- 16 11月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 15 11月, 2016 2 次提交
-
-
由 Richard Levitte 提交于
Done too soon, this is for future OpenSSL 1.2.0 This reverts commit 6c62f9e1. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1669)
-
- 14 11月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1669)
-
- 10 11月, 2016 5 次提交
-
-
由 Matt Caswell 提交于
This is a skin deep change, which simply renames most places where we talk about curves in a TLS context to groups. This is because TLS1.3 has renamed the extension, and it can now include DH groups too. We still only support curves, but this rename should pave the way for a future extension for DH groups. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
No need to have a supported versions table and a versions table. They should be the same. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
There were a few places where we weren't checking to see if we were using the draft TLS1.3 version or not. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 07 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
We have one TLS1.3 ciphersuite, but there is a typo in the id that should be corrected. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 02 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Includes addition of the various options to s_server/s_client. Also adds one of the new TLS1.3 ciphersuites. This isn't "real" TLS1.3!! It's identical to TLS1.2 apart from the protocol and the ciphersuite...and the ciphersuite is just a renamed TLS1.2 one (not a "real" TLS1.3 ciphersuite). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 08 9月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Using the -trace option to s_server or s_client was incorrectly printing UNKNOWN for the X25519 curve. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 8月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
Run util/openssl-format-source on ssl/ Some comments and hand-formatted tables were fixed up manually by disabling auto-formatting. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 25 7月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1300)
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 27 4月, 2016 1 次提交
-
-
由 Ben Laurie 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 04 3月, 2016 1 次提交
-
-
由 Rob Percival 提交于
Disabled by default, but can be enabled by setting the ct_validation_callback on a SSL or SSL_CTX. Reviewed-by: NBen Laurie <ben@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 12 2月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
The recent removal of static ECDH broke the enable-ssl-trace compilation. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
To enable heartbeats for DTLS, configure with enable-heartbeats. Heartbeats for TLS have been completely removed. This addresses RT 3647 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 27 1月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 20 12月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Remove all fixed DH ciphersuites and associated logic. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 14 12月, 2015 1 次提交
-
-
由 Ben Laurie 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 10 12月, 2015 1 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 28 11月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Various updates following feedback from the recent commit of the new GOST2012 code. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 24 11月, 2015 1 次提交
-
-
由 Dmitry Belyavsky 提交于
This patch contains the necessary changes to provide GOST 2012 ciphersuites in TLS. It requires the use of an external GOST 2012 engine. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 30 7月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 24 6月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 06 6月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add extension and ciphersuites to trace code. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 13 5月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Remove RFC2712 Kerberos support from libssl. This code and the associated standard is no longer considered fit-for-purpose. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 03 5月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add OSSL_NELEM macro to e_os.h to determine the number of elements in an array. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 06 2月, 2015 1 次提交
-
-
由 Rich Salz 提交于
I left many "#if 0" lines, usually because I thought we would probably want to revisit them later, or because they provided some useful internal documentation tips. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 03 2月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add and retrieve extended master secret extension, setting the flag SSL_SESS_FLAG_EXTMS appropriately. Note: this just sets the flag and doesn't include the changes to master secret generation. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 29 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
An expired IETF Internet-Draft (seven years old) that nobody implements, and probably just as good as NSA DRBG work. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 22 1月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 04 12月, 2014 1 次提交
-
-
由 Kurt Roeckx 提交于
The only support for SSLv2 left is receiving a SSLv2 compatible client hello. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 20 5月, 2014 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 09 1月, 2014 3 次提交
-
-
由 Daniel Kahn Gillmor 提交于
DHE is the standard term used by the RFCs and by other TLS implementations. It's useful to have the internal variables use the standard terminology. This patch leaves a synonym SSL_kEDH in place, though, so that older code can still be built against it, since that has been the traditional API. SSL_kEDH should probably be deprecated at some point, though.
-
由 Daniel Kahn Gillmor 提交于
other parts of packet tracing emit the standard "DHE" label instead of "edh". This change brings the output of ssl_print_client_keyex() and ssl_print_server_keyex() into accordance with the standard term.
-
由 Daniel Kahn Gillmor 提交于
ECDHE is the standard term used by the RFCs and by other TLS implementations. It's useful to have the internal variables use the standard terminology. This patch leaves a synonym SSL_kEECDH in place, though, so that older code can still be built against it, since that has been the traditional API. SSL_kEECDH should probably be deprecated at some point, though.
-