- Sep 09, 2013
-
-
Andy Polyakov authored
This reverts commit 514f1a78.
-
- Sep 08, 2013
-
-
Dr. Stephen Henson authored
(cherry picked from commit ce455596)
-
Dr. Stephen Henson authored
When verifying a partial path always check to see if the EE certificate is explicitly trusted: the path could contain other untrusted certificates. (cherry picked from commit 52073b76)
-
- Sep 03, 2013
-
-
Dr. Stephen Henson authored
(cherry picked from commit c3eb3376)
-
- Aug 21, 2013
-
-
Dr. Stephen Henson authored
(cherry picked from commit b093a06866bf632a97a9a0286e2d08f69c3cf7dd)
-
- Aug 20, 2013
-
-
Dr. Stephen Henson authored
(cherry picked from commit 3a918ea2bbf4175d9461f81be1403d3781b2c0dc)
-
- Aug 19, 2013
-
-
Dr. Stephen Henson authored
(cherry picked from commit f7ac0ec8)
-
Dr. Stephen Henson authored
Backport of ASN1_TIME_diff and OPENSSL_gmtime_diff functions from master branch.
-
Dr. Stephen Henson authored
(cherry picked from commit 51b9115b)
-
Dr. Stephen Henson authored
is needed to test some profiles/protocols which reject certificates with unsupported versions. (cherry picked from commit df316fd4)
-
Dr. Stephen Henson authored
(cherry picked from commit 96cfba0f)
-
Dr. Stephen Henson authored
(cherry picked from commit 7c8ac505)
-
Dr. Stephen Henson authored
(cherry picked from commit b5cadfb5)
-
Dr. Stephen Henson authored
(cherry picked from commit 68575593)
-
Dr. Stephen Henson authored
just like a "real" server making it easier to trace any problems. (manually applied from commit 35b0ea4e)
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
(cherry picked from commit 14536c8c)
-
Dr. Stephen Henson authored
by client and send back to server. Also prints an abbreviated summary of the connection parameters. (cherry picked from commit 4f3df8be)
-
Dr. Stephen Henson authored
New option -verify_quiet to shut up the verify callback unless there is an error. (manually applied from commit 2a7cbe77)
-
- Aug 18, 2013
-
-
Dr. Stephen Henson authored
Preliminary documentation for chain and verify stores and certificate chain setting functions. (cherry picked from commit eeb15452)
-
Dr. Stephen Henson authored
(cherry picked from commit 42082eda)
-
- Aug 13, 2013
-
-
Michael Tuexen authored
This fix ensures that * A HelloRequest is retransmitted if not responded by a ClientHello * The HelloRequest "consumes" the sequence number 0. The subsequent ServerHello uses the sequence number 1. * The client also expects the sequence number of the ServerHello to be 1 if a HelloRequest was received earlier. This patch fixes the RFC violation. (cherry picked from commit b62f4daa)
-
- Aug 08, 2013
-
-
Michael Tuexen authored
Reported by: Prashant Jaikumar <rmstar@gmail.com> Fix handling of application data received before a handshake. (cherry picked from commit 0c75eeac)
-
- Aug 06, 2013
-
-
Dr. Stephen Henson authored
PR #3090 Reported by: Franck Youssef <fry@open.ch> If no new reason codes are obtained after checking a CRL exit with an error to avoid repeatedly checking the same CRL. This will only happen if verify errors such as invalid CRL scope are overridden in a callback. (cherry picked from commit 4b26645c)
-
Kaspar Brand authored
PR: 3028 Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys correctly if they appeared first. (cherry picked from commit 5ae8d6bc)
-
- Aug 03, 2013
-
-
Andy Polyakov authored
Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by Ard Biesheuvel of Linaro. (cherry picked from commit 044f63086051d7542fa9485a1432498c39c4d8fa)
-
Andy Polyakov authored
(cherry picked from commit fd8ad019)
-
- Jul 31, 2013
-
-
Andy Polyakov authored
(cherry picked from commit 00678437)
-
Trevor authored
-
Ben Laurie authored
-
- Jul 12, 2013
-
-
Andy Polyakov authored
(cherry picked from commit 5c57c69f)
-
Ben Laurie authored
(cherry picked from commit 852f837f)
-
- Jul 10, 2013
-
-
Andy Polyakov authored
Submitted by: Gisle Vanem (cherry picked from commit 241fba4e)
-
- Jul 05, 2013
-
-
Andy Polyakov authored
(cherry picked from commit f5b132d6) Conflicts [resloved]: Configure
-
Andy Polyakov authored
RT: 2582, 2850 (cherry picked from commit ca48ace5) Conflicts: Configure
-
Andy Polyakov authored
RT: 2582, 2850 (cherry picked from commit 0b4bb91d)
-
Andy Polyakov authored
(cherry picked from commit 26e43b48)
-
Andy Polyakov authored
(cherry picked from commit cbce8c46)
-
- Jul 03, 2013
-
-
Trevor authored
Add support for arbitrary TLS extensions. Contributed by Trevor Perrin. Conflicts: CHANGES ssl/ssl.h ssl/ssltest.c test/testssl Fix compilation due to #endif. Cherrypicking more stuff. Cleanup of custom extension stuff. serverinfo rejects non-empty extensions. Omit extension if no relevant serverinfo data. Improve error-handling in serverinfo callback. Cosmetic cleanups. s_client documentation. s_server documentation. SSL_CTX_serverinfo documentation. Cleaup -1 and NULL callback handling for custom extensions, add tests. Cleanup ssl_rsa.c serverinfo code. Whitespace cleanup. Improve comments in ssl.h for serverinfo. Whitespace. Cosmetic cleanup. Reject non-zero-len serverinfo extensions. Whitespace. Make it build. Conflicts: test/testssl
-
- Jun 30, 2013
-
-
Andy Polyakov authored
Submitted by: Bryan Drewery PR: 3075 (cherry picked from commit c256e69d)
-