1. 10 6月, 2015 14 次提交
  2. 09 6月, 2015 4 次提交
  3. 08 6月, 2015 2 次提交
  4. 07 6月, 2015 1 次提交
  5. 06 6月, 2015 2 次提交
  6. 05 6月, 2015 3 次提交
  7. 04 6月, 2015 5 次提交
    • R
      Rename all static TS_xxx to ts_xxx · 9c422b5b
      Rich Salz 提交于
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      9c422b5b
    • M
      Remove misleading comment · f3d88952
      Matt Caswell 提交于
      Remove a comment that suggested further clean up was required.
      DH_free() performs the necessary cleanup.
      
      With thanks to the Open Crypto Audit Project for reporting this issue.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      f3d88952
    • M
      Clean premaster_secret for GOST · b7ee4815
      Matt Caswell 提交于
      Ensure OPENSSL_cleanse() is called on the premaster secret value calculated for GOST.
      
      With thanks to the Open Crypto Audit Project for reporting this issue.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      b7ee4815
    • M
      Fix off-by-one error in BN_bn2hex · c5635307
      Matt Caswell 提交于
      A BIGNUM can have the value of -0. The function BN_bn2hex fails to account
      for this and can allocate a buffer one byte too short in the event of -0
      being used, leading to a one byte buffer overrun. All usage within the
      OpenSSL library is considered safe. Any security risk is considered
      negligible.
      
      With thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and
      Filip Palian for discovering and reporting this issue.
      Reviewed-by: NTim Hudson <tjh@openssl.org>
      c5635307
    • M
      Fix DTLS session resumption · 7322abf5
      Matt Caswell 提交于
      The session object on the client side is initially created during
      construction of the ClientHello. If the client is DTLS1.2 capable then it
      will store 1.2 as the version for the session. However if the server is only
      DTLS1.0 capable then when the ServerHello comes back the client switches to
      using DTLS1.0 from then on. However the session version does not get
      updated. Therefore when the client attempts to resume that session the
      server throws an alert because of an incorrect protocol version.
      Reviewed-by: NTim Hudson <tjh@openssl.org>
      7322abf5
  8. 03 6月, 2015 6 次提交
  9. 02 6月, 2015 3 次提交