git.ipfire.org Git - thirdparty/openssl.git/commit

]> git.ipfire.org Git - thirdparty/openssl.git/commit

projects / thirdparty / openssl.git / commit

author	Rich Salz <rsalz@openssl.org>
	Thu, 3 Aug 2017 14:24:03 +0000 (10:24 -0400)
committer	Rich Salz <rsalz@openssl.org>
	Thu, 3 Aug 2017 14:24:03 +0000 (10:24 -0400)
commit	ae3947de09522206d61c0206a733517b10a910f8
tree	7044411af55af40f9f5f5adad685ccc70d155998	tree \| snapshot
parent	75e2c877650444fb829547bdb58d46eb1297bc1a	commit \| diff

Add a DRBG to each SSL object

Give each SSL object it's own DRBG, chained to the parent global
DRBG which is used only as a source of randomness into the per-SSL
DRBG. This is used for all session, ticket, and pre-master secret keys.
It is NOT used for ECDH key generation which use only the global
DRBG. (Doing that without changing the API is tricky, if not impossible.)

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4050)

13 files changed:

apps/s_server.c		diff \| blob \| blame \| history
crypto/rand/drbg_lib.c		diff \| blob \| blame \| history
include/internal/rand.h		diff \| blob \| blame \| history
include/openssl/ssl.h		diff \| blob \| blame \| history
ssl/record/ssl3_record.c		diff \| blob \| blame \| history
ssl/s3_lib.c		diff \| blob \| blame \| history
ssl/ssl_lib.c		diff \| blob \| blame \| history
ssl/ssl_locl.h		diff \| blob \| blame \| history
ssl/ssl_sess.c		diff \| blob \| blame \| history
ssl/statem/statem_clnt.c		diff \| blob \| blame \| history
ssl/statem/statem_srvr.c		diff \| blob \| blame \| history
ssl/tls_srp.c		diff \| blob \| blame \| history
util/libcrypto.num		diff \| blob \| blame \| history

A mirror of the official openssl repository

RSS Atom