OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________
________________
Server: cvs.openssl.org Name: Dr.
Stephen Henson
Root: /v/openssl/cvs Email: steve openssl.org
Module: openssl Date:
28-Aug-2007 03:12:46
Branch: OpenSSL_0_9_8-stable Handle:
2007082802123707
Modified files: (Branch: OpenSSL_0_9_8-stable)
openssl/ssl s3_lib.c ssl.h ssl_err.c tls1.h
Log:
Update from HEAD.
Summary:
Revision Changes Path
1.74.2.18 +25 -0 openssl/ssl/s3_lib.c
1.161.2.13 +3 -0 openssl/ssl/ssl.h
1.53.2.6 +2 -1 openssl/ssl/ssl_err.c
1.17.2.6 +5 -0 openssl/ssl/tls1.h
____________________________________________________________
________________
patch -p0 <<' .'
Index: openssl/ssl/s3_lib.c
============================================================
================
$ cvs diff -u -r1.74.2.17 -r1.74.2.18 s3_lib.c
--- openssl/ssl/s3_lib.c 12 Aug 2007 18:59:01
-0000 1.74.2.17
+++ openssl/ssl/s3_lib.c 28 Aug 2007 01:12:37
-0000 1.74.2.18
-2131,6 +2131,31
case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
ctx->tlsext_servername_arg=parg;
break;
+ case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
+ case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
+ {
+ unsigned char *keys = parg;
+ if (!keys)
+ return 48;
+ if (larg != 48)
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
SSL_R_INVALID_TICKET_KEYS_LENGTH);
+ return 0;
+ }
+ if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS)
+ {
+ memcpy(ctx->tlsext_tick_key_name, keys, 16);
+ memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
+ memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
+ }
+ else
+ {
+ memcpy(keys, ctx->tlsext_tick_key_name, 16);
+ memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
+ memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
+ }
+ return 1;
+ }
#endif /* !OPENSSL_NO_TLSEXT */
/* A Thawte special  */
case SSL_CTRL_EXTRA_CHAIN_CERT:
.
patch -p0 <<' .'
Index: openssl/ssl/ssl.h
============================================================
================
$ cvs diff -u -r1.161.2.12 -r1.161.2.13 ssl.h
--- openssl/ssl/ssl.h 12 Aug 2007 18:59:02
-0000 1.161.2.12
+++ openssl/ssl/ssl.h 28 Aug 2007 01:12:39
-0000 1.161.2.13
-1223,6 +1223,8
#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
#define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56
#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
+#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
+#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
#endif
#define SSL_session_reused(ssl)
-1851,6 +1853,7
#define SSL_R_INVALID_CHALLENGE_LENGTH 158
#define SSL_R_INVALID_COMMAND 280
#define SSL_R_INVALID_PURPOSE 278
+#define SSL_R_INVALID_TICKET_KEYS_LENGTH 275
#define SSL_R_INVALID_TRUST 279
#define SSL_R_KEY_ARG_TOO_LONG 284
#define SSL_R_KRB5 285
.
patch -p0 <<' .'
Index: openssl/ssl/ssl_err.c
============================================================
================
$ cvs diff -u -r1.53.2.5 -r1.53.2.6 ssl_err.c
--- openssl/ssl/ssl_err.c 12 Aug 2007 18:59:02
-0000 1.53.2.5
+++ openssl/ssl/ssl_err.c 28 Aug 2007 01:12:40
-0000 1.53.2.6
-1,6 +1,6
/* ssl/ssl_err.c */
/*
============================================================
========
- * Copyright (c) 1999-2005 The OpenSSL Project. All
rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project. All
rights reserved.
*
* Redistribution and use in source and binary forms,
with or without
* modification, are permitted provided that the
following conditions
-327,6 +327,7
{ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH),"invalid
challenge length"},
{ERR_REASON(SSL_R_INVALID_COMMAND) ,"invalid
command"},
{ERR_REASON(SSL_R_INVALID_PURPOSE) ,"invalid
purpose"},
+{ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),"invalid
ticket keys length"},
{ERR_REASON(SSL_R_INVALID_TRUST) ,"invalid
trust"},
{ERR_REASON(SSL_R_KEY_ARG_TOO_LONG) ,"key arg
too long"},
{ERR_REASON(SSL_R_KRB5)
,"krb5"},
.
patch -p0 <<' .'
Index: openssl/ssl/tls1.h
============================================================
================
$ cvs diff -u -r1.17.2.5 -r1.17.2.6 tls1.h
--- openssl/ssl/tls1.h 12 Aug 2007 18:59:03
-0000 1.17.2.5
+++ openssl/ssl/tls1.h 28 Aug 2007 01:12:44
-0000 1.17.2.6
-144,6 +144,11
#define SSL_CTX_set_tlsext_servername_arg(ctx, arg)
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0,
(void *)arg)
+
+#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen)
+ SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLXEXT_TICKET_KEYS,(keylen
),(keys))
+#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen)
+ SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLXEXT_TICKET_KEYS,(keylen
),(keys))
#endif
/* Additional TLS ciphersuites from
draft-ietf-tls-56-bit-ciphersuites-00.txt
.
____________________________________________________________
__________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List
openssl-cvsopenssl.org
Automated List Manager
majordomoopenssl.org
|
