summaryrefslogtreecommitdiffstats
path: root/crypto/openssl/ssl/ssl_locl.h
Commit message (Collapse)AuthorAgeFilesLines
* Backport OpenSSL commit af58be768ebb690f78530f796e92b8ae5c9a4401:delphij2016-11-021-0/+2
| | | | | | | | | | | | | | Don't allow too many consecutive warning alerts Certain warning alerts are ignored if they are received. This can mean that no progress will be made if one peer continually sends those warning alerts. Implement a count so that we abort the connection if we receive too many. Issue reported by Shi Lei. This is a direct commit to stable/10 and stable/9. Security: CVE-2016-8610
* Merge OpenSSL 1.0.1u.jkim2016-09-221-1/+2
|
* Merge OpenSSL 1.0.1t.jkim2016-05-031-1/+2
| | | | Relnotes: yes
* Merge OpenSSL 1.0.1q.jkim2015-12-031-10/+10
|
* MFC: r284283jkim2015-06-111-0/+1
| | | | Merge OpenSSL 1.0.1n.
* MFC: r280297jkim2015-03-201-738/+783
| | | | | | Merge OpenSSL 1.0.1m. Relnotes: yes
* MFC: r276861, r276863jkim2015-01-091-3/+4
| | | | Merge OpenSSL 1.0.1k.
* MFC: r269682jkim2014-08-071-2/+23
| | | | Merge OpenSSL 1.0.1i.
* MFC: r261037, r264278jkim2014-04-101-0/+1
| | | | Merge OpenSSL 1.0.1f and 1.0.1g.
* MFC r260403 (MFV r260399):delphij2014-01-071-0/+2
| | | | | | | | | | | | | | | | | | | | Apply vendor commits: 197e0ea Fix for TLS record tampering bug. (CVE-2013-4353). 3462896 For DTLS we might need to retransmit messages from the previous session so keep a copy of write context in DTLS retransmission buffers instead of replacing it after sending CCS. (CVE-2013-6450). ca98926 When deciding whether to use TLS 1.2 PRF and record hash algorithms use the version number in the corresponding SSL_METHOD structure instead of the SSL structure. The SSL structure version is sometimes inaccurate. Note: OpenSSL 1.0.2 and later effectively do this already. (CVE-2013-6449). Security: CVE-2013-4353 Security: CVE-2013-6449 Security: CVE-2013-6450
* Merge OpenSSL 1.0.1e.jkim2013-02-131-2/+42
|\ | | | | | | Approved by: secteam (simon), benl (silence)
* \ Merge OpenSSL 1.0.1c.jkim2012-07-121-104/+233
|\ \ | |/ | | | | Approved by: benl (maintainer)
* | Merge OpenSSL 0.9.8x.jkim2012-06-271-0/+2
| | | | | | | | | | | | Reviewed by: stas Approved by: benl (maintainer) MFC after: 3 days
* | Merge OpenSSL 0.9.8m into head.simon2010-03-131-3/+24
|\ \ | |/ | | | | | | | | | | | | | | | | | | This also "reverts" some FreeBSD local changes so we should now be back to using entirely stock OpenSSL. The local changes were simple $FreeBSD$ lines additions, which were required in the CVS days, and the patch for FreeBSD-SA-09:15.ssl which has been superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation extension' support. MFC after: 3 weeks
* | Merge OpenSSL 0.9.8k into head.simon2009-06-141-5/+37
|\ \ | |/ | | | | Approved by: re
| * Flatten OpenSSL vendor tree.simon2008-08-231-950/+0
|/
* Vendor import of OpenSSL 0.9.8d.simon2006-10-011-2/+3
|
* Vendor import of OpenSSL 0.9.8bsimon2006-07-291-49/+377
|
* Vendor import of OpenSSL 0.9.7e.nectar2005-02-251-1/+2
|
* Vendor import of OpenSSL release 0.9.7. This release includesmarkm2003-01-281-39/+49
| | | | support for AES and OpenBSD's hardware crypto.
* Import of OpenSSL 0.9.6f.nectar2002-08-101-1/+1
|
* Import of OpenSSL 0.9.6e.nectar2002-07-301-7/+8
|
* Initial import of OpenSSL 0.9.6akris2001-05-201-2/+2
|
* Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10kris2001-02-181-1/+54
|
* Initial import of OpenSSL 0.9.6kris2000-11-131-2/+3
|
* Initial import of OpenSSL 0.9.5akris2000-04-131-48/+104
|
* Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patentkris2000-01-101-0/+499
infringement reasons.
OpenPOWER on IntegriCloud