| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2011-09-05 | Fix session handling. | Bodo Möller | |
| 2011-09-05 | Fix d2i_SSL_SESSION. | Bodo Möller | |
| 2011-08-03 | Expand range of ctrls for AES GCM to support retrieval and setting of | Dr. Stephen Henson | |
| invocation field. Add complete support for AES GCM ciphersuites including all those in RFC5288 and RFC5289. | |||
| 2011-07-25 | Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support and | Dr. Stephen Henson | |
| prohibit use of these ciphersuites for TLS < 1.2 | |||
| 2011-05-12 | Process signature algorithms during TLS v1.2 client authentication. | Dr. Stephen Henson | |
| Make sure message is long enough for signature algorithms. | |||
| 2011-05-09 | Initial TLS v1.2 client support. Include a default supported signature | Dr. Stephen Henson | |
| algorithms extension (including everything we support). Swicth to new signature format where needed and relax ECC restrictions. Not TLS v1.2 client certifcate support yet but client will handle case where a certificate is requested and we don't have one. | |||
| 2011-04-29 | Initial incomplete TLS v1.2 support. New ciphersuites added, new version | Dr. Stephen Henson | |
| checking added, SHA256 PRF support added. At present only RSA key exchange ciphersuites work with TLS v1.2 as the new signature format is not yet implemented. | |||
| 2011-04-29 | Initial "opaque SSL" framework. If an application defines | Dr. Stephen Henson | |
| OPENSSL_NO_SSL_INTERN all ssl related structures are opaque and internals cannot be directly accessed. Many applications will need some modification to support this and most likely some additional functions added to OpenSSL. The advantage of this option is that any application supporting it will still be binary compatible if SSL structures change. | |||
| 2011-03-16 | Fix broken SRP error/function code assignment. | Dr. Stephen Henson | |
| 2011-03-12 | Add SRP support. | Ben Laurie | |
| 2010-09-05 | Fixes to NPN from Adam Langley. | Ben Laurie | |
| 2010-08-26 | For better forward-security support, add functions | Bodo Möller | |
| SSL_[CTX_]set_not_resumable_session_callback. Submitted by: Emilia Kasper (Google) [A part of this change affecting ssl/s3_lib.c was accidentally commited separately, together with a compilation fix for that file; see s3_lib.c CVS revision 1.133 (http://cvs.openssl.org/chngview?cn=19855).] | |||
| 2010-08-26 | PR: 1833 | Dr. Stephen Henson | |
| Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Support for abbreviated handshakes when renegotiating. | |||
| 2010-07-28 | Add Next Protocol Negotiation. | Ben Laurie | |
| 2010-07-18 | PR: 1830 | Dr. Stephen Henson | |
| Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson Support for RFC5705 key extractor. | |||
| 2010-07-18 | oops, revert wrong patch.. | Dr. Stephen Henson | |
| 2010-07-18 | Fix warnings (From HEAD, original patch by Ben). | Dr. Stephen Henson | |
| 2010-01-06 | Updates to conform with draft-ietf-tls-renegotiation-03.txt: | Dr. Stephen Henson | |
| 1. Add provisional SCSV value. 2. Don't send SCSV and RI at same time. 3. Fatal error is SCSV received when renegotiating. | |||
| 2010-01-06 | compress_meth should be unsigned | Dr. Stephen Henson | |
| 2010-01-01 | Client side compression algorithm sanity checks: ensure old compression | Dr. Stephen Henson | |
| algorithm matches current and give error if compression is disabled and server requests it (shouldn't happen unless server is broken). | |||
| 2009-12-31 | Compression handling on session resume was badly broken: it always | Dr. Stephen Henson | |
| used compression algorithms in client hello (a legacy from when the compression algorithm wasn't serialized with SSL_SESSION). | |||
| 2009-12-16 | New option to enable/disable connection to unpatched servers | Dr. Stephen Henson | |
| 2009-12-11 | Move SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION out of SSL_OP_ALL and move ↵ | Dr. Stephen Henson | |
| SSL_OP_NO_TLSv1_1 | |||
| 2009-12-09 | Add patch to crypto/evp which didn't apply from PR#2124 | Dr. Stephen Henson | |
| 2009-12-09 | Add ctrls to clear options and mode. | Dr. Stephen Henson | |
| Change RI ctrl so it doesn't clash. | |||
| 2009-12-08 | Add ctrl and macro so we can determine if peer support secure renegotiation. | Dr. Stephen Henson | |
| 2009-12-07 | Initial experimental TLSv1.1 support | Dr. Stephen Henson | |
| 2009-11-18 | Include a more meaningful error message when rejecting legacy renegotiation | Dr. Stephen Henson | |
| 2009-11-09 | First cut of renegotiation extension. (port to HEAD) | Dr. Stephen Henson | |
| 2009-09-12 | PR: 2025 | Dr. Stephen Henson | |
| Submitted by: Tomas Mraz <tmraz@redhat.com> Approved by: steve@openssl.org Constify SSL_CIPHER_description | |||
| 2009-09-09 | PR: 2033 | Dr. Stephen Henson | |
| Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org DTLS listen support. | |||
| 2009-09-06 | Make update, deleting bogus DTLS error code | Dr. Stephen Henson | |
| 2009-08-26 | PR: 2006 | Dr. Stephen Henson | |
| Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Do not use multiple DTLS records for a single user message | |||
| 2009-08-12 | Update default dependency flags. | Dr. Stephen Henson | |
| Make error name discrepancies a fatal error. Fix error codes. make update | |||
| 2009-08-12 | PR: 1997 | Dr. Stephen Henson | |
| Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org DTLS timeout handling fix. | |||
| 2009-07-15 | Update from 1.0.0-stable. | Dr. Stephen Henson | |
| 2009-06-30 | Update from 1.0.0-stable. | Dr. Stephen Henson | |
| 2009-04-28 | Typo. | Dr. Stephen Henson | |
| 2009-04-20 | Updates from 1.0.0-stable branch. | Dr. Stephen Henson | |
| 2009-04-08 | Update from 1.0.0-stable | Dr. Stephen Henson | |
| 2009-04-06 | Updates from 1.0.0-stable | Dr. Stephen Henson | |
| 2009-04-04 | Updates from 1.0.0-stable | Dr. Stephen Henson | |
| 2008-12-27 | Deal with the unlikely event that EVP_MD_CTX_size() returns an error. | Ben Laurie | |
| (Coverity ID 140). | |||
| 2008-12-27 | Handle the unlikely event that BIO_get_mem_data() returns -ve. | Ben Laurie | |
| 2008-11-16 | Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks. | Ben Laurie | |
| 2008-11-15 | PR: 1574 | Dr. Stephen Henson | |
| Submitted by: Jouni Malinen <j@w1.fi> Approved by: steve@openssl.org Ticket override support for EAP-FAST. | |||
| 2008-11-12 | Revert the size_t modifications from HEAD that had led to more | Geoff Thorpe | |
| knock-on work than expected - they've been extracted into a patch series that can be completed elsewhere, or in a different branch, before merging back to HEAD. | |||
| 2008-11-01 | More size_tification. | Ben Laurie | |
| 2008-10-12 | Type-checked (and modern C compliant) OBJ_bsearch. | Ben Laurie | |
| 2008-09-10 | Add SSL_FIPS flag for FIPS 140-2 approved ciphersuites and add a new | Dr. Stephen Henson | |
| strength "FIPS" to represent all FIPS approved ciphersuites without NULL encryption. | |||
 |
index : openssl | |
| Mirror of https://github.com/openssl/openssl | matthias |
| summaryrefslogtreecommitdiffstats |