| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | This commit was manufactured by cvs2git to create tag 'OPENBSD_5_8_BASE'.OPENBSD_5_8_BASE | cvs2svn | 2015-08-02 | 1 | -2669/+0 |
| * | Add linker warnings in case SSLv3_{,client,server}_method are referenced. | miod | 2015-07-29 | 1 | -1/+7 |
| * | Convert ssl3_get_certificate_request to CBS. | doug | 2015-07-19 | 1 | -31/+33 |
| * | check n before cbs_init, coverity - ID 125063 | beck | 2015-07-15 | 1 | -3/+9 |
| * | test for n<0 before use in CBS_init - mostly to shut up coverity. | beck | 2015-07-15 | 1 | -5/+16 |
| * | Flense out dead code, we don't do ecdhe_clnt_cert. | beck | 2015-07-15 | 1 | -98/+40 |
| * | Convert ssl3_get_cert_status to CBS. | doug | 2015-07-14 | 1 | -17/+26 |
| * | Convert ssl3_get_server_certificate to CBS. | doug | 2015-07-14 | 1 | -17/+18 |
| * | Stop using BUF_memdup() within the LibreSSL code base - it is correctly | jsing | 2015-06-24 | 1 | -3/+3 |
| * | Convert ssl3_get_new_session_ticket to CBS. | doug | 2015-06-20 | 1 | -24/+24 |
| * | Remove ancient SSL_OP_NETSCAPE_CA_DN_BUG from SSLeay days. | doug | 2015-06-15 | 1 | -18/+6 |
| * | Nuke the OPENSSL_MAX_TLS1_2_CIPHER_LENGTH hack - this has to be enabled at | jsing | 2015-03-31 | 1 | -11/+1 |
| * | Factor out the init_buf initialisation code, rather than duplicating it | jsing | 2015-03-27 | 1 | -19/+6 |
| * | delay EVP_MD_CTX_init so we don't forget to clean it up. | tedu | 2015-03-11 | 1 | -3/+4 |
| * | Reject DH keys sent by a server if they are considered too small; inspired | miod | 2015-03-08 | 1 | -1/+12 |
| * | Clean up the {get,put}_cipher_by_char() implementations. Also use | jsing | 2015-02-07 | 1 | -7/+5 |
| * | Add additional checks to ssl3_send_client_key_exchange() that ensures | jsing | 2015-02-06 | 1 | -18/+25 |
| * | Bring back the horrible API that is get_cipher_by_char/put_cipher_by_char. | jsing | 2015-02-06 | 1 | -1/+3 |
| * | Ensure that a ServerKeyExchange message is received if the selected cipher | jsing | 2015-01-23 | 1 | -5/+18 |
| * | Add error handling for EVP_DigestInit_ex(). | doug | 2014-12-15 | 1 | -4/+8 |
| * | Convert all of the straight forward client handshake handling code to use | jsing | 2014-12-14 | 1 | -53/+43 |
| * | Remove trailing whitespace. | jsing | 2014-12-14 | 1 | -2/+2 |
| * | unifdef OPENSSL_NO_NEXTPROTONEG, which is one of the last standing #ifndef | jsing | 2014-12-14 | 1 | -9/+1 |
| * | ssl3_init_finished_mac() calls BIO_new() which can fail since it in turn | jsing | 2014-12-10 | 1 | -2/+5 |
| * | Remove support for GOST R 34.10-94 signature authentication, along with | jsing | 2014-12-10 | 1 | -3/+1 |
| * | Remove client handling of RSA in ServerKeyExchange messages, along with | jsing | 2014-12-06 | 1 | -81/+14 |
| * | Ensure that sess_cert is not NULL at the start of | jsing | 2014-11-27 | 1 | -25/+9 |
| * | Fix a memory leak with pkey in client key exchange | doug | 2014-11-19 | 1 | -1/+2 |
| * | Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov. | miod | 2014-11-18 | 1 | -20/+51 |
| * | Sort and group includes. | jsing | 2014-11-16 | 1 | -4/+7 |
| * | Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes(). | jsing | 2014-10-18 | 1 | -7/+4 |
| * | Check that the specified curve is one of the client preferences. | jsing | 2014-09-27 | 1 | -4/+20 |
| * | remove obfuscating parens. man operator is your friend. | tedu | 2014-09-19 | 1 | -6/+6 |
| * | Remove SSL_kDHr, SSL_kDHd and SSL_aDH. No supported ciphersuites use them, | jsing | 2014-09-07 | 1 | -16/+3 |
| * | Replace the remaining ssl3_get_cipher_by_char() calls with n2s() and | jsing | 2014-08-23 | 1 | -7/+15 |
| * | Currently, ssl3_put_char_by_bytes(NULL, NULL) is just a long handed way | jsing | 2014-08-11 | 1 | -2/+2 |
| * | Since we no longer need to support SSLv2-style cipher lists, start | jsing | 2014-08-10 | 1 | -7/+5 |
| * | merge CVE-2014-3510; Fix DTLS anonymous EC(DH) denial of service | deraadt | 2014-08-07 | 1 | -1/+9 |
| * | Missing bounds check in ssl3_get_certificate_request(), was not spotted in | miod | 2014-07-17 | 1 | -1/+6 |
| * | The correct name for EDH is DHE, likewise EECDH should be ECDHE. | jsing | 2014-07-12 | 1 | -6/+6 |
| * | remove double brackets. fixes build with clang. | jsg | 2014-07-12 | 1 | -2/+2 |
| * | Remove extra parenthesis. | jsing | 2014-07-12 | 1 | -2/+2 |
| * | need_cert is now always true, so remove the variable and associated | jsing | 2014-07-12 | 1 | -33/+21 |
| * | Remove remnants from PSK, KRB5 and SRP. | jsing | 2014-07-12 | 1 | -18/+7 |
| * | As reported by David Ramos, most consumer of ssl_get_message() perform late | miod | 2014-07-11 | 1 | -11/+74 |
| * | If the application uses tls_session_secret_cb for session resumption, set | miod | 2014-07-11 | 1 | -2/+3 |
| * | Accept CCS again after `finished' has been sent by the client; at this point | miod | 2014-07-11 | 1 | -5/+6 |
| * | Remove the PSK code. We don't need to drag around this | beck | 2014-07-11 | 1 | -136/+1 |
| * | decompress libssl. ok beck jsing | tedu | 2014-07-10 | 1 | -70/+2 |
| * | tedu the SSL export cipher handling - since we do not have enabled export | jsing | 2014-07-09 | 1 | -31/+1 |
