephen Henson	c900a78c99	PR: 1828 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Updated DTLS Rentransmission bug patch.	2009-04-15 14:49:36 +00:00
Dr. Stephen Henson	46ffb2dc97	PR #1828 reverted: state save/restore incompatible with 1.0.0-stable.	2009-04-14 15:29:34 +00:00
Dr. Stephen Henson	aab790a656	PR: 1829 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org DTLS Timer Bug fix.	2009-04-14 14:33:12 +00:00
Dr. Stephen Henson	1319aad994	PR: 1647 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Update patch for PR#1647.	2009-04-14 14:22:26 +00:00
Dr. Stephen Henson	3c0ce01cea	PR: 1827 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Updated patch for PR #1827	2009-04-14 14:20:57 +00:00
Dr. Stephen Henson	9fcbefebdb	PR: 1828 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Update from 0.9.8-stable.	2009-04-14 14:19:46 +00:00
Dr. Stephen Henson	017d2a887f	PR: 1838 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Updated patch from 0.9.8-stable.	2009-04-14 14:18:16 +00:00
Dr. Stephen Henson	9ae5743515	Disable SSLv2 cipher suites by default and avoid SSLv2 compatible client hello if no SSLv2 cipher suites are included. This effectively disables the broken SSLv2 use by default.	2009-04-07 17:01:07 +00:00
Dr. Stephen Henson	c184b140df	Update from 0.9.8-stable.	2009-04-07 16:30:32 +00:00
Dr. Stephen Henson	9d80aa7e3f	Update from 0.9.8-stable	2009-04-07 12:10:59 +00:00
Dr. Stephen Henson	c9a1778134	Fix error codes.	2009-04-05 11:54:34 +00:00
Dr. Stephen Henson	2dd5ca1fbc	Make no-ssl2 work including on Win32 builds.	2009-04-04 17:57:34 +00:00
Dr. Stephen Henson	c6196da587	Update from 0.9.8-stable.	2009-04-02 22:28:52 +00:00
Dr. Stephen Henson	78625cac82	Submitted by: Victor Duchovni <Victor.Duchovni@morganstanley.com> Reviewed by: steve@openssl.org Check return value of sk_SSL_COMP_find() properly.	2009-03-12 17:30:29 +00:00
Ben Laurie	7587347bc4	Fix memory leak.	2009-02-23 16:40:59 +00:00
Ben Laurie	b3f3407850	Use new common flags and fix resulting warnings.	2009-02-15 14:08:51 +00:00
Dr. Stephen Henson	477fd4596f	PR: 1835 Submitted by: Damien Miller <djm@mindrot.org> Approved by: steve@openssl.org Fix various typos.	2009-02-14 21:49:38 +00:00
Bodo Möller	d8e8fc4803	Put back a variable deleted by the previous revision, but used in the code.	2009-02-01 01:08:13 +00:00
Richard Levitte	c7ba21493a	Hopefully resolve signed vs unsigned issue.	2009-01-28 07:09:23 +00:00
Dr. Stephen Henson	d7ecd42255	Fix warnings properly this time ;-)	2009-01-11 20:34:23 +00:00
Dr. Stephen Henson	211655fcdd	Fix sign-compare warnings.	2009-01-11 15:58:51 +00:00
Dr. Stephen Henson	bab534057b	Updatde from stable branch.	2009-01-07 23:44:27 +00:00
Lutz Jänicke	fceac0bc74	Fix compilation with -no-comp by adding some more #ifndef OPENSSL_NO_COMP Some #include statements were not properly protected. This will go unnoted on most systems as openssl/comp.h tends to be installed as a system header file by default but may become visible when cross compiling.	2009-01-05 14:43:05 +00:00
Ben Laurie	4a94003a51	srvr_ecdh cannot be NULL at this point (Coverity ID 232).	2009-01-02 12:49:07 +00:00
Ben Laurie	d41c785d69	Document dead code.	2008-12-30 13:02:02 +00:00
Ben Laurie	2bd45dc94c	Apparently s->ctx could be NULL. (Coverity ID 147).	2008-12-29 16:15:27 +00:00
Ben Laurie	121f9e743c	Apparently s->ctx could be NULL at this point (see earlier test). (Coverity ID 148).	2008-12-29 16:13:49 +00:00
Ben Laurie	0eab41fb78	If we're going to return errors (no matter how stupid), then we should test for them!	2008-12-29 16:11:58 +00:00
Ben Laurie	8aa02e97a7	Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash. (Coverity ID 135).	2008-12-29 13:35:08 +00:00
Ben Laurie	85e878f224	Die earlier if hash is NULL. (Coverity IDs 137 & 138).	2008-12-29 11:54:56 +00:00
Ben Laurie	fe1c7fecf1	Reverse incorrect earlier fix.	2008-12-29 11:47:08 +00:00
Ben Laurie	0e941da6fa	Die earlier if we have no hash function.	2008-12-29 11:46:44 +00:00
Ben Laurie	9b9cb004f7	Deal with the unlikely event that EVP_MD_CTX_size() returns an error. (Coverity ID 140).	2008-12-27 02:09:24 +00:00
Ben Laurie	6ba71a7173	Handle the unlikely event that BIO_get_mem_data() returns -ve.	2008-12-27 02:00:38 +00:00
Dr. Stephen Henson	70531c147c	Make no-engine work again.	2008-12-20 17:04:40 +00:00
Ben Laurie	a9dbe71ee0	Back out pointless change.	2008-12-13 17:45:49 +00:00
Ben Laurie	ecd3370ba0	* empty log message *	2008-12-13 17:45:27 +00:00
Dr. Stephen Henson	349e78e2e8	Stop warning about different const qualifiers.	2008-11-24 17:39:42 +00:00
Ben Laurie	f3b7bdadbc	Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks.	2008-11-16 12:47:12 +00:00
Dr. Stephen Henson	12bf56c017	PR: 1574 Submitted by: Jouni Malinen <j@w1.fi> Approved by: steve@openssl.org Ticket override support for EAP-FAST.	2008-11-15 17:18:12 +00:00
Ben Laurie	774b2fe700	Aftermath of a clashing size_t fix (now only format changes).	2008-11-13 09:48:47 +00:00
Geoff Thorpe	6343829a39	Revert the size_t modifications from HEAD that had led to more knock-on work than expected - they've been extracted into a patch series that can be completed elsewhere, or in a different branch, before merging back to HEAD.	2008-11-12 03:58:08 +00:00
Dr. Stephen Henson	7b808412c9	Make -DKSSL_DEBUG work again.	2008-11-10 19:08:37 +00:00
Dr. Stephen Henson	c76fd290be	Fix warnings about mismatched prototypes, undefined size_t and value computed not used.	2008-11-02 12:50:48 +00:00
Ben Laurie	5e4430e70d	More size_tification.	2008-11-01 16:40:37 +00:00
Ben Laurie	bfaead2b12	Fix warning.	2008-10-29 05:10:09 +00:00
Dr. Stephen Henson	ab7e09f59b	Win32 fixes... add new directory to build system. Fix warnings.	2008-10-27 12:31:13 +00:00
Dr. Stephen Henson	e19106f5fb	Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros with the appropriate parameters which calls OBJ_bsearch(). A compiler will typically inline this. This avoids the need for cmp_xxx variables and fixes unchecked const issues with CHECKED_PTR_OF()	2008-10-22 15:43:01 +00:00
Dr. Stephen Henson	606f6c477a	Fix a shed load or warnings: Duplicate const. Use of ; outside function.	2008-10-20 15:12:00 +00:00
Lutz Jänicke	b8dfde2a36	Remove the DTLS1_BAD_VER thing from 0.9.9-dev. It is present in 0.9.8 but has been omitted from HEAD (0.9.9), see commit http://cvs.openssl.org/chngview?cn=16627 by appro.	2008-10-13 06:45:59 +00:00
Lutz Jänicke	570006f3a2	Half of the commit for 0.9.8 as the bitmap handling has changed. (Firstly... ommitted) Secondly, it wasn't even _dropping_ the offending packets, in the non-blocking case. It was just returning garbage instead. PR: #1752 Submitted by: David Woodhouse <dwmw2@infradead.org>	2008-10-13 06:43:03 +00:00
Ben Laurie	babb379849	Type-checked (and modern C compliant) OBJ_bsearch.	2008-10-12 14:32:47 +00:00
Ben Laurie	6665ef303e	Add missing DTLS1_BAD_VER (hope I got the value right).	2008-10-12 14:04:34 +00:00
Lutz Jänicke	7e7af0bc51	When the underlying BIO_write() fails to send a datagram, we leave the offending record queued as 'pending'. The DTLS code doesn't expect this, and we end up hitting an OPENSSL_assert() in do_dtls1_write(). The simple fix is just _not_ to leave it queued. In DTLS, dropping packets is perfectly acceptable -- and even preferable. If we wanted a service with retries and guaranteed delivery, we'd be using TCP. PR: #1703 Submitted by: David Woodhouse <dwmw2@infradead.org>	2008-10-10 10:41:35 +00:00
Bodo Möller	837f2fc7a4	Make sure that SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG can't enable disabled ciphersuites.	2008-09-22 21:22:47 +00:00
Bodo Möller	96562f2fb3	update comment	2008-09-14 19:50:55 +00:00
Bodo Möller	fcbdde0dfe	oops	2008-09-14 18:16:07 +00:00
Andy Polyakov	51ec776b7d	dtls1_write_bytes consumers expect amount of bytes written per call, not overall. PR: 1604	2008-09-14 17:56:15 +00:00
Bodo Möller	e65bcbcef0	Fix SSL state transitions. Submitted by: Nagendra Modadugu	2008-09-14 14:02:07 +00:00
Bodo Möller	f8d6be3f81	Some precautions to avoid potential security-relevant problems.	2008-09-14 13:42:34 +00:00
Andy Polyakov	d493899579	DTLS didn't handle alerts correctly. PR: 1632	2008-09-13 18:24:38 +00:00
Dr. Stephen Henson	3ad74edce8	Add SSL_FIPS flag for FIPS 140-2 approved ciphersuites and add a new strength "FIPS" to represent all FIPS approved ciphersuites without NULL encryption.	2008-09-10 16:02:09 +00:00
Dr. Stephen Henson	e8da6a1d0f	Fix from stable branch.	2008-09-03 22:17:11 +00:00
Dr. Stephen Henson	305514000c	Do not discard cached handshake records during resumed sessions: they are used for mac computation.	2008-09-03 12:36:16 +00:00
Dr. Stephen Henson	0702150f53	Make no-tlsext compile.	2008-09-03 12:29:57 +00:00
Bodo Möller	1cbf663a6c	sanity check PR: 1679	2008-08-13 19:45:06 +00:00
Geoff Thorpe	4c3296960d	Remove the dual-callback scheme for numeric and pointer thread IDs, deprecate the original (numeric-only) scheme, and replace with the CRYPTO_THREADID object. This hides the platform-specifics and should reduce the possibility for programming errors (where failing to explicitly check both thread ID forms could create subtle, platform-specific bugs). Thanks to Bodo, for invaluable review and feedback.	2008-08-06 15:54:15 +00:00
Geoff Thorpe	99649b5990	Fix signed/unsigned warning.	2008-08-05 17:48:02 +00:00
Bodo Möller	474b3b1cc8	Fix error codes for memory-saving patch. Also, get rid of compile-time switch OPENSSL_NO_RELEASE_BUFFERS because it was rather pointless (the new behavior has to be explicitly requested by setting SSL_MODE_RELEASE_BUFFERS anyway).	2008-08-04 22:10:38 +00:00
Dr. Stephen Henson	d4cdbab99b	Avoid warnings with -pedantic, specifically: Conversion between void * and function pointer. Value computed not used. Signed/unsigned argument.	2008-07-04 23:12:52 +00:00
