Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | resolve conflicts | 2009-04-06 | 2 | -1/+3 | |
| | |||||
* | resolve conflicts | 2009-01-09 | 11 | -627/+679 | |
| | |||||
* | import openssl-0.9.8j | 2009-01-09 | 2 | -7/+13 | |
| | |||||
* | update to openssl-0.9.8i; tested by several, especially krw@ | 2009-01-05 | 22 | -534/+748 | |
| | |||||
* | resolve conflicts | 2008-09-06 | 40 | -1672/+6260 | |
| | |||||
* | import of OpenSSL 0.9.8h | 2008-09-06 | 9 | -787/+6793 | |
| | |||||
* | Replace use of strcpy(3) and other pointer goo in | 2007-10-10 | 1 | -15/+12 | |
| | | | | | | SSL_get_shared_ciphers() with strlcat(3). ok deraadt@ markus@ | ||||
* | Fix off-by-one buffer overflow in SSL_get_shared_ciphers(). | 2007-09-27 | 1 | -11/+11 | |
| | | | | | | From OpenSSL_0_9_8-stable branch. ok djm@ | ||||
* | Fix format string misuse in kssl_err_set(), which is not | 2007-01-03 | 1 | -1/+1 | |
| | | | | | | called with user-supplied strings at the moment. ok markus@ | ||||
* | openssl security fixes, diff from markus@, ok & "commit it" djm@ | 2006-10-04 | 2 | -2/+3 | |
| | | | | http://www.openssl.org/news/secadv_20060928.txt for more | ||||
* | resolve conflicts | 2006-06-27 | 18 | -554/+664 | |
| | |||||
* | import of openssl-0.9.7j | 2006-06-27 | 1 | -1/+1 | |
| | |||||
* | fix potential SSL 2.0 rollback (http://www.openssl.org//news/secadv_20051011.txt) | 2005-10-11 | 1 | -3/+1 | |
| | | | | from http://www.openssl.org/news/patch-CAN-2005-2969.txt | ||||
* | resolve conflicts | 2005-04-29 | 25 | -250/+871 | |
| | |||||
* | import of openssl-0.9.7g; tested on platforms from alpha to zaurus, ok deraadt@ | 2005-04-29 | 1 | -0/+1020 | |
| | |||||
* | merge 0.9.7d | 2004-04-08 | 8 | -305/+308 | |
| | |||||
* | out-of-bounds read in (unused) kerberos ciphersuites (CAN-2004-0112) | 2004-03-17 | 1 | -0/+16 | |
| | |||||
* | avoid null-pointer deref (aka CAN-2004-0079) | 2004-03-17 | 1 | -0/+8 | |
| | | | | see http://www.openssl.org/news/secadv_20040317.txt | ||||
* | merge 0.9.7c; minor bugsfixes; | 2003-11-11 | 4 | -12/+36 | |
| | | | | | API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto] | ||||
* | import 0.9.7c | 2003-11-11 | 1 | -1/+1 | |
| | |||||
* | Correct some off-by-ones. They currently don't matter, but this | 2003-10-01 | 1 | -3/+3 | |
| | | | | | is for future safety and consistency. OK krw@, markus@ | ||||
* | more fixes from 0.9.7c, ok deraadt, cloder | 2003-09-30 | 2 | -4/+11 | |
| | |||||
* | Off-by-ones, from aaron@ | 2003-09-22 | 1 | -1/+1 | |
| | |||||
* | You shall NOT BREAK THE TREE | 2003-08-25 | 1 | -3/+0 | |
| | |||||
* | Setup /dev/crypto early (SSL_library_init) to make sure it's actually done | 2003-08-25 | 1 | -0/+3 | |
| | | | | for all applications; ok markus and deraadt | ||||
* | Remove some double semicolons (hmm, do two semis equal a maxi?). | 2003-08-06 | 1 | -1/+1 | |
| | | | | I've skipped the GNU stuff for now. From Patrick Latifi. | ||||
* | merge 0.9.7b with local changes; crank majors for libssl/libcrypto | 2003-05-12 | 32 | -538/+726 | |
| | |||||
* | import 0.9.7b (without idea and rc5) | 2003-05-11 | 1 | -60/+23 | |
