Commits · c56f5b8edfbcec704f924870daddd96a5f768fbb · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Apr 09, 2013

Always return errors in ssl3_get_client_hello · c56f5b8e

Dr. Stephen Henson authored Apr 09, 2013

If we successfully match a cookie don't set return value to 2 as this
results in other error conditions returning 2 as well.

Instead set return value to -2 which can be checked later if everything
else is OK.

c56f5b8e

Dual DTLS version methods. · c6913eeb

Dr. Stephen Henson authored Apr 06, 2013

Add new methods DTLS_*_method() which support both DTLS 1.0 and DTLS 1.2 and
pick the highest version the peer supports during negotiation.

As with SSL/TLS options can change this behaviour specifically
SSL_OP_NO_DTLSv1 and SSL_OP_NO_DTLSv1_2.

c6913eeb

Apr 08, 2013
- Set s->d1 to NULL after freeing it. · 04638f2f
  Dr. Stephen Henson authored Apr 08, 2013
  
  04638f2f
- Asm build portability. · 045b2809
  Dr. Stephen Henson authored Apr 08, 2013
```
Don't use Win32 specific options in mk1mf.pl to build assembly language
files.
```
  045b2809
Apr 07, 2013
- Make sure all tests are actually run, plus some fixups for things that · 29d422e2
  Ben Laurie authored Apr 07, 2013
```
turn out to be made somewhere by existing Makefiles.
```
  29d422e2
Apr 06, 2013
- Use original alltests target for definitive test list. · a7f5cd7f
  Ben Laurie authored Apr 06, 2013
  
  a7f5cd7f
- Missing semicolon. · afdf3669
  Ben Laurie authored Apr 06, 2013
  
  afdf3669
- Fix non-copy builds. · fed45e18
  Dr. Stephen Henson authored Apr 06, 2013
```
Only use -MMD and .sinclude in copy builds: other platforms don't
support them.
```
  fed45e18
- Missing file. · d07201a2
  Ben Laurie authored Apr 06, 2013
  
  d07201a2
- Make executable. · bc9e8782
  Ben Laurie authored Apr 06, 2013
  
  bc9e8782
- Helper scripts for one makefile build. · 9fc3ebda
  Ben Laurie authored Apr 06, 2013
  
  9fc3ebda
- Merge, go back to copy-if-different. · 1a70fe95
  Ben Laurie authored Apr 06, 2013
  
  1a70fe95
- Fix test_ss. · ea4507ee
  Ben Laurie authored Apr 03, 2013
  
  ea4507ee
- Add new asm target. · 4b9af0a1
  Ben Laurie authored Apr 03, 2013
  
  4b9af0a1
- Show start/end of tests. · e92ce4e3
  Ben Laurie authored Apr 03, 2013
  
  e92ce4e3
- Avoid collisions. · 3426b8ed
  Ben Laurie authored Apr 03, 2013
  
  3426b8ed
- Make session ID test work. · f5cd3db5
  Ben Laurie authored Apr 02, 2013
  
  f5cd3db5
- Make S/MIME test work. · 15e5f592
  Ben Laurie authored Apr 02, 2013
  
  15e5f592
- Make RSA test work. · 509a83dd
  Ben Laurie authored Apr 02, 2013
  
  509a83dd
- Make PKCS#7 test work. · 8c7f5f3b
  Ben Laurie authored Apr 02, 2013
  
  8c7f5f3b
- Make OCSP test work. · 188f6443
  Ben Laurie authored Apr 02, 2013
  
  188f6443
- More progress towards working tests. · 3675fb88
  Ben Laurie authored Apr 01, 2013
  
  3675fb88
- Get closer to a working single Makefile with test support. · 3b4d86bf
  Ben Laurie authored Mar 23, 2013
  
  3b4d86bf
- Fix warnings. · 282a480a
  Ben Laurie authored Mar 23, 2013
  
  282a480a
Apr 04, 2013
- Make TLS 1.2 ciphers work again. · 1e2d4cb0
  Dr. Stephen Henson authored Apr 04, 2013
```
Since s->method does not reflect the final client version when a client
hello is sent for SSLv23_client_method it can't be relied on to indicate
if TLS 1.2 ciphers should be used. So use the client version instead.
```
  1e2d4cb0
- cryptlib.c: fix typo in OPENSSL_showfatal. · 99cda437
  Andy Polyakov authored Apr 04, 2013
  
  99cda437
- aesni-x86_64.pl: optimize CBC decrypt. · 73325b22
  Andy Polyakov authored Apr 04, 2013
```
Give CBC decrypt approximately same treatment as to CTR and collect 25%.
```
  73325b22
- e_aes.c: reserve for future extensions. · a42abde6
  Andy Polyakov authored Apr 04, 2013
  
  a42abde6
- gcm128.c: fix linking problems in 32-bit Windows build. · 64f7e2c4
  Andy Polyakov authored Apr 04, 2013
  
  64f7e2c4
- dest4-sparcv9.pl: add clarification comment. · 7f97d572
  Andy Polyakov authored Apr 04, 2013
  
  7f97d572
- evptests.txt: add XTS test vectors · c9a8e3d1
  Andy Polyakov authored Apr 04, 2013
  
  c9a8e3d1
Apr 03, 2013
- Use $(PERL) when calling scripts in mk1mf.pl · 3fce3f6b
  Dr. Stephen Henson authored Apr 03, 2013
  
  3fce3f6b
Mar 31, 2013
- Typo. · 0ded2a06
  Dr. Stephen Henson authored Mar 31, 2013
  
  0ded2a06
- Add support for SPARC T4 DES opcode. · c5d975a7
  Andy Polyakov authored Mar 31, 2013
  
  c5d975a7
- des_enc.m4: add missing #include. · d8f3ed23
  Andy Polyakov authored Mar 31, 2013
```
Submitted by: David Miller
```
  d8f3ed23
Mar 29, 2013
- Add AES-NI GCM stitch. · 4e049c52
  Andy Polyakov authored Mar 29, 2013
  
  4e049c52
- aesni-x86_64.pl: fix typo and optimize small block performance. · b4a9d5bf
  Andy Polyakov authored Mar 29, 2013
  
  b4a9d5bf
Mar 28, 2013
- Call RAND_cleanup in openssl application. · 3d1160d5
  Dr. Stephen Henson authored Mar 28, 2013
```
(cherry picked from commit 944bc29f)
```
  3d1160d5
- Enable TLS 1.2 ciphers in DTLS 1.2. · 4221c0dd
  Dr. Stephen Henson authored Mar 27, 2013
```
Port TLS 1.2 GCM code to DTLS. Enable use of TLS 1.2 only ciphers when in
DTLS 1.2 mode too.
```
  4221c0dd
- Update fixed DH requirements. · fbbaacca
  Dr. Stephen Henson authored Mar 27, 2013
```
The relaxed signing requirements for fixed DH certificates apply to DTLS 1.2
too.
```
  fbbaacca