Harden ASN.1 BIO handling of large amounts of data.
[openssl.git] / ssl /
2016-04-07 David BenjaminFix memory leak on invalid CertificateRequest.
2016-03-18 Matt CaswellAdd a check for a failed malloc
2016-03-18 Matt CaswellEnsure that memory allocated for the ticket is freed
2016-03-14 Kurt RoeckxAdd no-ssl2-method
2016-03-09 Viktor Dukhovniexpose SSLv2 method prototypes
2016-03-08 Viktor DukhovniRetain SSLv2 methods as functions that return NULL
2016-03-07 Kurt RoeckxRemove LOW from the default
2016-03-01 Matt Caswellmake update
2016-03-01 Viktor DukhovniDisable EXPORT and LOW SSLv3+ ciphers by default
2016-03-01 Viktor DukhovniDisable SSLv2 default build, default negotiation and...
2016-01-28 Viktor DukhovniBetter SSLv2 cipher-suite enforcement
2016-01-28 Matt CaswellAlways generate DH keys for ephemeral DH cipher suites
2016-01-19 Alessandro GhediniValidate ClientHello session_id field length and send...
2016-01-17 Viktor DukhovniEmpty SNI names are not valid
2016-01-10 Kurt RoeckxChange minimum DH size from 768 to 1024
2015-12-27 Matt CaswellEnsure we don't call the OCSP callback if resuming...
2015-12-27 Matt CaswellFix error when server does not send CertificateStatus...
2015-12-19 Matt CaswellFix more URLs mangled by reformat
2015-12-18 Richard LevitteRemove the "eay" c-file-style indicators
2015-12-10 Matt CaswellEnsure |rwstate| is set correctly on BIO_flush
2015-12-10 Matt CaswellFix DTLS handshake fragment retries
2015-12-02 Dr. Stephen Hensontypo
2015-12-02 Richard Levitte_BSD_SOURCE is deprecated, use _DEFAULT_SOURCE instead
2015-11-30 Matt CaswellReturn errors even if the cookie validation has succeeded
2015-11-24 Pascal Cuoqssl3_free(): Return if it wasn't created
2015-11-24 Kurt RoeckxSet reference count earlier
2015-11-20 Matt CaswellEnsure all EVP calls have their returns checked where...
2015-11-10 Matt CaswellStop DTLS servers asking for unsafe legacy renegotiation
2015-11-10 Matt CaswellOnly call ssl3_init_finished_mac once for DTLS
2015-11-09 Matt CaswellFix missing malloc return value checks
2015-10-23 Alessandro GhediniRemove useless code
2015-10-23 Alessandro GhediniFix references to various RFCs
2015-10-23 Alessandro GhediniFix memory leaks and other mistakes on errors
2015-10-05 Matt CaswellChange functions to pass in a limit rather than calcula...
2015-10-05 Alessandro GhediniValidate ClientHello extension field length
2015-09-28 Emilia KasperRT2772: accept empty SessionTicket
2015-09-20 Dr. Stephen HensonHandle SSL_ERROR_WANT_X509_LOOKUP
2015-09-16 Ivo RaisrMake no-psk compile without warnings.
2015-09-15 Rich SalzRT4044: Remove .cvsignore files.
2015-09-01 Matt CaswellFix session resumption
2015-09-01 Matt CaswellFix building with OPENSSL_NO_TLSEXT.
2015-08-26 Matt CaswellFix DTLS session ticket renewal
2015-08-11 Matt CaswellFix "make test" seg fault with SCTP enabled
2015-08-11 Matt CaswellFix missing return value checks in SCTP
2015-08-11 Guy Leaver (guleaver)Fix seg fault with 0 p val in SKE
2015-07-27 Matt CaswellFix SSL_set_session_ticket_ext when used with SSLv23_method
2015-07-27 Matt CaswellAdd test for SSL_set_session_ticket_ext
2015-07-02 Dr. Stephen HensonFix PSK handling.
