- Mar 06, 2010
-
-
Dr. Stephen Henson authored
now print out signatures instead of the standard hex dump. More complex signatures (e.g. PSS) can print out more meaningful information. Sample DSA version included that prints out the signature parameters r, s. [Note EVP_PKEY_ASN1_METHOD is an application opaque structure so adding new fields in the middle has no compatibility issues]
-
- Mar 03, 2010
-
-
Dr. Stephen Henson authored
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL could be crashed if the relevant tables were not present (e.g. chrooted).
-
- Feb 26, 2010
-
-
Dr. Stephen Henson authored
-
- Feb 25, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
certificate is explicitly trusted (using -addtrust option to x509 utility for example) the verification is sucessful even if the chain is not complete.
-
- Feb 19, 2010
-
-
Bodo Möller authored
-
- Feb 17, 2010
-
-
Dr. Stephen Henson authored
initial connection to unpatched servers. There are no additional security concerns in doing this as clients don't see renegotiation during an attack anyway.
-
Dr. Stephen Henson authored
Submitted by: James Baker <jbaker@tableausoftware.com> et al. Workaround for slow Heap32Next on some versions of Windows.
-
- Feb 12, 2010
-
-
Dr. Stephen Henson authored
-
- Feb 08, 2010
-
-
Dr. Stephen Henson authored
-
- Feb 07, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
an EVP_CIPHER_CTX structure which may have problems with external ENGINEs who need to duplicate internal handles etc.
-
- Jan 29, 2010
-
-
Dr. Stephen Henson authored
-
- Jan 28, 2010
-
-
Dr. Stephen Henson authored
-
- Jan 27, 2010
-
-
Dr. Stephen Henson authored
-
- Jan 26, 2010
-
-
Dr. Stephen Henson authored
Submitted by: steve@openssl.org More robust fix and workaround for PR#1949. Don't try to work out if there is any write pending data as this can be unreliable: always flush.
-
Dr. Stephen Henson authored
-
- Jan 22, 2010
-
-
Dr. Stephen Henson authored
-
- Jan 13, 2010
-
-
Dr. Stephen Henson authored
Although it will be many years before TLS v2.0 or later appears old versions of servers have a habit of hanging around for a considerable time so best if we handle this properly now.
-
Dr. Stephen Henson authored
stops applications that call CRYPTO_free_all_ex_data() prematurely leaking memory.
-
- Jan 12, 2010
-
-
Dr. Stephen Henson authored
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at> Add options to output hash using older algorithm compatible with OpenSSL versions before 1.0.0
-
- Jan 06, 2010
-
-
Dr. Stephen Henson authored
1. Add provisional SCSV value. 2. Don't send SCSV and RI at same time. 3. Fatal error is SCSV received when renegotiating.
-
- Dec 31, 2009
-
-
Dr. Stephen Henson authored
used compression algorithms in client hello (a legacy from when the compression algorithm wasn't serialized with SSL_SESSION).
-
Dr. Stephen Henson authored
-
- Dec 22, 2009
-
-
Bodo Möller authored
-
- Dec 16, 2009
-
-
Dr. Stephen Henson authored
-
- Dec 09, 2009
-
-
Dr. Stephen Henson authored
Change RI ctrl so it doesn't clash.
-
- Dec 08, 2009
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
work in SSLv3: initial handshake has no extensions but includes MCSV, if server indicates RI support then renegotiation handshakes include RI. NB: current MCSV value is bogus for testing only, will be updated when we have an official value. Change mismatch alerts to handshake_failure as required by spec. Also have some debugging fprintfs so we can clearly see what is going on if OPENSSL_RI_DEBUG is set.
-
- Dec 07, 2009
-
-
Dr. Stephen Henson authored
-
- Dec 02, 2009
-
-
Dr. Stephen Henson authored
-
- Nov 26, 2009
-
-
Dr. Stephen Henson authored
-
Bodo Möller authored
branches. This means that http://www.openssl.org/news/changelog.html will finally describe 0.9.8l.
-
- Nov 25, 2009
-
-
Dr. Stephen Henson authored
and is a pre-requisite to adding password based CMS support.
-
- Nov 09, 2009
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Oct 31, 2009
-
-
Dr. Stephen Henson authored
load_crls and tidy up load_certs. Remove useless purpose variable from verify utility: now done with args_verify.
-
- Oct 30, 2009
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-