Geoff Thorpe	5f834ab123	Revert my earlier CRYPTO_THREADID commit, I will commit a reworked version some time soon.	2008-07-03 19:59:25 +00:00
Dr. Stephen Henson	7555c9337f	Update from stable branch.	2008-06-05 15:13:45 +00:00
Dr. Stephen Henson	0b44c26d78	Remove test fprintf.	2008-06-04 22:39:05 +00:00
Dr. Stephen Henson	4db9677bac	Compilation option to use a specific ssl client auth engine automatically.	2008-06-04 22:34:38 +00:00
Ben Laurie	5ce278a77b	More type-checking.	2008-06-04 11:01:43 +00:00
Dr. Stephen Henson	59d2d48f64	Add support for client cert engine setting in s_client app. Add appropriate #ifdefs round client cert functions in headers.	2008-06-03 11:26:27 +00:00
Dr. Stephen Henson	45d3767d28	Prevent signed/unsigned warning on VC++	2008-06-03 10:17:45 +00:00
Ben Laurie	8671b89860	Memory saving patch.	2008-06-03 02:48:34 +00:00
Dr. Stephen Henson	bdfe932dca	Release engine reference when calling SSL_CTX_free().	2008-06-01 23:06:48 +00:00
Dr. Stephen Henson	3fc59c8406	Allow ENGINE client cert callback to specify a set of other certs, for the rest of the certificate chain. Currently unused.	2008-06-01 22:45:08 +00:00
Dr. Stephen Henson	c61915c659	Update error codes.	2008-06-01 22:34:40 +00:00
Dr. Stephen Henson	368888bcb6	Add client cert engine to SSL routines.	2008-06-01 22:33:24 +00:00
Dr. Stephen Henson	eafd6e5110	Update error codes, move typedef of SSL, SSL_CTX to ossl_typ.h	2008-06-01 21:18:47 +00:00
Bodo Möller	e194fe8f47	From HEAD: Fix flaw if 'Server Key exchange message' is omitted from a TLS handshake which could lead to a cilent crash as found using the Codenomicon TLS test suite (CVE-2008-1672) Reviewed by: openssl-security@openssl.org Obtained from: mark@awe.com	2008-05-28 22:17:34 +00:00
Bodo Möller	40a706286f	From HEAD: Fix double-free in TLS server name extensions which could lead to a remote crash found by Codenomicon TLS test suite (CVE-2008-0891) Reviewed by: openssl-security@openssl.org Obtained from: jorton@redhat.com	2008-05-28 22:15:48 +00:00
Ben Laurie	3c1d6bbc92	LHASH revamp. make depend.	2008-05-26 11:24:29 +00:00
Lutz Jänicke	17a4a4dff8	Reword comment to be much shorter to stop other people from complaining about "overcommenting".	2008-05-26 06:21:13 +00:00
Lutz Jänicke	c2c2e7a438	Clear error queue when starting SSL_CTX_use_certificate_chain_file PR: 1417, 1513 Submitted by: Erik de Castro Lopo <mle+openssl@mega-nerd.com>	2008-05-23 10:37:52 +00:00
Dr. Stephen Henson	8a2062fefe	Update from stable branch.	2008-04-30 16:14:02 +00:00
Dr. Stephen Henson	2f63ad5b35	Update from stable branch.	2008-04-29 17:22:35 +00:00
Dr. Stephen Henson	c78bba2343	Oops!	2008-04-29 16:46:46 +00:00
Dr. Stephen Henson	d26c905c67	Update from stable branch.	2008-04-29 16:44:51 +00:00
Dr. Stephen Henson	8fcc9caecc	Update from stable branch.	2008-04-29 16:39:03 +00:00
Dr. Stephen Henson	dc634aff25	Don't send zero length session ID if stateless session resupmtion is successful. Check be seeing if there is a cache hit.	2008-04-25 16:27:04 +00:00
Dr. Stephen Henson	8e3b2dbb31	Disable debugging fprintf.	2008-04-25 11:33:32 +00:00
Geoff Thorpe	f7ccba3edf	There was a need to support thread ID types that couldn't be reliably cast to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed version was added but it required portable code to check both modes to determine equality. This commit maintains the availability of both thread ID types, but deprecates the type-specific accessor APIs that invoke the callbacks - instead a single type-independent API is used. This simplifies software that calls into this interface, and should also make it less error-prone - as forgetting to call and compare both thread ID accessors could have led to hard-to-debug/infrequent bugs (that might only affect certain platforms or thread implementations). As the CHANGES note says, there were corresponding deprecations and replacements in the thread-related functions for BN_BLINDING and ERR too.	2008-03-28 02:49:43 +00:00
Dr. Stephen Henson	fe591284be	Update dependencies.	2008-03-22 18:52:03 +00:00
Geoff Thorpe	1e26a8baed	Fix a variety of warnings generated by some elevated compiler-fascism, OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...	2008-03-16 21:05:46 +00:00
Dr. Stephen Henson	8931b30d84	And so it begins... Initial support for CMS. Add zlib compression BIO. Add AES key wrap implementation. Generalize S/MIME MIME code to support CMS and/or PKCS7.	2008-03-12 21:14:28 +00:00
Andy Polyakov	aff686df91	Fix unsigned/signed warnings in ssl.	2008-01-05 21:35:34 +00:00
Dr. Stephen Henson	9400d9ac83	Initialize sigsize.	2007-12-14 16:53:50 +00:00
Dr. Stephen Henson	31f528b15d	Fix from stable branch.	2007-11-03 13:09:34 +00:00
Dr. Stephen Henson	8e1d3ba50e	Fix duplicate error codes.	2007-10-26 23:54:46 +00:00
Dr. Stephen Henson	0e1dba934f	1. Changes for s_client.c to make it return non-zero exit code in case of handshake failure 2. Changes to x509_certificate_type function (crypto/x509/x509type.c) to make it recognize GOST certificates as EVP_PKT_SIGN\|EVP_PKT_EXCH (required for s3_srvr to accept GOST client certificates). 3. Changes to EVP - adding of function EVP_PKEY_CTX_get0_peerkey - Make function EVP_PKEY_derive_set_peerkey work for context with ENCRYPT operation, because we use peerkey field in the context to pass non-ephemeral secret key to GOST encrypt operation. - added EVP_PKEY_CTRL_SET_IV control command. It is really GOST-specific, but it is used in SSL code, so it has to go in some header file, available during libssl compilation 4. Fix to HMAC to avoid call of OPENSSL_cleanse on undefined data 5. Include des.h if KSSL_DEBUG is defined into some libssl files, to make debugging output which depends on constants defined there, work and other KSSL_DEBUG output fixes 6. Declaration of real GOST ciphersuites, two authentication methods SSL_aGOST94 and SSL_aGOST2001 and one key exchange method SSL_kGOST 7. Implementation of these methods. 8. Support for sending unsolicited serverhello extension if GOST ciphersuite is selected. It is require for interoperability with CryptoPro CSP 3.0 and 3.6 and controlled by SSL_OP_CRYPTOPRO_TLSEXT_BUG constant. This constant is added to SSL_OP_ALL, because it does nothing, if non-GOST ciphersuite is selected, and all implementation of GOST include compatibility with CryptoPro. 9. Support for CertificateVerify message without length field. It is another CryptoPro bug, but support is made unconditional, because it does no harm for draft-conforming implementation. 10. In tls1_mac extra copy of stream mac context is no more done. When I've written currently commited code I haven't read EVP_DigestSignFinal manual carefully enough and haven't noticed that it does an internal digest ctx copying. This implementation was tested against 1. CryptoPro CSP 3.6 client and server 2. Cryptopro CSP 3.0 server	2007-10-26 12:06:36 +00:00
Dr. Stephen Henson	76c3ef7446	Fix from stable branch.	2007-10-18 11:42:47 +00:00
Andy Polyakov	659f7f3168	Don't let DTLS ChangeCipherSpec increment handshake sequence number. PR: 1587	2007-10-17 21:15:48 +00:00
Dr. Stephen Henson	3d3bf9c730	Don't lookup zero length session ID. PR: 1591	2007-10-17 17:31:57 +00:00
Dr. Stephen Henson	4017e8706c	Fix from stable branch.	2007-10-17 11:49:27 +00:00
Andy Polyakov	3ce54f35b3	Make ssl compile [from 098-stable, bug is masked by default].	2007-10-14 14:09:13 +00:00
Andy Polyakov	e979c039f9	Fix warnings in d1_both.c [from 0.9.8-stable].	2007-10-13 11:00:52 +00:00
Andy Polyakov	90acf770b5	DTLS fixes from 0.9.8-stable.	2007-10-13 10:57:02 +00:00
Andy Polyakov	a2115c5d17	Respect cookie length set by app_gen_cookie_cb. Submitted by: Alex Lam	2007-10-09 19:31:18 +00:00
Andy Polyakov	4fe55663df	Make DTLS1 record layer MAC calculation RFC compliant. Submitted by: Alex Lam	2007-10-09 19:19:07 +00:00
Andy Polyakov	5d58f1bbfe	Prohibit RC4 in DTLS.	2007-10-05 21:04:56 +00:00
Dr. Stephen Henson	4f19a9cb9f	Off by one fix from stable branch.	2007-10-04 12:07:52 +00:00
Andy Polyakov	81fe8dcfe1	Oops! This was erroneously left out commit #16632 .	2007-10-01 06:27:21 +00:00
Andy Polyakov	d527834a1d	Basic idea behind explicit IV is to make it unpredictable for attacker. Until now it was xor between CBC residue and 1st block from last datagram, or in other words still predictable.	2007-09-30 22:01:36 +00:00
Andy Polyakov	89c333e3e5	Make ChangeCipherSpec compliant with DTLS RFC4347.	2007-09-30 21:19:30 +00:00
Andy Polyakov	0d97d00b6c	DTLS RFC4347 says HelloVerifyRequest resets Finished MAC.	2007-09-30 19:34:36 +00:00
Andy Polyakov	e7adda52b3	DTLS RFC4347 requires client to use rame random field in reply to HelloVerifyRequest.	2007-09-30 19:15:27 +00:00
Andy Polyakov	7432d073af	Switch to RFC-compliant version encoding in DTLS.	2007-09-30 18:53:54 +00:00
Dr. Stephen Henson	04e2ab2c02	Move no status notification to ssl_check_serverhello_tlsext() to ensure no status is notified even if no server extensions are present.	2007-09-28 17:45:11 +00:00
Dr. Stephen Henson	67c8e7f414	Support for certificate status TLS extension.	2007-09-26 21:56:59 +00:00
Dr. Stephen Henson	870d6541f2	Use accept flag for new session ticket write.	2007-09-23 15:55:15 +00:00
Bodo Möller	02c27b113c	properly handle length-zero opaque PRF input values (which are pointless, but still might occur)	2007-09-23 11:30:53 +00:00
Bodo Möller	761772d7e1	Implement the Opaque PRF Input TLS extension (draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and bugfixes on the way. In particular, this fixes the buffer bounds checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext(). Note that the opaque PRF Input TLS extension is not compiled by default; see CHANGES.	2007-09-21 06:54:24 +00:00
