- 17 Sep, 2013 2 commits
-
-
Bodo Moeller authored
(This went into 1.0.2 too, so it's not actually a change between 1.0.x and 1.1.0.)
-
Bodo Moeller authored
the main branch (http://cvs.openssl.org/chngview?cn=19322) later added to the 1.0.2 branch (http://cvs.openssl.org/chngview?cn=23113), and thus not a change "between 1.0.2 and 1.1.0".
-
- 16 Sep, 2013 1 commit
-
-
Bodo Moeller authored
(Various changes from the master branch are now in the 1.0.2 branch too.)
-
- 13 Sep, 2013 1 commit
-
-
Rob Stradling authored
-
- 08 Sep, 2013 2 commits
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Experimental support for encrypt then mac from draft-gutmann-tls-encrypt-then-mac-02.txt To enable it set the appropriate extension number (0x10 for the test server) using e.g. -DTLSEXT_TYPE_encrypt_then_mac=0x10 For non-compliant peers (i.e. just about everything) this should have no effect.
-
- 06 Sep, 2013 1 commit
-
-
Scott Deboy authored
Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API Tests exercising the new supplemental data registration and callback api can be found in ssltest.c. Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
-
- 05 Sep, 2013 1 commit
-
-
- 17 Jul, 2013 1 commit
-
-
Dr. Stephen Henson authored
Add support for key wrap algorithms via EVP interface. Generalise AES wrap algorithm and add to modes, making existing AES wrap algorithm a special case. Move test code to evptests.txt
-
- 04 Jul, 2013 1 commit
-
-
Jeff Walton authored
-
- 21 Jun, 2013 1 commit
-
-
Dr. Stephen Henson authored
-
- 12 Jun, 2013 2 commits
-
-
Dr. Stephen Henson authored
Extend OAEP support. Generalise the OAEP padding functions to support arbitrary digests. Extend EVP_PKEY RSA method to handle the new OAEP padding functions and add ctrls to set the additional parameters.
-
Trevor authored
Contributed by Trevor Perrin.
-
- 09 Apr, 2013 1 commit
-
-
Dr. Stephen Henson authored
Add new methods DTLS_*_method() which support both DTLS 1.0 and DTLS 1.2 and pick the highest version the peer supports during negotiation. As with SSL/TLS options can change this behaviour specifically SSL_OP_NO_DTLSv1 and SSL_OP_NO_DTLSv1_2.
-
- 19 Dec, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 11 Dec, 2012 1 commit
-
-
Ben Laurie authored
-
- 07 Dec, 2012 1 commit
-
-
Ben Laurie authored
-
- 06 Dec, 2012 1 commit
-
-
Dr. Stephen Henson authored
Just a sample, real world applications would have to be cleverer.
-
- 05 Dec, 2012 1 commit
-
-
Dr. Stephen Henson authored
Add new verify options to set checks. Remove previous -check* commands from s_client and s_server.
-
- 04 Dec, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 02 Dec, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 28 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
structures using HTTP. Add wrapper function to handle CRL download.
-
- 27 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
from X509_STORE_CTX.
-
- 22 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 19 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 18 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
Contributed by: Florian Weimer <fweimer@redhat.com> Fixes to X509 hostname and email address checking. Wildcard matching support. New test program and manual page.
-
- 16 Nov, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 08 Oct, 2012 1 commit
-
-
Dr. Stephen Henson authored
certificate. Add options to s_client, s_server and x509 utilities to print results of checks.
-
- 19 Sep, 2012 1 commit
-
-
Andy Polyakov authored
-
- 14 Sep, 2012 1 commit
-
-
Dr. Stephen Henson authored
by client and send back to server. Also prints an abbreviated summary of the connection parameters.
-
- 12 Sep, 2012 2 commits
-
-
Dr. Stephen Henson authored
New option -verify_quiet to shut up the verify callback unless there is an error.
-
Dr. Stephen Henson authored
client hello message. Previously this could only be retrieved on an initial connection and it was impossible to determine the cipher IDs of any uknown ciphersuites.
-
- 11 Sep, 2012 2 commits
-
-
Dr. Stephen Henson authored
change the current certificate (in s->cert->key) to the one used and then SSL_get_certificate and SSL_get_privatekey will automatically work.
-
Ben Laurie authored
right response is stapled. Also change SSL_get_certificate() so it returns the certificate actually sent. See http://rt.openssl.org/Ticket/Display.html?id=2836.
-
- 29 Aug, 2012 1 commit
-
-
Andy Polyakov authored
-
- 15 Aug, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 03 Aug, 2012 1 commit
-
-
Dr. Stephen Henson authored
-
- 27 Jul, 2012 1 commit
-
-
Dr. Stephen Henson authored
by a certificate chain. Add additional tests to handle client certificates: checks for matching certificate type and issuer name comparison. Print out results of checks for each candidate chain tested in s_server/s_client.
-
- 24 Jul, 2012 2 commits
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-