summaryrefslogtreecommitdiff
path: root/src/lib/libssl (follow)
Commit message (Expand)AuthorAgeFilesLines
* Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().jsing2014-10-1834-130/+76
* Typical malloc() with size multiplication to reallocarray().doug2014-10-183-12/+12
* Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, usebeck2014-10-165-10/+14
* Disable SSLv3 by default.jsing2014-10-152-2/+8
* Only require an EC public key in tls1_set_ec_id(), if we need to providejsing2014-10-152-8/+8
* Add cipher aliases for DHE (the correct name for EDH) and ECDHE (thejsing2014-10-154-8/+32
* Bump libressl version string to 2.1.bcook2014-10-141-2/+2
* The return value on success of fcntl(F_SETFL) is not actually specified,bcook2014-10-131-3/+3
* Use O_NONBLOCK over FIONBIO.bcook2014-10-131-2/+8
* Remove useless comments in DES_is_weak_key(). Do we really care that thismiod2014-10-121-14/+10
* Paranoia: in ASN1_mbstring_ncopy(), check for len < 0 instead of len == -1,miod2014-10-121-2/+2
* Convert libssl manpages from pod to mdoc(7).bentley2014-10-12249-7737/+19938
* Use strdup() instead of malloc() + memcpy().miod2014-10-071-8/+3
* EC_KEY_set_group() does an EC_GROUP_dup() of its argument, so we don'tmiod2014-10-071-8/+2
* The fixes to X509_PURPOSE_add() in r1.18 actually could cause a globalmiod2014-10-051-27/+29
* Be sure to check the stack push operation for success in v2i_POLICY_MAPPINGS();miod2014-10-051-17/+19
* In v2i_AUTHORITY_INFO_ACCESS(), separate object allocation from object pushmiod2014-10-051-3/+8
* Memory leak upon error in set_dist_point_name().miod2014-10-051-1/+2
* Be sure to check object allocation for success before using them.miod2014-10-051-5/+10
* Missing deallocation upon error.miod2014-10-051-2/+3
* Fix memory leak in the error path of v2i_AUTHORITY_KEYID().miod2014-10-051-3/+6
* compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.sederaadt2014-10-051-2/+3
* Use more specific curves/formats naming for local variables injsing2014-10-052-60/+56
* Use tls1_get_curvelist() in ssl_add_clienthello_tlsext(), rather thanjsing2014-10-052-22/+4
* Make tls1_get_formatlist() behave the same as tls1_get_curvelist() andjsing2014-10-052-42/+58
* Bump minor version for ECDH auto.jsing2014-10-032-2/+2
* Add support for automatic ephemeral EC keys.jsing2014-10-0314-26/+152
* Use string literals in printf style calls so gcc's -Wformat works.doug2014-10-035-23/+22
* Clean up EC cipher handling in ssl3_choose_cipher().jsing2014-09-306-290/+304
* Previous fix (1.12) would cause a NULL pointer dereference in the error pathmiod2014-09-291-4/+3
* check_cert(): be sure to reset ctx->current_crl to NULL before freeing it.miod2014-09-291-10/+5
* X509_NAME_get_text_by_OBJ(): make sure we do not pass a negative size tomiod2014-09-291-3/+5
* X509_VERIFY_PARAM_set1_name(): if invoked with NULL as the secondmiod2014-09-291-1/+2
* Bump minor after adding SSL_CTX_use_certificate_chain().reyk2014-09-282-2/+2
* Add a new API function SSL_CTX_use_certificate_chain() that allows toreyk2014-09-285-38/+106
* X509v3_add_ext(): do not free stuff we did not allocate in the error path.miod2014-09-281-2/+2
* X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it,miod2014-09-281-15/+23
* Someone (TM) thought it was smart to save memory by using malloc(1) andmiod2014-09-281-5/+4
* Doh, rev 1.4 had left out one routine with both 32-bit and 64-bit code, wheremiod2014-09-271-0/+2
* There is not much point checking ecdhp is not NULL... twice.jsing2014-09-274-28/+10
* Check that the specified curve is one of the client preferences.jsing2014-09-2710-16/+140
* X509_STORE_new(): do not leak memory upon error.miod2014-09-261-14/+17
* X509_issuer_and_serial_hash(): do not leak memory if an error occurs duringmiod2014-09-261-1/+3
* X509at_add1_attr(): do not free stuff we did not allocate in the error path.miod2014-09-261-3/+3
* Now that we have a static version of the default EC formats, also use itjsing2014-09-262-94/+88
* Fix regression introduced in revision 1.15 by using strndup() instead ofmiod2014-09-231-6/+6
* Refactor and simplify the ECC extension handling. The existing codejsing2014-09-224-244/+196
* Also check the result from final_finish_mac() against finish_mac_length injsing2014-09-222-38/+34
* It is possible (although unlikely in practice) for peer_finish_md_len tojsing2014-09-222-26/+22
* Document SSL_OP_TLSEXT_PADDING.jsing2014-09-211-0/+6