- 02 Jan, 2014 1 commit
-
-
Dr. Stephen Henson authored
When sending an invalid version number alert don't change the version number to the client version if a session is already established. Thanks to Marek Majkowski for additional analysis of this issue. PR#3191
-
- 29 Dec, 2013 1 commit
-
-
Dr. Stephen Henson authored
(cherry picked from commit cfa86987a8d9d2b8cc5e5fea2d3260c46542cdb9)
-
- 28 Dec, 2013 3 commits
-
-
Andy Polyakov authored
PR: 3202
-
Andy Polyakov authored
-
Andy Polyakov authored
-
- 22 Dec, 2013 1 commit
-
-
Dr. Stephen Henson authored
If content is detached and not binary mode translate the input to CRLF format. Before this change the input was verified verbatim which lead to a discrepancy between sign and verify.
-
- 20 Dec, 2013 2 commits
-
-
Dr. Stephen Henson authored
For DTLS we might need to retransmit messages from the previous session so keep a copy of write context in DTLS retransmission buffers instead of replacing it after sending CCS. CVE-2013-6450. (cherry picked from commit 34628967)
-
Dr. Stephen Henson authored
(cherry picked from commit a6c62f0c)
-
- 18 Dec, 2013 7 commits
-
-
Andy Polyakov authored
(and ensure stack alignment in the process)
-
Andy Polyakov authored
It worked because it was never called.
-
Andy Polyakov authored
-
Andy Polyakov authored
SHA512_Transform was initially added rather as tribute to tradition than for practucal reasons. But use was recently found in ssl/s3_cbc.c and it turned to be problematic on platforms that don't tolerate misasligned references to memory and lack assembly subroutine.
-
Andy Polyakov authored
-
Dr. Stephen Henson authored
Partial mitigation of PR#3200 (cherry picked from commit 0294b2be)
-
Dr. Stephen Henson authored
-
- 13 Dec, 2013 5 commits
-
-
Dr. Stephen Henson authored
Move the IP, email and host checking fields from the public X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID structure. By doing this the structure can be modified in future without risk of breaking any applications. (cherry picked from commit adc6bd73) Conflicts: crypto/x509/x509_vpm.c
-
Dr. Stephen Henson authored
Fix padding calculation for different SSL_METHOD types. Use the standard name as used in draft-agl-tls-padding-02
-
Dr. Stephen Henson authored
For consistency with other cases if we are performing partial chain verification with just one certificate notify the callback with ok==1. (cherry picked from commit 852553d9005e13aed7feb986a5d71cb885b994c7)
-
Dr. Stephen Henson authored
New functions to retrieve internal pointers to X509_VERIFY_PARAM for SSL_CTX and SSL structures. (cherry picked from commit be0c9270690ed9c1799900643cab91de146de857)
-
Dr. Stephen Henson authored
(cherry picked from commit 16898401bd47a153fbf799127ff57fdcfcbd324f)
-
- 10 Dec, 2013 2 commits
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- 09 Dec, 2013 2 commits
-
-
Andy Polyakov authored
-
Andy Polyakov authored
This also eliminates code duplication between x86_64-mont and x86_64-mont and optimizes even original non-MULX code.
-
- 04 Dec, 2013 5 commits
-
-
Andy Polyakov authored
-
Andy Polyakov authored
Suggested by: Marcello Cerri
-
Andy Polyakov authored
Suggested by: Marcello Cerri
-
Andy Polyakov authored
-
Andy Polyakov authored
AIX assembler doesn't hanle .align, which is essential for vpaes module.
-
- 03 Dec, 2013 4 commits
-
-
Andy Polyakov authored
PR: 3189 Submitted by: Oscar Ciurana
-
Andy Polyakov authored
-
Andy Polyakov authored
rsaz_exp.c: harmonize line terminating; asm/rsaz-*.pl: minor optimizations.
-
Andy Polyakov authored
-
- 30 Nov, 2013 1 commit
-
-
Dr. Stephen Henson authored
-
- 29 Nov, 2013 1 commit
-
-
Andy Polyakov authored
-
- 27 Nov, 2013 3 commits
-
-
Andy Polyakov authored
-
Andy Polyakov authored
-
Andy Polyakov authored
-
- 18 Nov, 2013 2 commits
-
-
Dr. Stephen Henson authored
New functions to retrieve current certificate or private key from an SSL_CTX. Constify SSL_get_private_key().
-
Dr. Stephen Henson authored
-
