| Commit message (Expand) | Author | Age | Files | Lines |
* | Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes(). | jsing | 2014-10-18 | 34 | -130/+76 |
* | Typical malloc() with size multiplication to reallocarray(). | doug | 2014-10-18 | 3 | -12/+12 |
* | Get rid of the last remaining BUF_strdup and BUF_strlcpy and friends, use | beck | 2014-10-16 | 5 | -10/+14 |
* | Disable SSLv3 by default. | jsing | 2014-10-15 | 2 | -2/+8 |
* | Only require an EC public key in tls1_set_ec_id(), if we need to provide | jsing | 2014-10-15 | 2 | -8/+8 |
* | Add cipher aliases for DHE (the correct name for EDH) and ECDHE (the | jsing | 2014-10-15 | 4 | -8/+32 |
* | Bump libressl version string to 2.1. | bcook | 2014-10-14 | 1 | -2/+2 |
* | The return value on success of fcntl(F_SETFL) is not actually specified, | bcook | 2014-10-13 | 1 | -3/+3 |
* | Use O_NONBLOCK over FIONBIO. | bcook | 2014-10-13 | 1 | -2/+8 |
* | Remove useless comments in DES_is_weak_key(). Do we really care that this | miod | 2014-10-12 | 1 | -14/+10 |
* | Paranoia: in ASN1_mbstring_ncopy(), check for len < 0 instead of len == -1, | miod | 2014-10-12 | 1 | -2/+2 |
* | Convert libssl manpages from pod to mdoc(7). | bentley | 2014-10-12 | 249 | -7737/+19938 |
* | Use strdup() instead of malloc() + memcpy(). | miod | 2014-10-07 | 1 | -8/+3 |
* | EC_KEY_set_group() does an EC_GROUP_dup() of its argument, so we don't | miod | 2014-10-07 | 1 | -8/+2 |
* | The fixes to X509_PURPOSE_add() in r1.18 actually could cause a global | miod | 2014-10-05 | 1 | -27/+29 |
* | Be sure to check the stack push operation for success in v2i_POLICY_MAPPINGS(); | miod | 2014-10-05 | 1 | -17/+19 |
* | In v2i_AUTHORITY_INFO_ACCESS(), separate object allocation from object push | miod | 2014-10-05 | 1 | -3/+8 |
* | Memory leak upon error in set_dist_point_name(). | miod | 2014-10-05 | 1 | -1/+2 |
* | Be sure to check object allocation for success before using them. | miod | 2014-10-05 | 1 | -5/+10 |
* | Missing deallocation upon error. | miod | 2014-10-05 | 1 | -2/+3 |
* | Fix memory leak in the error path of v2i_AUTHORITY_KEYID(). | miod | 2014-10-05 | 1 | -3/+6 |
* | compile with c89 (code / decl ordering); from Joakim.Tjernlund@transmode.se | deraadt | 2014-10-05 | 1 | -2/+3 |
* | Use more specific curves/formats naming for local variables in | jsing | 2014-10-05 | 2 | -60/+56 |
* | Use tls1_get_curvelist() in ssl_add_clienthello_tlsext(), rather than | jsing | 2014-10-05 | 2 | -22/+4 |
* | Make tls1_get_formatlist() behave the same as tls1_get_curvelist() and | jsing | 2014-10-05 | 2 | -42/+58 |
* | Bump minor version for ECDH auto. | jsing | 2014-10-03 | 2 | -2/+2 |
* | Add support for automatic ephemeral EC keys. | jsing | 2014-10-03 | 14 | -26/+152 |
* | Use string literals in printf style calls so gcc's -Wformat works. | doug | 2014-10-03 | 5 | -23/+22 |
* | Clean up EC cipher handling in ssl3_choose_cipher(). | jsing | 2014-09-30 | 6 | -290/+304 |
* | Previous fix (1.12) would cause a NULL pointer dereference in the error path | miod | 2014-09-29 | 1 | -4/+3 |
* | check_cert(): be sure to reset ctx->current_crl to NULL before freeing it. | miod | 2014-09-29 | 1 | -10/+5 |
* | X509_NAME_get_text_by_OBJ(): make sure we do not pass a negative size to | miod | 2014-09-29 | 1 | -3/+5 |
* | X509_VERIFY_PARAM_set1_name(): if invoked with NULL as the second | miod | 2014-09-29 | 1 | -1/+2 |
* | Bump minor after adding SSL_CTX_use_certificate_chain(). | reyk | 2014-09-28 | 2 | -2/+2 |
* | Add a new API function SSL_CTX_use_certificate_chain() that allows to | reyk | 2014-09-28 | 5 | -38/+106 |
* | X509v3_add_ext(): do not free stuff we did not allocate in the error path. | miod | 2014-09-28 | 1 | -2/+2 |
* | X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it, | miod | 2014-09-28 | 1 | -15/+23 |
* | Someone (TM) thought it was smart to save memory by using malloc(1) and | miod | 2014-09-28 | 1 | -5/+4 |
* | Doh, rev 1.4 had left out one routine with both 32-bit and 64-bit code, where | miod | 2014-09-27 | 1 | -0/+2 |
* | There is not much point checking ecdhp is not NULL... twice. | jsing | 2014-09-27 | 4 | -28/+10 |
* | Check that the specified curve is one of the client preferences. | jsing | 2014-09-27 | 10 | -16/+140 |
* | X509_STORE_new(): do not leak memory upon error. | miod | 2014-09-26 | 1 | -14/+17 |
* | X509_issuer_and_serial_hash(): do not leak memory if an error occurs during | miod | 2014-09-26 | 1 | -1/+3 |
* | X509at_add1_attr(): do not free stuff we did not allocate in the error path. | miod | 2014-09-26 | 1 | -3/+3 |
* | Now that we have a static version of the default EC formats, also use it | jsing | 2014-09-26 | 2 | -94/+88 |
* | Fix regression introduced in revision 1.15 by using strndup() instead of | miod | 2014-09-23 | 1 | -6/+6 |
* | Refactor and simplify the ECC extension handling. The existing code | jsing | 2014-09-22 | 4 | -244/+196 |
* | Also check the result from final_finish_mac() against finish_mac_length in | jsing | 2014-09-22 | 2 | -38/+34 |
* | It is possible (although unlikely in practice) for peer_finish_md_len to | jsing | 2014-09-22 | 2 | -26/+22 |
* | Document SSL_OP_TLSEXT_PADDING. | jsing | 2014-09-21 | 1 | -0/+6 |