- 10 6月, 2015 1 次提交
-
-
由 Emilia Kasper 提交于
This is a workaround so old that nobody remembers what buggy clients it was for. It's also been broken in stable branches for two years and nobody noticed (see https://boringssl-review.googlesource.com/#/c/1694/). Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 27 2月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
the "-hack" option from s_server that set this option. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 06 2月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
This is an ancient bug workaround for Netscape clients. The documentation talks about versions 3.x and 4.x beta. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 06 1月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
OpenSSL clients would tolerate temporary RSA keys in non-export ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which enabled this server side. Remove both options as they are a protocol violation. Thanks to Karthikeyan Bhargavan for reporting this issue. (CVE-2015-0204) Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 04 12月, 2014 1 次提交
-
-
由 Kurt Roeckx 提交于
The only support for SSLv2 left is receiving a SSLv2 compatible client hello. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 03 7月, 2014 1 次提交
-
-
由 Rich Salz 提交于
298 424 656 882 939 1630 1807 2263 2294 2311 2424 2623 2637 2686 2697 2921 2922 2940 3055 3112 3156 3177 3277
-
- 02 7月, 2014 1 次提交
-
-
由 Rich Salz 提交于
-
- 02 6月, 2014 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add TLS padding extension to SSL_OP_ALL so it is used with other "bugs" options and can be turned off. This replaces SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG which is an ancient option referring to SSLv2 and SSLREF. PR#3336
-
- 09 1月, 2014 1 次提交
-
-
由 Daniel Kahn Gillmor 提交于
-
- 05 9月, 2013 1 次提交
-
-
由 Rob Stradling 提交于
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
-
- 03 2月, 2011 1 次提交
-
-
由 Bodo Möller 提交于
-
- 18 2月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
initial connection to unpatched servers. There are no additional security concerns in doing this as clients don't see renegotiation during an attack anyway.
-
- 13 2月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 28 1月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 06 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 10 12月, 2009 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
Initial secure renegotiation documentation.
-
- 24 8月, 2007 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 27 10月, 2005 1 次提交
-
-
由 Bodo Möller 提交于
(This were in 0.9.7-stable and 0.9.8-stable, but not in HEAD so far.)
-
- 23 3月, 2005 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 20 3月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
PR: 538
-
- 11 7月, 2002 1 次提交
-
-
由 Lutz Jänicke 提交于
Submitted by: Richard.Koenning@fujitsu-siemens.com Reviewed by: PR: 129
-
- 14 6月, 2002 1 次提交
-
-
由 Bodo Möller 提交于
vulnerability workaround (included in SSL_OP_ALL). PR: #90
-
- 17 10月, 2001 1 次提交
-
-
由 Bodo Möller 提交于
-
- 07 9月, 2001 1 次提交
-
-
由 Ulf Möller 提交于
-
- 23 8月, 2001 1 次提交
-
-
由 Ulf Möller 提交于
-
- 03 8月, 2001 1 次提交
-
-
由 Lutz Jänicke 提交于
-
- 31 7月, 2001 1 次提交
-
-
由 Lutz Jänicke 提交于
-
- 21 7月, 2001 1 次提交
-
-
由 Lutz Jänicke 提交于
-
- 16 2月, 2001 1 次提交
-
-
由 Ulf Möller 提交于
-
- 11 2月, 2001 2 次提交
-
-
由 Lutz Jänicke 提交于
-
由 Lutz Jänicke 提交于
options someone much longer working with OpenSSL/SSLeay is needed.
-