- Jan 31, 2012
-
-
Dr. Stephen Henson authored
structure. Before this the only way to add a custom chain was in the parent SSL_CTX (which is shared by all key types and SSL structures) or rely on auto chain building (which is performed on each handshake) from the trust store.
-
- Jan 27, 2012
-
-
Dr. Stephen Henson authored
-
- Jan 26, 2012
-
-
Dr. Stephen Henson authored
certificate chain instead of an X509 structure. This makes it easier to enhance code in future and the chain output functions have access to the CERT_PKEY structure being used.
-
Dr. Stephen Henson authored
New function ssl_add_cert_chain which adds a certificate chain to SSL internal BUF_MEM. Use this function in ssl3_output_cert_chain and dtls1_output_cert_chain instead of partly duplicating code.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Jan 25, 2012
-
-
Andy Polyakov authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Jan 22, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Jan 21, 2012
-
-
Andy Polyakov authored
-
- Jan 18, 2012
-
-
Dr. Stephen Henson authored
Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and preparing a fix. (CVE-2012-0050)
-
- Jan 17, 2012
-
-
Dr. Stephen Henson authored
-
- Jan 16, 2012
-
-
Dr. Stephen Henson authored
The cipher definitions of these ciphersuites have been around since SSLeay but were always disabled. Now OpenSSL supports DH certificates they can be finally enabled. Various additional changes were needed to make them work properly: many unused fixed DH sections of code were untested.
-
- Jan 15, 2012
-
-
Andy Polyakov authored
-
Andy Polyakov authored
PR: 2613 Submitted by: Leena Heino
-
Dr. Stephen Henson authored
-
- Jan 14, 2012
-
-
Andy Polyakov authored
-
- Jan 13, 2012
-
-
Andy Polyakov authored
-
Andy Polyakov authored
(most restrictive about r2 and r13 usage).
-
- Jan 12, 2012
-
-
Andy Polyakov authored
are passed zero-extended, not sign-extended. PR: 2682
-
Andy Polyakov authored
PR: 2677 Submitted by: Annue Yousar
-
- Jan 11, 2012
-
-
Andy Polyakov authored
PR: 2683 Submitted by: Annie Yousar
-
Andy Polyakov authored
PR: 2681 Submitted by: Annie Yousar
-
Andy Polyakov authored
PR: 2678 Submitted by: Annie Yousar
-
Andy Polyakov authored
PR: 2675 Submitted by: Annie Yousar
-
Andy Polyakov authored
PR: 2685
-
- Jan 10, 2012
-
-
Dr. Stephen Henson authored
-
- Jan 06, 2012
-
-
Andy Polyakov authored
-
Andy Polyakov authored
-
- Jan 05, 2012
-
-
Bodo Möller authored
(While the 1.0.0f CHANGES entry on VOS PRNG seeding was missing in HEAD, the actual code is here already.)
-
Bodo Möller authored
-
Bodo Möller authored
Submitted by: Brian Carlstrom
-
Dr. Stephen Henson authored
Submitted by: steve Update maximum message size for certifiate verify messages to support 4096 bit RSA keys again as TLS v1.2 messages is two bytes longer.
-
Dr. Stephen Henson authored
Reviewed by: steve Send fatal alert if heartbeat extension has an illegal value.
-
Dr. Stephen Henson authored
-
- Jan 04, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Reviewed by: steve Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and Kenny Paterson.
-
Dr. Stephen Henson authored
-