- 14 4月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Don't drop DTLS connection if mac or decryption failed.
-
由 Dr. Stephen Henson 提交于
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Fix DTLS buffer record MAC failure bug.
-
- 07 4月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
directly by SSL/TLS SHA2 certificates are becoming more common and applications that only call SSL_library_init() and not OpenSSL_add_all_alrgorithms() will fail when verifying certificates. Update docs.
-
- 06 4月, 2010 4 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Fixes for DTLS replay bug.
-
由 Dr. Stephen Henson 提交于
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Fixes for DTLS buffering bug.
-
由 Dr. Stephen Henson 提交于
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Fixes for DTLS timeout bug
-
由 Dr. Stephen Henson 提交于
Fixes to make OpenSSL compile with no-rc4
-
- 25 3月, 2010 2 次提交
-
-
由 Bodo Möller 提交于
Also, add missing CHANGES entry for CVE-2009-3245 (code changes submitted to this branch on 23 Feb 2010), and further harmonize this version of CHANGES with the versions in the current branches.
-
由 Dr. Stephen Henson 提交于
Clear error queue in a few places in SSL code where errors are expected so they don't stay in the queue.
-
- 03 3月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL could be crashed if the relevant tables were not present (e.g. chrooted).
-
- 28 2月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
1.0.0. Original fix was on 2007-Mar-09 and had the log message: "Fix kerberos ciphersuite bugs introduced with PR:1336."
-
- 18 2月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
initial connection to unpatched servers. There are no additional security concerns in doing this as clients don't see renegotiation during an attack anyway.
-
- 16 2月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Tomas Mraz <tmraz@redhat.com> Since SSLv2 doesn't support renegotiation at all don't reject it if legacy renegotiation isn't enabled. Also can now use SSL2 compatible client hello because RFC5746 supports it.
-
- 02 2月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve. Make no-dsa, no-ecdsa and no-rsa compile again.
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Make session tickets work with DTLS.
-
- 01 2月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Typo in PR#1949 bug, oops!
-
- 29 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 27 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: steve@openssl.org More robust fix and workaround for PR#1949. Don't try to work out if there is any write pending data as this can be unreliable: always flush.
-
- 25 1月, 2010 2 次提交
-
-
由 Richard Levitte 提交于
Submitted by Steven M. Schweda <sms@antinode.info>
-
由 Dr. Stephen Henson 提交于
Submitted by: steve@openssl.org The original fix for PR#2125 broke compilation on some Unixware platforms: revert and make conditional on VMS.
-
- 24 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should both address the original bug and retain compatibility with the old behaviour.
-
- 23 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
server attempts to renegotiate with an unpatched client.
-
- 21 1月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 20 1月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
algorithms not found when an application uses PKCS#12 and only calls SSL_library_init() instead of OpenSSL_add_all_algorithms(). Simple work around is to add the missing algorithm (40 bit RC2) in SSL_library_init().
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Better fix for PR#2144
-
- 17 1月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: steve@openssl.org Fix DTLS connection so new_session is reset if we read second client hello: new_session is used to detect renegotiation.
-
由 Dr. Stephen Henson 提交于
Submitted by: steve@openssl.org Add missing DTLS state strings.
-
- 15 1月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com> Fix gcc-aix compilation issue.
-
- 14 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Although it will be many years before TLS v2.0 or later appears old versions of servers have a habit of hanging around for a considerable time so best if we handle this properly now.
-
- 08 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
1. Send SCSV is not renegotiating, never empty RI. 2. Send RI if renegotiating.
-
- 07 1月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
1. Add provisional SCSV value. 2. Don't send SCSV and RI at same time. 3. Fatal error is SCSV received when renegotiating.
-
由 Dr. Stephen Henson 提交于
-
- 06 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 01 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
algorithm matches current and give error if compression is disabled and server requests it (shouldn't happen unless server is broken).
-
- 31 12月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
used compression algorithms in client hello (a legacy from when the compression algorithm wasn't serialized with SSL_SESSION).
-
- 28 12月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-