Revision tags: OpenSSL_1_0_1s, OpenSSL_1_0_2g, OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12 |
|
#
3eb2aff4 |
| 07-Feb-2016 |
Kurt Roeckx |
Add support for minimum and maximum protocol version supported by a cipher Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595
|
#
7d650072 |
| 07-Feb-2016 |
Kurt Roeckx |
Make function to convert version to string Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595
|
Revision tags: OpenSSL_1_0_1r, OpenSSL_1_0_2f, OpenSSL_1_1_0-pre2 |
|
#
34980760 |
| 18-Dec-2015 |
Rich Salz |
Remove /* foo.c */ comments This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1
Remove /* foo.c */ comments This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0-pre1, OpenSSL_0_9_8zh, OpenSSL_1_0_0t, OpenSSL_1_0_1q, OpenSSL_1_0_2e |
|
#
9982cbbb |
| 30-Sep-2015 |
Rich Salz |
Remove BIO_s_file_internal macro. Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_0_1p, OpenSSL_1_0_2d, OpenSSL-fips-2_0_11, OpenSSL_1_0_1o, OpenSSL_1_0_2c, OpenSSL_0_9_8zg, OpenSSL_1_0_0s, OpenSSL_1_0_1n, OpenSSL_1_0_2b |
|
#
e481f9b9 |
| 15-May-2015 |
Matt Caswell |
Remove support for OPENSSL_NO_TLSEXT Given the pervasive nature of TLS extensions it is inadvisable to run OpenSSL without support for them. It also means that maintaining the OPENSS
Remove support for OPENSSL_NO_TLSEXT Given the pervasive nature of TLS extensions it is inadvisable to run OpenSSL without support for them. It also means that maintaining the OPENSSL_NO_TLSEXT option within the code is very invasive (and probably not well tested). Therefore it is being removed. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
55a9a16f |
| 12-May-2015 |
Matt Caswell |
Remove Kerberos support from libssl Remove RFC2712 Kerberos support from libssl. This code and the associated standard is no longer considered fit-for-purpose. Reviewed-by: Rich
Remove Kerberos support from libssl Remove RFC2712 Kerberos support from libssl. This code and the associated standard is no longer considered fit-for-purpose. Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
Revision tags: OpenSSL-fips-2_0_10 |
|
#
9a555706 |
| 08-May-2015 |
Rich Salz |
Make COMP_CTX and COMP_METHOD opaque Since COMP_METHOD is now defined in comp_lcl.h, it is no longer possible to create new TLS compression methods without using the OpenSSL source.
Make COMP_CTX and COMP_METHOD opaque Since COMP_METHOD is now defined in comp_lcl.h, it is no longer possible to create new TLS compression methods without using the OpenSSL source. Only ZLIB is supported by default. Also, since the types are opaque, #ifdef guards to use "char *" instead of the real type aren't necessary. The changes are actually minor. Adding missing copyright to some files makes the diff misleadingly big. Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
#
61986d32 |
| 16-Apr-2015 |
Viktor Dukhovni |
Code style: space after 'if' Reviewed-by: Matt Caswell <matt@openssl.org>
|
Revision tags: OpenSSL_0_9_8zf, OpenSSL_1_0_0r, OpenSSL_1_0_1m, OpenSSL_1_0_2a |
|
#
69f68237 |
| 06-Mar-2015 |
Matt Caswell |
Fix missing return value checks Ensure that all functions have their return values checked where appropriate. This covers all functions defined and called from within libssl.
