| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
compression associated with the SSL session. Based on one of Adam Langley's
chromium diffs, factor out the compression handling code into a separate
ssl_cipher_get_comp() function.
Rewrite the compression handling code to avoid pointless duplication and so
that failures are actually returned to and detectable by the caller.
ok miod@
|
| |
|
|
|
|
|
|
| |
readable and one less layer of abstraction. Use C99 initialisers for
clarity, grepability and to protect from future field reordering/removal.
ok miod@ (tedu@ also thought it was a wonderful idea, beck@ also agreed,
but ran away squealing since it reminded him of the VOP layer...)
|
| |
|
|
|
|
|
|
|
| |
empty define) and an OPENSSL_EXTERN (which is defined as, well... extern).
The use of OPENSSL_EXTERN is already inconsistent since the lines above
and below just use plain old "extern". Expand the two uses of these macros
and stop including e_os2.h in libssl.
ok miod@
|
| |
|
|
|
|
|
|
|
|
| |
actually needs it. Instead, just include it in the files where it is
actually necessary.
Also remove standard includes from pqueue.h so that they are not available
as a side effect. Just add the two includes that are needed to pqueue.c.
ok miod@
|
| |
|
|
|
|
|
|
|
| |
inclusion in <ssl/dtls1.h> by the benign
`struct _pqueue; typedef struct _pqueue *pqueue;'.
Note that said dtls1.h should probably be considered a private header as well...
ok beck@
|
| | |
|
| |
|
|
| |
redefine OPENSSL_EXTERN from `extern' to `extern'.
|
| |
|
|
|
|
|
|
| |
``debug'' code from a 15+ years old bugfix and the SSL_OP_PKCS1_CHECK_*
constants have had a value of zero since ages. No production code should use
them.
ok beck@
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
a better malloc. ok beck deraadt
|
| |
|
|
|
|
|
|
|
| |
the SSLv23_* client code. The server continues to accept it. It
also kills the bits for SSL2 SESSIONs; even when the server gets
an SSLv2-style compat handshake, the session that it creates has
the correct version internally.
ok tedu@ beck@
|
| |
|
|
|
|
|
| |
readable. This pass is whitespace only and can readily be verified using
tr and md5.
There is still a huge amount of inconsistency within these headers.
|
| | |
|
| | |
|
| |
|
|
| |
ok miod@, deraadt@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
CVE-2013-4353 NULL pointer dereference with crafted Next Protocol
Negotiation record in TLS handshake.
Upstream: 197e0ea
CVE-2013-6449 Fix crash with crafted traffic from a TLS 1.2 client.
Upstream: ca98926, 0294b2b
CVE-2013-6450 Fix DTLS retransmission from previous session.
Upstream: 3462896
|
| |
|
|
|
| |
from the openssl git (changes between openssl 1.0.1c and 1.0.1d).
ok djm@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
new minor for libcrypto (_X509_REQ_print_ex)
tested by miod@, pb@
|
| | |
|
| | |
|
| |
|
|
| |
http://marc.theaimsgroup.com/?l=openssl-dev&m=102802395104110&w=2
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
| | |
|
|
|
functionality for shared libs.
Note that routines such as sslv2_init and friends that use RSA will
not work due to lack of RSA in this library.
Needs documentation and help from ports for easy upgrade to full
functionality where legally possible.
|
