root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
28,717 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

140 Commits

Author SHA1 Message Date
Andy Polyakov 972b0dc350 bss_dgram.c,d1_lib.c: make it compile with mingw. 
Submitted by: Roumen Petrov
 2014-03-06 14:04:56 +01:00
Dr. Stephen Henson c6913eeb76 Dual DTLS version methods. 
Add new methods DTLS_*_method() which support both DTLS 1.0 and DTLS 1.2 and
pick the highest version the peer supports during negotiation.

As with SSL/TLS options can change this behaviour specifically
SSL_OP_NO_DTLSv1 and SSL_OP_NO_DTLSv1_2.
 2013-04-09 14:02:48 +01:00
Dr. Stephen Henson 04638f2fc3 Set s->d1 to NULL after freeing it. 2013-04-08 18:24:42 +01:00
Dr. Stephen Henson 4221c0dd30 Enable TLS 1.2 ciphers in DTLS 1.2. 
Port TLS 1.2 GCM code to DTLS. Enable use of TLS 1.2 only ciphers when in
DTLS 1.2 mode too.
 2013-03-28 14:14:27 +00:00
Dr. Stephen Henson c3b344e36a Provisional DTLS 1.2 support. 
Add correct flags for DTLS 1.2, update s_server and s_client to handle
DTLS 1.2 methods.

Currently no support for version negotiation: i.e. if client/server selects
DTLS 1.2 it is that or nothing.
 2013-03-26 15:16:41 +00:00
Dr. Stephen Henson 173e72e64c DTLS revision. 
Revise DTLS code. There was a *lot* of code duplication in the
DTLS code that generates records. This makes it harder to maintain and
sometimes a TLS update is omitted by accident from the DTLS code.

Specifically almost all of the record generation functions have code like
this:

some_pointer = buffer + HANDSHAKE_HEADER_LENGTH;
... Record creation stuff ...
set_handshake_header(ssl, SSL_MT_SOMETHING, message_len);

...

write_handshake_message(ssl);

Where the "Record creation stuff" is identical between SSL/TLS and DTLS or
in some cases has very minor differences.

By adding a few fields to SSL3_ENC to include the header length, some flags
and function pointers for handshake header setting and handshake writing the
code can cope with both cases.

Note: although this passes "make test" and some simple DTLS tests there may
be some minor differences in the DTLS code that have to be accounted for.
 2013-03-18 14:36:43 +00:00
Andy Polyakov a006fef78e Improve WINCE support. 
Submitted by: Pierre Delaage
 2013-01-19 21:23:13 +01:00
Andy Polyakov f469880c61 d1_lib.c,bss_dgram.c: eliminate dependency on _ftime. 2012-12-16 19:02:59 +00:00
Dr. Stephen Henson aa09c2c631 correct error codes 2012-04-18 15:36:12 +00:00
Dr. Stephen Henson ea6e386008 PR: 2756 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix DTLS timeout handling.
 2012-03-09 15:52:33 +00:00
Dr. Stephen Henson 62b6948a27 PR: 2755 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
 2012-03-06 13:47:43 +00:00
Dr. Stephen Henson 4817504d06 PR: 2658 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Support for TLS/DTLS heartbeats.
 2011-12-31 22:59:57 +00:00
Dr. Stephen Henson 7e159e0133 PR: 2535 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Add SCTP support for DTLS (RFC 6083).
 2011-12-25 14:45:15 +00:00
Ben Laurie e0af04056c Add TLS exporter. 2011-11-15 23:50:52 +00:00
Dr. Stephen Henson 1d7392f219 PR: 2602 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS bug which prevents manual MTU setting
 2011-09-23 13:34:48 +00:00
Dr. Stephen Henson 861a7e5c9f PR: 2543 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Correctly handle errors in DTLSv1_handle_timeout()
 2011-06-22 15:30:14 +00:00
Dr. Stephen Henson 006b54a8eb Oops use up to date patch for PR#2506 2011-05-25 14:30:20 +00:00
Dr. Stephen Henson 7832d6ab1c PR: 2506 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fully implement SSL_clear for DTLS.
 2011-05-25 12:28:06 +00:00
Dr. Stephen Henson 4058861f69 PR: 2462 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS Retransmission Buffer Bug
 2011-04-03 17:14:35 +00:00
Richard Levitte ec44f0ebfa Taken from OpenSSL_1_0_0-stable: 
Include proper header files for time functions.
Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>
 2010-11-22 18:25:04 +00:00
Dr. Stephen Henson 87a37cbadd PR: 2223 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS timeout bug
 2010-04-06 12:29:31 +00:00
Dr. Stephen Henson 8025e25113 PR: 2121 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Add extension support to DTLS code mainly using existing implementation for
TLS.
 2009-12-08 11:37:40 +00:00
Dr. Stephen Henson 499684404c PR: 2115 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.
 2009-12-01 17:42:15 +00:00
Dr. Stephen Henson 1fc3ac806d PR: 2033 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS listen support.
 2009-09-09 17:05:18 +00:00
Dr. Stephen Henson 3ed3603b60 Update default dependency flags. 
Make error name discrepancies a fatal error.
Fix error codes.
make update
 2009-08-12 17:30:37 +00:00
Dr. Stephen Henson b972fbaa8f PR: 1997 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS timeout handling fix.
 2009-08-12 13:19:54 +00:00
Dr. Stephen Henson 6cf41fec72 Update from 1.0.0-stable. 2009-05-31 17:13:09 +00:00
Dr. Stephen Henson 48fd490c6d Update from 1.0.0-stable. 2009-05-16 11:16:43 +00:00
Dr. Stephen Henson 9289f21b7d Update from 1.0.0 stable branch. 2009-05-16 11:15:42 +00:00
Dr. Stephen Henson eb38b26dbc Update from 1.0.0-stable. 2009-05-15 22:58:40 +00:00
Dr. Stephen Henson 8711efb498 Updates from 1.0.0-stable branch. 2009-04-20 11:33:12 +00:00
Dr. Stephen Henson e5fa864f62 Updates from 1.0.0-stable. 2009-04-15 15:27:03 +00:00
Ben Laurie babb379849 Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
Andy Polyakov 5d58f1bbfe Prohibit RC4 in DTLS. 2007-10-05 21:04:56 +00:00
Dr. Stephen Henson 42182852f5 Constify version strings is ssl lib. 2007-01-21 16:06:05 +00:00
Nils Larsch 01a9792f05 remove unused internal foo_base_method functions 2005-08-08 19:04:37 +00:00
Dr. Stephen Henson f3b656b246 Initialize SSL_METHOD structures at compile time. This removes the need 
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
 2005-08-05 23:56:11 +00:00
Andy Polyakov dffdb56b7f "Liberate" dtls from BN dependency. Fix bug in replay/update. 2005-06-07 22:21:14 +00:00
Richard Levitte 188b05792f pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't 
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.

Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
 2005-05-30 22:34:37 +00:00
Ben Laurie 36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00