- Nov 06, 2013
-
-
Dr. Stephen Henson authored
Enable PSK ciphersuites with AES or DES3 in FIPS mode. (cherry picked from commit e0ffd129)
-
Dr. Stephen Henson authored
-
- Nov 03, 2013
-
-
Ben Laurie authored
<christian@python.org>.
-
- Nov 02, 2013
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
(cherry picked from commit 96e16bdd)
-
Dr. Stephen Henson authored
(cherry picked from commit c557f921)
-
Dr. Stephen Henson authored
(cherry picked from commit abf840e4)
-
Dr. Stephen Henson authored
(cherry picked from commit 27f3b65f)
-
Dr. Stephen Henson authored
Extend SSL_CONF to return command value types. Add certificate and key options. Update documentation. (cherry picked from commit ec2f7e56)
-
Dr. Stephen Henson authored
(cherry picked from commit 13af1451)
-
- Nov 01, 2013
-
-
Piotr Sikora authored
Don't require a public key in tls1_set_ec_id if compression status is not needed. This fixes a bug where SSL_OP_SINGLE_ECDH_USE wouldn't work.
-
Dr. Stephen Henson authored
Add -ecdh_single option to set SSL_OP_SINGLE_ECDH_USE on the command line.
-
- Oct 30, 2013
-
-
Robin Seggelmann authored
PR: 2809 DTLS/SCTP requires DATA and FORWARD-TSN chunks to be protected with SCTP-AUTH. It is checked if this has been activated successfully for the local and remote peer. Due to a bug, however, the gauth_number_of_chunks field of the authchunks struct is missing on FreeBSD, and was therefore not considered in the OpenSSL implementation. This patch sets the corresponding pointer for the check correctly whether or not this bug is present.
-
Robin Seggelmann authored
PR: 2808 With DTLS/SCTP the SCTP extension SCTP-AUTH is used to protect DATA and FORWARD-TSN chunks. The key for this extension is derived from the master secret and changed with the next ChangeCipherSpec, whenever a new key has been negotiated. The following Finished then already uses the new key. Unfortunately, the ChangeCipherSpec and Finished are part of the same flight as the ClientKeyExchange, which is necessary for the computation of the new secret. Hence, these messages are sent immediately following each other, leaving the server very little time to compute the new secret and pass it to SCTP before the finished arrives. So the Finished is likely to be discarded by SCTP and a retransmission becomes necessary. To prevent this issue, the Finished of the client is still sent with the old key.
-
- Oct 21, 2013
-
-
Ben Laurie authored
-
- Oct 20, 2013
-
-
Nick Mathewson authored
-
Nick Mathewson authored
Instead, send random bytes, unless SSL_SEND_{CLIENT,SERVER}RANDOM_MODE is set. This is a forward-port of commits: 4af79303 f4c93b46 3da721da 25832701 While the gmt_unix_time record was added in an ostensible attempt to mitigate the dangers of a bad RNG, its presence leaks the host's view of the current time in the clear. This minor leak can help fingerprint TLS instances across networks and protocols... and what's worse, it's doubtful thet the gmt_unix_time record does any good at all for its intended purpose, since: * It's quite possible to open two TLS connections in one second. * If the PRNG output is prone to repeat itself, ephemeral handshakes (and who knows what else besides) are broken.
-
Steve Marquess authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Removing RSA+MD5 from the default signature algorithm list prevents its use by default. If a broken implementation attempts to use RSA+MD5 anyway the sanity checking of signature algorithms will cause a fatal alert. (cherry picked from commit 77a0f740d00ecf8f6b01c0685a2f858c3f65a3dd)
-
Ben Laurie authored
-
- Oct 15, 2013
-
-
Andy Polyakov authored
Suggested by: Anton Blanchard (cherry picked from commit 76c15d79)
-
Dr. Stephen Henson authored
(cherry picked from commit 6699cb84)
-
Dr. Stephen Henson authored
(cherry picked from commit f6983769c1bcd6c3c6b6bbfbbc41848f6dccf127)
-
Dr. Stephen Henson authored
(cherry picked from commit 8ba2d4ed7f128e400693562efd35985068c45e4d)
-
Dr. Stephen Henson authored
(cherry picked from commit 695e8c36528f9c3275f5f56e9633ac6a0c11f2e3)
-
- Oct 14, 2013
-
-
Andy Polyakov authored
Includes multiple updates: AES module to comply with more ABI flavors, SHA512 for PPC32, .size directives.
-
Andy Polyakov authored
PR: 3110 Submitted by Corinna Vinschen. (cherry picked from commit b3ef742c)
-
- Oct 13, 2013
-
-
Andy Polyakov authored
(cherry picked from commit 039081b8)
-
Andy Polyakov authored
Latest MIPS ISA specification declared 'branch likely' instructions obsolete. To makes code future-proof replace them with equivalent. (cherry picked from commit 0c2adb0a)
-
- Oct 12, 2013
-
-
Andy Polyakov authored
Performance improvement and Windows-specific bugfix (PR#3139).
-
- Oct 10, 2013
-
-
Andy Polyakov authored
(cherry picked from commit fa104be3)
-
- Oct 07, 2013
-
-
Ben Laurie authored
-
- Oct 05, 2013
-
-
Ben Laurie authored
-
Andy Polyakov authored
Submitted by: Yuriy Kaminskiy (cherry picked from commit 524b00c0)
-
Andy Polyakov authored
PR: 3130 (cherry picked from commit 6b2cae0c)
-
- Oct 04, 2013
-
-
Ben Laurie authored
-
Ben Laurie authored
-
Ben Laurie authored
-
- Oct 03, 2013
-
-
Ben Laurie authored
-