aboutsummaryrefslogtreecommitdiffstats
path: root/ssl/ssl.h
Commit message (Collapse)AuthorAgeFilesLines
...
* RT 3060: amend patchEmilia Kasper2014-08-221-1/+0
| | | | | | | | Use existing error code SSL_R_RECORD_TOO_SMALL for too many empty records. For ease of backporting the patch to release branches. Reviewed-by: Bodo Moeller <bodo@openssl.org>
* Revision of custom extension code.Dr. Stephen Henson2014-08-151-19/+0
| | | | | | | | | | | Move custom extension structures from SSL_CTX to CERT structure. This change means the form can be revised in future without binary compatibility issues. Also since CERT is part of SSL structures so per-SSL custom extensions could be supported in future as well as per SSL_CTX. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
* RT 1988: Add "const" to SSL_use_RSAPrivateKey_ASN1Viktor Szakats2014-08-091-1/+1
| | | | | The "unsigned char *d" should be const. Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
* Check SRP parameters early.Dr. Stephen Henson2014-08-061-1/+1
| | | | | | Check SRP parameters when they are received so we can send back an appropriate alert. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Add conditional unit testing interface.Dr. Stephen Henson2014-07-241-0/+4
| | | | | | | | | | | Don't call internal functions directly call them through SSL_test_functions(). This also makes unit testing work on Windows and platforms that don't export internal functions from shared libraries. By default unit testing is not enabled: it requires the compile time option "enable-unit-test". Reviewed-by: Geoff Thorpe <geoff@openssl.org>
* Reduce casting nastiness.Ben Laurie2014-07-051-0/+1
|
* Remove all RFC5878 code.Dr. Stephen Henson2014-07-041-95/+0
| | | | Remove RFC5878 code. It is no longer needed for CT and has numerous bugs
* Constification - mostly originally from Chromium.Ben Laurie2014-06-291-1/+1
|
* SRP ciphersuite correction.Dr. Stephen Henson2014-06-091-0/+1
| | | | | SRP ciphersuites do not have no authentication. They have authentication based on SRP. Add new SRP authentication flag and cipher string.
* Option to disable padding extension.Dr. Stephen Henson2014-06-011-1/+3
| | | | | | | | | | Add TLS padding extension to SSL_OP_ALL so it is used with other "bugs" options and can be turned off. This replaces SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG which is an ancient option referring to SSLv2 and SSLREF. PR#3336
* Add an NSS output format to sess_id to export to export the session id and ↵Martin Kaiser2014-05-241-0/+1
| | | | the master key in NSS keylog format. PR#3352
* Security framework.Dr. Stephen Henson2014-03-281-0/+82
| | | | | | | | | | | | | | | | | Security callback: selects which parameters are permitted including sensible defaults based on bits of security. The "parameters" which can be selected include: ciphersuites, curves, key sizes, certificate signature algorithms, supported signature algorithms, DH parameters, SSL/TLS version, session tickets and compression. In some cases prohibiting the use of a parameters will mean they are not advertised to the peer: for example cipher suites and ECC curves. In other cases it will abort the handshake: e.g DH parameters or the peer key size. Documentation to follow...
* Allow return of supported ciphers.Dr. Stephen Henson2014-03-281-0/+1
| | | | | | | | | | New function ssl_cipher_disabled. Check for disabled client ciphers using ssl_cipher_disabled. New function to return only supported ciphers. New option to ciphers utility to print only supported ciphers.
* Auto DH support.Dr. Stephen Henson2014-03-281-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | Add auto DH parameter support. This is roughly equivalent to the ECDH auto curve selection but for DH. An application can just call SSL_CTX_set_auto_dh(ctx, 1); and appropriate DH parameters will be used based on the size of the server key. Unlike ECDH there is no way a peer can indicate the range of DH parameters it supports. Some peers cannot handle DH keys larger that 1024 bits for example. In this case if you call: SSL_CTX_set_auto_dh(ctx, 2); Only 1024 bit DH parameters will be used. If the server key is 7680 bits or more in size then 8192 bit DH parameters will be used: these will be *very* slow. The old export ciphersuites aren't supported but those are very insecure anyway.