2015-06-12 Adam LangleyAllow a zero length extension block
2015-06-11 Matt CaswellMore ssl_session_dup fixes
2015-06-10 Kurt RoeckxOnly allow a temporary rsa key exchange when they key...
2015-06-10 Kurt RoeckxProperly check certificate in case of export ciphers.
2015-06-10 Matt CaswellDTLS handshake message fragments musn't span packets
2015-06-10 Matt CaswellTighten extension handling
2015-06-10 Matt CaswellFix Kerberos issue in ssl_session_dup
2015-06-08 Emilia KasperUse CRYPTO_memcmp in s3_cbc.c
2015-06-04 Matt CaswellRemove misleading comment
2015-06-04 Matt CaswellClean premaster_secret for GOST
2015-06-04 Matt CaswellClean Kerberos pre-master secret
2015-06-02 Matt CaswellFix race condition in NewSessionTicket
2015-06-02 Matt CaswellClear state in DTLSv1_listen
2015-05-31 Matt CaswellCheck the message type requested is the type received...
2015-05-26 Emilia KasperFix ssltest to use 1024-bit DHE parameters
2015-05-26 Matt CaswellDon't check for a negative SRP extension size
2015-05-25 Matt CaswellDon't send an alert if we've just received one
2015-05-23 Richard LevitteFix the update target and remove duplicate file updates
2015-05-22 LubomLost alert in DTLS
2015-05-20 Kurt RoeckxCorrectly check for export size limit
2015-05-20 Emilia Kasperclient: reject handshakes with DH parameters < 768...
2015-05-13 Matt CaswellDon't allow a CCS when expecting a CertificateVerify
2015-05-11 Matt CaswellCheck sk_SSL_CIPHER_new_null return value
2015-05-05 Matt CaswellAdd more error state transitions (DTLS)
2015-05-05 Matt CaswellAdd more error state transitions (client)
2015-05-05 Matt CaswellAdd more error state transitions
2015-05-05 Matt CaswellAdd Error state
2015-04-30 Matt CaswellAdd sanity check to ssl_get_prev_session
2015-04-30 Matt CaswellSanity check the return from final_finish_mac
2015-04-30 Matt CaswellAdd sanity check in ssl3_cbc_digest_record
2015-04-30 Matt CaswellSanity check EVP_CTRL_AEAD_TLS_AAD
2015-04-29 Matt CaswellAdd length sanity check in SSLv2 n_do_ssl_write()
2015-04-21 Emilia KasperRepair EAP-FAST session resumption
2015-04-21 Emilia Kaspermake update
2015-04-17 Emilia KasperError out immediately on empty ciphers list.
2015-04-16 Viktor DukhovniCode style: space after 'if'
2015-04-14 Matt CaswellFix ssl_get_prev_session overrun
2015-04-14 Matt CaswellCheck for ClientHello message overruns
2015-04-08 Emilia KasperHarden SSLv2-supporting servers against Bleichenbacher...
2015-03-25 Matt CaswellFix RAND_(pseudo_)?_bytes returns
2015-03-24 Kurt RoeckxDon't send a for ServerKeyExchange for kDHr and kDHd
2015-03-19 Matt CaswellFix unsigned/signed warnings
2015-03-19 Emilia KasperFix reachable assert in SSLv2 servers.
2015-03-17 Matt CaswellAdd sanity check to PRF
2015-03-11 Matt CaswellCleanse buffers
2015-03-10 Emilia KasperHarmonize return values in dtls1_buffer_record
2015-03-08 Dr. Stephen Hensonfix warning
2015-03-07 Kurt RoeckxRemove export ciphers from the DEFAULT cipher list
2015-03-05 Kurt CancemiUse constants not numbers
2015-02-27 Matt CaswellFix d2i_SSL_SESSION for DTLS1_BAD_VER
2015-02-27 Matt CaswellFixed missing return value checks.
2015-02-27 Matt CaswellFix missing return value checks.
next