提交 · a9e1c50bb09a110d4774e6710f9322344684fa2d · OpenHarmony / Third Party Openssl

30 5月, 2012 1 次提交
- B
  
  RFC 5878 support. · a9e1c50b
  由 Ben Laurie 提交于 5月 30, 2012
  
  a9e1c50b
24 4月, 2012 3 次提交
- D
  Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> · 09e4e4b9
  由 Dr. Stephen Henson 提交于 4月 24, 2012
```
Reviewed by: steve
Improved localisation of TLS extension handling and code tidy.
```
  09e4e4b9
- D
  
  oops, not yet ;-) · ce33b42b
  由 Dr. Stephen Henson 提交于 4月 23, 2012
  
  ce33b42b
- D
  
  update NEWS · 579d5534
  由 Dr. Stephen Henson 提交于 4月 23, 2012
  
  579d5534
16 4月, 2012 1 次提交
- A
  s3_srvr.c: fix typo. · 3b1fb1a0
  由 Andy Polyakov 提交于 4月 15, 2012
```
PR: 2538
```
  3b1fb1a0
06 4月, 2012 1 次提交
- D
  Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> · b2284ed3
  由 Dr. Stephen Henson 提交于 4月 06, 2012
```
Localize client hello extension parsing in t1_lib.c
```
  b2284ed3
05 4月, 2012 1 次提交

Add support for automatic ECDH temporary key parameter selection. When · a4352630

由 Dr. Stephen Henson 提交于 4月 05, 2012

enabled instead of requiring an application to hard code a (possibly
inappropriate) parameter set and delve into EC internals we just
automatically use the preferred curve.

a4352630

22 2月, 2012 1 次提交
- D
  
  initialise i if n == 0 · de2b5b74
  由 Dr. Stephen Henson 提交于 2月 22, 2012
  
  de2b5b74
16 2月, 2012 1 次提交
- D
  Fix bug in CVE-2011-4619: check we have really received a client hello · 206310c3
  由 Dr. Stephen Henson 提交于 2月 16, 2012
```
before rejecting multiple SGC restarts.
```
  206310c3
27 1月, 2012 1 次提交

Revise ssl code to use a CERT_PKEY structure when outputting a · c526ed41

由 Dr. Stephen Henson 提交于 1月 26, 2012

certificate chain instead of an X509 structure.

This makes it easier to enhance code in future and the chain
output functions have access to the CERT_PKEY structure being
used.

c526ed41

25 1月, 2012 1 次提交
- D
  
  add support for use of fixed DH client certificates · 0d609395
  由 Dr. Stephen Henson 提交于 1月 25, 2012
  
  0d609395
17 1月, 2012 1 次提交

Support for fixed DH ciphersuites. · 8e1dc4d7

由 Dr. Stephen Henson 提交于 1月 16, 2012

The cipher definitions of these ciphersuites have been around since SSLeay
but were always disabled. Now OpenSSL supports DH certificates they can be
finally enabled.

Various additional changes were needed to make them work properly: many
unused fixed DH sections of code were untested.

8e1dc4d7

05 1月, 2012 2 次提交
- D
  PR: 2671 · 59e68615
  由 Dr. Stephen Henson 提交于 1月 05, 2012
```
Submitted by: steve

Update maximum message size for certifiate verify messages to support
4096 bit RSA keys again as TLS v1.2 messages is two bytes longer.
```
  59e68615
- D
  
  Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) · d0dc991c
  由 Dr. Stephen Henson 提交于 1月 04, 2012
  
  d0dc991c
04 1月, 2012 3 次提交
- D
  Submitted by: Adam Langley <agl@chromium.org> · 25536ea6
  由 Dr. Stephen Henson 提交于 1月 04, 2012
```
Reviewed by: steve

Fix memory leaks.
```
  25536ea6
- D
  
  oops, revert wrong patch · b3720c34
  由 Dr. Stephen Henson 提交于 1月 03, 2012
  
  b3720c34
- D
  
  only send heartbeat extension from server if client sent one · 5733919d
  由 Dr. Stephen Henson 提交于 1月 03, 2012
  
  5733919d
01 1月, 2012 1 次提交

PR: 2658 · 4817504d

由 Dr. Stephen Henson 提交于 12月 31, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Support for TLS/DTLS heartbeats.

4817504d

27 12月, 2011 1 次提交

PR: 1794 · c79f22c6

由 Dr. Stephen Henson 提交于 12月 27, 2011

Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

- remove some unncessary SSL_err and permit
an srp user callback to allow a worker to obtain
a user verifier.

- cleanup and comments in s_server and demonstration
for asynchronous srp user lookup

c79f22c6

25 11月, 2011 1 次提交

PR: 1794 · ebba6c48

由 Dr. Stephen Henson 提交于 11月 25, 2011

Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Make SRP conformant to rfc 5054.

