Implement the Opaque PRF Input TLS extension
(draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and bugfixes on the way. In particular, this fixes the buffer bounds checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext(). Note that the opaque PRF Input TLS extension is not compiled by default; see CHANGES.
Showing
- CHANGES 58 additions, 0 deletionsCHANGES
- apps/s_cb.c 5 additions, 0 deletionsapps/s_cb.c
- apps/s_client.c 7 additions, 0 deletionsapps/s_client.c
- apps/s_server.c 5 additions, 0 deletionsapps/s_server.c
- ssl/s23_clnt.c 19 additions, 0 deletionsssl/s23_clnt.c
- ssl/s3_clnt.c 5 additions, 2 deletionsssl/s3_clnt.c
- ssl/s3_lib.c 54 additions, 1 deletionssl/s3_lib.c
- ssl/ssl.h 15 additions, 1 deletionssl/ssl.h
- ssl/ssl3.h 8 additions, 0 deletionsssl/ssl3.h
- ssl/ssl_err.c 3 additions, 2 deletionsssl/ssl_err.c
- ssl/ssl_lib.c 1 addition, 0 deletionsssl/ssl_lib.c
- ssl/ssl_locl.h 9 additions, 3 deletionsssl/ssl_locl.h
- ssl/ssltest.c 26 additions, 0 deletionsssl/ssltest.c
- ssl/t1_enc.c 98 additions, 65 deletionsssl/t1_enc.c
- ssl/t1_lib.c 215 additions, 10 deletionsssl/t1_lib.c
- ssl/tls1.h 16 additions, 5 deletionsssl/tls1.h
Loading
Please register or sign in to comment