Andy Polyakov	54ef01b54b	Fix indentation in d1_both.c.	2007-09-19 16:38:15 +00:00
Ben Laurie	9311c4421a	Fix dependencies. Make depend.	2007-09-19 14:53:18 +00:00
Ben Laurie	aaa4f448cf	The other half of make errors.	2007-09-19 14:51:28 +00:00
Ben Laurie	5f8b524619	make errors.	2007-09-19 14:29:59 +00:00
Bodo Möller	08111768a2	fix warning	2007-09-19 01:43:59 +00:00
Bodo Möller	1b827d7b6f	Clean up error codes a bit. (engines/ccgost/ remains utter chaos, though; "make errors" is not happy.)	2007-09-19 00:58:58 +00:00
Dr. Stephen Henson	c81898cbc4	Update from stable branch.	2007-09-17 17:31:53 +00:00
Dr. Stephen Henson	a6fbcb4220	Change safestack reimplementation to match 0.9.8. Fix additional gcc 4.2 value not used warnings.	2007-09-07 13:25:15 +00:00
Dr. Stephen Henson	8164032a2e	Fix warnings: computed value not use, incompatible pointer initialization and cast from pointer to int of different size (linux-x86_64 and align).	2007-09-07 13:03:25 +00:00
Dr. Stephen Henson	81025661a9	Update ssl code to support digests other than MD5+SHA1 in handshake. Submitted by: Victor B. Wagner <vitus@cryptocom.ru>	2007-08-31 12:42:53 +00:00
Dr. Stephen Henson	446124a258	Check return code when attempting to receive new session ticket message.	2007-08-31 00:28:01 +00:00
Dr. Stephen Henson	94d511cdbd	Add ctrls to set and get RFC4507bis keys to enable several contexts to reuse the same tickets.	2007-08-28 01:08:45 +00:00
Dr. Stephen Henson	956006b741	Use SHA256 for ticket HMAC if possible.	2007-08-20 12:35:20 +00:00
Dr. Stephen Henson	525de5d335	OPENSSL_NO_TLS1 WIN32 build support. Fix so normal build works again.	2007-08-12 23:59:05 +00:00
Dr. Stephen Henson	367eb1f125	Fix warning and make no-tlsext work.	2007-08-12 18:56:14 +00:00
Dr. Stephen Henson	3444961787	Typo.	2007-08-12 18:05:20 +00:00
Dr. Stephen Henson	710069c19e	Fix warnings.	2007-08-12 17:44:32 +00:00
Dr. Stephen Henson	ddd3a617ca	Remove debugging fprintfs, fix typo.	2007-08-12 17:06:28 +00:00
Dr. Stephen Henson	6434abbfc6	RFC4507 (including RFC4507bis) TLS stateless session resumption support for OpenSSL.	2007-08-11 23:18:29 +00:00
Dr. Stephen Henson	3c07d3a3d3	Finish gcc 4.2 changes.	2007-06-07 13:14:42 +00:00
Dr. Stephen Henson	b948e2c59e	Update ssl library to support EVP_PKEY MAC API. Include generic MAC support.	2007-06-04 17:04:40 +00:00
Bodo Möller	a291745eeb	fix function codes for error	2007-04-24 01:06:19 +00:00
Bodo Möller	cb1bab1a04	All ciphersuites should have a strength designator.	2007-04-24 00:13:51 +00:00
Bodo Möller	96afc1cfd5	Add SEED encryption algorithm. PR: 1503 Submitted by: KISA Reviewed by: Bodo Moeller	2007-04-23 23:48:59 +00:00
Ben Laurie	fa9fed1c3a	Don't use a negative number as a length. Coverity ID 57.	2007-04-05 16:28:48 +00:00
Dr. Stephen Henson	9981a51e42	Stage 1 GOST ciphersuite support. Submitted by: ran@cryptocom.ru Reviewed by: steve@openssl.org	2007-03-23 17:04:05 +00:00
Bodo Möller	0f32c841a6	stricter session ID context matching	2007-03-21 14:33:16 +00:00
Bodo Möller	882d29dd87	Fix incorrect substitution that happened during the recent ciphersuite selection remodeling Submitted by: Victor Duchovni	2007-02-22 21:31:19 +00:00
Bodo Möller	aa79dd6895	prefer SHA1 over MD5 (this affects the Kerberos ciphersuites)	2007-02-21 09:33:14 +00:00
Bodo Möller	60cad2caed	delete obsolete comment	2007-02-21 09:32:17 +00:00
Bodo Möller	114c9c36b1	SSL_kKRB5 ciphersuites shouldn't be preferred by default	2007-02-20 16:39:58 +00:00
Bodo Möller	fd5bc65cc8	Improve ciphersuite order stability when disabling ciphersuites. Change ssl_create_cipher_list() to prefer ephemeral ECDH over ephemeral DH.	2007-02-20 16:36:58 +00:00
Bodo Möller	e041863905	fix a typo in the new ciphersuite ordering code	2007-02-20 13:25:36 +00:00
Bodo Möller	0a05123a6c	Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a ciphersuite string such as "DEFAULT:RSA" cannot enable authentication-only ciphersuites. Also, change ssl_create_cipher_list() so that it no longer starts with an arbitrary ciphersuite ordering, but instead uses the logic that we previously had in SSL_DEFEAULT_CIPHER_LIST. SSL_DEFAULT_CIPHER_LIST simplifies into just "ALL:!aNULL:!eNULL".	2007-02-19 18:41:41 +00:00
Bodo Möller	2afe316721	fix warnings for CIPHER_DEBUG builds	2007-02-19 16:59:13 +00:00
Bodo Möller	7e69565fe6	fix warnings/inconsistencies caused by the recent changes to the ciphersuite selection code in HEAD Submitted by: Victor Duchovni	2007-02-19 14:53:18 +00:00
Bodo Möller	ccae144d62	fix incorrect strength bit values for certain Kerberos ciphersuites Submitted by: Victor Duchovni	2007-02-19 14:49:12 +00:00
Bodo Möller	52b8dad8ec	Reorganize the data used for SSL ciphersuite pattern matching. This change resolves a number of problems and obviates multiple kludges. A new feature is that you can now say "AES256" or "AES128" (not just "AES", which enables both). In some cases the ciphersuite list generated from a given string is affected by this change. I hope this is just in those cases where the previous behaviour did not make sense.	2007-02-17 06:45:38 +00:00
Nils Larsch	cc684e330b	ensure that the EVP_CIPHER_CTX object is initialized PR: 1490	2007-02-16 20:34:15 +00:00
Nils Larsch	15780a1ea0	use user-supplied malloc functions for persistent kssl objects PR: 1467 Submitted by: Andrei Pelinescu-Onciul <andrei@iptel.org>	2007-02-10 10:42:48 +00:00
Nils Larsch	feaaf1dbea	ensure that a ec key is used PR: 1476	2007-02-07 20:28:19 +00:00
Dr. Stephen Henson	42182852f5	Constify version strings is ssl lib.	2007-01-21 16:06:05 +00:00
Nils Larsch	39d764ed58	remove undefined constant	2007-01-03 20:00:32 +00:00
Nils Larsch	fec38ca4ed	fix typos PR: 1354, 1355, 1398, 1408	2006-12-21 21:13:27 +00:00
Dr. Stephen Henson	d137b56a5b	Win32 fixes from stable branch.	2006-11-30 13:39:34 +00:00
Nils Larsch	7806f3dd4b	replace macros with functions Submitted by: Tracy Camp <tracyx.e.camp@intel.com>	2006-11-29 20:54:57 +00:00
Bodo Möller	1e24b3a09e	fix support for receiving fragmented handshake messages	2006-11-29 14:45:50 +00:00
Dr. Stephen Henson	47a9d527ab	Update from 0.9.8 stable. Eliminate duplicate error codes.	2006-11-21 21:29:44 +00:00
Nils Larsch	1611b9ed80	remove SSLEAY_MACROS code	2006-11-06 19:53:39 +00:00
Andy Polyakov	a4d64c7f49	Align data payload for better performance.	2006-10-20 11:26:00 +00:00
Mark J. Cox	3ff55e9680	Fix buffer overflow in SSL_get_shared_ciphers() function. (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team] Fix SSL client code which could crash if connecting to a malicious SSLv2 server. (CVE-2006-4343) [Tavis Ormandy and Will Drewry, Google Security Team]	2006-09-28 13:18:43 +00:00
Richard Levitte	cbb92dfaf0	Fixes for the following claims: 1) Certificate Message with no certs OpenSSL implementation sends the Certificate message during SSL handshake, however as per the specification, these have been omitted. -- RFC 2712 -- CertificateRequest, and the ServerKeyExchange shown in Figure 1 will be omitted since authentication and the establishment of a master secret will be done using the client's Kerberos credentials for the TLS server. The client's certificate will be omitted for the same reason. -- RFC 2712 -- 3) Pre-master secret Protocol version The pre-master secret generated by OpenSSL does not have the correct client version. RFC 2712 says, if the Kerberos option is selected, the pre-master secret structure is the same as that used in the RSA case. TLS specification defines pre-master secret as: struct { ProtocolVersion client_version; opaque random[46]; } PreMasterSecret; where client_version is the latest protocol version supported by the client The pre-master secret generated by OpenSSL does not have the correct client version. The implementation does not update the first 2 bytes of random secret for Kerberos Cipher suites. At the server-end, the client version from the pre-master secret is not validated. PR: 1336	2006-09-28 12:22:58 +00:00
Dr. Stephen Henson	89c9c66736	Submitted by: Brad Spencer <spencer@jacknife.org> Reviewed by: steve	2006-09-23 17:29:49 +00:00
Bodo Möller	ed65f7dc34	ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0 ciphersuite as well	2006-09-11 09:49:03 +00:00
Ben Laurie	777c47acbe	Make things static that should be. Declare stuff in headers that should be. Fix warnings.	2006-08-28 17:01:04 +00:00
Bodo Möller	ed3ecd801e	Error messages for client ECC cert verification. Also, change the default ciphersuite to give some prefererence to ciphersuites with forwared secrecy (rather than using a random order).	2006-06-15 19:58:22 +00:00
Bodo Möller	076944d920	Fix algorithm handling for ECC ciphersuites: Adapt to recent changes, and allow more general RSA OIDs for ECC certs with RSA CA sig.	2006-06-15 18:28:00 +00:00
Bodo Möller	09e20e0bd8	Fix another new bug in the cipherstring logic.	2006-06-15 17:17:06 +00:00
Bodo Möller	a717831da4	Fix another bug introduced yesterday when deleting Fortezza stuff: make sure 'mask' is initialized in ssl_cipher_get_disabled(). Also simplify code by removing some unused arguments in static functions.	2006-06-15 16:54:20 +00:00
Bodo Möller	4dfc8f1f0b	Oops ... deleted too much in the previous commit when I deleted the Fortezza stuff	2006-06-15 16:07:10 +00:00
Bodo Möller	5b57fe0a1e	Disable invalid ciphersuites	2006-06-14 17:51:46 +00:00
Bodo Möller	89bbe14c50	Ciphersuite string bugfixes, and ECC-related (re-)definitions.	2006-06-14 17:40:31 +00:00
Bodo Möller	6635b48cd1	Make sure that AES ciphersuites get priority over Camellia ciphersuites in the default cipher string.	2006-06-14 13:58:48 +00:00
Bodo Möller	675f605d44	Thread-safety fixes	2006-06-14 08:55:23 +00:00
Bodo Möller	f3dea9a595	Camellia cipher, contributed by NTT Submitted by: Masashi Fujita Reviewed by: Bodo Moeller	2006-06-09 15:44:59 +00:00
