| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Nuke the OPENSSL_MAX_TLS1_2_CIPHER_LENGTH hack - this has to be enabled at | jsing | 2015-03-31 | 1 | -11/+1 |
| * | Factor out the init_buf initialisation code, rather than duplicating it | jsing | 2015-03-27 | 1 | -19/+6 |
| * | delay EVP_MD_CTX_init so we don't forget to clean it up. | tedu | 2015-03-11 | 1 | -3/+4 |
| * | Reject DH keys sent by a server if they are considered too small; inspired | miod | 2015-03-08 | 1 | -1/+12 |
| * | Clean up the {get,put}_cipher_by_char() implementations. Also use | jsing | 2015-02-07 | 1 | -7/+5 |
| * | Add additional checks to ssl3_send_client_key_exchange() that ensures | jsing | 2015-02-06 | 1 | -18/+25 |
| * | Bring back the horrible API that is get_cipher_by_char/put_cipher_by_char. | jsing | 2015-02-06 | 1 | -1/+3 |
| * | Ensure that a ServerKeyExchange message is received if the selected cipher | jsing | 2015-01-23 | 1 | -5/+18 |
| * | Add error handling for EVP_DigestInit_ex(). | doug | 2014-12-15 | 1 | -4/+8 |
| * | Convert all of the straight forward client handshake handling code to use | jsing | 2014-12-14 | 1 | -53/+43 |
| * | Remove trailing whitespace. | jsing | 2014-12-14 | 1 | -2/+2 |
| * | unifdef OPENSSL_NO_NEXTPROTONEG, which is one of the last standing #ifndef | jsing | 2014-12-14 | 1 | -9/+1 |
| * | ssl3_init_finished_mac() calls BIO_new() which can fail since it in turn | jsing | 2014-12-10 | 1 | -2/+5 |
| * | Remove support for GOST R 34.10-94 signature authentication, along with | jsing | 2014-12-10 | 1 | -3/+1 |
| * | Remove client handling of RSA in ServerKeyExchange messages, along with | jsing | 2014-12-06 | 1 | -81/+14 |
| * | Ensure that sess_cert is not NULL at the start of | jsing | 2014-11-27 | 1 | -25/+9 |
| * | Fix a memory leak with pkey in client key exchange | doug | 2014-11-19 | 1 | -1/+2 |
| * | Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov. | miod | 2014-11-18 | 1 | -20/+51 |
| * | Sort and group includes. | jsing | 2014-11-16 | 1 | -4/+7 |
| * | Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes(). | jsing | 2014-10-18 | 1 | -7/+4 |
| * | Check that the specified curve is one of the client preferences. | jsing | 2014-09-27 | 1 | -4/+20 |
| * | remove obfuscating parens. man operator is your friend. | tedu | 2014-09-19 | 1 | -6/+6 |
| * | Remove SSL_kDHr, SSL_kDHd and SSL_aDH. No supported ciphersuites use them, | jsing | 2014-09-07 | 1 | -16/+3 |
| * | Replace the remaining ssl3_get_cipher_by_char() calls with n2s() and | jsing | 2014-08-23 | 1 | -7/+15 |
| * | Currently, ssl3_put_char_by_bytes(NULL, NULL) is just a long handed way | jsing | 2014-08-11 | 1 | -2/+2 |
| * | Since we no longer need to support SSLv2-style cipher lists, start | jsing | 2014-08-10 | 1 | -7/+5 |
| * | merge CVE-2014-3510; Fix DTLS anonymous EC(DH) denial of service | deraadt | 2014-08-07 | 1 | -1/+9 |
| * | Missing bounds check in ssl3_get_certificate_request(), was not spotted in | miod | 2014-07-17 | 1 | -1/+6 |
| * | The correct name for EDH is DHE, likewise EECDH should be ECDHE. | jsing | 2014-07-12 | 1 | -6/+6 |
| * | remove double brackets. fixes build with clang. | jsg | 2014-07-12 | 1 | -2/+2 |
| * | Remove extra parenthesis. | jsing | 2014-07-12 | 1 | -2/+2 |
| * | need_cert is now always true, so remove the variable and associated | jsing | 2014-07-12 | 1 | -33/+21 |
| * | Remove remnants from PSK, KRB5 and SRP. | jsing | 2014-07-12 | 1 | -18/+7 |
| * | As reported by David Ramos, most consumer of ssl_get_message() perform late | miod | 2014-07-11 | 1 | -11/+74 |
| * | If the application uses tls_session_secret_cb for session resumption, set | miod | 2014-07-11 | 1 | -2/+3 |
| * | Accept CCS again after `finished' has been sent by the client; at this point | miod | 2014-07-11 | 1 | -5/+6 |
| * | Remove the PSK code. We don't need to drag around this | beck | 2014-07-11 | 1 | -136/+1 |
| * | decompress libssl. ok beck jsing | tedu | 2014-07-10 | 1 | -70/+2 |
| * | tedu the SSL export cipher handling - since we do not have enabled export | jsing | 2014-07-09 | 1 | -31/+1 |
| * | always compare memcmp against 0, for clarity. | tedu | 2014-06-21 | 1 | -2/+2 |
| * | convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoring | tedu | 2014-06-19 | 1 | -3/+3 |
| * | tags as requested by miod and tedu | deraadt | 2014-06-12 | 1 | -1/+1 |
| * | Stop setting the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW - it has been ignored since | jsing | 2014-06-11 | 1 | -2/+0 |
| * | http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2016265dfbab162ec... | deraadt | 2014-06-07 | 1 | -3/+1 |
| * | The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have | jsing | 2014-06-07 | 1 | -13/+8 |
| * | Ensure that sess_cert is not NULL before trying to use it. | jsing | 2014-06-05 | 1 | -0/+8 |
| * | ssl_sess_cert_new() can return NULL. Fix two cases where the return value | jsing | 2014-06-05 | 1 | -13/+12 |
| * | Be selective as to when ChangeCipherSpec messages will be accepted. | jsing | 2014-06-05 | 1 | -1/+2 |
| * | More KNF. | jsing | 2014-06-05 | 1 | -49/+32 |
| * | without overthinking it, replace a few memcmp calls with CRYPTO_memcmp | tedu | 2014-06-04 | 1 | -2/+2 |
