root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
3,084 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

350 Commits

Author SHA1 Message Date
Dr. Stephen Henson a342cc5a70 Zero the premaster secret after deriving the master secret in DH 
ciphersuites.
 2001-01-25 13:15:01 +00:00
Bodo Möller 325ae88efb For improved compatibility with 'strange' certificates, add some 
digest aliases (as found in OpenSSL_add_all_digests).
 2001-01-23 13:55:26 +00:00
Ulf Möller 36f74d60b3 Definition of NO_KRB5 in ssl.h for external applications. 2001-01-22 18:46:32 +00:00
Geoff Thorpe 3c91484052 Move all the existing function pointer casts associated with LHASH's two 
"doall" functions to using type-safe wrappers. As and where required, this
can be replaced by redeclaring the underlying callbacks to use the
underlying "void"-based prototypes (eg. if performance suffers from an
extra level of function invocation).
 2001-01-09 00:24:38 +00:00
Richard Levitte 26da3e65ac If OPENSSL_BUILD_SHLIBCRYPTO (for files that end up as libcrypto 
objects) or OPENSSL_BUILD_SHLIBSSL (for files that end up as libssl
objects) is defined, redefine OPENSSL_EXTERN to be OPENSSL_EXPORT.
This is actually only important on Win32, and can safely be ignored in
all other cases, at least for now.
 2000-12-31 00:23:17 +00:00
Richard Levitte 6f346c7115 Uhmm, the keyword TRUE does not exist of course... 2000-12-31 00:00:02 +00:00
Richard Levitte 200b24e391 Check for deselection of KRB5. In fact, skip it completely on VMS for now... 2000-12-29 01:54:14 +00:00
Richard Levitte 701adceb12 "make update" plus a rewrite of both .num files. 2000-12-29 00:19:12 +00:00
Richard Levitte 66a0def81b Update VMS build procedures to match the current status. 2000-12-28 22:26:11 +00:00
Bodo Möller 037a9f9c1a Get rid of unused error code. 2000-12-27 23:42:20 +00:00
Bodo Möller 725c88879c Finish SSL_peek/SSL_pending fixes. 2000-12-26 12:07:23 +00:00
Bodo Möller a0aae68cf6 Fix SSL_peek and SSL_pending. 2000-12-25 18:40:46 +00:00
Bodo Möller 3880cd35ad Import s2_pkt.c wbuf fixes from OpenSSL_0_9_6-stable branch. 2000-12-18 11:35:32 +00:00
Bodo Möller 3ac82faae5 Locking issues. 2000-12-15 16:40:35 +00:00
Bodo Möller bdcfe1d165 typo 2000-12-14 17:47:29 +00:00
Bodo Möller 5a4fbc69c3 First step towards SSL_peek fix. 2000-12-14 17:36:59 +00:00
Richard Levitte 34d69d3b23 SSL_new() may potentially add a certfificate. Therefore, wen 
duplicating the certificate that is in the original SSL, remove the
one that SSL_new() provided, if any.
Spotted by: Mike Zeoli <zeoli@roguewave.com>
 2000-12-12 08:08:53 +00:00
Geoff Thorpe d0fa136ce2 Next step in tidying up the LHASH code. 
DECLARE/IMPLEMENT macros now exist to create type (and prototype) safe
wrapper functions that avoid the use of function pointer casting yet retain
type-safety for type-specific callbacks. However, most of the usage within
OpenSSL itself doesn't really require the extra function because the hash
and compare callbacks are internal functions declared only for use by the
hash table. So this change catches all those cases and reimplements the
functions using the base-level LHASH prototypes and does per-variable
casting inside those functions to convert to the appropriate item type.

The exception so far is in ssl_lib.c where the hash and compare callbacks
are not static - they're exposed in ssl.h so their prototypes should not be
changed. In this last case, the IMPLEMENT_LHASH_*** macros have been left
intact.
 2000-12-08 20:02:01 +00:00
Richard Levitte 9f49524331 It's completely unnecessary to add a compression algorithm that is 
really undefined.
Spotted by Jeffrey Altman <jaltman@columbia.edu>
 2000-12-04 17:17:03 +00:00
Geoff Thorpe 97b1719583 Make the remaining LHASH macro changes. This should leave no remaining 
cases of function pointer casting in lh_new() calls - and leave only the
lh_doall and lh_doall_arg cases to be finished.
 2000-12-04 03:02:44 +00:00
Ben Laurie b0dc680f71 Fix warnings. 2000-12-03 10:04:22 +00:00
Ulf Möller 0826c85f4c remove unused static function 2000-12-02 07:20:47 +00:00
Geoff Thorpe 385d81380c First step in tidying up the LHASH code. The callback prototypes (and 
casts) used in the lhash code are about as horrible and evil as they can
be. For starters, the callback prototypes contain empty parameter lists.
Yuck.

