提交 · 837e1b6812d53799cff304630bc3a1a9db86b696 · OpenHarmony / Third Party Openssl

01 9月, 2011 1 次提交

PR: 2573 · d41ce00b

由 Dr. Stephen Henson 提交于 9月 01, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS buffering and decryption bug.

d41ce00b

24 8月, 2011 1 次提交
- A
  
  Add RC4-MD5 and AESNI-SHA1 "stitched" implementations. · c608171d
  由 Andy Polyakov 提交于 8月 23, 2011
  
  c608171d
14 8月, 2011 1 次提交

Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA · 1f59a843

由 Dr. Stephen Henson 提交于 8月 14, 2011

using OBJ xref utilities instead of string comparison with OID name.

This removes the arbitrary restriction on using SHA1 only with some ECC
ciphersuites.

1f59a843

03 8月, 2011 1 次提交
- D
  Expand range of ctrls for AES GCM to support retrieval and setting of · 28dd49fa
  由 Dr. Stephen Henson 提交于 8月 03, 2011
```
invocation field.

Add complete support for AES GCM ciphersuites including all those in
RFC5288 and RFC5289.
```
  28dd49fa
26 7月, 2011 2 次提交
- D
  
  oops, remove debug option · 31475a37
  由 Dr. Stephen Henson 提交于 7月 25, 2011
  
  31475a37
- D
  Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support and · d09677ac
  由 Dr. Stephen Henson 提交于 7月 25, 2011
```
prohibit use of these ciphersuites for TLS < 1.2
```
  d09677ac
20 7月, 2011 2 次提交

PR: 2555 · 0445ab3a

由 Dr. Stephen Henson 提交于 7月 20, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS sequence number bug

0445ab3a

PR: 2550 · bb48f4ce

由 Dr. Stephen Henson 提交于 7月 20, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS HelloVerifyRequest Timer bug

bb48f4ce

11 7月, 2011 2 次提交
- A
  ssl/ssl_ciph.c: allow to switch to predefined "composite" cipher/mac · 146e1fc7
  由 Andy Polyakov 提交于 7月 11, 2011
```
combos that can be implemented as AEAD ciphers.
```
  146e1fc7
- A
  
  ssl/t1_enc.c: initial support for AEAD ciphers. · 7532071a
  由 Andy Polyakov 提交于 7月 11, 2011
  
  7532071a
22 6月, 2011 1 次提交

PR: 2543 · 861a7e5c

由 Dr. Stephen Henson 提交于 6月 22, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Correctly handle errors in DTLSv1_handle_timeout()

861a7e5c

14 6月, 2011 1 次提交
- D
  
  set FIPS allow before initialising ctx · 70051b1d
  由 Dr. Stephen Henson 提交于 6月 14, 2011
  
  70051b1d
08 6月, 2011 1 次提交
- D
  
  fix memory leak · ca933576
  由 Dr. Stephen Henson 提交于 6月 08, 2011
  
  ca933576
06 6月, 2011 1 次提交
- D
  
  Set SSL_FIPS flag in ECC ciphersuites. · 1c13c122
  由 Dr. Stephen Henson 提交于 6月 06, 2011
  
  1c13c122
04 6月, 2011 1 次提交
- D
  
  fix error discrepancy · 4f8f8bf3
  由 Dr. Stephen Henson 提交于 6月 03, 2011
  
  4f8f8bf3
01 6月, 2011 2 次提交
- D
  
  typo · 654ac273
  由 Dr. Stephen Henson 提交于 6月 01, 2011
  
  654ac273
- D
  
  set FIPS permitted flag before initalising digest · 8f119a03
  由 Dr. Stephen Henson 提交于 5月 31, 2011
  
  8f119a03
31 5月, 2011 2 次提交
- D
  Don't round up partitioned premaster secret length if there is only one · 1b2047c5
  由 Dr. Stephen Henson 提交于 5月 31, 2011
```
digest in use: this caused the PRF to fail for an odd premaster secret
length.
```
  1b2047c5
- D
  
  Output supported curves in preference order instead of numerically. · eda3766b
  由 Dr. Stephen Henson 提交于 5月 30, 2011
  
  eda3766b
25 5月, 2011 8 次提交
- D
  
  Don't advertise or use MD5 for TLS v1.2 in FIPS mode · ebc5e72f
  由 Dr. Stephen Henson 提交于 5月 25, 2011
  
  ebc5e72f
- D
  PR: 2533 · 3d52f1d5
  由 Dr. Stephen Henson 提交于 5月 25, 2011
```
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes
the program to crash. This is due to missing version checks and is fixed with
this patch.
```
  3d52f1d5
- D
  PR: 2529 · fd60dfa0
  由 Dr. Stephen Henson 提交于 5月 25, 2011
```
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Call ssl_new() to reallocate SSL BIO internals if we want to replace
the existing internal SSL structure.
```
  fd60dfa0
- D
  
