| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | Avoid a potential out-of-bounds read in X509_cmp_time(), due to missing | jsing | 2015-06-11 | 1 | -4/+27 | |
| | | | | | | | | | | | length checks. Diff based on changes in OpenSSL. Fixes CVE-2015-1789. ok doug@ | |||||
| * | Remove all getenv() calls, especially those wrapped by issetugid(). | deraadt | 2015-04-11 | 1 | -7/+1 | |
| | | | | | | | | | | getenv()'s wrapped by issetugid() are safe, but issetugid() is correct difficult to impliment on many operating systems. By accident, a grand experiment was run over the last year, where issetugid() returned 1 (the safe value) on a few operating systems. Noone noticed & complained that certain environment variables were not working....... ok doug beck jsing, discussion with others | |||||
| * | More unifdef OPENSSL_NO_RFC3779 that got missed last time around. | jsing | 2015-02-11 | 1 | -11/+1 | |
| | | | | | Spotted by beck@ | |||||
| * | The IMPLEMENT_STACK_OF and IMPLEMENT_ASN1_SET_OF macros were turned into | jsing | 2015-02-10 | 1 | -9/+1 | |
| | | | | | | noops around 15 years ago. Remove multiple occurances of both that still exist in the code today. | |||||
| * | check_cert(): be sure to reset ctx->current_crl to NULL before freeing it. | miod | 2014-09-29 | 1 | -10/+5 | |
| | | | | | | | | | | X509_STORE_CTX_init(): do not free the X509_STORE_CTX * parameter upon failure, for we did not allocate it and it might not come from the heap, such as in check_crl_path() in this very same file where X509_STORE_CTX_init() gets invoked with a stack address. ok bcook@ | |||||
| * | Free sktmp when it's no longer needed. By doing so, we fix a bunch of memory ↵ | logan | 2014-07-17 | 1 | -2/+4 | |
| | | | | | | | | | leaks. From miod@ OK from miod@ and guenther@ | |||||
| * | jsing and I are investigating removal of all? most? 'getenv from library' | deraadt | 2014-07-12 | 1 | -1/+3 | |
| | | | | | | | | instances. This one for OPENSSL_ALLOW_PROXY_CERTS gets turned off first, especially since it had this special comment: /* A hack to keep people who don't want to modify their software happy */ ok beck jsing | |||||
| * | Principle of least surprise: make CMAC_CTX_free(), OCSP_REQ_CTX_free() and | miod | 2014-07-12 | 1 | -1/+4 | |
| | | | | | | X509_STORE_CTX_free() accept NULL pointers as input without dereferencing them, like all the other well-behaved *_CTX_free() functions do. | |||||
| * | When looking for the issuer of a certificate, if the current candidate is | miod | 2014-07-11 | 1 | -8/+20 | |
| | | | | | | | | expired or not valid yet, continue looking; only return an expired certificate if no valid certificates have been found. OpenSSL PR #3359 via OpenSSL trunk. | |||||
| * | Only import cryptlib.h in the four source files that actually need it. | jsing | 2014-07-11 | 1 | -6/+6 | |
| | | | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@ | |||||
| * | Explicitly include <openssl/opensslconf.h> in every file that references | jsing | 2014-07-10 | 1 | -1/+3 | |
| | | | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers. | |||||
| * | Stop including standard headers via cryptlib.h - pull in the headers that | jsing | 2014-07-10 | 1 | -2/+4 | |
| | | | | | | | are needed in the source files that actually require them. ok beck@ miod@ | |||||
| * | remove unused, private version strings except SSL_version_str | bcook | 2014-07-09 | 1 | -3/+1 | |
| | | | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@ | |||||
| * | wrap getenv OPENSSL_ALLOW_PROXY_CERTS in an issetugid check, to protect | deraadt | 2014-06-20 | 1 | -2/+2 | |
| | | | | | | setuid applications from being fooled. ok miod | |||||
| * | check stack push return and make some effort to clean up. ok beck miod | tedu | 2014-06-19 | 1 | -2/+6 | |
| | | ||||||
| * | tags as requested by miod and tedu | deraadt | 2014-06-12 | 1 | -1/+1 | |
| | | ||||||
| * | calloc instead of malloc/memset. from Benjamin Baier | tedu | 2014-05-25 | 1 | -2/+1 | |
| | | ||||||
| * | KNF. | jsing | 2014-04-20 | 1 | -418/+554 | |
| | | ||||||
| * | blunt force knf | tedu | 2014-04-18 | 1 | -538/+372 | |
| | | ||||||
| * | Change library to use intrinsic memory allocation functions instead of | beck | 2014-04-17 | 1 | -3/+3 | |
| | | | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free | |||||
| * | correct cases of code occuring directly after goto/break/return | jsg | 2014-04-15 | 1 | -1/+0 | |
| | | | | | ok miod@ guenther@ | |||||
| * | Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery. | miod | 2014-04-13 | 1 | -5/+15 | |
| | | ||||||
| * | resolve conflicts | djm | 2012-10-13 | 1 | -5/+0 | |
| | | ||||||
| * | OpenSSL 1.0.0f: merge | djm | 2012-01-05 | 1 | -1/+1 | |
| | | ||||||
| * | openssl-1.0.0e: resolve conflicts | djm | 2011-11-03 | 1 | -1/+5 | |
| | | ||||||
| * | resolve conflicts, fix local changes | djm | 2010-10-01 | 1 | -144/+807 | |
| | | ||||||
| * | update to openssl-0.9.8i; tested by several, especially krw@ | djm | 2009-01-05 | 1 | -4/+8 | |
| | | ||||||
| * | resolve conflicts | djm | 2008-09-06 | 1 | -133/+348 | |
| | | ||||||
| * | resolve conflicts | djm | 2006-06-27 | 1 | -1/+1 | |
| | | ||||||
| * | resolve conflicts | djm | 2005-04-29 | 1 | -13/+118 | |
| | | ||||||
| * | update missing pieces from 0.9.7d; ok henning | markus | 2004-04-25 | 1 | -7/+48 | |
| | | | | | crank minor for API extensions | |||||
| * | backout for now | markus | 2004-04-08 | 1 | -48/+7 | |
| | | ||||||
| * | merge 0.9.7d | markus | 2004-04-08 | 1 | -7/+48 | |
| | | ||||||
| * | merge 0.9.7c; minor bugsfixes; | markus | 2003-11-11 | 1 | -2/+2 | |
| | | | | | | API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto] | |||||
| * | security fix from http://www.openssl.org/news/secadv_20030930.txt | markus | 2003-09-30 | 1 | -1/+1 | |
| | | | | | see also http://cvs.openssl.org/chngview?cn=11471 | |||||
| * | merge 0.9.7b with local changes; crank majors for libssl/libcrypto | markus | 2003-05-12 | 1 | -1/+1 | |
| | | ||||||
| * | OpenSSL 0.9.7 stable 2002 05 08 merge | beck | 2002-05-15 | 1 | -40/+307 | |
| | | ||||||
| * | openssl-engine-0.9.6 merge | beck | 2000-12-15 | 1 | -193/+298 | |
| | | ||||||
| * | OpenSSL 0.9.5a merge | beck | 2000-04-15 | 1 | -6/+16 | |
| | | ||||||
| * | OpenSSL 0.9.5 merge | beck | 2000-03-19 | 1 | -20/+186 | |
| | | | | | | | *warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs | |||||
| * | OpenSSL 0.9.4 merge | beck | 1999-09-29 | 1 | -143/+78 | |
| | | ||||||
| * | Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build | ryker | 1998-10-05 | 1 | -0/+704 | |
| functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible. | ||||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |