Ben Laurie
060a38a2c0
Add DTLS-SRTP.
2011-11-15 23:02:16 +00:00
Ben Laurie
68b33cc5c7
Add Next Protocol Negotiation.
2011-11-13 21:55:42 +00:00
Bodo Möller
3c3f025923
Fix session handling.
2011-09-05 13:36:55 +00:00
Bodo Möller
5ff6e2dfbb
Fix d2i_SSL_SESSION.
2011-09-05 13:31:07 +00:00
Dr. Stephen Henson
aed53d6c5a
Backport GCM support from HEAD.
2011-08-04 11:13:28 +00:00
Dr. Stephen Henson
c8c6e9ecd9
Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support and
...
prohibit use of these ciphersuites for TLS < 1.2
2011-07-25 21:45:17 +00:00
Dr. Stephen Henson
376838a606
Process signature algorithms during TLS v1.2 client authentication.
...
Make sure message is long enough for signature algorithms.
(backport from HEAD).
2011-05-12 17:44:59 +00:00
Dr. Stephen Henson
9472baae0d
Backport TLS v1.2 support from HEAD.
...
This includes TLS v1.2 server and client support but at present
client certificate support is not implemented.
2011-05-11 13:37:52 +00:00
Dr. Stephen Henson
74096890ba
Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN
...
all ssl related structures are opaque and internals cannot be directly
accessed. Many applications will need some modification to support this and
most likely some additional functions added to OpenSSL.
The advantage of this option is that any application supporting it will still
be binary compatible if SSL structures change.
(backport from HEAD).
2011-05-11 12:56:38 +00:00
Dr. Stephen Henson
3393e0c02c
Fix SRP error codes (from HEAD).
2011-03-16 16:55:12 +00:00
Ben Laurie
a149b2466e
Add SRP.
2011-03-16 11:26:40 +00:00
Dr. Stephen Henson
c6dd154b3e
oops, revert previous patch
2010-08-27 12:10:12 +00:00
Dr. Stephen Henson
35cae95032
PR: 1833
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix other cases not covered by original patch.
2010-08-27 11:57:42 +00:00
Dr. Stephen Henson
48ae85b6ff
PR: 1833
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Support for abbreviated handshakes when renegotiating.
2010-08-26 14:22:40 +00:00
Dr. Stephen Henson
53e7985c8d
PR: 1830
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson
Support for RFC5705 key extractor.
2010-07-18 17:39:46 +00:00
Dr. Stephen Henson
b4b15f68c0
Backport TLS v1.1 support from HEAD, ssl/ changes
2010-06-27 14:22:11 +00:00
Dr. Stephen Henson
eb17330837
Updates to conform with draft-ietf-tls-renegotiation-03.txt:
...
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
2010-01-06 17:37:38 +00:00
Dr. Stephen Henson
1f67a3a985
compress_meth should be unsigned
2010-01-05 16:46:39 +00:00
Dr. Stephen Henson
4cba294d79
Client side compression algorithm sanity checks: ensure old compression
...
algorithm matches current and give error if compression is disabled and
server requests it (shouldn't happen unless server is broken).
2010-01-01 14:39:51 +00:00
Dr. Stephen Henson
e642fd7a1c
Compression handling on session resume was badly broken: it always
...
used compression algorithms in client hello (a legacy from when
the compression algorithm wasn't serialized with SSL_SESSION).
2010-01-01 00:44:36 +00:00
Dr. Stephen Henson
675564835c
New option to enable/disable connection to unpatched servers
2009-12-16 20:28:30 +00:00
Ben Laurie
43a107026d
Missing error code.
2009-12-12 15:57:53 +00:00
Dr. Stephen Henson
f1784f2fd2
Move SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION out of SSL_OP_ALL
2009-12-11 00:20:58 +00:00
Dr. Stephen Henson
52a08e90d1
Add ctrls to clear options and mode.
...
Change RI ctrl so it doesn't clash.
2009-12-09 13:25:38 +00:00
Dr. Stephen Henson
b52a2738d4
Add ctrl and macro so we can determine if peer support secure renegotiation.
2009-12-08 13:42:32 +00:00
Dr. Stephen Henson
3c44e92bcb
Include a more meaningful error message when rejecting legacy renegotiation
2009-11-18 14:19:52 +00:00
Dr. Stephen Henson
bc9058d041
First cut of renegotiation extension. (port to 1.0.0-stable)
2009-11-09 18:45:42 +00:00
Dr. Stephen Henson
a131de9bb2
PR: 2025
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org
Constify SSL_CIPHER_description
2009-09-12 23:18:09 +00:00
Dr. Stephen Henson
53f062d050
PR: 2033
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS listen support.
