1. 15 9月, 2017 4 次提交
  2. 14 9月, 2017 9 次提交
  3. 12 9月, 2017 8 次提交
  4. 11 9月, 2017 2 次提交
  5. 10 9月, 2017 1 次提交
    • A
      sha/asm/keccak1600-armv8.pl: fix return value buglet and ... · 236dd463
      Andy Polyakov 提交于
      ... script data load.
      
      On related note an attempt was made to merge rotations with logical
      operations. I mean as we know, ARM ISA has merged rotate-n-logical
      instructions which can be used here. And they were used to improve
      keccak1600-armv4 performance. But not here. Even though this approach
      resulted in improvement on Cortex-A53 proportional to reduction of
      amount of instructions, ~8%, it didn't exactly worked out on
      non-Cortex cores. Presumably because they break merged instructions
      to separate μ-ops, which results in higher *operations* count. X-Gene
      and Denver went ~20% slower and Apple A7 - 40%. The optimization was
      therefore dismissed.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      236dd463
  6. 09 9月, 2017 5 次提交
  7. 08 9月, 2017 3 次提交
  8. 07 9月, 2017 1 次提交
    • B
      Restore historical behavior for absent ServerHello extensions · 1c259bb5
      Benjamin Kaduk 提交于
      In OpenSSL 1.1.0, when there were no extensions added to the ServerHello,
      we did not write the extension data length bytes to the end of the
      ServerHello; this is needed for compatibility with old client implementations
      that do not support TLS extensions (such as the default configuration of
      OpenSSL 0.9.8).  When ServerHello extension construction was converted
      to the new extensions framework in commit
      7da160b0, this behavior was inadvertently
      limited to cases when SSLv3 was negotiated (and similarly for ClientHellos),
      presumably since extensions are not defined at all for SSLv3.  However,
      extensions for TLS prior to TLS 1.3 have been defined in separate
      RFCs (6066, 4366, and 3546) from the TLS protocol specifications, and as such
      should be considered an optional protocol feature in those cases.
      
      Accordingly, be conservative in what we send, and skip the extensions block
      when there are no extensions to be sent, regardless of the TLS/SSL version.
      (TLS 1.3 requires extensions and can safely be treated differently.)
      Reviewed-by: NMatt Caswell <matt@openssl.org>
      Reviewed-by: NPaul Dale <paul.dale@oracle.com>
      (Merged from https://github.com/openssl/openssl/pull/4296)
      1c259bb5
  9. 06 9月, 2017 2 次提交
  10. 05 9月, 2017 1 次提交
  11. 04 9月, 2017 4 次提交