Age | Commit message (Collapse) | Author |
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Conflicts:
ssl/s3_srvr.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
|
|
|
|
|
|
runtime, thus removing the need for a lock. Add a test to ssltest
to verify that the cipher lists are sorted.
|
|
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
|
|
|
|
|
|
|
|
tree. This further reduces header interdependencies, and makes some
associated cleanups.
|
|
Check if IDEA is being built or not.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
|
|
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
|
|
I've covered all the memset()s I felt safe modifying, but may have missed some.
|
|
|
|
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
PR: 291
|
|
|
|
|
|
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
|
|
not covered by the strength bit mask.
Submitted by:
Reviewed by:
PR: 130
|
|
Important SSL 2.0 bugfixes (bugs found while implementing msg_callback).
|
|
New macros SSL[_CTX]_set_msg_callback_arg().
Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).
New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.
In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).
Add/update some OpenSSL copyright notices.
|
|
with existing code.
Modify library to use digest *_ex() functions.
|
|
|
|
applications to use EVP. Add missing calls to HMAC_cleanup() and
don't assume HMAC_CTX can be copied using memcpy().
Note: this is almost identical to the patch submitted to openssl-dev
by Verdon Walker <VWalker@novell.com> except some redundant
EVP_add_digest_()/EVP_cleanup() calls were removed and some changes
made to avoid compiler warnings.
|
|
missed any.
This compiles and runs on Linux, and external applications have no
problems with it. The definite test will be to build this on VMS.
|
|
|
|
|
|
|
|
|
|
This is mostly a work around for the old VC++ problem
that it treats func() as func(void).
Various prototypes had been added to 'compare' function
pointers that triggered this. This could be fixed by removing
the prototype, adding function pointer casts to every call or
changing the passed function to use the expected arguments.
I mostly did the latter.
The mkdef.pl script was modified to remove the typesafe
functions which no longer exist.
Oh and some functions called OPENSSL_freeLibrary() were
changed back to FreeLibrary(), wonder how that happened :-)
|
|
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages. That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.
This change includes all the name changes needed throughout all C files.
|
|
designed for that. This removes the potential error to mix data and
function pointers.
Please note that I'm a little unsure how incorrect calls to the old
ctrl functions should be handled, in som cases. I currently return 0
and that's it, but it may be more correct to generate a genuine error
in those cases.
|
|
|
|
|
|
minor changes.
Docs haven't been added at this stage. They are probably
best included in the 'ciphers' program docs.
|
|
as a shared library without RSA. Use #ifndef NO_SSL2 instead of
NO_RSA in ssl/s2*.c.
Submitted by: Kris Kennaway <kris@hub.freebsd.org>
Modified by Ulf Möller
|
|
|
|
Submitted by: Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>
|
|
|
|
Submitted by: Richard Levitte <richard@levitte.org>
|
|
|
|
|
|
|
|
Submitted by:
Reviewed by:
PR:
|
|
|
|
Submitted by:
Reviewed by:
PR:
|
|
|
|
|