提交 · e7f8ff43826494896548d054ee8dbb96367f00af · OpenHarmony / Third Party Openssl

06 3月, 2012 1 次提交

New ctrls to retrieve supported signature algorithms and curves and · e7f8ff43

由 Dr. Stephen Henson 提交于 3月 06, 2012

extensions to s_client and s_server to print out retrieved valued.

Extend CERT structure to cache supported signature algorithm data.

e7f8ff43

21 2月, 2012 1 次提交

Add new APIs EC_curve_nist2nid and EC_curve_nid2nist which convert · 64095ce9

由 Dr. Stephen Henson 提交于 2月 21, 2012

between NIDs and the more common NIST names such as "P-256". Enhance
ecparam utility and ECC method to recognise the NIST names for curves.

64095ce9

16 2月, 2012 1 次提交
- D
  Fix bug in CVE-2011-4619: check we have really received a client hello · 206310c3
  由 Dr. Stephen Henson 提交于 2月 16, 2012
```
before rejecting multiple SGC restarts.
```
  206310c3
15 2月, 2012 2 次提交

Additional compatibility fix for MDC2 signature format. · 58631637

由 Dr. Stephen Henson 提交于 2月 15, 2012

Update RSA EVP_PKEY_METHOD to use the OCTET STRING form of MDC2 signature:
this will make all versions of MDC2 signature equivalent.

58631637

An incompatibility has always existed between the format used for RSA · 83cb7c46

由 Dr. Stephen Henson 提交于 2月 15, 2012

signatures and MDC2 using EVP or RSA_sign. This has become more apparent
when the dgst utility in OpenSSL 1.0.0 and later switched to using the
EVP_DigestSign functions which call RSA_sign.

This means that the signature format OpenSSL 1.0.0 and later used with
dgst -sign and MDC2 is incompatible with previous versions.

Add detection in RSA_verify so either format works.

Note: MDC2 is disabled by default in OpenSSL and very rarely used in practice.

83cb7c46

09 2月, 2012 1 次提交
- D
  Modify client hello version when renegotiating to enhance interop with · f4e11693
  由 Dr. Stephen Henson 提交于 2月 09, 2012
```
some servers.
```
  f4e11693
31 1月, 2012 1 次提交

Add support for distinct certificate chains per key type and per SSL · f71c6e52

由 Dr. Stephen Henson 提交于 1月 31, 2012

structure.

Before this the only way to add a custom chain was in the parent SSL_CTX
(which is shared by all key types and SSL structures) or rely on auto
chain building (which is performed on each handshake) from the trust store.

f71c6e52

25 1月, 2012 1 次提交
- D
  
  add support for use of fixed DH client certificates · 0d609395
  由 Dr. Stephen Henson 提交于 1月 25, 2012
  
  0d609395
19 1月, 2012 1 次提交

Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. · 855d2918

由 Dr. Stephen Henson 提交于 1月 18, 2012

Thanks to Antonio Martin, Enterprise Secure Access Research and
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix. (CVE-2012-0050)

855d2918

17 1月, 2012 2 次提交

D

fix CHANGES entry · ac07bc86
由 Dr. Stephen Henson 提交于 1月 17, 2012

ac07bc86

Support for fixed DH ciphersuites. · 8e1dc4d7

由 Dr. Stephen Henson 提交于 1月 16, 2012

The cipher definitions of these ciphersuites have been around since SSLeay
but were always disabled. Now OpenSSL supports DH certificates they can be
finally enabled.

Various additional changes were needed to make them work properly: many
unused fixed DH sections of code were untested.

8e1dc4d7

05 1月, 2012 7 次提交
- B
  Update for 0.9.8s and 1.0.0f, and for 1.0.1 branch. · 8e855452
  由 Bodo Möller 提交于 1月 05, 2012
```
(While the 1.0.0f CHANGES entry on VOS PRNG seeding was missing
in HEAD, the actual code is here already.)
```
  8e855452
- D
  
  update CHANGES · 4d0bafb4
  由 Dr. Stephen Henson 提交于 1月 04, 2012
  
  4d0bafb4
- D
  Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de> · e7455724
  由 Dr. Stephen Henson 提交于 1月 04, 2012
```
Reviewed by: steve

Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
```
  e7455724
- D
  
  Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) · 27dfffd5
  由 Dr. Stephen Henson 提交于 1月 04, 2012
  
  27dfffd5
- D
  
  fix CHANGES · 2ec0497f
  由 Dr. Stephen Henson 提交于 1月 04, 2012
  
  2ec0497f
- D
  
  Check GOST parameters are not NULL (CVE-2012-0027) · 6bf896d9
  由 Dr. Stephen Henson 提交于 1月 04, 2012
  