  Some nextproto patches broke DTLS: fix · bbcf3a9b
  由 Dr. Stephen Henson 提交于 5月 25, 2011
  
  bbcf3a9b
- D
  
  Oops use up to date patch for PR#2506 · 006b54a8
  由 Dr. Stephen Henson 提交于 5月 25, 2011
  
  006b54a8
- D
  PR: 2506 · 7832d6ab
  由 Dr. Stephen Henson 提交于 5月 25, 2011
```
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fully implement SSL_clear for DTLS.
```
  7832d6ab
- D
  PR: 2505 · ee4b5ceb
  由 Dr. Stephen Henson 提交于 5月 25, 2011
```
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS session resumption timer bug.
```
  ee4b5ceb
- D
  
  use TLS1_get_version macro to check version so TLS v1.2 changes don't interfere with DTLS · 238b6361
  由 Dr. Stephen Henson 提交于 5月 25, 2011
  
  238b6361
20 5月, 2011 3 次提交
- D
  PR: 2295 · f37f20ff
  由 Dr. Stephen Henson 提交于 5月 20, 2011
```
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
```
  f37f20ff
- D
  
  Implement FIPS_mode and FIPS_mode_set · 086e32a6
  由 Dr. Stephen Henson 提交于 5月 19, 2011
  
  086e32a6
- D
  
  set encodedPoint to NULL after freeing it · 4f7533eb
  由 Dr. Stephen Henson 提交于 5月 19, 2011
  
  4f7533eb
13 5月, 2011 1 次提交

Provisional support for TLS v1.2 client authentication: client side only. · 855a54a9

由 Dr. Stephen Henson 提交于 5月 12, 2011

Parse certificate request message and set digests appropriately.

Generate new TLS v1.2 format certificate verify message.

Keep handshake caches around for longer as they are needed for client auth.

855a54a9

12 5月, 2011 3 次提交
- D
  Process signature algorithms during TLS v1.2 client authentication. · 8f829124
  由 Dr. Stephen Henson 提交于 5月 12, 2011
```
Make sure message is long enough for signature algorithms.
```
  8f829124
- D
  
  make kerberos work with OPENSSL_NO_SSL_INTERN · 4f7a2ab8
  由 Dr. Stephen Henson 提交于 5月 11, 2011
  
  4f7a2ab8
- D
  
  Reorder signature algorithms in strongest hash first order. · fc101f88
  由 Dr. Stephen Henson 提交于 5月 11, 2011
  
  fc101f88
09 5月, 2011 1 次提交

Initial TLS v1.2 client support. Include a default supported signature · a2f9200f

由 Dr. Stephen Henson 提交于 5月 09, 2011

algorithms extension (including everything we support). Swicth to new
signature format where needed and relax ECC restrictions.

Not TLS v1.2 client certifcate support yet but client will handle case
where a certificate is requested and we don't have one.

a2f9200f

06 5月, 2011 1 次提交

Continuing TLS v1.2 support: add support for server parsing of · 6b7be581

由 Dr. Stephen Henson 提交于 5月 06, 2011

signature algorithms extension and correct signature format for
server key exchange.

All ciphersuites should now work on the server but no client support and
no client certificate support yet.

6b7be581

01 5月, 2011 1 次提交
- D
  
  Disable SHA256 if not supported. · 823df31b
  由 Dr. Stephen Henson 提交于 5月 01, 2011
  
  823df31b
30 4月, 2011 2 次提交

Initial incomplete TLS v1.2 support. New ciphersuites added, new version · 7409d7ad

由 Dr. Stephen Henson 提交于 4月 29, 2011

checking added, SHA256 PRF support added.

At present only RSA key exchange ciphersuites work with TLS v1.2 as the
new signature format is not yet implemented.

7409d7ad

Initial "opaque SSL" framework. If an application defines · 08557cf2

由 Dr. Stephen Henson 提交于 4月 29, 2011

OPENSSL_NO_SSL_INTERN all ssl related structures are opaque
and internals cannot be directly accessed. Many applications
will need some modification to support this and most likely some
additional functions added to OpenSSL.

The advantage of this option is that any application supporting
it will still be binary compatible if SSL structures change.

08557cf2

11 4月, 2011 1 次提交
- D
  
  Reorder headers to get definitions before they are used. · b93e331b
  由 Dr. Stephen Henson 提交于 4月 11, 2011
  
  b93e331b

OpenHarmony / Third Party Openssl 大约 1 年 前同步成功

OpenHarmony / Third Party Openssl
大约 1 年前同步成功