2009-09-09 17:05:42 +00:00
Dr. Stephen Henson
c0688f1aef
Make update, deleting bogus DTLS error code
2009-09-06 15:55:54 +00:00
Dr. Stephen Henson
17f8d8db61
PR: 2006
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Do not use multiple DTLS records for a single user message
2009-08-26 11:51:23 +00:00
Dr. Stephen Henson
5a96822f2c
Update default dependency flags.
...
Make error name discrepancies a fatal error.
Fix error codes.
make update
2009-08-12 17:08:44 +00:00
Dr. Stephen Henson
a4bade7aac
PR: 1997
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timeout handling fix.
2009-08-12 13:21:26 +00:00
Dr. Stephen Henson
5135d6b985
Fix error codes and indentation.
2009-07-15 11:32:58 +00:00
Dr. Stephen Henson
29b0c4a01c
Add "missing" functions for setting all verify parameters for SSL_CTX and SSL
...
structures.
2009-06-30 11:57:24 +00:00
Dr. Stephen Henson
174ea15647
Typo.
2009-04-28 22:35:42 +00:00
Dr. Stephen Henson
b452f43322
PR: 1751
...
Submitted by: David Woodhouse <dwmw2@infradead.org>
Approved by: steve@openssl.org
Compatibility patches for Cisco VPN client DTLS.
2009-04-19 18:03:13 +00:00
Dr. Stephen Henson
9ae5743515
Disable SSLv2 cipher suites by default and avoid SSLv2 compatible client
...
hello if no SSLv2 cipher suites are included. This effectively disables
the broken SSLv2 use by default.
2009-04-07 17:01:07 +00:00
Dr. Stephen Henson
c9a1778134
Fix error codes.
2009-04-05 11:54:34 +00:00
Dr. Stephen Henson
2dd5ca1fbc
Make no-ssl2 work including on Win32 builds.
2009-04-04 17:57:34 +00:00
Ben Laurie
9b9cb004f7
Deal with the unlikely event that EVP_MD_CTX_size() returns an error.
...
(Coverity ID 140).
2008-12-27 02:09:24 +00:00
Ben Laurie
6ba71a7173
Handle the unlikely event that BIO_get_mem_data() returns -ve.
2008-12-27 02:00:38 +00:00
Ben Laurie
f3b7bdadbc
Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks.
2008-11-16 12:47:12 +00:00
Dr. Stephen Henson
12bf56c017
PR: 1574
...
Submitted by: Jouni Malinen <j@w1.fi>
Approved by: steve@openssl.org
Ticket override support for EAP-FAST.
2008-11-15 17:18:12 +00:00
Geoff Thorpe
6343829a39
Revert the size_t modifications from HEAD that had led to more
...
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Ben Laurie
5e4430e70d
More size_tification.
2008-11-01 16:40:37 +00:00
Ben Laurie
babb379849
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
Dr. Stephen Henson
3ad74edce8
Add SSL_FIPS flag for FIPS 140-2 approved ciphersuites and add a new
...
strength "FIPS" to represent all FIPS approved ciphersuites without NULL
encryption.
2008-09-10 16:02:09 +00:00
Bodo Möller
1cbf663a6c
sanity check
...
PR: 1679
2008-08-13 19:45:06 +00:00
Bodo Möller
474b3b1cc8
Fix error codes for memory-saving patch.
...
Also, get rid of compile-time switch OPENSSL_NO_RELEASE_BUFFERS
because it was rather pointless (the new behavior has to be explicitly
requested by setting SSL_MODE_RELEASE_BUFFERS anyway).
2008-08-04 22:10:38 +00:00
Dr. Stephen Henson
59d2d48f64
Add support for client cert engine setting in s_client app.
...
Add appropriate #ifdefs round client cert functions in headers.
2008-06-03 11:26:27 +00:00
Ben Laurie
8671b89860
Memory saving patch.
2008-06-03 02:48:34 +00:00
Dr. Stephen Henson
c61915c659
Update error codes.
2008-06-01 22:34:40 +00:00
Dr. Stephen Henson
368888bcb6
Add client cert engine to SSL routines.
2008-06-01 22:33:24 +00:00
Dr. Stephen Henson
eafd6e5110
Update error codes, move typedef of SSL, SSL_CTX to ossl_typ.h
2008-06-01 21:18:47 +00:00
Ben Laurie
3c1d6bbc92
LHASH revamp. make depend.
2008-05-26 11:24:29 +00:00
Dr. Stephen Henson
8a2062fefe
Update from stable branch.
2008-04-30 16:14:02 +00:00
Dr. Stephen Henson
8e1d3ba50e
Fix duplicate error codes.
