Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2015-01-22 | Fix source where indent will not be able to cope | Matt Caswell | 1 | -1/+2 | |
Reviewed-by: Tim Hudson <tjh@openssl.org> | |||||
2015-01-06 | Further comment amendments to preserve formatting prior to source reformat | Matt Caswell | 1 | -1/+2 | |
Reviewed-by: Tim Hudson <tjh@openssl.org> | |||||
2014-12-30 | mark all block comments that need format preserving so that | Tim Hudson | 1 | -1/+1 | |
indent will not alter them when reformatting comments Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> | |||||
2014-12-10 | SSL_set_session: check for NULL after allocating s->kssl_ctx->client_princ | Jonas Maebe | 1 | -0/+5 | |
Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> | |||||
2014-12-04 | Remove SSLv2 support | Kurt Roeckx | 1 | -15/+5 | |
The only support for SSLv2 left is receiving a SSLv2 compatible client hello. Reviewed-by: Richard Levitte <levitte@openssl.org> | |||||
2014-10-28 | Tighten session ticket handling | Emilia Kasper | 1 | -1/+15 | |
Tighten client-side session ticket handling during renegotiation: ensure that the client only accepts a session ticket if the server sends the extension anew in the ServerHello. Previously, a TLS client would reuse the old extension state and thus accept a session ticket if one was announced in the initial ServerHello. Reviewed-by: Bodo Moeller <bodo@openssl.org> | |||||
2013-09-06 | Add callbacks supporting generation and retrieval of supplemental data ↵ | Scott Deboy | 1 | -11/+0 | |
entries, facilitating RFC 5878 (TLS auth extensions) Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API Tests exercising the new supplemental data registration and callback api can be found in ssltest.c. Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation. | |||||
2013-03-26 | Provisional DTLS 1.2 support. | Dr. Stephen Henson | 1 | -0/+5 | |
Add correct flags for DTLS 1.2, update s_server and s_client to handle DTLS 1.2 methods. Currently no support for version negotiation: i.e. if client/server selects DTLS 1.2 it is that or nothing. | |||||
2012-06-03 | Version skew reduction: trivia (I hope). | Ben Laurie | 1 | -0/+2 | |
2012-05-30 | RFC 5878 support. | Ben Laurie | 1 | -0/+11 | |
2012-03-28 | Initial revision of ECC extension handling. | Dr. Stephen Henson | 1 | -26/+0 | |
Tidy some code up. Don't allocate a structure to handle ECC extensions when it is used for default values. Make supported curves configurable. Add ctrls to retrieve shared curves: not fully integrated with rest of ECC code yet. | |||||
2011-12-22 | New ctrl values to clear or retrieve extra chain certs from an SSL_CTX. | Dr. Stephen Henson | 1 | -10/+5 | |
New function to retrieve compression method from SSL_SESSION structure. Delete SSL_SESSION_get_id_len and SSL_SESSION_get0_id functions as they duplicate functionality of SSL_SESSION_get_id. Note: these functions have never appeared in any release version of OpenSSL. | |||||
2011-09-05 | Fix session handling. | Bodo Möller | 1 | -57/+78 | |
2011-04-29 | Initial incomplete TLS v1.2 support. New ciphersuites added, new version | Dr. Stephen Henson | 1 | -0/+5 | |
checking added, SHA256 PRF support added. At present only RSA key exchange ciphersuites work with TLS v1.2 as the new signature format is not yet implemented. | |||||
2011-04-29 | Initial "opaque SSL" framework. If an application defines | Dr. Stephen Henson | 1 | -0/+29 | |
OPENSSL_NO_SSL_INTERN all ssl related structures are opaque and internals cannot be directly accessed. Many applications will need some modification to support this and most likely some additional functions added to OpenSSL. The advantage of this option is that any application supporting it will still be binary compatible if SSL structures change. | |||||
2011-03-12 | Add SRP support. | Ben Laurie | 1 | -0/+7 | |
2010-02-01 | PR: 2160 | Dr. Stephen Henson | 1 | -1/+1 | |
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Make session tickets work with DTLS. | |||||
2009-12-07 | Initial experimental TLSv1.1 support | Dr. Stephen Henson | 1 | -0/+5 | |
