| Age | Commit message (Expand) | Author |
|---|
| 2015-03-02 | Fix a minor information leak that was introduced in t1_lib.c r1.71, whereby | Joel Sing |
| 2014-12-14 | unifdef OPENSSL_NO_NEXTPROTONEG, which is one of the last standing #ifndef | Joel Sing |
| 2014-12-10 | Remove support for GOST R 34.10-94 signature authentication, along with | Joel Sing |
| 2014-12-10 | Add support for ALPN. | Joel Sing |
| 2014-12-06 | Use appropriate internal types for EC curves and formats, rather than | Joel Sing |
| 2014-12-06 | Ensure that the client specified EC curve list length is a multiple of two. | Joel Sing |
| 2014-12-06 | Fix two cases where it is possible to read one or two bytes past the end of | Joel Sing |
| 2014-12-02 | Add brainpool curves to eccurves_default[], accidentally missing from 1.32; | Miod Vallat |
| 2014-11-18 | Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov. | Miod Vallat |
| 2014-11-03 | only call SRTP (whatever that is) functions when the connection type is | Ted Unangst |
| 2014-10-18 | Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes(). | Joel Sing |
| 2014-10-15 | Only require an EC public key in tls1_set_ec_id(), if we need to provide | Joel Sing |
| 2014-10-05 | Use more specific curves/formats naming for local variables in | Joel Sing |
| 2014-10-05 | Use tls1_get_curvelist() in ssl_add_clienthello_tlsext(), rather than | Joel Sing |
| 2014-10-05 | Make tls1_get_formatlist() behave the same as tls1_get_curvelist() and | Joel Sing |
| 2014-10-03 | Add support for automatic ephemeral EC keys. | Joel Sing |
| 2014-09-30 | Clean up EC cipher handling in ssl3_choose_cipher(). | Joel Sing |
| 2014-09-27 | Check that the specified curve is one of the client preferences. | Joel Sing |
| 2014-09-26 | Now that we have a static version of the default EC formats, also use it | Joel Sing |
| 2014-09-22 | Refactor and simplify the ECC extension handling. The existing code | Joel Sing |
| 2014-09-21 | Move the TLS padding extension under an SSL_OP_TLSEXT_PADDING option, which | Joel Sing |
| 2014-08-07 | Correct test reversed during merge of fix for CVE-2014-3509 | Philip Guenther |
| 2014-08-06 | merge fix for CVE-2014-3509 -- basically a missing s->hit check; ok guenther | Theo de Raadt |
| 2014-07-13 | Expand the tlsext_sigalg macros. The end result is about the same number | Joel Sing |
| 2014-07-13 | The bell tolls for BUF_strdup - Start the migration to using | Bob Beck |
| 2014-07-12 | The correct name for EDH is DHE, likewise EECDH should be ECDHE. | Joel Sing |
| 2014-07-09 | remove unused, private version strings except SSL_version_str | Brent Cook |
| 2014-06-19 | convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoring | Ted Unangst |
| 2014-06-18 | Make sure to always invoke EVP_CIPHER_CTX_cleanup() before returning in the | Miod Vallat |
| 2014-06-13 | Remove support for the `opaque PRF input' extension, which draft has expired | Miod Vallat |
| 2014-06-12 | tags as requested by miod and tedu | Theo de Raadt |
| 2014-06-04 | Sanitize use of client_opaque_prf_input: set it to NULL immediately after | Miod Vallat |
| 2014-06-04 | without overthinking it, replace a few memcmp calls with CRYPTO_memcmp | Ted Unangst |
| 2014-05-31 | ECDH and ECDSA will not work overly well if there is no EC, so unifdef | Joel Sing |
| 2014-05-31 | TLS would not be entirely functional without extensions, so unifdef | Joel Sing |
| 2014-05-30 | remove some #if 0 code. we don't need any more reminders that we're using | Ted Unangst |
| 2014-05-30 | Make use of SSL_IS_DTLS, SSL_USE_EXPLICIT_IV, SSL_USE_SIGALGS and | Joel Sing |
| 2014-05-29 | unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. | Ted Unangst |
| 2014-05-29 | Make it substantially easier to identify protocol version requirements | Joel Sing |
| 2014-05-28 | There is no point in checking if a pointer is non-NULL before calling free, | Joel Sing |
| 2014-05-26 | Replace the following logic: | Miod Vallat |
| 2014-05-26 | tls_decrypt_ticket(): memory leak and uncleaned EVP_CIPHER_CTX upon error. | Miod Vallat |
| 2014-05-24 | Use C99 initialisers for SSL3_ENC_METHOD structs. | Joel Sing |
| 2014-05-24 | Enable three brainpool elliptic curves for TLS, as specified in RFC 7027; | Miod Vallat |
| 2014-05-24 | Use sizeof(cryptopro_ext) instead of 36 when applicable. | Miod Vallat |
| 2014-05-22 | More KNF. | Joel Sing |
| 2014-05-19 | Fix several bounds checks in ssl_add_clienthello_tlsext() and | Miod Vallat |
| 2014-05-05 | Remove SRP and Kerberos support from libssl. These are complex protocols | Ted Unangst |
| 2014-04-26 | Appease gcc3 -Wuninitialized. | Miod Vallat |
| 2014-04-21 | more malloc/realloc/calloc cleanups; ok beck kettenis | Theo de Raadt |
