- Feb 09, 2014
-
-
Scott Deboy authored
Reverting 1.0.2-only changes supporting the prior authz RFC5878-based tests from commit 835d104f
-
Scott Deboy authored
The contract for custom extension callbacks has changed - all custom extension callbacks are triggered
-
Ben Laurie authored
-
Scott Deboy authored
Whitespace fixes (cherry picked from commit e9add063) Conflicts: ssl/s3_clnt.c
-
Scott Deboy authored
-
Scott Deboy authored
If multiple TLS extensions are expected but not received, the TLS extension and supplemental data 'generate' callbacks are the only chance for the receive-side to trigger a specific TLS alert during the handshake. Removed logic which no-op'd TLS extension generate callbacks (as the generate callbacks need to always be called in order to trigger alerts), and updated the serverinfo-specific custom TLS extension callbacks to track which custom TLS extensions were received by the client, where no-ops for 'generate' callbacks are appropriate. (cherry picked from commit ac20719d) Conflicts: ssl/t1_lib.c
-
Trevor Perrin authored
-
Scott Deboy authored
Free generated supp data after handshake completion, add comment regarding use of num_renegotiations in TLS and supp data generation callbacks (cherry picked from commit 67c408ce) Conflicts: apps/s_client.c apps/s_server.c
-
Scott Deboy authored
Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API Tests exercising the new supplemental data registration and callback api can be found in ssltest.c. Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation. (cherry picked from commit 36086186) Conflicts: Configure apps/s_client.c apps/s_server.c ssl/ssl.h ssl/ssl3.h ssl/ssltest.c
-
- Feb 06, 2014
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Andy Polyakov authored
(cherry picked from commit 2d752737)
-
Dr. Stephen Henson authored
(cherry picked from commit b45e874d)
-
- Feb 05, 2014
-
-
Andy Polyakov authored
-
Andy Polyakov authored
-
Dr. Stephen Henson authored
(cherry picked from commit 3880579240d476d21f68fd01a391dd325920f479)
-
Andy Polyakov authored
-
Dr. Stephen Henson authored
If an application calls the macro SSL_CTX_get_extra_chain_certs return either the old "shared" extra certificates or those associated with the current certificate. This means applications which call SSL_CTX_use_certificate_chain_file and retrieve the additional chain using SSL_CTX_get_extra_chain_certs will still work. An application which only wants to check the shared extra certificates can call the new macro SSL_CTX_get_extra_chain_certs_only (cherry picked from commit a51f7676)
-
Andy Polyakov authored
-
- Feb 03, 2014
-
-
Dr. Stephen Henson authored
PR#3253
-
- Feb 02, 2014
-
-
Dr. Stephen Henson authored
New ctrl sets current certificate based on certain criteria. Currently two options: set the first valid certificate as current and set the next valid certificate as current. Using these an application can iterate over all certificates in an SSL_CTX or SSL structure. (cherry picked from commit 0f78819c)
-
Dr. Stephen Henson authored
(cherry picked from commit f3efeaad)
-
Dr. Stephen Henson authored
(cherry picked from commit 88c21c47)
-
Dr. Stephen Henson authored
(cherry picked from commit ea131a06)
-
Dr. Stephen Henson authored
(cherry picked from commit d80b0eee)
-
Dr. Stephen Henson authored
(cherry picked from commit ebd14bfc)
-
Ben Laurie authored
-
- Feb 01, 2014
-
-
Andy Polyakov authored
-
Andy Polyakov authored
(cherry picked from commit d162584b)
-
Andy Polyakov authored
-
Andy Polyakov authored
(cherry picked from commit 0a2d5003)
-
Andy Polyakov authored
-
Andy Polyakov authored
-
Ben Laurie authored
X509_ALGOR_[gs]et0()).
-
Andy Polyakov authored
(cherry picked from commit fb0a5208)
-
Andy Polyakov authored
suggestions from Pierre Delaage). (cherry picked from commit 668bcfd5) Resolved conflicts: util/pl/VC-32.pl
-
Andy Polyakov authored
Submitted by: Pierre Delaage (cherry picked from commit a006fef7) Resolved conflicts: crypto/bio/bss_dgram.c ssl/d1_lib.c util/pl/VC-32.pl
-
Andy Polyakov authored
(cherry picked from commit 80c42f3e)
-
Andy Polyakov authored
(cherry picked from commit ae007d4d)
-
Andy Polyakov authored
(cherry picked from commit 701d593f)
-