1. 21 5月, 2014 2 次提交
  2. 20 5月, 2014 11 次提交
  3. 19 5月, 2014 1 次提交
  4. 16 5月, 2014 1 次提交
  5. 15 5月, 2014 4 次提交
  6. 13 5月, 2014 5 次提交
  7. 12 5月, 2014 6 次提交
  8. 11 5月, 2014 2 次提交
  9. 10 5月, 2014 1 次提交
  10. 09 5月, 2014 4 次提交
    • D
      Return an error if no recipient type matches. · 0bcb17a7
      Dr. Stephen Henson 提交于
      If the key type does not match any CMS recipient type return
      an error instead of using a random key (MMA mitigation). This
      does not leak any useful information to an attacker.
      
      PR#3348
      0bcb17a7
    • G
      s_client/s_server: support unix domain sockets · a9351320
      Geoff Thorpe 提交于
      The "-unix <path>" argument allows s_server and s_client to use a unix
      domain socket in the filesystem instead of IPv4 ("-connect", "-port",
      "-accept", etc). If s_server exits gracefully, such as when "-naccept"
      is used and the requested number of SSL/TLS connections have occurred,
      then the domain socket file is removed. On ctrl-C, it is likely that
      the stale socket file will be left over, such that s_server would
      normally fail to restart with the same arguments. For this reason,
      s_server also supports an "-unlink" option, which will clean up any
      stale socket file before starting.
      
      If you have any reason to want encrypted IPC within an O/S instance,
      this concept might come in handy. Otherwise it just demonstrates that
      there is nothing about SSL/TLS that limits it to TCP/IP in any way.
      
      (There might also be benchmarking and profiling use in this path, as
      unix domain sockets are much lower overhead than connecting over local
      IP addresses).
      Signed-off-by: NGeoff Thorpe <geoff@openssl.org>
      a9351320
    • T
      coverity 966576 - close socket in error path · b6e69d28
      Tim Hudson 提交于
      b6e69d28
    • T
      PR#3342 fix resource leak coverity issue 966577 · 8e94fadd
      Tim Hudson 提交于
      8e94fadd
  11. 08 5月, 2014 2 次提交
  12. 07 5月, 2014 1 次提交