提交 · 4242a090c7fe60a4b84a68bfac836596590c66c5 · OpenHarmony / Third Party Openssl

11 5月, 2012 6 次提交

PR: 2813 · 4242a090

由 Dr. Stephen Henson 提交于 5月 11, 2012

Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>

Fix possible deadlock when decoding public keys.

4242a090

PR: 2811 · c3b13033

由 Dr. Stephen Henson 提交于 5月 11, 2012

Reported by: Phil Pennock <openssl-dev@spodhuis.org>

Make renegotiation work for TLS 1.2, 1.1 by not using a lower record
version client hello workaround if renegotiating.

c3b13033

B

Fix warning. · 5762f777
由 Ben Laurie 提交于 5月 10, 2012

5762f777
B

Padlock doesn't build. I don't even know what it is. · 7a412ded
由 Ben Laurie 提交于 5月 10, 2012

7a412ded

PR: 2806 · efb19e13

由 Dr. Stephen Henson 提交于 5月 10, 2012

Submitted by: PK <runningdoglackey@yahoo.com>

Correct ciphersuite signature algorithm definitions.

efb19e13

Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and · c46ecc3a

由 Dr. Stephen Henson 提交于 5月 10, 2012

DTLS to fix DoS attack.

Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
fuzzing as a service testing platform.
(CVE-2012-2333)

c46ecc3a

10 5月, 2012 2 次提交
- D
  
  update FAQ · 7388b43c
  由 Dr. Stephen Henson 提交于 5月 10, 2012
  
  7388b43c
- D
  Reported by: Solar Designer of Openwall · 225055c3
  由 Dr. Stephen Henson 提交于 5月 10, 2012
```
Make sure tkeylen is initialised properly when encrypting CMS messages.
```
  225055c3
04 5月, 2012 1 次提交
- R
  
  Correct environment variable is OPENSSL_ALLOW_PROXY_CERTS. · e0311481
  由 Richard Levitte 提交于 5月 04, 2012
  
  e0311481
28 4月, 2012 2 次提交
- A
  
  perlasm: fix symptom-less bugs, missing semicolons and 'my' declarations. · f9c5e5d9
  由 Andy Polyakov 提交于 4月 28, 2012
  
  f9c5e5d9
- A
  ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance · 9474483a
  由 Andy Polyakov 提交于 4月 27, 2012
```
of digest algorithms, mosty SHA, on Power7. Mystery of century, why SHA,
why slower algorithm are affected more...
PR: 2794
Submitted by: Ashley Lai
```
  9474483a
27 4月, 2012 1 次提交
- D
  
  Don't try to use unvalidated composite ciphers in FIPS mode · a7086099
  由 Dr. Stephen Henson 提交于 4月 26, 2012
  
  a7086099
26 4月, 2012 6 次提交
- D
  
  update NEWS · a9e6c091
  由 Dr. Stephen Henson 提交于 4月 26, 2012
  
  a9e6c091
- D
  
  update FAQ · df570544
  由 Dr. Stephen Henson 提交于 4月 26, 2012
  
  df570544
- A
  
  CHANGES: clarify. · a2b21191
  由 Andy Polyakov 提交于 4月 26, 2012
  
  a2b21191
- A
  
  CHANGES: fix typos and clarify. · 396f8b71
  由 Andy Polyakov 提交于 4月 26, 2012
  
  396f8b71
- D
  Change value of SSL_OP_NO_TLSv1_1 to avoid clash with SSL_OP_ALL and · 43d5b4ff
  由 Dr. Stephen Henson 提交于 4月 25, 2012
```
OpenSSL 1.0.0. Add CHANGES entry noting the consequences.
```
  43d5b4ff
- A
  s23_clnt.c: ensure interoperability by maitaining client "version capability" · f2ad3582
  由 Andy Polyakov 提交于 4月 25, 2012
```
vector contiguous.
PR: 2802
```
  f2ad3582
24 4月, 2012 3 次提交
- D
  Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> · 09e4e4b9
  由 Dr. Stephen Henson 提交于 4月 24, 2012
```
Reviewed by: steve
Improved localisation of TLS extension handling and code tidy.
```
  09e4e4b9
- D
  
  oops, not yet ;-) · ce33b42b
  由 Dr. Stephen Henson 提交于 4月 23, 2012
  
  ce33b42b
- D
  
  update NEWS · 579d5534
  由 Dr. Stephen Henson 提交于 4月 23, 2012
  
  579d5534
23 4月, 2012 1 次提交
- A
  
  objxref.pl: improve portability. · 71fa3bc5
  由 Andy Polyakov 提交于 4月 22, 2012
  
  71fa3bc5
22 4月, 2012 4 次提交
- D
  
  correct error code · e2f53b67
  由 Dr. Stephen Henson 提交于 4月 22, 2012
  
  e2f53b67
- D
  
  check correctness of errors before updating them so we don't get bogus errors added · 797c61aa
  由 Dr. Stephen Henson 提交于 4月 22, 2012
  