Richard Levitte	4d4e08ec1c	Use a new signed int ii instead of j (which is unsigned) to handle the return value from sk_SSL_CIPHER_find().	2006-05-28 19:44:27 +00:00
Dr. Stephen Henson	6657b9c73a	Fix warnings.	2006-05-26 13:27:58 +00:00
Richard Levitte	7e76e56387	Someone made a mistake, and some function and reason codes got duplicate numbers. Renumbering.	2006-05-12 15:27:52 +00:00
Dr. Stephen Henson	5cda6c4582	Fix from stable branch.	2006-05-07 12:30:37 +00:00
Dr. Stephen Henson	c20276e4ae	Fix (most) WIN32 warnings and errors.	2006-04-17 12:08:22 +00:00
Dr. Stephen Henson	ba1ba5f0fb	If cipher list contains a match for an explicit ciphersuite only match that one suite.	2006-04-15 00:22:05 +00:00
Dr. Stephen Henson	8795d38906	Update dependencies.	2006-04-08 13:04:31 +00:00
Bodo Möller	a01d9ac558	Remove ECC extension information from external representation of the session -- we don't really need it once the handshake has completed.	2006-04-05 17:11:19 +00:00
Dr. Stephen Henson	e2bce37720	Stop warning.	2006-04-04 18:11:49 +00:00
Bodo Möller	a4974de937	clarification	2006-04-03 14:11:23 +00:00
Bodo Möller	22f41c9b99	check length properly Submitted by: Peter Sylvester	2006-04-03 13:57:56 +00:00
Bodo Möller	a123c552cd	simplify: use s2n macro	2006-04-03 13:07:18 +00:00
Bodo Möller	b2172f4f8e	Avoid hard-coded table length where we can use sizeof. Submitted by: Peter Sylvester Reviewed by: Bodo Moeller	2006-04-03 11:56:30 +00:00
Bodo Möller	dc1d1b6934	fix memory leak Submitted by: Peter Sylvester	2006-04-03 11:49:18 +00:00
Bodo Möller	a70183bc80	fix for hostname extension Submitted by: Kaspar Brand, Peter Sylvester	2006-03-30 02:53:30 +00:00
Bodo Möller	332737217a	Implement Supported Elliptic Curves Extension. Submitted by: Douglas Stebila	2006-03-30 02:44:56 +00:00
Bodo Möller	f393b7449d	Implement cipher-suite selection logic given Supported Point Formats Extension. Submitted by: Douglas Stebila	2006-03-30 02:35:09 +00:00
Bodo Möller	9e5dba197c	Simplify ASN.1 for point format list Submitted by: Douglas Stebila	2006-03-26 10:53:52 +00:00
Nils Larsch	c6a27f0178	fix for OPENSSL_NO_EC PR: 1293	2006-03-15 19:17:56 +00:00
Nils Larsch	67b6f1ca88	fix problems found by coverity: remove useless code	2006-03-15 17:45:43 +00:00
Richard Levitte	a4ff392503	tlsext_ecpointformatlist_length is unsigned, so check if it's less than zero will only result in pissing of some compilers...	2006-03-15 09:57:16 +00:00
Nils Larsch	90bdfd97a6	signed vs. unsigned	2006-03-13 22:07:05 +00:00
Richard Levitte	b9865f110e	Oh, now I noticed Bodo's change that made tlsext_ecpointformatlist unsigned...	2006-03-13 12:37:19 +00:00
Richard Levitte	07ef612968	Resolve signed vs. unsigned issues	2006-03-13 12:32:51 +00:00
Bodo Möller	019fdc7850	fix sign problems	2006-03-13 09:55:06 +00:00
Nils Larsch	7c382796be	remove unused variables	2006-03-13 07:21:39 +00:00
Bodo Möller	b6acb8d0de	udpate Supported Point Formats Extension code Submitted by: Douglas Stebila	2006-03-13 01:24:38 +00:00
Nils Larsch	6adbcb9755	fix comment Submitted by: Peter Sylvester	2006-03-12 23:00:32 +00:00
Nils Larsch	e968089485	use BIO_snprintf() instead of snprintf + use BIO_FP_TEXT for text output Submitted by: Gisle Vanem	2006-03-12 22:16:57 +00:00
Bodo Möller	36ca4ba63d	Implement the Supported Point Formats Extension for ECC ciphersuites Submitted by: Douglas Stebila	2006-03-11 23:46:37 +00:00
Nils Larsch	ddac197404	add initial support for RFC 4279 PSK SSL ciphersuites PR: 1191 Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation Reviewed by: Nils Larsch	2006-03-10 23:06:27 +00:00
Nils Larsch	f71165b556	fix no-dh configure option; patch supplied by Peter Meerwald	2006-02-24 17:58:43 +00:00
Bodo Möller	e67ed82877	move new member of SSL_SESSION to the end (minimize changes to binary format) Submitted by: Peter Sylvester	2006-02-07 14:26:43 +00:00
Dr. Stephen Henson	15ac971681	Update filenames in makefiles.	2006-02-04 01:45:59 +00:00
Nils Larsch	8c5a2bd6bb	add additional checks + cleanup Submitted by: David Hartman <david_hartman@symantec.com>	2006-01-29 23:12:22 +00:00
Nils Larsch	00fe865dbe	recent changes from 0.9.8: fix cipher list order in s3_lib.c, make "no-ssl2" work again PR: 1217	2006-01-15 17:35:28 +00:00
Richard Levitte	6b9e941ee3	signed vs. unsigned clash.	2006-01-14 11:49:24 +00:00
Bodo Möller	58ece83395	Further TLS extension improvements Submitted by: Peter Sylvester	2006-01-13 09:21:10 +00:00
Bodo Möller	6ad47e83b4	improvements for alert handling	2006-01-11 07:18:35 +00:00
Bodo Möller	241520e66d	More TLS extension related changes. Submitted by: Peter Sylvester	2006-01-11 06:10:40 +00:00
Bodo Möller	a13c20f603	Further TLS extension updates Submitted by: Peter Sylvester	2006-01-09 19:49:05 +00:00
Bodo Möller	51eb1b81f6	Avoid contradictive error code assignments. "make errors".	2006-01-08 21:54:24 +00:00
Bodo Möller	739a543ea8	Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)	2006-01-08 19:42:30 +00:00
Bodo Möller	01c76c6606	There's no such things as DTLS1_AD_MISSING_HANDSHAKE_MESSAGE. For now, anyway.	2006-01-07 20:44:29 +00:00
Bodo Möller	d32f888db1	prepare for additional RFC3546 alerts	2006-01-07 20:33:16 +00:00
Bodo Möller	f7914dbf9a	make sure that the unrecognized_name alert actually gets sent Submitted by: Peter Sylvester	2006-01-07 20:29:50 +00:00
Bodo Möller	3ff94a009b	complete and correct RFC3546 error codes	2006-01-07 20:28:11 +00:00
Bodo Möller	1aeb3da83f	Fixes for TLS server_name extension Submitted by: Peter Sylvester	2006-01-06 09:08:59 +00:00
Richard Levitte	8de5b7f548	Fix signed/unsigned char clashes.	2006-01-04 12:02:43 +00:00
Bodo Möller	f1fd4544a3	Various changes in the new TLS extension code, including the following: - fix indentation - rename some functions and macros - fix up confusion between SSL_ERROR_... and SSL_AD_... values	2006-01-03 03:27:19 +00:00
Bodo Möller	ed3883d21b	Support TLS extensions (specifically, HostName) Submitted by: Peter Sylvester	2006-01-02 23:14:37 +00:00
Bodo Möller	7476f3ac3b	Rewrite timeout computation in a way that is less prone to overflow. (Problem reported by Peter Sylvester.)	2005-12-30 23:51:36 +00:00
Andy Polyakov	be7b4458f2	Keep disclaiming 16-bit platform support. For now remove WIN16 references from .h files...	2005-12-18 19:11:37 +00:00
Bodo Möller	d56349a2aa	update TLS-ECC code Submitted by: Douglas Stebila	2005-12-13 07:33:35 +00:00
Dr. Stephen Henson	7bbcb2f690	Avoid warnings on VC++ 2005.	2005-12-05 17:21:22 +00:00
Bodo Möller	d804f86b88	disable some invalid ciphersuites	2005-11-15 23:32:11 +00:00
Bodo Möller	72dce7685e	Add fixes for CAN-2005-2969. (This were in 0.9.7-stable and 0.9.8-stable, but not in HEAD so far.)	2005-10-26 19:40:45 +00:00
Dr. Stephen Henson	c1de1a190d	Avoid warning on Win32.	2005-10-08 17:31:18 +00:00
Dr. Stephen Henson	566dda07ba	New option SSL_OP_NO_COMP to disable compression. New ctrls to set maximum send fragment size. Allocate I/O buffers accordingly.	2005-10-08 00:18:53 +00:00
Dr. Stephen Henson	231b98a5e1	Make OPENSSL_NO_COMP work under Win32.	2005-10-02 12:28:40 +00:00
Dr. Stephen Henson	d08b6b44ba	Fix compilation without OPENSSL_NO_COMP :-)	2005-10-01 00:40:34 +00:00
Dr. Stephen Henson	09b6c2ef15	Make OPENSSL_NO_COMP compile again.	2005-09-30 23:35:33 +00:00
Dr. Stephen Henson	61094cf3dc	128 bit AES ciphersuites should be classified as HIGH.	2005-09-21 00:55:42 +00:00
Nils Larsch	8215e7a938	fix warnings when building openssl with the following compiler options: -Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar -Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts -Wstrict-prototypes -Wreturn-type -Wpointer-arith -W -Wunused -Wno-unused-parameter -Wuninitialized	2005-08-28 22:49:57 +00:00
Ben Laurie	337e368239	Fix warnings.	2005-08-27 12:10:34 +00:00
Nils Larsch	6e119bb02e	Keep cipher lists sorted in the source instead of sorting them at runtime, thus removing the need for a lock. Add a test to ssltest to verify that the cipher lists are sorted.	2005-08-25 07:29:54 +00:00
Nils Larsch	7f3c9036ea	initialize cipher/digest methods table in SSL_library_init() and hence remove the need for a lock	2005-08-21 23:06:23 +00:00
Nils Larsch	4ebb342fcd	Let the TLSv1_method() etc. functions return a const SSL_METHOD pointer and make the SSL_METHOD parameter in SSL_CTX_new, SSL_CTX_set_ssl_version and SSL_set_ssl_method const.	2005-08-14 21:48:33 +00:00
Nils Larsch	eba63ef58b	a ssl object needs it's own instance of a ecdh key; remove obsolete comment	2005-08-08 20:02:18 +00:00
Nils Larsch	01a9792f05	remove unused internal foo_base_method functions	2005-08-08 19:04:37 +00:00
Dr. Stephen Henson	f3b656b246	Initialize SSL_METHOD structures at compile time. This removes the need for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.	2005-08-05 23:56:11 +00:00
Andy Polyakov	19bd66fe74	WCE update, mostly typos.	2005-08-03 19:56:36 +00:00
Nils Larsch	c755c5fd8b	improved error checking and some fixes PR: 1170 Submitted by: Yair Elharrar Reviewed and edited by: Nils Larsch	2005-07-26 21:10:34 +00:00
Richard Levitte	b2a9d36a7f	bytes_to_long_long isn't used anywhere any more, so let's remove it entirely.	2005-07-26 05:10:50 +00:00
Richard Levitte	04f15edb91	I'm reversing this change, as it seems the error is somewhere else.	2005-07-26 04:53:21 +00:00
Geoff Thorpe	f920c5b590	Fix signed/unsigned warnings.	2005-07-26 04:25:05 +00:00
Geoff Thorpe	05fc7018f8	Fix PEDANTIC compilation, using the same trick as elsewhere.	2005-07-26 04:05:03 +00:00
Geoff Thorpe	a384002724	Fix 64-bit compilation when PQ_64BIT_IS_INTEGER isn't defined.	2005-07-26 04:01:50 +00:00
Geoff Thorpe	20a90e3a76	Fix some signed/unsigned warnings.	2005-07-22 03:36:30 +00:00
