summaryrefslogtreecommitdiff
path: root/lib/libssl/s3_srvr.c
AgeCommit message (Expand)Author
2015-04-15Clean up the ssl_bytes_to_cipher_list() API - rather than having theJoel Sing
2015-03-27Factor out the init_buf initialisation code, rather than duplicating itJoel Sing
2015-02-25Fix CVE-2015-0205: Do not accept client authentication with Diffie-HellmanBrent Cook
2015-02-07Convert several of the server side handshake functions to the new handshakeJoel Sing
2015-02-06Unifdef NETSCAPE_HANG_BUG.Joel Sing
2015-02-06Bring back the horrible API that is get_cipher_by_char/put_cipher_by_char.Joel Sing
2014-12-29don't leak timing info about padding errors by generating a fake keyTed Unangst
2014-12-15Add error handling for EVP_DigestInit_ex().Doug Hogan
2014-12-14unifdef OPENSSL_NO_NEXTPROTONEG, which is one of the last standing #ifndefJoel Sing
2014-12-10ssl3_init_finished_mac() calls BIO_new() which can fail since it in turnJoel Sing
2014-12-10Remove support for GOST R 34.10-94 signature authentication, along withJoel Sing
2014-11-18Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.Miod Vallat
2014-11-16Sort and group includes.Joel Sing
2014-10-31Add support for automatic DH ephemeral keys.Joel Sing
2014-10-31Remove support for ephemeral/temporary RSA private keys.Joel Sing
2014-10-18Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().Joel Sing
2014-10-03Add support for automatic ephemeral EC keys.Joel Sing
2014-09-27There is not much point checking ecdhp is not NULL... twice.Joel Sing
2014-09-19remove obfuscating parens. man operator is your friend.Ted Unangst
2014-09-07Remove SSL_kDHr, SSL_kDHd and SSL_aDH. No supported ciphersuites use them,Joel Sing
2014-08-24Replace the remaining uses of ssl3_put_cipher_by_char() with s2n and aJoel Sing
2014-08-11Unchecked memory allocation and potential leak upon error inMiod Vallat
2014-08-10Since we no longer need to support SSLv2-style cipher lists, startJoel Sing
2014-07-28The RSA, DH, and ECDH temporary key callbacks expect the number of keybitsPhilip Guenther
2014-07-12The correct name for EDH is DHE, likewise EECDH should be ECDHE.Joel Sing
2014-07-12Remove remnants from PSK, KRB5 and SRP.Joel Sing
2014-07-12Place comments in a block above the if statement, rather than attemptingJoel Sing
2014-07-11As reported by David Ramos, most consumer of ssl_get_message() perform lateMiod Vallat
2014-07-11In ssl3_get_cert_verify(), allow for larger messages to accomodate keysMiod Vallat
2014-07-11In ssl3_get_client_key_exchange() parsing a GOST session key, invoke theMiod Vallat
2014-07-11Remove the PSK code. We don't need to drag around thisBob Beck
2014-07-10remove unused variable from ssl3_get_client_helloBrent Cook
2014-07-10decompress libssl. ok beck jsingTed Unangst
2014-07-10KNF comments, reflowing and moving out of the middle of argument lists inPhilip Guenther
2014-07-09tedu the SSL export cipher handling - since we do not have enabled exportJoel Sing
2014-06-30fix the identical leak in three different files.Ted Unangst
2014-06-19convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoringTed Unangst
2014-06-18In ssl3_send_newsession_ticket(), fix a memory leak in an error path.Miod Vallat
2014-06-12tags as requested by miod and teduTheo de Raadt
2014-06-11Stop setting the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW - it has been ignored sinceJoel Sing
2014-06-11c-file-style hints, begone; ok beckTheo de Raadt
2014-06-07http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2016265dfbab162ec...Theo de Raadt
2014-06-07The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all haveJoel Sing
2014-06-05Be selective as to when ChangeCipherSpec messages will be accepted.Joel Sing
2014-06-04without overthinking it, replace a few memcmp calls with CRYPTO_memcmpTed Unangst
2014-05-31More manual OPENSSL_NO_EC and OPENSSL_NO_TLSEXT cleanup.Joel Sing
2014-05-31TLS would not be entirely functional without extensions, so unifdefJoel Sing
2014-05-30Make use of SSL_IS_DTLS, SSL_USE_EXPLICIT_IV, SSL_USE_SIGALGS andJoel Sing
2014-05-29the comment says RAND_pseudo_bytes should be RAND_bytes. make it so.Ted Unangst
2014-05-29unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them.Ted Unangst