openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Security fix for CVE-2010-0740OPENBSD_4_5	jasper	2010-03-31	1	-3/+4
\| \| \| \| \| \| \| \| \|	"In TLS connections, certain incorrectly formatted records can cause an OpenSSL client or server to crash due to a read attempt at NULL." http://openssl.org/news/secadv_20100324.txt ok djm@ sthen@
*	MFC, original commit by djm@:	jasper	2010-03-12	4	-8/+11
\| \| \| \| \| \| \| \| \| \| \| \|	--------------------------- cherrypick patch from OpenSSL 0.9.8m: *) Always check bn_wexpend() return values for failure. (CVE-2009-3245) [Martin Olsson, Neel Mehta] --------------------------- ok sthen@
*	Pull Ben Lauries blind prefix injection fix for CVE-2009-3555 from	sthen	2009-11-17	4	-1/+16
\| \| \| \| \| \| \| \| \|	openssl 0.9.8l. As suggested by markus@, for -stable the header change is being restricted to a private file, so the minor version is not cranked here. Discussed with markus, djm, deraadt.
*	MFC: fixes for OpenSSL ASN.1 invalid memory accesses (CVE-2009-0590 and	djm	2009-04-08	3	-2/+16
\| \| \| \|	CVE-2009-0789).
*	This commit was manufactured by cvs2git to create branch 'OPENBSD_4_5'.	cvs2svn	2009-02-18	95	-38269/+0
\|
*	missing ssl_sock_init() call in init_client() (used by	djm	2009-01-30	1	-3/+10
\| \| \| \|	"openssl s_client"), fix an unlikely memory leak
*	remove some gratuitous changes that do nothing other than inrease	djm	2009-01-30	1	-2/+1
\| \| \| \|	the size of the diff against openssl mainline
*	convert a strdup (into a purpose-allocated buffer) in libcrypto to a	djm	2009-01-12	1	-2/+3
\| \| \| \|	memcpy to avoid linker deprecation warnings; pointed out by dkrause@
*	openssl-0.9.8j enables RFC3546 TLS extensions by default (e.g. the very	djm	2009-01-09	13	-39/+0
\| \| \| \| \|	useful "server name indication" that allows multihomed TLS server), so remove the #define to disable it here
*	adjust Makefile and crank major for openssl-0.9.8j	djm	2009-01-09	17	-16/+56
\|
*	resolve conflicts	djm	2009-01-09	301	-4804/+6983
\|
*	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2009-01-09	4	-9/+15
\|\ \| \| \| \|	branch.
\| *	import openssl-0.9.8j	djm	2009-01-09	23	-96/+299
\| \|
* \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2009-01-09	127	-3471/+17440
\|\ \ \| \| \| \| \| \|	branch.
\| * \|	import openssl-0.9.8j	djm	2009-01-09	439	-7223/+24970
\| \| \|
* \| \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2009-01-09	43	-95/+1439
\|\ \ \ \| \| \| \| \| \| \| \|	branch.
\| * \| \|	import openssl-0.9.8j	djm	2009-01-09	63	-558/+2236
\| \| \| \|
\| * \| \|	This commit was manufactured by cvs2git to create branch 'OPENSSL'.	cvs2svn	2009-01-05	4	-0/+2088
\| \| \| \|
* \| \| \|	Add a missing MLINK for BIO_new_socket.	oga	2009-01-08	1	-1/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Noticed by blambert@. Ok jmc@.
* \| \| \|	update to openssl-0.9.8i; tested by several, especially krw@	djm	2009-01-05	136	-2902/+4741
\| \| \| \|
* \| \| \|	fix some cause of bad TEXTREL on i386 and amd64	otto	2008-09-19	5	-14/+64
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	- global function calls in .init sections (diff makes them via PLT) - calls to global functions in aes-586.S (made static or local) - global variable accesses in rc4-x86_64.S (now made via GOT) from djm@large; ok miod@
* \| \| \|	use one call to arc4random_buf() instead of lots of arc4random()	djm	2008-09-10	1	-8/+2
\| \| \| \|
* \| \| \|	turn off CAST assembler code (i.e. use C implementation) as it has bad	djm	2008-09-08	1	-3/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	relocations that lead to libcrypto.so being marked TEXTREL; linker-fu from drahn@ "go ahead" deraadt@
* \| \| \|	sparc now requires this bloated library to be -fPIC	deraadt	2008-09-07	1	-1/+5
\| \| \| \|
* \| \| \|	Fix merge botch.	kettenis	2008-09-07	1	-3/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	ok miod@
* \| \| \|	remove duplicate definition of OPENSSL_DSA_MAX_MODULUS_BITS spotted	djm	2008-09-06	1	-2/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	by dtucker@
* \| \| \|	remerge local tweaks, update per-arch configuration headers, update	djm	2008-09-06	26	-98/+875
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Makefiles, crank shlib_version
* \| \| \|	resolve conflicts	djm	2008-09-06	697	-15897/+44294
\| \| \| \|
* \| \| \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2008-09-06	20	-1/+7194
\|\ \ \ \ \| \| \|_\|/ \| \|/\| \|	branch.