2007-10-26 23:54:46 +00:00
Dr. Stephen Henson
0e1dba934f
1. Changes for s_client.c to make it return non-zero exit code in case
...
of handshake failure
2. Changes to x509_certificate_type function (crypto/x509/x509type.c) to
make it recognize GOST certificates as EVP_PKT_SIGN|EVP_PKT_EXCH
(required for s3_srvr to accept GOST client certificates).
3. Changes to EVP
- adding of function EVP_PKEY_CTX_get0_peerkey
- Make function EVP_PKEY_derive_set_peerkey work for context with
ENCRYPT operation, because we use peerkey field in the context to
pass non-ephemeral secret key to GOST encrypt operation.
- added EVP_PKEY_CTRL_SET_IV control command. It is really
GOST-specific, but it is used in SSL code, so it has to go
in some header file, available during libssl compilation
4. Fix to HMAC to avoid call of OPENSSL_cleanse on undefined data
5. Include des.h if KSSL_DEBUG is defined into some libssl files, to
make debugging output which depends on constants defined there, work
and other KSSL_DEBUG output fixes
6. Declaration of real GOST ciphersuites, two authentication methods
SSL_aGOST94 and SSL_aGOST2001 and one key exchange method SSL_kGOST
7. Implementation of these methods.
8. Support for sending unsolicited serverhello extension if GOST
ciphersuite is selected. It is require for interoperability with
CryptoPro CSP 3.0 and 3.6 and controlled by
SSL_OP_CRYPTOPRO_TLSEXT_BUG constant.
This constant is added to SSL_OP_ALL, because it does nothing, if
non-GOST ciphersuite is selected, and all implementation of GOST
include compatibility with CryptoPro.
9. Support for CertificateVerify message without length field. It is
another CryptoPro bug, but support is made unconditional, because it
does no harm for draft-conforming implementation.
10. In tls1_mac extra copy of stream mac context is no more done.
When I've written currently commited code I haven't read
EVP_DigestSignFinal manual carefully enough and haven't noticed that
it does an internal digest ctx copying.
This implementation was tested against
1. CryptoPro CSP 3.6 client and server
2. Cryptopro CSP 3.0 server
2007-10-26 12:06:36 +00:00
Andy Polyakov
90acf770b5
DTLS fixes from 0.9.8-stable.
2007-10-13 10:57:02 +00:00
Dr. Stephen Henson
67c8e7f414
Support for certificate status TLS extension.
2007-09-26 21:56:59 +00:00
Bodo Möller
761772d7e1
Implement the Opaque PRF Input TLS extension
...
(draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and
bugfixes on the way. In particular, this fixes the buffer bounds
checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext().
Note that the opaque PRF Input TLS extension is not compiled by default;
see CHANGES.
2007-09-21 06:54:24 +00:00
Ben Laurie
aaa4f448cf
The other half of make errors.
2007-09-19 14:51:28 +00:00
Bodo Möller
1b827d7b6f
Clean up error codes a bit.
...
(engines/ccgost/ remains utter chaos, though; "make errors" is not happy.)
2007-09-19 00:58:58 +00:00
Dr. Stephen Henson
81025661a9
Update ssl code to support digests other than MD5+SHA1 in handshake.
...
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
2007-08-31 12:42:53 +00:00
Dr. Stephen Henson
94d511cdbd
Add ctrls to set and get RFC4507bis keys to enable several contexts to
...
reuse the same tickets.
2007-08-28 01:08:45 +00:00
Dr. Stephen Henson
6434abbfc6
RFC4507 (including RFC4507bis) TLS stateless session resumption support
...
for OpenSSL.
2007-08-11 23:18:29 +00:00
Dr. Stephen Henson
3c07d3a3d3
Finish gcc 4.2 changes.
2007-06-07 13:14:42 +00:00
Dr. Stephen Henson
b948e2c59e
Update ssl library to support EVP_PKEY MAC API. Include generic MAC support.
2007-06-04 17:04:40 +00:00
Bodo Möller
a291745eeb
fix function codes for error
2007-04-24 01:06:19 +00:00
Bodo Möller
96afc1cfd5
Add SEED encryption algorithm.
...
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:48:59 +00:00
Bodo Möller
0a05123a6c
Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a
...
ciphersuite string such as "DEFAULT:RSA" cannot enable
authentication-only ciphersuites.
Also, change ssl_create_cipher_list() so that it no longer
starts with an arbitrary ciphersuite ordering, but instead
uses the logic that we previously had in SSL_DEFEAULT_CIPHER_LIST.
SSL_DEFAULT_CIPHER_LIST simplifies into just "ALL:!aNULL:!eNULL".
2007-02-19 18:41:41 +00:00
Bodo Möller
52b8dad8ec
Reorganize the data used for SSL ciphersuite pattern matching.
...
This change resolves a number of problems and obviates multiple kludges.
A new feature is that you can now say "AES256" or "AES128" (not just
"AES", which enables both).
