- 10 6月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
The return type of BIO_number_read() and BIO_number_written() as well as the corresponding num_read and num_write members in the BIO structure has been changed from unsigned long to uint64_t. On platforms where an unsigned long is 32 bits (e.g. Windows) these counters could overflow if >4Gb is transferred. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 16 5月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
Continuing from the previous commit this changes the way we do client side version negotiation. Similarly all of the s23* "up front" state machine code has been avoided and again things now work much the same way as they already did for DTLS, i.e. we just do most of the work in the ssl3_get_server_hello() function. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
由 Matt Caswell 提交于
This commit changes the way that we do server side protocol version negotiation. Previously we had a whole set of code that had an "up front" state machine dedicated to the negotiating the protocol version. This adds significant complexity to the state machine. Historically the justification for doing this was the support of SSLv2 which works quite differently to SSLv3+. However, we have now removed support for SSLv2 so there is little reason to maintain this complexity. The one slight difficulty is that, although we no longer support SSLv2, we do still support an SSLv3+ ClientHello in an SSLv2 backward compatible ClientHello format. This is generally only used by legacy clients. This commit adds support within the SSLv3 code for these legacy format ClientHellos. Server side version negotiation now works in much the same was as DTLS, i.e. we introduce the concept of TLS_ANY_VERSION. If s->version is set to that then when a ClientHello is received it will work out the most appropriate version to respond with. Also, SSLv23_method and SSLv23_server_method have been replaced with TLS_method and TLS_server_method respectively. The old SSLv23* names still exist as macros pointing at the new name, although they are deprecated. Subsequent commits will look at client side version negotiation, as well of removal of the old s23* code. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 01 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Don't check for NULL before calling a free routine. This gets X509_.*free: x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free X509_STORE_free X509_STORE_CTX_free X509_PKEY_free X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 11 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Avoid checking for NULL before calling free functions. This gets ssl.*free: ssl_sess_cert_free ssl_free ssl_excert_free ssl_cert_free SSL_free SSL_SRP_CTX_free SSL_SESSION_free SSL_CTX_free SSL_CTX_SRP_CTX_free SSL_CONF_CTX_free Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 25 3月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
Ensure RAND_bytes return value is checked correctly, and that we no longer use RAND_pseudo_bytes. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Start ensuring all OpenSSL "free" routines allow NULL, and remove any if check before calling them. This gets DH_free, DSA_free, RSA_free Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 22 1月, 2015 5 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Sometimes it fails to format them very well, and sometimes it corrupts them! This commit moves some particularly problematic ones. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Conflicts: crypto/dsa/dsa_asn1.c crypto/pem/pem_all.c fips/dh/dh_gen.c fips/dh/fips_dh_check.c fips/dh/fips_dh_gen.c ssl/ssl_ciph.c Conflicts: ssl/d1_clnt.c Conflicts: ssl/s2_pkt.c Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 31 12月, 2014 1 次提交
-
-
由 Tim Hudson 提交于
indent will not alter them when reformatting comments Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 06 9月, 2013 1 次提交
-
-
- 05 3月, 2002 1 次提交
-
-
由 Bodo Möller 提交于
-
- 28 2月, 2002 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: D. K. Smetters <smetters@parc.xerox.com> Reviewed by: Bodo Moeller
-
- 24 9月, 2001 1 次提交
-
-
由 Bodo Möller 提交于
-
- 18 9月, 2001 1 次提交
-
-
由 Bodo Möller 提交于
-