| Age | Commit message (Expand) | Author |
|---|
| 2015-03-27 | Factor out the init_buf initialisation code, rather than duplicating it | Joel Sing |
| 2015-02-25 | Fix CVE-2015-0205: Do not accept client authentication with Diffie-Hellman | Brent Cook |
| 2015-02-07 | Convert several of the server side handshake functions to the new handshake | Joel Sing |
| 2015-02-06 | Unifdef NETSCAPE_HANG_BUG. | Joel Sing |
| 2015-02-06 | Bring back the horrible API that is get_cipher_by_char/put_cipher_by_char. | Joel Sing |
| 2014-12-29 | don't leak timing info about padding errors by generating a fake key | Ted Unangst |
| 2014-12-15 | Add error handling for EVP_DigestInit_ex(). | Doug Hogan |
| 2014-12-14 | unifdef OPENSSL_NO_NEXTPROTONEG, which is one of the last standing #ifndef | Joel Sing |
| 2014-12-10 | ssl3_init_finished_mac() calls BIO_new() which can fail since it in turn | Joel Sing |
| 2014-12-10 | Remove support for GOST R 34.10-94 signature authentication, along with | Joel Sing |
| 2014-11-18 | Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov. | Miod Vallat |
| 2014-11-16 | Sort and group includes. | Joel Sing |
| 2014-10-31 | Add support for automatic DH ephemeral keys. | Joel Sing |
| 2014-10-31 | Remove support for ephemeral/temporary RSA private keys. | Joel Sing |
| 2014-10-18 | Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes(). | Joel Sing |
| 2014-10-03 | Add support for automatic ephemeral EC keys. | Joel Sing |
| 2014-09-27 | There is not much point checking ecdhp is not NULL... twice. | Joel Sing |
| 2014-09-19 | remove obfuscating parens. man operator is your friend. | Ted Unangst |
| 2014-09-07 | Remove SSL_kDHr, SSL_kDHd and SSL_aDH. No supported ciphersuites use them, | Joel Sing |
| 2014-08-24 | Replace the remaining uses of ssl3_put_cipher_by_char() with s2n and a | Joel Sing |
| 2014-08-11 | Unchecked memory allocation and potential leak upon error in | Miod Vallat |
| 2014-08-10 | Since we no longer need to support SSLv2-style cipher lists, start | Joel Sing |
| 2014-07-28 | The RSA, DH, and ECDH temporary key callbacks expect the number of keybits | Philip Guenther |
| 2014-07-12 | The correct name for EDH is DHE, likewise EECDH should be ECDHE. | Joel Sing |
| 2014-07-12 | Remove remnants from PSK, KRB5 and SRP. | Joel Sing |
| 2014-07-12 | Place comments in a block above the if statement, rather than attempting | Joel Sing |
| 2014-07-11 | As reported by David Ramos, most consumer of ssl_get_message() perform late | Miod Vallat |
| 2014-07-11 | In ssl3_get_cert_verify(), allow for larger messages to accomodate keys | Miod Vallat |
| 2014-07-11 | In ssl3_get_client_key_exchange() parsing a GOST session key, invoke the | Miod Vallat |
| 2014-07-11 | Remove the PSK code. We don't need to drag around this | Bob Beck |
| 2014-07-10 | remove unused variable from ssl3_get_client_hello | Brent Cook |
| 2014-07-10 | decompress libssl. ok beck jsing | Ted Unangst |
| 2014-07-10 | KNF comments, reflowing and moving out of the middle of argument lists in | Philip Guenther |
| 2014-07-09 | tedu the SSL export cipher handling - since we do not have enabled export | Joel Sing |
| 2014-06-30 | fix the identical leak in three different files. | Ted Unangst |
| 2014-06-19 | convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoring | Ted Unangst |
| 2014-06-18 | In ssl3_send_newsession_ticket(), fix a memory leak in an error path. | Miod Vallat |
| 2014-06-12 | tags as requested by miod and tedu | Theo de Raadt |
| 2014-06-11 | Stop setting the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW - it has been ignored since | Joel Sing |
| 2014-06-11 | c-file-style hints, begone; ok beck | Theo de Raadt |
| 2014-06-07 | http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2016265dfbab162ec... | Theo de Raadt |
| 2014-06-07 | The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have | Joel Sing |
| 2014-06-05 | Be selective as to when ChangeCipherSpec messages will be accepted. | Joel Sing |
| 2014-06-04 | without overthinking it, replace a few memcmp calls with CRYPTO_memcmp | Ted Unangst |
| 2014-05-31 | More manual OPENSSL_NO_EC and OPENSSL_NO_TLSEXT cleanup. | Joel Sing |
| 2014-05-31 | TLS would not be entirely functional without extensions, so unifdef | Joel Sing |
| 2014-05-30 | Make use of SSL_IS_DTLS, SSL_USE_EXPLICIT_IV, SSL_USE_SIGALGS and | Joel Sing |
| 2014-05-29 | the comment says RAND_pseudo_bytes should be RAND_bytes. make it so. | Ted Unangst |
| 2014-05-29 | unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. | Ted Unangst |
| 2014-05-28 | There is no point in checking if a pointer is non-NULL before calling free, | Joel Sing |
