#
38b051a1 |
| 20-Jun-2022 |
Tomas Mraz |
SSL object refactoring using SSL_CONNECTION object Make the SSL object polymorphic based on whether this is a traditional SSL connection, QUIC connection, or later to be implemented
SSL object refactoring using SSL_CONNECTION object Make the SSL object polymorphic based on whether this is a traditional SSL connection, QUIC connection, or later to be implemented a QUIC stream. It requires adding if after every SSL_CONNECTION_FROM_SSL() call which itself has to be added to almost every public SSL_ API call. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18612)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b, OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a |
|
#
0a10825a |
| 24-Oct-2018 |
Bernd Edlinger |
Enable brainpool curves for TLS1.3 See the recently assigned brainpool code points at: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml Reviewed-by: Paul Dal
Enable brainpool curves for TLS1.3 See the recently assigned brainpool code points at: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7485)
show more ...
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
#
462f4f4b |
| 15-Jan-2021 |
Matt Caswell |
Remove OPENSSL_NO_EC guards from libssl Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13916)
|
#
7486c718 |
| 19-May-2020 |
Tomas Mraz |
t1_trce: Fix remaining places where the 24 bit shift overflow happens [extended tests] Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl
t1_trce: Fix remaining places where the 24 bit shift overflow happens [extended tests] Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11857)
show more ...
|
#
5a5530a2 |
| 30-Mar-2020 |
Dmitry Belyavskiy |
New Russian TLS 1.2 implementation Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11442)
|
#
fa555aa8 |
| 18-Apr-2020 |
Nikolay Morozov |
GOST2012 TLS Supported Groups Identifiers Support For GOST2012-GOST8912-GOST8912 IANA introduce TLS Supported Groups Identifiers https://www.iana.org/assignments/tls-parameters/tls-param
GOST2012 TLS Supported Groups Identifiers Support For GOST2012-GOST8912-GOST8912 IANA introduce TLS Supported Groups Identifiers https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11568)
show more ...
|
#
6f892296 |
| 07-Apr-2020 |
Nikolay Morozov |
TLSEXT_SIGALG_gostr34102012 0x0840 and 0x0841 support For GOST2012-GOST8912-GOST8912 IANA introduce signature Signature Algorithm parametrs https://www.iana.org/assignments/tls-parameter
TLSEXT_SIGALG_gostr34102012 0x0840 and 0x0841 support For GOST2012-GOST8912-GOST8912 IANA introduce signature Signature Algorithm parametrs https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-16 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11482)
show more ...
|
#
98278b96 |
| 25-Mar-2020 |
Nikolay Morozov |
TLS Cipher Suite 0xC102 Support For GOST2012-GOST8912-GOST8912 was used 0xFF85 identifier, but new identifier 0xc102 was assigned. Because of old software we will support both number
TLS Cipher Suite 0xC102 Support For GOST2012-GOST8912-GOST8912 was used 0xFF85 identifier, but new identifier 0xc102 was assigned. Because of old software we will support both numbers. https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-2 https://datatracker.ietf.org/doc/draft-smyshlyaev-tls12-gost-suites/ Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11403)
show more ...
|
#
6834df12 |
| 24-Sep-2019 |
Daniil Zotkin |
Process GOST ClientKeyExchange message in SSL_trace Use ssl_print_hex to print message in case of GOST key exchange algorithm. CLA: trivial Reviewed-by: Paul Dale <paul.dal
Process GOST ClientKeyExchange message in SSL_trace Use ssl_print_hex to print message in case of GOST key exchange algorithm. CLA: trivial Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/9995)
show more ...
|
#
65c76cd2 |
| 24-Sep-2019 |
Daniil Zotkin |
Do not print extensions in Certificate message for TLS1.2 and lower According to RFC8446 CertificateEntry in Certificate message contains extensions that were not present in the Certific
Do not print extensions in Certificate message for TLS1.2 and lower According to RFC8446 CertificateEntry in Certificate message contains extensions that were not present in the Certificate message in RFC5246. CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9994)
show more ...
