1. 14 10月, 2007 1 次提交
  2. 01 10月, 2007 1 次提交
  3. 27 9月, 2007 1 次提交
  4. 31 8月, 2007 1 次提交
  5. 20 8月, 2007 1 次提交
  6. 13 8月, 2007 1 次提交
  7. 12 8月, 2007 1 次提交
  8. 24 4月, 2007 1 次提交
  9. 17 2月, 2007 1 次提交
    • B
      Reorganize the data used for SSL ciphersuite pattern matching. · 52b8dad8
      Bodo Möller 提交于
      This change resolves a number of problems and obviates multiple kludges.
      A new feature is that you can now say "AES256" or "AES128" (not just
      "AES", which enables both).
      
      In some cases the ciphersuite list generated from a given string is
      affected by this change.  I hope this is just in those cases where the
      previous behaviour did not make sense.
      52b8dad8
  10. 08 2月, 2007 1 次提交
  11. 29 11月, 2006 1 次提交
  12. 28 9月, 2006 2 次提交
    • M
      Fix buffer overflow in SSL_get_shared_ciphers() function. · 3ff55e96
      Mark J. Cox 提交于
      (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
      
      Fix SSL client code which could crash if connecting to a
       malicious SSLv2 server.  (CVE-2006-4343)
      [Tavis Ormandy and Will Drewry, Google Security Team]
      3ff55e96
    • R
      Fixes for the following claims: · cbb92dfa
      Richard Levitte 提交于
        1) Certificate Message with no certs
      
        OpenSSL implementation sends the Certificate message during SSL
        handshake, however as per the specification, these have been omitted.
      
        -- RFC 2712 --
           CertificateRequest, and the ServerKeyExchange shown in Figure 1
           will be omitted since authentication and the establishment of a
           master secret will be done using the client's Kerberos credentials
           for the TLS server.  The client's certificate will be omitted for
           the same reason.
        -- RFC 2712 --
      
        3) Pre-master secret Protocol version
      
        The pre-master secret generated by OpenSSL does not have the correct
        client version.
      
        RFC 2712 says, if the Kerberos option is selected, the pre-master
        secret structure is the same as that used in the RSA case.
      
        TLS specification defines pre-master secret as:
               struct {
                   ProtocolVersion client_version;
                   opaque random[46];
               } PreMasterSecret;
      
        where client_version is the latest protocol version supported by the
        client
      
        The pre-master secret generated by OpenSSL does not have the correct
        client version. The implementation does not update the first 2 bytes
        of random secret for Kerberos Cipher suites. At the server-end, the
        client version from the pre-master secret is not validated.
      
      PR: 1336
      cbb92dfa
  13. 16 6月, 2006 1 次提交
  14. 15 6月, 2006 1 次提交
  15. 30 3月, 2006 1 次提交
  16. 13 3月, 2006 1 次提交
  17. 12 3月, 2006 1 次提交
  18. 11 3月, 2006 1 次提交
  19. 30 1月, 2006 1 次提交
  20. 13 1月, 2006 1 次提交
  21. 11 1月, 2006 1 次提交
  22. 10 1月, 2006 1 次提交
  23. 03 1月, 2006 2 次提交
  24. 13 12月, 2005 1 次提交
  25. 06 12月, 2005 1 次提交
  26. 08 10月, 2005 1 次提交
  27. 01 10月, 2005 1 次提交
  28. 15 8月, 2005 1 次提交
  29. 06 8月, 2005 1 次提交
  30. 16 7月, 2005 1 次提交
    • N
      make · 3eeaab4b
      Nils Larsch 提交于
          	./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
          	make depend all test
      work again
      
      PR: 1159
      3eeaab4b
  31. 16 5月, 2005 1 次提交
    • N
      ecc api cleanup; summary: · 9dd84053
      Nils Larsch 提交于
      - hide the EC_KEY structure definition in ec_lcl.c + add
        some functions to use/access the EC_KEY fields
      - change the way how method specific data (ecdsa/ecdh) is
        attached to a EC_KEY
      - add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
        additional parameters for pre-computed values
      - rebuild libeay.num from 0.9.7
      9dd84053
  32. 09 5月, 2005 1 次提交
  33. 03 5月, 2005 1 次提交
  34. 30 4月, 2005 1 次提交
  35. 28 4月, 2005 1 次提交
    • D
      Lots of Win32 fixes for DTLS. · 6c61726b
      Dr. Stephen Henson 提交于
      1. "unsigned long long" isn't portable changed: to BN_ULLONG.
      2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
      2. Avoid lots of compiler warnings about signed/unsigned mismatches.
      3. Include new library directory pqueue in mk1mf build system.
      4. Update symbols.
      6c61726b
  36. 27 4月, 2005 3 次提交