- Feb 06, 2015
-
-
Rich Salz authored
The mkstack.pl script now generates the entire safestack.h file. It generates output that follows the coding style. Also, removed all instances of the obsolete IMPLEMENT_STACK_OF macro. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Disabling HMAC doesn't work. If it did it would end up disabling a lot of OpenSSL functionality (it is required for all versions of TLS for example). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
This is an ancient bug workaround for Netscape clients. The documentation talks about versions 3.x and 4.x beta. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Feb 05, 2015
-
-
Rich Salz authored
Use memset() not inline code. Compilers are smarter now. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
A few minor cleanups to remove pre-processor "#if 1" stuff. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Reviewed-by: Andy Polyakov <appro@openssl.org>
-
- Feb 04, 2015
-
-
Rich Salz authored
TABLE wasn't updated from a previous Configure change Missed an RMD160/RIPE/RIPEMD unification in mkdef.pl Makefile install_sw referenced file doc/openssl-shared.txt (RT3686) Needed to run 'make update' because - Various old code has been removed - Varous old #ifdef tests were removed Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Don't change files if they're unmodified. Indicate which files have changed and a summary. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Remove fips_algvs.c Remove unused fips module build code from Configure and Makefile.org Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Feb 03, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Rich Salz authored
And an uncompiled C++ test file. Also remove srp_lcl.h, with help from Richard. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Document SSL_get_extms_support(). Modify behaviour of SSL_get_extms_support() so it returns -1 if the master secret support of the peer is not known (e.g. handshake in progress). Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Update master secret calculation to support extended master secret. TLS 1.2 client authentication adds a complication because we need to cache the handshake messages. This is simpllified however because the point at which the handshake hashes are calculated for extended master secret is identical to that required for TLS 1.2 client authentication (immediately after client key exchange which is also immediately before certificate verify). Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Add and retrieve extended master secret extension, setting the flag SSL_SESS_FLAG_EXTMS appropriately. Note: this just sets the flag and doesn't include the changes to master secret generation. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Rewrite ssl3_send_client_key_exchange to retain the premaster secret instead of using it immediately. This is needed because the premaster secret is used after the client key exchange message has been sent to compute the extended master secret. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Retrieve handshake hashes in a separate function. This tidies the existing code and will be used for extended master secret generation. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Add a "flags" field to SSL_SESSION. This will contain various flags such as encrypt-then-mac and extended master secret support. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
PR:3683 Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Rich Salz authored
Remove outdated doc files. Fix windows build after old_des was removed. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Feb 02, 2015
-
-
Rich Salz authored
Includes VMS fixes from Richard. Includes Kurt's destest fixes (RT 1290). Closes tickets 1290 and 1291 Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Rich Salz authored
Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Rich Salz authored
Some of the #if 0 code in demo's was kept, but given helpful #ifdef names, to show more sample code. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Jan 31, 2015
-
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
previously protected by this have been moved into non-public headers Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
OPENSSL_NO_SSL_INTERN into internal header files. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Jan 30, 2015
-
-
Ben Laurie authored
Reviewed-by: Rich Salz Don't debug.
-
Rich Salz authored
Keep one #if 0 but rename the symbol to be more descriptive of what it's doing (you can disable support for old broken Netscape software). Reviewed-by: Tim Hudson <tjh@openssl.org>
-