|
#
706457b7 |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Reorganize local header files Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source direc
Reorganize local header files Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source directory. Currently, they have different suffixes like '*_lcl.h', '*_local.h', or '*_int.h' This commit changes the different suffixes to '*_local.h' uniformly. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
#
555cbb32 |
| 12-Dec-2018 |
Todd Short |
Collapse ssl3_state_st (s3) into ssl_st With the removal of SSLv2, the s3 structure is always allocated, so there is little point in having it be an allocated pointer. Collapse the s
Collapse ssl3_state_st (s3) into ssl_st With the removal of SSLv2, the s3 structure is always allocated, so there is little point in having it be an allocated pointer. Collapse the ssl3_state_st structure into ssl_st and fixup any references. This should be faster than going through an indirection and due to fewer allocations, but I'm not seeing any significant performance improvement; it seems to be within the margin of error in timing. Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7888)
show more ...
|
Revision tags: OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g, OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15 |
|
#
558ea847 |
| 15-Nov-2016 |
Richard Levitte |
Remove heartbeats completely Fixes #4856 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1928)
|
#
2c18d164 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in ssl/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7768)
|
#
d6c46adf |
| 19-Aug-2018 |
Erik Forsberg |
Fix ssl/t1_trce.c to parse certificate chains Fixes #6994 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Yang <yang
Fix ssl/t1_trce.c to parse certificate chains Fixes #6994 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Yang <yang.yang@baishancloud.com> (Merged from https://github.com/openssl/openssl/pull/7009)
show more ...
|
#
35e742ec |
| 18-Jul-2018 |
Matt Caswell |
Update code for the final RFC version of TLSv1.3 (RFC8446) Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/op
Update code for the final RFC version of TLSv1.3 (RFC8446) Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6741)
show more ...
|
#
73cc84a1 |
| 14-May-2018 |
Matt Caswell |
Suport TLSv1.3 draft 28 Also retains support for drafts 27 and 26 Fixes #6257 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl
Suport TLSv1.3 draft 28 Also retains support for drafts 27 and 26 Fixes #6257 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6258)
show more ...
|
#
32c69853 |
| 26-Apr-2018 |
Dr. Matthias St. Pierre |
Fix mixed indentation (and other whitespace issues) Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6094)
|
#
d8fa9324 |
| 04-Apr-2018 |
cedral |
Visual Studio 2017 debug build warning error on 32 bit build Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://g
Visual Studio 2017 debug build warning error on 32 bit build Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5799)
show more ...
|
#
83cf3423 |
| 30-Mar-2018 |
Matt Caswell |
Update trace code to know about GOST ciphersuites Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openss
Update trace code to know about GOST ciphersuites Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5808)
show more ...
|
#
161ff6c5 |
| 23-Mar-2018 |
Philippe Antoine |
Adds multiple checks to avoid buffer over reads Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@
Adds multiple checks to avoid buffer over reads Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5675)
show more ...
|
#
63ff89ab |
| 21-Mar-2018 |
Philippe Antoine |
Fixes integer underflow with SSL_trace support Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/ope
Fixes integer underflow with SSL_trace support Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5706)
show more ...
|
#
dd07e68b |
| 16-Feb-2018 |
Dr. Matthias St. Pierre |
Fix miscellaneous typos in docs and source - d2i_PKC8PrivateKey -> d2i_PKCS8PrivateKey - bechmark -> benchmark - ciperhsuite -> ciphersuite - EncyptedPreMasterSecret -> Encrypted
Fix miscellaneous typos in docs and source - d2i_PKC8PrivateKey -> d2i_PKCS8PrivateKey - bechmark -> benchmark - ciperhsuite -> ciphersuite - EncyptedPreMasterSecret -> EncryptedPreMasterSecret Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5570)
show more ...
|
#
61cd0c94 |
| 12-Mar-2018 |
Matt Caswell |
Fix enable-ssl-trace Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5600)
|