| Commit message (Expand) | Author | Age | Files | Lines |
* | deprecate SSL_OP_SINGLE_DH_USElibressl-v2.1.10OPENBSD_5_7 | beck | 2016-01-27 | 2 | -37/+6 |
* | Fix for OpenSSL CVE-2015-3195libressl-v2.1.9 | beck | 2015-12-04 | 1 | -3/+8 |
* | patch for OpenSSL CVE-2015-3194 | beck | 2015-12-04 | 1 | -2/+2 |
* | pull up fixes for leak and overrunlibressl-v2.1.8 | tedu | 2015-10-15 | 1 | -6/+4 |
* | MFC: Fix several defects from OpenSSL.libressl-v2.1.7 | jsing | 2015-06-11 | 3 | -9/+37 |
* | Fix several crash causing defects from OpenSSL.libressl-v2.1.6 | tedu | 2015-03-19 | 13 | -65/+166 |
* | This commit was manufactured by cvs2git to create branch 'OPENBSD_5_7'.libressl-v2.1.5 | cvs2svn | 2015-03-08 | 1183 | -376689/+0 |
* | Reject DH keys sent by a server if they are considered too small; inspired | miod | 2015-03-08 | 3 | -40/+28 |
* | Do not use sha512-parisc for now, as it is subtly bugged - passes the sha | miod | 2015-03-05 | 2 | -2/+6 |
* | subtraction is not comparison. the difference of two longs is not good | tedu | 2015-03-05 | 1 | -1/+1 |
* | Update comment to match code; Caspar Schutijserlibressl-v2.1.4 | millert | 2015-03-02 | 1 | -2/+2 |
* | Fix a minor information leak that was introduced in t1_lib.c r1.71, whereby | jsing | 2015-03-02 | 2 | -4/+4 |
* | use correct formatter (int, because of type promotion after operations) | bcook | 2015-03-02 | 1 | -2/+2 |
* | Reduce usage of predefined strings in manpages. | bentley | 2015-02-28 | 1 | -7/+7 |
* | Prefix function parameter names with underscores in tls.h, since this makes | jsing | 2015-02-26 | 1 | -42/+44 |
* | No need to use O_DIRECTORY when opening ".", O_RDONLY will suffice. | millert | 2015-02-25 | 1 | -1/+1 |
* | Fix CVE-2014-3570: properly calculate the square of a BIGNUM value. | bcook | 2015-02-25 | 7 | -1331/+672 |
* | Trivial fix for test progress output. | bcook | 2015-02-25 | 1 | -4/+7 |
* | Avoid NULL pointer deref in hashinfo_free() when calling from error paths. | doug | 2015-02-25 | 1 | -2/+3 |
* | Fix CVE-2015-0205: Do not accept client authentication with Diffie-Hellman | bcook | 2015-02-25 | 2 | -4/+4 |
* | we don't let strtonum errors bleed through now. | tedu | 2015-02-24 | 1 | -4/+2 |
* | Set errno to EINVAL, instead of letting ERANGE escape out. | tedu | 2015-02-24 | 1 | -2/+4 |
* | fourth batch of perlpod(1) to mdoc(7) conversion | schwarze | 2015-02-23 | 37 | -1276/+2521 |
* | While slick, this isn't accessing multiple directories concurrently, so | guenther | 2015-02-22 | 1 | -29/+35 |
* | Bump libcrypto and libssl majors, due to various recent churn. | jsing | 2015-02-22 | 4 | -4/+4 |
* | Reluctantly add server-side support for TLS_FALLBACK_SCSV. | jsing | 2015-02-22 | 15 | -25/+159 |
* | There is not much point constructing an SSL_CIPHER, then calling | jsing | 2015-02-22 | 2 | -14/+6 |
* | Remove IMPLEMENT_STACK_OF noops. | jsing | 2015-02-22 | 4 | -8/+4 |
* | Update for recent verify related naming changes. | jsing | 2015-02-22 | 2 | -28/+28 |
* | Bump libtls major due to symbol removal. | jsing | 2015-02-22 | 1 | -3/+2 |
* | Rename tls_config_insecure_noverifyhost() to | jsing | 2015-02-22 | 4 | -21/+20 |
* | Check return values when setting dheparams and ecdhecurve for the default | jsing | 2015-02-22 | 1 | -11/+14 |
* | In the interests of being secure by default, make the default TLS ciphers | jsing | 2015-02-22 | 2 | -2/+17 |
* | explain how tls_accept_socket works. | tedu | 2015-02-21 | 1 | -2/+9 |
* | tls_config_set_protocols is really void. Greg Martin. | tedu | 2015-02-21 | 1 | -3/+3 |
* | fill out docs a bit more, notably the read/write again behaviors. | tedu | 2015-02-21 | 1 | -3/+27 |
* | If BN_rand() or BN_pseudo_rand() are called with a NULL rnd argument, | jsing | 2015-02-19 | 2 | -6/+16 |
* | BN_free() has its own NULL check. | jsing | 2015-02-19 | 1 | -14/+7 |
* | KNF. | jsing | 2015-02-19 | 1 | -766/+834 |
* | fix coverity 105350 and 10345 | beck | 2015-02-18 | 1 | -1/+2 |
* | Memory leak in error path. Coverity CID 78822. | miod | 2015-02-17 | 2 | -16/+18 |
* | Amend documentation for AI_ADDRCONFIG | jca | 2015-02-16 | 1 | -2/+4 |
* | third batch of perlpod(1) to mdoc(7) conversion | schwarze | 2015-02-16 | 25 | -1367/+2121 |
* | Add more error checking and free resources in bytestringtest. | doug | 2015-02-16 | 1 | -26/+47 |
* | Avoid calling BN_CTX_end() on a context that wasn't started. | doug | 2015-02-15 | 2 | -8/+8 |
* | Use "In" to mark up include files, instead of wrongly wrapping with Aq. | bentley | 2015-02-15 | 1 | -3/+3 |
* | Regen | miod | 2015-02-15 | 6 | -528/+564 |
* | s/tls_load_keys/tls_load_file/ | jsing | 2015-02-15 | 1 | -2/+2 |
* | Document tls_config_parse_protocols() and update documentation for | jsing | 2015-02-15 | 2 | -5/+27 |
* | Fix various memory leaks by not exiting so abruptly from failed tests. | miod | 2015-02-15 | 1 | -579/+507 |