Fix missing return value checks Ensure that all functions have their return values checked where appropriate. This covers all functions defined and called from within libssl. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
ddc06b35 |
| 23-Jan-2015 |
Dr. Stephen Henson |
Extended master secret extension support. Add and retrieve extended master secret extension, setting the flag SSL_SESS_FLAG_EXTMS appropriately. Note: this just sets the flag an
Extended master secret extension support. Add and retrieve extended master secret extension, setting the flag SSL_SESS_FLAG_EXTMS appropriately. Note: this just sets the flag and doesn't include the changes to master secret generation. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_0_2, master-post-auto-reformat |
|
#
0f113f3e |
| 22-Jan-2015 |
Matt Caswell |
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
|
Revision tags: OpenSSL_1_0_2-post-auto-reformat, OpenSSL_0_9_8-post-auto-reformat, OpenSSL_0_9_8-pre-auto-reformat, OpenSSL_1_0_0-post-auto-reformat, OpenSSL_1_0_0-pre-auto-reformat, OpenSSL_1_0_1-post-auto-reformat, OpenSSL_1_0_1-pre-auto-reformat, master-post-reformat, OpenSSL_0_9_8-pre-reformat, OpenSSL_0_9_8ze, OpenSSL_1_0_0-pre-reformat, OpenSSL_1_0_0q, OpenSSL_1_0_1-pre-reformat, OpenSSL_1_0_1l, master-pre-reformat |
|
#
4b618848 |
| 14-Jan-2015 |
Rich Salz |
Cleanup OPENSSL_NO_xxx, part 1 OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160 OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO Two typo's on #endif comments fixe
Cleanup OPENSSL_NO_xxx, part 1 OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160 OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO Two typo's on #endif comments fixed: OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_0_2-pre-reformat, OpenSSL_0_9_8zd, OpenSSL_1_0_0p, OpenSSL_1_0_1k, OpenSSL_0_9_8-post-reformat |
|
#
45f55f6a |
| 30-Nov-2014 |
Kurt Roeckx |
Remove SSLv2 support The only support for SSLv2 left is receiving a SSLv2 compatible client hello. Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL-fips-2_0_9, OpenSSL_1_0_1j, OpenSSL_1_0_0o, OpenSSL_0_9_8zc, OpenSSL_1_0_2-beta3, OpenSSL_0_9_8zb, OpenSSL_1_0_0n, OpenSSL_1_0_1i, OpenSSL_1_0_2-beta2, OpenSSL-fips-2_0_8, OpenSSL_1_0_1h, OpenSSL_1_0_0m, OpenSSL_0_9_8za |
|
#
189ae368 |
| 23-May-2014 |
Martin Kaiser |
Add an NSS output format to sess_id to export to export the session id and the master key in NSS keylog format. PR#3352
|
Revision tags: OpenSSL-fips-2_0_7, OpenSSL_1_0_1g, OpenSSL_1_0_2-beta1, OpenSSL_1_0_0l, OpenSSL_1_0_1f, OpenSSL-fips-2_0_6, OpenSSL-fips-2_0_5, OpenSSL-fips-2_0_4, OpenSSL-fips-2_0_3 |
|
#
5e3ff62c |
| 22-Mar-2013 |
Dr. Stephen Henson |
Experimental encrypt-then-mac support. Experimental support for encrypt then mac from draft-gutmann-tls-encrypt-then-mac-02.txt To enable it set the appropriate extension number
Experimental encrypt-then-mac support. Experimental support for encrypt then mac from draft-gutmann-tls-encrypt-then-mac-02.txt To enable it set the appropriate extension number (0x10 for the test server) using e.g. -DTLSEXT_TYPE_encrypt_then_mac=0x10 For non-compliant peers (i.e. just about everything) this should have no effect.
show more ...
|
#
c3b344e3 |
| 20-Mar-2013 |
Dr. Stephen Henson |
Provisional DTLS 1.2 support. Add correct flags for DTLS 1.2, update s_server and s_client to handle DTLS 1.2 methods. Currently no support for version negotiation: i.e. if clie
Provisional DTLS 1.2 support. Add correct flags for DTLS 1.2, update s_server and s_client to handle DTLS 1.2 methods. Currently no support for version negotiation: i.e. if client/server selects DTLS 1.2 it is that or nothing.
show more ...
