mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,367 Commits 33 Branches 385 Tags 477 MiB
ca03109c3a
Commit Graph

198 Commits

Author SHA1 Message Date
Bodo Möller
ca03109c3a New functions SSL_get_finished, SSL_get_peer_finished. 
Add short state string for MS SGC.
 2000-01-06 01:19:17 +00:00
Bodo Möller
9fb617e252 Use less complicated arrangement for data strutures related to Finished 
messages.
 2000-01-06 00:41:22 +00:00
Bodo Möller
f2d9a32cf4 Use separate arrays for certificate verify and for finished hashes. 2000-01-06 00:24:24 +00:00
Bodo Möller
245206eadd Use prototypes. 2000-01-05 23:31:47 +00:00
Bodo Möller
c44f754047 Slight code cleanup for handling finished labels. 2000-01-05 23:11:51 +00:00
Andy Polyakov
37b0d5d05d Rhapsody 5.5 (a.k.a. MacOS X) compiler bug workaround. At the very least 
passes 'make test' now:-)
 2000-01-04 03:33:18 +00:00
Dr. Stephen Henson
3d14b9d04a Add support for MS "fast SGC". 2000-01-02 18:52:58 +00:00
Bodo Möller
47134b7864 Don't request client certificate in anonymous ciphersuites 
except when following the specs is bound to fail.
 1999-12-29 17:43:03 +00:00
Bodo Möller
45fd4dbb84 Fix SSL_CTX_add_session: When two SSL_SESSIONs have the same ID, 
they can sometimes be different memory structures.
 1999-12-29 14:29:32 +00:00
Bodo Möller
9535f8c165 Delete NO_PROTO section (which apparently was just a typo for NOPROTO -- 
if anyone had actually ever needed that they should have fixed this typo)
 1999-12-29 14:27:35 +00:00
Bodo Möller
891e465607 fix comment 1999-12-29 14:25:35 +00:00
Dr. Stephen Henson
dd4134101f Change the trust and purpose code so it doesn't need init 
either and has a static and dynamic mix.
 1999-12-02 02:33:56 +00:00
Dr. Stephen Henson
bb7cd4e3eb Remainder of SSL purpose and trust code: trust and purpose setting in 
SSL_CTX and SSL, functions to set them and defaults if no values set.
 1999-11-29 22:35:00 +00:00
Dr. Stephen Henson
13938aceca Add part of chain verify SSL support code: not complete or doing anything 
yet.

Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.

Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
 1999-11-29 01:09:25 +00:00
Bodo Möller
1088e27ca8 Restore traditional SSL_get_session behaviour so that s_client and s_server 
don't leak tons of memory.
 1999-11-17 21:36:13 +00:00
Bodo Möller
b1fe6ca175 Store verify_result with sessions to avoid potential security hole. 1999-11-16 23:15:41 +00:00
Mark J. Cox
b7cfcfb7f8 This corrects the reference count handling in SSL_get_session. 
Previously, the returned SSL_SESSION didn't have its reference count
incremented so the SSL_SESSION could be freed at any time causing
seg-faults if the pointer was subsequently used. Code that uses
SSL_get_session must now make a corresponding SSL_SESSION_free() call when
it is done to avoid memory leaks (or blocked up session caches).

Submitted By: Geoff Thorpe <geoff@eu.c2.net>
 1999-11-15 16:31:31 +00:00
Richard Levitte
c96ab5101a Make sure installed files are world readable 1999-11-12 01:42:59 +00:00
Bodo Möller
798757762a Improve support for running everything as a monolithic application. 
Submitted by: Lennart Bång, Bodo Möller
 1999-10-25 19:36:01 +00:00
Ulf Möller
de808df47b Cosmetic changes. 1999-09-29 22:14:47 +00:00
Ben Laurie
ca7fea9656 Fix warnings. 1999-09-24 19:10:57 +00:00
Dr. Stephen Henson
1c80019a2c Add new sign and verify members to RSA_METHOD and change SSL code to use sign 
and verify rather than direct encrypt/decrypt.
 1999-09-18 22:37:44 +00:00
Bodo Möller
0d3118bed3 Update dependencies. 1999-09-14 15:07:22 +00:00
Bodo Möller
4dd60b3b96 typo in a comment 1999-09-14 15:06:25 +00:00
Bodo Möller
ac7da00048 Set s->version correctly for "natural" SSL 3.0 client hello 1999-09-13 13:02:07 +00:00
Andy Polyakov
17f389bbbf Initial support for MacOS. 
This will soon be complemented with MacOS specific source code files and
INSTALL.MacOS.

