| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Correctly handle TLS PRF with MD5+SHA1 - the secret has to be partitioned | jsing | 2017-03-07 | 1 | -5/+26 |
| * | Some tweaks from jmc@ and describe better what recallocarray does; | otto | 2017-03-07 | 1 | -7/+16 |
| * | Introducing recallocarray(3), a blend of calloc(3) and reallocarray(3) | otto | 2017-03-06 | 3 | -7/+147 |
| * | size is unsigned so using ==0 not <=0 when checking for buffer exhaustion | millert | 2017-03-06 | 1 | -4/+4 |
| * | Pull in a change from the bind 8 resolver that fixes a potential | millert | 2017-03-06 | 1 | -10/+16 |
| * | Clean up and simplify the tls1_PRF() implementation now that we have a | jsing | 2017-03-06 | 1 | -48/+19 |
| * | Correctly convert an SSLv2 challenge into an SSLv3/TLS client random by | jsing | 2017-03-05 | 1 | -9/+27 |
| * | Provide a rolling handshake hash that commences as soon as the cipher | jsing | 2017-03-05 | 8 | -54/+193 |
| * | Convert various handshake message generation functions to CBB. | jsing | 2017-03-05 | 4 | -56/+113 |
| * | Drop the second argument of dtls1_set_message_header() and make it a void | jsing | 2017-03-04 | 3 | -13/+10 |
| * | Call ssl3_handshake_write() instead of ssl3_do_write() - this was missed | jsing | 2017-03-04 | 1 | -2/+2 |
| * | Ensure MD and key initialized before processing HMAC | inoguchi | 2017-03-03 | 1 | -4/+18 |
| * | fix error in Dt; from robert klein | jmc | 2017-03-02 | 1 | -3/+3 |
| * | Convert ssl3_{get,send}_server_key_exchange() to EVP_md5_sha1(). | jsing | 2017-03-01 | 3 | -44/+29 |
| * | Include EVP_md5_sha1() via OpenSSL_add_all_digests(). | jsing | 2017-03-01 | 1 | -1/+2 |
| * | Bump minors due to symbol addition. | jsing | 2017-02-28 | 3 | -3/+3 |
| * | Document EVP_md5_sha1(). | jsing | 2017-02-28 | 1 | -2/+11 |
| * | Add an EVP interface that provides concatenated MD5+SHA1 hashes, which are | jsing | 2017-02-28 | 4 | -2/+88 |
| * | Fix typo in issuingDistributionPoint description. | jsing | 2017-02-28 | 1 | -1/+1 |
| * | Stop pretending that MD5 and SHA1 might not exist - rather than locating | jsing | 2017-02-28 | 4 | -20/+8 |
| * | Add support for RES_USE_DNSSEC | jca | 2017-02-27 | 1 | -5/+2 |
| * | Add the following root CAs, from SECOM Trust Systems / Security Communication | sthen | 2017-02-24 | 1 | -1/+126 |
| * | Remove STREEBOG 512 as a TLS MAC since there are currently no cipher suites | jsing | 2017-02-21 | 2 | -26/+6 |
| * | don;t end Nd with a full stop; | jmc | 2017-02-21 | 1 | -3/+3 |
| * | Mark ERR_add_error_data and ERR_add_error_vdata as not for internal use, | beck | 2017-02-20 | 5 | -14/+81 |
| * | spelling fix; | jmc | 2017-02-20 | 1 | -2/+2 |
| * | document tls_config_error(3) RETURN VALUES, improve what is said | schwarze | 2017-02-20 | 2 | -6/+59 |
| * | Add EDNS0 support. | jca | 2017-02-18 | 1 | -4/+3 |
| * | Avoid dereferencing a pointer when reporting an error about the same | jsing | 2017-02-15 | 1 | -2/+2 |
| * | Add a NULL test to wrterror() to avoid a NULL deref when called from a | jsg | 2017-02-15 | 1 | -2/+2 |
| * | bump to 2.5.2 | bcook | 2017-02-14 | 1 | -3/+3 |
| * | malloc does not *need* to return page-aligned objects for size >= | otto | 2017-02-12 | 1 | -5/+2 |
| * | DES keys are not 7 days long. ok jsing@ | dtucker | 2017-02-09 | 2 | -5/+5 |
| * | Revert previous; the implementation is incorrect since it assumes that the | jsing | 2017-02-07 | 2 | -20/+7 |
| * | Add file and line to the LibreSSL error strings sine we are no longer in | beck | 2017-02-07 | 2 | -7/+20 |
| * | Change SSLerror() back to taking two args, with the first one being an SSL *. | beck | 2017-02-07 | 25 | -573/+841 |
| * | Define values for SSL_CTRL_SET_GROUPS{,_LIST} and wire them up to the | jsing | 2017-02-05 | 2 | -15/+19 |
| * | Kill leak introduced with refactor | beck | 2017-02-05 | 1 | -3/+6 |
| * | fix a comment and rm some dead code as a result of the previous diff | otto | 2017-02-02 | 1 | -8/+5 |
| * | Let realloc handle and produce moved pointers for allocations betweenlibressl-v2.5.1 | otto | 2017-02-01 | 1 | -20/+37 |
| * | tweak previous; | jmc | 2017-01-31 | 2 | -12/+8 |
| * | Add tls_config_[add|set]keypair_ocsp functions so that ocsp staples may be | beck | 2017-01-31 | 6 | -58/+209 |
| * | Disable client-initiated renegotiation for libtls servers. | jsing | 2017-01-31 | 1 | -1/+3 |
| * | Provide an SSL_OP_NO_CLIENT_RENEGOTIATION option that disallows | jsing | 2017-01-31 | 2 | -2/+12 |
| * | LibreSSL : Truncated packet could crash via OOB read | inoguchi | 2017-01-31 | 2 | -3/+10 |
| * | Document functions returning standard moduli for DH key exchange. | schwarze | 2017-01-31 | 2 | -1/+136 |
| * | tweak previous; | jmc | 2017-01-30 | 3 | -11/+11 |
| * | Document BN_set_flags(3) and BN_get_flags(3). | schwarze | 2017-01-30 | 6 | -13/+159 |
| * | Seriously warn against calling BN_init(3), BN_MONT_CTX_init(3), | schwarze | 2017-01-29 | 3 | -12/+75 |
| * | Marko Kreen contributed significantly to the ocsp stuff for libtls | beck | 2017-01-29 | 1 | -2/+3 |
