root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
14,109 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

31 Commits

Author SHA1 Message Date
Matt Caswell a3680c8f9c Version negotiation rewrite cleanup 
Following the version negotiation rewrite all of the previous code that was
dedicated to version negotiation can now be deleted - all six source files
of it!!

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2015-05-16 09:20:38 +01:00
Matt Caswell a89db885e0 Add Error state 
Reusing an SSL object when it has encountered a fatal error can
have bad consequences. This is a bug in application code not libssl
but libssl should be more forgiving and not crash.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-05-05 19:45:17 +01:00
Matt Caswell 295c3f4111 Move s->rstate to s->rlayer.rstate 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-26 15:02:00 +00:00
Matt Caswell 0f113f3ee4 Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:09 +00:00
Kurt Roeckx 45f55f6a5b Remove SSLv2 support 
The only support for SSLv2 left is receiving a SSLv2 compatible client hello.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-12-04 11:55:03 +01:00
Dr. Stephen Henson b948ee27b0 Remove all RFC5878 code. 
Remove RFC5878 code. It is no longer needed for CT and has numerous bugs
 2014-07-04 13:26:35 +01:00
Dr. Stephen Henson 0518a3e19e Don't disable state strings with no-ssl2 
Some state strings were erronously not compiled when no-ssl2
was set.

PR#3295
 2014-06-28 00:54:32 +01:00
Scott Deboy 36086186a9 Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) 
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
 2013-09-06 13:59:13 +01:00
Dr. Stephen Henson ebba6c4895 PR: 1794 
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Make SRP conformant to rfc 5054.

Changes are:

- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.
 2011-11-25 00:17:44 +00:00
Dr. Stephen Henson 0c58d22ad9 PR: 1794 
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Document unknown_psk_identify alert, remove pre-RFC 5054 string from
ssl_stat.c
 2011-11-13 13:13:01 +00:00
Ben Laurie edc032b5e3 Add SRP support. 2011-03-12 17:01:19 +00:00
Dr. Stephen Henson 598b562a7f PR: 2133 
Submitted by: steve@openssl.org

Add missing DTLS state strings.
 2010-01-16 19:20:52 +00:00
Dr. Stephen Henson 8fcc9caecc Update from stable branch. 2008-04-29 16:39:03 +00:00
Nils Larsch ddac197404 add initial support for RFC 4279 PSK SSL ciphersuites 
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
 2006-03-10 23:06:27 +00:00
Bodo Möller 6ad47e83b4 improvements for alert handling 2006-01-11 07:18:35 +00:00
Ben Laurie 45d87a1ffe Prototype info function. 2002-01-12 15:56:13 +00:00
Lutz Jänicke 11c8f0b79d More manual pages. Constify. 2001-08-23 17:22:43 +00:00
Lutz Jänicke df7cb13525 Checked in from the wrong !@#$%&*() copy... 2001-08-21 07:27:02 +00:00
Lutz Jänicke a403188f92 Alert description strings for TLSv1 and documentation. 2001-08-19 16:20:42 +00:00
Lutz Jänicke 3a2d9c4dd0 Fix typos (shinagawa@star.zko.dec.com) 2001-08-07 07:52:53 +00:00
Richard Levitte bc36ee6227 Use new-style system-id macros everywhere possible. I hope I haven't 
missed any.

This compiles and runs on Linux, and external applications have no
problems with it.  The definite test will be to build this on VMS.
 2001-02-20 08:13:47 +00:00
Bodo Möller 745c70e565 Move MAC computations for Finished from ssl3_read_bytes into 
ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client.
 2000-02-21 10:16:30 +00:00
Ulf Möller 657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Bodo Möller ca03109c3a New functions SSL_get_finished, SSL_get_peer_finished. 
Add short state string for MS SGC.
 2000-01-06 01:19:17 +00:00
Dr. Stephen Henson 3d14b9d04a Add support for MS "fast SGC". 2000-01-02 18:52:58 +00:00
Bodo Möller d7fcc7f6c6 Bugfix. 1999-06-12 11:07:52 +00:00
Bodo Möller 95d29597b7 BIO pairs. 1999-06-12 01:03:40 +00:00
Ulf Möller 6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Ralf S. Engelschall 13e91dd365 Incorporation of RSEs assembled patches 1998-12-22 15:59:57 +00:00
Ralf S. Engelschall 58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Ralf S. Engelschall d02b48c63a Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00