Changes are:

- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.

ebba6c48

05 9月, 2011 2 次提交
- B
  
  Fix session handling. · c519e89f
  由 Bodo Möller 提交于 9月 05, 2011
  
  c519e89f
- B
  (EC)DH memory handling fixes. · e7928282
  由 Bodo Möller 提交于 9月 05, 2011
```
Submitted by: Adam Langley
```
  e7928282
14 6月, 2011 1 次提交
- D
  
  set FIPS allow before initialising ctx · 70051b1d
  由 Dr. Stephen Henson 提交于 6月 14, 2011
  
  70051b1d
04 6月, 2011 1 次提交
- D
  
  fix error discrepancy · 4f8f8bf3
  由 Dr. Stephen Henson 提交于 6月 03, 2011
  
  4f8f8bf3
25 5月, 2011 1 次提交
- D
  
  use TLS1_get_version macro to check version so TLS v1.2 changes don't interfere with DTLS · 238b6361
  由 Dr. Stephen Henson 提交于 5月 25, 2011
  
  238b6361
20 5月, 2011 3 次提交
- D
  PR: 2295 · f37f20ff
  由 Dr. Stephen Henson 提交于 5月 20, 2011
```
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
```
  f37f20ff
- D
  
  Implement FIPS_mode and FIPS_mode_set · 086e32a6
  由 Dr. Stephen Henson 提交于 5月 19, 2011
  
  086e32a6
- D
  
  set encodedPoint to NULL after freeing it · 4f7533eb
  由 Dr. Stephen Henson 提交于 5月 19, 2011
  
  4f7533eb
09 5月, 2011 1 次提交

Initial TLS v1.2 client support. Include a default supported signature · a2f9200f

由 Dr. Stephen Henson 提交于 5月 09, 2011

algorithms extension (including everything we support). Swicth to new
signature format where needed and relax ECC restrictions.

Not TLS v1.2 client certifcate support yet but client will handle case
where a certificate is requested and we don't have one.

a2f9200f

06 5月, 2011 1 次提交

Continuing TLS v1.2 support: add support for server parsing of · 6b7be581

由 Dr. Stephen Henson 提交于 5月 06, 2011

signature algorithms extension and correct signature format for
server key exchange.

All ciphersuites should now work on the server but no client support and
no client certificate support yet.

6b7be581

17 3月, 2011 1 次提交
- D
  
  Fix broken SRP error/function code assignment. · 23bc7961
  由 Dr. Stephen Henson 提交于 3月 16, 2011
  
  23bc7961
13 3月, 2011 1 次提交
- B
  
  Add SRP support. · edc032b5
  由 Ben Laurie 提交于 3月 12, 2011
  
  edc032b5
17 2月, 2011 1 次提交
- D
  Include openssl/crypto.h first in several other files so FIPS renaming · a3654f05
  由 Dr. Stephen Henson 提交于 2月 16, 2011
```
is picked up.
```
  a3654f05
03 2月, 2011 1 次提交
- B
  
  CVE-2010-4180 fix (from OpenSSL_1_0_0-stable) · 88f2a4cf
  由 Bodo Möller 提交于 2月 03, 2011
  
  88f2a4cf
14 11月, 2010 1 次提交
- D
  Get correct GOST private key instead of just assuming the last one is · e827b587
  由 Dr. Stephen Henson 提交于 11月 14, 2010
```
correct: this isn't always true if we have more than one certificate.
```
  e827b587
06 9月, 2010 2 次提交
- B
  
  Fixes to NPN from Adam Langley. · bf48836c
  由 Ben Laurie 提交于 9月 05, 2010
  
  bf48836c
- B
  
  Fix warnings. · 5df2a249
  由 Ben Laurie 提交于 9月 05, 2010
  
  5df2a249
26 8月, 2010 2 次提交

For better forward-security support, add functions · 7c2d4fee

由 Bodo Möller 提交于 8月 26, 2010

SSL_[CTX_]set_not_resumable_session_callback.

Submitted by: Emilia Kasper (Google)

[A part of this change affecting ssl/s3_lib.c was accidentally commited
separately, together with a compilation fix for that file;
see s3_lib.c CVS revision 1.133 (http://cvs.openssl.org/chngview?cn=19855).]

7c2d4fee

PR: 1833 · 44959ee4

由 Dr. Stephen Henson 提交于 8月 26, 2010

Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Support for abbreviated handshakes when renegotiating.

44959ee4

28 7月, 2010 1 次提交
- B
  
  Add Next Protocol Negotiation. · ee2ffc27
  由 Ben Laurie 提交于 7月 28, 2010
  
  ee2ffc27

OpenHarmony / Third Party Openssl 大约 1 年 前同步成功

OpenHarmony / Third Party Openssl
大约 1 年前同步成功