| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
upper bounds are known to be size_t.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
SSLv2 remnants.
ok jsing
|
| |
|
|
|
|
|
| |
Wrap long lines and fix a bug where the wrong struct member was checked
for NULL.
ok jsing
|
| |
|
|
|
|
|
|
| |
BIO_s_file_internal() should never have leaked out of libcrypto,
but it did. As a first step of getting rid of it, stop using it
internally.
ok jsing
|
| |
|
|
|
|
|
|
| |
Now that SSL_SESSION is opaque, change tlsext_tick_lifetime_hint from long
to uint32_t (matching RFC4507), rather than continuing to work around an
inappropriate type choice.
ok tb@
|
| |
|
|
|
|
| |
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
| |
|
|
|
|
|
|
|
| |
Make a table of "function codes" which maps the internal state of the SSL *
to something like a useful name so in a typical error in the connection you
know in what sort of place in the handshake things happened. (instead of
by arcane function name).
Add SSLerrorx() for when we don't have an SSL *
ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
| |
|
|
|
|
|
| |
We leave a single funciton code (0xFFF) to say "SSL_internal" so the public
API will not break, and we replace all internal use of the two argument
SSL_err() with the internal only SSL_error() that only takes a reason code.
ok jsing@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
constructs (a switch statement) and returns the appropriate string defined
by SSL_TXT_* for the given version, including support for DTLSv1 and
DTLSv1-bad. Use this function in SSL_get_version() and SSL_SESSION_print().
ok beck@
|
| |
|
|
|
| |
baggage.
ok miod@ jsing@
|
| | |
|
| | |
|
| |
|
|
|
|
| |
OPENSSL_NO_TLSEXT.
ok tedu@
|
| |
|
|
| |
ok to firebomb from tedu@
|
| |
|
|
|
|
|
|
|
|
|
| |
compression associated with the SSL session. Based on one of Adam Langley's
chromium diffs, factor out the compression handling code into a separate
ssl_cipher_get_comp() function.
Rewrite the compression handling code to avoid pointless duplication and so
that failures are actually returned to and detectable by the caller.
ok miod@
|
| |
|
|
|
| |
all on their own and we can't effectively maintain them without using them,
which we don't. If the need arises, the code can be resurrected.
|
| | |
|
| |
|
|
|
|
|
| |
APIs that pass times as longs will have to change at some point...
Bump major on both libcrypto and libssl.
ok tedu@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
the SSLv23_* client code. The server continues to accept it. It
also kills the bits for SSL2 SESSIONs; even when the server gets
an SSLv2-style compat handshake, the session that it creates has
the correct version internally.
ok tedu@ beck@
|
| |
|
|
|
| |
readable. This pass is whitespace only and can readily be verified using
tr and md5.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
| | |
|
|
|
functionality for shared libs.
Note that routines such as sslv2_init and friends that use RSA will
not work due to lack of RSA in this library.
Needs documentation and help from ports for easy upgrade to full
functionality where legally possible.
|
