- 20 12月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Remove all fixed DH ciphersuites and associated logic. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 19 12月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 18 12月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
Since we don't use the eay style any more, there's no point tryint to tell emacs to use it. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 17 12月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
SSL_CIPHER_description() was returning "unknown" for the encryption in the new ChaCha20/Poly1305 TLS ciphersuites. RT#4183 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} Add #define's for the old names. Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 16 12月, 2015 8 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Remove incomplete non-functional ECDH client authentication code. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Since auto ecdh is now always used SSL_OP_SINGLE_ECDH_USE is redundant. Simplify associated code. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 15 12月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 14 12月, 2015 1 次提交
-
-
由 Ben Laurie 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 13 12月, 2015 4 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NBen Laurie <ben@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 tjmao 提交于
GCM and CCM are modes of operation for block ciphers only. ChaCha20-Poly1305 operates in neither of them but it is AEAD. This change also enables future AEAD ciphers to be available for use with DTLS. Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Rich Salz 提交于
This reverts commit 777f482d. Author credit missing. Reverting this and re-committing with an Author line. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 12 12月, 2015 3 次提交
-
-
由 Matt Caswell 提交于
Fix compile failure introduced by commit 94d61512 due to a typo. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
GCM and CCM are modes of operation for block ciphers only. ChaCha20-Poly1305 operates in neither of them but it is AEAD. This change also enables future AEAD ciphers to be available for use with DTLS. Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Ben Laurie 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 10 12月, 2015 7 次提交
-
-
由 Matt Caswell 提交于
A BIO_flush call in the DTLS code was not correctly setting the |rwstate| variable to SSL_WRITING. This means that SSL_get_error() will not return SSL_ERROR_WANT_WRITE in the event of an IO retry. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
If using DTLS and NBIO then if a second or subsequent handshake message fragment hits a retry, then the retry attempt uses the wrong fragment offset value. This commit restores the fragment offset from the last attempt. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
If the call to OBJ_find_sigid_by_algs fails to find the relevant NID then we should set the NID to NID_undef. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NStephen Henson <steve@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 09 12月, 2015 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Add new flag TLS1_FLAGS_RECEIVED_EXTMS which is set when the peer sends the extended master secret extension. Server now sends extms if and only if the client sent extms. Check consistency of extms extension when resuming sessions following (where practical) RFC7627. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 08 12月, 2015 6 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
This change required some special treatment, as HMAC is intertwined with EVP_MD. For now, all local HMAC_CTX variables MUST be initialised with HMAC_CTX_EMPTY, or whatever happens to be on the stack will be mistaken for actual pointers to EVP_MD_CTX. This will change as soon as HMAC_CTX becomes opaque. Also, since HMAC_CTX_init() can fail now, its return type changes from void to int, and it will return 0 on failure, 1 on success. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 07 12月, 2015 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 06 12月, 2015 1 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> MR: #364
-
- 05 12月, 2015 1 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-