summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* fix memory leak (in one case of unaligned buffers); from Markus Kvetterderaadt2008-02-261-2/+3
| | | | ok markus
* Replace use of strcpy(3) and other pointer goo inmoritz2007-10-101-15/+12
| | | | | | SSL_get_shared_ciphers() with strlcat(3). ok deraadt@ markus@
* Fix off-by-one buffer overflow in SSL_get_shared_ciphers().moritz2007-09-271-11/+11
| | | | | | From OpenSSL_0_9_8-stable branch. ok djm@
* Proper use of fseek/fseeko macros.tobias2007-09-101-1/+1
| | | | OK joris@, otto@
* http://openssl.org/news/patch-CVE-2007-3108.txt; ok pval, deraadtmarkus2007-08-211-13/+65
|
* Correctly NUL terminate the message buffer that is used with theclaudio2007-08-061-4/+24
| | | | | -starttls option. Without this openssl s_client -starttls crashed with malloc.conf -> J. OK deraadt@, hshoexer@
* More comment typos from Diego Casati. Including winners like funtion, allmost,krw2007-05-261-1/+1
| | | | oustside, seqencer, toghether, nessissary, etc.
* Add proper checks against fgets failure. From Charles Longeau.ray2007-04-061-1/+2
| | | | OK moritz@, millert@, and jaredy@.
* remove some bogus *p tests from charles longeautedu2007-03-203-5/+5
| | | | ok deraadt millert
* Fix format string misuse in kssl_err_set(), which is notmoritz2007-01-031-1/+1
| | | | | | called with user-supplied strings at the moment. ok markus@
* openssl security fixes, diff from markus@, ok & "commit it" djm@pvalchev2006-10-0412-2/+84
| | | | http://www.openssl.org/news/secadv_20060928.txt for more
* Use S_IS* macros insted of masking with S_IF* flags. The latter mayotto2006-09-251-2/+2
| | | | | have multiple bits set, which lead to surprising results. Spotted by Paul Stoeber. ok djm@
* fix RSA signature padding vulnerability in OpenSSL libcrypto CVE-2006-4339;djm2006-09-091-0/+17
| | | | ok beck@ miod@
* resolve conflictsdjm2006-06-27172-2439/+4398
|
* import of openssl-0.9.7jdjm2006-06-27130-324/+27174
|
* potential fd leak (we will fix this before we move to cloning)deraadt2006-06-081-1/+3
|
* Add a -hex option to 'rand' to output hexadecimal output.matthieu2006-05-141-1/+20
| | | | ok djm@ miod@, man page help from jmc@.
* backport checks for degenerate Diffie-Hellman public exponents fromdjm2006-05-044-0/+36
| | | | | OpenSSL-0.9.8a, where they were added without a corresponding patch to 0.9.7 or an advisory! ok theo@ markus@
* make BN_is_prime() realise that 2 is, in fact, a prime number.djm2006-03-141-1/+3
| | | | from OpenSSL CVS; ok otto@ deraadt@
* fix potential SSL 2.0 rollback (http://www.openssl.org//news/secadv_20051011.txt)markus2005-10-111-3/+1
| | | | from http://www.openssl.org/news/patch-CAN-2005-2969.txt
* kernal->kernel;jmc2005-08-011-1/+1
| | | | | from netbsd pr #30872 (anonymous post); ok deraadt@ krw@
* avoid spurious ld evil string func warning, spotted by david@;djm2005-05-251-3/+3
| | | | feedback & ok avsm@
* no need to byteswap for AES_ASM, from tom@markus2005-05-231-1/+9
|
* import i386 AES asm code from openssl.org; ok and help with testing djm@markus2005-05-102-1/+1550
|
* kill strcpy; ok hshoexer@, prodded by david@djm2005-05-102-2/+2
|
* remove this junk that snuck in the import; spotted by markus@djm2005-04-291-0/+0
|
* increase EVP_MAX_MD_SIZE to something sane (big enough for SHA512)djm2005-04-291-1/+1
|
* resolve conflictsdjm2005-04-29298-1667/+5261
|
* import of openssl-0.9.7g; tested on platforms from alpha to zaurus, ok deraadt@djm2005-04-29188-106/+42182
|
* typomiod2005-04-251-2/+2
|
* fix lies about snprintfderaadt2005-04-231-2/+3
|
* enable openssl DSO (typo, it's -DDSO_DLFCN not -DSO_DLFCN); Douglas Santosmarkus2005-03-301-3/+3
|
* belive -> believemiod2005-03-293-4/+4
|
* adjust comment, open_dev_crypto() returns -1 on error.hshoexer2005-01-291-1/+1
| | | | ok markus@
* on error set correct pointer to NULL.hshoexer2005-01-261-2/+2
| | | | | | From phk@freebsd.org ok markus@
* machdep.xcrypt now has a different meaning: Instead of > 0 indicatingderaadt2004-06-151-14/+16
| | | | | | that AES is there, we now have 3 flag bits: C3_HAS_AES, C3_HAS_SHA (SHA1 & SHA256), and C3_HAS_MM (RSA). Change this code to only look at C3_HAS_AES for now.
* update missing pieces from 0.9.7d; ok henningmarkus2004-04-253-11/+67
| | | | crank minor for API extensions
* avoid NULL deref; from danh@markus2004-04-251-2/+5
|
* from openssl, 1.50.2.9, make S/MIME encrypt work again.markus2004-04-251-4/+9
|
* backout for nowmarkus2004-04-083-67/+11
|
* merge 0.9.7dmarkus2004-04-08114-1383/+1808
|
* import openssl-0.9.7dmarkus2004-04-0722-29/+852
|
* support IPv6 connections in "openssl s_client", adding -4 and -6 options todjm2004-03-313-96/+45
| | | | force protocol; ok itojun@
* Unbreak rmd160. Was broken on sparc64 when compiled with gcc3. Fix and reporthshoexer2004-03-221-2/+2
| | | | | | | | | | by Simon Kellner. XXX This is only a temporary work-around and we still need a REAL fix for XXX this issue. Testing on different archs by marc@ tdvall@ millert@ otto@ ho@ miod@ hshoexer@ ok deraadt@
* Insert missing ABORT if EC_GROUP_copy() fails.tom2004-03-211-1/+1
| | | | ok markus@
* return(00); -> return(0); markus@ okaaron2004-03-171-2/+2
|
* out-of-bounds read in (unused) kerberos ciphersuites (CAN-2004-0112)markus2004-03-171-0/+16
|
* avoid null-pointer deref (aka CAN-2004-0079)markus2004-03-171-0/+8
| | | | see http://www.openssl.org/news/secadv_20040317.txt
* Cleanup and shrink ACSS_KEY a bit. Thus crank library minor.hshoexer2004-02-133-19/+24
| | | | | | Change cipher modes to more generic names and add an additional mode. ok deraadt@ markus@
* remove some debug code and cleanup..deraadt2004-02-041-18/+6
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.