2009-04-20 | Updates from 1.0.0-stable branch. | Dr. Stephen Henson | 1 | -0/+5 | |
2008-11-15 | PR: 1574 | Dr. Stephen Henson | 1 | -0/+55 | |
Submitted by: Jouni Malinen <j@w1.fi> Approved by: steve@openssl.org Ticket override support for EAP-FAST. | |||||
2008-09-03 | Fix from stable branch. | Dr. Stephen Henson | 1 | -1/+1 | |
2008-07-04 | Avoid warnings with -pedantic, specifically: | Dr. Stephen Henson | 1 | -1/+1 | |
Conversion between void * and function pointer. Value computed not used. Signed/unsigned argument. | |||||
2008-06-01 | Add client cert engine to SSL routines. | Dr. Stephen Henson | 1 | -0/+22 | |
2008-05-26 | LHASH revamp. make depend. | Ben Laurie | 1 | -12/+13 | |
2007-10-17 | Don't lookup zero length session ID. | Dr. Stephen Henson | 1 | -1/+3 | |
PR: 1591 | |||||
2007-08-11 | RFC4507 (including RFC4507bis) TLS stateless session resumption support | Dr. Stephen Henson | 1 | -6/+34 | |
for OpenSSL. | |||||
2007-06-07 | Finish gcc 4.2 changes. | Dr. Stephen Henson | 1 | -0/+1 | |
2007-03-21 | stricter session ID context matching | Bodo Möller | 1 | -21/+23 | |
2007-02-10 | use user-supplied malloc functions for persistent kssl objects | Nils Larsch | 1 | -1/+1 | |
PR: 1467 Submitted by: Andrei Pelinescu-Onciul <andrei@iptel.org> | |||||
2006-11-30 | Win32 fixes from stable branch. | Dr. Stephen Henson | 1 | -7/+7 | |
2006-11-29 | replace macros with functions | Nils Larsch | 1 | -0/+69 | |
Submitted by: Tracy Camp <tracyx.e.camp@intel.com> | |||||
2006-03-30 | Implement Supported Elliptic Curves Extension. | Bodo Möller | 1 | -0/+16 | |
Submitted by: Douglas Stebila | |||||
2006-03-13 | udpate Supported Point Formats Extension code | Bodo Möller | 1 | -0/+1 | |
Submitted by: Douglas Stebila | |||||
2006-03-11 | Implement the Supported Point Formats Extension for ECC ciphersuites | Bodo Möller | 1 | -0/+21 | |
Submitted by: Douglas Stebila | |||||
2006-03-10 | add initial support for RFC 4279 PSK SSL ciphersuites | Nils Larsch | 1 | -0/+36 | |
PR: 1191 Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation Reviewed by: Nils Larsch | |||||
2006-01-09 | Further TLS extension updates | Bodo Möller | 1 | -7/+11 | |
Submitted by: Peter Sylvester | |||||
2006-01-06 | Fixes for TLS server_name extension | Bodo Möller | 1 | -14/+20 | |
Submitted by: Peter Sylvester | |||||
2006-01-03 | Various changes in the new TLS extension code, including the following: | Bodo Möller | 1 | -2/+54 | |
- fix indentation - rename some functions and macros - fix up confusion between SSL_ERROR_... and SSL_AD_... values | |||||
2006-01-02 | Support TLS extensions (specifically, HostName) | Bodo Möller | 1 | -0/+7 | |
Submitted by: Peter Sylvester | |||||
2005-12-30 | Rewrite timeout computation in a way that is less prone to overflow. | Bodo Möller | 1 | -1/+1 | |
(Problem reported by Peter Sylvester.) | |||||
2005-12-05 | Avoid warnings on VC++ 2005. | Dr. Stephen Henson | 1 | -1/+1 | |
2005-08-14 | Let the TLSv1_method() etc. functions return a const SSL_METHOD | Nils Larsch | 1 | -1/+1 | |
pointer and make the SSL_METHOD parameter in SSL_CTX_new, SSL_CTX_set_ssl_version and SSL_set_ssl_method const. | |||||
2005-04-29 | check return value of RAND_pseudo_bytes; backport from the stable branch | Nils Larsch | 1 | -1/+2 | |
2005-04-26 | Add DTLS support. | Ben Laurie | 1 | -0/+5 | |
2005-03-30 | Constification. | Ben Laurie | 1 | -5/+5 | |
2003-12-27 | Avoid including cryptlib.h, it's not really needed. | Richard Levitte | 1 | -1/+0 | |
Check if IDEA is being built or not. This is part of a large change submitted by Markus Friedl <markus@openbsd.org> | |||||
2003-09-08 | These should be write-locks, not read-locks. | Geoff Thorpe | 1 | -2/+2 | |
2003-02-15 | Session cache implementations shouldn't have to access SSL_SESSION | Geoff Thorpe | 1 | -0/+7 | |
elements directly, so this missing functionality is required. PR: 276 | |||||
2002-11-28 | Cleanse memory using the new OPENSSL_cleanse() function. | Richard Levitte | 1 | -4/+4 | |
I've covered all the memset()s I felt safe modifying, but may have missed some. | |||||
2002-11-13 | Security fixes brought forward from 0.9.7. | Ben Laurie | 1 | -3/+3 | |