| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Remove support for fixed ECDH cipher suites - these is not widely supported | jsing | 2016-10-19 | 1 | -6/+4 |
| * | Check for and handle failure of HMAC_{Update,Final} or EVP_DecryptUpdate() | guenther | 2016-10-02 | 1 | -5/+11 |
| * | Detect zero-length encrypted session data early, instead of when malloc(0) | guenther | 2016-10-02 | 1 | -2/+2 |
| * | Avoid unbounded memory growth, which can be triggered by a client | jsing | 2016-09-22 | 1 | -9/+20 |
| * | Improve ticket validity checking when tlsext_ticket_key_cb() callback | guenther | 2016-09-22 | 1 | -4/+25 |
| * | Be more strict when parsing TLS extensions. | jsing | 2016-08-27 | 1 | -17/+37 |
| * | deprecate internal use of EVP_[Cipher|Encrypt|Decrypt]_Final. | beck | 2016-05-30 | 1 | -2/+2 |
| * | http -> https for a few more IETF URLs in comments or man pages | mmcc | 2016-03-10 | 1 | -2/+2 |
| * | Remove most of the SSLv3 version checks and a few TLS v1.0. | doug | 2015-09-12 | 1 | -11/+2 |
| * | Remove the ssl_prepare_{client,server}hello_tlsext() functions, which are | jsing | 2015-09-01 | 1 | -13/+1 |
| * | Properly handle missing TLS extensions in client hello as a non-failure. | bcook | 2015-08-19 | 1 | -1/+3 |
| * | Convert tls1_process_ticket to CBS. | doug | 2015-07-24 | 1 | -28/+36 |
| * | Convert tls1_process_sigalgs to CBS. | doug | 2015-07-24 | 1 | -5/+14 |
| * | Allow *_free() functions in libssl to handle NULL input. | doug | 2015-07-19 | 1 | -1/+4 |
| * | Remove compat hack that disabled ECDHE-ECDSA on OS X. | doug | 2015-07-17 | 1 | -85/+1 |
| * | Convert tls1_alpn_handle_client_hello() to CBS. | doug | 2015-06-19 | 1 | -20/+14 |
| * | Convert ssl_next_proto_validate to CBS. | doug | 2015-06-17 | 1 | -11/+12 |
| * | Convert tls1_check_curve to CBS. | doug | 2015-06-17 | 1 | -4/+10 |
| * | Fix a minor information leak that was introduced in t1_lib.c r1.71, whereby | jsing | 2015-03-02 | 1 | -2/+2 |
| * | unifdef OPENSSL_NO_NEXTPROTONEG, which is one of the last standing #ifndef | jsing | 2014-12-14 | 1 | -17/+1 |
| * | Remove support for GOST R 34.10-94 signature authentication, along with | jsing | 2014-12-10 | 1 | -4/+1 |
| * | Add support for ALPN. | jsing | 2014-12-10 | 1 | -3/+152 |
| * | Use appropriate internal types for EC curves and formats, rather than | jsing | 2014-12-06 | 1 | -103/+115 |
| * | Ensure that the client specified EC curve list length is a multiple of two. | jsing | 2014-12-06 | 1 | -2/+3 |
| * | Fix two cases where it is possible to read one or two bytes past the end of | jsing | 2014-12-06 | 1 | -3/+15 |
| * | Add brainpool curves to eccurves_default[], accidentally missing from 1.32; | miod | 2014-12-02 | 1 | -2/+5 |
| * | Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov. | miod | 2014-11-18 | 1 | -3/+36 |
| * | only call SRTP (whatever that is) functions when the connection type is | tedu | 2014-11-03 | 1 | -5/+5 |
| * | Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes(). | jsing | 2014-10-18 | 1 | -2/+1 |
| * | Only require an EC public key in tls1_set_ec_id(), if we need to provide | jsing | 2014-10-15 | 1 | -4/+4 |
| * | Use more specific curves/formats naming for local variables in | jsing | 2014-10-05 | 1 | -30/+28 |
| * | Use tls1_get_curvelist() in ssl_add_clienthello_tlsext(), rather than | jsing | 2014-10-05 | 1 | -11/+2 |
| * | Make tls1_get_formatlist() behave the same as tls1_get_curvelist() and | jsing | 2014-10-05 | 1 | -21/+29 |
| * | Add support for automatic ephemeral EC keys. | jsing | 2014-10-03 | 1 | -3/+38 |
| * | Clean up EC cipher handling in ssl3_choose_cipher(). | jsing | 2014-09-30 | 1 | -3/+132 |
| * | Check that the specified curve is one of the client preferences. | jsing | 2014-09-27 | 1 | -1/+44 |
| * | Now that we have a static version of the default EC formats, also use it | jsing | 2014-09-26 | 1 | -47/+44 |
| * | Refactor and simplify the ECC extension handling. The existing code | jsing | 2014-09-22 | 1 | -101/+97 |
| * | Move the TLS padding extension under an SSL_OP_TLSEXT_PADDING option, which | jsing | 2014-09-21 | 1 | -8/+13 |
| * | Correct test reversed during merge of fix for CVE-2014-3509 | guenther | 2014-08-07 | 1 | -2/+2 |
| * | merge fix for CVE-2014-3509 -- basically a missing s->hit check; ok guenther | deraadt | 2014-08-06 | 1 | -9/+13 |
| * | Expand the tlsext_sigalg macros. The end result is about the same number | jsing | 2014-07-13 | 1 | -16/+19 |
| * | The bell tolls for BUF_strdup - Start the migration to using | beck | 2014-07-13 | 1 | -2/+3 |
| * | The correct name for EDH is DHE, likewise EECDH should be ECDHE. | jsing | 2014-07-12 | 1 | -4/+4 |
| * | remove unused, private version strings except SSL_version_str | bcook | 2014-07-09 | 1 | -3/+1 |
| * | convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoring | tedu | 2014-06-19 | 1 | -3/+3 |
| * | Make sure to always invoke EVP_CIPHER_CTX_cleanup() before returning in the | miod | 2014-06-18 | 1 | -4/+10 |
| * | Remove support for the `opaque PRF input' extension, which draft has expired | miod | 2014-06-13 | 1 | -213/+1 |
| * | tags as requested by miod and tedu | deraadt | 2014-06-12 | 1 | -1/+1 |
| * | Sanitize use of client_opaque_prf_input: set it to NULL immediately after | miod | 2014-06-04 | 1 | -18/+22 |