|
Revision tags: OpenSSL_1_0_1e, OpenSSL_0_9_8y, OpenSSL_1_0_0k, OpenSSL_1_0_1d, OpenSSL-fips-2_0-pl1, OpenSSL-fips-2_0_2, OpenSSL-fips-2_0_1, OpenSSL_1_0_1c, OpenSSL_1_0_0j, OpenSSL_0_9_8x, OpenSSL_1_0_1b, OpenSSL_0_9_8w, OpenSSL_1_0_1a, OpenSSL_0_9_8v, OpenSSL_1_0_0i, OpenSSL_1_0_1, OpenSSL_1_0_0h, OpenSSL_0_9_8u, OpenSSL_1_0_1-beta3, OpenSSL_1_0_1-beta2, OpenSSL-fips-2_0, OpenSSL_1_0_0g, OpenSSL_0_9_8t, OpenSSL_0_9_8s, OpenSSL_1_0_0f, OpenSSL-fips-2_0-rc8, OpenSSL_1_0_1-beta1, OpenSSL-fips-2_0-rc7, OpenSSL-fips-2_0-rc6, OpenSSL-fips-2_0-rc5, OpenSSL-fips-2_0-rc4, OpenSSL-fips-2_0-rc3, OpenSSL-fips-2_0-rc2, OpenSSL-fips-2_0-rc1, OpenSSL-fips-1_2_3, OpenSSL-fips-1_2_2, OpenSSL-fips-1_2_1, OpenSSL_1_0_0e |
|
#
7409d7ad |
| 29-Apr-2011 |
Dr. Stephen Henson |
Initial incomplete TLS v1.2 support. New ciphersuites added, new version checking added, SHA256 PRF support added. At present only RSA key exchange ciphersuites work with TLS v1.2 as the
Initial incomplete TLS v1.2 support. New ciphersuites added, new version checking added, SHA256 PRF support added. At present only RSA key exchange ciphersuites work with TLS v1.2 as the new signature format is not yet implemented.
show more ...
|
#
edc032b5 |
| 12-Mar-2011 |
Ben Laurie |
Add SRP support.
|
Revision tags: OpenSSL_1_0_0d, OpenSSL_0_9_8r, OpenSSL_0_9_8q, OpenSSL_1_0_0c, OpenSSL_0_9_8p, OpenSSL_1_0_0b, OpenSSL_0_9_8o, OpenSSL_1_0_0a, OpenSSL_1_0_0, OpenSSL_0_9_8n, OpenSSL_0_9_8m, OpenSSL_0_9_8m-beta1, OpenSSL_1_0_0-beta5 |
|
#
637f374a |
| 07-Dec-2009 |
Dr. Stephen Henson |
Initial experimental TLSv1.1 support
|
Revision tags: OpenSSL_1_0_0-beta4, OpenSSL_0_9_8l, OpenSSL_1_0_0-beta3 |
|
#
9de014a7 |
| 30-Jun-2009 |
Dr. Stephen Henson |
Update from 0.9.8-stable
|
#
6f71e5ee |
| 13-May-2009 |
Dr. Stephen Henson |
Update from stable branch.
|
Revision tags: OpenSSL_1_0_0-beta2, OpenSSL_1_0_0-beta1, OpenSSL_0_9_8k, OpenSSL_0_9_8j, OpenSSL_0_9_8i, OpenSSL_0_9_8h, OpenSSL_0_9_8g, OpenSSL_0_9_8f, FIPS_098_TEST_8, FIPS_098_TEST_7, FIPS_098_TEST_6, FIPS_098_TEST_5, FIPS_098_TEST_4, FIPS_098_TEST_3 |
|
#
6434abbf |
| 11-Aug-2007 |
Dr. Stephen Henson |
RFC4507 (including RFC4507bis) TLS stateless session resumption support for OpenSSL.
|
Revision tags: FIPS_098_TEST_2, FIPS_098_TEST_1 |
|
#
b948e2c5 |
| 04-Jun-2007 |
Dr. Stephen Henson |
Update ssl library to support EVP_PKEY MAC API. Include generic MAC support.
|
Revision tags: OpenSSL_0_9_7m, OpenSSL_0_9_8e, OpenSSL_0_9_7l, OpenSSL_0_9_8d, OpenSSL_0_9_8c, OpenSSL_0_9_7k, OpenSSL_0_9_7j, OpenSSL_0_9_8b |
|
#
ddac1974 |
| 10-Mar-2006 |
Nils Larsch |
add initial support for RFC 4279 PSK SSL ciphersuites PR: 1191 Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation Reviewed by: Nils Larsch
|
Revision tags: OpenSSL_FIPS_1_0, OpenSSL_0_9_7i, OpenSSL_0_9_8a, OpenSSL_0_9_7h |
|
#
09b6c2ef |
| 30-Sep-2005 |
Dr. Stephen Henson |
Make OPENSSL_NO_COMP compile again.
|