提交 · 8e1dc4d7ca9278fdfe68b81467b588dfdd7f8f1b · OpenHarmony / Third Party Openssl

17 1月, 2012 1 次提交

Support for fixed DH ciphersuites. · 8e1dc4d7

由 Dr. Stephen Henson 提交于 1月 16, 2012

The cipher definitions of these ciphersuites have been around since SSLeay
but were always disabled. Now OpenSSL supports DH certificates they can be
finally enabled.

Various additional changes were needed to make them work properly: many
unused fixed DH sections of code were untested.

8e1dc4d7

05 1月, 2012 6 次提交
- B
  Fix for builds without DTLS support. · 7bb1cc95
  由 Bodo Möller 提交于 1月 05, 2012
```
Submitted by: Brian Carlstrom
```
  7bb1cc95
- D
  PR: 2671 · 59e68615
  由 Dr. Stephen Henson 提交于 1月 05, 2012
```
Submitted by: steve

Update maximum message size for certifiate verify messages to support
4096 bit RSA keys again as TLS v1.2 messages is two bytes longer.
```
  59e68615
- D
  Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> · 192540b5
  由 Dr. Stephen Henson 提交于 1月 05, 2012
```
Reviewed by: steve

Send fatal alert if heartbeat extension has an illegal value.
```
  192540b5
- D
  Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de> · e7455724
  由 Dr. Stephen Henson 提交于 1月 04, 2012
```
Reviewed by: steve

Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
```
  e7455724
- D
  
  Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) · 27dfffd5
  由 Dr. Stephen Henson 提交于 1月 04, 2012
  
  27dfffd5
- D
  
  Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) · d0dc991c
  由 Dr. Stephen Henson 提交于 1月 04, 2012
  
  d0dc991c
04 1月, 2012 3 次提交
- D
  Submitted by: Adam Langley <agl@chromium.org> · 25536ea6
  由 Dr. Stephen Henson 提交于 1月 04, 2012
```
Reviewed by: steve

Fix memory leaks.
```
  25536ea6
- D
  
  oops, revert wrong patch · b3720c34
  由 Dr. Stephen Henson 提交于 1月 03, 2012
  
  b3720c34
- D
  
  only send heartbeat extension from server if client sent one · 5733919d
  由 Dr. Stephen Henson 提交于 1月 03, 2012
  
  5733919d
01 1月, 2012 1 次提交

PR: 2658 · 4817504d

由 Dr. Stephen Henson 提交于 12月 31, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Support for TLS/DTLS heartbeats.

4817504d

27 12月, 2011 3 次提交

D

make update · 84b6e277
由 Dr. Stephen Henson 提交于 12月 27, 2011

84b6e277

PR: 1794 · c79f22c6

由 Dr. Stephen Henson 提交于 12月 27, 2011

Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

- remove some unncessary SSL_err and permit
an srp user callback to allow a worker to obtain
a user verifier.

- cleanup and comments in s_server and demonstration
for asynchronous srp user lookup

c79f22c6

PR: 2326 · f3d781bb

由 Dr. Stephen Henson 提交于 12月 26, 2011

Submitted by: Tianjie Mao <tjmao@tjmao.net>
Reviewed by: steve

Fix incorrect comma expressions and goto f_err as alert has been set.

f3d781bb

25 12月, 2011 1 次提交

PR: 2535 · 7e159e01

由 Dr. Stephen Henson 提交于 12月 25, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Add SCTP support for DTLS (RFC 6083).

7e159e01

23 12月, 2011 3 次提交
- D
  
  typo · b9e14888
  由 Dr. Stephen Henson 提交于 12月 23, 2011
  
  b9e14888
- D
  
  delete unimplemented function from header file, update ordinals · 9c52c3e0
  由 Dr. Stephen Henson 提交于 12月 23, 2011
  
  9c52c3e0
- D
  
  remove prototype for deleted SRP function · b646fc40
  由 Dr. Stephen Henson 提交于 12月 22, 2011
  
  b646fc40
22 12月, 2011 1 次提交

New ctrl values to clear or retrieve extra chain certs from an SSL_CTX. · f9b0b452

由 Dr. Stephen Henson 提交于 12月 22, 2011

New function to retrieve compression method from SSL_SESSION structure.

Delete SSL_SESSION_get_id_len and SSL_SESSION_get0_id functions
as they duplicate functionality of SSL_SESSION_get_id. Note: these functions
have never appeared in any release version of OpenSSL.

f9b0b452

15 12月, 2011 1 次提交

PR: 1794 · f2fc3075

由 Dr. Stephen Henson 提交于 12月 14, 2011

Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Remove unnecessary code for srp and to add some comments to
s_client.

