root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
8,105 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

30 Commits

Author SHA1 Message Date
Ben Laurie c2b78c31d6 First cut of renegotiation extension. 2009-11-08 14:51:54 +00:00
Dr. Stephen Henson a1dc0336dd Re-revert (re-insert?) temporary change that made renegotiation work again 
and add a proper fix: specifically if it is a new session don't send the old
TLS ticket, send a zero length ticket to request a new session.
 2009-11-08 14:30:22 +00:00
Dr. Stephen Henson 2a8834cf89 Fix stateless session resumption so it can coexist with SNI 2009-10-30 13:28:07 +00:00
Dr. Stephen Henson 197ab47bdd PR: 2028 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.
 2009-09-04 17:53:30 +00:00
Dr. Stephen Henson 5d577d7eb0 Update from 1.0.0-stable. 2009-04-28 22:02:16 +00:00
Dr. Stephen Henson 8f59c61d1d If tickets disabled behave as if no ticket received to support 
stateful resume.
 2008-09-03 22:13:04 +00:00
Mark J. Cox d3b3a6d389 Fix double-free in TLS server name extensions which could lead to a remote 
crash found by Codenomicon TLS test suite (CVE-2008-0891)

Reviewed by: openssl-security@openssl.org

Obtained from: jorton@redhat.com
 2008-05-28 07:26:33 +00:00
Dr. Stephen Henson db533c96e3 TLS ticket key setting callback: this allows and application to set 
its own TLS ticket keys.
 2008-04-30 16:11:33 +00:00
Dr. Stephen Henson 5f95651316 Ensure the ticket expected flag is reset when a stateless resumption is 
successful.
 2007-10-18 11:39:11 +00:00
Dr. Stephen Henson a523276786 Backport certificate status request TLS extension support to 0.9.8. 2007-10-12 00:00:36 +00:00
Bodo Möller 4ab0088bfe More changes from HEAD: 
- no need to disable SSL 2.0 for SSL_CTRL_SET_TLSEXT_HOSTNAME
  now that ssl23_client_hello takes care of that

- fix buffer overrun checks in ssl_add_serverhello_tlsext()
 2007-09-21 14:05:08 +00:00
Dr. Stephen Henson 3bd1690bfb Fixes from HEAD. 2007-09-21 13:40:51 +00:00
Dr. Stephen Henson afdbadc704 Update from HEAD. 2007-08-20 12:44:22 +00:00
Dr. Stephen Henson 865a90eb4f Backport of TLS extension code to OpenSSL 0.9.8. 
Include server name and RFC4507bis support.

This is not compiled in by default and must be explicitly enabled with
the Configure option enable-tlsext
 2007-08-12 18:59:03 +00:00
Dr. Stephen Henson 4479ce9c1c Update from HEAD. 2007-01-21 16:07:25 +00:00
Dr. Stephen Henson 222f224664 Initialize SSL_METHOD structures at compile time. This removes the need 
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
 2005-08-05 23:52:08 +00:00
Ben Laurie 36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00
Ben Laurie 41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Richard Levitte d3442bc780 Move the registration of callback functions to special functions 
designed for that.  This removes the potential error to mix data and
function pointers.

Please note that I'm a little unsure how incorrect calls to the old
ctrl functions should be handled, in som cases.  I currently return 0
and that's it, but it may be more correct to generate a genuine error
in those cases.
 2000-02-20 23:43:02 +00:00
Ulf Möller 9d1a01be8f Source code cleanups: Use void * rather than char * in lhash, 
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
 2000-01-30 22:20:28 +00:00
Ulf Möller de808df47b Cosmetic changes. 1999-09-29 22:14:47 +00:00
Bodo Möller ec577822f9 Change #include filenames from <foo.h> to <openssl.h>. 
Submitted by:
Reviewed by:
PR:
 1999-04-23 22:13:45 +00:00
Ulf Möller 6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Ben Laurie b4cadc6e13 Fix security hole. 1999-03-22 12:22:14 +00:00
Ralf S. Engelschall 9cb0969f65 Fix version stuff: 
1. The already released version was 0.9.1c and not 0.9.1b

2. The next release should be 0.9.2 and not 0.9.1d, because
   first the changes are already too large, second we should avoid any more
   0.9.1x confusions and third, the Apache version semantics of
   VERSION.REVISION.PATCHLEVEL for the version string is reasonable (and here
   .2 is already just a patchlevel and not major change).
tVS: ----------------------------------------------------------------------
 1998-12-31 09:36:40 +00:00
Ralf S. Engelschall 320a14cb5b *** empty log message *** 1998-12-23 12:09:47 +00:00
Ralf S. Engelschall 5f32680329 Switch version string to SSLeay/OpenSSL 1998-12-23 07:53:55 +00:00
Ralf S. Engelschall 651d0aff98 Various cleanups and fixed by Marc and Ralf to start the OpenTLS project 1998-12-22 15:04:48 +00:00
Ralf S. Engelschall dfeab0689f Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:56 +00:00
Ralf S. Engelschall 58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00