- Mar 28, 2013
-
-
Dr. Stephen Henson authored
-
- Mar 26, 2013
-
-
Matt Caswell authored
Don't check for binary curves by checking methods: the values will be different in FIPS mode as they are redirected to the validated module version. (cherry picked from commit 94782e0e)
-
- Mar 19, 2013
-
-
Dr. Stephen Henson authored
The only standard compression method is stateful and is incompatible with DTLS. (cherry picked from commit e14b8410)
-
- Mar 18, 2013
-
-
Andy Polyakov authored
PR: 3005 (cherry picked from commit 5702e965)
-
Andy Polyakov authored
PR: 3002 (cherry picked from commit 5c600465)
-
Michael Tuexen authored
(cherry picked from commit 80ccc66d)
-
Dr. Stephen Henson authored
If an ASN1_INTEGER structure is allocated but not explicitly set encode it as zero: don't generate an invalid zero length INTEGER. (cherry picked from commit 1643edc6)
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
(cherry picked from commit 1546fb78)
-
- Mar 01, 2013
-
-
Andy Polyakov authored
(cherry picked from commit 342dbbbe)
-
Andy Polyakov authored
PR: 3004 (cherry picked from commit 7c43601d)
-
- Feb 16, 2013
-
-
Andy Polyakov authored
PR: 2981, 2837
-
- Feb 15, 2013
-
-
Nick Alcock authored
podlators 2.5.0 has switched to dying on POD syntax errors. This means that a bunch of long-standing erroneous POD in the openssl documentation now leads to fatal errors from pod2man, halting installation. Unfortunately POD constraints mean that you have to sort numeric lists in ascending order if they start with 1: you cannot do 1, 0, 2 even if you want 1 to appear first. I've reshuffled such (alas, I wish there were a better way but I don't know of one). (cherry picked from commit 5cc27077)
-
- Feb 14, 2013
-
-
Andy Polyakov authored
(cherry picked from commit 9c437e2f)
-
- Feb 12, 2013
-
-
David Woodhouse authored
The version check for DTLS1_VERSION was redundant as DTLS1_VERSION > TLS1_1_VERSION, however we do need to check for DTLS1_BAD_VER for compatibility. PR:2984 (cherry picked from commit d980abb2)
-
- Feb 11, 2013
-
-
Dr. Stephen Henson authored
Now we set the current certificate to the one used by a server there is no need to call ssl_get_server_send_cert which will fail if we haven't sent a certificate yet.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Workaround for non-compliant tar files sometimes created by "make dist".
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Lutz Jaenicke authored
-
Andy Polyakov authored
(cherry picked from commit 3caeef94)
-
- Feb 09, 2013
-
-
Andy Polyakov authored
-
Andy Polyakov authored
-
- Feb 08, 2013
-
-
Andy Polyakov authored
(cherry picked from commit f93a4187)
-
Andy Polyakov authored
(cherry picked from commit e9baceab)
-
Andy Polyakov authored
With previous commit it also ensures that valgrind is happy.
-
Ben Laurie authored
-
Ben Laurie authored
-
- Feb 07, 2013
-
-
Andy Polyakov authored
-
Andy Polyakov authored
-
Dr. Stephen Henson authored
Fix the calculation that checks there is enough room in a record after removing padding and optional explicit IV. (by Steve) For AEAD remove the correct number of padding bytes (by Andy)
-
- Feb 06, 2013
-
-
Adam Langley authored
MD5 should use little endian order. Fortunately the only ciphersuite affected is EXP-RC2-CBC-MD5 (TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5) which is a rarely used export grade ciphersuite.
-
Dr. Stephen Henson authored
-
- Feb 04, 2013
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-