This first change defines clearer prototypes - including "typedef"'d
function pointer types to use as "hash" and "compare" callbacks, as well as
the callbacks passed to the lh_doall and lh_doall_arg iteration functions.
Now at least more explicit (and clear) casting is required in all of the
dependant code - and that should be included in this commit.

The next step will be to hunt down and obliterate some of the function
pointer casting being used when it's not necessary - a particularly evil
variant exists in the implementation of lh_doall.
 2000-12-01 20:31:52 +00:00
Richard Levitte 3e7a6396ed Typo corrected. 2000-12-01 14:33:19 +00:00
Bodo Möller b5a25a430a "make depend" 2000-12-01 08:48:42 +00:00
Bodo Möller 8df788c97f COMP_zlib should always be declared, even if it is not functional. 
Don't dump core in ssltest.
 2000-11-30 23:41:58 +00:00
Richard Levitte f9b3bff6f7 First tentative impementation of Kerberos 5 cryptos and keys for SSL/TLS. Implemented by Vern Staats <staatsvr@asc.hpc.mil>, further hacked and distributed by Jeffrey Altman <jaltnab@columbia.edu> 2000-11-30 22:53:34 +00:00
Richard Levitte 4751717cd8 The compression method may be undefined for some reason that has 
generated errors.  Therefore, print whatever error there may be...
 2000-11-30 12:53:15 +00:00
Richard Levitte bd68b6b1f6 Simplify and provide the possibility to clean a compression method. 2000-11-30 12:22:35 +00:00
Richard Levitte cd9b7d7c35 comp_methods in a SSL_CTX points at an internal database. Do *not* 
free that, since it's shared by all SSL_CTX's, present and future.
 2000-11-30 12:21:33 +00:00
Richard Levitte 058123afb6 Turn off memory checking when loading new compression algorithms. 2000-11-30 12:19:54 +00:00
Richard Levitte 23f80f46a4 Make it possible to test SSL compression 2000-11-30 11:57:31 +00:00
Bodo Möller 38b40c624c mark a bug 2000-11-29 19:29:47 +00:00
Lutz Jänicke 0dd2254d76 Store verify_result with sessions to avoid potential security hole. 
For the server side this was already done one year ago :-(
 2000-11-29 16:04:38 +00:00
Bodo Möller 24b44446e2 Comments on SSL_peek deficiencies 2000-11-28 06:58:22 +00:00
Bodo Möller 87739b2c53 Disable SSL_peek until it is fixed. 2000-11-28 06:48:36 +00:00
Bodo Möller 78a0c1f18d modular arithmetics 
"make update"
 2000-11-26 16:42:38 +00:00
Bodo Möller 7396958515 Increase permissible ClientKeyExchange message length. 2000-11-17 14:42:49 +00:00
Bodo Möller 3c758be86e include 'err' label only when it is actually used 2000-11-17 13:08:57 +00:00
Bodo Möller f7a059316f tag SSL_peek bugs 2000-11-17 11:49:29 +00:00
Richard Levitte 43fcc1b096 I've checked again and again. There really is no need to expand a to 
4 times it's size when bn_sqr_recursive() won't look farther than the
original length.  Thereby, constification is no longer a problem.
 2000-11-16 21:35:41 +00:00
Ulf Möller 6a8ba34f9d in some new file names the first 8 characters were not unique 2000-11-12 22:32:18 +00:00
Richard Levitte ccb9643f02 Remove references to RSAref. The glue library is but a memory to fade 
away now...
 2000-11-08 17:51:37 +00:00
Richard Levitte 5e4ca4220e The consequence of constification is that to pass the address to a 
pointer to a const double pointe parameter, the pointer must point to
const data as well.
 2000-11-06 23:16:04 +00:00
Richard Levitte f3f316f13f If the functions get_dh*() are declared static, they should be defined the same way 2000-10-22 12:45:33 +00:00
Richard Levitte 3ab5651112 The experimental Rijndael code moved to the main trunk. 
make update done.
 2000-10-14 20:09:54 +00:00
Dr. Stephen Henson 924046ce75 Make non blocking I/O work for accept BIOs. 2000-10-12 01:50:33 +00:00
Bodo Möller 086a32d754 Set s->read_ahead in SSL_new because SSL_clear no longer modifies it. 2000-09-26 11:38:05 +00:00
Bodo Möller 544ebbceb4 Don't modify s->read_ahead in SSL_clear, which is called from 
accept/connect functions; those should not change the
read_ahead setting of the SSL structure.
 2000-09-26 11:30:59 +00:00
Bodo Möller 6d0dcbedb1 Fix SSL_CTX_set_read_ahead macro. 
Submitted by: Anders Gertz <gertz@epact.se>
 2000-09-26 11:25:44 +00:00