| Age | Commit message (Collapse) | Author |
|---|
|
|
|
(cherry picked from commit 08b433540416c5bc9a874ba0343e35ba490c65f1)
|
|
|
|
(cherry picked from commit 01be36ef70525e81fc358d2e559bdd0a0d9427a5)
|
|
(cherry picked from commit 7040d73d22987532faa503630d6616cf2788c975)
|
|
Add function to retrieve the signature from a CMS_SignerInfo structure:
applications can then read or modify it.
(cherry picked from commit e8df6cec4c09b9a94c4c07abcf0402d31ec82cc1)
|
|
Original definition depended on __LONG_MAX__ that is not guaranteed to
be present. As we don't support platforms with int narrower that 32 bits
it's appropriate to make defition inconditional.
PR: 3165
(cherry picked from commit 96180cac04591abfe50fc86096365553484bde65)
|
|
PR: 3165
(cherry picked from commit d24d1d7daf515aa19fbf18f6371e3e617028a07c)
|
|
Enable PSK ciphersuites with AES or DES3 in FIPS mode.
(cherry picked from commit e0ffd129c16af90eb5e2ce54e57832c0046d1aaf)
|
|
|
|
<christian@python.org>.
|
|
|
|
(cherry picked from commit 96e16bddb42563dc09187939dc20b35369d413b7)
|
|
(cherry picked from commit c557f921dcb20a1bf2ce75e9dc7dd164e59ec3ea)
|
|
(cherry picked from commit abf840e4f71c3a8795428c213fd37ece2a910443)
|
|
(cherry picked from commit 27f3b65f49ea91fcf4b46ec0298be51b4207214a)
|
|
Extend SSL_CONF to return command value types.
Add certificate and key options.
Update documentation.
(cherry picked from commit ec2f7e568ea18a22ab57326fffe78ef2aa6884f5)
|
|
(cherry picked from commit 13af1451595b514524b0efc17f99f6392ce090d5)
|
|
Don't require a public key in tls1_set_ec_id if compression status is
not needed. This fixes a bug where SSL_OP_SINGLE_ECDH_USE wouldn't work.
|
|
Add -ecdh_single option to set SSL_OP_SINGLE_ECDH_USE on the command line.
|
|
PR: 2809
DTLS/SCTP requires DATA and FORWARD-TSN chunks to be protected with
SCTP-AUTH. It is checked if this has been activated successfully for
the local and remote peer. Due to a bug, however, the
gauth_number_of_chunks field of the authchunks struct is missing on
FreeBSD, and was therefore not considered in the OpenSSL implementation.
This patch sets the corresponding pointer for the check correctly
whether or not this bug is present.
|
|
PR: 2808
With DTLS/SCTP the SCTP extension SCTP-AUTH is used to protect DATA and
FORWARD-TSN chunks. The key for this extension is derived from the
master secret and changed with the next ChangeCipherSpec, whenever a new
key has been negotiated. The following Finished then already uses the
new key. Unfortunately, the ChangeCipherSpec and Finished are part of
the same flight as the ClientKeyExchange, which is necessary for the
computation of the new secret. Hence, these messages are sent
immediately following each other, leaving the server very little time to
compute the new secret and pass it to SCTP before the finished arrives.
So the Finished is likely to be discarded by SCTP and a retransmission
becomes necessary. To prevent this issue, the Finished of the client is
still sent with the old key.
|
|
|
|
|
|
Instead, send random bytes, unless SSL_SEND_{CLIENT,SERVER}RANDOM_MODE
is set.
This is a forward-port of commits:
4af793036f6ef4f0a1078e5d7155426a98d50e37
f4c93b46edb51da71f09eda99e83eaf193a33c08
3da721dac9382c48812c8eba455528fd59af2eef
2583270191a8b27eed303c03ece1da97b9b69fd3
While the gmt_unix_time record was added in an ostensible attempt to
mitigate the dangers of a bad RNG, its presence leaks the host's view
of the current time in the clear. This minor leak can help
fingerprint TLS instances across networks and protocols... and what's
worse, it's doubtful thet the gmt_unix_time record does any good at
all for its intended purpose, since:
* It's quite possible to open two TLS connections in one second.
* If the PRNG output is prone to repeat itself, ephemeral
handshakes (and who knows what else besides) are broken.
|
|
|
|
|
|
Removing RSA+MD5 from the default signature algorithm list
prevents its use by default.
If a broken implementation attempts to use RSA+MD5 anyway the sanity
checking of signature algorithms will cause a fatal alert.
(cherry picked from commit 77a0f740d00ecf8f6b01c0685a2f858c3f65a3dd)
|
|
|
|
Suggested by: Anton Blanchard
(cherry picked from commit 76c15d790e07f6cc098be2d7b7f6ddc8acd11ca6)
|
|
(cherry picked from commit 6699cb84912f0d7c04acbf91c3e3dbdae5929857)
|
|
(cherry picked from commit f6983769c1bcd6c3c6b6bbfbbc41848f6dccf127)
|
|
(cherry picked from commit 8ba2d4ed7f128e400693562efd35985068c45e4d)
|
|
(cherry picked from commit 695e8c36528f9c3275f5f56e9633ac6a0c11f2e3)
|
|
Includes multiple updates: AES module to comply with more ABI
flavors, SHA512 for PPC32, .size directives.
|
|
PR: 3110
Submitted by Corinna Vinschen.
(cherry picked from commit b3ef742cbbc1c8bf0e33dca60f08c65031647b07)
|
|
(cherry picked from commit 039081b80977e2a5de84e1f88f8b4d025b559956)
|
|
Latest MIPS ISA specification declared 'branch likely' instructions
obsolete. To makes code future-proof replace them with equivalent.
(cherry picked from commit 0c2adb0a9be76da8de9bbfd5377215f71711a52e)
|
|
Performance improvement and Windows-specific bugfix (PR#3139).
|
|
(cherry picked from commit fa104be35e24f3fea895d55bb7042d6f4b2963e9)
|
|
|
|
|
|
Submitted by: Yuriy Kaminskiy
(cherry picked from commit 524b00c0da42b129ed8622dfb3f5eab9cc5d6617)
|
|
PR: 3130
(cherry picked from commit 6b2cae0c16631c6c1ccf61080fc2aa9bd1b5ea1b)
|
|
|
|
|
|
|
|
|
|
Submitted by: Yuriy Kaminskiy
(cherry picked from commit 524b00c0da42b129ed8622dfb3f5eab9cc5d6617)
|
|
PR: 3130
(cherry picked from commit 6b2cae0c16631c6c1ccf61080fc2aa9bd1b5ea1b)
|
