summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_pkt.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* release buffers fix was lost in merge. put it back.tedu2014-04-191-1/+2
|
* More KNF and style consistency tweaksguenther2014-04-191-2/+2
|
* Finish zapping SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION usage; only keepguenther2014-04-181-2/+1
| | | | | | | the #define for compat, but document that it's a no-op now. Also, neuter the -legacy_renegotiation option to "openssl s_{client,server}" ok beck@
* whack a bunch of disabled code. ok beck lteotedu2014-04-171-14/+0
|
* Mostly gut e_os.h:deraadt2014-04-171-1/+0
| | | | | | | | USE_SOCKETS is unrelated to using sockets, but just pulls in .h files. It makes every file buy a kitchen sink, because 11 files forgot to. EXIT() is really exit(), a gentle surprise but... OPENSSL_EXIT() is really just return(), because noone compiles the openssl command non-monolithic anymore
* Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversionsbeck2014-04-151-1/+1
| | | | | where the return value is ignored changing to (void) snprintf. ok deraadt@
* make OPENSSL_NO_HEARTBLEED the default and only option. ok deraadt miodtedu2014-04-141-13/+0
|
* First pass at applying KNF to the OpenSSL code, which almost makes itjsing2014-04-141-661/+562
| | | | | readable. This pass is whitespace only and can readily be verified using tr and md5.
* Do not include "e_os.h" anymore. Simply pull in the necessary headers.mpi2014-04-131-2/+2
| | | | ok miod@, deraadt@
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-131-5/+6
|
* Piotr Sikora pointed me at a more refined diff for the buffer releasetedu2014-04-101-0/+2
| | | | | | issue. Apply that version. Maybe someday upstream will wake up and then we can have the same code. https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest
* don't release the read buffer if we're not done reading from it.tedu2014-04-101-2/+0
| | | | ok benno deraadt
* SECURITY fixes backported from openssl-1.0.1f. ok mikeb@jca2014-02-271-1/+7
| | | | | | | | | | | | CVE-2013-4353 NULL pointer dereference with crafted Next Protocol Negotiation record in TLS handshake. Upstream: 197e0ea CVE-2013-6449 Fix crash with crafted traffic from a TLS 1.2 client. Upstream: ca98926, 0294b2b CVE-2013-6450 Fix DTLS retransmission from previous session. Upstream: 3462896
* cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txtmarkus2013-02-141-47/+51
| | | | | from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
* resolve conflictsdjm2012-10-131-9/+68
|
* openssl-1.0.0e: resolve conflictsdjm2011-11-031-2/+4
|
* resolve conflicts, fix local changesdjm2010-10-011-77/+206
|
* Security fix for CVE-2010-0740jasper2010-04-141-3/+4
| | | | | | | | | "In TLS connections, certain incorrectly formatted records can cause an OpenSSL client or server to crash due to a read attempt at NULL." http://openssl.org/news/secadv_20100324.txt ok deraadt@ djm@ sthen@
* pull Ben Lauries blind prefix injection fix for CVE-2009-3555 frommarkus2009-11-101-1/+3
| | | | openssl 0.9.8l; crank minor version; ok djm@ deraadt@; initially from jsg@
* resolve conflictsdjm2009-01-091-1/+8
|
* update to openssl-0.9.8i; tested by several, especially krw@djm2009-01-051-0/+7
|
* resolve conflictsdjm2008-09-061-24/+25
|
* resolve conflictsdjm2005-04-291-6/+6
|
* avoid null-pointer deref (aka CAN-2004-0079)markus2004-03-171-0/+8
| | | | see http://www.openssl.org/news/secadv_20040317.txt
* security fix from openssl 0.9.7a:markus2003-02-191-16/+31
| | | | | | | | In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked via timing by performing a MAC computation even if incorrrect block cipher padding has been found. This is a countermeasure against active attacks where the attacker has to distinguish between bad padding and a MAC verification error. (CAN-2003-0078)
* merge openssl-0.9.7-beta3, tested on vax by miod@markus2002-09-101-1/+1
|
* OpenSSL 0.9.7 stable 2002 05 08 mergebeck2002-05-151-49/+132
|
* openssl-engine-0.9.6a mergebeck2001-06-221-9/+15
|
* openssl-engine-0.9.6 mergebeck2000-12-151-25/+29
|
* OpenSSL 0.9.5 mergebeck2000-03-191-304/+457
| | | | | | *warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
* OpenSSL 0.9.4 mergebeck1999-09-291-90/+70
|
* Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD buildryker1998-10-051-0/+1061
functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 10:05:30 +0000