- 21 2月, 2014 3 次提交
-
-
由 Dr. Stephen Henson 提交于
(cherry picked from commit b709f8ef54b1c9ad513878ba0213aa651a9acef8)
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 20 2月, 2014 6 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Ben Laurie 提交于
-
由 Ben Laurie 提交于
-
由 Ben Laurie 提交于
-
-
- 19 2月, 2014 2 次提交
-
-
由 Rob Stradling 提交于
Add the extension parser in the s_client, ocsp and x509 apps.
-
由 Dr. Stephen Henson 提交于
-
- 16 2月, 2014 2 次提交
-
-
由 Dr. Stephen Henson 提交于
The flag SSL_OP_MSIE_SSLV2_RSA_PADDING hasn't done anything since OpenSSL 0.9.7h but deleting it will break source compatibility with any software that references it. Restore it but #define to zero. (cherry picked from commit b17d6b8d1d49fa4732deff17cfd1833616af0d9c)
-
由 Dr. Stephen Henson 提交于
-
- 15 2月, 2014 10 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Klaus-Peter Junghanns 提交于
This can be used to speed up SRTP with libsrtp, e.g. on TI omap/sitara based devices.
-
由 Rob Stradling 提交于
Add the RFC6962 OIDs to the objects table.
-
由 Kurt Roeckx 提交于
If you use "-newkey rsa" it's supposed to read the default number of bits from the config file. However the value isn't used to generate the key, but it does print it's generating such a key. The set_keygen_ctx() doesn't call EVP_PKEY_CTX_set_rsa_keygen_bits() and you end up with the default set in pkey_rsa_init() (1024). Afterwards the number of bits gets read from the config file, but nothing is done with that anymore. We now read the config first and use the value from the config file when no size is given. PR: 2592
-
由 Kurt Roeckx 提交于
-
由 Scott Schaefer 提交于
-
由 Scott Schaefer 提交于
apps/pkcs12.c accepts -password as an argument. The document author almost certainly meant to write "-password, -passin". However, that is not correct, either. Actually the code treats -password as equivalent to -passin, EXCEPT when -export is also specified, in which case -password as equivalent to -passout.
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
Improve CBC decrypt and CTR by ~13/16%, which adds up to ~25/33% improvement over "pre-Silvermont" version. [Add performance table to aesni-x86.pl].
-
- 14 2月, 2014 2 次提交
-
-
由 Dr. Stephen Henson 提交于
When a chain is complete and ends in a trusted root checks are also performed on the TA and the callback notified with ok==1. For consistency do the same for chains where the TA is not self signed.
-
由 Dr. Stephen Henson 提交于
-
- 13 2月, 2014 5 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
(cherry picked from commit a2317c3ffde3f1f73bd7fa3f08e420fb09043905)
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
(other processors unaffected).
-
由 Ben Laurie 提交于
-
- 09 2月, 2014 1 次提交
-
-
由 Ben Laurie 提交于
-
- 06 2月, 2014 9 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Ben Laurie 提交于
-
由 Scott Deboy 提交于
The contract for custom extension callbacks has changed - all custom extension callbacks are triggered
-
由 Ben Laurie 提交于
-
由 Scott Deboy 提交于
Whitespace fixes
-
由 Scott Deboy 提交于
-
由 Scott Deboy 提交于
If multiple TLS extensions are expected but not received, the TLS extension and supplemental data 'generate' callbacks are the only chance for the receive-side to trigger a specific TLS alert during the handshake. Removed logic which no-op'd TLS extension generate callbacks (as the generate callbacks need to always be called in order to trigger alerts), and updated the serverinfo-specific custom TLS extension callbacks to track which custom TLS extensions were received by the client, where no-ops for 'generate' callbacks are appropriate.
-
由 Dr. Stephen Henson 提交于
If an application calls the macro SSL_CTX_get_extra_chain_certs return either the old "shared" extra certificates or those associated with the current certificate. This means applications which call SSL_CTX_use_certificate_chain_file and retrieve the additional chain using SSL_CTX_get_extra_chain_certs will still work. An application which only wants to check the shared extra certificates can call the new macro SSL_CTX_get_extra_chain_certs_only
-