- Apr 26, 2012
-
-
Dr. Stephen Henson authored
-
Andy Polyakov authored
-
Andy Polyakov authored
-
- Apr 25, 2012
-
-
Dr. Stephen Henson authored
OpenSSL 1.0.0. Add CHANGES entry noting the consequences.
-
Andy Polyakov authored
vector contiguous. PR: 2802
-
- Apr 24, 2012
-
-
Dr. Stephen Henson authored
Reviewed by: steve Improved localisation of TLS extension handling and code tidy.
-
- Apr 23, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Apr 22, 2012
-
-
Andy Polyakov authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de> Add Brainpool curves from RFC5639. Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
-
- Apr 19, 2012
-
-
Andy Polyakov authored
PR: 2792
-
Dr. Stephen Henson authored
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer in CRYPTO_realloc_clean. Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
-
Dr. Stephen Henson authored
-
Andy Polyakov authored
PR: 2793
-
- Apr 18, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Andy Polyakov authored
e_aes_cbc_hmac_sha1.c (mostly for aesthetic reasons).
-
Andy Polyakov authored
PR: 2792
-
Andy Polyakov authored
tested, because kernel is not in shape to handle it *yet*. The code is committed mostly to stimulate the kernel development.
-
- Apr 17, 2012
-
-
Bodo Möller authored
(TLS 1.2 clients could end up negotiating these with an OpenSSL server with TLS 1.2 disabled, which is problematic.) Submitted by: Adam Langley
-
Dr. Stephen Henson authored
If OPENSSL_MAX_TLS1_2_CIPHER_LENGTH is set then limit the size of client ciphersuites to this value. A value of 50 should be sufficient. Document workarounds in CHANGES.
-
Dr. Stephen Henson authored
Some servers hang when presented with a client hello record length exceeding 255 bytes but will work with longer client hellos if the TLS record version in client hello does not exceed TLS v1.0. Unfortunately this doesn't fix all cases...
-
- Apr 16, 2012
-
-
Andy Polyakov authored
PR: 2791 Submitted by: Ben Noordhuis
-
Andy Polyakov authored
PR: 2790 Submitted by: Alexei Khlebnikov
-
- Apr 15, 2012
-
-
Andy Polyakov authored
PR: 2538
-
Andy Polyakov authored
countermeasure. PR: 2778
-
- Apr 12, 2012
-
-
Andy Polyakov authored
-
- Apr 11, 2012
-
-
Dr. Stephen Henson authored
s_server.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Apr 10, 2012
-
-
Dr. Stephen Henson authored
-
- Apr 09, 2012
-
-
Andy Polyakov authored
-
- Apr 06, 2012
-
-
Dr. Stephen Henson authored
Localize client hello extension parsing in t1_lib.c
-
- Apr 05, 2012
-
-
Dr. Stephen Henson authored
enabled instead of requiring an application to hard code a (possibly inappropriate) parameter set and delve into EC internals we just automatically use the preferred curve.
-
Dr. Stephen Henson authored
-
Andy Polyakov authored
-