- Apr 17, 2012
-
-
Bodo Möller authored
(TLS 1.2 clients could end up negotiating these with an OpenSSL server with TLS 1.2 disabled, which is problematic.) Submitted by: Adam Langley
-
Dr. Stephen Henson authored
If OPENSSL_MAX_TLS1_2_CIPHER_LENGTH is set then limit the size of client ciphersuites to this value. A value of 50 should be sufficient. Document workarounds in CHANGES.
-
Dr. Stephen Henson authored
Some servers hang when presented with a client hello record length exceeding 255 bytes but will work with longer client hellos if the TLS record version in client hello does not exceed TLS v1.0. Unfortunately this doesn't fix all cases...
-
- Apr 16, 2012
-
-
Andy Polyakov authored
PR: 2791 Submitted by: Ben Noordhuis
-
Andy Polyakov authored
PR: 2790 Submitted by: Alexei Khlebnikov
-
- Apr 15, 2012
-
-
Andy Polyakov authored
PR: 2538
-
Andy Polyakov authored
countermeasure [from HEAD]. PR: 2778
-
- Apr 12, 2012
-
-
Andy Polyakov authored
-
- Apr 11, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Apr 10, 2012
-
-
Dr. Stephen Henson authored
-
- Apr 09, 2012
-
-
Andy Polyakov authored
-
- Apr 05, 2012
-
-
Andy Polyakov authored
-
Andy Polyakov authored
-
- Apr 04, 2012
-
-
Andy Polyakov authored
PR: 2778
-
- Mar 31, 2012
-
-
Andy Polyakov authored
PR: 2775
-
Dr. Stephen Henson authored
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com> Time is always encoded as 4 bytes, not sizeof(Time).
-
Andy Polyakov authored
PR: 2780
-
Andy Polyakov authored
PR: 2775
-
Andy Polyakov authored
PR: 2761 Submitted by: Corinna Vinschen
-
- Mar 30, 2012
-
-
Andy Polyakov authored
-
- Mar 29, 2012
-
-
Dr. Stephen Henson authored
If OPENSSL_NO_TLS1_2_CLIENT is set then TLS v1.2 is disabled for clients only.
-
Andy Polyakov authored
-
Andy Polyakov authored
PR: 2776
-
- Mar 22, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Fix memory leaks in 'goto err' cases.
-
Dr. Stephen Henson authored
-
- Mar 21, 2012
-
-
Dr. Stephen Henson authored
-
- Mar 18, 2012
-
-
Dr. Stephen Henson authored
the old code came from SSLeay days before TLS was even supported.
-
- Mar 16, 2012
-
-
Andy Polyakov authored
-
- Mar 14, 2012
-
-
Dr. Stephen Henson authored
-
Richard Levitte authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Mar 13, 2012
-
-
Dr. Stephen Henson authored
-
Andy Polyakov authored
-
Andy Polyakov authored
PR: 2435,2440
-
- Mar 12, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884)
-