- 28 3月, 2016 4 次提交
-
-
由 David Benjamin 提交于
Session resumption involves a version check, so version negotiation must happen first. Currently, the DTLS implementation cannot do session resumption in DTLS 1.0 because the ssl_version check always checks against 1.2. Switching the order also removes the need to fixup ssl_version in DTLS version negotiation. Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NViktor Dukhovni <viktor@openssl.org> RT: #4392, MR: #2452
-
由 Kurt Roeckx 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> MR: #2452
-
由 Fedor Indutny 提交于
We now send the highest supported version by the client, even if the session uses an older version. This fixes 2 problems: - When you try to reuse a session but the other side doesn't reuse it and uses a different protocol version the connection will fail. - When you're trying to reuse a session with an old version you might be stuck trying to reuse the old version while both sides support a newer version Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NViktor Dukhovni <viktor@openssl.org> GH: #852, MR: #2452
-
由 Richard Levitte 提交于
According to documentation, perl's Math::BigInt does floored division, i.e. the bdiv function does 1 / -4 = -1. OpenSSL's BN_div, as well as bc, do truncated division, i.e. 1 / -4 = 0. We need to compensate for that difference in test/recipes/bc.pl to make sure to verify the bntest results under its own conditions, by dividing the absolute values of the given numbers and fixup the result's negativity afterwards. Closes RT#4485 Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 26 3月, 2016 1 次提交
-
-
由 Jeffrey Walton 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 25 3月, 2016 3 次提交
-
-
由 Richard Levitte 提交于
These logical names are used to make the C RTL change certain behaviors, sometimes to make it act more like Unix. While they can make life easier in some cases, they can be disruptive as well. When building and testing OpenSSL, the latter is the case, so we ask people to avoid using them. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Rich Salz 提交于
This allows developer to glue DLL built with VC into their application compiled with Borland C. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Rich Salz 提交于
And thanks to Miod Vallat for the nudge about ERR_PACK :) Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 24 3月, 2016 8 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
On Windows and Unix, the staging directory $(DESTDIR) can simply be prepended to the installation directory. An attempt was made to do something similar on VMS, but that ended up being a half measure solution. Instead of that, simply use the staging directory as a prefix under which [.OPENSSL-INSTALL] and [.OPENSSL-COMMON] will hold the two directory trees that should end up in the directories indicated by --prefix and --openssldir, and finish the installation with appropriate instructions on what to do next. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
- on VMS, SYS$COMMON:[SSL] is already used as installation directory by HP SSL, so we make our default for --openssldir SYS$COMMON:[OPENSSL-COMMON] instead. - Updated notes on default installation dirs fir Unix and Windows Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
In this OpenSSL version, we deliver engines with lower case symbol names. The DSO symbol finder must be updated to allow for mixed case symbols or it won't fine them. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Sometimes, you might end up with a rather long compile line due to excessively long /INCLUDE directories. Compensate for it by making a temporary logical name with them and using said logical name as /INCLUDE argument. A note was added to NOTES.VMS regarding these limitations. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 23 3月, 2016 10 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Removed the following: DSO_bind_var, DSO_bind_var, DSO_get_default_method, DSO_get_loaded_filename, DSO_get_loaded_filename, DSO_get_method, DSO_new_method, DSO_pathbyaddr, DSO_set_default_method, DSO_set_method, DSO_set_name_converter, DSO_set_name_converter Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 FdaSilvaYY 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
- VMS configs had no dso_scheme - Incorrect return of NULL method. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Rob Percival 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Alex Gaynor 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Kurt Roeckx 提交于
algo_strength contains 2 parts that need to be checked by their own. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> MR: #2082
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Rich Salz 提交于
Instead of have every DSO_METHOD_xxx in all platforms, ensure that only one DSO_METHOD_openssl is available on all platforms. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Rich Salz 提交于
This was really easy. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 22 3月, 2016 14 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Ben Laurie 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Ben Laurie 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Ben Laurie 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Ben Laurie 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 David Benjamin 提交于
BIO_new, etc., don't need a non-const BIO_METHOD. This allows all the built-in method tables to live in .rodata. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Richard Levitte 提交于
On VMS, we downcase option names, which means that config names are downcased as well, so they need to be downcased in the target table to be found. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Rob Percival 提交于
Allows CONF files for certificate requests to specify that a pre- certificate should be created (see RFC6962). Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Steven Linsell 提交于
ASYNC_WAIT_CTX_free Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Misc fixes for no-sock Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Configure had the wrong name for the no-gost option. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-