Nils Larsch	3eeaab4bed	make ./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa] make depend all test work again PR: 1159	2005-07-16 12:37:36 +00:00
Ben Laurie	a51a97262d	Brought forward from 0.9.8 - 64 bit warning fixes and fussy compiler fixes.	2005-06-29 11:02:15 +00:00
Andy Polyakov	83e68987b3	Eliminate dependency on UNICODE macro.	2005-06-27 21:27:23 +00:00
Richard Levitte	543b4ecc13	DCC doesn't like argument names in returned function pointers. PR: 1122	2005-06-23 21:35:25 +00:00
Andy Polyakov	44eff497e8	Fix typo in ssl/d1_pkt.c.	2005-06-20 19:36:34 +00:00
Andy Polyakov	50ec3951dc	Handle wrap-arounds and revive missing assignment.	2005-06-20 12:40:37 +00:00
Richard Levitte	fbd63d0784	Do not undefine _XOPEN_SOURCE. This is currently experimental, and will be firmed up as soon as it's been verified not to break anything.	2005-06-16 22:20:55 +00:00
Nils Larsch	f0747cd950	- let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an error if the cipher list is empty - fix last commit in ssl_create_cipher_list - clean up ssl_create_cipher_list	2005-06-10 19:55:26 +00:00
Nils Larsch	052ec89927	use "=" instead of "\|=", fix typo	2005-06-08 22:22:33 +00:00
Nils Larsch	cbed917fee	ssl_create_cipher_list should return an error if no cipher could be collected (see SSL_CTX_set_cipher_list manpage). Fix handling of "cipher1+cipher2" expressions in ssl_cipher_process_rulestr. PR: 836 + 1005	2005-06-08 21:19:14 +00:00
Andy Polyakov	dffdb56b7f	"Liberate" dtls from BN dependency. Fix bug in replay/update.	2005-06-07 22:21:14 +00:00
Richard Levitte	d1acb9b44f	Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true), depending on which is true. Use those flags everywhere else to provide the correct implementation for handling certain operations in q PQ_64BIT.	2005-06-06 00:32:11 +00:00
Richard Levitte	02c5ddf91e	From 0.9.8-stable: handshake_write_seq is an unsigned short, so treat it like one	2005-06-04 04:18:26 +00:00
Nils Larsch	1d42741a19	clear error queue on success and return NULL if no cert could be read PR: 1088	2005-06-01 08:38:44 +00:00
Richard Levitte	75c00536ba	Synchronise more with the Unix build.	2005-05-31 20:28:41 +00:00
Richard Levitte	188b05792f	pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't have a uniform representation for those over all architectures, so a little bit of hackery is needed. Contributed by nagendra modadugu <nagendra@cs.stanford.edu>	2005-05-30 22:34:37 +00:00
Richard Levitte	80b168a5a9	We have some source with \r\n as line ends. DEC C informs about that, and I really can't be bothered...	2005-05-29 12:13:51 +00:00
Richard Levitte	fe8bf9560d	When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html. Notified by David Wolfe <dwolfe5272@yahoo.com>	2005-05-21 17:39:43 +00:00
Andy Polyakov	ce92b6eb9c	Further BUILDENV refinement, further fool-proofing of Makefiles and [most importantly] put back dependencies accidentaly eliminated in check-in #13342.	2005-05-16 16:55:47 +00:00
Nils Larsch	9dd8405341	ecc api cleanup; summary: - hide the EC_KEY structure definition in ec_lcl.c + add some functions to use/access the EC_KEY fields - change the way how method specific data (ecdsa/ecdh) is attached to a EC_KEY - add ECDSA_sign_ex and ECDSA_do_sign_ex functions with additional parameters for pre-computed values - rebuild libeay.num from 0.9.7	2005-05-16 10:11:04 +00:00
Andy Polyakov	81a86fcf17	Fool-proofing Makefiles	2005-05-15 22:23:26 +00:00
Dr. Stephen Henson	f795123c4a	Fix from stable branch.	2005-05-12 22:39:42 +00:00
Bodo Möller	3f19bbf4e3	fix msg_callback() arguments for SSL 2.0 compatible client hello (previous revision got this wrong)	2005-05-12 06:24:25 +00:00
Bodo Möller	c6c2e3135d	Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled with the SSL_OP_NO_SSLv2 option.	2005-05-11 18:25:49 +00:00
Nils Larsch	35e8510e60	use 'p' as conversion specifier for printf to avoid truncation of pointers on 64 bit platforms. Patch supplied by Daniel Gryniewicz via Mike Frysinger <vapier@gentoo.org>. PR: 1064	2005-05-10 11:55:28 +00:00
Nils Larsch	8b15c74018	give EC_GROUP_new_by_nid a more meanigful name: EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name	2005-05-10 11:37:47 +00:00
Bodo Möller	fbeaa3c47d	Update util/ck_errf.pl script, and have it run automatically during "make errors" and thus during "make update". Fix lots of bugs that util/ck_errf.pl can detect automatically. Various others of these are still left to fix; that's why "make update" will complain loudly when run now.	2005-05-09 00:27:37 +00:00
Nils Larsch	7dc17a6cf0	give EC_GROUP_*_nid functions a more meaningful name EC_GROUP_get_nid -> EC_GROUP_get_curve_name EC_GROUP_set_nid -> EC_GROUP_set_curve_name	2005-05-08 22:09:12 +00:00
Nils Larsch	9e5790ce21	backport fix from the stable branch	2005-05-03 10:00:16 +00:00
Nils Larsch	7c7667b86b	check return value of RAND_pseudo_bytes; backport from the stable branch	2005-04-29 20:10:06 +00:00
Dr. Stephen Henson	6c61726b2a	Lots of Win32 fixes for DTLS. 1. "unsigned long long" isn't portable changed: to BN_ULLONG. 2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used. 2. Avoid lots of compiler warnings about signed/unsigned mismatches. 3. Include new library directory pqueue in mk1mf build system. 4. Update symbols.	2005-04-27 16:27:14 +00:00
Bodo Möller	aa4ce7315f	Fix various incorrect error function codes. ("perl util/ck_errf.pl /.c //*.c" still reports many more.)	2005-04-26 18:53:22 +00:00
Bodo Möller	480506bd49	remove some functions from exported headers	2005-04-26 18:18:35 +00:00
Bodo Möller	0d5ea7613e	make update	2005-04-26 18:09:21 +00:00
Bodo Möller	beb056b303	fix SSLerr stuff for DTLS1 code; move some functions from exported header <openssl/dtl1.h> into "ssl_locl.h"; fix silly indentation (a TAB is not always 4 spaces)	2005-04-26 18:08:00 +00:00
Dr. Stephen Henson	4e321ffaff	Fixes for signed/unsigned warnings and shadows.	2005-04-26 17:43:53 +00:00
Ben Laurie	36d16f8ee0	Add DTLS support.	2005-04-26 16:02:40 +00:00
Nils Larsch	965a1cb92e	change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible	2005-04-23 10:11:16 +00:00
Dr. Stephen Henson	384dba6edb	Make kerberos ciphersuite code compile again. Avoid more shadow warnings.	2005-04-20 21:48:48 +00:00
Andy Polyakov	3ed449e94a	More cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...	2005-04-13 21:46:30 +00:00
Dr. Stephen Henson	29dc350813	Rebuild error codes.	2005-04-12 16:15:22 +00:00
Richard Levitte	4bb61becbb	Add emacs cache files to .cvsignore.	2005-04-11 14:17:07 +00:00
Dr. Stephen Henson	0858b71b41	Make kerberos ciphersuite code work with newer header files	2005-04-09 23:55:55 +00:00
Richard Levitte	d9bfe4f97c	Added restrictions on the use of proxy certificates, as they may pose a security threat on unexpecting applications. Document and test.	2005-04-09 16:07:12 +00:00
Nils Larsch	dc0ed30cfe	add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file() PR: 1035 Submitted by: Walter Goulet Reviewed by: Nils Larsch	2005-04-08 22:52:42 +00:00
Nils Larsch	6049399baf	get rid of very buggy and very imcomplete DH cert support Reviewed by: Bodo Moeller	2005-04-07 23:19:17 +00:00
Nils Larsch	48c832b6b7	really clear the error queue here PR: 860	2005-04-01 17:50:09 +00:00
Nils Larsch	f3e427f6f9	use SSL3_VERSION_MAJOR instead of SSL3_VERSION etc. PR: 658	2005-04-01 17:35:32 +00:00
Ben Laurie	41a15c4f0f	Give everything prototypes (well, everything that's actually used).	2005-03-31 09:26:39 +00:00
Ben Laurie	42ba5d2329	Blow away Makefile.ssl.	2005-03-30 13:05:57 +00:00
Ben Laurie	0821bcd4de	Constification.	2005-03-30 10:26:02 +00:00
Dr. Stephen Henson	59b6836ab2	Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server and client random values.	2005-03-22 14:11:06 +00:00
Nils Larsch	f4bfd357e5	some const fixes	2005-03-20 22:56:07 +00:00
Richard Levitte	a963395a7b	Apparently, at least with my VMS C environment, defining _XOPEN_SOURCE gets _POSIX_C_SOURC and _ANSI_C_SOURCE defined, which stops u_int from being defined, and that breaks havock into the rest of the standard headers... sigh	2005-01-19 17:03:07 +00:00
Richard Levitte	d8863f0bdb	Small thing. It seems like we have to defined _XOPEN_SOURCE to get isascii() on DEC/Compaq/HP C for VMS.	2005-01-18 16:46:02 +00:00
Richard Levitte	a7201e9a1b	Changes concering RFC 3820 (proxy certificates) integration: - Enforce that there should be no policy settings when the language is one of id-ppl-independent or id-ppl-inheritAll. - Add functionality to ssltest.c so that it can process proxy rights and check that they are set correctly. Rights consist of ASCII letters, and the condition is a boolean expression that includes letters, parenthesis, &, \| and ^. - Change the proxy certificate configurations so they get proxy rights that are understood by ssltest.c. - Add a script that tests proxy certificates with SSL operations. Other changes: - Change the copyright end year in mkerr.pl. - make update.	2005-01-17 17:06:58 +00:00
Richard Levitte	c4d423511a	Small typo, `mask' got the same value ORed to it twice instead of `mask' and `emask' getting that operation done once each. Patch supplied by Nils Larsch <nils.larsch@cybertrust.com>	2005-01-12 16:40:48 +00:00
Richard Levitte	a2ac429da2	Don't use $(EXHEADER) directly in for loops, as most shells will break if $(EXHEADER) is empty. Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>	2004-11-02 23:55:01 +00:00
Dr. Stephen Henson	c284f20f00	Fix race condition when SSL ciphers are initialized.	2004-10-25 11:14:16 +00:00
Dr. Stephen Henson	5d7c222db8	New X509_VERIFY_PARAM structure and associated functionality. This tidies up verify parameters and adds support for integrated policy checking. Add support for policy related command line options. Currently only in smime application. WARNING: experimental code subject to change.	2004-09-06 18:43:01 +00:00