| | |||||
* | don't cast pointer to integer, use intptr_t stuff off inttypes.h instead | 2003-05-01 | 1 | -2/+3 | |
| | | | | ok millert | ||||
* | Fix for Klima-Pokorny-Rosa attack on RSA in SSL/TLS, see | 2003-03-19 | 1 | -13/+12 | |
| | | | | http://marc.theaimsgroup.com/?l=bugtraq&m=104811162730834&w=2 | ||||
* | security fix from openssl 0.9.7a: | 2003-02-19 | 1 | -16/+31 | |
| | | | | | | | | In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked via timing by performing a MAC computation even if incorrrect block cipher padding has been found. This is a countermeasure against active attacks where the attacker has to distinguish between bad padding and a MAC verification error. (CAN-2003-0078) | ||||
* | pull in fix from openssl-0.9.7-stable-SNAP-20020921: | 2002-09-23 | 1 | -16/+5 | |
| | | | | | | *) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes). [Bodo Moeller] | ||||
* | merge with openssl-0.9.7-stable-SNAP-20020911, | 2002-09-14 | 15 | -62/+172 | |
| | | | | | new minor for libcrypto (_X509_REQ_print_ex) tested by miod@, pb@ | ||||
* | merge openssl-0.9.7-beta3, tested on vax by miod@ | 2002-09-10 | 23 | -390/+732 | |
| | |||||
* | merge with 0.9.7-beta1 | 2002-09-05 | 2 | -3/+3 | |
| | |||||
* | execute bourne shell scripts with 'sh' and not with $SHELL | 2002-09-04 | 1 | -1/+1 | |
| | |||||
* | sync these files with openssl-0.9.7-beta1, too | 2002-09-03 | 1 | -1/+1 | |
| | |||||
* | protect <openssl/krb5_asn.h> with OPENSSL_NO_KRB5 | 2002-08-30 | 1 | -0/+2 | |
| | |||||
* | sync with http://www.openssl.org/news/patch_20020730_0_9_7.txt | 2002-07-30 | 2 | -4/+15 | |
| | | | | | (adds fix for unused kerberos and engine code, and some more assertions, as well as a 64bit integer string fix for conf_mod.c) | ||||
* | apply patches from OpenSSL Security Advisory [30 July 2002], | 2002-07-30 | 11 | -1/+55 | |
| | | | | http://marc.theaimsgroup.com/?l=openssl-dev&m=102802395104110&w=2 | ||||
* | do not propose IDEA cipher on SSL connection. tested by beck | 2002-06-07 | 3 | -0/+10 | |
| | | | | noticed by Sverre Froyen <sverre@viewmark.com> | ||||
* | Merge OpenSSL 0.9.7-stable-20020605, | 2002-06-07 | 1 | -5/+36 | |
| | | | | correctly autogenerate obj_mac.h | ||||
* | Merge openssl-0.9.7-stable-SNAP-20020519 | 2002-05-21 | 1 | -1/+0 | |
| | |||||
* | OpenSSL 0.9.7 stable 2002 05 08 merge | 2002-05-15 | 41 | -1664/+6483 | |
| | |||||
* | merge openssl 0.9.6b-engine | 2001-08-01 | 4 | -8/+54 | |
| | | | | | Note that this is a maintenence release, API's appear *not* to have changed. As such, I have only increased the minor number on these libraries | ||||
* | openssl-engine-0.9.6a merge | 2001-06-22 | 20 | -120/+341 | |
| | |||||
* | CRT and DH+SSL fix from 0.9.6a, ok provos@/deraadt@ | 2001-04-22 | 1 | -0/+1 | |
| | |||||
* | openssl-engine-0.9.6 merge | 2000-12-15 | 28 | -433/+588 | |
| | |||||
* | fix missing closedir() that could allow apacheSSL to leak fd's, | 2000-10-16 | 1 | -0/+1 | |
| | | | | from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net> | ||||
* | OpenSSL 0.9.5a merge | 2000-04-15 | 10 | -176/+358 | |
| |