- 21 2月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 19 2月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Many applications require named curve parameter encoding instead of explicit parameter encoding (including the TLS library in OpenSSL itself). Set this encoding by default instead of requiring an explicit call to set it. Add OPENSSL_EC_EXPLICT_CURVE define. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 15 2月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 13 2月, 2015 16 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Change BUF_MEM_grow and BUF_MEM_grow_clean to return size_t. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Add some EVP_PKEY test data for sign and verify tests including failure cases. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Add two new keywords "PublicKey" and "PrivateKey". These will load a key in PEM format from the lines immediately following the keyword and assign it a name according to the value. These will be used later for public and private key testing operations. Add tests for Sign, Verify, VerifyRecover and Decrypt. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Richard Levitte 提交于
manually picked from e7b85bc40200961984925604ca444517359a6067 Reviewed-by: NStephen Henson <steve@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Graeme Perrow 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Clang via Jeffrey Walton 提交于
And remove backup definition of offsetof. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Eric Dequin 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 12 2月, 2015 4 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 11 2月, 2015 10 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
When writing out the hint, if the hint > 0, then we write it out otherwise we skip it. Previously when reading the hint back in, if were expecting to see one (because the ticket length > 0), but it wasn't present then we set the hint to -1, otherwise we set it to 0. This fails to set the hint to the same as when it was written out. The hint should never be negative because the RFC states the hint is unsigned. It is valid for a server to set the hint to 0 (this means the lifetime is unspecified according to the RFC). If the server set it to 0, it should still be 0 when we read it back in. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
SSL_SESSION_get_ticket_lifetime_hint. The latter has been reported as required to fix Qt for OpenSSL 1.1.0. I have also added the former in order to determine whether a ticket is present or not - otherwise it is difficult to know whether a zero lifetime hint is because the server set it to 0, or because there is no ticket. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
From RFC4507: "The ticket_lifetime_hint field contains a hint from the server about how long the ticket should be stored. The value indicates the lifetime in seconds as a 32-bit unsigned integer in network byte order." Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Print usage message. Print expected and got values if mismatch. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 10 2月, 2015 7 次提交
-
-
由 Emilia Kasper 提交于
Specifically, an ASN.1 NumericString in the certificate CN will fail UTF-8 conversion and result in a negative return value, which the "x509 -checkhost" command-line option incorrectly interpreted as success. Also update X509_check_host docs to reflect reality. Thanks to Sean Burford (Google) for reporting this issue. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
./config --strict-warnings enable-deprecated Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Mark them as such with OPENSSL_USE_DEPRECATED Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
In master OPENSSL_NO_DEPRECATED is the default anyway. By including it in --strict-warnings as well this means you cannot combine enable-deprecated with --strict-warnings. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Dr. Stephen Henson 提交于
Don't hard code NID_id_pbkdf2 in PBES2: look it up in PBE table. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-