summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src/ssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* OpenSSL 1.0.0f: mergedjm2012-01-0513-15/+64
|
* OpenSSL 1.0.0f: import upstream sourcedjm2012-01-052-8/+24
|
* openssl-1.0.0e: resolve conflictsdjm2011-11-0318-175/+339
|
* import OpenSSL 1.0.0edjm2011-11-034-31/+204
|
* fix for CVE-2011-0014 "OCSP stapling vulnerability";djm2011-02-101-1/+7
| | | | | | ok markus@ jasper@ miod@ AFAIK nothing in base uses this, though apache2 from ports may be affected.
* Security fix for CVE-2010-4180 as mentioned in http://www.openssl.org/news/secadv_20101202.txt.jasper2010-12-152-0/+8
| | | | | | | | | where clients could modify the stored session cache ciphersuite and in some cases even downgrade the suite to weaker ones. This code is not enabled by default. ok djm@
* - Apply security fix for CVE-2010-3864 (+commit 19998 which fixes the fix).jasper2010-11-171-18/+42
| | | | ok djm@ deraadt@
* resolve conflicts, fix local changesdjm2010-10-0147-4764/+9305
|
* import OpenSSL-1.0.0adjm2010-10-016-242/+949
|
* Security fix for CVE-2010-0740jasper2010-04-141-3/+4
| | | | | | | | | "In TLS connections, certain incorrectly formatted records can cause an OpenSSL client or server to crash due to a read attempt at NULL." http://openssl.org/news/secadv_20100324.txt ok deraadt@ djm@ sthen@
* pull Ben Lauries blind prefix injection fix for CVE-2009-3555 frommarkus2009-11-104-5/+19
| | | | openssl 0.9.8l; crank minor version; ok djm@ deraadt@; initially from jsg@
* resolve conflictsdjm2009-04-062-1/+3
|
* resolve conflictsdjm2009-01-0911-627/+679
|
* import openssl-0.9.8jdjm2009-01-092-7/+13
|
* update to openssl-0.9.8i; tested by several, especially krw@djm2009-01-0522-534/+748
|
* resolve conflictsdjm2008-09-0640-1672/+6260
|
* import of OpenSSL 0.9.8hdjm2008-09-069-787/+6793
|
* Replace use of strcpy(3) and other pointer goo inmoritz2007-10-101-15/+12
| | | | | | SSL_get_shared_ciphers() with strlcat(3). ok deraadt@ markus@
* Fix off-by-one buffer overflow in SSL_get_shared_ciphers().moritz2007-09-271-11/+11
| | | | | | From OpenSSL_0_9_8-stable branch. ok djm@
* Fix format string misuse in kssl_err_set(), which is notmoritz2007-01-031-1/+1
| | | | | | called with user-supplied strings at the moment. ok markus@
* openssl security fixes, diff from markus@, ok & "commit it" djm@pvalchev2006-10-042-2/+3
| | | | http://www.openssl.org/news/secadv_20060928.txt for more
* resolve conflictsdjm2006-06-2718-554/+664
|
* import of openssl-0.9.7jdjm2006-06-271-1/+1
|
* fix potential SSL 2.0 rollback (http://www.openssl.org//news/secadv_20051011.txt)markus2005-10-111-3/+1
| | | | from http://www.openssl.org/news/patch-CAN-2005-2969.txt
* resolve conflictsdjm2005-04-2925-250/+871
|
* import of openssl-0.9.7g; tested on platforms from alpha to zaurus, ok deraadt@djm2005-04-291-0/+1020
|
* merge 0.9.7dmarkus2004-04-088-305/+308
|
* out-of-bounds read in (unused) kerberos ciphersuites (CAN-2004-0112)markus2004-03-171-0/+16
|
* avoid null-pointer deref (aka CAN-2004-0079)markus2004-03-171-0/+8
| | | | see http://www.openssl.org/news/secadv_20040317.txt
* merge 0.9.7c; minor bugsfixes;markus2003-11-114-12/+36
| | | | | API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
* import 0.9.7cmarkus2003-11-111-1/+1
|
* Correct some off-by-ones. They currently don't matter, but thiscloder2003-10-011-3/+3
| | | | | is for future safety and consistency. OK krw@, markus@
* more fixes from 0.9.7c, ok deraadt, clodermarkus2003-09-302-4/+11
|
* Off-by-ones, from aaron@miod2003-09-221-1/+1
|
* You shall NOT BREAK THE TREEderaadt2003-08-251-3/+0
|
* Setup /dev/crypto early (SSL_library_init) to make sure it's actually donejason2003-08-251-0/+3
| | | | for all applications; ok markus and deraadt
* Remove some double semicolons (hmm, do two semis equal a maxi?).millert2003-08-061-1/+1
| | | | I've skipped the GNU stuff for now. From Patrick Latifi.
* merge 0.9.7b with local changes; crank majors for libssl/libcryptomarkus2003-05-1232-538/+726
|
* import 0.9.7b (without idea and rc5)markus2003-05-111-60/+23
|
* don't cast pointer to integer, use intptr_t stuff off inttypes.h insteadpvalchev2003-05-011-2/+3
| | | | ok millert
* Fix for Klima-Pokorny-Rosa attack on RSA in SSL/TLS, seemarkus2003-03-191-13/+12
| | | | http://marc.theaimsgroup.com/?l=bugtraq&m=104811162730834&w=2
* security fix from openssl 0.9.7a:markus2003-02-191-16/+31
| | | | | | | | In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked via timing by performing a MAC computation even if incorrrect block cipher padding has been found. This is a countermeasure against active attacks where the attacker has to distinguish between bad padding and a MAC verification error. (CAN-2003-0078)
* pull in fix from openssl-0.9.7-stable-SNAP-20020921:markus2002-09-231-16/+5
| | | | | | *) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes). [Bodo Moeller]
* merge with openssl-0.9.7-stable-SNAP-20020911,markus2002-09-1415-62/+172
| | | | | new minor for libcrypto (_X509_REQ_print_ex) tested by miod@, pb@
* merge openssl-0.9.7-beta3, tested on vax by miod@markus2002-09-1023-390/+732
|
* merge with 0.9.7-beta1markus2002-09-052-3/+3
|
* execute bourne shell scripts with 'sh' and not with $SHELLmarkus2002-09-041-1/+1
|
* sync these files with openssl-0.9.7-beta1, toomarkus2002-09-031-1/+1
|
* protect <openssl/krb5_asn.h> with OPENSSL_NO_KRB5markus2002-08-301-0/+2
|
* sync with http://www.openssl.org/news/patch_20020730_0_9_7.txtmarkus2002-07-302-4/+15
| | | | | (adds fix for unused kerberos and engine code, and some more assertions, as well as a 64bit integer string fix for conf_mod.c)
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.