mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-01 19:28:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
28,832 Commits 30 Branches 390 Tags 502 MiB
c6df354c2a
Commit Graph

12 Commits

Author SHA1 Message Date
Matt Caswell
a28d06f3e9 Update copyright year 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)
 2021-02-18 15:05:17 +00:00
Matt Caswell
a763ca1177 Stop disabling TLSv1.3 if ec and dh are disabled 
Even if EC and DH are disabled then we may still be able to use TLSv1.3
if we have groups that have been plugged in by an external provider.

Fixes #13767

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
 2021-02-05 15:22:40 +00:00
Richard Levitte
e39e295e20 Update copyright year 
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12463)
 2020-07-16 14:47:04 +02:00
Kurt Roeckx
aba03ae571 Reduce the security bits for MD5 and SHA1 based signatures in TLS 
This has as effect that SHA1 and MD5+SHA1 are no longer supported at
security level 1, and that TLS < 1.2 is no longer supported at the
default security level of 1, and that you need to set the security
level to 0 to use TLS < 1.2.

Reviewed-by: Tim Hudson <tjh@openssl.org>
GH: #10787
 2020-06-27 08:41:40 +02:00
Richard Levitte
909f1a2e51 Following the license change, modify the boilerplates in test/ 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7767)
 2018-12-06 14:19:22 +01:00
Matt Caswell
5627f9f217 Don't detect a downgrade where the server has a protocol version hole 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7013)
 2018-08-22 15:15:19 +01:00
Matt Caswell
3e7cb13dff Test that a client protocol "hole" doesn't get detected as a downgrade 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7013)
 2018-08-22 15:15:19 +01:00
Matt Caswell
9f22c52723 Turn on TLSv1.3 downgrade protection by default 
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6741)
 2018-08-15 12:33:30 +01:00
Matt Caswell
9b287d53db Add a test for TLSv1.3 fallback 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6894)
 2018-08-09 10:53:09 +01:00
Matt Caswell
6738bf1417 Update copyright year 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2018-02-13 13:59:25 +00:00
Richard Levitte
c5856878f7 Enable TLSProxy tests on Windows 
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5094)
 2018-01-20 09:22:20 +01:00
Matt Caswell
b9647e34ff Add a test for the TLSv1.3 downgrade mechanism 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3022)
 2017-03-24 14:07:11 +00:00