root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
8,131 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

118 Commits

Author SHA1 Message Date
Dr. Stephen Henson 81025661a9 Update ssl code to support digests other than MD5+SHA1 in handshake. 
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
 2007-08-31 12:42:53 +00:00
Dr. Stephen Henson 94d511cdbd Add ctrls to set and get RFC4507bis keys to enable several contexts to 
reuse the same tickets.
 2007-08-28 01:08:45 +00:00
Dr. Stephen Henson 367eb1f125 Fix warning and make no-tlsext work. 2007-08-12 18:56:14 +00:00
Dr. Stephen Henson 6434abbfc6 RFC4507 (including RFC4507bis) TLS stateless session resumption support 
for OpenSSL.
 2007-08-11 23:18:29 +00:00
Dr. Stephen Henson b948e2c59e Update ssl library to support EVP_PKEY MAC API. Include generic MAC support. 2007-06-04 17:04:40 +00:00
Bodo Möller cb1bab1a04 All ciphersuites should have a strength designator. 2007-04-24 00:13:51 +00:00
Bodo Möller 96afc1cfd5 Add SEED encryption algorithm. 
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
 2007-04-23 23:48:59 +00:00
Dr. Stephen Henson 9981a51e42 Stage 1 GOST ciphersuite support. 
Submitted by: ran@cryptocom.ru
Reviewed by: steve@openssl.org
 2007-03-23 17:04:05 +00:00
Bodo Möller 60cad2caed delete obsolete comment 2007-02-21 09:32:17 +00:00
Bodo Möller 2afe316721 fix warnings for CIPHER_DEBUG builds 2007-02-19 16:59:13 +00:00
Bodo Möller 7e69565fe6 fix warnings/inconsistencies caused by the recent changes to the 
ciphersuite selection code in HEAD

Submitted by: Victor Duchovni
 2007-02-19 14:53:18 +00:00
Bodo Möller ccae144d62 fix incorrect strength bit values for certain Kerberos ciphersuites 
Submitted by: Victor Duchovni
 2007-02-19 14:49:12 +00:00
Bodo Möller 52b8dad8ec Reorganize the data used for SSL ciphersuite pattern matching. 
This change resolves a number of problems and obviates multiple kludges.
A new feature is that you can now say "AES256" or "AES128" (not just
"AES", which enables both).

In some cases the ciphersuite list generated from a given string is
affected by this change.  I hope this is just in those cases where the
previous behaviour did not make sense.
 2007-02-17 06:45:38 +00:00
Dr. Stephen Henson 42182852f5 Constify version strings is ssl lib. 2007-01-21 16:06:05 +00:00
Bodo Möller 076944d920 Fix algorithm handling for ECC ciphersuites: Adapt to recent changes, 
and allow more general RSA OIDs for ECC certs with RSA CA sig.
 2006-06-15 18:28:00 +00:00
Bodo Möller 89bbe14c50 Ciphersuite string bugfixes, and ECC-related (re-)definitions. 2006-06-14 17:40:31 +00:00
Bodo Möller f3dea9a595 Camellia cipher, contributed by NTT 
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
 2006-06-09 15:44:59 +00:00
Richard Levitte 4d4e08ec1c Use a new signed int ii instead of j (which is unsigned) to handle the 
return value from sk_SSL_CIPHER_find().
 2006-05-28 19:44:27 +00:00
Dr. Stephen Henson 6657b9c73a Fix warnings. 2006-05-26 13:27:58 +00:00
Dr. Stephen Henson c20276e4ae Fix (most) WIN32 warnings and errors. 2006-04-17 12:08:22 +00:00
Dr. Stephen Henson e2bce37720 Stop warning. 2006-04-04 18:11:49 +00:00
Bodo Möller 332737217a Implement Supported Elliptic Curves Extension. 
Submitted by: Douglas Stebila
 2006-03-30 02:44:56 +00:00
Bodo Möller f393b7449d Implement cipher-suite selection logic given Supported Point Formats Extension. 
Submitted by: Douglas Stebila
 2006-03-30 02:35:09 +00:00
Bodo Möller b6acb8d0de udpate Supported Point Formats Extension code 
Submitted by: Douglas Stebila
 2006-03-13 01:24:38 +00:00
Bodo Möller 36ca4ba63d Implement the Supported Point Formats Extension for ECC ciphersuites 
Submitted by: Douglas Stebila
 2006-03-11 23:46:37 +00:00
Nils Larsch ddac197404 add initial support for RFC 4279 PSK SSL ciphersuites 
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
 2006-03-10 23:06:27 +00:00
Nils Larsch 00fe865dbe recent changes from 0.9.8: fix cipher list order in s3_lib.c, 
make "no-ssl2" work again

