提交 · ba64ae6cd13182f4f1d99beed8274e17bf8a92b7 · OpenHarmony / Third Party Openssl

23 1月, 2010 1 次提交
- D
  If legacy renegotiation is not permitted then send a fatal alert if a patched · 3a88efd4
  由 Dr. Stephen Henson 提交于 1月 22, 2010
```
server attempts to renegotiate with an unpatched client.
```
  3a88efd4
21 1月, 2010 2 次提交
- D
  
  oops · 49371e3a
  由 Dr. Stephen Henson 提交于 1月 20, 2010
  
  49371e3a
- D
  
  update NEWS file · eb125795
  由 Dr. Stephen Henson 提交于 1月 20, 2010
  
  eb125795
20 1月, 2010 2 次提交

The use of NIDs in the password based encryption table can result in · 071ef65c

由 Dr. Stephen Henson 提交于 1月 19, 2010

algorithms not found when an application uses PKCS#12 and only calls
SSL_library_init() instead of OpenSSL_add_all_algorithms(). Simple
work around is to add the missing algorithm (40 bit RC2) in
SSL_library_init().

071ef65c

PR: 2144 · 0debb681

由 Dr. Stephen Henson 提交于 1月 19, 2010

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Better fix for PR#2144

0debb681

17 1月, 2010 2 次提交

PR: 2144 · 8d39d280

由 Dr. Stephen Henson 提交于 1月 16, 2010

Submitted by: steve@openssl.org

Fix DTLS connection so new_session is reset if we read second client hello:
new_session is used to detect renegotiation.

8d39d280

D
PR: 2133 · 598b562a
由 Dr. Stephen Henson 提交于 1月 16, 2010
```
Submitted by: steve@openssl.org

Add missing DTLS state strings.
```
598b562a

15 1月, 2010 2 次提交
- D
  
  make update · 031c7890
  由 Dr. Stephen Henson 提交于 1月 15, 2010
  
  031c7890
- D
  PR: 2125 · ce1ec9c3
  由 Dr. Stephen Henson 提交于 1月 14, 2010
```
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>

Fix gcc-aix compilation issue.
```
  ce1ec9c3
14 1月, 2010 1 次提交

Fix version handling so it can cope with a major version >3. · bd5f21a4

由 Dr. Stephen Henson 提交于 1月 13, 2010

Although it will be many years before TLS v2.0 or later appears old versions
of servers have a habit of hanging around for a considerable time so best
if we handle this properly now.

bd5f21a4

08 1月, 2010 1 次提交
- D
  Simplify RI+SCSV logic: · 423c66f1
  由 Dr. Stephen Henson 提交于 1月 07, 2010
```
1. Send SCSV is not renegotiating, never empty RI.
2. Send RI if renegotiating.
```
  423c66f1
07 1月, 2010 2 次提交
- D
  Updates to conform with draft-ietf-tls-renegotiation-03.txt: · 76998a71
  由 Dr. Stephen Henson 提交于 1月 06, 2010
```
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
```
  76998a71
- D
  
  Missing commit from change ofr compress_meth to unsigned · dd792d62
  由 Dr. Stephen Henson 提交于 1月 06, 2010
  
  dd792d62
06 1月, 2010 1 次提交
- D
  
  compress_meth should be unsigned · 82a107ea
  由 Dr. Stephen Henson 提交于 1月 06, 2010
  
  82a107ea
01 1月, 2010 1 次提交

Client side compression algorithm sanity checks: ensure old compression · 2be3d6eb

由 Dr. Stephen Henson 提交于 1月 01, 2010

algorithm matches current and give error if compression is disabled and
server requests it (shouldn't happen unless server is broken).

2be3d6eb

31 12月, 2009 1 次提交
- D
  Compression handling on session resume was badly broken: it always · e6f418bc
  由 Dr. Stephen Henson 提交于 12月 31, 2009
```
used compression algorithms in client hello (a legacy from when
the compression algorithm wasn't serialized with SSL_SESSION).
```
  e6f418bc
28 12月, 2009 3 次提交
- D
  
  return v1.1 methods for client/server · 76774c5e
  由 Dr. Stephen Henson 提交于 12月 28, 2009
  
  76774c5e
- D
  
  Typo · 73527122
  由 Dr. Stephen Henson 提交于 12月 27, 2009
  
  73527122
- D
  Update RI to match latest spec. · d6801576
  由 Dr. Stephen Henson 提交于 12月 27, 2009
```
MCSV is now called SCSV.

Don't send SCSV if renegotiating.

Also note if RI is empty in debug messages.
```
  d6801576
17 12月, 2009 2 次提交
- D
  