* Update chain building function.Dr. Stephen Henson2014-03-271-0/+2
| | | | | | | | | Don't clear verification errors from the error queue unless SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR is set. If errors occur during verification and SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR is set return 2 so applications can issue warnings. (cherry picked from commit 2dd6976f6d02f98b30c376951ac38f780a86b3b5)
* typoDr. Stephen Henson2014-03-101-1/+1
|
* Add function to free compression methods.Dr. Stephen Henson2014-03-011-0/+1
| | | | | | | | | | | Although the memory allocated by compression methods is fixed and cannot grow over time it can cause warnings in some leak checking tools. The function SSL_COMP_free_compression_methods() will free and zero the list of supported compression methods. This should *only* be called in a single threaded context when an application is shutting down to avoid interfering with existing contexts attempting to look up compression methods. (cherry picked from commit 976c58302b13d085edb3ab822f5eac4b2f1bff95)
* New chain building flags.Dr. Stephen Henson2014-02-231-2/+6
| | | | | | | | | | New flags to build certificate chains. The can be used to rearrange the chain so all an application needs to do is add all certificates in arbitrary order and then build the chain to check and correct them. Add verify error code when building chain. Update docs.
* Option to set current cert to server certificate.Dr. Stephen Henson2014-02-211-0/+1
|
* Move CT viewer extension code to crypto/x509v3Dr. Stephen Henson2014-02-201-3/+0
|
* Merge branch 'sct-viewer-master' of https://github.com/robstradling/openssl ↵Ben Laurie2014-02-191-0/+3
|\ | | | | | | into sct-viewer
| * Move the SCT List extension parser into libssl.Rob Stradling2014-02-191-0/+3
| | | | | | | | Add the extension parser in the s_client, ocsp and x509 apps.
* | Restore SSL_OP_MSIE_SSLV2_RSA_PADDINGDr. Stephen Henson2014-02-161-0/+3
|/ | | | | | | The flag SSL_OP_MSIE_SSLV2_RSA_PADDING hasn't done anything since OpenSSL 0.9.7h but deleting it will break source compatibility with any software that references it. Restore it but #define to zero. (cherry picked from commit b17d6b8d1d49fa4732deff17cfd1833616af0d9c)
* fix error discrepancyDr. Stephen Henson2014-02-131-2/+2
| | | | (cherry picked from commit a2317c3ffde3f1f73bd7fa3f08e420fb09043905)
* Return previous compression methods when setting them.Dr. Stephen Henson2014-02-061-1/+1
|
* Fix whitespace, new-style comments.Ben Laurie2014-02-051-10/+10
|
* Re-add alert variables removed during rebaseScott Deboy2014-02-051-16/+16
| | | | Whitespace fixes
* Update custom TLS extension and supplemental data 'generate' callbacks to ↵Scott Deboy2014-02-051-4/+4
| | | | | | | | support sending an alert. If multiple TLS extensions are expected but not received, the TLS extension and supplemental data 'generate' callbacks are the only chance for the receive-side to trigger a specific TLS alert during the handshake. Removed logic which no-op'd TLS extension generate callbacks (as the generate callbacks need to always be called in order to trigger alerts), and updated the serverinfo-specific custom TLS extension callbacks to track which custom TLS extensions were received by the client, where no-ops for 'generate' callbacks are appropriate.
* Return per-certificate chain if extra chain is NULL.Dr. Stephen Henson2014-02-051-0/+2
| | | | | | | | | | | | If an application calls the macro SSL_CTX_get_extra_chain_certs return either the old "shared" extra certificates or those associated with the current certificate. This means applications which call SSL_CTX_use_certificate_chain_file and retrieve the additional chain using SSL_CTX_get_extra_chain_certs will still work. An application which only wants to check the shared extra certificates can call the new macro SSL_CTX_get_extra_chain_certs_only
* New ctrl to set current certificate.Dr. Stephen Henson2014-02-021-0/+9
| | | | | | | New ctrl sets current certificate based on certain criteria. Currently two options: set the first valid certificate as current and set the next valid certificate as current. Using these an application can iterate over all certificates in an SSL_CTX or SSL structure.
* New function to set compression methods so they can be safely freed.Dr. Stephen Henson2014-01-271-0/+1
|
* Add new function SSL_CTX_get_ssl_method().Dr. Stephen Henson2014-01-161-0/+1
| | | | Partial fix for PR#3183.
* Allow "DHE" and "kDHE" as synonyms of "EDH" and "kEDH" when specifiying ciphersDaniel Kahn Gillmor2014-01-091-2/+4
| | | | | | | | | | The standard terminology in https://tools.ietf.org/html/rfc5426 is "DHE". "openssl ciphers" outputs "DHE" (for the most part). But users of the library currently cannot specify "DHE", they must currently specify "EDH". This change allows users to specify the common term in cipher suite strings without breaking backward compatibility.