\| * \| \|	import of OpenSSL 0.9.8h	djm	2008-09-06	62	-1452/+13147
\| \| \| \|
\| * \| \|	import of openssl-0.9.7j	djm	2006-06-27	14	-539/+650
\| \| \| \|
* \| \| \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2008-09-06	103	-8888/+13893
\|\ \ \ \ \| \| \|_\|/ \| \|/\| \|	branch.
\| * \| \|	import of OpenSSL 0.9.8h	djm	2008-09-06	763	-23808/+54005
\| \| \| \|
* \| \| \|	This commit was generated by cvs2git to track changes on a CVS vendor	djm	2008-09-06	228	-38/+70819
\|\ \ \ \ \| \| \|_\|/ \| \|/\| \|	branch.
\| * \| \|	import of OpenSSL 0.9.8h	djm	2008-09-06	229	-871/+71643
\| \| \| \|
* \| \| \|	Install man pages for the BIO_* libcrypto functions, but not bio.3	jsg	2008-07-28	1	-1/+126
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	as the page doesn't directly describe any functions. ok deraadt@
* \| \| \|	i have to crank this for a ridiculous reason, to save me about 4 hours of work	deraadt	2008-07-25	1	-1/+1
\| \| \| \|
* \| \| \|	remove duplicates; remove des_random_key; remove unused; sort MLINKS; ok jmc@	markus	2008-05-07	1	-113/+8
\| \| \| \|
* \| \| \|	fix memory leak (in one case of unaligned buffers); from Markus Kvetter	deraadt	2008-02-26	1	-2/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	ok markus
* \| \| \|	Replace use of strcpy(3) and other pointer goo in	moritz	2007-10-10	2	-30/+24
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	SSL_get_shared_ciphers() with strlcat(3). ok deraadt@ markus@
* \| \| \|	Fix off-by-one buffer overflow in SSL_get_shared_ciphers().	moritz	2007-09-27	2	-22/+22
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	From OpenSSL_0_9_8-stable branch. ok djm@
* \| \| \|	Proper use of fseek/fseeko macros.	tobias	2007-09-10	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	OK joris@, otto@
* \| \| \|	http://openssl.org/news/patch-CVE-2007-3108.txt; ok pval, deraadt	markus	2007-08-21	1	-13/+65
\| \| \| \|
* \| \| \|	Correctly NUL terminate the message buffer that is used with the	claudio	2007-08-06	1	-4/+24
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	-starttls option. Without this openssl s_client -starttls crashed with malloc.conf -> J. OK deraadt@, hshoexer@
* \| \| \|	More comment typos from Diego Casati. Including winners like funtion, allmost,	krw	2007-05-26	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	oustside, seqencer, toghether, nessissary, etc.
* \| \| \|	Add proper checks against fgets failure. From Charles Longeau.	ray	2007-04-06	1	-1/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	OK moritz@, millert@, and jaredy@.
* \| \| \|	Add the cRLSign bit by default, so that certs generated using this file	cloder	2007-03-28	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	will be able to sign CRLs. OK reyk, hshoexer, millert
* \| \| \|	remove some bogus *p tests from charles longeau	tedu	2007-03-20	3	-5/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	ok deraadt millert
* \| \| \|	remove two expired certificates, diff from <Christian_Rusch@genua.de>	grunk	2007-02-17	1	-97/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	ok jakob@
* \| \| \|	Fix format string misuse in kssl_err_set(), which is not	moritz	2007-01-03	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	called with user-supplied strings at the moment. ok markus@