- 15 11月, 2016 2 次提交
-
-
由 Richard Levitte 提交于
Done too soon, this is for future OpenSSL 1.2.0 This reverts commit 6c62f9e1. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1669)
-
- 14 11月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1669)
-
- 10 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
This is a skin deep change, which simply renames most places where we talk about curves in a TLS context to groups. This is because TLS1.3 has renamed the extension, and it can now include DH groups too. We still only support curves, but this rename should pave the way for a future extension for DH groups. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 04 11月, 2016 7 次提交
-
-
由 Matt Caswell 提交于
Travis is reporting one file at a time shadowed variable warnings where "read" has been used. This attempts to go through all of libssl and replace "read" with "readbytes" to fix all the problems in one go. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Writing still to be done Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 02 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Includes addition of the various options to s_server/s_client. Also adds one of the new TLS1.3 ciphersuites. This isn't "real" TLS1.3!! It's identical to TLS1.2 apart from the protocol and the ciphersuite...and the ciphersuite is just a renamed TLS1.2 one (not a "real" TLS1.3 ciphersuite). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 03 10月, 2016 3 次提交
-
-
由 Matt Caswell 提交于
Ensure all message types work the same way including CCS so that the state machine doesn't need to know about special cases. Put all the special logic into ssl_set_handshake_header() and ssl_close_construct_packet(). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
ssl_set_handshake_header2() was only ever a temporary name while we had to have ssl_set_handshake_header() for code that hadn't been converted to WPACKET yet. No code remains that needed that so we can rename it. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Remove the old ssl_set_handshake_header() implementations. Later we will rename ssl_set_handshake_header2() to ssl_set_handshake_header(). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 29 9月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Some functions were being called from both code that used WPACKETs and code that did not. Now that more code has been converted to use WPACKETs some of that duplication can be removed. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 20 9月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
All the other functions that take an argument for the number of bytes use convenience macros for this purpose. We should do the same with WPACKET_put_bytes(). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 13 9月, 2016 4 次提交
-
-
由 Matt Caswell 提交于
A few style tweaks here and there. The main change is that curr and packet_len are now offsets into the buffer to account for the fact that the pointers can change if the buffer grows. Also dropped support for the WPACKET_set_packet_len() function. I thought that was going to be needed but so far it hasn't been. It doesn't really work any more due to the offsets change. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
No need to declare an explicit sub-packet. Just start one. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
To avoid confusion with the read PACKET structure. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 24 8月, 2016 2 次提交
-
-
由 Rich Salz 提交于
Add CVE to CHANGES Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 18 8月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
Run util/openssl-format-source on ssl/ Some comments and hand-formatted tables were fixed up manually by disabling auto-formatting. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 17 8月, 2016 1 次提交
-
-
由 Remi Gacogne 提交于
* SSL_SESSION_set1_id() * SSL_SESSION_get0_id_context() * SSL_CTX_get_tlsext_status_cb() * SSL_CTX_get_tlsext_status_arg() Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 15 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Fix no-ec builds by having separate functions to create keys based on an existing EVP_PKEY and a curve id. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 13 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
When handling ECDH check to see if the curve is "custom" (X25519 is currently the only curve of this type) and instead of setting a curve NID just allocate a key of appropriate type. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 05 8月, 2016 1 次提交
-
-
由 David Woodhouse 提交于
Commit 3eb2aff4 ("Add support for minimum and maximum protocol version supported by a cipher") disabled all ciphers for DTLS1_BAD_VER. That wasn't helpful. Give them back. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 20 7月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
RT#4600 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 19 7月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
The tls_process_client_key_exchange() function is far too long. This splits out the PSK preamble processing, and the RSA processing into separate functions. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 23 6月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 08 6月, 2016 3 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Alessandro Ghedini 提交于
The tlsext_status_type field in SSL is used by e.g. OpenResty to determine if the client requested the certificate status, but SSL is now opaque. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 17 5月, 2016 2 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> MR: #2153
-
由 TJ Saunders 提交于
Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NMatt Caswell <matt@openssl.org> GH: #515, MR: #2153
-
- 16 5月, 2016 1 次提交
-
-
由 jfigus 提交于
To allow OCSP stapling to work with libcurl. Github PR #200 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 12 5月, 2016 1 次提交
-
-
由 Dmitry Belyavsky 提交于
RT#4438 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NStephen Henson <steve@openssl.org>
-