root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
10,797 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

61 Commits

Author SHA1 Message Date
Dr. Stephen Henson e7f8ff4382 New ctrls to retrieve supported signature algorithms and curves and 
extensions to s_client and s_server to print out retrieved valued.

Extend CERT structure to cache supported signature algorithm data.
 2012-03-06 14:28:21 +00:00
Dr. Stephen Henson 74b4b49494 SSL export fixes (from Adam Langley) [original from 1.0.1] 2012-02-22 15:06:56 +00:00
Dr. Stephen Henson 4817504d06 PR: 2658 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Support for TLS/DTLS heartbeats.
 2011-12-31 22:59:57 +00:00
Dr. Stephen Henson ebba6c4895 PR: 1794 
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Make SRP conformant to rfc 5054.

Changes are:

- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.
 2011-11-25 00:17:44 +00:00
Ben Laurie e0af04056c Add TLS exporter. 2011-11-15 23:50:52 +00:00
Ben Laurie 333f926d67 Add DTLS-SRTP. 2011-11-15 22:59:20 +00:00
Dr. Stephen Henson 6dd547398a use client version when eliminating TLS v1.2 ciphersuites in client hello 2011-10-07 15:07:19 +00:00
Dr. Stephen Henson 28dd49faec Expand range of ctrls for AES GCM to support retrieval and setting of 
invocation field.

Add complete support for AES GCM ciphersuites including all those in
RFC5288 and RFC5289.
 2011-08-03 15:37:22 +00:00
Dr. Stephen Henson d09677ac45 Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support and 
prohibit use of these ciphersuites for TLS < 1.2
 2011-07-25 20:41:32 +00:00
Dr. Stephen Henson 238b63613b use TLS1_get_version macro to check version so TLS v1.2 changes don't interfere with DTLS 2011-05-25 11:43:07 +00:00
Dr. Stephen Henson 6b7be581e5 Continuing TLS v1.2 support: add support for server parsing of 
signature algorithms extension and correct signature format for
server key exchange.

All ciphersuites should now work on the server but no client support and
no client certificate support yet.
 2011-05-06 13:00:07 +00:00
Dr. Stephen Henson 7409d7ad51 Initial incomplete TLS v1.2 support. New ciphersuites added, new version 
checking added, SHA256 PRF support added.

At present only RSA key exchange ciphersuites work with TLS v1.2 as the
new signature format is not yet implemented.
 2011-04-29 22:56:51 +00:00
Ben Laurie edc032b5e3 Add SRP support. 2011-03-12 17:01:19 +00:00
Ben Laurie bf48836c7c Fixes to NPN from Adam Langley. 2010-09-05 17:14:01 +00:00
Ben Laurie ee2ffc2794 Add Next Protocol Negotiation. 2010-07-28 10:06:55 +00:00
Dr. Stephen Henson 637f374ad4 Initial experimental TLSv1.1 support 2009-12-07 13:31:02 +00:00
Dr. Stephen Henson 7f354fa42d Ooops... 2009-12-01 18:40:50 +00:00
Dr. Stephen Henson 6732e14278 check DSA_sign() return value properly 2009-12-01 18:39:33 +00:00
Dr. Stephen Henson 860c3dd1b6 add missing parts of reneg port, fix apps patch 2009-11-11 14:51:19 +00:00
Dr. Stephen Henson 4f761f5956 Typo. 2009-06-30 18:27:03 +00:00
Dr. Stephen Henson caa97ef149 Update from 1.0.0-stable. 2009-05-28 18:11:29 +00:00
Dr. Stephen Henson 12bf56c017 PR: 1574 
Submitted by: Jouni Malinen <j@w1.fi>
Approved by: steve@openssl.org

Ticket override support for EAP-FAST.
 2008-11-15 17:18:12 +00:00
Dr. Stephen Henson 8a2062fefe Update from stable branch. 2008-04-30 16:14:02 +00:00
Dr. Stephen Henson 67c8e7f414 Support for certificate status TLS extension. 2007-09-26 21:56:59 +00:00
Bodo Möller 761772d7e1 Implement the Opaque PRF Input TLS extension 
(draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and
bugfixes on the way.  In particular, this fixes the buffer bounds
checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext().