  797c61aa
- D
  
  correct old FAQ answers · 597dab0f
  由 Dr. Stephen Henson 提交于 4月 22, 2012
  
  597dab0f
- D
  PR: 2239 · b36bab78
  由 Dr. Stephen Henson 提交于 4月 22, 2012
```
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>

Add Brainpool curves from RFC5639.

Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
```
  b36bab78
20 4月, 2012 2 次提交
- A
  e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms. · 8ea92ddd
  由 Andy Polyakov 提交于 4月 19, 2012
```
PR: 2792
```
  8ea92ddd
- D
  Check for potentially exploitable overflows in asn1_d2i_read_bio · d9a9d10f
  由 Dr. Stephen Henson 提交于 4月 19, 2012
```
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
```
  d9a9d10f
19 4月, 2012 3 次提交
- D
  
  update FAQ · 0d2baadf
  由 Dr. Stephen Henson 提交于 4月 19, 2012
  
  0d2baadf
- A
  Makefile.org: clear yet another environment variable. · dce1cc2a
  由 Andy Polyakov 提交于 4月 19, 2012
```
PR: 2793
```
  dce1cc2a
- D
  
  recognise X9.42 DH certificates on servers · b2141841
  由 Dr. Stephen Henson 提交于 4月 18, 2012
  
  b2141841
18 4月, 2012 4 次提交
- D
  
  correct error codes · aa09c2c6
  由 Dr. Stephen Henson 提交于 4月 18, 2012
  
  aa09c2c6
- A
  e_rc4_hmac_md5.c: harmonize zero-length fragment handling with · 6dd9b0fc
  由 Andy Polyakov 提交于 4月 18, 2012
```
e_aes_cbc_hmac_sha1.c (mostly for aesthetic reasons).
```
  6dd9b0fc
- A
  e_rc4_hmac_md5.c: oops, can't use rc4_hmac_md5_cipher on legacy Intel CPUs. · e36f6b9c
  由 Andy Polyakov 提交于 4月 18, 2012
```
PR: 2792
```
  e36f6b9c
- A
  C64x+ assembler pack. linux-c64xplus build is *not* tested nor can it be · 3e181369
  由 Andy Polyakov 提交于 4月 18, 2012
```
tested, because kernel is not in shape to handle it *yet*. The code is
committed mostly to stimulate the kernel development.
```
  3e181369
17 4月, 2012 5 次提交

Disable SHA-2 ciphersuites in < TLS 1.2 connections. · d3ddf022

由 Bodo Möller 提交于 4月 17, 2012

(TLS 1.2 clients could end up negotiating these with an OpenSSL server
with TLS 1.2 disabled, which is problematic.)

Submitted by: Adam Langley

d3ddf022

Additional workaround for PR#2771 · 800e1cd9

由 Dr. Stephen Henson 提交于 4月 17, 2012

If OPENSSL_MAX_TLS1_2_CIPHER_LENGTH is set then limit the size of client
ciphersuites to this value. A value of 50 should be sufficient.

Document workarounds in CHANGES.

800e1cd9

Partial workaround for PR#2771. · 293706e7

由 Dr. Stephen Henson 提交于 4月 17, 2012

Some servers hang when presented with a client hello record length exceeding
255 bytes but will work with longer client hellos if the TLS record version
in client hello does not exceed TLS v1.0. Unfortunately this doesn't fix all
cases...

293706e7

A
OPENSSL_NO_SOCK fixes. · 4a1fbd13
由 Andy Polyakov 提交于 4月 16, 2012
```
PR: 2791
Submitted by: Ben Noordhuis
```
4a1fbd13
A
Minor compatibility fixes. · 9eba5614
由 Andy Polyakov 提交于 4月 16, 2012
```
PR: 2790
Submitted by: Alexei Khlebnikov
```
9eba5614

OpenHarmony / Third Party Openssl 1 年多 前同步成功

OpenHarmony / Third Party Openssl
1 年多前同步成功