1. 28 3月, 2014 8 次提交
    • D
      Security callback debug print out. · e03c5b59
      Dr. Stephen Henson 提交于
      Add a debugging security callback option to s_client/s_server. This will
      print out each security parameter as it is accepted or rejected.
      e03c5b59
    • D
      Security framework. · b362ccab
      Dr. Stephen Henson 提交于
      Security callback: selects which parameters are permitted including
      sensible defaults based on bits of security.
      
      The "parameters" which can be selected include: ciphersuites,
      curves, key sizes, certificate signature algorithms, supported
      signature algorithms, DH parameters, SSL/TLS version, session tickets
      and compression.
      
      In some cases prohibiting the use of a parameters will mean they are
      not advertised to the peer: for example cipher suites and ECC curves.
      In other cases it will abort the handshake: e.g DH parameters or the
      peer key size.
      
      Documentation to follow...
      b362ccab
    • D
      Check return value of ssl3_output_cert_chain · 66f96fe2
      Dr. Stephen Henson 提交于
      66f96fe2
    • D
      Allow return of supported ciphers. · 8b8e5bed
      Dr. Stephen Henson 提交于
      New function ssl_cipher_disabled.
      
      Check for disabled client ciphers using ssl_cipher_disabled.
      
      New function to return only supported ciphers.
      
      New option to ciphers utility to print only supported ciphers.
      8b8e5bed
    • D
      Auto DH support. · 09599b52
      Dr. Stephen Henson 提交于
      Add auto DH parameter support. This is roughly equivalent to the
      ECDH auto curve selection but for DH. An application can just call
      
      SSL_CTX_set_auto_dh(ctx, 1);
      
      and appropriate DH parameters will be used based on the size of the
      server key.
      
      Unlike ECDH there is no way a peer can indicate the range of DH parameters
      it supports. Some peers cannot handle DH keys larger that 1024 bits for
      example. In this case if you call:
      
      SSL_CTX_set_auto_dh(ctx, 2);
      
      Only 1024 bit DH parameters will be used.
      
      If the server key is 7680 bits or more in size then 8192 bit DH parameters
      will be used: these will be *very* slow.
      
      The old export ciphersuites aren't supported but those are very
      insecure anyway.
      09599b52
    • D
      Add functions returning security bits. · 2514fa79
      Dr. Stephen Henson 提交于
      Add functions to return the "bits of security" for various public key
      algorithms. Based on SP800-57.
      2514fa79
    • D
      Fix memory leak with client auth. · 4563da1d
      Dr. Stephen Henson 提交于
      (cherry picked from commit bc5ec653ba65fedb1619c8182088497de8a97a70)
      4563da1d
    • D
      Add -no_resumption_on_reneg to SSL_CONF. · f0ef019d
      Dr. Stephen Henson 提交于
      (cherry picked from commit 1f44dac24d1cb752b1a06be9091bb03a88a8598e)
      f0ef019d
  2. 27 3月, 2014 1 次提交
    • D
      Update chain building function. · e970f63d
      Dr. Stephen Henson 提交于
      Don't clear verification errors from the error queue unless
      SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR is set.
      
      If errors occur during verification and SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR
      is set return 2 so applications can issue warnings.
      (cherry picked from commit 2dd6976f6d02f98b30c376951ac38f780a86b3b5)
      e970f63d
  3. 24 3月, 2014 1 次提交
  4. 20 3月, 2014 1 次提交
  5. 19 3月, 2014 1 次提交
  6. 12 3月, 2014 2 次提交
    • D
      Update ordinals. · 14c67a70
      Dr. Stephen Henson 提交于
      Use a previously unused value as we will be updating multiple released
      branches.
      (cherry picked from commit 0737acd2a8cc688902b5151cab5dc6737b82fb96)
      14c67a70
    • D
      Fix for CVE-2014-0076 · f9b6c0ba
      Dr. Stephen Henson 提交于
      Fix for the attack described in the paper "Recovering OpenSSL
      ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
      by Yuval Yarom and Naomi Benger. Details can be obtained from:
      http://eprint.iacr.org/2014/140
      
      Thanks to Yuval Yarom and Naomi Benger for discovering this
      flaw and to Yuval Yarom for supplying a fix.
      (cherry picked from commit 2198be3483259de374f91e57d247d0fc667aef29)
      
      Conflicts:
      
      	CHANGES
      f9b6c0ba
  7. 10 3月, 2014 2 次提交
  8. 08 3月, 2014 1 次提交
  9. 07 3月, 2014 2 次提交
  10. 06 3月, 2014 3 次提交
  11. 04 3月, 2014 1 次提交
  12. 02 3月, 2014 3 次提交
    • D
      PKCS#8 support for alternative PRFs. · 5693a308
      Dr. Stephen Henson 提交于
      Add option to set an alternative to the default hmacWithSHA1 PRF
      for PKCS#8 private key encryptions. This is used automatically
      by PKCS8_encrypt if the nid specified is a PRF.
      
      Add option to pkcs8 utility.
      
      Update docs.
      (cherry picked from commit b60272b01fcb4f69201b3e1659b4f7e9e9298dfb)
      5693a308
    • D
      Fix memory leak. · 01757858
      Dr. Stephen Henson 提交于
      (cherry picked from commit 124d218889dfca33d277404612f1319afe04107e)
      01757858
    • D
      Add function to free compression methods. · db7b5e0d
      Dr. Stephen Henson 提交于
      Although the memory allocated by compression methods is fixed and
      cannot grow over time it can cause warnings in some leak checking
      tools. The function SSL_COMP_free_compression_methods() will free
      and zero the list of supported compression methods. This should
      *only* be called in a single threaded context when an application
      is shutting down to avoid interfering with existing contexts
      attempting to look up compression methods.
      (cherry picked from commit 976c58302b13d085edb3ab822f5eac4b2f1bff95)
      db7b5e0d
  13. 01 3月, 2014 1 次提交
  14. 27 2月, 2014 5 次提交
  15. 26 2月, 2014 7 次提交
  16. 25 2月, 2014 1 次提交