Note that the opaque PRF Input TLS extension is not compiled by default;
see CHANGES.
 2007-09-21 06:54:24 +00:00
Dr. Stephen Henson 81025661a9 Update ssl code to support digests other than MD5+SHA1 in handshake. 
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
 2007-08-31 12:42:53 +00:00
Dr. Stephen Henson 94d511cdbd Add ctrls to set and get RFC4507bis keys to enable several contexts to 
reuse the same tickets.
 2007-08-28 01:08:45 +00:00
Dr. Stephen Henson 6434abbfc6 RFC4507 (including RFC4507bis) TLS stateless session resumption support 
for OpenSSL.
 2007-08-11 23:18:29 +00:00
Dr. Stephen Henson b948e2c59e Update ssl library to support EVP_PKEY MAC API. Include generic MAC support. 2007-06-04 17:04:40 +00:00
Bodo Möller 96afc1cfd5 Add SEED encryption algorithm. 
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
 2007-04-23 23:48:59 +00:00
Bodo Möller 5b57fe0a1e Disable invalid ciphersuites 2006-06-14 17:51:46 +00:00
Bodo Möller f3dea9a595 Camellia cipher, contributed by NTT 
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
 2006-06-09 15:44:59 +00:00
Bodo Möller b6acb8d0de udpate Supported Point Formats Extension code 
Submitted by: Douglas Stebila
 2006-03-13 01:24:38 +00:00
Bodo Möller 36ca4ba63d Implement the Supported Point Formats Extension for ECC ciphersuites 
Submitted by: Douglas Stebila
 2006-03-11 23:46:37 +00:00
Nils Larsch ddac197404 add initial support for RFC 4279 PSK SSL ciphersuites 
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
 2006-03-10 23:06:27 +00:00
Bodo Möller 241520e66d More TLS extension related changes. 
Submitted by: Peter Sylvester
 2006-01-11 06:10:40 +00:00
Bodo Möller a13c20f603 Further TLS extension updates 
Submitted by: Peter Sylvester
 2006-01-09 19:49:05 +00:00
Bodo Möller 01c76c6606 There's no such things as DTLS1_AD_MISSING_HANDSHAKE_MESSAGE. 
For now, anyway.
 2006-01-07 20:44:29 +00:00
Bodo Möller 3ff94a009b complete and correct RFC3546 error codes 2006-01-07 20:28:11 +00:00
Bodo Möller 1aeb3da83f Fixes for TLS server_name extension 
Submitted by: Peter Sylvester
 2006-01-06 09:08:59 +00:00
Bodo Möller f1fd4544a3 Various changes in the new TLS extension code, including the following: 
- fix indentation
 - rename some functions and macros
 - fix up confusion between SSL_ERROR_... and SSL_AD_... values
 2006-01-03 03:27:19 +00:00
Bodo Möller ed3883d21b Support TLS extensions (specifically, HostName) 
Submitted by: Peter Sylvester
 2006-01-02 23:14:37 +00:00
Bodo Möller d56349a2aa update TLS-ECC code 
Submitted by: Douglas Stebila
 2005-12-13 07:33:35 +00:00
Bodo Möller d804f86b88 disable some invalid ciphersuites 2005-11-15 23:32:11 +00:00
Bodo Möller 968766cad8 updates for draft-ietf-tls-ecc-03.txt 
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
 2003-07-22 12:34:21 +00:00
Bodo Möller 259cdf2af9 Sun has agreed to removing the covenant language from most files. 
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
 2002-10-29 10:59:32 +00:00
Bodo Möller ea26226046 ECC ciphersuite support 
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
(Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)
 2002-08-09 08:56:08 +00:00
Bodo Möller ea4f109c99 AES cipher suites are now official (RFC3268) 2002-07-04 08:51:09 +00:00
Bodo Möller f257d984b7 refer to latest draft for AES ciphersuites 2002-05-07 07:55:36 +00:00
Bodo Möller a4f576a378 disable AES ciphersuites unless explicitly requested 2002-05-05 23:44:27 +00:00