openssl/ssl
Matt Caswell 4c21e004a3 Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)
and instead use the value provided by the underlying BIO. Also provide some
new DTLS_CTRLs so that the library user can set the mtu without needing to
know this constant. These new DTLS_CTRLs provide the capability to set the
link level mtu to be used (i.e. including this IP/UDP overhead). The previous
DTLS_CTRLs required the library user to subtract this overhead first.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 59669b6abf)

Conflicts:
	ssl/d1_both.c
	ssl/ssl_lib.c
2014-12-03 09:35:23 +00:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c OPENSSL_NO_SOCK fixes [from HEAD]. 2012-04-16 17:43:15 +00:00
d1_both.c Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP) 2014-12-03 09:35:23 +00:00
d1_clnt.c Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 15:32:08 +01:00
d1_enc.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:53:02 +00:00
d1_lib.c Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP) 2014-12-03 09:35:23 +00:00
d1_meth.c Let the TLSv1_method() etc. functions return a const SSL_METHOD 2005-08-14 21:48:33 +00:00
d1_pkt.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:53:02 +00:00
d1_srtp.c Fix for SRTP Memory Leak 2014-10-15 08:51:49 -04:00
d1_srvr.c Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 15:32:08 +01:00
dtls1.h Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP) 2014-12-03 09:35:23 +00:00
heartbeat_test.c Add conditional unit testing interface. 2014-07-24 19:43:25 +01:00
install-ssl.com Don't forget to install srtp.h as well 2012-05-10 15:01:22 +00:00
kssl.c make kerberos work with OPENSSL_NO_SSL_INTERN 2011-05-11 22:52:34 +00:00
kssl.h Fix for WIN32 builds with KRB5 2014-02-26 15:33:09 +00:00
kssl_lcl.h Some fixes for kerberos builds. 2009-04-21 22:20:12 +00:00
Makefile RT3067: simplify patch 2014-09-24 15:52:41 +02:00
s2_clnt.c Add and use a constant-time memcmp. 2013-01-28 17:30:38 +00:00
s2_enc.c Fixed warning in ssl2_enc 2014-11-27 21:53:44 +00:00
s2_lib.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:05:42 +02:00
s2_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s2_pkt.c Check EVP_Cipher return values for SSL2 2014-11-27 21:53:27 +00:00
s2_srvr.c Reduce version skew. 2012-06-08 09:18:47 +00:00
s3_both.c [PR3597] Advance to the next state variant when reusing messages. 2014-11-28 23:31:45 +01:00
s3_cbc.c RT3066: rewrite RSA padding checks to be slightly more constant time. 2014-09-24 14:17:41 +02:00
s3_clnt.c Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 15:32:08 +01:00
s3_enc.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:53:02 +00:00
s3_lib.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:05:42 +02:00
s3_meth.c New option no-ssl3-method which removes SSLv3_*method 2014-11-19 22:57:51 +00:00
s3_pkt.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:53:02 +00:00
s3_srvr.c Do not resume a session if the negotiated protocol version does not match 2014-11-20 16:31:42 +01:00
s23_clnt.c Fix no-ssl3 configuration option 2014-10-15 08:51:50 -04:00
s23_lib.c Don't advertise ECC ciphersuits in SSLv2 compatible client hello. 2014-06-27 16:52:05 +01:00
s23_meth.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
s23_pkt.c Reorder inclusion of header files: 2002-07-10 07:01:54 +00:00
s23_srvr.c Keep old method in case of an unsupported protocol 2014-10-21 21:08:14 +02:00
srtp.h Add include of ssl.h which is required by srtp.h 2014-11-27 13:19:23 +00:00
ssl-lib.com Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces 2014-10-15 10:49:24 +02:00
ssl.h Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP) 2014-12-03 09:35:23 +00:00
ssl2.h Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN 2011-05-11 12:56:38 +00:00
ssl3.h Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 15:32:08 +01:00
ssl23.h Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ssl_algs.c e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. 2013-02-02 19:35:09 +01:00
ssl_asn1.c fix coverity issue 966597 - error line is not always initialised 2014-05-08 00:00:08 +01:00
ssl_cert.c Remove redundant checks in ssl_cert_dup. This was causing spurious error messages when using GOST 2014-11-27 20:53:58 +00:00
ssl_ciph.c Use more common name for GOST key exchange. 2014-07-14 18:31:54 +01:00
ssl_err.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:05:42 +02:00
ssl_err2.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00
ssl_lib.c Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP) 2014-12-03 09:35:23 +00:00
ssl_locl.h Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP) 2014-12-03 09:35:23 +00:00
ssl_rsa.c Reduce version skew. 2012-06-08 09:18:47 +00:00
ssl_sess.c Tighten session ticket handling 2014-10-28 17:41:49 +01:00
ssl_stat.c Don't disable state strings with no-ssl2 2014-06-28 00:56:42 +01:00
ssl_task.c Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
ssl_txt.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
ssl_utst.c Add conditional unit testing interface. 2014-07-24 19:43:25 +01:00
ssltest.c New option no-ssl3-method which removes SSLv3_*method 2014-11-19 22:57:51 +00:00
t1_clnt.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
t1_enc.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:05:42 +02:00
t1_lib.c Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 15:32:08 +01:00
t1_meth.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
t1_reneg.c Update RI to match latest spec. 2009-12-27 22:59:09 +00:00
t1_srvr.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
tls1.h Support TLS_FALLBACK_SCSV. 2014-10-15 04:05:42 +02:00
tls_srp.c Check SRP parameters early. 2014-08-06 20:27:51 +01:00