aboutsummaryrefslogtreecommitdiffstats
path: root/ssl/s3_clnt.c
Commit message (Collapse)AuthorAgeFilesLines
* fix function codes for errorBodo Möller2007-04-241-1/+1
|
* fix warnings/inconsistencies caused by the recent changes to theBodo Möller2007-02-191-1/+1
| | | | | | ciphersuite selection code in HEAD Submitted by: Victor Duchovni
* Reorganize the data used for SSL ciphersuite pattern matching.Bodo Möller2007-02-171-55/+55
| | | | | | | | | | This change resolves a number of problems and obviates multiple kludges. A new feature is that you can now say "AES256" or "AES128" (not just "AES", which enables both). In some cases the ciphersuite list generated from a given string is affected by this change. I hope this is just in those cases where the previous behaviour did not make sense.
* Fixes for the following claims:Richard Levitte2006-09-281-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1) Certificate Message with no certs OpenSSL implementation sends the Certificate message during SSL handshake, however as per the specification, these have been omitted. -- RFC 2712 -- CertificateRequest, and the ServerKeyExchange shown in Figure 1 will be omitted since authentication and the establishment of a master secret will be done using the client's Kerberos credentials for the TLS server. The client's certificate will be omitted for the same reason. -- RFC 2712 -- 3) Pre-master secret Protocol version The pre-master secret generated by OpenSSL does not have the correct client version. RFC 2712 says, if the Kerberos option is selected, the pre-master secret structure is the same as that used in the RSA case. TLS specification defines pre-master secret as: struct { ProtocolVersion client_version; opaque random[46]; } PreMasterSecret; where client_version is the latest protocol version supported by the client The pre-master secret generated by OpenSSL does not have the correct client version. The implementation does not update the first 2 bytes of random secret for Kerberos Cipher suites. At the server-end, the client version from the pre-master secret is not validated. PR: 1336
* Error messages for client ECC cert verification.Bodo Möller2006-06-151-5/+1
| | | | | Also, change the default ciphersuite to give some prefererence to ciphersuites with forwared secrecy (rather than using a random order).
* Ciphersuite string bugfixes, and ECC-related (re-)definitions.Bodo Möller2006-06-141-9/+3
|
* Implement Supported Elliptic Curves Extension.Bodo Möller2006-03-301-45/+1
| | | | Submitted by: Douglas Stebila
* Implement the Supported Point Formats Extension for ECC ciphersuitesBodo Möller2006-03-111-3/+8
| | | | Submitted by: Douglas Stebila
* add initial support for RFC 4279 PSK SSL ciphersuitesNils Larsch2006-03-101-7/+173
| | | | | | PR: 1191 Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation Reviewed by: Nils Larsch
* Further TLS extension improvementsBodo Möller2006-01-131-18/+5
| | | | Submitted by: Peter Sylvester
* More TLS extension related changes.Bodo Möller2006-01-111-2/+9
| | | | Submitted by: Peter Sylvester
* Various changes in the new TLS extension code, including the following:Bodo Möller2006-01-031-11/+15
| | | | | | - fix indentation - rename some functions and macros - fix up confusion between SSL_ERROR_... and SSL_AD_... values
* Support TLS extensions (specifically, HostName)Bodo Möller2006-01-021-0/+27
| | | | Submitted by: Peter Sylvester
* update TLS-ECC codeBodo Möller2005-12-131-28/+5
| | | | Submitted by: Douglas Stebila
* Avoid warnings on VC++ 2005.Dr. Stephen Henson2005-12-051-2/+2
|
* New option SSL_OP_NO_COMP to disable compression. New ctrls to setDr. Stephen Henson2005-10-081-2/+4
| | | | maximum send fragment size. Allocate I/O buffers accordingly.
* Make OPENSSL_NO_COMP compile again.Dr. Stephen Henson2005-09-301-1/+23
|
* Let the TLSv1_method() etc. functions return a const SSL_METHODNils Larsch2005-08-141-2/+2
| | | | | pointer and make the SSL_METHOD parameter in SSL_CTX_new, SSL_CTX_set_ssl_version and SSL_set_ssl_method const.
* Initialize SSL_METHOD structures at compile time. This removes the needDr. Stephen Henson2005-08-051-22/+4
| | | | for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
* makeNils Larsch2005-07-161-2/+6
| | | | | | | | ./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa] make depend all test work again PR: 1159
* ecc api cleanup; summary:Nils Larsch2005-05-161-32/+51
| | | | | | | | | | - hide the EC_KEY structure definition in ec_lcl.c + add some functions to use/access the EC_KEY fields - change the way how method specific data (ecdsa/ecdh) is attached to a EC_KEY - add ECDSA_sign_ex and ECDSA_do_sign_ex functions with additional parameters for pre-computed values - rebuild libeay.num from 0.9.7
* Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabledBodo Möller2005-05-111-1/+1
| | | | with the SSL_OP_NO_SSLv2 option.