I (Andy) have decided to get rid of a number of #include <sys/types.h>.
I've verified it's ok (both by examining /usr/include/*.h and compiling)
on a number of Unix platforms. Unfortunately I don't have Windows box
to verify this on. I really appreciate if somebody could try to compile
it and contact me a.s.a.p. in case a problem occurs.

Submitted by: Roy Wood <roy@centricsystems.ca>
Reviewed by: Andy Polyakov <appro@fy.chalmers.se>
 1999-09-11 17:54:18 +00:00
Bodo Möller
5bdae1675c Fix yet another bug for client hello handling. 1999-09-11 10:36:41 +00:00
Bodo Möller
cb0369d885 Repair another bug in s23_get_client_hello: 
tls1 did not survive to restarts, so get rid of it.
 1999-09-10 16:41:01 +00:00
Bodo Möller
6f7af1524e Use non-copying BIO interface in ssltest.c. 1999-09-10 14:03:21 +00:00
Bodo Möller
396f631458 some more patches for avoiding problems with non-automatic variables 1999-09-08 21:58:13 +00:00
Bodo Möller
c1082a90bb Non-copying interface to BIO pairs. 
It's still totally untested ...
 1999-09-07 21:37:09 +00:00
Bodo Möller
ba3a6e7262 use explicit constant 11 just once 1999-09-03 22:37:38 +00:00
Bodo Möller
f70df1b887 Make previous bugfix actually work 1999-09-03 16:49:11 +00:00
Bodo Möller
074309b7ee Fix server behaviour when facing backwards-compatible client hellos. 1999-09-03 16:33:11 +00:00
Bodo Möller
77fa04a9bc -no_dhe option for ssltest.c 1999-09-03 16:31:36 +00:00
Bodo Möller
de1915e48c Fix horrible (and hard to track down) bug in ssl23_get_client_hello: 
In case of a restart, v[0] and v[1] were incorrectly initialised.
This was interpreted by ssl3_get_client_key_exchange as an RSA decryption
failure (don't ask me why) and caused it to create a _random_ master key
instead (even weirder), which obviously led to incorrect input to
ssl3_generate_master_secret and thus caused "block cipher pad is
wrong" error messages from ssl3_enc for the client's Finished message.
Arrgh.
 1999-08-18 17:14:42 +00:00
Bodo Möller
29159a42d2 BIO_write and BIO_read could, in theory, return -2. 1999-08-09 16:33:34 +00:00
Bodo Möller
385be6eb20 Provide fixed seed for parameter generation to speed up -dhe1024. 1999-08-09 12:59:10 +00:00
Bodo Möller
204cf1abb0 Comments. 1999-08-08 14:21:04 +00:00
Bodo Möller
5e63691972 add comments 1999-08-08 14:07:30 +00:00
Ralf S. Engelschall
b1816a0408 typo while I poke around... 1999-08-05 13:31:42 +00:00
Bodo Möller
48c843c367 New function DSA_dup_DH, and fixes for bugs that were found 
while implementing and using it.
 1999-08-05 11:50:18 +00:00
Bodo Möller
2b8e4959fb generate error message 1999-08-02 21:41:46 +00:00
Bodo Möller
f3e67ac1bc fix previous modification -- if ssl->cert is NULL, don't follow the pointer. 1999-08-02 20:09:23 +00:00
Bodo Möller
a63a3f58fd The SSL_CTX's cert structure is not relevant for the SSL 
(because now SSL_new makes a copy).
 1999-08-02 18:40:36 +00:00
Bodo Möller
a40f6dce87 correct error signalling for opendir() failure 1999-07-30 10:43:34 +00:00
Ulf Möller
8c197cc55e VMS updates. 
Submitted by: Richard Levitte <levitte@stacken.kth.se>
 1999-07-28 23:25:59 +00:00
Bodo Möller
74678cc2f8 Additional user data argument to pem_password_cb function type 
and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>
 1999-07-21 20:57:16 +00:00
Bodo Möller
7eea36bb48 cosmetic changes 1999-07-12 18:50:34 +00:00
Bodo Möller
5059658219 fix memory leak in s3_clnt.c 1999-07-12 17:15:42 +00:00