- Jul 30, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Note: some of the RFC4279 ciphersuites were originally part of PR#2464. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Move PSK premaster secret algorithm to ssl_generate_master secret so existing key exchange code can be used and modified slightly to add the PSK wrapping structure. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Add support for RSAPSK, DHEPSK and ECDHEPSK server side. Update various checks to ensure certificate and server key exchange messages are only sent when required. Update message handling. PSK server key exchange parsing now include an identity hint prefix for all PSK server key exchange messages. PSK client key exchange message expects PSK identity and requests key for all PSK key exchange ciphersuites. Update flags for RSA, DH and ECDH so they are also used in PSK. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Add support for RSAPSK, DHEPSK and ECDHEPSK client side. Update various checks to ensure certificate and server key exchange messages are only expected when required. Update message handling. PSK server key exchange parsing now expects an identity hint prefix for all PSK server key exchange messages. PSK client key exchange message requests PSK identity and key for all PSK key exchange ciphersuites and includes identity in message. Update flags for RSA, DH and ECDH so they are also used in PSK. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
For SHA384 PRF PSK ciphersuites we have to switch to default PRF for TLS < 1.2 Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
The DTLS code is supposed to drop packets if we try to write them out but the underlying BIO write buffers are full. ssl3_write_pending() contains an incorrect test for DTLS that controls this. The test only checks for DTLS1 so DTLS1.2 does not correctly clear the internal OpenSSL buffer which can later cause an assert to be hit. This commit changes the test to cover all DTLS versions. RT#3967 Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Martin Vejnar authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Jul 29, 2015
-
-
Rich Salz authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Rich Salz authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Jul 28, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Jul 27, 2015
-
-
Matt Caswell authored
The function SSL_set_session_ticket_ext sets the ticket data to be sent in the ClientHello. This is useful for EAP-FAST. This commit adds a test to ensure that when this function is called the expected ticket data actually appears in the ClientHello. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Matt Caswell authored
This flag was not set anywhere within the codebase (only read). It could only be set by an app reaching directly into s->s3->flags and setting it directly. However that method became impossible when libssl was opaquified. Even in 1.0.2/1.0.1 if an app set the flag directly it is only relevant to ssl3_connect(), which calls SSL_clear() during initialisation that clears any flag settings. Therefore it could take effect if the app set the flag after the handshake has started but before it completed. It seems quite unlikely that any apps really do this (especially as it is completely undocumented). The purpose of the flag is suppress flushing of the write bio on the client side at the end of the handshake after the client has written the Finished message whilst resuming a session. This enables the client to send application data as part of the same flight as the Finished message. This flag also controls the setting of a second flag SSL3_FLAGS_POP_BUFFER. There is an interesting comment in the code about this second flag in the implementation of ssl3_write: /* This is an experimental flag that sends the * last handshake message in the same packet as the first * use data - used to see if it helps the TCP protocol during * session-id reuse */ It seems the experiment did not work because as far as I can tell nothing is using this code. The above comment has been in the code since SSLeay. This commit removes support for SSL3_FLAGS_DELAY_CLIENT_FINISHED, as well as the associated SSL3_FLAGS_POP_BUFFER. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Jul 23, 2015
-
-
Emilia Kasper authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Jul 22, 2015
-
-
Rich Salz authored
Create bn_free_d utility routine and use it. Fix RT3950 Also a missing cleanse, from Loganaden Velvindron (loganaden@gmail.com), who noticed it in a Cloudflare patch. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Jul 21, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Dr. Stephen Henson authored
Use new SSL_CONF options in demo. Add intermediate and root CAs and update all to use SHA256. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
Add support for loading verify and chain stores in SSL_CONF. Commands to set verify mode and client CA names. Add documentation. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
- Jul 20, 2015
-
-
Rich Salz authored
Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Jul 18, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Jul 16, 2015
-
-
Rich Salz authored
Remove support for RSA_NET and Netscape key format (-keyform n). Also removed documentation of SGC. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-