Skip to content
  1. Aug 19, 2013
  2. Aug 18, 2013
  3. Aug 13, 2013
    • Michael Tuexen's avatar
      DTLS message_sequence number wrong in rehandshake ServerHello · 75b81247
      Michael Tuexen authored
      This fix ensures that
      * A HelloRequest is retransmitted if not responded by a ClientHello
      * The HelloRequest "consumes" the sequence number 0. The subsequent
      ServerHello uses the sequence number 1.
      * The client also expects the sequence number of the ServerHello to
      be 1 if a HelloRequest was received earlier.
      This patch fixes the RFC violation.
      (cherry picked from commit b62f4daa)
      75b81247
  4. Aug 08, 2013
    • Michael Tuexen's avatar
      DTLS handshake fix. · 2c1a5c10
      Michael Tuexen authored
      Reported by: Prashant Jaikumar <rmstar@gmail.com>
      
      Fix handling of application data received before a handshake.
      (cherry picked from commit 0c75eeac)
      2c1a5c10
  5. Aug 06, 2013
    • Dr. Stephen Henson's avatar
      Fix verify loop with CRL checking. · 71c34b7f
      Dr. Stephen Henson authored
      PR #3090
      Reported by: Franck Youssef <fry@open.ch>
      
      If no new reason codes are obtained after checking a CRL exit with an
      error to avoid repeatedly checking the same CRL.
      
      This will only happen if verify errors such as invalid CRL scope are
      overridden in a callback.
      (cherry picked from commit 4b26645c)
      71c34b7f
    • Kaspar Brand's avatar
      Fix for PEM_X509_INFO_read_bio. · b0cfaf58
      Kaspar Brand authored
      PR: 3028
      Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys
      correctly if they appeared first.
      (cherry picked from commit 5ae8d6bc)
      b0cfaf58
  6. Aug 03, 2013
  7. Jul 31, 2013
  8. Jul 12, 2013
  9. Jul 10, 2013
  10. Jul 05, 2013
  11. Jul 03, 2013
    • Trevor's avatar
      Trying cherrypick: · e27711cf
      Trevor authored
      Add support for arbitrary TLS extensions.
      
      Contributed by Trevor Perrin.
      
      Conflicts:
      
      	CHANGES
      	ssl/ssl.h
      	ssl/ssltest.c
      	test/testssl
      
      Fix compilation due to #endif.
      
      Cherrypicking more stuff.
      
      Cleanup of custom extension stuff.
      
      serverinfo rejects non-empty extensions.
      
      Omit extension if no relevant serverinfo data.
      
      Improve error-handling in serverinfo callback.
      
      Cosmetic cleanups.
      
      s_client documentation.
      
      s_server documentation.
      
      SSL_CTX_serverinfo documentation.
      
      Cleaup -1 and NULL callback handling for custom extensions, add tests.
      
      Cleanup ssl_rsa.c serverinfo code.
      
      Whitespace cleanup.
      
      Improve comments in ssl.h for serverinfo.
      
      Whitespace.
      
      Cosmetic cleanup.
      
      Reject non-zero-len serverinfo extensions.
      
      Whitespace.
      
      Make it build.
      
      Conflicts:
      
      	test/testssl
      e27711cf
  12. Jun 30, 2013
  13. Jun 18, 2013