- 22 2月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 16 2月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
before rejecting multiple SGC restarts.
-
- 12 2月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Further fixes for use_srtp extension.
-
- 11 2月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Fix srp extension.
-
- 10 2月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Fix encoding of use_srtp extension to be compliant with RFC5764
-
- 09 2月, 2012 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
some servers.
-
- 03 2月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 31 1月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
structure. Before this the only way to add a custom chain was in the parent SSL_CTX (which is shared by all key types and SSL structures) or rely on auto chain building (which is performed on each handshake) from the trust store.
-
- 27 1月, 2012 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
certificate chain instead of an X509 structure. This makes it easier to enhance code in future and the chain output functions have access to the CERT_PKEY structure being used.
-
- 26 1月, 2012 2 次提交
-
-
由 Dr. Stephen Henson 提交于
New function ssl_add_cert_chain which adds a certificate chain to SSL internal BUF_MEM. Use this function in ssl3_output_cert_chain and dtls1_output_cert_chain instead of partly duplicating code.
-
由 Dr. Stephen Henson 提交于
-
- 25 1月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 22 1月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 19 1月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and preparing a fix. (CVE-2012-0050)
-
- 17 1月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
The cipher definitions of these ciphersuites have been around since SSLeay but were always disabled. Now OpenSSL supports DH certificates they can be finally enabled. Various additional changes were needed to make them work properly: many unused fixed DH sections of code were untested.
-
- 05 1月, 2012 6 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Brian Carlstrom
-
由 Dr. Stephen Henson 提交于
Submitted by: steve Update maximum message size for certifiate verify messages to support 4096 bit RSA keys again as TLS v1.2 messages is two bytes longer.
-
由 Dr. Stephen Henson 提交于
Reviewed by: steve Send fatal alert if heartbeat extension has an illegal value.
-
由 Dr. Stephen Henson 提交于
Reviewed by: steve Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and Kenny Paterson.
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 04 1月, 2012 3 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed by: steve Fix memory leaks.
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 01 1月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Support for TLS/DTLS heartbeats.
-
- 27 12月, 2011 3 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Reviewed by: steve - remove some unncessary SSL_err and permit an srp user callback to allow a worker to obtain a user verifier. - cleanup and comments in s_server and demonstration for asynchronous srp user lookup
-
由 Dr. Stephen Henson 提交于
Submitted by: Tianjie Mao <tjmao@tjmao.net> Reviewed by: steve Fix incorrect comma expressions and goto f_err as alert has been set.
-
- 25 12月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Add SCTP support for DTLS (RFC 6083).
-
- 23 12月, 2011 3 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 22 12月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
New function to retrieve compression method from SSL_SESSION structure. Delete SSL_SESSION_get_id_len and SSL_SESSION_get0_id functions as they duplicate functionality of SSL_SESSION_get_id. Note: these functions have never appeared in any release version of OpenSSL.
-
- 15 12月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Reviewed by: steve Remove unnecessary code for srp and to add some comments to s_client. - the callback to provide a user during client connect is no longer necessary since rfc 5054 a connection attempt with an srp cipher and no user is terminated when the cipher is acceptable - comments to indicate in s_client the (non-)usefulness of th primalaty tests for non known group parameters.
-
- 13 12月, 2011 1 次提交
-
-
由 Ben Laurie 提交于
-
- 07 12月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 02 12月, 2011 1 次提交
-
-
由 Bodo Möller 提交于
methods isn't presorted, it will be sorted on first read). Submitted by: Adam Langley
-
- 25 11月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Reviewed by: steve Make SRP conformant to rfc 5054. Changes are: - removal of the addition state after client hello - removal of all pre-rfc srp alert ids - sending a fatal alert when there is no srp extension but when the server wants SRP - removal of unnecessary code in the client.
-