Richard Levitte	d28f7bc74d	make update	2004-07-10 13:18:23 +00:00
Richard Levitte	4083a229b4	Use the new directory reading functions.	2004-07-10 13:17:16 +00:00
Richard Levitte	6713a4835f	Move some COMP functions to be inside the #ifndef OPENSSL_NO_COMP wrapping preprocessor directive. This also removes a duplicate declaration.	2004-05-20 23:47:57 +00:00
Geoff Thorpe	9c52d2cc75	After the latest round of header-hacking, regenerate the dependencies in the Makefiles. NB: this commit is probably going to generate a huge posting and it is highly uninteresting to read.	2004-05-17 19:26:06 +00:00
Geoff Thorpe	d095b68d63	Deprecate quite a few recursive includes from the ssl.h API header and remove some unnecessary includes from the internal header ssl_locl.h. This then requires adding includes for bn.h in four C files.	2004-05-17 18:53:47 +00:00
Dr. Stephen Henson	4843acc868	Fixes so alerts are sent properly in s3_pkt.c PR: 851	2004-05-15 17:55:07 +00:00
Geoff Thorpe	bcfea9fb25	Allow RSA key-generation to specify an arbitrary public exponent. Jelte proposed the change and submitted the patch, I jiggled it slightly and adjusted the other parts of openssl that were affected. PR: 867 Submitted by: Jelte Jansen Reviewed by: Geoff Thorpe	2004-04-26 15:31:35 +00:00
Geoff Thorpe	c57bc2dc51	make update	2004-04-19 18:33:41 +00:00
Geoff Thorpe	60a938c6bc	(oops) Apologies all, that last header-cleanup commit was from the wrong tree. This further reduces header interdependencies, and makes some associated cleanups.	2004-04-19 18:09:28 +00:00
Richard Levitte	0020502a07	SSL_COMP_get_compression_method is a typo (a missing 's' at the end of the symbol name).	2004-03-25 21:32:30 +00:00
Dr. Stephen Henson	4e8172d6da	Avoid warnings.	2004-03-16 13:51:11 +00:00
Richard Levitte	875a644a90	Constify d2i, s2i, c2i and r2i functions and other associated functions and macros. This change has associated tags: LEVITTE_before_const and LEVITTE_after_const. Those will be removed when this change has been properly reviewed.	2004-03-15 23:15:26 +00:00
Richard Levitte	1fb724449d	make update	2004-01-28 18:38:33 +00:00
Lutz Jänicke	344e86645d	unintptr_t and <inttypes.h> are not strictly portable with respect to ANSI C 89. Undo change to maintain compatibility.	2004-01-04 17:53:21 +00:00
Richard Levitte	5fdf06666c	Avoid including cryptlib.h, it's not really needed. Check if IDEA is being built or not. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 16:10:30 +00:00
Richard Levitte	79b42e7654	Use sh explicitely to run point.sh This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 14:59:07 +00:00
Lutz Jänicke	919f8bcd21	Restructure make targets to allow parallel make. Submitted by: Witold Filipczyk <witekfl@poczta.gazeta.pl> PR: #513	2003-12-03 16:29:41 +00:00
Richard Levitte	3822740ce3	We're getting a clash with C++ because it has a type called 'list'. Therefore, change all instances of the symbol 'list' to something else. PR: 758 Submitted by: Frédéric Giudicelli <groups@newpki.org>	2003-11-29 10:25:37 +00:00
Richard Levitte	70ef9c5a3d	RSA_size() and DH_size() return the amount of bytes in a key, and we compared it to the amount of bits required... PR: 770 Submitted by: c zhang <czhang2005@hotmail.com>	2003-11-28 23:03:14 +00:00
Richard Levitte	4d8743f490	Netware-specific changes, PR: 780 Submitted by: Verdon Walker <VWalker@novell.com> Reviewed by: Richard Levitte	2003-11-28 13:10:58 +00:00
Geoff Thorpe	d8ec0dcf45	Avoid some shadowed variable names. Submitted by: Nils Larsch	2003-11-04 00:51:32 +00:00
Geoff Thorpe	2754597013	A general spring-cleaning (in autumn) to fix up signed/unsigned warnings. I have tried to convert 'len' type variable declarations to unsigned as a means to address these warnings when appropriate, but when in doubt I have used casts in the comparisons instead. The better solution (that would get us all lynched by API users) would be to go through and convert all the function prototypes and structure definitions to use unsigned variables except when signed is necessary. The proliferation of (signed) "int" for strictly non-negative uses is unfortunate.	2003-10-29 20:24:15 +00:00
Dr. Stephen Henson	a08ced78c8	Avoid warnings: add missing prototype, don't shadow.	2003-10-10 23:07:24 +00:00
Richard Levitte	377dcdba44	Add functionality to get information on compression methods (not quite complete).	2003-10-06 12:18:39 +00:00
Richard Levitte	8242354952	Make sure int SSL_COMP_add_compression_method() checks if a certain compression identity is already present among the registered compression methods, and if so, reject the addition request. Declare SSL_COMP_get_compression_method() so it can be used properly. Change ssltest.c so it checks what compression methods are available and enumerates them. As a side-effect, built-in compression methods will be automagically loaded that way. Additionally, change the identities for ZLIB and RLE to be conformant to draft-ietf-tls-compression-05.txt. Finally, make update. Next on my list: have the built-in compression methods added "automatically" instead of requiring that the author call SSL_COMP_add_compression_method() or SSL_COMP_get_compression_methods().	2003-10-06 11:00:15 +00:00
Richard Levitte	f82ab534c6	Check for errors from SSL_COMP_add_compression_method(). Notified by Andrew Marlow <AMARLOW1@bloomberg.net>	2003-10-02 10:41:48 +00:00
Richard Levitte	f6e8c19ed1	Correct a mixup of return values	2003-10-02 10:38:44 +00:00
Richard Levitte	ba9f80c5d5	Have ssl3_ssl3_send_client_verify() change the state to SSL3_ST_SW_CERT_VRFY_B. PR: 679	2003-09-27 19:32:06 +00:00
Richard Levitte	e59659dc41	Have ssl3_send_certificate_request() change the state to SSL3_ST_SW_CERT_REQ_B. PR: 680	2003-09-27 19:27:06 +00:00
Richard Levitte	253e893c2b	Include the instance in the Kerberos ticket information. In s_server, print the received Kerberos information. PR: 693	2003-09-27 17:55:13 +00:00
Richard Levitte	0e6c20da46	Free the Kerberos context upon freeing the SSL. Contributed by Andrew Mann <amann@tccgi.com>	2003-09-27 07:35:07 +00:00
Geoff Thorpe	9ea72d3705	These should be write-locks, not read-locks.	2003-09-08 15:47:55 +00:00
Dr. Stephen Henson	14f3d7c5cc	Only accept a client certificate if the server requests one, as required by SSL/TLS specs.	2003-09-03 23:47:34 +00:00
Bodo Möller	563c05e2dc	fix out-of-bounds check in lock_dbg_cb (was too lose to detect all invalid cases) PR: 674	2003-08-14 10:33:56 +00:00
Bodo Möller	643ecd2ed6	make sure no error is left in the queue that is intentionally ignored	2003-08-11 18:56:22 +00:00
Bodo Möller	968766cad8	updates for draft-ietf-tls-ecc-03.txt Submitted by: Douglas Stebila Reviewed by: Bodo Moeller	2003-07-22 12:34:21 +00:00
Bodo Möller	ddc38679ce	tolerate extra data at end of client hello for SSL 3.0 PR: 659	2003-07-21 15:17:46 +00:00
Lutz Jänicke	f65a75786b	Fix ordering of compare functions: strncmp() must be used first, a the cipher name in the list is not guaranteed to be at least "buflen" long. PR: 567 Submitted by: "Matt Harren" <matth@cs.berkeley.edu>	2003-04-08 06:31:36 +00:00
Richard Levitte	3ae70939ba	Correct a lot of printing calls. Remove extra arguments...	2003-04-03 23:39:48 +00:00
Richard Levitte	c4d00669a0	Let's limit the extent of the definition of _XOPEN_SOURCE.	2003-03-25 21:17:28 +00:00
Bodo Möller	33b34a9d8f	remove patch ID (which is supposed to appear in patched variants of old OpenSSL releases, but not in new releases)	2003-03-21 13:11:14 +00:00
Bodo Möller	02da5bcd83	countermeasure against new Klima-Pokorny-Rosa atack	2003-03-19 19:19:53 +00:00
Bodo Möller	176f31ddec	- new ECDH_compute_key interface (KDF is no longer a fixed built-in) - bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary	2003-02-28 15:37:10 +00:00
Bodo Möller	57376542a0	use tabs for indentation, not spaces	2003-02-28 15:07:10 +00:00
Ulf Möller	66ecdf3bfb	more mingw related cleanups.	2003-02-22 18:00:14 +00:00
Richard Levitte	5b0b0e98ce	Security fix: Vaudenay timing attack on CBC. An advisory will be posted to the web. Expect a release within the hour.	2003-02-19 12:03:59 +00:00
Geoff Thorpe	4879ec7bf3	Session cache implementations shouldn't have to access SSL_SESSION elements directly, so this missing functionality is required. PR: 276	2003-02-15 20:38:57 +00:00
Richard Levitte	85d686e723	Make it possible to disable OCSP, the speed application, and the use of sockets. PR: 358	2003-02-14 01:02:58 +00:00
Dr. Stephen Henson	cf56663fb7	Option to disable SSL auto chain build	2003-02-12 17:06:02 +00:00
Bodo Möller	ea513641d0	comments	2003-02-12 14:17:41 +00:00
Bodo Möller	0e9035ac98	SSL_add_dir_cert_subjects_to_stack now exists for WIN32	2003-02-05 16:40:29 +00:00
Richard Levitte	5d780babe3	A few small bugs with BIO popping. PR: 364	2003-01-30 21:49:12 +00:00
Richard Levitte	0b13e9f055	Add the possibility to build without the ENGINE framework. PR: 287	2003-01-30 17:39:26 +00:00
Richard Levitte	2e60ea7634	Fix a memory leak in SSL. PR: 477	2003-01-30 11:00:34 +00:00
Richard Levitte	28b958f732	Fix possible NULL dereferencial. Notified by Verdon Walker <VWalker@novell.com>	2003-01-16 06:00:55 +00:00
Lutz Jänicke	8ec16ce711	Really fix SSLv2 session ID handling PR: 377	2003-01-15 09:51:22 +00:00
Lutz Jänicke	21cde7a41c	Fix wrong handling of session ID in SSLv2 client code. PR: 377	2002-12-29 20:59:35 +00:00
Richard Levitte	5e42f9ab46	make update	2002-12-29 01:38:15 +00:00
Lutz Jänicke	ea8e0cc7c2	Some more adjustments Submitted by: Jeffrey Altman <jaltman@columbia.edu>, "Kenneth R. Robinette" <support@securenetterm.com>	2002-12-24 21:55:57 +00:00
Richard Levitte	8d6ad9e39d	Stop a possible memory leak. (I wonder why s2_connect() handles the initial buffer allocation slightly differently...) PR: 416	2002-12-21 23:49:21 +00:00
