| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Since we no longer need to support SSLv2-style cipher lists, start | jsing | 2014-08-10 | 32 | -182/+68 |
| * | Only need <stdint.h> and not all of <inttypes.h> here | guenther | 2014-08-10 | 1 | -2/+2 |
| * | Fix CVE-2014-3507, avoid allocating and then leaking a fresh fragment | guenther | 2014-08-08 | 2 | -4/+14 |
| * | Fix CVE-2014-3508, pretty printing and OID validation: | guenther | 2014-08-08 | 4 | -24/+56 |
| * | Correct test reversed during merge of fix for CVE-2014-3509 | guenther | 2014-08-07 | 2 | -4/+4 |
| * | Fix CVE-2014-3506, DTLS handshake message size checks. From | guenther | 2014-08-07 | 2 | -32/+44 |
| * | Oops, revert changes commited by mistake. The previous commit was supposed | miod | 2014-08-07 | 13 | -53/+59 |
| * | When you expect a function to return a particular value, don't put a comment | miod | 2014-08-07 | 15 | -71/+59 |
| * | Fix CVE-2014-3511; TLS downgrade, verbatim diff | deraadt | 2014-08-07 | 2 | -10/+54 |
| * | merge CVE-2014-3510; Fix DTLS anonymous EC(DH) denial of service | deraadt | 2014-08-07 | 2 | -2/+18 |
| * | merge fix for CVE-2014-3509 -- basically a missing s->hit check; ok guenther | deraadt | 2014-08-06 | 2 | -18/+26 |
| * | Prevent a possible use after free by mimicing the s3_srvr.c fixes contributed by | miod | 2014-08-06 | 2 | -8/+2 |
| * | Allow B64_EOF to follow a base64 padding character. This restores previous | jsing | 2014-08-06 | 2 | -4/+6 |
| * | Correct error checks in EVP_read_pw_string_min(): UI_add_input_string() | guenther | 2014-08-06 | 2 | -6/+6 |
| * | Add support for loading the public/private key from memory, rather than | jsing | 2014-08-06 | 4 | -13/+97 |
| * | Add $OpenBSD$ tags. | jsing | 2014-08-05 | 8 | -0/+8 |
| * | Implement ressl_accept_socket, which allocates a new server connection | jsing | 2014-08-04 | 2 | -4/+45 |
| * | Return -1 on error (not 1). | jsing | 2014-08-04 | 1 | -3/+3 |
| * | A ressl server needs different configuration from a ressl client - provide | jsing | 2014-08-04 | 3 | -0/+41 |
| * | Provide a function that returns a server connection context. | jsing | 2014-08-04 | 2 | -0/+15 |
| * | Provide a utility function for loading a private/public keypair. | jsing | 2014-08-04 | 2 | -0/+21 |
| * | Improve ressl_{read,write} handling of non-blocking reads/writes. | jsing | 2014-08-04 | 2 | -16/+31 |
| * | Free the SSL context first and let the reference counting do its thing. | jsing | 2014-08-04 | 1 | -5/+2 |
| * | In chacha_init(), allow for a NULL iv. Reported by znz on github. | miod | 2014-08-04 | 2 | -4/+6 |
| * | X509_NAME_get_text_by_NID() returns -1 on error so the type | jsg | 2014-08-03 | 1 | -1/+1 |
| * | Fix a usage string; the proper spelling of 'alot' is 'a lot'. | blambert | 2014-07-29 | 1 | -2/+2 |
| * | Remove SRP code. It contains a bug (this should not surprise anyone), but | tedu | 2014-07-28 | 12 | -3635/+2 |
| * | The RSA, DH, and ECDH temporary key callbacks expect the number of keybits | guenther | 2014-07-28 | 6 | -18/+42 |
| * | Add missing year to copyright. | jsing | 2014-07-25 | 4 | -8/+8 |
| * | BIO_free() returns immediately when the sole input is NULL. | doug | 2014-07-25 | 26 | -96/+61 |
| * | level_add_node(): if a memory allocation failure causes us to attempt to clean | miod | 2014-07-23 | 2 | -8/+14 |
| * | Make sure PEM_def_callback() correctly handles negative buffer sizes; all uses | miod | 2014-07-23 | 2 | -20/+34 |
| * | Check the return value of the UI functions (including UI_new() which return | miod | 2014-07-23 | 2 | -12/+22 |
| * | Now that DES_random_key() can be trusted, use it to generate DES keys in the | miod | 2014-07-22 | 4 | -24/+20 |
| * | In DES_random_key(), force the generated key to the odd parity before checking | miod | 2014-07-22 | 2 | -16/+16 |
| * | Handle failure of NETSCAPE_SPKI_b64_encode() and don't leak memory | guenther | 2014-07-22 | 1 | -6/+10 |
| * | Kill a bunch more BUF_strdup's - these are converted to have a check for | beck | 2014-07-22 | 12 | -30/+40 |
| * | better match proposed syscall api | bcook | 2014-07-22 | 2 | -16/+4 |
| * | protect sysctl path with SYS__sysctl instead; from enh@google, ok bcook | deraadt | 2014-07-21 | 2 | -12/+12 |
| * | Use explicit_bzero() instead of memset() on buffers going out of scope. | guenther | 2014-07-21 | 6 | -12/+18 |
| * | cast from void * before math; enh@google | deraadt | 2014-07-21 | 2 | -4/+4 |
| * | missing newline | deraadt | 2014-07-21 | 1 | -1/+2 |
| * | Switch from <sys/endian.h> or <machine/endian.h> to the new, | guenther | 2014-07-21 | 4 | -8/+8 |
| * | Move more OS-specific functionality to arc4random.h headers. | bcook | 2014-07-20 | 10 | -14/+88 |
| * | initial win32 ARC4_LOCK/UNLOCK implementation. | bcook | 2014-07-20 | 2 | -2/+42 |
| * | From ISO/IEC 9899:1999 and 9899:201x, | guenther | 2014-07-20 | 2 | -5/+5 |
| * | Demonstrate how new linux getrandom() will be called, at least until | deraadt | 2014-07-20 | 2 | -2/+74 |
| * | Mark the format string argument to BIO_*printf as not being allowed to be NULL | guenther | 2014-07-20 | 2 | -10/+14 |
| * | remove disabled main hook; we use phdr now; ok bcook | deraadt | 2014-07-19 | 6 | -42/+6 |
| * | arc4random re-seeds with getentropy() now; ok deraadt@ jmc@ | naddy | 2014-07-19 | 1 | -3/+3 |
