- 22 1月, 2015 7 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Tim Hudson 提交于
available. Script written by Tim Hudson, with amendments by Steve Henson, Rich Salz and Matt Caswell Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Conflicts: crypto/dsa/dsa_asn1.c crypto/pem/pem_all.c fips/dh/dh_gen.c fips/dh/fips_dh_check.c fips/dh/fips_dh_gen.c ssl/ssl_ciph.c Conflicts: ssl/d1_clnt.c Conflicts: ssl/s2_pkt.c Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Conflicts: crypto/dsa/dsa_vrf.c crypto/ec/ec2_smpl.c crypto/ec/ecp_smpl.c Conflicts: demos/bio/saccept.c ssl/d1_clnt.c Conflicts: bugs/dggccbug.c demos/tunala/cb.c Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 15 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160 OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO Two typo's on #endif comments fixed: OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 14 1月, 2015 1 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 13 1月, 2015 8 次提交
-
-
由 Dr. Stephen Henson 提交于
BN_init and BN_RECP_CTX_init are deprecated and are not exported from shared libraries on some platforms (e.g. Windows) convert bntest to use BN_new and BN_RECP_CTX_new instead. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Matt Caswell 提交于
This warning breaks the build in 1.0.0 and 0.9.8 Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte: <levitte@openssl.org>
-
由 Rich Salz 提交于
This last one for this ticket. Removes WIN16. So long, MS_CALLBACK and MS_FAR. We won't miss you. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Update the X509v3 name parsing to allow multiple xn-- international domain name indicators in a name. Previously, only allowed one at the beginning of a name, which was wrong. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 12 1月, 2015 5 次提交
-
-
由 Rich Salz 提交于
This commit removes NCR, Tandem, Cray. Regenerates TABLE. Removes another missing BEOS fluff. The last platform remaining on this ticket is WIN16. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Add INSTALLDIRS variable, list of directories where things get installed. Change install_html_docs to use perl mkdir-p script. Add uninstall, uninstall_sw, uninstall_docs, uninstall_html_docs to Makefile.org. The actions of these targets were figured out by "inverting" the install target. Recurse into subdirs to do uninstall as needed. Added uninstall targets whose actions were similarly figured out by "inverting" the install target. Also remove some 'space before tab' complaints in Makefile.org Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
removed. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 10 1月, 2015 2 次提交
-
-
由 Kurt Roeckx 提交于
It contained a date on when it was build. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 09 1月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 08 1月, 2015 7 次提交
-
-
由 Matt Caswell 提交于
ssl3_setup_buffers or pqueue_insert fail. The former will fail if there is a malloc failure, whilst the latter will fail if attempting to add a duplicate record to the queue. This should never happen because duplicate records should be detected and dropped before any attempt to add them to the queue. Unfortunately records that arrive that are for the next epoch are not being recorded correctly, and therefore replays are not being detected. Additionally, these "should not happen" failures that can occur in dtls1_buffer_record are not being treated as fatal and therefore an attacker could exploit this by sending repeated replay records for the next epoch, eventually causing a DoS through memory exhaustion. Thanks to Chris Mueller for reporting this issue and providing initial analysis and a patch. Further analysis and the final patch was performed by Matt Caswell from the OpenSSL development team. CVE-2015-0206 Reviewed-by: NDr Stephen Henson <steve@openssl.org>
-
由 Dr. Stephen Henson 提交于
Fix to prevent use of DH client certificates without sending certificate verify message. If we've used a client certificate to generate the premaster secret ssl3_get_client_key_exchange returns 2 and ssl3_get_cert_verify is never called. We can only skip the certificate verify message in ssl3_get_cert_verify if the client didn't send a certificate. Thanks to Karthikeyan Bhargavan for reporting this issue. CVE-2015-0205 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NEmilia Kasper <emilia@openssl.org>
-
由 Matt Caswell 提交于
of the crash due to p being NULL. Steve's fix prevents this situation from occuring - however this is by no means obvious by looking at the code for dtls1_get_record. This fix just makes things look a bit more sane. Reviewed-by: NDr Stephen Henson <steve@openssl.org>
-
由 Dr. Stephen Henson 提交于
separate reads performed - one for the header and one for the body of the handshake record. CVE-2014-3571 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 07 1月, 2015 6 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
context was also inherited (matches that of the existing SSL_CTX). Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Change by SteveH from original by John Denker (in the RT) Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Rich Salz 提交于
Show only the #define, not the values, in BIO_f_buffer. Data abstraction and we can remove a "see also" entry. Remove internal forward reference to NOTES in EVP_EncryptInit; just say "see below" as we do in the other pages. Add missing (3) in pem.pod so the L<> entry is consistent. Fix entry to point to the "master" page, not the symlink'd one. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Martin Brejcha 提交于
Fix memory leak by freeing up saved_message.data if it is not NULL. PR#3489 Reviewed-by: NStephen Henson <steve@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 06 1月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-