* Allow "ECDHE" as a synonym of "EECDH" when specifiying ciphersDaniel Kahn Gillmor2014-01-091-2/+4
| | | | | | | | | The standard terminology in https://tools.ietf.org/html/rfc4492 is ECDHE. "openssl ciphers" outputs ECDHE. But users of the library currently cannot specify ECDHE, they must specify EECDH. This change allows users to specify the common term in cipher suite strings without breaking backward compatibility.
* Verify parameter retrieval functions.Dr. Stephen Henson2013-12-131-0/+3
| | | | | | New functions to retrieve internal pointers to X509_VERIFY_PARAM for SSL_CTX and SSL structures. (cherry picked from commit be0c9270690ed9c1799900643cab91de146de857)
* New functions to retrieve certificate from SSL_CTXDr. Stephen Henson2013-11-181-1/+4
| | | | | | | New functions to retrieve current certificate or private key from an SSL_CTX. Constify SSL_get_private_key().
* Don't define SSL_select_next_proto if OPENSSL_NO_TLSEXT setDr. Stephen Henson2013-11-181-0/+2
|
* Fix compilation with no-nextprotoneg.Piotr Sikora2013-11-141-4/+3
| | | | PR#3106
* Additional "chain_cert" functions.Rob Stradling2013-11-131-0/+16
| | | | | | | | | | | | | | | | | PR#3169 This patch, which currently applies successfully against master and 1_0_2, adds the following functions: SSL_[CTX_]select_current_cert() - set the current certificate without disturbing the existing structure. SSL_[CTX_]get0_chain_certs() - get the current certificate's chain. SSL_[CTX_]clear_chain_certs() - clear the current certificate's chain. The patch also adds these functions to, and fixes some existing errors in, SSL_CTX_add1_chain_cert.pod.
* Sync error codes with 1.0.2-stableDr. Stephen Henson2013-11-061-9/+20
|
* Do not include a timestamp in the Client/ServerHello Random field.Nick Mathewson2013-10-211-0/+6
| | | | | | | | | | | | | | | | | | | | | | | Instead, send random bytes, unless SSL_SEND_{CLIENT,SERVER}RANDOM_MODE is set. This is a forward-port of commits: 4af793036f6ef4f0a1078e5d7155426a98d50e37 f4c93b46edb51da71f09eda99e83eaf193a33c08 3da721dac9382c48812c8eba455528fd59af2eef 2583270191a8b27eed303c03ece1da97b9b69fd3 While the gmt_unix_time record was added in an ostensible attempt to mitigate the dangers of a bad RNG, its presence leaks the host's view of the current time in the clear. This minor leak can help fingerprint TLS instances across networks and protocols... and what's worse, it's doubtful thet the gmt_unix_time record does any good at all for its intended purpose, since: * It's quite possible to open two TLS connections in one second. * If the PRNG output is prone to repeat itself, ephemeral handshakes (and who knows what else besides) are broken.
* Extend SSL_CONFDr. Stephen Henson2013-10-201-0/+8
| | | | | | | | Extend SSL_CONF to return command value types. Add certificate and key options. Update documentation.
* Show useful errors.Ben Laurie2013-09-251-0/+4
| | | | | Conflicts: apps/s_server.c
* Fix error code clashes.Dr. Stephen Henson2013-09-181-2/+2
|
* More cleanup.Ben Laurie2013-09-061-5/+5
|
* Add callbacks supporting generation and retrieval of supplemental data ↵Scott Deboy2013-09-061-38/+85
| | | | | | | | entries, facilitating RFC 5878 (TLS auth extensions) Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API Tests exercising the new supplemental data registration and callback api can be found in ssltest.c. Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
* Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.Rob Stradling2013-09-051-1/+1
| | | | OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
* Support ALPN.Adam Langley2013-07-221-0/+45
| | | | | | | | | | | | This change adds support for ALPN[1] in OpenSSL. ALPN is the IETF blessed version of NPN and we'll be supporting both ALPN and NPN for some time yet. [1] https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-00 Conflicts: ssl/ssl3.h ssl/t1_lib.c
* Fix duplicate error code.Dr. Stephen Henson2013-06-281-1/+1
|
* Cleanup of custom extension stuff.Trevor2013-06-181-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | serverinfo rejects non-empty extensions. Omit extension if no relevant serverinfo data. Improve error-handling in serverinfo callback. Cosmetic cleanups. s_client documentation. s_server documentation. SSL_CTX_serverinfo documentation. Cleaup -1 and NULL callback handling for custom extensions, add tests. Cleanup ssl_rsa.c serverinfo code. Whitespace cleanup. Improve comments in ssl.h for serverinfo. Whitespace. Cosmetic cleanup. Reject non-zero-len serverinfo extensions. Whitespace. Make it build.
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-11 23:38:00 +0000