aboutsummaryrefslogtreecommitdiffstats
path: root/ssl
Commit message (Collapse)AuthorAgeFilesLines
* New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT.Lutz Jänicke2002-07-192-0/+19
| | | | | | Submitted by: Reviewed by: PR: 127
* Replace 'ecdsaparam' commandline utility by 'ecparam'Bodo Möller2002-07-141-349/+635
| | | | | | | | | | | | | | (the same keys can be used for ECC schemes other than ECDSA) and add some new options. Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS" in 'PEM' format. Fix ec_asn1.c (take into account the desired conversion form). 'make update'. Submitted by: Nils Larsch
* Reorder inclusion of header files:Lutz Jänicke2002-07-1014-17/+17
| | | | | | | | | | | | | | | | | des_old.h redefines crypt: #define crypt(b,s)\ DES_crypt((b),(s)) This scheme leads to failure, if header files with the OS's true definition of crypt() are processed _after_ des_old.h was processed. This is e.g. the case on HP-UX with unistd.h. As evp.h now again includes des.h (which includes des_old.h), this problem only came up after this modification. Solution: move header files (indirectly) including e_os.h before the header files (indirectly) including evp.h. Submitted by: Reviewed by: PR:
* Ciphers with NULL encryption were not properly handled because they wereLutz Jänicke2002-07-103-12/+15
| | | | | | | not covered by the strength bit mask. Submitted by: Reviewed by: PR: 130
* emtpy fragments are not necessary for SSL_eNULLBodo Möller2002-07-092-5/+17
| | | | | | (but noone uses it anyway) fix t1_enc.c: use OPENSSL_NO_RC4, not NO_RC4
* AES cipher suites are now official (RFC3268)Bodo Möller2002-07-043-23/+23
|
* Pass CFLAG to dependency makers, so non-standard system include paths areRichard Levitte2002-06-271-1/+1
| | | | | handled properly. Part of PR 75
* New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBCBodo Möller2002-06-143-16/+39
| | | | | | vulnerability workaround (included in SSL_OP_ALL). PR: #90
* Merge from 0.9.7-stable.Richard Levitte2002-06-061-1/+1
|
* Recover from errorsRichard Levitte2002-05-231-0/+2
|
* Allow the use of the TCP/IP stack keyword TCPIP and NONERichard Levitte2002-05-221-5/+34
|
* Fix ciphersuite list to enforce low priority for RC4.Bodo Möller2002-05-071-1/+1
|
* ensure that, for each strength, RC4 ciphers have least preferenceBodo Möller2002-05-071-1/+1
| | | | in the default ciphersuite list
* refer to latest draft for AES ciphersuitesBodo Möller2002-05-071-1/+1
|
* fix warningBodo Möller2002-05-061-1/+1
|
* disable AES ciphersuites unless explicitly requestedBodo Möller2002-05-053-23/+25
|
* fix castsBodo Möller2002-05-051-9/+8
|
* undo nonsense patch (r *is* signed or we have signedness mismatches elsewhere)Bodo Möller2002-04-291-1/+1
|
* Fix unsigned vs. signed clashRichard Levitte2002-04-291-1/+1
|
* Synchronise with 0.9.7-stable.Richard Levitte2002-04-291-2/+2
|
* Synchronise with 0.9.7-stable.Richard Levitte2002-04-291-1/+1
|
* Signedness mismatch.Richard Levitte2002-04-202-3/+3
| | | | Notified by Bernd Matthes <bernd.matthes@gemplus.com>
* Make sure the opened directory is closed on exit.Richard Levitte2002-04-181-3/+5
| | | | Notified by Lorinczy Zsigmond <lzsiga@mail.ahiv.hu>
* fix length field we create when converting SSL 2.0 format into SSL 3.0/TLS ↵Bodo Möller2002-04-141-1/+1
| | | | | | 1.0 format (the bug was introduced with message callback support)
* Implement known-IV countermeasure.Bodo Möller2002-04-137-44/+289
| | | | | | Fix length checks in ssl3_get_client_hello(). Use s->s3->in_read_app_data differently to fix ssl3_read_internal().
* Map new X509 verification errors to alert codes (Tom Wu <tom@arcot.com>).Lutz Jänicke2002-03-191-0/+7
|
* Initialize ciph_ctx in kssl.cDr. Stephen Henson2002-03-191-0/+1
|
* fix ssl3_pendingBodo Möller2002-03-151-1/+4
|
* Add missing strength entries.Lutz Jänicke2002-03-141-5/+5
|
* Initialize cipher context in KRB5Dr. Stephen Henson2002-03-143-5/+9
| | | | | | ("D. Russell" <russelld@aol.net>) Allow HMAC functions to use an alternative ENGINE.
* use BIO_nwrite() more properly to demonstrate the general idea ofBodo Möller2002-03-141-3/+10
| | | | | BIO_nwrite0/BIO_nwrite (the previous code was OK for BIO pairs but not in general)
* Undo previous patch: avoid warnings by #undef'ingDr. Stephen Henson2002-03-131-6/+9
| | | | | | duplicate definitions. Suggested by "Kenneth R. Robinette" <support@securenetterm.com>
* Fix Kerberos warnings with VC++.Dr. Stephen Henson2002-03-122-5/+14
|
* Fix ASN1 additions for KRB5Dr. Stephen Henson2002-03-123-18/+32
|
* Fix various warnings when compiling with KRB5 code.Dr. Stephen Henson2002-03-122-16/+15
|
* use ERR_peek_last_error() instead of ERR_peek_error()Bodo Möller2002-02-281-2/+2
|
* Increase internal security when using strncpy, by making sure the resulting ↵Richard Levitte2002-02-281-0/+2
| | | | string is NUL-terminated
* Add 'void *' argument to app_verify_callback.Bodo Möller2002-02-284-10/+47
| | | | | Submitted by: D. K. Smetters <smetters@parc.xerox.com> Reviewed by: Bodo Moeller
* Fix the fix (Yoram Zahavi)...Lutz Jänicke2002-02-271-6/+6
|
* Make sure to remove bad sessions in SSL_clear() (found by Yoram Zahavi).Lutz Jänicke2002-02-261-8/+6
|
* Fix for AIX.Dr. Stephen Henson2002-02-221-1/+1
| | | | Submitted by Dawn Whiteside <dwhitesi@tiercel.uwaterloo.ca>
* ECDSA supportBodo Möller2002-02-131-629/+684
| | | | Submitted by: Nils Larsch <nla@trustcenter.de>
* Make removal from session cache more robust.Lutz Jänicke2002-02-101-2/+2
|
* Do not store unneeded data.Lutz Jänicke2002-02-081-4/+4
|
* Bugfix: In ssl3_accept, don't use a local variable 'got_new_session'Bodo Möller2002-01-144-5/+115
| | | | | to indicate that a real handshake is taking place (the value will be lost during multiple invocations). Set s->new_session to 2 instead.
* Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c) ifBodo Möller2002-01-141-0/+1
| | | | the SSL_R_LENGTH_MISMATCH error is detected.
* Prototype info function.Ben Laurie2002-01-1211-26/+30
|
* Add client_cert_cb prototype.Ben Laurie2002-01-121-1/+1
|
* ssl3_read_bytes bug fixUlf Möller2001-12-281-0/+1
| | | | | Submitted by: D P Chang <dpc@qualys.com> Reviewed by: Bodo
* remove redundant ERR_load_... declarationsBodo Möller2001-12-171-1/+0
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-19 12:11:36 +0000