Lutz Jänicke	1004c99c29	Fix Kerberos5/SSL interaction Submitted by: "Kenneth R. Robinette" <support@securenetterm.com> Reviewed by: PR:	2002-12-20 12:48:00 +00:00
Richard Levitte	9cd16b1dea	We stupidly had a separate LIBKRB5 variable for KRB5 library dependencies, and then didn't support it very well. And that when there already is a useful variable for exactly this kind of thing; EX_LIBS...	2002-12-19 22:10:12 +00:00
Richard Levitte	09867a47a4	If _XOPEN_SOURCE_EXTENDED or _XOPEN_SOURCE are defined, _POSIX_C_SOURCE gets defined in DECC$TYPES.H. If _POSIX_C_SOURCE is defined, certain types do not get defined (u_char, u_int, ...). DECC.H gets included by assert.h and others. Now, in6.h uses the types u_char, u_int and so on, and gets included as part of other header inclusions, and will of course fail because of the missing types. On the other hand, _XOPEN_SOURCE_EXTENDED is needed to get gethostname() properly declared... Solution: define _XOPEN_SOURCE_EXTENDED much later, so DECC$TYPES.H has a chance to be included first, so the otherwise missing types get defined properly. Personal: mumble mumble	2002-12-19 19:39:30 +00:00
Richard Levitte	f70ddce761	Protect loading routines with a lock. PR: 373	2002-12-16 06:06:03 +00:00
Geoff Thorpe	e9224c7177	This is a first-cut at improving the callback mechanisms used in key-generation and prime-checking functions. Rather than explicitly passing callback functions and caller-defined context data for the callbacks, a new structure BN_GENCB is defined that encapsulates this; a pointer to the structure is passed to all such functions instead. This wrapper structure allows the encapsulation of "old" and "new" style callbacks - "new" callbacks return a boolean result on the understanding that returning FALSE should terminate keygen/primality processing. The BN_GENCB abstraction will allow future callback modifications without needing to break binary compatibility nor change the API function prototypes. The new API functions have been given names ending in "_ex" and the old functions are implemented as wrappers to the new ones. The OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined, declaration of the older functions will be skipped. NB: Some openssl-internal code will stick with the older callbacks for now, so appropriate "#undef" logic will be put in place - this is in case the user is building openssl (rather than including its headers) with this symbol defined. There is another change in the new _ex functions; the key-generation functions do not return key structures but operate on structures passed by the caller, the return value is a boolean. This will allow for a smoother transition to having key-generation as "virtual function" in the various ***_METHOD tables.	2002-12-08 05:24:31 +00:00
Geoff Thorpe	e90e719739	Fix a warning, and do some constification as a lucky side-effect :-)	2002-12-08 05:19:43 +00:00
Richard Levitte	7ba666fa0e	Since it's defined in draft-ietf-tls-compression-04.txt, let's make ZLIB a known compression method, with the identity 1.	2002-12-08 02:41:11 +00:00
Richard Levitte	4fbe40c54f	gethostname() is more a BSD feature than an XOPEN one. PR: 379	2002-12-04 22:48:01 +00:00
Richard Levitte	e7a285694e	define USE_SOCKETS so sys/param.h gets included (and thusly, MAXHOSTNAMELEN gets defined). PR: 371	2002-12-02 22:49:02 +00:00
Richard Levitte	43d601641f	A few more memset()s converted to OPENSSL_cleanse(). I think I got them all covered by now, bu please, if you find any more, tell me and I'll correct it. PR: 343	2002-11-29 11:30:45 +00:00
Richard Levitte	55f78baf32	Have all tests use EXIT() to exit rather than exit(), since the latter doesn't always give the expected result on some platforms.	2002-11-28 18:54:30 +00:00
Richard Levitte	4579924b7e	Cleanse memory using the new OPENSSL_cleanse() function. I've covered all the memset()s I felt safe modifying, but may have missed some.	2002-11-28 08:04:36 +00:00
Richard Levitte	31be2daa06	Small bugfixes to the KSSL implementation. PR: 349	2002-11-26 10:09:36 +00:00
Richard Levitte	d020e701bb	Typo. OPENSSL_NO_ECDH, not NO_OPENSSL_ECDH	2002-11-22 08:40:34 +00:00
Lutz Jänicke	6a8afe2201	Fix bug introduced by the attempt to fix client side external session caching (#288): now internal caching failed (#351): Make sure, that cipher_id is set before comparing. Submitted by: Reviewed by: PR: 288 (and 351)	2002-11-20 10:48:58 +00:00
Bodo Möller	1e3a9b650f	allocate bio_err before memory debugging is enabled to avoid memory leaks (we can't release it before the CRYPTO_mem_leaks() call!) Submitted by: Nils Larsch	2002-11-19 11:56:05 +00:00
Richard Levitte	0bf23d9b20	WinCE patches	2002-11-15 22:37:18 +00:00
Lutz Jänicke	c566205319	The pointer to the cipher object is not yet set, when session was reloaded from external cache (using d2i_SSL_SESSION). Perform comparison based on the cipher's id instead. Submitted by: Steve Haslam <araqnid@innocent.com> Reviewed by: PR: 288	2002-11-15 10:53:33 +00:00
Richard Levitte	0a5942093e	We need to read one more byte of the REQUEST-CERTIFICATE message. PR: 300	2002-11-15 09:15:55 +00:00
Ben Laurie	54a656ef08	Security fixes brought forward from 0.9.7.	2002-11-13 15:43:43 +00:00
Bodo Möller	896e4fef30	avoid Purify warnings Submitted by: Nils Larsch	2002-11-05 13:54:41 +00:00
Bodo Möller	5e3247d8bc	fix typo	2002-11-05 10:54:40 +00:00
Richard Levitte	b6d0defb98	Remove all referenses to RSAref, since that's been gone for more than a year.	2002-10-31 16:46:52 +00:00
Bodo Möller	259cdf2af9	Sun has agreed to removing the covenant language from most files. Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>	2002-10-29 10:59:32 +00:00
Geoff Thorpe	e0db2eed8d	Correct and enhance the behaviour of "internal" session caching as it relates to SSL_CTX flags and the use of "external" session caching. The existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE". The bitwise OR of the two flags is also defined as "SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most applications wanting to implement session caching entirely by its own provided callbacks. As the documented behaviour contradicted actual behaviour up until recently, and since that point behaviour has itself been inconsistent anyway, this change should not introduce any compatibility problems. I've adjusted the relevant documentation to elaborate about how this works. Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these anomalies and testing this patch for correctness. PR: 311	2002-10-29 00:33:04 +00:00
Bodo Möller	00a357ab20	increase permissible message length so that we can handle CertificateVerify for 4096 bit RSA signatures	2002-10-28 15:45:51 +00:00
Richard Levitte	28c8a911bd	Typos. PR: 189	2002-10-15 20:30:56 +00:00
Richard Levitte	437d1ed49f	Typos. PR: 189	2002-10-15 20:29:09 +00:00
Richard Levitte	677532629d	makedepend complains when a header file is included more than once in the same source file.	2002-10-14 10:02:36 +00:00
Richard Levitte	ef0baf60aa	Typo	2002-10-10 08:32:39 +00:00
Richard Levitte	7ba3a4c3d2	RFC 2712 redefines the codes for use of Kerberos 5 in SSL/TLS. PR: 189	2002-10-10 07:59:03 +00:00
Richard Levitte	001ab3abad	Use double dashes so makedepend doesn't misunderstand the flags we give it. For 0.9.7 and up, that means util/domd needs to remove those double dashes from the argument list when gcc is used to find the dependencies.	2002-10-09 13:25:12 +00:00
Bodo Möller	929f116733	fix more race conditions Submitted by: "Patrick McCormick" <patrick@tellme.com> PR: 262	2002-09-26 15:52:34 +00:00
Lutz Jänicke	ba5ba5490d	Add missing brackets. Submitted by: "Chris Brook" <cbrook@v-one.com>	2002-09-25 20:19:04 +00:00
Bodo Möller	b8565a9af9	really fix race conditions Submitted by: "Patrick McCormick" <patrick@tellme.com> PR: 262 PR: 291	2002-09-25 15:38:57 +00:00
Bodo Möller	e78f137899	really fix race condition PR: 262	2002-09-23 14:25:07 +00:00
Bodo Möller	a4f53a1c73	there is no minimum length for session IDs PR: 274	2002-09-19 11:44:07 +00:00
Bodo Möller	a90ae02454	fix race condition PR: 262	2002-09-19 11:26:45 +00:00
Lutz Jänicke	82a20fb0f0	Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb(). Submitted by: Reviewed by: PR: 212	2002-08-16 17:04:04 +00:00
Bodo Möller	52c29b7b99	use correct function code in error message	2002-08-15 16:17:20 +00:00
Richard Levitte	265e892fed	Sometimes, the value of the variable containing the compiler call can become rather large. This becomes a problem when the default 1024 character large buffer that WRITE uses isn't enough. WRITE/SYMBOL uses a 2048 byte large buffer instead.	2002-08-15 08:28:38 +00:00
Richard Levitte	90f5a2b6fe	Instead of returning errors when certain flags are unusable, just ignore them. That will make the test go through even if DH (or in some cases ECDH) aren't built into OpenSSL. PR: 216, part 2	2002-08-14 12:16:27 +00:00
Bodo Möller	aa1e56b0b9	remove comment Submitted by: Douglas Stebila	2002-08-12 08:54:40 +00:00
Bodo Möller	7ef524ea1c	remove debug messages Submitted by: Douglas Stebila	2002-08-12 08:52:23 +00:00
Bodo Möller	0c7141a343	fix comment Submitted by: Douglas Stebila	2002-08-12 08:51:30 +00:00
Bodo Möller	5488bb6197	get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead) Submitted by: Nils Larsch	2002-08-12 08:47:41 +00:00
Bodo Möller	74cc4903ef	make update	2002-08-09 12:16:15 +00:00
Bodo Möller	41fdcfa71e	fix warnings	2002-08-09 11:58:28 +00:00
Bodo Möller	ea26226046	ECC ciphersuite support Submitted by: Douglas Stebila <douglas.stebila@sun.com> (Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)	2002-08-09 08:56:08 +00:00
