| Age | Commit message (Expand) | Author |
|---|
| 2014-09-22 | Refactor and simplify the ECC extension handling. The existing code | Joel Sing |
| 2014-09-22 | Also check the result from final_finish_mac() against finish_mac_length in | Joel Sing |
| 2014-09-22 | It is possible (although unlikely in practice) for peer_finish_md_len to | Joel Sing |
| 2014-09-21 | Move the TLS padding extension under an SSL_OP_TLSEXT_PADDING option, which | Joel Sing |
| 2014-09-21 | a_enum.c used to be a copy of a_int.c with s/INTEGER/ENUMERATED/g , but | Miod Vallat |
| 2014-09-21 | Fix a memory leak in the error path in ASN1_mbstring_ncopy(). | Miod Vallat |
| 2014-09-19 | Add CHACHA20 as a cipher symmetric encryption alias. | Joel Sing |
| 2014-09-19 | remove obfuscating parens. man operator is your friend. | Ted Unangst |
| 2014-09-07 | Remove SSL_kDHr, SSL_kDHd and SSL_aDH. No supported ciphersuites use them, | Joel Sing |
| 2014-08-28 | preserve errno value on success. | Brent Cook |
| 2014-08-24 | constify strerror return value | Brent Cook |
| 2014-08-24 | Include <sys/time.h> to get struct timeval | Brent Cook |
| 2014-08-24 | Replace the remaining uses of ssl3_put_cipher_by_char() with s2n and a | Joel Sing |
| 2014-08-23 | Remove non-standard GOST cipher suites (which are not compiled in | Joel Sing |
| 2014-08-23 | Replace the remaining ssl3_get_cipher_by_char() calls with n2s() and | Joel Sing |
| 2014-08-19 | Three independent typos for `independent' or `independently'. | Miod Vallat |
| 2014-08-18 | replace more ROTATE macros with plain-old C code. | Brent Cook |
| 2014-08-18 | remove return value from HOST_c2l/l2c macros | Brent Cook |
| 2014-08-16 | only build the getrandom path if SYS_getrandom is defined. | Brent Cook |
| 2014-08-16 | getrandom(2) support for getentropy_linux | Brent Cook |
| 2014-08-14 | fixed overrid(d)en typo | Tobias Stoeckmann |
| 2014-08-13 | munmap correct object in (extremely unlikely, and effectively terminal) | Theo de Raadt |
| 2014-08-12 | Replace intrinsic ROTATE macros with an inline. | Brent Cook |
| 2014-08-11 | Guard RSA / RC4-5 ASM when NO_ASM is not defined | Brent Cook |
| 2014-08-11 | Check the return value of sk_SSL_CIPHER_new_null(), since it allocates | Joel Sing |
| 2014-08-11 | Unchecked memory allocation and potential leak upon error in | Miod Vallat |
| 2014-08-11 | Remove now-unused SSL2_STATE as well as ssl2-specific state machine values. | Miod Vallat |
| 2014-08-11 | Currently, ssl3_put_char_by_bytes(NULL, NULL) is just a long handed way | Joel Sing |
| 2014-08-11 | Provide a ssl3_get_cipher_by_id() function that allows ciphers to be looked | Joel Sing |
| 2014-08-10 | Tweak cipher list comments and add missing cipher value comments. | Joel Sing |
| 2014-08-10 | Remove disabled (weakened export and non-ephemeral DH) cipher suites from | Joel Sing |
| 2014-08-10 | Since we no longer need to support SSLv2-style cipher lists, start | Joel Sing |
| 2014-08-08 | Fix CVE-2014-3507, avoid allocating and then leaking a fresh fragment | Philip Guenther |
| 2014-08-08 | Fix CVE-2014-3508, pretty printing and OID validation: | Philip Guenther |
| 2014-08-07 | Correct test reversed during merge of fix for CVE-2014-3509 | Philip Guenther |
| 2014-08-07 | Fix CVE-2014-3506, DTLS handshake message size checks. From | Philip Guenther |
| 2014-08-07 | Oops, revert changes commited by mistake. The previous commit was supposed | Miod Vallat |
| 2014-08-07 | When you expect a function to return a particular value, don't put a comment | Miod Vallat |
| 2014-08-07 | Fix CVE-2014-3511; TLS downgrade, verbatim diff | Theo de Raadt |
| 2014-08-07 | merge CVE-2014-3510; Fix DTLS anonymous EC(DH) denial of service | Theo de Raadt |
| 2014-08-06 | merge fix for CVE-2014-3509 -- basically a missing s->hit check; ok guenther | Theo de Raadt |
| 2014-08-06 | Prevent a possible use after free by mimicing the s3_srvr.c fixes contributed by | Miod Vallat |
| 2014-08-06 | Allow B64_EOF to follow a base64 padding character. This restores previous | Joel Sing |
| 2014-08-06 | Correct error checks in EVP_read_pw_string_min(): UI_add_input_string() | Philip Guenther |
| 2014-08-04 | In chacha_init(), allow for a NULL iv. Reported by znz on github. | Miod Vallat |
| 2014-07-28 | Remove SRP code. It contains a bug (this should not surprise anyone), but | Ted Unangst |
| 2014-07-28 | The RSA, DH, and ECDH temporary key callbacks expect the number of keybits | Philip Guenther |
| 2014-07-25 | Add missing year to copyright. | Joel Sing |
| 2014-07-25 | BIO_free() returns immediately when the sole input is NULL. | Doug Hogan |
| 2014-07-23 | level_add_node(): if a memory allocation failure causes us to attempt to clean | Miod Vallat |
