| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Send the function codes from the error functions to the bit bucket, | beck | 2017-01-29 | 1 | -93/+53 |
| | | | | | | | as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@ | ||||
| * | Expand ASN1_ITEM_rptr and ASN1_ITEM_ptr macros - no change in generated | jsing | 2016-12-30 | 1 | -5/+5 |
| | | | | | assembly. | ||||
| * | internal only negative types should not be handled here. | tedu | 2016-05-04 | 1 | -3/+1 |
| | | | | | CVE-2016-2108 from openssl. | ||||
| * | revert the big change from yesterday to prepare for smaller commits. | tedu | 2016-05-04 | 1 | -1/+3 |
| | | |||||
| * | patch from openssl for multiple issues: | tedu | 2016-05-03 | 1 | -3/+1 |
| | | | | | | | | missing padding check in aesni functions overflow in evp encode functions use of invalid negative asn.1 types ok beck | ||||
| * | move initialization of buf up to quell warnings and make it obvious the err ↵ | beck | 2015-12-12 | 1 | -4/+5 |
| | | | | | | | case is ok. ok bcook@ | ||||
| * | Fix for OpenSSL CVE-2015-3195 | beck | 2015-12-04 | 1 | -3/+8 |
| | | | | | ok djm@ jsing@ | ||||
| * | Check the return value of asn1_enc_save(). ok bcook@ doug@ | miod | 2015-07-20 | 1 | -2/+4 |
| | | |||||
| * | Fix several crash causing defects from OpenSSL. | tedu | 2015-03-19 | 1 | -3/+24 |
| | | | | | | | | | | | | | | These include: CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp CVE-2015-0287 - ASN.1 structure reuse memory corruption CVE-2015-0289 - PKCS7 NULL pointer dereferences Several other issues did not apply or were already fixed. Refer to https://www.openssl.org/news/secadv_20150319.txt joint work with beck, doug, guenther, jsing, miod | ||||
| * | Remove IMPLEMENT_COMPAT_ASN1() and related support code. Nothing uses it in | miod | 2015-02-14 | 1 | -69/+3 |
| | | | | | | | libcrypto/libssl, and nothing seems to use it in the wild, apart from embedded copies of OpenSSL. ok jsing@ | ||||
| * | tags as requested by miod and tedu | deraadt | 2014-06-12 | 1 | -1/+1 |
| | | |||||
| * | no need for null check before free. from Brendan MacDonell | tedu | 2014-05-30 | 1 | -2/+1 |
| | | |||||
| * | i give up. reuse problem is unfixable. dlg says puppet crashes. | tedu | 2014-05-04 | 1 | -8/+4 |
| | | |||||
| * | Replace all use of ERR_add_error_data with ERR_asprintf_error_data. | beck | 2014-04-26 | 1 | -3/+3 |
| | | | | | | | | | This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@ | ||||
| * | another attempt at fixing stale x509 data. since we don't know where the | tedu | 2014-04-19 | 1 | -10/+8 |
| | | | | | | initial storage came from, we can't free it. just memset in the sequence case. probably ok beck | ||||
| * | can't actually do this. cause unknown. | tedu | 2014-04-19 | 1 | -1/+1 |
| | | |||||
| * | guenther would prefer more separation | tedu | 2014-04-18 | 1 | -0/+2 |
| | | |||||
| * | Some dude named Tavis Ormandy reported a bug which has gone unfixed. | tedu | 2014-04-18 | 1 | -0/+5 |
| | | | | | | | | | | | | http://marc.info/?l=openssl-users&m=138014120223264&w=2 Arguably a doc bug, but we argue not. If you parse a new cert into memory occupied by a previously verified cert, the new cert will inherit that state, bypassing future verification checks. To avoid this, we will always start fresh with a new object. grudging ok from guenther, after i threatened to make him read the code yet again. "that ok was way more painful and tiring then it should have been" | ||||
| * | blank lines between decls and code | tedu | 2014-04-18 | 1 | -0/+5 |
| | | |||||
| * | More KNF. | jsing | 2014-04-18 | 1 | -197/+195 |
| | | |||||
| * | lob a few more knf grenades in here to soften things up. | tedu | 2014-04-18 | 1 | -266/+143 |
| | | |||||
| * | putting most of the braces in the right column is the very least we can do. | tedu | 2014-04-18 | 1 | -234/+234 |
| | | |||||
| * | Change library to use intrinsic memory allocation functions instead of | beck | 2014-04-17 | 1 | -2/+2 |
| | | | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free | ||||
| * | openssl-1.0.0e: resolve conflicts | djm | 2011-11-03 | 1 | -2/+1 |
| | | |||||
| * | resolve conflicts, fix local changes | djm | 2010-10-01 | 1 | -10/+14 |
| | | |||||
| * | resolve conflicts | djm | 2009-04-06 | 1 | -11/+33 |
| | | |||||
| * | resolve conflicts | djm | 2009-01-09 | 1 | -1/+1 |
| | | |||||
| * | resolve conflicts | djm | 2008-09-06 | 1 | -380/+679 |
| | | |||||
| * | openssl security fixes, diff from markus@, ok & "commit it" djm@ | pvalchev | 2006-10-04 | 1 | -0/+2 |
| | | | | | http://www.openssl.org/news/secadv_20060928.txt for more | ||||
| * | resolve conflicts | djm | 2006-06-27 | 1 | -11/+67 |
| | | |||||
| * | security fix from http://www.openssl.org/news/secadv_20030930.txt | markus | 2003-09-30 | 1 | -1/+8 |
| | | | | | see also http://cvs.openssl.org/chngview?cn=11471 | ||||
| * | merge 0.9.7b with local changes; crank majors for libssl/libcrypto | markus | 2003-05-12 | 1 | -2/+2 |
| | | |||||
| * | merge with openssl-0.9.7-stable-SNAP-20020911, | markus | 2002-09-14 | 1 | -3/+3 |
| | | | | | | new minor for libcrypto (_X509_REQ_print_ex) tested by miod@, pb@ | ||||
| * | OpenSSL 0.9.7 stable 2002 05 08 merge | beck | 2002-05-15 | 1 | -0/+958 |
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |