| Age | Commit message (Expand) | Author |
|---|
| 2015-02-22 | Reluctantly add server-side support for TLS_FALLBACK_SCSV. | Joel Sing |
| 2015-02-07 | Remove useless variables and use the values directly. | Doug Hogan |
| 2014-12-15 | Add error handling for EVP_DigestInit_ex(). | Doug Hogan |
| 2014-12-14 | Remove trailing whitespace. | Joel Sing |
| 2014-11-18 | Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov. | Miod Vallat |
| 2014-11-16 | Sort and group includes. | Joel Sing |
| 2014-10-18 | Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes(). | Joel Sing |
| 2014-10-18 | Typical malloc() with size multiplication to reallocarray(). | Doug Hogan |
| 2014-08-07 | Oops, revert changes commited by mistake. The previous commit was supposed | Miod Vallat |
| 2014-08-07 | When you expect a function to return a particular value, don't put a comment | Miod Vallat |
| 2014-07-10 | Remove more compression related code. | Joel Sing |
| 2014-07-10 | decompress libssl. ok beck jsing | Ted Unangst |
| 2014-07-09 | tedu the SSL export cipher handling - since we do not have enabled export | Joel Sing |
| 2014-07-08 | pedantic avoidance of division by zero, likely not actually | Bob Beck |
| 2014-06-21 | Pull the code that builds a DTLS sequence number out into its own function | Joel Sing |
| 2014-06-21 | Pull out the sequence number selection and handle this up front. Also, the | Joel Sing |
| 2014-06-21 | More KNF and clean up. | Joel Sing |
| 2014-06-15 | Rename ssl3_record_sequence_update() to ssl3_record_sequence_increment(), | Joel Sing |
| 2014-06-13 | Correctly calculate the key block length when using export ciphers. | Joel Sing |
| 2014-06-13 | Swap compress/expand around so they are in the correct order - these ended | Joel Sing |
| 2014-06-13 | Combine the MAC handling for both !EVP_CIPH_FLAG_AEAD_CIPHER and | Joel Sing |
| 2014-06-13 | Add support for handling SSL_CIPHER_ALGORITHM2_AEAD ciphers, which are | Joel Sing |
| 2014-06-13 | Remove support for the `opaque PRF input' extension, which draft has expired | Miod Vallat |
| 2014-06-12 | tags as requested by miod and tedu | Theo de Raadt |
| 2014-06-11 | Stop setting the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW - it has been ignored since | Joel Sing |
| 2014-06-10 | In tls1_cert_verify_mac(), check the return value of EVP_MD_CTX_copy_ex() | Joel Sing |
| 2014-06-08 | Add a define for the SSLv3 sequence size and use it, rather than sprinkling | Joel Sing |
| 2014-06-08 | Be explicit with types. No binary change. | Joel Sing |
| 2014-06-08 | Factor out the part of tls1_change_cipher_state() that is specific to | Joel Sing |
| 2014-06-08 | Factor out the sequence number reset code to aid in upcoming changes. | Joel Sing |
| 2014-06-07 | Add missing NULL check after calling EVP_PKEY_new_mac_key(). | Joel Sing |
| 2014-06-07 | Use !is_read to imply SSL3_CC_WRITE. | Joel Sing |
| 2014-06-07 | Move the export label initialisation into the export handling code, since | Joel Sing |
| 2014-06-07 | Remove pointless casts - no binary change. | Joel Sing |
| 2014-06-07 | Rename variables to make it clear that these are only used in the export | Joel Sing |
| 2014-06-07 | Further clean up of context handling in tls1_change_cipher_state(). | Joel Sing |
| 2014-06-02 | Rename more variables for readability and consistency. | Joel Sing |
| 2014-06-01 | Overhaul the key block handling in tls1_change_cipher_state() - use | Joel Sing |
| 2014-06-01 | In tls1_setup_key_block(), use the correct IV length for GCM mode, which | Joel Sing |
| 2014-06-01 | Clean up the tls1_change_cipher_state() key length handling and use a | Joel Sing |
| 2014-05-30 | remove some #if 0 code. we don't need any more reminders that we're using | Ted Unangst |
| 2014-05-30 | Make use of SSL_IS_DTLS, SSL_USE_EXPLICIT_IV, SSL_USE_SIGALGS and | Joel Sing |
| 2014-05-29 | Fix another two cases where the return value of ssl_replace_hash() is | Joel Sing |
| 2014-05-28 | More KNF. | Joel Sing |
| 2014-05-28 | Refactor tls1_change_cipher_state() and split the compression handling out | Joel Sing |
| 2014-05-28 | There is no point in checking if a pointer is non-NULL before calling free, | Joel Sing |
| 2014-05-25 | Remove TLS_DEBUG, SSL_DEBUG, CIPHER_DEBUG and OPENSSL_RI_DEBUG. Much of | Joel Sing |
| 2014-05-25 | The ssl_ciper_get_evp() function is currently overloaded to also return the | Joel Sing |
| 2014-05-24 | Invoke OPENSSL_cleanse() with the size of the variable you are cleaning. | Miod Vallat |
| 2014-05-20 | KSSL is dead... nuke KSSL_DEBUG from orbit. | Joel Sing |
