Skip to content
  1. Oct 27, 2014
  2. Oct 21, 2014
  3. Oct 20, 2014
  4. Oct 17, 2014
  5. Oct 15, 2014
  6. Oct 10, 2014
    • Dr. Stephen Henson's avatar
      Preserve digests for SNI. · 4e05aedb
      Dr. Stephen Henson authored
      
      
      SSL_set_SSL_CTX is normally called for SNI after ClientHello has
      received and the digest to use for each certificate has been decided.
      The original ssl->cert contains the negotiated digests and is now
      copied to the new ssl->cert.
      
      PR: 3560
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      4e05aedb
  7. Oct 06, 2014
  8. Sep 29, 2014
    • Dr. Stephen Henson's avatar
      Add additional DigestInfo checks. · 55614f89
      Dr. Stephen Henson authored
      
      
      Reencode DigestInto in DER and check against the original: this
      will reject any improperly encoded DigestInfo structures.
      
      Note: this is a precautionary measure, there is no known attack
      which can exploit this.
      
      Thanks to Brian Smith for reporting this issue.
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      55614f89
  9. Sep 25, 2014
  10. Sep 24, 2014
  11. Sep 21, 2014
  12. Sep 10, 2014
  13. Sep 08, 2014