- Jun 01, 2014
-
-
Felix Laurie von Massenbach authored
-
Felix Laurie von Massenbach authored
-
Felix Laurie von Massenbach authored
-
Dr. Stephen Henson authored
-
David Ramos authored
Make sure there is an extra 4 bytes for server done message when NETSCAPE_HANG_BUG is defined. PR#3361
-
David Ramos authored
PR#3313
-
- May 31, 2014
-
-
Dr. Stephen Henson authored
PR#3319
-
Dr. Stephen Henson authored
-
- May 30, 2014
-
-
Hubert Kario authored
the verify app man page didn't describe the usage of attime option even though it was listed as a valid option in the -help message. This patch fixes this omission.
-
Hubert Kario authored
While the -help message references this option, the man page doesn't mention the -no_ecdhe option. This patch fixes this omission.
-
- May 29, 2014
-
-
Andy Polyakov authored
Submitted by: Ard Biesheuvel.
-
Dr. Stephen Henson authored
PR#3249
-
František Bořánek authored
PR#3278
-
Martin Kaiser authored
-
Andy Polyakov authored
10-19% improvement depending on key length and endianness.
-
- May 27, 2014
-
-
Peter Mosmans authored
-
- May 26, 2014
-
-
Matt Caswell authored
-
Matt Caswell authored
-
Juli Mallett authored
Closes #74.
-
- May 25, 2014
-
-
Matt Caswell authored
-
Ben Laurie authored
Closes #31.
-
Christian Heimes authored
-
Christian Heimes authored
-
Dr. Stephen Henson authored
When looking for the issuer of a certificate, if current candidate is expired, continue looking. Only return an expired certificate if no valid certificates are found. PR#3359
-
Dr. Stephen Henson authored
-
- May 24, 2014
-
-
Matt Caswell authored
-
Ben Laurie authored
-
- May 23, 2014
-
-
Martin Kaiser authored
-
Martin Kaiser authored
Add an NSS output format to sess_id to export to export the session id and the master key in NSS keylog format. PR#3352
-
Luiz Angelo Daros de Luca authored
subjectAltName field. The Name Contraint example in x509v3_config(5) even use IP as an example: nameConstraints=permitted;IP:192.168.0.0/255.255.0.0 However, until now, the verify code for IP name contraints did not exist. Any check with a IP Address Name Constraint results in a "unsupported name constraint type" error. This patch implements support for IP Address Name Constraint (v4 and v6). This code validaded correcly certificates with multiple IPv4/IPv6 address checking against a CA certificate with these constraints: permitted;IP.1=10.9.0.0/255.255.0.0 permitted;IP.2=10.48.0.0/255.255.0.0 permitted;IP.3=10.148.0.0/255.255.0.0 permitted;IP.4=fdc8:123f:e31f::/ffff:ffff:ffff:: Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
-
Andy Polyakov authored
-
Andy Polyakov authored
-
- May 22, 2014
-
-
-
Mike Bland authored
Replaces the entire test with a trivial implementation when OPENSSL_NO_HEARTBEATS is defined.
-
Ben Laurie authored
-
- May 21, 2014
-
-
Matt Caswell authored
-
Matt Caswell authored
-
Ben Laurie authored
-
Ben Laurie authored
-
Viktor Dukhovni authored
Fixes to host checking wild card support and add support for setting host checking flags when verifying a certificate chain.
-