| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
ciphersuite selection code in HEAD
Submitted by: Victor Duchovni
|
|
|
|
|
|
|
|
|
|
| |
This change resolves a number of problems and obviates multiple kludges.
A new feature is that you can now say "AES256" or "AES128" (not just
"AES", which enables both).
In some cases the ciphersuite list generated from a given string is
affected by this change. I hope this is just in those cases where the
previous behaviour did not make sense.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1) Certificate Message with no certs
OpenSSL implementation sends the Certificate message during SSL
handshake, however as per the specification, these have been omitted.
-- RFC 2712 --
CertificateRequest, and the ServerKeyExchange shown in Figure 1
will be omitted since authentication and the establishment of a
master secret will be done using the client's Kerberos credentials
for the TLS server. The client's certificate will be omitted for
the same reason.
-- RFC 2712 --
3) Pre-master secret Protocol version
The pre-master secret generated by OpenSSL does not have the correct
client version.
RFC 2712 says, if the Kerberos option is selected, the pre-master
secret structure is the same as that used in the RSA case.
TLS specification defines pre-master secret as:
struct {
ProtocolVersion client_version;
opaque random[46];
} PreMasterSecret;
where client_version is the latest protocol version supported by the
client
The pre-master secret generated by OpenSSL does not have the correct
client version. The implementation does not update the first 2 bytes
of random secret for Kerberos Cipher suites. At the server-end, the
client version from the pre-master secret is not validated.
PR: 1336
|
|
|
|
|
| |
Also, change the default ciphersuite to give some prefererence to
ciphersuites with forwared secrecy (rather than using a random order).
|
| |
|
|
|
|
| |
Submitted by: Douglas Stebila
|
|
|
|
| |
Submitted by: Douglas Stebila
|
|
|
|
|
|
| |
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
|
|
|
|
| |
Submitted by: Peter Sylvester
|
|
|
|
| |
Submitted by: Peter Sylvester
|
|
|
|
|
|
| |
- fix indentation
- rename some functions and macros
- fix up confusion between SSL_ERROR_... and SSL_AD_... values
|
|
|
|
| |
Submitted by: Peter Sylvester
|
|
|
|
| |
Submitted by: Douglas Stebila
|
| |
|
|
|
|
| |
maximum send fragment size. Allocate I/O buffers accordingly.
|
| |
|
|
|
|
|
| |
pointer and make the SSL_METHOD parameter in SSL_CTX_new,
SSL_CTX_set_ssl_version and SSL_set_ssl_method const.
|
|
|
|
| |
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
|
|
|
|
|
|
|
|
| |
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
make depend all test
work again
PR: 1159
|
|
|
|
|
|
|
|
|
|
| |
- hide the EC_KEY structure definition in ec_lcl.c + add
some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
|
|
|
|
| |
with the SSL_OP_NO_SSLv2 option.
|
|
|
|
| |
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
|
| |
|
|
|
|
| |
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
|
| |
|
|
|
|
| |
argument more flexible
|
|
|
|
| |
client random values.
|
|
|
|
|
| |
remove some unnecessary includes from the internal header ssl_locl.h. This
then requires adding includes for bn.h in four C files.
|
|
|
|
|
| |
tree. This further reduces header interdependencies, and makes some
associated cleanups.
|
|
|
|
|
|
|
|
| |
functions and macros.
This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const. Those will be removed when this change has been
properly reviewed.
|
|
|
|
|
| |
Check if IDEA is being built or not.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
|
|
|
|
|
|
| |
compared it to the amount of bits required...
PR: 770
Submitted by: c zhang <czhang2005@hotmail.com>
|
|
|
|
|
|
|
|
|
|
| |
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
|
|
|
|
| |
PR: 679
|
|
|
|
|
| |
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
|
|
|
|
| |
- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary
|
| |
|
|
|
|
|
|
| |
(I wonder why s2_connect() handles the initial buffer allocation slightly
differently...)
PR: 416
|
|
|
|
| |
I've covered all the memset()s I felt safe modifying, but may have missed some.
|
|
|
|
|
|
|
|
| |
caching (#288): now internal caching failed (#351):
Make sure, that cipher_id is set before comparing.
Submitted by:
Reviewed by:
PR: 288 (and 351)
|
|
|
|
|
|
|
|
| |
from external cache (using d2i_SSL_SESSION). Perform comparison based on
the cipher's id instead.
Submitted by: Steve Haslam <araqnid@innocent.com>
Reviewed by:
PR: 288
|
| |
|
|
|
|
| |
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
|
|
|
|
|
|
|
| |
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
PR: 291
|
|
|
|
| |
PR: 262
|
|
|
|
| |
PR: 274
|
|
|
|
| |
PR: 262
|
|
|
|
| |
Submitted by: Douglas Stebila
|
|
|
|
| |
Submitted by: Nils Larsch
|