  Alert to use is now defined in spec: update code · fbed9f81
  由 Dr. Stephen Henson 提交于 12月 17, 2009
  
  fbed9f81
- D
  
  New option to enable/disable connection to unpatched servers · ef51b4b9
  由 Dr. Stephen Henson 提交于 12月 16, 2009
  
  ef51b4b9
14 12月, 2009 1 次提交
- D
  Allow initial connection (but no renegoriation) to servers which don't support · c27c9cb4
  由 Dr. Stephen Henson 提交于 12月 14, 2009
```
RI.

Reorganise RI checking code and handle some missing cases.
```
  c27c9cb4
11 12月, 2009 1 次提交
- D
  
  Move SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION out of SSL_OP_ALL and move SSL_OP_NO_TLSv1_1 · 22c21555
  由 Dr. Stephen Henson 提交于 12月 11, 2009
  
  22c21555
09 12月, 2009 4 次提交
- D
  
  Check s3 is not NULL · a8640f0a
  由 Dr. Stephen Henson 提交于 12月 09, 2009
  
  a8640f0a
- D
  
  Add patch to crypto/evp which didn't apply from PR#2124 · 338a61b9
  由 Dr. Stephen Henson 提交于 12月 09, 2009
  
  338a61b9
- D
  Add ctrls to clear options and mode. · 7661ccad
  由 Dr. Stephen Henson 提交于 12月 09, 2009
```
Change RI ctrl so it doesn't clash.
```
  7661ccad
- D
  
  Send no_renegotiation alert as required by spec. · 82e610e2
  由 Dr. Stephen Henson 提交于 12月 08, 2009
  
  82e610e2
08 12月, 2009 3 次提交

D

Add ctrl and macro so we can determine if peer support secure renegotiation. · 5430200b
由 Dr. Stephen Henson 提交于 12月 08, 2009

5430200b

Add support for magic cipher suite value (MCSV). Make secure renegotiation · 13f6d57b

由 Dr. Stephen Henson 提交于 12月 08, 2009

work in SSLv3: initial handshake has no extensions but includes MCSV, if
server indicates RI support then renegotiation handshakes include RI.

NB: current MCSV value is bogus for testing only, will be updated when we
have an official value.

Change mismatch alerts to handshake_failure as required by spec.

Also have some debugging fprintfs so we can clearly see what is going on
if OPENSSL_RI_DEBUG is set.

13f6d57b

PR: 2121 · 8025e251

由 Dr. Stephen Henson 提交于 12月 08, 2009

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Add extension support to DTLS code mainly using existing implementation for
TLS.

8025e251

07 12月, 2009 1 次提交
- D
  
  Initial experimental TLSv1.1 support · 637f374a
  由 Dr. Stephen Henson 提交于 12月 07, 2009
  
  637f374a
02 12月, 2009 3 次提交
- D
  
  Ooops... · 7f354fa4
  由 Dr. Stephen Henson 提交于 12月 01, 2009
  
  7f354fa4
- D
  
  check DSA_sign() return value properly · 6732e142
  由 Dr. Stephen Henson 提交于 12月 01, 2009
  
  6732e142
- D
  PR: 2115 · 49968440
  由 Dr. Stephen Henson 提交于 12月 01, 2009
```
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.
```
  49968440
18 11月, 2009 3 次提交
- D
  
  Servers can't end up talking SSLv2 with legacy renegotiation disabled · 6cef3a7f
  由 Dr. Stephen Henson 提交于 11月 18, 2009
  
  6cef3a7f
- D
  
  Don't use SSLv2 compatible client hello if we don't tolerate legacy renegotiation · 4d09323a
  由 Dr. Stephen Henson 提交于 11月 18, 2009
  
  4d09323a
- D
  
  Include a more meaningful error message when rejecting legacy renegotiation · 64abf5e6
  由 Dr. Stephen Henson 提交于 11月 18, 2009
  
  64abf5e6
13 11月, 2009 1 次提交
- R
  
  Update from 1.0.0-stable · 0a02d1db
  由 Richard Levitte 提交于 11月 12, 2009
  
  0a02d1db
11 11月, 2009 1 次提交
- D
  
  add missing parts of reneg port, fix apps patch · 860c3dd1
  由 Dr. Stephen Henson 提交于 11月 11, 2009
  
  860c3dd1
10 11月, 2009 1 次提交
- D
  
  First cut of renegotiation extension. (port to HEAD) · e0e79972
  由 Dr. Stephen Henson 提交于 11月 09, 2009
  
  e0e79972

OpenHarmony / Third Party Openssl 大约 1 年 前同步成功

OpenHarmony / Third Party Openssl
大约 1 年前同步成功