patch is contributed by Brian Smith <bsmith@mozilla.com>. r=wtc.
Modified Files:
SSLerrs.h ssl3con.c sslerr.h
git-svn-id: svn://10.0.0.236/trunk@263634 18797224-902f-48f8-a5cc-f745e15eee43
ssl3_HandleHandshakeMessage when the handshake message spans multiple TLS
records. Patch by Brian Smith <bsmith@mozilla.com>. r=wtc.
git-svn-id: svn://10.0.0.236/trunk@263633 18797224-902f-48f8-a5cc-f745e15eee43
stream and datagram variants of SSL/TLS. Add an SSLProtocolVariant
argument to the version range functions that don't take an fd. The patch
is written by Brian Smith <bsmith@mozilla.com> and Eric Rescorla
<ekr@rtfm.com>. r=wtc.
Modified Files:
ssl.h ssl3con.c sslimpl.h sslsock.c sslt.h
git-svn-id: svn://10.0.0.236/trunk@263575 18797224-902f-48f8-a5cc-f745e15eee43
decode_error when the cipher text is shorter than an IV block. Reduce
MAX_IV_LENGTH to 24 to match the size of IVs in ssl3SidKeys. r=rrelyea.
Modified Files:
ssl3con.c sslimpl.h
git-svn-id: svn://10.0.0.236/trunk@263570 18797224-902f-48f8-a5cc-f745e15eee43
suites. The patch is written by Brian Smith <bsmith@mozilla.com>. r=wtc.
Modified Files:
ssl3con.c sslimpl.h sslproto.h
git-svn-id: svn://10.0.0.236/trunk@263561 18797224-902f-48f8-a5cc-f745e15eee43
by Douglas Stebila <douglas@stebila.ca> and improved by Adam Langley
<agl@chromium.org>. r=wtc.
Modified Files:
ssl.def ssl.h ssl3con.c sslimpl.h sslinfo.c
git-svn-id: svn://10.0.0.236/trunk@263533 18797224-902f-48f8-a5cc-f745e15eee43
warning about 'rv' and simplify the conditional expression around the
ss->sec.cache call. r=bsmith.
git-svn-id: svn://10.0.0.236/trunk@263520 18797224-902f-48f8-a5cc-f745e15eee43
The change to the suiteInfo table in sslinfo.c is not necessary but is
made to keep that table in roughly the same order as the other two tables
in ssl3con.c and sslenum.c. r=rrelyea.
Modified Files:
ssl3con.c sslenum.c sslinfo.c
git-svn-id: svn://10.0.0.236/trunk@263519 18797224-902f-48f8-a5cc-f745e15eee43
correctly. Fix variable declarations in lib/ssl/ssl3con.c to not start
from column 0, which would confuse cvs diff -p. r=kaie.
git-svn-id: svn://10.0.0.236/trunk@263475 18797224-902f-48f8-a5cc-f745e15eee43
ss->ssl3.clientPrivateKey for all key exchange algorithms, otherwise we
will send a Certificate message in renegotiation even if the renegotiation
doesn't request client auth. Move the cleanup of clientCertChain and
clientPrivateKey from ssl3_HandleCertificateRequest to
ssl3_HandleServerHello as a second defense. The patch is contributed by
Ryan Sleevi <ryan.sleevi@gmail.com>. r=wtc.
git-svn-id: svn://10.0.0.236/trunk@261791 18797224-902f-48f8-a5cc-f745e15eee43
SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY to be specific about key type.
TBR=kaie.
Modified Files:
cmd/lib/SSLerrs.h lib/ssl/ssl3con.c lib/ssl/sslerr.h
git-svn-id: svn://10.0.0.236/trunk@261157 18797224-902f-48f8-a5cc-f745e15eee43
Based on patch contributed by Adam Langley of Google <agl@chromium.org>.
r=agl,nelson.
Modified Files:
notes.txt ssl3con.c sslcon.c sslimpl.h sslsecur.c
git-svn-id: svn://10.0.0.236/trunk@261113 18797224-902f-48f8-a5cc-f745e15eee43
Add a new error code SSL_ERROR_WEAK_SERVER_KEY for the dh_p size check in
ssl3_HandleServerKeyExchange. r=nelson.
Modified Files:
cmd/lib/SSLerrs.h lib/ssl/ssl3con.c lib/ssl/sslerr.h
git-svn-id: svn://10.0.0.236/trunk@261049 18797224-902f-48f8-a5cc-f745e15eee43
SSL_RENEGOTIATE_TRANSITIONAL, changing its meaning for server sockets, and
make it the default. r=rrelyea.
Modified Files:
ssl.h ssl3con.c sslsock.c
git-svn-id: svn://10.0.0.236/trunk@259722 18797224-902f-48f8-a5cc-f745e15eee43
when we detect missing compression. The patch is contributed by Adam
Langley <agl@chromium.org>. r=nelson,wtc.
Modified Files:
cmd/lib/SSLerrs.h lib/ssl/ssl3con.c lib/ssl/sslerr.h
git-svn-id: svn://10.0.0.236/trunk@259586 18797224-902f-48f8-a5cc-f745e15eee43
because we don't send the elliptic_curves and ec_point_format extensions
in SSL 3.0 client hello. r=nelson.
git-svn-id: svn://10.0.0.236/trunk@259579 18797224-902f-48f8-a5cc-f745e15eee43
but not any other extension. r=rrelyea.
Modified Files:
ssl3con.c ssl3ext.c
git-svn-id: svn://10.0.0.236/trunk@259505 18797224-902f-48f8-a5cc-f745e15eee43
otherwise zlib returns Z_BUF_ERROR, which we consider fatal. The patch is
contributed by Adam Langley of Google <agl@chromium.org>. r=wtc,nelson.
git-svn-id: svn://10.0.0.236/trunk@259136 18797224-902f-48f8-a5cc-f745e15eee43
