Bodo Möller
|
c519e89f5c
Fix session handling.
|
13 years ago |
Dr. Stephen Henson
|
654ac273c1
typo
|
13 years ago |
Dr. Stephen Henson
|
eda3766b53
Output supported curves in preference order instead of numerically.
|
13 years ago |
Dr. Stephen Henson
|
ebc5e72fe5
Don't advertise or use MD5 for TLS v1.2 in FIPS mode
|
13 years ago |
Dr. Stephen Henson
|
238b63613b
use TLS1_get_version macro to check version so TLS v1.2 changes don't interfere with DTLS
|
13 years ago |
Dr. Stephen Henson
|
f37f20ffd3
PR: 2295
|
13 years ago |
Dr. Stephen Henson
|
8f82912460
Process signature algorithms during TLS v1.2 client authentication.
|
13 years ago |
Dr. Stephen Henson
|
fc101f88b6
Reorder signature algorithms in strongest hash first order.
|
13 years ago |
Dr. Stephen Henson
|
a2f9200fba
Initial TLS v1.2 client support. Include a default supported signature
|
13 years ago |
Dr. Stephen Henson
|
6b7be581e5
Continuing TLS v1.2 support: add support for server parsing of
|
13 years ago |
Ben Laurie
|
edc032b5e3
Add SRP support.
|
13 years ago |
Bodo Möller
|
9770924f9b
OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d)
|
13 years ago |
Dr. Stephen Henson
|
d0205686bb
PR: 2240
|
14 years ago |
Dr. Stephen Henson
|
290be870d6
using_ecc doesn't just apply to TLSv1
|
14 years ago |
Dr. Stephen Henson
|
7d5686d355
Don't assume a decode error if session tlsext_ecpointformatlist is not NULL: it can be legitimately set elsewhere.
|
14 years ago |
Dr. Stephen Henson
|
732d31beee
bring HEAD up to date, add CVE-2010-3864 fix, update NEWS files
|
14 years ago |
Ben Laurie
|
bf48836c7c
Fixes to NPN from Adam Langley.
|
14 years ago |
Dr. Stephen Henson
|
bdd5350804
PR: 1833
|
14 years ago |
Ben Laurie
|
ee2ffc2794
Add Next Protocol Negotiation.
|
14 years ago |
Ben Laurie
|
c8bbd98a2b
Fix warnings.
|
14 years ago |
Dr. Stephen Henson
|
c2c49969e2
Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as
|
14 years ago |
Dr. Stephen Henson
|
423c66f10e
Simplify RI+SCSV logic:
|
15 years ago |
Dr. Stephen Henson
|
fbed9f8158
Alert to use is now defined in spec: update code
|
15 years ago |
Dr. Stephen Henson
|
ef51b4b9b4
New option to enable/disable connection to unpatched servers
|
15 years ago |
Dr. Stephen Henson
|
c27c9cb4f7
Allow initial connection (but no renegoriation) to servers which don't support
|
15 years ago |
Dr. Stephen Henson
|
13f6d57b1e
Add support for magic cipher suite value (MCSV). Make secure renegotiation
|
15 years ago |
Dr. Stephen Henson
|
8025e25113
PR: 2121
|
15 years ago |
Dr. Stephen Henson
|
637f374ad4
Initial experimental TLSv1.1 support
|
15 years ago |
Dr. Stephen Henson
|
64abf5e657
Include a more meaningful error message when rejecting legacy renegotiation
|
15 years ago |
Dr. Stephen Henson
|
860c3dd1b6
add missing parts of reneg port, fix apps patch
|
15 years ago |