summaryrefslogtreecommitdiff
path: root/lib/libssl
AgeCommit message (Collapse)Author
2010-04-14Security fix for CVE-2010-0740Jasper Lievisse Adriaanse
"In TLS connections, certain incorrectly formatted records can cause an OpenSSL client or server to crash due to a read attempt at NULL." http://openssl.org/news/secadv_20100324.txt ok deraadt@ djm@ sthen@
2010-04-03Build all manual pages in base with mandoc(1) instead of groff,Ingo Schwarze
excepting the tbl(1) pages, which are less than twenty. "commit the diff that enables it, now" deraadt@
2010-03-04cherrypick patch from OpenSSL 0.9.8m:Damien Miller
*) Always check bn_wexpend() return values for failure. (CVE-2009-3245) [Martin Olsson, Neel Mehta]
2010-02-03Use MACHINE_CPU instead of MACHINE_ARCH to pick the correct machine dependentMiod Vallat
files or directories when applicable. The inspiration and name of MACHINE_CPU come from NetBSD, although the way to provide it to Makefiles is completely different. ok kettenis@
2010-01-31add a fix from OpenSSL CVS for SA38200.Jasper Lievisse Adriaanse
"Modify compression code so it avoids using ex_data free functions. This stops applications that call CRYPTO_free_all_ex_data() prematurely leaking memory." looks ok to markus@
2009-12-31new ipsca root.David Gwynne
2009-12-31ipsca has expiredDavid Gwynne
2009-12-11plug a memory leak; found by parfait, ok djmTheo de Raadt
2009-11-10pull Ben Lauries blind prefix injection fix for CVE-2009-3555 fromMarkus Friedl
openssl 0.9.8l; crank minor version; ok djm@ deraadt@; initially from jsg@
2009-10-31s/Mhz/MHz/, MHz is a multiple of the SI unit hertz (whose symbol is Hz).Igor Sobrado
2009-10-12another cert that makes godaddy.com and launchpad.net (among others) happy.Federico G. Schwindt
found by Guillaume Protet (guillaume dot protet at mortheres dot info) while testing bzr update. deraadt@ ok
2009-08-08remove expired certificates and add startcom ltd.Federico G. Schwindt
beck@ ok
2009-08-07pull string for memcpy; ok hshoexer@Martynas Venckus
2009-05-25add ipsCA as a valid authority.David Gwynne
ok beck@
2009-04-10resync libssl/libcrypto pod documentation - quite a few more pages andDamien Miller
MLINKS; feedback and ok jmc@
2009-04-06crankus majorisDamien Miller
2009-04-06resolve conflictsDamien Miller
2009-04-06import of OpenSSL 0.9.8kDamien Miller
2009-01-30missing ssl_sock_init() call in init_client() (used byDamien Miller
"openssl s_client"), fix an unlikely memory leak
2009-01-30remove some gratuitous changes that do nothing other than inreaseDamien Miller
the size of the diff against openssl mainline
2009-01-12convert a strdup (into a purpose-allocated buffer) in libcrypto to aDamien Miller
memcpy to avoid linker deprecation warnings; pointed out by dkrause@
2009-01-09openssl-0.9.8j enables RFC3546 TLS extensions by default (e.g. the veryDamien Miller
useful "server name indication" that allows multihomed TLS server), so remove the #define to disable it here
2009-01-09adjust Makefile and crank major for openssl-0.9.8jDamien Miller
2009-01-09resolve conflictsDamien Miller
2009-01-09import openssl-0.9.8jDamien Miller
2009-01-08Add a missing MLINK for BIO_new_socket.Owain Ainsworth
Noticed by blambert@. Ok jmc@.
2009-01-05import openssl-0.9.8jDamien Miller
2009-01-05update to openssl-0.9.8i; tested by several, especially krw@Damien Miller
2008-09-19fix some cause of bad TEXTREL on i386 and amd64Otto Moerbeek
- global function calls in .init sections (diff makes them via PLT) - calls to global functions in aes-586.S (made static or local) - global variable accesses in rc4-x86_64.S (now made via GOT) from djm@large; ok miod@
2008-09-10use one call to arc4random_buf() instead of lots of arc4random()Damien Miller
2008-09-08turn off CAST assembler code (i.e. use C implementation) as it has badDamien Miller
relocations that lead to libcrypto.so being marked TEXTREL; linker-fu from drahn@ "go ahead" deraadt@
2008-09-07sparc now requires this bloated library to be -fPICTheo de Raadt
2008-09-07Fix merge botch.Mark Kettenis
ok miod@
2008-09-06remove duplicate definition of OPENSSL_DSA_MAX_MODULUS_BITS spottedDamien Miller
by dtucker@
2008-09-06remerge local tweaks, update per-arch configuration headers, updateDamien Miller
Makefiles, crank shlib_version
2008-09-06resolve conflictsDamien Miller
2008-09-06import of OpenSSL 0.9.8hDamien Miller
2008-07-28Install man pages for the BIO_* libcrypto functions, but not bio.3Jonathan Gray
as the page doesn't directly describe any functions. ok deraadt@
2008-07-25i have to crank this for a ridiculous reason, to save me about 4 hours of workTheo de Raadt
2008-05-07remove duplicates; remove des_random_key; remove unused; sort MLINKS; ok jmc@Markus Friedl
2008-02-26fix memory leak (in one case of unaligned buffers); from Markus KvetterTheo de Raadt
ok markus
2007-10-10Replace use of strcpy(3) and other pointer goo inMoritz Jodeit
SSL_get_shared_ciphers() with strlcat(3). ok deraadt@ markus@
2007-09-27Fix off-by-one buffer overflow in SSL_get_shared_ciphers().Moritz Jodeit
From OpenSSL_0_9_8-stable branch. ok djm@
2007-09-10Proper use of fseek/fseeko macros.Tobias Stoeckmann
OK joris@, otto@
2007-08-21http://openssl.org/news/patch-CVE-2007-3108.txt; ok pval, deraadtMarkus Friedl
2007-08-06Correctly NUL terminate the message buffer that is used with theClaudio Jeker
-starttls option. Without this openssl s_client -starttls crashed with malloc.conf -> J. OK deraadt@, hshoexer@
2007-05-26More comment typos from Diego Casati. Including winners like funtion, allmost,Kenneth R Westerback
oustside, seqencer, toghether, nessissary, etc.
2007-04-06Add proper checks against fgets failure. From Charles Longeau.Ray Lai
OK moritz@, millert@, and jaredy@.
2007-03-28Add the cRLSign bit by default, so that certs generated using this fileChad Loder
will be able to sign CRLs. OK reyk, hshoexer, millert
2007-03-20remove some bogus *p tests from charles longeauTed Unangst
ok deraadt millert
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-01 15:34:08 +0000