Bodo Möller	db4f691f9f	oops -- must use EVP_MD_size, not EVP_MD_block_size	2002-08-03 18:49:39 +00:00
Bodo Möller	5574e0ed41	get rid of OpenSSLDie	2002-08-02 11:48:15 +00:00
Richard Levitte	e70a39830c	Make sure to use $(MAKE) everywhere instead of make. Part of PR 181	2002-07-31 13:49:06 +00:00
Lutz Jänicke	dd7ab82e75	Typo. Submitted by: Jeffrey Altman <jaltman@columbia.edu> Reviewed by: PR: 169	2002-07-30 13:36:31 +00:00
Lutz Jänicke	c046fffa16	OpenSSL Security Advisory [30 July 2002] Changes marked "(CHATS)" were sponsored by the Defense Advanced Research Projects Agency (DARPA) and Air Force Research Laboratory, Air Force Materiel Command, USAF, under agreement number F30602-01-2-0537.	2002-07-30 13:04:04 +00:00
Lutz Jänicke	3aecef7697	"make update"	2002-07-30 12:44:33 +00:00
Lutz Jänicke	c6ccf055ba	New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT. Submitted by: Reviewed by: PR: 127	2002-07-19 19:55:34 +00:00
Bodo Möller	5dbd3efce7	Replace 'ecdsaparam' commandline utility by 'ecparam' (the same keys can be used for ECC schemes other than ECDSA) and add some new options. Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS" in 'PEM' format. Fix ec_asn1.c (take into account the desired conversion form). 'make update'. Submitted by: Nils Larsch	2002-07-14 16:54:31 +00:00
Lutz Jänicke	7b63c0fa8c	Reorder inclusion of header files: des_old.h redefines crypt: #define crypt(b,s)\ DES_crypt((b),(s)) This scheme leads to failure, if header files with the OS's true definition of crypt() are processed _after_ des_old.h was processed. This is e.g. the case on HP-UX with unistd.h. As evp.h now again includes des.h (which includes des_old.h), this problem only came up after this modification. Solution: move header files (indirectly) including e_os.h before the header files (indirectly) including evp.h. Submitted by: Reviewed by: PR:	2002-07-10 07:01:54 +00:00
Lutz Jänicke	063a8905bf	Ciphers with NULL encryption were not properly handled because they were not covered by the strength bit mask. Submitted by: Reviewed by: PR: 130	2002-07-10 06:41:55 +00:00
Bodo Möller	d1d0be3cd2	emtpy fragments are not necessary for SSL_eNULL (but noone uses it anyway) fix t1_enc.c: use OPENSSL_NO_RC4, not NO_RC4	2002-07-09 08:49:09 +00:00
Bodo Möller	ea4f109c99	AES cipher suites are now official (RFC3268)	2002-07-04 08:51:09 +00:00
Richard Levitte	17085b022c	Pass CFLAG to dependency makers, so non-standard system include paths are handled properly. Part of PR 75	2002-06-27 16:39:25 +00:00
Bodo Möller	c21506ba02	New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC vulnerability workaround (included in SSL_OP_ALL). PR: #90	2002-06-14 12:21:11 +00:00
Richard Levitte	b2c04539a1	Merge from 0.9.7-stable.	2002-06-06 07:22:33 +00:00
Richard Levitte	a9a025d08c	Recover from errors	2002-05-23 23:31:22 +00:00
Richard Levitte	b935754cb0	Allow the use of the TCP/IP stack keyword TCPIP and NONE	2002-05-22 11:37:20 +00:00
Bodo Möller	98a9092af1	Fix ciphersuite list to enforce low priority for RC4.	2002-05-07 08:36:26 +00:00
Bodo Möller	87108f5af9	ensure that, for each strength, RC4 ciphers have least preference in the default ciphersuite list	2002-05-07 07:59:35 +00:00
Bodo Möller	f257d984b7	refer to latest draft for AES ciphersuites	2002-05-07 07:55:36 +00:00
Bodo Möller	b889d6a8e8	fix warning	2002-05-06 10:44:59 +00:00
Bodo Möller	a4f576a378	disable AES ciphersuites unless explicitly requested	2002-05-05 23:44:27 +00:00
Bodo Möller	3def5a010e	fix casts	2002-05-05 23:00:28 +00:00
Bodo Möller	b52f3818f4	undo nonsense patch (r is signed or we have signedness mismatches elsewhere)	2002-04-29 11:03:06 +00:00
Richard Levitte	cc12975514	Fix unsigned vs. signed clash	2002-04-29 10:29:38 +00:00
Richard Levitte	9738f395c6	Synchronise with 0.9.7-stable.	2002-04-29 10:28:29 +00:00
Richard Levitte	d4294c8984	Synchronise with 0.9.7-stable.	2002-04-29 10:19:19 +00:00
Richard Levitte	8b07f23c30	Signedness mismatch. Notified by Bernd Matthes <bernd.matthes@gemplus.com>	2002-04-20 10:23:19 +00:00
Richard Levitte	6176df94ed	Make sure the opened directory is closed on exit. Notified by Lorinczy Zsigmond <lzsiga@mail.ahiv.hu>	2002-04-18 16:20:13 +00:00
Bodo Möller	2fb3f002d0	fix length field we create when converting SSL 2.0 format into SSL 3.0/TLS 1.0 format (the bug was introduced with message callback support)	2002-04-14 13:05:15 +00:00
Bodo Möller	82b0bf0b87	Implement known-IV countermeasure. Fix length checks in ssl3_get_client_hello(). Use s->s3->in_read_app_data differently to fix ssl3_read_internal().	2002-04-13 22:47:20 +00:00
Lutz Jänicke	11c26ecf81	Map new X509 verification errors to alert codes (Tom Wu <tom@arcot.com>).	2002-03-19 16:42:09 +00:00
Dr. Stephen Henson	611ba3f4a1	Initialize ciph_ctx in kssl.c	2002-03-19 01:28:00 +00:00
Bodo Möller	304d90425f	fix ssl3_pending	2002-03-15 10:52:32 +00:00
Lutz Jänicke	bfaa8a89e1	Add missing strength entries.	2002-03-14 18:53:15 +00:00
Dr. Stephen Henson	de941e289e	Initialize cipher context in KRB5 ("D. Russell" <russelld@aol.net>) Allow HMAC functions to use an alternative ENGINE.	2002-03-14 18:22:23 +00:00
Bodo Möller	234c73767d	use BIO_nwrite() more properly to demonstrate the general idea of BIO_nwrite0/BIO_nwrite (the previous code was OK for BIO pairs but not in general)	2002-03-14 09:48:54 +00:00
Dr. Stephen Henson	497810cae7	Undo previous patch: avoid warnings by #undef'ing duplicate definitions. Suggested by "Kenneth R. Robinette" <support@securenetterm.com>	2002-03-13 13:59:38 +00:00
Dr. Stephen Henson	cbc9d9713d	Fix Kerberos warnings with VC++.	2002-03-12 19:37:18 +00:00
Dr. Stephen Henson	98fa4fe8c5	Fix ASN1 additions for KRB5	2002-03-12 13:32:35 +00:00
Dr. Stephen Henson	0b4c91c0fc	Fix various warnings when compiling with KRB5 code.	2002-03-12 02:59:37 +00:00
Bodo Möller	9437fef8cc	use ERR_peek_last_error() instead of ERR_peek_error()	2002-02-28 14:07:37 +00:00
Richard Levitte	26414ee013	Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated	2002-02-28 12:42:19 +00:00
Bodo Möller	023ec151df	Add 'void *' argument to app_verify_callback. Submitted by: D. K. Smetters <smetters@parc.xerox.com> Reviewed by: Bodo Moeller	2002-02-28 10:52:56 +00:00
Lutz Jänicke	d62bfb39cd	Fix the fix (Yoram Zahavi)...	2002-02-27 11:23:05 +00:00
Lutz Jänicke	334f1842fc	Make sure to remove bad sessions in SSL_clear() (found by Yoram Zahavi).	2002-02-26 21:40:09 +00:00
Dr. Stephen Henson	3a3ca3f515	Fix for AIX. Submitted by Dawn Whiteside <dwhitesi@tiercel.uwaterloo.ca>	2002-02-22 21:26:25 +00:00
Bodo Möller	4d94ae00d5	ECDSA support Submitted by: Nils Larsch <nla@trustcenter.de>	2002-02-13 18:21:51 +00:00
Lutz Jänicke	acfe628b6e	Make removal from session cache more robust.	2002-02-10 12:46:41 +00:00
Lutz Jänicke	4de920c91d	Do not store unneeded data.	2002-02-08 15:15:04 +00:00
Bodo Möller	8c74b5e56c	Bugfix: In ssl3_accept, don't use a local variable 'got_new_session' to indicate that a real handshake is taking place (the value will be lost during multiple invocations). Set s->new_session to 2 instead.	2002-01-14 23:40:26 +00:00
Bodo Möller	c59ba5b528	Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c) if the SSL_R_LENGTH_MISMATCH error is detected.	2002-01-14 12:37:59 +00:00
Ben Laurie	45d87a1ffe	Prototype info function.	2002-01-12 15:56:13 +00:00
Ben Laurie	a3feb21bbe	Add client_cert_cb prototype.	2002-01-12 13:15:40 +00:00
Ulf Möller	dcbbf83dba	ssl3_read_bytes bug fix Submitted by: D P Chang <dpc@qualys.com> Reviewed by: Bodo	2001-12-28 17:14:35 +00:00
Bodo Möller	4d7072f4b5	remove redundant ERR_load_... declarations	2001-12-17 19:22:23 +00:00
Ben Laurie	ff3fa48fc7	Improve back compatibility.	2001-12-09 21:53:31 +00:00
Bodo Möller	47ff5c6279	For future portability reasons MIT is moving all macros to function calls. This patch allows compilation either way. Submitted by: Jeffrey Altman <jaltman@columbia.edu>	2001-11-23 21:50:50 +00:00
Bodo Möller	c23d16ac19	cast to unsigned int, not to int to avoid the warning -- all these values really are unsigned	2001-11-14 21:18:35 +00:00
Richard Levitte	3102792161	unsigned int vs. int.	2001-11-14 10:55:29 +00:00
Bodo Möller	2b90b1f344	make code a little more similar to what it looked like before the fixes, call ssl2_part_read again to parse error message	2001-11-10 10:44:15 +00:00
Bodo Möller	cf82191d77	Implement msg_callback for SSL 2.0. Important SSL 2.0 bugfixes (bugs found while implementing msg_callback).	2001-11-10 01:16:28 +00:00
Richard Levitte	a7b42009c4	Change the shared library support so the shared libraries get built sooner and the programs get built against the shared libraries. This requires a bit more work. Things like -rpath and the possibility to still link the programs statically should be included. Some cleanup is also needed. This will be worked on.	2001-10-30 08:00:59 +00:00
Richard Levitte	7b5ffd6834	Addapt VMS scripts to the newer disk layout system ODS-5, which allows more than one period and mixed size characters in file names	2001-10-29 13:05:28 +00:00
Bodo Möller	4d635a7001	Consistency with s2_... and s23_... variants (no real functional change)	2001-10-25 08:17:53 +00:00
Bodo Möller	ba1c602281	Assume TLS 1.0 when ClientHello fragment is too short.	2001-10-25 06:09:51 +00:00
Bodo Möller	979689aa5c	Fix SSL handshake functions and SSL_clear() such that SSL_clear() never resets s->method to s->ctx->method when called from within one of the SSL handshake functions.	2001-10-24 19:03:22 +00:00
Richard Levitte	a3faebd104	Deprecate the macro MAC_OS_pre_X.	2001-10-24 15:32:53 +00:00
Bodo Möller	287973746e	Fix memory leak.	2001-10-22 13:59:36 +00:00
Bodo Möller	cf3a5cebd7	Call msg_callback with correct length parameter if ssl3_write_bytes had to be called multiple times	2001-10-20 18:56:01 +00:00

... 10 11 12 13 14 ...

1599 commits