Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-06-12 | tags as requested by miod and tedu | Theo de Raadt | |
2014-06-07 | Remove another NULL check before a BIO_free(). | Joel Sing | |
2014-06-07 | ssl3_free_digest_list() has its own NULL check. | Joel Sing | |
2014-06-07 | BIO_free has an implicit NULL check, so do not bother checking for NULL | Joel Sing | |
before calling it. | |||
2014-06-07 | ssl3_release_{read,write}_buffer() handle being called with NULL buffers, | Joel Sing | |
so do not bother checking before calling. | |||
2014-06-07 | The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have | Joel Sing | |
implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them. | |||
2014-05-31 | More manual OPENSSL_NO_EC and OPENSSL_NO_TLSEXT cleanup. | Joel Sing | |
2014-05-31 | ECDH and ECDSA will not work overly well if there is no EC, so unifdef | Joel Sing | |
OPENSSL_NO_EC. ok tedu@ | |||
2014-05-31 | TLS would not be entirely functional without extensions, so unifdef | Joel Sing | |
OPENSSL_NO_TLSEXT. ok tedu@ | |||
2014-05-30 | remove some #if 0 code. we don't need any more reminders that we're using | Ted Unangst | |
a not quite appropriate data structure. ok jsing | |||
2014-05-30 | Make use of SSL_IS_DTLS, SSL_USE_EXPLICIT_IV, SSL_USE_SIGALGS and | Joel Sing | |
SSL_USE_TLS1_2_CIPHERS. Largely based on OpenSSL head. | |||
2014-05-29 | unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. | Ted Unangst | |
ok deraadt jsing | |||
2014-05-29 | Make it substantially easier to identify protocol version requirements | Joel Sing | |
by adding an enc_flags field to the ssl3_enc_method, specifying four flags that are used with this field and providing macros for evaluating these conditions. Currently the version requirements are identified by continually checking the version number and other criteria. This change also adds separate SSL3_ENC_METHOD data for TLS v1.1 and v1.2, since they have different enc_flags from TLS v1. Based on changes in OpenSSL head. No objection from miod@ | |||
2014-05-28 | There is no point in checking if a pointer is non-NULL before calling free, | Joel Sing | |
since free already does this for us. Also remove some pointless NULL assignments, where the result from malloc(3) is immediately assigned to the same variable. ok miod@ | |||
2014-05-26 | Replace the following logic: | Miod Vallat | |
if (nothing to allocate) ptr = malloc(1) else { if ((ptr = malloc(size to allocate)) memcpy(ptr, data to copy, size to allocate) } if (ptr == NULL) OMG ERROR with a saner logic where the NULL pointer check if moved to the actual malloc branch, so that we do not need to malloc a single byte, just to avoid having a NULL pointer. Whoever thought allocating a single byte was a smart idea was obviously not taking his meds. ok beck@ guenther@ | |||
2014-05-25 | Remove TLS_DEBUG, SSL_DEBUG, CIPHER_DEBUG and OPENSSL_RI_DEBUG. Much of | Joel Sing | |
this is sporadic, hacked up and can easily be put back in an improved form should we ever need it. ok miod@ | |||
2014-05-24 | Use C99 initialisers for SSL3_ENC_METHOD structs. | Joel Sing | |
ok miod@ | |||
2014-05-23 | Clean up the SSL cipher initialisation and use C99 initialisers for | Joel Sing | |
clarity, grepability and to protect from future field reordering/removal. ok miod@ | |||
2014-05-22 | There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an | Joel Sing | |
empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl. ok miod@ | |||
2014-05-22 | Stop including kssl_lcl.h and nuke it from orbit - it is a no-op now. | Joel Sing | |
ok beck@ miod@ | |||
2014-05-20 | KSSL is dead... nuke KSSL_DEBUG from orbit. | Joel Sing | |
ok beck@ miod@ | |||
2014-05-17 | deleted seed some time ago | Ted Unangst | |
2014-05-05 | Remove SRP and Kerberos support from libssl. These are complex protocols | Ted Unangst | |
all on their own and we can't effectively maintain them without using them, which we don't. If the need arises, the code can be resurrected. | |||
2014-04-24 | More KNF, things that couldn't be verified with md5(1), and some whitespace | Ryan Thomas McBride | |
I missed on the first go around. | |||
2014-04-24 | KNF | Ryan Thomas McBride | |
2014-04-21 | more malloc/realloc/calloc cleanups; ok beck kettenis | Theo de Raadt | |
2014-04-19 | More KNF and style consistency tweaks | Philip Guenther | |
2014-04-18 | spacing | Ted Unangst | |
2014-04-17 | whack a bunch of disabled code. ok beck lteo | Ted Unangst | |
2014-04-17 | always build in RSA and DSA. ok deraadt miod | Ted Unangst | |
2014-04-17 | Change library to use intrinsic memory allocation functions instead of | Bob Beck | |
OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free | |||
2014-04-16 | add back SRP. i was being too greedy. | Ted Unangst | |
2014-04-16 | disentangle SRP code from TLS | Ted Unangst | |
2014-04-14 | make OPENSSL_NO_HEARTBLEED the default and only option. ok deraadt miod | Ted Unangst | |
2014-04-14 | First pass at applying KNF to the OpenSSL code, which almost makes it | Joel Sing | |
readable. This pass is whitespace only and can readily be verified using tr and md5. | |||
2014-04-13 | Do not include "e_os.h" anymore. Simply pull in the necessary headers. | Martin Pieuchot | |
ok miod@, deraadt@ | |||
2014-04-13 | remove more cases of MS_STATIC, MS_CALLBACK, and MS_FAR. Did you | Theo de Raadt | |
know that MS_STATIC doesn't mean it is static? How far can lies and half-truths be layered? I wonder if anyone got fooled, and actually returned a pointer.. ok beck | |||
2014-04-13 | Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery. | Miod Vallat | |
2014-02-27 | SECURITY fixes backported from openssl-1.0.1f. ok mikeb@ | Jeremie Courreges-Anglas | |
CVE-2013-4353 NULL pointer dereference with crafted Next Protocol Negotiation record in TLS handshake. Upstream: 197e0ea CVE-2013-6449 Fix crash with crafted traffic from a TLS 1.2 client. Upstream: ca98926, 0294b2b CVE-2013-6450 Fix DTLS retransmission from previous session. Upstream: 3462896 | |||
2012-10-13 | resolve conflicts | Damien Miller | |
2012-01-05 | OpenSSL 1.0.0f: merge | Damien Miller | |
2011-11-03 | openssl-1.0.0e: resolve conflicts | Damien Miller | |
2010-10-01 | resolve conflicts, fix local changes | Damien Miller | |
2009-11-10 | pull Ben Lauries blind prefix injection fix for CVE-2009-3555 from | Markus Friedl | |
openssl 0.9.8l; crank minor version; ok djm@ deraadt@; initially from jsg@ | |||
2009-01-05 | update to openssl-0.9.8i; tested by several, especially krw@ | Damien Miller | |
2008-09-06 | resolve conflicts | Damien Miller | |
2006-06-27 | resolve conflicts | Damien Miller | |
2005-04-29 | resolve conflicts | Damien Miller | |
2003-05-12 | merge 0.9.7b with local changes; crank majors for libssl/libcrypto | Markus Friedl | |
2002-09-10 | merge openssl-0.9.7-beta3, tested on vax by miod@ | Markus Friedl | |