- Oct 24, 2001
-
-
Richard Levitte authored
-
Richard Levitte authored
-
Richard Levitte authored
-
- Oct 23, 2001
-
-
Richard Levitte authored
Submitted by Frederic.Giudicelli@INTRINsec.com
-
Dr. Stephen Henson authored
-
- Oct 22, 2001
-
-
Bodo Möller authored
-
- Oct 21, 2001
-
-
Dr. Stephen Henson authored
Reject certificates with unhandled critical extensions.
-
Dr. Stephen Henson authored
Stop spurious "unable to load config info" errors in req
-
- Oct 20, 2001
-
-
Bodo Möller authored
be called multiple times
-
Bodo Möller authored
New macros SSL[_CTX]_set_msg_callback_arg(). Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet). New '-msg' option for 'openssl s_client' and 'openssl s_server' that enable a message callback that displays all protocol messages. In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if client_version is smaller than the protocol version in use. Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the client will at least see that alert. Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic pointer). Add/update some OpenSSL copyright notices.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Oct 17, 2001
-
-
Bodo Möller authored
variable name occured just in a function *prototype* -- so rename it
-
Richard Levitte authored
-
Richard Levitte authored
it to NULL.
-
Bodo Möller authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
to digests to retain compatibility.
-
- Oct 16, 2001
-
-
Lutz Jänicke authored
-
Bodo Möller authored
Both have per-SSL_CTX defaults. These new values can be set by calling SSL[_CTX]_[callback_]ctrl with codes SSL_CTRL_SET_MSG_CALLBACK and SSL_CTRL_SET_MSG_CALLBACK_ARG. So far, the callback is never actually called. Also rearrange some SSL_CTX struct members (some exist just in SSL_CTXs, others are defaults for SSLs and are either copied during SSL_new, or used if the value in the SSL is not set; these three classes of members were not in a logical order), and add some missing assignments to SSL_dup.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Retain compatibility of EVP_DigestInit() and EVP_DigestFinal() with existing code. Modify library to use digest *_ex() functions.
-
Bodo Möller authored
SSL 2.0 client hellos added with the previous commit was totally wrong -- it must start with the message type, not the protocol version. (Not that this particular header is actually used anywhere ...)
-
- Oct 15, 2001
-
-
Bodo Möller authored
(if s23_srvr.c faked the message, s->init_num is 0).
-
Bodo Möller authored
'Handshake' protocol structures are kept in memory, including 'msg_type' and 'length'. (This is in preparation of future support for callbacks that get to peek at handshake messages and the like.)
-
Bodo Möller authored
-
Bodo Möller authored
-
Bodo Möller authored
case of ssl3_accept
-
- Oct 14, 2001
-
-
Ulf Möller authored
Submitted by: Toomas Kiisk <vix@cyber.ee>
-
- Oct 12, 2001
-
-
Lutz Jänicke authored
From: "Chris D. Peterson" <cpeterson@aventail.com> Subject: Implementation Issues with OpenSSL To: openssl-users@openssl.org Date: Wed, 22 Aug 2001 16:13:17 -0700 The patch included in the original post may improve the internal session list handling (and is therefore worth a seperate investigation). No change to the list handling will however solve the problems of incorrect SSL_SESSION_free() calls. The session list is only one possible point of failure, dangling pointers would also occur for SSL object currently using the session. The correct solution is to only use SSL_SESSION_free() when applicable!
-
- Oct 11, 2001
-
-
Richard Levitte authored
such cases, a flush should *not* attempt to finalise the encoding, as the EVP_ENCODE_CTX structure will only be filled with garbage. For the same reason, do the same check when a wpending is performed.
-
- Oct 10, 2001
-
-
Richard Levitte authored
-
Richard Levitte authored
-
Richard Levitte authored
used or not, let's ask collect2 which ld it uses and choose to use the target do-gnu_shared if GNU ld is used. This solves the reported problems on Solaris systems where GNU cc is used but GNU ld isn't, and probably on other systems with similar setups.
-
Richard Levitte authored
-
Richard Levitte authored
specifically, a starting './' is removed. makedepend doesn't do this, resulting in another possible commit war, so let's fix that by doing a poor mans canonicalisation of file names that gives the same effect as doing dependencies through gcc.
-
Richard Levitte authored
-
Richard Levitte authored
depend on the environment, like the presence of the OpenBSD crypto device or of Kerberos, do not change the dependencies within OpenSSL.
-
Richard Levitte authored
-
- Oct 09, 2001
-
-
Richard Levitte authored
-