Skip to content
  1. Jun 28, 2012
    • Dr. Stephen Henson's avatar
      Add new "valid_flags" field to CERT_PKEY structure which determines what · d61ff83b
      Dr. Stephen Henson authored
      the certificate can be used for (if anything). Set valid_flags field
      in new tls1_check_chain function. Simplify ssl_set_cert_masks which used
      to have similar checks in it.
      
      Add new "cert_flags" field to CERT structure and include a "strict mode".
      This enforces some TLS certificate requirements (such as only permitting
      certificate signature algorithms contained in the supported algorithms
      extension) which some implementations ignore: this option should be used
      with caution as it could cause interoperability issues.
      d61ff83b
  2. Jun 27, 2012
  3. Jun 25, 2012
  4. Jun 24, 2012
  5. Jun 22, 2012
  6. Jun 19, 2012
  7. Jun 18, 2012
  8. Jun 15, 2012
  9. Jun 13, 2012
  10. Jun 12, 2012
  11. Jun 11, 2012
  12. Jun 07, 2012
  13. Jun 06, 2012
  14. Jun 04, 2012
  15. Jun 03, 2012
  16. May 30, 2012
  17. May 28, 2012
  18. May 24, 2012
  19. May 19, 2012
  20. May 16, 2012
  21. May 11, 2012
    • Dr. Stephen Henson's avatar
      PR: 2813 · 4242a090
      Dr. Stephen Henson authored
      Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>
      
      Fix possible deadlock when decoding public keys.
      4242a090
    • Dr. Stephen Henson's avatar
      PR: 2811 · c3b13033
      Dr. Stephen Henson authored
      Reported by: Phil Pennock <openssl-dev@spodhuis.org>
      
      Make renegotiation work for TLS 1.2, 1.1 by not using a lower record
      version client hello workaround if renegotiating.
      c3b13033
  22. May 10, 2012