- 27 5月, 2014 2 次提交
-
-
由 Matt Caswell 提交于
-
由 Matt Caswell 提交于
-
- 26 5月, 2014 5 次提交
-
-
由 Juli Mallett 提交于
Closes #74.
-
由 Matt Caswell 提交于
-
由 Ben Laurie 提交于
Closes #31.
-
由 Christian Heimes 提交于
-
由 Christian Heimes 提交于
-
- 25 5月, 2014 3 次提交
-
-
由 Dr. Stephen Henson 提交于
When looking for the issuer of a certificate, if current candidate is expired, continue looking. Only return an expired certificate if no valid certificates are found. PR#3359
-
由 Dr. Stephen Henson 提交于
-
由 Matt Caswell 提交于
-
- 24 5月, 2014 6 次提交
-
-
由 Ben Laurie 提交于
-
由 Martin Kaiser 提交于
-
由 Martin Kaiser 提交于
Add an NSS output format to sess_id to export to export the session id and the master key in NSS keylog format. PR#3352
-
subjectAltName field. The Name Contraint example in x509v3_config(5) even use IP as an example: nameConstraints=permitted;IP:192.168.0.0/255.255.0.0 However, until now, the verify code for IP name contraints did not exist. Any check with a IP Address Name Constraint results in a "unsupported name constraint type" error. This patch implements support for IP Address Name Constraint (v4 and v6). This code validaded correcly certificates with multiple IPv4/IPv6 address checking against a CA certificate with these constraints: permitted;IP.1=10.9.0.0/255.255.0.0 permitted;IP.2=10.48.0.0/255.255.0.0 permitted;IP.3=10.148.0.0/255.255.0.0 permitted;IP.4=fdc8:123f:e31f::/ffff:ffff:ffff:: Signed-off-by: NLuiz Angelo Daros de Luca <luizluca@gmail.com>
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
- 23 5月, 2014 2 次提交
-
-
-
由 Mike Bland 提交于
Replaces the entire test with a trivial implementation when OPENSSL_NO_HEARTBEATS is defined.
-
- 22 5月, 2014 3 次提交
-
-
由 Ben Laurie 提交于
-
由 Matt Caswell 提交于
-
由 Matt Caswell 提交于
-
- 21 5月, 2014 7 次提交
-
-
由 Ben Laurie 提交于
-
由 Ben Laurie 提交于
-
由 Viktor Dukhovni 提交于
Fixes to host checking wild card support and add support for setting host checking flags when verifying a certificate chain.
-
由 Dr. Stephen Henson 提交于
Use triple DES for certificate encryption if no-rc2 is specified. PR#3357
-
由 Dr. Stephen Henson 提交于
PR#3357
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
- 20 5月, 2014 11 次提交
-
-
由 Ben Laurie 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Janpopan 提交于
-
由 Ben Laurie 提交于
-
由 Ben Laurie 提交于
-
由 Mike Bland 提交于
The previous calls to memset() were added to tear_down() when I noticed the test spuriously failing in opt mode, with different results each time. This appeared to be because the allocator zeros out memory in debug mode, but not in opt mode. Since the heartbeat functions silently drop the request on error without modifying the contents of the write buffer, whatever random contents were in memory before being reallocated to the write buffer used in the test would cause nondeterministic test failures in the Heartbleed regression cases. Adding these calls allowed the test to pass in both debug and opt modes. Ben Laurie notified me offline that the test was aborting in debug-ben-debug-64-clang mode, configured with GitConfigure and built with GitMake. Looking into this, I realized the first memset() call was zeroing out a reference count used by SSL_free() that was checked in debug-ben-debug-64-clang mode but not in the normal debug mode. Removing the memset() calls from tear_down() and adding a memset() for the write buffer in set_up() addresses the issue and allows the test to successfully execute in debug, opt, and debug-ben-debug-64-clang modes.
-
由 Mike Bland 提交于
Checks the return values of ssl_init_wbio_buffer() and ssl3_setup_buffers().
-
由 Ben Laurie 提交于
-
由 Mike Bland 提交于
Regression test against CVE-2014-0160 (Heartbleed). More info: http://mike-bland.com/tags/heartbleed.html
-
- 19 5月, 2014 1 次提交
-
-
由 Andy Polyakov 提交于
"Teaser" means that it's initial proof-of-concept to build EVP module upon.
-