- Feb 26, 2010
-
-
Dr. Stephen Henson authored
-
- Feb 25, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
certificate is explicitly trusted (using -addtrust option to x509 utility for example) the verification is sucessful even if the chain is not complete.
-
- Feb 19, 2010
-
-
Bodo Möller authored
-
- Feb 17, 2010
-
-
Dr. Stephen Henson authored
initial connection to unpatched servers. There are no additional security concerns in doing this as clients don't see renegotiation during an attack anyway.
-
Dr. Stephen Henson authored
Submitted by: James Baker <jbaker@tableausoftware.com> et al. Workaround for slow Heap32Next on some versions of Windows.
-
- Feb 12, 2010
-
-
Dr. Stephen Henson authored
-
- Feb 08, 2010
-
-
Dr. Stephen Henson authored
-
- Feb 07, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
an EVP_CIPHER_CTX structure which may have problems with external ENGINEs who need to duplicate internal handles etc.
-
- Jan 29, 2010
-
-
Dr. Stephen Henson authored
-
- Jan 28, 2010
-
-
Dr. Stephen Henson authored
-
- Jan 27, 2010
-
-
Dr. Stephen Henson authored
-
- Jan 26, 2010
-
-
Dr. Stephen Henson authored
Submitted by: steve@openssl.org More robust fix and workaround for PR#1949. Don't try to work out if there is any write pending data as this can be unreliable: always flush.
-
Dr. Stephen Henson authored
-
- Jan 22, 2010
-
-
Dr. Stephen Henson authored
-
- Jan 13, 2010
-
-
Dr. Stephen Henson authored
Although it will be many years before TLS v2.0 or later appears old versions of servers have a habit of hanging around for a considerable time so best if we handle this properly now.
-
Dr. Stephen Henson authored
stops applications that call CRYPTO_free_all_ex_data() prematurely leaking memory.
-
- Jan 12, 2010
-
-
Dr. Stephen Henson authored
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at> Add options to output hash using older algorithm compatible with OpenSSL versions before 1.0.0
-
- Jan 06, 2010
-
-
Dr. Stephen Henson authored
1. Add provisional SCSV value. 2. Don't send SCSV and RI at same time. 3. Fatal error is SCSV received when renegotiating.
-
- Dec 31, 2009
-
-
Dr. Stephen Henson authored
used compression algorithms in client hello (a legacy from when the compression algorithm wasn't serialized with SSL_SESSION).
-
Dr. Stephen Henson authored
-
- Dec 22, 2009
-
-
Bodo Möller authored
-
- Dec 16, 2009
-
-
Dr. Stephen Henson authored
-
- Dec 09, 2009
-
-
Dr. Stephen Henson authored
Change RI ctrl so it doesn't clash.
-
- Dec 08, 2009
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
work in SSLv3: initial handshake has no extensions but includes MCSV, if server indicates RI support then renegotiation handshakes include RI. NB: current MCSV value is bogus for testing only, will be updated when we have an official value. Change mismatch alerts to handshake_failure as required by spec. Also have some debugging fprintfs so we can clearly see what is going on if OPENSSL_RI_DEBUG is set.
-
- Dec 07, 2009
-
-
Dr. Stephen Henson authored
-
- Dec 02, 2009
-
-
Dr. Stephen Henson authored
-
- Nov 26, 2009
-
-
Dr. Stephen Henson authored
-
Bodo Möller authored
branches. This means that http://www.openssl.org/news/changelog.html will finally describe 0.9.8l.
-
- Nov 25, 2009
-
-
Dr. Stephen Henson authored
and is a pre-requisite to adding password based CMS support.
-
- Nov 09, 2009
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Oct 31, 2009
-
-
Dr. Stephen Henson authored
load_crls and tidy up load_certs. Remove useless purpose variable from verify utility: now done with args_verify.
-
- Oct 30, 2009
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Sep 30, 2009
-
-
Dr. Stephen Henson authored
Submitted by: steve@openssl.org Add support for custom headers in OCSP requests.
-
- Sep 23, 2009
-
-
Dr. Stephen Henson authored
-