* give EC_GROUP_new_by_nid a more meanigful name:Nils Larsch2005-05-101-1/+1
| | | | EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
* check return value of RAND_pseudo_bytes; backport from the stable branchNils Larsch2005-04-291-1/+2
|
* Fix various incorrect error function codes.Bodo Möller2005-04-261-3/+2
| | | | ("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
* Add DTLS support.Ben Laurie2005-04-261-26/+43
|
* change prototype of the ecdh KDF: make input parameter const and the outlen ↵Nils Larsch2005-04-231-2/+4
| | | | argument more flexible
* Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server andDr. Stephen Henson2005-03-221-1/+1
| | | | client random values.
* Deprecate quite a few recursive includes from the ssl.h API header andGeoff Thorpe2004-05-171-0/+1
| | | | | remove some unnecessary includes from the internal header ssl_locl.h. This then requires adding includes for bn.h in four C files.
* (oops) Apologies all, that last header-cleanup commit was from the wrongGeoff Thorpe2004-04-191-0/+1
| | | | | tree. This further reduces header interdependencies, and makes some associated cleanups.
* Constify d2i, s2i, c2i and r2i functions and other associatedRichard Levitte2004-03-151-4/+6
| | | | | | | | functions and macros. This change has associated tags: LEVITTE_before_const and LEVITTE_after_const. Those will be removed when this change has been properly reviewed.
* Avoid including cryptlib.h, it's not really needed.Richard Levitte2003-12-271-1/+0
| | | | | Check if IDEA is being built or not. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
* RSA_size() and DH_size() return the amount of bytes in a key, and weRichard Levitte2003-11-281-2/+2
| | | | | | compared it to the amount of bits required... PR: 770 Submitted by: c zhang <czhang2005@hotmail.com>
* A general spring-cleaning (in autumn) to fix up signed/unsigned warnings.Geoff Thorpe2003-10-291-1/+1
| | | | | | | | | | I have tried to convert 'len' type variable declarations to unsigned as a means to address these warnings when appropriate, but when in doubt I have used casts in the comparisons instead. The better solution (that would get us all lynched by API users) would be to go through and convert all the function prototypes and structure definitions to use unsigned variables except when signed is necessary. The proliferation of (signed) "int" for strictly non-negative uses is unfortunate.
* Have ssl3_ssl3_send_client_verify() change the state to SSL3_ST_SW_CERT_VRFY_B.Richard Levitte2003-09-271-0/+1
| | | | PR: 679
* updates for draft-ietf-tls-ecc-03.txtBodo Möller2003-07-221-2/+18
| | | | | Submitted by: Douglas Stebila Reviewed by: Bodo Moeller
* - new ECDH_compute_key interface (KDF is no longer a fixed built-in)Bodo Möller2003-02-281-2/+15
| | | | - bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary
* use tabs for indentation, not spacesBodo Möller2003-02-281-80/+80
|
* Stop a possible memory leak.Richard Levitte2002-12-211-1/+4
| | | | | | (I wonder why s2_connect() handles the initial buffer allocation slightly differently...) PR: 416
* Cleanse memory using the new OPENSSL_cleanse() function.Richard Levitte2002-11-281-3/+3
| | | | I've covered all the memset()s I felt safe modifying, but may have missed some.
* Fix bug introduced by the attempt to fix client side external sessionLutz Jänicke2002-11-201-0/+5
| | | | | | | | caching (#288): now internal caching failed (#351): Make sure, that cipher_id is set before comparing. Submitted by: Reviewed by: PR: 288 (and 351)
* The pointer to the cipher object is not yet set, when session was reloadedLutz Jänicke2002-11-151-1/+1
| | | | | | | | from external cache (using d2i_SSL_SESSION). Perform comparison based on the cipher's id instead. Submitted by: Steve Haslam <araqnid@innocent.com> Reviewed by: PR: 288
* Security fixes brought forward from 0.9.7.Ben Laurie2002-11-131-10/+11
|
* Sun has agreed to removing the covenant language from most files.Bodo Möller2002-10-291-13/+0
| | | | Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
* really fix race conditionsBodo Möller2002-09-251-5/+8
| | | | | | | Submitted by: "Patrick McCormick" <patrick@tellme.com> PR: 262 PR: 291
* really fix race conditionBodo Möller2002-09-231-0/+4
| | | | PR: 262
* there is no minimum length for session IDsBodo Möller2002-09-191-16/+5
| | | | PR: 274
* fix race conditionBodo Möller2002-09-191-1/+1
| | | | PR: 262
* fix commentBodo Möller2002-08-121-1/+1
| | | | Submitted by: Douglas Stebila
* get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)Bodo Möller2002-08-121-3/+3
| | | | Submitted by: Nils Larsch
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-16 06:48:37 +0000