oops, revert wrong patch..

This commit is contained in:
Dr. Stephen Henson 2010-07-18 17:43:01 +00:00
parent d135da5192
commit b9e7793dd7
3 changed files with 10 additions and 42 deletions

25
CHANGES
View File

@ -71,6 +71,16 @@
multi-process servers.
[Steve Henson]
*) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only
a few changes are required:
Add SSL_OP_NO_TLSv1_1 flag.
Add TLSv1_1 methods.
Update version checking logic to handle version 1.1.
Add explicit IV handling (ported from DTLS code).
Add command line options to s_client/s_server.
[Steve Henson]
*) Experiemental password based recipient info support for CMS library:
implementing RFC3211.
[Steve Henson]
@ -94,21 +104,6 @@
whose return value is often ignored.
[Steve Henson]
Changes between 1.0.0 and 1.0.1 [xx XXX xxxx]
*) Add support for TLS key exporter as described in RFC5705.
[Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson]
*) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only
a few changes are required:
Add SSL_OP_NO_TLSv1_1 flag.
Add TLSv1_1 methods.
Update version checking logic to handle version 1.1.
Add explicit IV handling (ported from DTLS code).
Add command line options to s_client/s_server.
[Steve Henson]
Changes between 1.0.0 and 1.0.0a [xx XXX xxxx]
*) Check return value of int_rsa_verify in pkey_rsa_verifyrecover

View File

@ -1812,10 +1812,6 @@ int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
/* Pre-shared secret session resumption functions */
int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
int SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len,
unsigned char *context, int context_len,
unsigned char *out, int olen);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.

View File

@ -1071,26 +1071,3 @@ int tls1_alert_code(int code)
}
}
int SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len,
unsigned char *context, int context_len,
unsigned char *out, int olen)
{
unsigned char *tmp;
int rv;
tmp = OPENSSL_malloc(olen);
if (!tmp)
return 0;
rv = tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
label, label_len,
s->s3->client_random,SSL3_RANDOM_SIZE,
s->s3->server_random,SSL3_RANDOM_SIZE,
context, context_len, NULL, 0,
s->session->master_key, s->session->master_key_length,
out, tmp, olen);
OPENSSL_free(tmp);
return rv;
}