- 06 9月, 2013 5 次提交
-
-
由 Ben Laurie 提交于
-
* Many XMPP servers are configured with multiple domains (virtual hosts) * In order to establish successfully the TLS connection you have to specify which virtual host you are trying to connect. * Test this, for example with :: * Fail: openssl s_client -connect talk.google.com:5222 -starttls xmpp * Works: openssl s_client -connect talk.google.com:5222 -starttls xmpp -xmpphost gmail.com
-
-
* When the host used in "-connect" is not what the remote XMPP server expects the server will return an error like this: <stream:error> <host-unknown xmlns='urn:ietf:params:xml:ns:xmpp-streams'/> </stream:error> * But the actual code will stay on the loop forever because the stop condition "/stream:features>" will never happen, * Make this more robust: The stop condition should be that BIO_read failed * Test if for example with :: openssl s_client -connect random.jabb3r.net:5222 -starttls xmpp
-
* Some XMPP Servers (OpenFire) use double quotes. * This makes s_client starttls work with this servers. * Tested with OpenFire servers from http://xmpp.net/ :: openssl s_client -connect coderollers.com:5222 -starttls xmpp
-
- 05 9月, 2013 1 次提交
-
-
由 Rob Stradling 提交于
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
-
- 03 9月, 2013 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 21 8月, 2013 4 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Ben Laurie 提交于
-
由 Ben Laurie 提交于
-
- 19 8月, 2013 1 次提交
-
-
由 Dr. Stephen Henson 提交于
(cherry picked from commit 90e7f983b573c3f3c722a02db4491a1b1cd87e8c)
-
- 18 8月, 2013 4 次提交
-
-
由 Dr. Stephen Henson 提交于
Preliminary documentation for chain and verify stores and certificate chain setting functions.
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 14 8月, 2013 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Michael Tuexen 提交于
This fix ensures that * A HelloRequest is retransmitted if not responded by a ClientHello * The HelloRequest "consumes" the sequence number 0. The subsequent ServerHello uses the sequence number 1. * The client also expects the sequence number of the ServerHello to be 1 if a HelloRequest was received earlier. This patch fixes the RFC violation.
-
- 08 8月, 2013 1 次提交
-
-
由 Michael Tuexen 提交于
Reported by: Prashant Jaikumar <rmstar@gmail.com> Fix handling of application data received before a handshake.
-
- 06 8月, 2013 1 次提交
-
-
由 Kaspar Brand 提交于
PR: 3028 Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys correctly if they appeared first.
-
- 05 8月, 2013 10 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the same structure is used by DH and ECDH. Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers without the need to use ASN1.
-
由 Dr. Stephen Henson 提交于
Add support for DH parameter generation using DSA methods including FIPS 186-3.
-
由 Dr. Stephen Henson 提交于
Make DHparams_dup work properly with X9.42 DH parameters.
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
Don't need to use temporary buffer if remaining length equals digest length.
-
由 Dr. Stephen Henson 提交于
Check and set AlgorithmIdenfier parameters for key wrap algorithms. Currently these just set parameters to NULL.
-
- 03 8月, 2013 2 次提交
-
-
由 Andy Polyakov 提交于
Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by Ard Biesheuvel of Linaro.
-
由 Andy Polyakov 提交于
-
- 01 8月, 2013 1 次提交
-
-
由 Andy Polyakov 提交于
-
- 31 7月, 2013 1 次提交
-
-
由 Trevor Perrin 提交于
Force no SSL2 when custom extensions in use. Don't clear extension state when cert is set. Clear on renegotiate.
-
- 22 7月, 2013 3 次提交
-
-
由 Adam Langley 提交于
Conflicts: ssl/ssltest.c
-
由 Ben Laurie 提交于
-
由 Adam Langley 提交于
This change adds support for ALPN[1] in OpenSSL. ALPN is the IETF blessed version of NPN and we'll be supporting both ALPN and NPN for some time yet. [1] https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-00 Conflicts: ssl/ssl3.h ssl/t1_lib.c
-
- 19 7月, 2013 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Update ecdsatest to use ECDSA_sign_setup and ECDSA_sign_ex, this avoids the nonce generation which would otherwise break the test. Reinstate ecdsatest.
-
由 Dr. Stephen Henson 提交于
Disable ECDSA test temporarily: it is incompatible with ECDSA nonces.
-
- 18 7月, 2013 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add some ECDH CMS tests.
-