summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* deprecate SSL_OP_SINGLE_DH_USElibressl-v2.1.10OPENBSD_5_7beck2016-01-272-37/+6
* Fix for OpenSSL CVE-2015-3195libressl-v2.1.9beck2015-12-041-3/+8
* patch for OpenSSL CVE-2015-3194beck2015-12-041-2/+2
* pull up fixes for leak and overrunlibressl-v2.1.8tedu2015-10-151-6/+4
* MFC: Fix several defects from OpenSSL.libressl-v2.1.7jsing2015-06-113-9/+37
* Fix several crash causing defects from OpenSSL.libressl-v2.1.6tedu2015-03-1913-65/+166
* This commit was manufactured by cvs2git to create branch 'OPENBSD_5_7'.libressl-v2.1.5cvs2svn2015-03-081183-376689/+0
* Reject DH keys sent by a server if they are considered too small; inspiredmiod2015-03-083-40/+28
* Do not use sha512-parisc for now, as it is subtly bugged - passes the shamiod2015-03-052-2/+6
* subtraction is not comparison. the difference of two longs is not goodtedu2015-03-051-1/+1
* Update comment to match code; Caspar Schutijserlibressl-v2.1.4millert2015-03-021-2/+2
* Fix a minor information leak that was introduced in t1_lib.c r1.71, wherebyjsing2015-03-022-4/+4
* use correct formatter (int, because of type promotion after operations)bcook2015-03-021-2/+2
* Reduce usage of predefined strings in manpages.bentley2015-02-281-7/+7
* Prefix function parameter names with underscores in tls.h, since this makesjsing2015-02-261-42/+44
* No need to use O_DIRECTORY when opening ".", O_RDONLY will suffice.millert2015-02-251-1/+1
* Fix CVE-2014-3570: properly calculate the square of a BIGNUM value.bcook2015-02-257-1331/+672
* Trivial fix for test progress output.bcook2015-02-251-4/+7
* Avoid NULL pointer deref in hashinfo_free() when calling from error paths.doug2015-02-251-2/+3
* Fix CVE-2015-0205: Do not accept client authentication with Diffie-Hellmanbcook2015-02-252-4/+4
* we don't let strtonum errors bleed through now.tedu2015-02-241-4/+2
* Set errno to EINVAL, instead of letting ERANGE escape out.tedu2015-02-241-2/+4
* fourth batch of perlpod(1) to mdoc(7) conversionschwarze2015-02-2337-1276/+2521
* While slick, this isn't accessing multiple directories concurrently, soguenther2015-02-221-29/+35
* Bump libcrypto and libssl majors, due to various recent churn.jsing2015-02-224-4/+4
* Reluctantly add server-side support for TLS_FALLBACK_SCSV.jsing2015-02-2215-25/+159
* There is not much point constructing an SSL_CIPHER, then callingjsing2015-02-222-14/+6
* Remove IMPLEMENT_STACK_OF noops.jsing2015-02-224-8/+4
* Update for recent verify related naming changes.jsing2015-02-222-28/+28
* Bump libtls major due to symbol removal.jsing2015-02-221-3/+2
* Rename tls_config_insecure_noverifyhost() tojsing2015-02-224-21/+20
* Check return values when setting dheparams and ecdhecurve for the defaultjsing2015-02-221-11/+14
* In the interests of being secure by default, make the default TLS ciphersjsing2015-02-222-2/+17
* explain how tls_accept_socket works.tedu2015-02-211-2/+9
* tls_config_set_protocols is really void. Greg Martin.tedu2015-02-211-3/+3
* fill out docs a bit more, notably the read/write again behaviors.tedu2015-02-211-3/+27
* If BN_rand() or BN_pseudo_rand() are called with a NULL rnd argument,jsing2015-02-192-6/+16
* BN_free() has its own NULL check.jsing2015-02-191-14/+7
* KNF.jsing2015-02-191-766/+834
* fix coverity 105350 and 10345beck2015-02-181-1/+2
* Memory leak in error path. Coverity CID 78822.miod2015-02-172-16/+18
* Amend documentation for AI_ADDRCONFIGjca2015-02-161-2/+4
* third batch of perlpod(1) to mdoc(7) conversionschwarze2015-02-1625-1367/+2121
* Add more error checking and free resources in bytestringtest.doug2015-02-161-26/+47
* Avoid calling BN_CTX_end() on a context that wasn't started.doug2015-02-152-8/+8
* Use "In" to mark up include files, instead of wrongly wrapping with Aq.bentley2015-02-151-3/+3
* Regenmiod2015-02-156-528/+564
* s/tls_load_keys/tls_load_file/jsing2015-02-151-2/+2
* Document tls_config_parse_protocols() and update documentation forjsing2015-02-152-5/+27
* Fix various memory leaks by not exiting so abruptly from failed tests.miod2015-02-151-579/+507