| #
38b051a1 |
| 20-Jun-2022 |
Tomas Mraz |
SSL object refactoring using SSL_CONNECTION object
Make the SSL object polymorphic based on whether this is
a traditional SSL connection, QUIC connection, or later
to be implemented
SSL object refactoring using SSL_CONNECTION object
Make the SSL object polymorphic based on whether this is
a traditional SSL connection, QUIC connection, or later
to be implemented a QUIC stream.
It requires adding if after every SSL_CONNECTION_FROM_SSL() call
which itself has to be added to almost every public SSL_ API call.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18612)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3 |
|
| #
64da15c4 |
| 24-May-2020 |
Bernd Edlinger |
Replace the AES-128-CBC-HMAC-SHA1 cipher in e_ossltest.c
This replaces the AES-128-CBC-HMAC-SHA1 cipher with a
non-encrypting version for use the test suite.
[extended tests]
Replace the AES-128-CBC-HMAC-SHA1 cipher in e_ossltest.c
This replaces the AES-128-CBC-HMAC-SHA1 cipher with a
non-encrypting version for use the test suite.
[extended tests]
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16693)
show more ...
|
| #
5b64ce89 |
| 13-Jan-2021 |
Matt Caswell |
Remove OPENSSL_NO_DH guards from libssl
This removes man unnecessary OPENSSL_NO_DH guards from libssl. Now that
libssl is entirely using the EVP APIs and implementations can be plugged
Remove OPENSSL_NO_DH guards from libssl
This removes man unnecessary OPENSSL_NO_DH guards from libssl. Now that
libssl is entirely using the EVP APIs and implementations can be plugged
in via providers it is no longer needed to disable DH at compile time in
libssl. Instead it should detect at runtime whether DH is available from
the loaded providers.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
show more ...
|
| #
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13999)
|
| #
0c8e98e6 |
| 20-Jan-2021 |
Tomas Mraz |
Avoid using OSSL_PKEY_PARAM_GROUP_NAME when the key might be legacy
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13139)
|
| #
5b5eea4b |
| 15-Oct-2020 |
Shane Lontis |
Deprecate EC_KEY + Update ec apps to use EVP_PKEY
Co-author: Richard Levitte <levitte@openssl.org>
Co-author: Tomas Mraz <tmraz@openssl.org>
Reviewed-by: Matt Caswell <matt@open
Deprecate EC_KEY + Update ec apps to use EVP_PKEY
Co-author: Richard Levitte <levitte@openssl.org>
Co-author: Tomas Mraz <tmraz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13139)
show more ...
|
| #
163f6dc1 |
| 15-Oct-2020 |
Matt Caswell |
Implement a replacement for SSL_set_tmp_dh()
The old function took a DH as a parameter. In the new version we pass
an EVP_PKEY instead. Similarly for the SSL_CTX version of this function
Implement a replacement for SSL_set_tmp_dh()
The old function took a DH as a parameter. In the new version we pass
an EVP_PKEY instead. Similarly for the SSL_CTX version of this function.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13368)
show more ...
|
| #
1b2b4755 |
| 14-Oct-2020 |
Matt Caswell |
Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
These ctrls pass around a DH object which is now deprecated, so we
deprecate the ctrls themselves.
Reviewed-by: Richard Lev
Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
These ctrls pass around a DH object which is now deprecated, so we
deprecate the ctrls themselves.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13368)
show more ...
|
| #
6849b73c |
| 04-Nov-2020 |
Richard Levitte |
Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://
Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13316)
show more ...
|
| #
301fcb28 |
| 14-Oct-2020 |
Matt Caswell |
Concentrate deprecated libssl API usage in one file
We create a new file ssl/tls_depr.c to contain functions that need to call
deprecated APIs in libssl. This enables us to remove
OP
Concentrate deprecated libssl API usage in one file
We create a new file ssl/tls_depr.c to contain functions that need to call
deprecated APIs in libssl. This enables us to remove
OPENSSL_SUPPRESS_DEPRECATED from a number of other libssl files.
The deprecated API usage is either related to ENGINEs and is needed to
continue to support applications that use such ENGINEs. Or they are needed
to support some deprecated public libssl APIs.
One other file remains in libssl that still uses deprecated APIs: s3_cbc.c
This is needed to support the deprecated SSLv3.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13135)
show more ...
|
