- 27 1月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
certificate chain instead of an X509 structure. This makes it easier to enhance code in future and the chain output functions have access to the CERT_PKEY structure being used.
-
- 17 1月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
The cipher definitions of these ciphersuites have been around since SSLeay but were always disabled. Now OpenSSL supports DH certificates they can be finally enabled. Various additional changes were needed to make them work properly: many unused fixed DH sections of code were untested.
-
- 05 1月, 2012 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Brian Carlstrom
-
- 16 11月, 2011 2 次提交
-
-
由 Ben Laurie 提交于
-
由 Ben Laurie 提交于
-
- 10 10月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 07 10月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 27 9月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 23 9月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS bug which prevents manual MTU setting
-
- 05 9月, 2011 1 次提交
-
-
由 Bodo Möller 提交于
-
- 14 8月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
using OBJ xref utilities instead of string comparison with OID name. This removes the arbitrary restriction on using SHA1 only with some ECC ciphersuites.
-
- 26 7月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
prohibit use of these ciphersuites for TLS < 1.2
-
- 25 5月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 20 5月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 09 5月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
algorithms extension (including everything we support). Swicth to new signature format where needed and relax ECC restrictions. Not TLS v1.2 client certifcate support yet but client will handle case where a certificate is requested and we don't have one.
-
- 06 5月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
signature algorithms extension and correct signature format for server key exchange. All ciphersuites should now work on the server but no client support and no client certificate support yet.
-
- 30 4月, 2011 2 次提交
-
-
由 Dr. Stephen Henson 提交于
checking added, SHA256 PRF support added. At present only RSA key exchange ciphersuites work with TLS v1.2 as the new signature format is not yet implemented.
-
由 Dr. Stephen Henson 提交于
OPENSSL_NO_SSL_INTERN all ssl related structures are opaque and internals cannot be directly accessed. Many applications will need some modification to support this and most likely some additional functions added to OpenSSL. The advantage of this option is that any application supporting it will still be binary compatible if SSL structures change.
-
- 13 3月, 2011 1 次提交
-
-
由 Ben Laurie 提交于
-
- 17 2月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
is picked up.
-
- 19 11月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 18 11月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 06 9月, 2010 1 次提交
-
-
由 Ben Laurie 提交于
-
- 27 8月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Fix other cases not covered by original patch.
-
- 26 8月, 2010 2 次提交
-
-
由 Bodo Möller 提交于
SSL_[CTX_]set_not_resumable_session_callback. Submitted by: Emilia Kasper (Google) [A part of this change affecting ssl/s3_lib.c was accidentally commited separately, together with a compilation fix for that file; see s3_lib.c CVS revision 1.133 (http://cvs.openssl.org/chngview?cn=19855).]
-
由 Dr. Stephen Henson 提交于
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Support for abbreviated handshakes when renegotiating.
-
- 28 7月, 2010 1 次提交
-
-
由 Ben Laurie 提交于
-
- 12 6月, 2010 1 次提交
-
-
由 Ben Laurie 提交于
-
- 18 2月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 08 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
1. Send SCSV is not renegotiating, never empty RI. 2. Send RI if renegotiating.
-
- 07 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
1. Add provisional SCSV value. 2. Don't send SCSV and RI at same time. 3. Fatal error is SCSV received when renegotiating.
-
- 28 12月, 2009 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
MCSV is now called SCSV. Don't send SCSV if renegotiating. Also note if RI is empty in debug messages.
-
- 17 12月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 09 12月, 2009 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
Change RI ctrl so it doesn't clash.
-
- 08 12月, 2009 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
work in SSLv3: initial handshake has no extensions but includes MCSV, if server indicates RI support then renegotiation handshakes include RI. NB: current MCSV value is bogus for testing only, will be updated when we have an official value. Change mismatch alerts to handshake_failure as required by spec. Also have some debugging fprintfs so we can clearly see what is going on if OPENSSL_RI_DEBUG is set.
-
- 07 12月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 02 12月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-