- 22 10月, 2014 2 次提交
-
-
由 Bodo Moeller 提交于
listed after TLS_FALLBACK_SCSV. RT: 3575 Reviewed-by: NEmilia Kasper <emilia@openssl.org>
-
由 Kurt Roeckx 提交于
When we're configured with no-ssl3 and we receive an SSL v3 Client Hello, we set the method to NULL. We didn't used to do that, and it breaks things. This is a regression introduced in 62f45cc2. Keep the old method since the code is not able to deal with a NULL method at this time. CVE-2014-3569, PR#3571 Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 20 10月, 2014 1 次提交
-
-
由 Tim Hudson 提交于
Reviewed-by: NGeoff Thorpe <geoff@openssl.org>
-
- 17 10月, 2014 1 次提交
-
-
由 Kurt Cancemi 提交于
Reviewed-by: NBen Laurie <ben@openssl.org>
-
- 15 10月, 2014 12 次提交
-
-
由 Tim Hudson 提交于
so the Win32 compile picks it up correctly. Reviewed-by: NRichard Levitte <levitte@openssl.org> Conflicts: crypto/Makefile
-
由 Richard Levitte 提交于
The different -I compiler parameters will take care of the rest... Reviewed-by: NTim Hudson <tjh@openssl.org> Conflicts: crypto/evp/evp_enc.c crypto/rsa/rsa_oaep.c crypto/rsa/rsa_pk1.c
-
由 Matt Caswell 提交于
Reviewed-by: NDr Stephen Henson <steve@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NBodo Möller <bodo@openssl.org>
-
由 Geoff Thorpe 提交于
CVE-2014-3568 Reviewed-by: NEmilia Kasper <emilia@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
CVE-2014-3567 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
Related to CVE-2014-3513 This fix was developed by the OpenSSL Team Reviewed-by: NTim Hudson <tjh@openssl.org> Conflicts: util/mkdef.pl util/ssleay.num
-
由 Matt Caswell 提交于
CVE-2014-3513 This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. Further analysis of the issue was performed by the OpenSSL team. The fix was developed by the OpenSSL team. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Bodo Moeller 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Andy Polyakov 提交于
RT: 3553 Reviewed-by: NEmilia Kasper <emilia@openssl.org>
-
由 Bodo Moeller 提交于
handling out of #ifndef OPENSSL_NO_DTLS1 section. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Bodo Moeller 提交于
Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 11 10月, 2014 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 10 10月, 2014 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 07 10月, 2014 2 次提交
-
-
由 Matt Caswell 提交于
Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also remove duplicate definition of PKCS7_type_is_digest. PR#3551 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Ben Laurie 提交于
Reviewed-by: NGeoffrey Thorpe <geoff@geoffthorpe.net>
-
- 03 10月, 2014 1 次提交
-
-
由 Rich Salz 提交于
If data is NULL, return the size needed to hold the derived key. No other API to do this, so document the behavior. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 02 10月, 2014 3 次提交
-
-
由 Bodo Moeller 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 01 10月, 2014 5 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NDr Stephen Henson <steve@openssl.org>
-
由 Andy Polyakov 提交于
RT: 3541 Reviewed-by: NEmilia Kasper <emilia@openssl.org>
-
- 29 9月, 2014 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reencode DigestInto in DER and check against the original: this will reject any improperly encoded DigestInfo structures. Note: this is a precautionary measure, there is no known attack which can exploit this. Thanks to Brian Smith for reporting this issue. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 26 9月, 2014 2 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Rich Salz 提交于
Also add comment to Configure reminding people to do that. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 25 9月, 2014 5 次提交
-
-
由 Emilia Kasper 提交于
Accidentally omitted from commit 455b65dfReviewed-by: NKurt Roeckx <kurt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Andy Polyakov 提交于
RT: 3541 Reviewed-by: NEmilia Kasper <emilia@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Rich Salz 提交于
The following #ifdef tests were all removed: __MWERKS__ MAC_OS_pre_X MAC_OS_GUSI_SOURCE MAC_OS_pre_X OPENSSL_SYS_MACINTOSH_CLASSIC OPENSSL_SYS_MACOSX_RHAPSODY Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 24 9月, 2014 2 次提交
-
-
由 Emilia Kasper 提交于
Do the final padding check in EVP_DecryptFinal_ex in constant time to avoid a timing leak from padding failure. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Emilia Kasper 提交于
(Original commit adb46dbc) Use the new constant-time methods consistently in s3_srvr.c Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-