In some cases the ciphersuite list generated from a given string is
affected by this change. I hope this is just in those cases where the
previous behaviour did not make sense.
2007-02-17 06:45:38 +00:00
Nils Larsch
fec38ca4ed
fix typos
...
PR: 1354, 1355, 1398, 1408
2006-12-21 21:13:27 +00:00
Nils Larsch
7806f3dd4b
replace macros with functions
...
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
2006-11-29 20:54:57 +00:00
Nils Larsch
1611b9ed80
remove SSLEAY_MACROS code
2006-11-06 19:53:39 +00:00
Bodo Möller
ed3ecd801e
Error messages for client ECC cert verification.
...
Also, change the default ciphersuite to give some prefererence to
ciphersuites with forwared secrecy (rather than using a random order).
2006-06-15 19:58:22 +00:00
Bodo Möller
89bbe14c50
Ciphersuite string bugfixes, and ECC-related (re-)definitions.
2006-06-14 17:40:31 +00:00
Bodo Möller
6635b48cd1
Make sure that AES ciphersuites get priority over Camellia
...
ciphersuites in the default cipher string.
2006-06-14 13:58:48 +00:00
Bodo Möller
f3dea9a595
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:44:59 +00:00
Richard Levitte
7e76e56387
Someone made a mistake, and some function and reason codes got
...
duplicate numbers. Renumbering.
2006-05-12 15:27:52 +00:00
Bodo Möller
332737217a
Implement Supported Elliptic Curves Extension.
...
Submitted by: Douglas Stebila
2006-03-30 02:44:56 +00:00
Bodo Möller
019fdc7850
fix sign problems
2006-03-13 09:55:06 +00:00
Bodo Möller
b6acb8d0de
udpate Supported Point Formats Extension code
...
Submitted by: Douglas Stebila
2006-03-13 01:24:38 +00:00
Nils Larsch
6adbcb9755
fix comment
...
Submitted by: Peter Sylvester
2006-03-12 23:00:32 +00:00
Bodo Möller
36ca4ba63d
Implement the Supported Point Formats Extension for ECC ciphersuites
...
Submitted by: Douglas Stebila
2006-03-11 23:46:37 +00:00
Nils Larsch
ddac197404
add initial support for RFC 4279 PSK SSL ciphersuites
...
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
2006-03-10 23:06:27 +00:00
Bodo Möller
e67ed82877
move new member of SSL_SESSION to the end
...
(minimize changes to binary format)
Submitted by: Peter Sylvester
2006-02-07 14:26:43 +00:00
Bodo Möller
a13c20f603
Further TLS extension updates
...
Submitted by: Peter Sylvester
2006-01-09 19:49:05 +00:00
Bodo Möller
51eb1b81f6
Avoid contradictive error code assignments.
...
"make errors".
2006-01-08 21:54:24 +00:00
Bodo Möller
739a543ea8
Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)
2006-01-08 19:42:30 +00:00
Bodo Möller
3ff94a009b
complete and correct RFC3546 error codes
2006-01-07 20:28:11 +00:00
Bodo Möller
1aeb3da83f
Fixes for TLS server_name extension
...
Submitted by: Peter Sylvester
2006-01-06 09:08:59 +00:00
Bodo Möller
f1fd4544a3
Various changes in the new TLS extension code, including the following:
...
- fix indentation
- rename some functions and macros
- fix up confusion between SSL_ERROR_... and SSL_AD_... values
2006-01-03 03:27:19 +00:00
Bodo Möller
ed3883d21b
Support TLS extensions (specifically, HostName)
...
Submitted by: Peter Sylvester
2006-01-02 23:14:37 +00:00
Bodo Möller
72dce7685e
Add fixes for CAN-2005-2969.
...
(This were in 0.9.7-stable and 0.9.8-stable, but not in HEAD so far.)
2005-10-26 19:40:45 +00:00
Dr. Stephen Henson
c1de1a190d
Avoid warning on Win32.
2005-10-08 17:31:18 +00:00
Dr. Stephen Henson
566dda07ba
New option SSL_OP_NO_COMP to disable compression. New ctrls to set
...
maximum send fragment size. Allocate I/O buffers accordingly.
2005-10-08 00:18:53 +00:00
Nils Larsch
4ebb342fcd
Let the TLSv1_method() etc. functions return a const SSL_METHOD
...
pointer and make the SSL_METHOD parameter in SSL_CTX_new,
SSL_CTX_set_ssl_version and SSL_set_ssl_method const.
2005-08-14 21:48:33 +00:00
Nils Larsch
f0747cd950
- let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an
...
error if the cipher list is empty
- fix last commit in ssl_create_cipher_list
- clean up ssl_create_cipher_list
2005-06-10 19:55:26 +00:00