mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-24 18:43:34 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,858 Commits 33 Branches 385 Tags 435 MiB
114c9c36b1
Commit Graph

109 Commits

Author SHA1 Message Date
Bodo Möller
2afe316721 fix warnings for CIPHER_DEBUG builds 2007-02-19 16:59:13 +00:00
Bodo Möller
7e69565fe6 fix warnings/inconsistencies caused by the recent changes to the 
ciphersuite selection code in HEAD

Submitted by: Victor Duchovni
 2007-02-19 14:53:18 +00:00
Bodo Möller
ccae144d62 fix incorrect strength bit values for certain Kerberos ciphersuites 
Submitted by: Victor Duchovni
 2007-02-19 14:49:12 +00:00
Bodo Möller
52b8dad8ec Reorganize the data used for SSL ciphersuite pattern matching. 
This change resolves a number of problems and obviates multiple kludges.
A new feature is that you can now say "AES256" or "AES128" (not just
"AES", which enables both).

In some cases the ciphersuite list generated from a given string is
affected by this change.  I hope this is just in those cases where the
previous behaviour did not make sense.
 2007-02-17 06:45:38 +00:00
Dr. Stephen Henson
42182852f5 Constify version strings is ssl lib. 2007-01-21 16:06:05 +00:00
Bodo Möller
076944d920 Fix algorithm handling for ECC ciphersuites: Adapt to recent changes, 
and allow more general RSA OIDs for ECC certs with RSA CA sig.
 2006-06-15 18:28:00 +00:00
Bodo Möller
89bbe14c50 Ciphersuite string bugfixes, and ECC-related (re-)definitions. 2006-06-14 17:40:31 +00:00
Bodo Möller
f3dea9a595 Camellia cipher, contributed by NTT 
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
 2006-06-09 15:44:59 +00:00
Richard Levitte
4d4e08ec1c Use a new signed int ii instead of j (which is unsigned) to handle the 
return value from sk_SSL_CIPHER_find().
 2006-05-28 19:44:27 +00:00
Dr. Stephen Henson
6657b9c73a Fix warnings. 2006-05-26 13:27:58 +00:00
Dr. Stephen Henson
c20276e4ae Fix (most) WIN32 warnings and errors. 2006-04-17 12:08:22 +00:00
Dr. Stephen Henson
e2bce37720 Stop warning. 2006-04-04 18:11:49 +00:00
Bodo Möller
332737217a Implement Supported Elliptic Curves Extension. 
Submitted by: Douglas Stebila
 2006-03-30 02:44:56 +00:00
Bodo Möller
f393b7449d Implement cipher-suite selection logic given Supported Point Formats Extension. 
Submitted by: Douglas Stebila
 2006-03-30 02:35:09 +00:00
Bodo Möller
b6acb8d0de udpate Supported Point Formats Extension code 
Submitted by: Douglas Stebila
 2006-03-13 01:24:38 +00:00
Bodo Möller
36ca4ba63d Implement the Supported Point Formats Extension for ECC ciphersuites 
Submitted by: Douglas Stebila
 2006-03-11 23:46:37 +00:00
Nils Larsch
ddac197404 add initial support for RFC 4279 PSK SSL ciphersuites 
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
 2006-03-10 23:06:27 +00:00
Nils Larsch
00fe865dbe recent changes from 0.9.8: fix cipher list order in s3_lib.c, 
make "no-ssl2" work again

