| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Fix CVE-2014-3507, avoid allocating and then leaking a fresh fragment |   guenther | 2014-08-08 | 1 | -2/+7 |
| * | Correct test reversed during merge of fix for CVE-2014-3509 | guenther | 2014-08-07 | 1 | -2/+2 |
| * | Fix CVE-2014-3506, DTLS handshake message size checks. From | guenther | 2014-08-07 | 1 | -16/+22 |
| * | Oops, revert changes commited by mistake. The previous commit was supposed |   miod | 2014-08-07 | 7 | -28/+31 |
| * | When you expect a function to return a particular value, don't put a comment | miod | 2014-08-07 | 8 | -37/+31 |
| * | Fix CVE-2014-3511; TLS downgrade, verbatim diff |   deraadt | 2014-08-07 | 1 | -5/+27 |
| * | merge CVE-2014-3510; Fix DTLS anonymous EC(DH) denial of service | deraadt | 2014-08-07 | 1 | -1/+9 |
| * | merge fix for CVE-2014-3509 -- basically a missing s->hit check; ok guenther | deraadt | 2014-08-06 | 1 | -9/+13 |
| * | Prevent a possible use after free by mimicing the s3_srvr.c fixes contributed by | miod | 2014-08-06 | 1 | -4/+1 |
| * | The RSA, DH, and ECDH temporary key callbacks expect the number of keybits | guenther | 2014-07-28 | 3 | -9/+21 |
| * | avoid sys/param.h; Jonas Termansen | deraadt | 2014-07-17 | 1 | -2/+2 |
| * | Missing bounds check in ssl3_get_certificate_request(), was not spotted in | miod | 2014-07-17 | 1 | -1/+6 |
| * | Fix memory leak upon error in ssl_parse_clienthello_use_srtp_ext(). | miod | 2014-07-14 | 1 | -6/+6 |
| * | Stop leaking internal library pointers in error messages. |   jsing | 2014-07-13 | 1 | -2/+2 |
| * | Explicitly initialise slen - this was not previously done due to a missing | jsing | 2014-07-13 | 1 | -1/+2 |
| * | Convert error handling to SSLerr and ERR_asprintf_error_data. | jsing | 2014-07-13 | 1 | -59/+54 |
| * | Convert d2i_SSL_SESSION to ASN1 primitives, instead of the horrific | jsing | 2014-07-13 | 1 | -26/+297 |
| * | Remove license introduced with the PSK code, which has since been removed. | jsing | 2014-07-13 | 1 | -27/+1 |
| * | Another compression remnant. | jsing | 2014-07-13 | 1 | -2/+1 |
| * | Expand the tlsext_sigalg macros. The end result is about the same number | jsing | 2014-07-13 | 1 | -16/+19 |
| * | Rewrite i2d_SSL_SESSION to use the ASN1 primitives, rather than using the | jsing | 2014-07-13 | 1 | -75/+98 |
| * | The bell tolls for BUF_strdup - Start the migration to using |   beck | 2014-07-13 | 3 | -6/+7 |
| * | KNF and some code cleaning. | jsing | 2014-07-13 | 1 | -36/+46 |
| * | Another large dose of KNF. | jsing | 2014-07-13 | 1 | -236/+407 |
| * | Apply a large dose of KNF. | jsing | 2014-07-12 | 1 | -126/+202 |
| * | The correct name for EDH is DHE, likewise EECDH should be ECDHE. | jsing | 2014-07-12 | 9 | -118/+118 |
| * | remove double brackets. fixes build with clang. |   jsg | 2014-07-12 | 1 | -2/+2 |
| * | Provide ssl_version_string() function, which uses one of those modern C | jsing | 2014-07-12 | 4 | -28/+31 |
| * | Remove extra parenthesis. | jsing | 2014-07-12 | 1 | -2/+2 |
| * | need_cert is now always true, so remove the variable and associated | jsing | 2014-07-12 | 1 | -33/+21 |
| * | if (x) FOO_free(x) -> FOO_free(x). | miod | 2014-07-12 | 2 | -14/+8 |
| * | Remove remnants from PSK, KRB5 and SRP. | jsing | 2014-07-12 | 8 | -159/+43 |
| * | Place comments in a block above the if statement, rather than attempting | jsing | 2014-07-12 | 2 | -47/+63 |
| * | Make disabling last cipher work. | guenther | 2014-07-12 | 1 | -9/+9 |
| * | As reported by David Ramos, most consumer of ssl_get_message() perform late | miod | 2014-07-11 | 3 | -53/+148 |
| * | If the application uses tls_session_secret_cb for session resumption, set | miod | 2014-07-11 | 1 | -2/+3 |
| * | In ssl3_get_cert_verify(), allow for larger messages to accomodate keys | miod | 2014-07-11 | 1 | -3/+2 |
| * | Accept CCS again after `finished' has been sent by the client; at this point | miod | 2014-07-11 | 1 | -5/+6 |
| * | In dtls1_clear_queues(), free buffered_add_data.q correctly, it's made of | miod | 2014-07-11 | 1 | -4/+4 |
| * | In ssl3_get_client_key_exchange() parsing a GOST session key, invoke the | miod | 2014-07-11 | 1 | -13/+8 |
| * | Missing initialization for error line in error paths; from Coverity via | miod | 2014-07-11 | 1 | -1/+4 |
| * | Remove the PSK code. We don't need to drag around this | beck | 2014-07-11 | 11 | -653/+12 |
| * | No need to keep ssl23_foo() flavours mapping to ssl3_foo(). | miod | 2014-07-11 | 5 | -45/+14 |
| * | remove unused variable from ssl3_get_client_hello |   bcook | 2014-07-10 | 1 | -3/+2 |
| * | Remove more compression tendrils. | jsing | 2014-07-10 | 3 | -14/+4 |
| * | Remove more compression related code. | jsing | 2014-07-10 | 3 | -20/+3 |
| * | Put back some parts of the public SSL API that should not have been | jsing | 2014-07-10 | 3 | -4/+28 |
| * | decompress libssl. ok beck jsing |   tedu | 2014-07-10 | 25 | -758/+39 |
| * | KNF comments, reflowing and moving out of the middle of argument lists in | guenther | 2014-07-10 | 3 | -93/+150 |
| * | remove unused ecc_pkey_size. | bcook | 2014-07-10 | 1 | -4/+2 |