- the callback to provide a user during client connect is
no longer necessary since rfc 5054 a connection attempt
with an srp cipher and no user is terminated when the
cipher is acceptable

- comments to indicate in s_client the (non-)usefulness of
th primalaty tests for non known group parameters.

f2fc3075

13 12月, 2011 1 次提交
- B
  
  Remove redundant TLS exporter. · 3c0ff9f9
  由 Ben Laurie 提交于 12月 13, 2011
  
  3c0ff9f9
07 12月, 2011 1 次提交
- D
  
  fix error discrepancy · 7a236261
  由 Dr. Stephen Henson 提交于 12月 07, 2011
  
  7a236261
02 12月, 2011 1 次提交
- B
  Resolve a stack set-up race condition (if the list of compression · 19b0d0e7
  由 Bodo Möller 提交于 12月 02, 2011
```
methods isn't presorted, it will be sorted on first read).

Submitted by: Adam Langley
```
  19b0d0e7
25 11月, 2011 2 次提交

PR: 1794 · ebba6c48

由 Dr. Stephen Henson 提交于 11月 25, 2011

Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Make SRP conformant to rfc 5054.

Changes are:

- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.

ebba6c48

B
Fix NPN implementation for renegotiation. · 6f31dd72
由 Bodo Möller 提交于 11月 24, 2011
```
(Problem pointed out by Ben Murphy.)

Submitted by: Adam Langley
```
6f31dd72

22 11月, 2011 2 次提交
- D
  
  move internal functions to ssl_locl.h · 1c78c43b
  由 Dr. Stephen Henson 提交于 11月 21, 2011
  
  1c78c43b
- D
  
  bcmp doesn't exist on all platforms, replace with memcmp · 21b52dd3
  由 Dr. Stephen Henson 提交于 11月 21, 2011
  
  21b52dd3
16 11月, 2011 2 次提交
- B
  
  Add TLS exporter. · e0af0405
  由 Ben Laurie 提交于 11月 15, 2011
  
  e0af0405
- B
  
  Add DTLS-SRTP. · 333f926d
  由 Ben Laurie 提交于 11月 15, 2011
  
  333f926d
14 11月, 2011 1 次提交
- B
  Fix some warnings caused by __owur. Temporarily (I hope) remove the more · ae551760
  由 Ben Laurie 提交于 11月 14, 2011
```
aspirational __owur annotations.
```
  ae551760
13 11月, 2011 1 次提交

PR: 1794 · 0c58d22a

由 Dr. Stephen Henson 提交于 11月 13, 2011

Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Document unknown_psk_identify alert, remove pre-RFC 5054 string from
ssl_stat.c

0c58d22a

27 10月, 2011 2 次提交

PR: 2628 · 930e8012

由 Dr. Stephen Henson 提交于 10月 27, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Send alert instead of assertion failure for incorrectly formatted DTLS
fragments.

930e8012

PR: 2628 · fe0e302d

由 Dr. Stephen Henson 提交于 10月 27, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix for ECC keys and DTLS.

fe0e302d

25 10月, 2011 1 次提交
- D
  
  Use correct tag for SRP username. · 45906fe6
  由 Dr. Stephen Henson 提交于 10月 25, 2011
  
  45906fe6
15 10月, 2011 1 次提交
- D
  
  more vxworks patches · ffbfbef9
  由 Dr. Stephen Henson 提交于 10月 14, 2011
  
  ffbfbef9
13 10月, 2011 1 次提交
- B
  In ssl3_clear, preserve s3->init_extra along with s3->rbuf. · 3ddc06f0
  由 Bodo Möller 提交于 10月 13, 2011
```
Submitted by: Bob Buckholz <bbuckholz@google.com>
```
  3ddc06f0
10 10月, 2011 3 次提交
- D
  
  add GCM ciphers in SSL_library_init · eb47b2fb
  由 Dr. Stephen Henson 提交于 10月 10, 2011
  
  eb47b2fb
- D
  
  disable GCM if not available · a0f21307
  由 Dr. Stephen Henson 提交于 10月 10, 2011
  
  a0f21307
- D
  
  Don't disable TLS v1.2 by default now. · 7d7c13cb
  由 Dr. Stephen Henson 提交于 10月 09, 2011
  
  7d7c13cb
07 10月, 2011 1 次提交
- D
  
  use client version when eliminating TLS v1.2 ciphersuites in client hello · 6dd54739
  由 Dr. Stephen Henson 提交于 10月 07, 2011
  
  6dd54739

OpenHarmony / Third Party Openssl 11 个月 前同步成功

OpenHarmony / Third Party Openssl
11 个月前同步成功