1. 19 1月, 2016 1 次提交
  2. 12 1月, 2016 1 次提交
  3. 08 12月, 2015 3 次提交
  4. 06 12月, 2015 1 次提交
  5. 28 11月, 2015 1 次提交
    • D
      PRF and handshake hash revision. · 28ba2541
      Dr. Stephen Henson 提交于
      Change handshake hash array into a single digest context simplifying the
      handhake hash code. Use EVP_md5_sha1() if needed for handshake hashes in
      TLS 1.1 and earlier.
      
      Simplify PRF code to also use a single digest and treat EVP_md5_sha1()
      as a special case.
      
      Modify algorithm2 field of ciphers to use a single index value for handshake
      hash and PRF instead of a bitmap.
      Reviewed-by: NMatt Caswell <matt@openssl.org>
      28ba2541
  6. 26 11月, 2015 1 次提交
  7. 20 11月, 2015 1 次提交
  8. 14 8月, 2015 2 次提交
  9. 24 6月, 2015 1 次提交
    • D
      Tidy up ssl3_digest_cached_records logic. · 124037fd
      Dr. Stephen Henson 提交于
      Rewrite ssl3_digest_cached_records handling. Only digest cached records
      if digest array is NULL: this means it is safe to call
      ssl3_digest_cached_records multiple times (subsequent calls are no op).
      
      Remove flag TLS1_FLAGS_KEEP_HANDSHAKE instead only update handshake buffer
      if digest array is NULL.
      
      Add additional "keep" parameter to ssl3_digest_cached_records to indicate
      if the handshake buffer should be retained after digesting cached records
      (needed for TLS 1.2 client authentication).
      Reviewed-by: NMatt Caswell <matt@openssl.org>
      124037fd
  10. 01 6月, 2015 1 次提交
  11. 31 5月, 2015 1 次提交
  12. 13 5月, 2015 1 次提交
  13. 05 5月, 2015 1 次提交
    • R
      Use safer sizeof variant in malloc · b4faea50
      Rich Salz 提交于
      For a local variable:
              TYPE *p;
      Allocations like this are "risky":
              p = OPENSSL_malloc(sizeof(TYPE));
      if the type of p changes, and the malloc call isn't updated, you
      could get memory corruption.  Instead do this:
              p = OPENSSL_malloc(sizeof(*p));
      Also fixed a few memset() calls that I noticed while doing this.
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      b4faea50
  14. 01 5月, 2015 3 次提交
    • R
      free NULL cleanup 11 · efa7dd64
      Rich Salz 提交于
      Don't check for NULL before calling free functions. This gets:
              ERR_STATE_free
              ENGINE_free
              DSO_free
              CMAC_CTX_free
              COMP_CTX_free
              CONF_free
              NCONF_free NCONF_free_data _CONF_free_data
              A sk_free use within OBJ_sigid_free
              TS_TST_INFO_free (rest of TS_ API was okay)
              Doc update for UI_free (all uses were fine)
              X509V3_conf_free
              X509V3_section_free
              X509V3_string_free
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      efa7dd64
    • R
      free null cleanup finale · b548a1f1
      Rich Salz 提交于
      Don't check for NULL before calling OPENSSL_free
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      b548a1f1
    • R
      free cleanup almost the finale · 4b45c6e5
      Rich Salz 提交于
      Add OPENSSL_clear_free which merges cleanse and free.
      (Names was picked to be similar to BN_clear_free, etc.)
      Removed OPENSSL_freeFunc macro.
      Fixed the small simple ones that are left:
              CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      4b45c6e5
  15. 29 4月, 2015 1 次提交
  16. 17 4月, 2015 1 次提交
  17. 26 3月, 2015 5 次提交
  18. 25 3月, 2015 1 次提交
    • M
      Ensure last_write_sequence is saved in DTLS1.2 · d5d0a1cb
      Matt Caswell 提交于
      In DTLS, immediately prior to epoch change, the write_sequence is supposed
      to be stored in s->d1->last_write_sequence. The write_sequence is then reset
      back to 00000000. In the event of retransmits of records from the previous
      epoch, the last_write_sequence is restored. This commit fixes a bug in
      DTLS1.2 where the write_sequence was being reset before last_write_sequence
      was saved, and therefore retransmits are sent with incorrect sequence
      numbers.
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      d5d0a1cb
  19. 23 3月, 2015 1 次提交
  20. 17 3月, 2015 1 次提交
    • M
      Add sanity check to PRF · 668f6f08
      Matt Caswell 提交于
      The function tls1_PRF counts the number of digests in use and partitions
      security evenly between them. There always needs to be at least one digest
      in use, otherwise this is an internal error. Add a sanity check for this.
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      668f6f08
  21. 11 3月, 2015 1 次提交
  22. 27 2月, 2015 1 次提交
  23. 13 2月, 2015 1 次提交
  24. 06 2月, 2015 1 次提交
  25. 04 2月, 2015 1 次提交
  26. 03 2月, 2015 2 次提交
  27. 29 1月, 2015 1 次提交
  28. 22 1月, 2015 3 次提交