PR: 1217
 2006-01-15 17:35:28 +00:00
Bodo Möller
a13c20f603 Further TLS extension updates 
Submitted by: Peter Sylvester
 2006-01-09 19:49:05 +00:00
Bodo Möller
1aeb3da83f Fixes for TLS server_name extension 
Submitted by: Peter Sylvester
 2006-01-06 09:08:59 +00:00
Bodo Möller
f1fd4544a3 Various changes in the new TLS extension code, including the following: 
- fix indentation
 - rename some functions and macros
 - fix up confusion between SSL_ERROR_... and SSL_AD_... values
 2006-01-03 03:27:19 +00:00
Bodo Möller
ed3883d21b Support TLS extensions (specifically, HostName) 
Submitted by: Peter Sylvester
 2006-01-02 23:14:37 +00:00
Bodo Möller
d56349a2aa update TLS-ECC code 
Submitted by: Douglas Stebila
 2005-12-13 07:33:35 +00:00
Bodo Möller
d804f86b88 disable some invalid ciphersuites 2005-11-15 23:32:11 +00:00
Dr. Stephen Henson
61094cf3dc 128 bit AES ciphersuites should be classified as HIGH. 2005-09-21 00:55:42 +00:00
Ben Laurie
337e368239 Fix warnings. 2005-08-27 12:10:34 +00:00
Nils Larsch
6e119bb02e Keep cipher lists sorted in the source instead of sorting them at 
runtime, thus removing the need for a lock. Add a test to ssltest
to verify that the cipher lists are sorted.
 2005-08-25 07:29:54 +00:00
Nils Larsch
eba63ef58b a ssl object needs it's own instance of a ecdh key; remove obsolete comment 2005-08-08 20:02:18 +00:00
Nils Larsch
01a9792f05 remove unused internal foo_base_method functions 2005-08-08 19:04:37 +00:00
Dr. Stephen Henson
f3b656b246 Initialize SSL_METHOD structures at compile time. This removes the need 
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
 2005-08-05 23:56:11 +00:00
Nils Larsch
3eeaab4bed make 
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
    	make depend all test
work again

PR: 1159
 2005-07-16 12:37:36 +00:00
Andy Polyakov
dffdb56b7f "Liberate" dtls from BN dependency. Fix bug in replay/update. 2005-06-07 22:21:14 +00:00
Richard Levitte
188b05792f pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't 
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.

Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
 2005-05-30 22:34:37 +00:00
Bodo Möller
aa4ce7315f Fix various incorrect error function codes. 
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
 2005-04-26 18:53:22 +00:00
Ben Laurie
36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00
Ben Laurie
41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Ben Laurie
0821bcd4de Constification. 2005-03-30 10:26:02 +00:00
Geoff Thorpe
60a938c6bc (oops) Apologies all, that last header-cleanup commit was from the wrong 
tree. This further reduces header interdependencies, and makes some
associated cleanups.
 2004-04-19 18:09:28 +00:00
Richard Levitte
5fdf06666c Avoid including cryptlib.h, it's not really needed. 
Check if IDEA is being built or not.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 16:10:30 +00:00
Geoff Thorpe
2754597013 A general spring-cleaning (in autumn) to fix up signed/unsigned warnings. 
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
 2003-10-29 20:24:15 +00:00
Richard Levitte
4579924b7e Cleanse memory using the new OPENSSL_cleanse() function. 
I've covered all the memset()s I felt safe modifying, but may have missed some.
 2002-11-28 08:04:36 +00:00
Bodo Möller
259cdf2af9 Sun has agreed to removing the covenant language from most files. 
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
 2002-10-29 10:59:32 +00:00
Richard Levitte
28c8a911bd Typos. 
PR: 189
 2002-10-15 20:30:56 +00:00
Richard Levitte
7ba3a4c3d2 RFC 2712 redefines the codes for use of Kerberos 5 in SSL/TLS. 
PR: 189
 2002-10-10 07:59:03 +00:00
Bodo Möller
b8565a9af9 really fix race conditions 
Submitted by: "Patrick McCormick" <patrick@tellme.com>

PR: 262
PR: 291
 2002-09-25 15:38:57 +00:00
Bodo Möller
ea26226046 ECC ciphersuite support 
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
(Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)
 2002-08-09 08:56:08 +00:00
Lutz Jänicke
063a8905bf Ciphers with NULL encryption were not properly handled because they were 
not covered by the strength bit mask.
Submitted by:
Reviewed by:
PR: 130
 2002-07-10 06:41:55 +00:00
Bodo Möller
82b0bf0b87 Implement known-IV countermeasure. 
Fix length checks in ssl3_get_client_hello().

Use s->s3->in_read_app_data differently to fix ssl3_read_internal().
 2002-04-13 22:47:20 +00:00
Bodo Möller
304d90425f fix ssl3_pending 2002-03-15 10:52:32 +00:00
Lutz Jänicke
bfaa8a89e1 Add missing strength entries. 2002-03-14 18:53:15 +00:00