- 25 Feb, 2010 1 commit
-
-
Dr. Stephen Henson authored
certificate is explicitly trusted (using -addtrust option to x509 utility for example) the verification is sucessful even if the chain is not complete.
-
- 19 Feb, 2010 1 commit
-
-
Bodo Möller authored
-
- 17 Feb, 2010 2 commits
-
-
Dr. Stephen Henson authored
initial connection to unpatched servers. There are no additional security concerns in doing this as clients don't see renegotiation during an attack anyway.
-
Dr. Stephen Henson authored
Submitted by: James Baker <jbaker@tableausoftware.com> et al. Workaround for slow Heap32Next on some versions of Windows.
-
- 12 Feb, 2010 1 commit
-
-
Dr. Stephen Henson authored
-
- 08 Feb, 2010 1 commit
-
-
Dr. Stephen Henson authored
-
- 07 Feb, 2010 2 commits
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
an EVP_CIPHER_CTX structure which may have problems with external ENGINEs who need to duplicate internal handles etc.
-
- 29 Jan, 2010 1 commit
-
-
Dr. Stephen Henson authored
-
- 28 Jan, 2010 1 commit
-
-
Dr. Stephen Henson authored
-
- 27 Jan, 2010 1 commit
-
-
Dr. Stephen Henson authored
-
- 26 Jan, 2010 2 commits
-
-
Dr. Stephen Henson authored
Submitted by: steve@openssl.org More robust fix and workaround for PR#1949. Don't try to work out if there is any write pending data as this can be unreliable: always flush.
-
Dr. Stephen Henson authored
-
- 22 Jan, 2010 1 commit
-
-
Dr. Stephen Henson authored
-
- 13 Jan, 2010 2 commits
-
-
Dr. Stephen Henson authored
Although it will be many years before TLS v2.0 or later appears old versions of servers have a habit of hanging around for a considerable time so best if we handle this properly now.
-
Dr. Stephen Henson authored
stops applications that call CRYPTO_free_all_ex_data() prematurely leaking memory.
-
- 12 Jan, 2010 1 commit
-
-
Dr. Stephen Henson authored
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at> Add options to output hash using older algorithm compatible with OpenSSL versions before 1.0.0
-
- 06 Jan, 2010 1 commit
-
-
Dr. Stephen Henson authored
1. Add provisional SCSV value. 2. Don't send SCSV and RI at same time. 3. Fatal error is SCSV received when renegotiating.
-
- 31 Dec, 2009 2 commits
-
-
Dr. Stephen Henson authored
used compression algorithms in client hello (a legacy from when the compression algorithm wasn't serialized with SSL_SESSION).
-
Dr. Stephen Henson authored
-
- 22 Dec, 2009 1 commit
-
-
Bodo Möller authored
-
- 16 Dec, 2009 1 commit
-
-
Dr. Stephen Henson authored
-
- 09 Dec, 2009 1 commit
-
-
Dr. Stephen Henson authored
Change RI ctrl so it doesn't clash.
-
- 08 Dec, 2009 3 commits
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
work in SSLv3: initial handshake has no extensions but includes MCSV, if server indicates RI support then renegotiation handshakes include RI. NB: current MCSV value is bogus for testing only, will be updated when we have an official value. Change mismatch alerts to handshake_failure as required by spec. Also have some debugging fprintfs so we can clearly see what is going on if OPENSSL_RI_DEBUG is set.
-
- 07 Dec, 2009 1 commit
-
-
Dr. Stephen Henson authored
-
- 02 Dec, 2009 1 commit
-
-
Dr. Stephen Henson authored
-
- 26 Nov, 2009 2 commits
-
-
Dr. Stephen Henson authored
-
Bodo Möller authored
branches. This means that http://www.openssl.org/news/changelog.html will finally describe 0.9.8l.
-
- 25 Nov, 2009 1 commit
-
-
Dr. Stephen Henson authored
and is a pre-requisite to adding password based CMS support.
-
- 09 Nov, 2009 2 commits
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- 31 Oct, 2009 1 commit
-
-
Dr. Stephen Henson authored
load_crls and tidy up load_certs. Remove useless purpose variable from verify utility: now done with args_verify.
-
- 30 Oct, 2009 2 commits
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- 30 Sep, 2009 1 commit
-
-
Dr. Stephen Henson authored
Submitted by: steve@openssl.org Add support for custom headers in OCSP requests.
-
- 23 Sep, 2009 2 commits
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
ignored.
-
- 13 Sep, 2009 1 commit
-
-
Dr. Stephen Henson authored
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(), CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix so the return code is checked correctly.
-