1. 24 4月, 2012 2 次提交
  2. 17 4月, 2012 1 次提交
    • D
      Additional workaround for PR#2771 · 800e1cd9
      Dr. Stephen Henson 提交于
      If OPENSSL_MAX_TLS1_2_CIPHER_LENGTH is set then limit the size of client
      ciphersuites to this value. A value of 50 should be sufficient.
      
      Document workarounds in CHANGES.
      800e1cd9
  3. 09 2月, 2012 1 次提交
  4. 27 1月, 2012 1 次提交
  5. 26 1月, 2012 1 次提交
  6. 25 1月, 2012 1 次提交
  7. 17 1月, 2012 1 次提交
    • D
      Support for fixed DH ciphersuites. · 8e1dc4d7
      Dr. Stephen Henson 提交于
      The cipher definitions of these ciphersuites have been around since SSLeay
      but were always disabled. Now OpenSSL supports DH certificates they can be
      finally enabled.
      
      Various additional changes were needed to make them work properly: many
      unused fixed DH sections of code were untested.
      8e1dc4d7
  8. 01 1月, 2012 1 次提交
    • D
      PR: 2658 · 4817504d
      Dr. Stephen Henson 提交于
      Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
      Reviewed by: steve
      
      Support for TLS/DTLS heartbeats.
      4817504d
  9. 27 12月, 2011 1 次提交
    • D
      PR: 2326 · f3d781bb
      Dr. Stephen Henson 提交于
      Submitted by: Tianjie Mao <tjmao@tjmao.net>
      Reviewed by: steve
      
      Fix incorrect comma expressions and goto f_err as alert has been set.
      f3d781bb
  10. 25 11月, 2011 2 次提交
    • D
      PR: 1794 · ebba6c48
      Dr. Stephen Henson 提交于
      Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
      Reviewed by: steve
      
      Make SRP conformant to rfc 5054.
      
      Changes are:
      
      - removal of the addition state after client hello
      - removal of all pre-rfc srp alert ids
      - sending a fatal alert when there is no srp extension but when the
      server wants SRP
      - removal of unnecessary code in the client.
      ebba6c48
    • B
      Fix NPN implementation for renegotiation. · 6f31dd72
      Bodo Möller 提交于
      (Problem pointed out by Ben Murphy.)
      
      Submitted by: Adam Langley
      6f31dd72
  11. 05 9月, 2011 1 次提交
  12. 26 7月, 2011 1 次提交
  13. 08 6月, 2011 1 次提交
  14. 25 5月, 2011 1 次提交
  15. 20 5月, 2011 1 次提交
  16. 13 5月, 2011 1 次提交
  17. 12 5月, 2011 1 次提交
  18. 09 5月, 2011 1 次提交
  19. 17 3月, 2011 1 次提交
  20. 13 3月, 2011 1 次提交
  21. 17 2月, 2011 1 次提交
  22. 03 2月, 2011 1 次提交
  23. 10 10月, 2010 1 次提交
    • D
      PR: 2314 · 57594258
      Dr. Stephen Henson 提交于
      Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
      Reviewed by: steve
      
      Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
      57594258
  24. 06 9月, 2010 1 次提交
  25. 26 8月, 2010 1 次提交
    • D
      PR: 1833 · 44959ee4
      Dr. Stephen Henson 提交于
      Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
      
      Support for abbreviated handshakes when renegotiating.
      44959ee4
  26. 28 7月, 2010 1 次提交
  27. 28 2月, 2010 2 次提交
  28. 02 2月, 2010 1 次提交
    • D
      PR: 2161 · 17ebc10f
      Dr. Stephen Henson 提交于
      Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.
      
      Make no-dsa, no-ecdsa and no-rsa compile again.
      17ebc10f
  29. 27 1月, 2010 1 次提交
    • D
      PR: 1949 · d5e7f2f2
      Dr. Stephen Henson 提交于
      Submitted by: steve@openssl.org
      
      More robust fix and workaround for PR#1949. Don't try to work out if there
      is any write pending data as this can be unreliable: always flush.
      d5e7f2f2
  30. 07 1月, 2010 1 次提交
  31. 01 1月, 2010 1 次提交
  32. 08 12月, 2009 2 次提交
    • D
      Add support for magic cipher suite value (MCSV). Make secure renegotiation · 13f6d57b
      Dr. Stephen Henson 提交于
      work in SSLv3: initial handshake has no extensions but includes MCSV, if
      server indicates RI support then renegotiation handshakes include RI.
      
      NB: current MCSV value is bogus for testing only, will be updated when we
      have an official value.
      
      Change mismatch alerts to handshake_failure as required by spec.
      
      Also have some debugging fprintfs so we can clearly see what is going on
      if OPENSSL_RI_DEBUG is set.
      13f6d57b
    • D
      PR: 2121 · 8025e251
      Dr. Stephen Henson 提交于
      Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
      
      Add extension support to DTLS code mainly using existing implementation for
      TLS.
      8025e251
  33. 02 12月, 2009 1 次提交
    • D
      PR: 2115 · 49968440
      Dr. Stephen Henson 提交于
      Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
      Approved by: steve@openssl.org
      
      Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.
      49968440
  34. 30 10月, 2009 1 次提交
  35. 29 10月, 2009 2 次提交