Age | Commit message (Collapse) | Author |
|
|
|
Submitted by: Nils Larsch
|
|
|
|
a year.
|
|
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
|
|
relates to SSL_CTX flags and the use of "external" session caching. The
existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is
supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE".
The bitwise OR of the two flags is also defined as
"SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most
applications wanting to implement session caching *entirely* by its own
provided callbacks. As the documented behaviour contradicted actual
behaviour up until recently, and since that point behaviour has itself been
inconsistent anyway, this change should not introduce any compatibility
problems. I've adjusted the relevant documentation to elaborate about how
this works.
Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these
anomalies and testing this patch for correctness.
PR: 311
|
|
CertificateVerify for 4096 bit RSA signatures
|
|
PR: 189
|
|
PR: 189
|
|
the same source file.
|
|
|
|
PR: 189
|
|
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
|
|
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
|
|
Submitted by: "Chris Brook" <cbrook@v-one.com>
|
|
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
PR: 291
|
|
PR: 262
|
|
PR: 274
|
|
PR: 262
|
|
Submitted by:
Reviewed by:
PR: 212
|
|
|
|
become rather large. This becomes a problem when the default 1024
character large buffer that WRITE uses isn't enough. WRITE/SYMBOL
uses a 2048 byte large buffer instead.
|
|
That will make the test go through even if DH (or in some cases ECDH) aren't
built into OpenSSL.
PR: 216, part 2
|
|
Submitted by: Douglas Stebila
|
|
Submitted by: Douglas Stebila
|
|
Submitted by: Douglas Stebila
|
|
Submitted by: Nils Larsch
|
|
|
|
|
|
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
(Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)
|
|
|
|
|
|
Part of PR 181
|
|
Submitted by: Jeffrey Altman <jaltman@columbia.edu>
Reviewed by:
PR: 169
|
|
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
|
|
|
|
Submitted by:
Reviewed by:
PR: 127
|
|
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.
Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.
Fix ec_asn1.c (take into account the desired conversion form).
'make update'.
Submitted by: Nils Larsch
|
|
des_old.h redefines crypt:
#define crypt(b,s)\
DES_crypt((b),(s))
This scheme leads to failure, if header files with the OS's true definition
of crypt() are processed _after_ des_old.h was processed. This is e.g. the
case on HP-UX with unistd.h.
As evp.h now again includes des.h (which includes des_old.h), this problem
only came up after this modification.
Solution: move header files (indirectly) including e_os.h before the header
files (indirectly) including evp.h.
Submitted by:
Reviewed by:
PR:
|
|
not covered by the strength bit mask.
Submitted by:
Reviewed by:
PR: 130
|
|
(but noone uses it anyway)
fix t1_enc.c: use OPENSSL_NO_RC4, not NO_RC4
|
|
|
|
handled properly.
Part of PR 75
|
|
vulnerability workaround (included in SSL_OP_ALL).
PR: #90
|
|
|
|
|
|
|
|
|
|
in the default ciphersuite list
|
|
|