- 15 2月, 2014 5 次提交
-
-
由 Scott Schaefer 提交于
-
由 Scott Schaefer 提交于
apps/pkcs12.c accepts -password as an argument. The document author almost certainly meant to write "-password, -passin". However, that is not correct, either. Actually the code treats -password as equivalent to -passin, EXCEPT when -export is also specified, in which case -password as equivalent to -passout.
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
Improve CBC decrypt and CTR by ~13/16%, which adds up to ~25/33% improvement over "pre-Silvermont" version. [Add performance table to aesni-x86.pl].
-
- 14 2月, 2014 2 次提交
-
-
由 Dr. Stephen Henson 提交于
When a chain is complete and ends in a trusted root checks are also performed on the TA and the callback notified with ok==1. For consistency do the same for chains where the TA is not self signed.
-
由 Dr. Stephen Henson 提交于
-
- 13 2月, 2014 5 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
(cherry picked from commit a2317c3ffde3f1f73bd7fa3f08e420fb09043905)
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
(other processors unaffected).
-
由 Ben Laurie 提交于
-
- 09 2月, 2014 1 次提交
-
-
由 Ben Laurie 提交于
-
- 06 2月, 2014 9 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Ben Laurie 提交于
-
由 Scott Deboy 提交于
The contract for custom extension callbacks has changed - all custom extension callbacks are triggered
-
由 Ben Laurie 提交于
-
由 Scott Deboy 提交于
Whitespace fixes
-
由 Scott Deboy 提交于
-
由 Scott Deboy 提交于
If multiple TLS extensions are expected but not received, the TLS extension and supplemental data 'generate' callbacks are the only chance for the receive-side to trigger a specific TLS alert during the handshake. Removed logic which no-op'd TLS extension generate callbacks (as the generate callbacks need to always be called in order to trigger alerts), and updated the serverinfo-specific custom TLS extension callbacks to track which custom TLS extensions were received by the client, where no-ops for 'generate' callbacks are appropriate.
-
由 Dr. Stephen Henson 提交于
If an application calls the macro SSL_CTX_get_extra_chain_certs return either the old "shared" extra certificates or those associated with the current certificate. This means applications which call SSL_CTX_use_certificate_chain_file and retrieve the additional chain using SSL_CTX_get_extra_chain_certs will still work. An application which only wants to check the shared extra certificates can call the new macro SSL_CTX_get_extra_chain_certs_only
-
- 05 2月, 2014 5 次提交
-
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
This allows to process multiple fragmets of maximum fragment size, as opposite to chopping maximum-sized fragments to multiple smaller ones. This approach relies on dynamic allocation of larger buffers, which we trade for performance improvement, for several *times* in some situations.
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
If application has more data than maximum fragment, hold to buffer for whole write, as opposite to per-fragment strategy.
-
- 03 2月, 2014 3 次提交
-
-
由 Dr. Stephen Henson 提交于
PR#3253
-
由 Dr. Stephen Henson 提交于
New ctrl sets current certificate based on certain criteria. Currently two options: set the first valid certificate as current and set the next valid certificate as current. Using these an application can iterate over all certificates in an SSL_CTX or SSL structure.
-
由 Dr. Stephen Henson 提交于
-
- 02 2月, 2014 3 次提交
-
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
Atom Silvermont. On other CPUs one can observe 1% loss on some algorithms.
-
由 Andy Polyakov 提交于
+5% on Atom Silvermont, up to +8% improvement of legacy code. Harmonize sha1-586.pl and aesni-sha1-x86_86.p with sha1-x86_64.pl.
-
- 29 1月, 2014 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Remove reference to ERR_TXT_MALLOCED in the error library as that is only used internally. Indicate that returned error data must not be freed. (cherry picked from commit f2d678e6e89b6508147086610e985d4e8416e867)
-
- 28 1月, 2014 4 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
PR#3244 (cherry picked from commit 9614d2c676ffe74ce0c919d9e5c0d622a011cbed)
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
Always add a dynamically loaded ENGINE to list. Otherwise it can cause problems when multiply loaded, especially if it adds new public key methods. For all current engines we only want a single implementation anyway.
-
- 27 1月, 2014 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-