PR: 1217
 2006-01-15 17:35:28 +00:00
Bodo Möller a13c20f603 Further TLS extension updates 
Submitted by: Peter Sylvester
 2006-01-09 19:49:05 +00:00
Bodo Möller 1aeb3da83f Fixes for TLS server_name extension 
Submitted by: Peter Sylvester
 2006-01-06 09:08:59 +00:00
Bodo Möller f1fd4544a3 Various changes in the new TLS extension code, including the following: 
- fix indentation
 - rename some functions and macros
 - fix up confusion between SSL_ERROR_... and SSL_AD_... values
 2006-01-03 03:27:19 +00:00
Bodo Möller ed3883d21b Support TLS extensions (specifically, HostName) 
Submitted by: Peter Sylvester
 2006-01-02 23:14:37 +00:00
Bodo Möller d56349a2aa update TLS-ECC code 
Submitted by: Douglas Stebila
 2005-12-13 07:33:35 +00:00
Bodo Möller d804f86b88 disable some invalid ciphersuites 2005-11-15 23:32:11 +00:00
Dr. Stephen Henson 61094cf3dc 128 bit AES ciphersuites should be classified as HIGH. 2005-09-21 00:55:42 +00:00
Ben Laurie 337e368239 Fix warnings. 2005-08-27 12:10:34 +00:00
Nils Larsch 6e119bb02e Keep cipher lists sorted in the source instead of sorting them at 
runtime, thus removing the need for a lock. Add a test to ssltest
to verify that the cipher lists are sorted.
 2005-08-25 07:29:54 +00:00
Nils Larsch eba63ef58b a ssl object needs it's own instance of a ecdh key; remove obsolete comment 2005-08-08 20:02:18 +00:00
Nils Larsch 01a9792f05 remove unused internal foo_base_method functions 2005-08-08 19:04:37 +00:00
Dr. Stephen Henson f3b656b246 Initialize SSL_METHOD structures at compile time. This removes the need 
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
 2005-08-05 23:56:11 +00:00
Nils Larsch 3eeaab4bed make 
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
    	make depend all test
work again

PR: 1159
 2005-07-16 12:37:36 +00:00
Andy Polyakov dffdb56b7f "Liberate" dtls from BN dependency. Fix bug in replay/update. 2005-06-07 22:21:14 +00:00
Richard Levitte 188b05792f pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't 
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.

Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
 2005-05-30 22:34:37 +00:00
Bodo Möller aa4ce7315f Fix various incorrect error function codes. 
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
 2005-04-26 18:53:22 +00:00
Ben Laurie 36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00
Ben Laurie 41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Ben Laurie 0821bcd4de Constification. 2005-03-30 10:26:02 +00:00
Geoff Thorpe 60a938c6bc (oops) Apologies all, that last header-cleanup commit was from the wrong 
tree. This further reduces header interdependencies, and makes some
associated cleanups.
 2004-04-19 18:09:28 +00:00
Richard Levitte 5fdf06666c Avoid including cryptlib.h, it's not really needed. 
Check if IDEA is being built or not.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 16:10:30 +00:00
Geoff Thorpe 2754597013 A general spring-cleaning (in autumn) to fix up signed/unsigned warnings. 
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
 2003-10-29 20:24:15 +00:00
Richard Levitte 4579924b7e Cleanse memory using the new OPENSSL_cleanse() function. 
I've covered all the memset()s I felt safe modifying, but may have missed some.
 2002-11-28 08:04:36 +00:00