  6bf896d9
- D
  
  Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577) · be71c372
  由 Dr. Stephen Henson 提交于 1月 04, 2012
  
  be71c372
01 1月, 2012 2 次提交
- D
  
  update CHANGES · 0b9f5ef8
  由 Dr. Stephen Henson 提交于 12月 31, 2011
  
  0b9f5ef8
- D
  PR: 2658 · 4817504d
  由 Dr. Stephen Henson 提交于 12月 31, 2011
```
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Support for TLS/DTLS heartbeats.
```
  4817504d
20 12月, 2011 1 次提交

PR: 2563 · ad89bf78

由 Dr. Stephen Henson 提交于 12月 19, 2011

Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve

Improved PRNG seeding for VOS.

ad89bf78

19 12月, 2011 2 次提交
- A
  
  update CHANGES. · e75440d2
  由 Andy Polyakov 提交于 12月 19, 2011
  
  e75440d2
- D
  
  update CHANGES · 188c53f7
  由 Dr. Stephen Henson 提交于 12月 19, 2011
  
  188c53f7
13 12月, 2011 2 次提交
- B
  
  Back out redundant verification time change. · 9a436c0f
  由 Ben Laurie 提交于 12月 13, 2011
  
  9a436c0f
- B
  
  Make it possible to set a time for verification. · 7fd5df6b
  由 Ben Laurie 提交于 12月 13, 2011
  
  7fd5df6b
10 12月, 2011 1 次提交
- D
  
  update CHANGES · 627b0445
  由 Dr. Stephen Henson 提交于 12月 10, 2011
  
  627b0445
07 12月, 2011 2 次提交
- D
  
  transparently handle X9.42 DH parameters · 2ca873e8
  由 Dr. Stephen Henson 提交于 12月 07, 2011
  
  2ca873e8
- D
  Initial experimental support for X9.42 DH parameter format to handle · afb14cda
  由 Dr. Stephen Henson 提交于 12月 07, 2011
```
RFC5114 parameters and X9.42 DH public and private keys.
```
  afb14cda
02 12月, 2011 4 次提交
- B
  Resolve a stack set-up race condition (if the list of compression · 19b0d0e7
  由 Bodo Möller 提交于 12月 02, 2011
```
methods isn't presorted, it will be sorted on first read).

Submitted by: Adam Langley
```
  19b0d0e7
- B
  Fix ecdsatest.c. · ea8c77a5
  由 Bodo Möller 提交于 12月 02, 2011
```
Submitted by: Emilia Kasper
```
  ea8c77a5
- B
  
  Update HEAD CHANGES file. · a7c71d89
  由 Bodo Möller 提交于 12月 02, 2011
  
  a7c71d89
- B
  Fix BIO_f_buffer(). · 390c5795
  由 Bodo Möller 提交于 12月 02, 2011
```
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
```
  390c5795
16 11月, 2011 2 次提交
- B
  
  Add TLS exporter. · e0af0405
  由 Ben Laurie 提交于 11月 15, 2011
  
  e0af0405
- B
  
  Add DTLS-SRTP. · 333f926d
  由 Ben Laurie 提交于 11月 15, 2011
  
  333f926d
13 11月, 2011 1 次提交
- D
  
  Add RFC5114 DH parameters to OpenSSL. Add test data to dhtest. · 20bee968
  由 Dr. Stephen Henson 提交于 11月 13, 2011
  
  20bee968
06 11月, 2011 1 次提交
- D
  Update fips_test_suite to take multiple command line options and · a98b8ce6
  由 Dr. Stephen Henson 提交于 11月 06, 2011
```
an induced error checking function.
```
  a98b8ce6
05 11月, 2011 1 次提交
- D
  
  Add single call public key sign and verify functions. · f4324e51
  由 Dr. Stephen Henson 提交于 11月 05, 2011
  
  f4324e51
02 11月, 2011 1 次提交
- D
  
  Add fips_algvs utility (from FIPS 2.0 stable branch). · 3ec9dceb
  由 Dr. Stephen Henson 提交于 11月 02, 2011
  
  3ec9dceb
20 10月, 2011 1 次提交
- D
  
  add authentication parameter to FIPS_module_mode_set · 5e4eb995
  由 Dr. Stephen Henson 提交于 10月 19, 2011
  
  5e4eb995
19 10月, 2011 1 次提交
- B
  BN_BLINDING multi-threading fix. · e5641d7f
  由 Bodo Möller 提交于 10月 19, 2011
```
Submitted by: Emilia Kasper (Google)
```
  e5641d7f

OpenHarmony / Third Party Openssl 1 年多 前同步成功

OpenHarmony / Third Party Openssl
1 年多前同步成功