mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-23 14:42:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
2660b7cfba
openssl/ssl
History
Rich Salz 55373bfd41 Add SSL_OP_ALLOW_CLIENT_RENEGOTIATION 
Add -client_renegotiation flag support.  The -client_renegotiation flag is
equivalent to SSL_OP_ALLOW_CLIENT_RENEGOTIATION. Add support to the app,
the config code, and the documentation.

Add SSL_OP_ALLOW_CLIENT_RENEGOTIATION to the SSL tests. We don't need to
always enable it, but there are so many tests so this is the easiest thing
to do.

Add a test where client tries to renegotiate and it fails as expected. Add
a test where server tries to renegotiate and it succeeds. The second test
is supported by a new flag, -immediate_renegotiation, which is ignored on
the client.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15184)
2021-05-17 10:53:30 +02:00
..
record Update copyright year 2021-04-22 14:38:44 +01:00
statem Add SSL_OP_ALLOW_CLIENT_RENEGOTIATION 2021-05-17 10:53:30 +02:00
bio_ssl.c Update copyright year 2021-04-08 13:04:41 +01:00
build.info Drop libimplementations.a 2021-05-07 10:17:23 +02:00
d1_lib.c Update copyright year 2021-01-28 13:54:57 +01:00
d1_msg.c Update copyright year 2020-11-26 14:18:57 +00:00
d1_srtp.c Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call 2020-11-11 12:12:11 +01:00
ktls.c Only enable KTLS if it is explicitly configured 2021-04-12 11:32:05 +01:00
methods.c
pqueue.c Update copyright year 2020-11-26 14:18:57 +00:00
s3_cbc.c Remove unused code from the fips module 2021-05-08 20:44:41 +10:00
s3_enc.c Remove all OPENSSL_NO_XXX from libssl where XXX is a crypto alg 2021-02-05 15:22:43 +00:00
s3_lib.c Promote SSL_get_negotiated_group() for non-TLSv1.3 2021-05-15 15:09:07 -07:00
s3_msg.c Avoid sending alerts after shutdown 2021-05-06 17:07:11 +02:00
ssl_asn1.c Promote SSL_get_negotiated_group() for non-TLSv1.3 2021-05-15 15:09:07 -07:00
ssl_cert_table.h
ssl_cert.c Fix NULL access in ssl_build_cert_chain() when ctx is NULL. 2021-03-03 16:16:19 +10:00
ssl_ciph.c ssl: fix problem where MAC IDs were globally cached. 2021-03-30 18:59:42 +02:00
ssl_conf.c Add SSL_OP_ALLOW_CLIENT_RENEGOTIATION 2021-05-17 10:53:30 +02:00
ssl_err_legacy.c Modify the ERR init functions to use the internal ERR string loaders 2020-11-24 15:21:44 +01:00
ssl_err.c make update 2021-05-12 09:11:48 -07:00
ssl_init.c Modify the ERR init functions to use the internal ERR string loaders 2020-11-24 15:21:44 +01:00
ssl_lib.c Add SSL_OP_ALLOW_CLIENT_RENEGOTIATION 2021-05-17 10:53:30 +02:00
ssl_local.h Promote SSL_get_negotiated_group() for non-TLSv1.3 2021-05-15 15:09:07 -07:00
ssl_mcnf.c SSL: refactor all SSLfatal() calls 2020-11-11 12:12:23 +01:00
ssl_rsa_legacy.c Deprecate RSA harder 2020-11-18 23:38:34 +01:00
ssl_rsa.c ssl: coverity 1465527 - dereference after null check 2021-03-20 10:18:32 +10:00
ssl_sess.c Update copyright year 2021-04-08 13:04:41 +01:00
ssl_stat.c
ssl_txt.c Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call 2020-11-11 12:12:11 +01:00
ssl_utst.c
sslerr.h Make supported_groups code independent of EC and DH 2021-02-05 15:20:37 +00:00
t1_enc.c Only enable KTLS if it is explicitly configured 2021-04-12 11:32:05 +01:00
t1_lib.c Replace EVP_PKEY_supports_digest_nid 2021-05-13 13:19:39 +02:00
t1_trce.c Update copyright year 2021-02-18 15:05:17 +00:00
tls13_enc.c Add quick one-shot EVP_Q_mac() and deprecation compensation decls for MAC functions 2021-05-08 14:35:03 +02:00
tls_depr.c Remove OPENSSL_NO_DH guards from libssl 2021-02-05 15:20:36 +00:00
tls_srp.c Update copyright year 2021-02-18 15:05:17 +00:00