- 16 Jun, 2017 12 commits
-
-
Paul Yang authored
This applies both to s_client and s_server app. Reaction to Issue #3665. Signed-off-by:
Paul Yang <paulyang.inf@gmail.com> Reviewed-by:
Matt Caswell <matt@openssl.org> Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3697)
-
komainu8 authored
CLA: trivial Reviewed-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
-
Pauli authored
and bignums. These have been refactored into their own file, along with their error displays. The formatting follows the output format used on error, except that bignums of sixty four bits or less are displayed in a more compact one line form. Added a TEST_note function for producing output without file and line information. Update the three tests that call BN_print so they use the new test infrastructure instead. Reviewed-by:
Richard Levitte <levitte@openssl.org> Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3623)
-
Matt Caswell authored
Make it clear that we are pausing one of the connections and then restarting it again. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
This does things as per the recommendation in the TLSv1.3 spec. It also means that the server will always choose its preferred ciphersuite. Previously the server would only select ciphersuites compatible with the session. Reviewed-by:
-
Matt Caswell authored
Test that if a server selects a differenct ciphersuite with the same hash in TLSv1.3 then this is accepted by the client. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Richard Levitte authored
This new target is used to build all generated files and only that. This can be used to prepare everything that requires things like perl for a system that lacks perl and then move everything to that system and do the rest of the build there. Reviewed-by:
Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3695)
-
- 15 Jun, 2017 8 commits
-
-
Benjamin Kaduk authored
Also remove nested OPENSSL_NO_EC conditional; it was properly indented, but a no-op. Reviewed-by:
-
Todd Short authored
Reviewed-by:
-
Andy Polyakov authored
Reviewed-by: -
Rich Salz authored
Reviewed-by:
-
Richard Levitte authored
Because apps/progs.h isn't configuration agnostic, it's not at all suited for 'make update' or being versioned, so change it to be dynamically generated. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
If it did, it really is something that should be checked in, and should therefore make a CI build fail. Reviewed-by:
-
Pauli authored
Reviewed-by:
-
- 14 Jun, 2017 6 commits
-
-
Rich Salz authored
This flag was added in 1992 and only documented in the CHANGES file. Reviewed-by:
Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3681)
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
- 13 Jun, 2017 4 commits
-
-
Rich Salz authored
The generating script got updated, but the generated file did not. Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Andy Polyakov authored
[As well as few extra instructions from earlier spec.] Reviewed-by: -
Paul Yang authored
Update s_client -help and pod file. Signed-off-by:
-
- 12 Jun, 2017 10 commits
-
-
Richard Levitte authored
Reading the prologue of this file conserved the "# Function codes" line, and then duplicated it when rewriting this file, adding a new "# Function codes" line everytime there's an update. Better then to skip over all comment lines and have the prologue defined in mkerr.pl, just the same as we do with the other affected files. Reviewed-by:
-
Richard Levitte authored
Sometimes, one might only want to rework a subset of all the internal error codes. -module allows the caller to specify exactly which library modules to rewrite. Reviewed-by:
-
Paul Yang authored
Mostly braces and NULL pointer check and also copyright year bump Signed-off-by:
Kurt Roeckx <kurt@openssl.org> Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Rich Salz authored
Add "*" as indicator meaning the function/reason is removed, so put an empty string in the function/reason string table; this preserves backward compatibility by keeping the #define's. In state files, trailing backslash means text is on the next line. Add copyright to state files Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Paul Yang authored
To reduce duplicate code Signed-off-by:
-
Benjamin Kaduk authored
Call it from the early callback used for testing these functions, and verify the expected contents of the ClientHello Reviewed-by:
-
Benjamin Kaduk authored
It is an API to be used from the early callback that indicates what extensions were present in the ClientHello, and in what order. This can be used to eliminate unneeded calls to SSL_early_get0_ext() (which itself scales linearly in the number of extensions supported by the library). Reviewed-by:
-
Benjamin Kaduk authored
Per the TODO comment, we now have proper certificate selection for TLS 1.3 client certificates, so this test can move into its own block. (It cannot merge with the previous block, as it requires EC.) Verified that the test passes when configured with enable-tls1_3 no-tls1 no-tls1_1 no-tls1_2. Reviewed-by:
-
