- 21 10月, 2006 1 次提交
-
-
由 Andy Polyakov 提交于
-
- 20 10月, 2006 3 次提交
-
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
- 18 10月, 2006 4 次提交
-
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
for low-level SHA block routines.
-
- 17 10月, 2006 6 次提交
-
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
- 11 10月, 2006 1 次提交
-
-
由 Andy Polyakov 提交于
redundant as result.
-
- 06 10月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 05 10月, 2006 1 次提交
-
-
由 Nils Larsch 提交于
-
- 04 10月, 2006 1 次提交
-
-
由 Bodo Möller 提交于
happen; the new code for the OID cross reference table failed to do so.
-
- 03 10月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
create, free and set default CRL method.
-
- 29 9月, 2006 1 次提交
-
-
由 Mark J. Cox 提交于
Steve Kiernan
-
- 28 9月, 2006 6 次提交
-
-
由 Bodo Möller 提交于
the redundant entries under the 0.9.9 heading.
-
由 Bodo Möller 提交于
cause a denial of service. (CVE-2006-2940) [Steve Henson, Bodo Moeller]
-
由 Bodo Möller 提交于
-
由 Mark J. Cox 提交于
in a denial of service. (CVE-2006-2937) [Steve Henson]
-
由 Mark J. Cox 提交于
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team] Fix SSL client code which could crash if connecting to a malicious SSLv2 server. (CVE-2006-4343) [Tavis Ormandy and Will Drewry, Google Security Team]
-
由 Richard Levitte 提交于
1) Certificate Message with no certs OpenSSL implementation sends the Certificate message during SSL handshake, however as per the specification, these have been omitted. -- RFC 2712 -- CertificateRequest, and the ServerKeyExchange shown in Figure 1 will be omitted since authentication and the establishment of a master secret will be done using the client's Kerberos credentials for the TLS server. The client's certificate will be omitted for the same reason. -- RFC 2712 -- 3) Pre-master secret Protocol version The pre-master secret generated by OpenSSL does not have the correct client version. RFC 2712 says, if the Kerberos option is selected, the pre-master secret structure is the same as that used in the RSA case. TLS specification defines pre-master secret as: struct { ProtocolVersion client_version; opaque random[46]; } PreMasterSecret; where client_version is the latest protocol version supported by the client The pre-master secret generated by OpenSSL does not have the correct client version. The implementation does not update the first 2 bytes of random secret for Kerberos Cipher suites. At the server-end, the client version from the pre-master secret is not validated. PR: 1336
-
- 26 9月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 25 9月, 2006 1 次提交
-
-
由 Richard Levitte 提交于
-
- 24 9月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed by: steve
-
- 23 9月, 2006 2 次提交
-
-
由 Dr. Stephen Henson 提交于
PR:1374
-
由 Dr. Stephen Henson 提交于
PR:1348
-
- 22 9月, 2006 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 21 9月, 2006 6 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
PR: 1383
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
loaded. Add new function X509_CRL_get0_by_serial() to lookup a revoked entry to avoid the need to access the structure directly. Add new X509_CRL_METHOD to allow common CRL operations (verify, lookup) to be redirected.
-
- 19 9月, 2006 1 次提交
-
-
由 Andy Polyakov 提交于
PR: 1390
-