Skip to content
  1. Nov 17, 2014
  2. Nov 13, 2014
  3. Nov 12, 2014
  4. Nov 11, 2014
  5. Nov 10, 2014
  6. Oct 29, 2014
  7. Oct 28, 2014
  8. Oct 27, 2014
  9. Oct 21, 2014
  10. Oct 20, 2014
  11. Oct 17, 2014
  12. Oct 15, 2014
  13. Oct 10, 2014
    • Dr. Stephen Henson's avatar
      Preserve digests for SNI. · 4e05aedb
      Dr. Stephen Henson authored
      
      
      SSL_set_SSL_CTX is normally called for SNI after ClientHello has
      received and the digest to use for each certificate has been decided.
      The original ssl->cert contains the negotiated digests and is now
      copied to the new ssl->cert.
      
      PR: 3560
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      4e05aedb
  14. Oct 06, 2014
  15. Sep 29, 2014
    • Dr. Stephen Henson's avatar
      Add additional DigestInfo checks. · 55614f89
      Dr. Stephen Henson authored
      
      
      Reencode DigestInto in DER and check against the original: this
      will reject any improperly encoded DigestInfo structures.
      
      Note: this is a precautionary measure, there is no known attack
      which can exploit this.
      
      Thanks to Brian Smith for reporting this issue.
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      55614f89