Fix for CVE-2014-0224
[openssl.git] / ssl / s3_clnt.c
2014-06-03 Dr. Stephen HensonFix for CVE-2014-0224
2013-02-09 Andy Polyakovssl/s3_[clnt|srvr].c: fix warning and linking error.
2012-12-10 Dr. Stephen HensonPR: 2888
2011-12-26 Dr. Stephen HensonPR: 2326
2010-12-02 Dr. Stephen Hensonfix for CVE-2010-4180
2010-10-10 Dr. Stephen HensonPR: 2314
2010-06-12 Ben LaurieFix gcc 4.6 warnings. Check TLS server hello extension...
2010-01-26 Dr. Stephen HensonPR: 1949
2009-12-08 Dr. Stephen HensonAdd support for magic cipher suite value (MCSV). Make...
2009-12-01 Dr. Stephen HensonPR: 2115
2009-11-08 Dr. Stephen HensonRe-revert (re-insert?) temporary change that made reneg...
2009-11-08 Ben LaurieRevert renegotiation-breaking change.
2009-10-30 Dr. Stephen HensonGenerate stateless session ID just after the ticket...
2009-10-28 Dr. Stephen HensonDon't attempt session resumption if no ticket is presen...
2009-04-19 Dr. Stephen HensonPR: 1751
2009-02-14 Dr. Stephen HensonPR: 1835
2009-01-07 Dr. Stephen HensonProperly check EVP_VerifyFinal() and similar return...
2008-12-29 Dr. Stephen HensonAvoid signed/unsigned compare warnings.
2008-11-10 Dr. Stephen HensonMake -DKSSL_DEBUG work again.
2008-06-16 Dr. Stephen HensonMake ssl code consistent with FIPS branch. The new...
2008-06-04 Dr. Stephen HensonBackport more ENGINE SSL client auth code to 0.9.8.
2008-05-28 Bodo Möllerfix whitespace
2008-05-28 Mark J. CoxFix flaw if 'Server Key exchange message' is omitted...
2008-04-29 Dr. Stephen HensonDo not permit stateless session resumption is session...
2007-11-03 Dr. Stephen HensonAllow new session ticket when resuming.
2007-10-14 Andy PolyakovMake ssl compile.
2007-10-12 Dr. Stephen HensonBackport certificate status request TLS extension suppo...
2007-08-31 Dr. Stephen HensonUpdate from HEAD.
2007-08-12 Dr. Stephen HensonBackport of TLS extension code to OpenSSL 0.9.8.
2007-03-09 Dr. Stephen HensonFix kerberos ciphersuite bugs introduced with PR:1336.
2006-09-28 Richard LevitteFixes for the following claims:
2005-12-13 Bodo Möllerupdate TLS-ECC code
2005-12-05 Dr. Stephen HensonFix from HEAD.
2005-09-30 Dr. Stephen HensonUpdate from HEAD.
2005-08-05 Dr. Stephen HensonInitialize SSL_METHOD structures at compile time. This...
2005-07-16 Nils Larschmake
2005-05-17 cvs2svnThis commit was manufactured by cvs2svn to create branch
2005-05-16 Nils Larschecc api cleanup; summary:
2005-05-11 Bodo MöllerDon't use the SSL 2.0 Client Hello format if SSL 2...
2005-05-10 Nils Larschgive EC_GROUP_new_by_nid a more meanigful name:
2005-04-29 Nils Larschcheck return value of RAND_pseudo_bytes; backport from...
2005-04-26 Bodo MöllerFix various incorrect error function codes.
2005-04-26 Ben LaurieAdd DTLS support.
2005-04-23 Nils Larschchange prototype of the ecdh KDF: make input parameter...
2005-03-22 Dr. Stephen HensonEnsure (SSL_RANDOM_BYTES - 4) of pseudo random data...
2004-05-17 Geoff ThorpeDeprecate quite a few recursive includes from the ssl...
2004-04-19 Geoff Thorpe(oops) Apologies all, that last header-cleanup commit...
2004-03-15 Richard LevitteConstify d2i, s2i, c2i and r2i functions and other...
2003-12-27 Richard LevitteAvoid including cryptlib.h, it's not really needed.
2003-11-28 Richard LevitteRSA_size() and DH_size() return the amount of bytes...
2003-10-29 Geoff ThorpeA general spring-cleaning (in autumn) to fix up signed...
2003-09-27 Richard LevitteHave ssl3_ssl3_send_client_verify() change the state...
2003-07-22 Bodo Möllerupdates for draft-ietf-tls-ecc-03.txt
2003-02-28 Bodo Möller- new ECDH_compute_key interface (KDF is no longer...
2003-02-28 Bodo Mölleruse tabs for indentation, not spaces
2002-12-21 Richard LevitteStop a possible memory leak.
2002-11-28 Richard LevitteCleanse memory using the new OPENSSL_cleanse() function.
2002-11-20 Lutz JänickeFix bug introduced by the attempt to fix client side...
2002-11-15 Lutz JänickeThe pointer to the cipher object is not yet set, when...
2002-11-13 Ben LaurieSecurity fixes brought forward from 0.9.7.
2002-10-29 Bodo MöllerSun has agreed to removing the covenant language from...
2002-09-25 Bodo Möllerreally fix race conditions
2002-09-23 Bodo Möllerreally fix race condition
2002-09-19 Bodo Möllerthere is no minimum length for session IDs
2002-09-19 Bodo Möllerfix race condition
2002-08-12 Bodo Möllerfix comment
2002-08-12 Bodo Möllerget rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC...
2002-08-09 Bodo MöllerECC ciphersuite support
2002-08-02 Bodo Möllerget rid of OpenSSLDie
2002-07-30 Lutz JänickeOpenSSL Security Advisory [30 July 2002]
2002-07-10 Lutz JänickeReorder inclusion of header files:
2002-03-14 Dr. Stephen HensonInitialize cipher context in KRB5
2002-01-14 Bodo MöllerBugfix: In ssl3_accept, don't use a local variable...
2002-01-14 Bodo MöllerReturn -1 from ssl3_get_server_done (ssl3/s3_clnt.c) if
2002-01-12 Ben LauriePrototype info function.
2001-10-25 Bodo MöllerConsistency with s2_... and s23_... variants (no real...
2001-10-24 Bodo MöllerFix SSL handshake functions and SSL_clear() such that...
2001-10-17 Richard LevitteThe EVP_*Init_ex() functions take one extra argument...
2001-10-17 Dr. Stephen HensonModify EVP cipher behaviour in a similar way
2001-10-16 Dr. Stephen HensonRetain compatibility of EVP_DigestInit() and EVP_Digest...
2001-10-15 Bodo MöllerChange ssl3_get_message and the functions using it...
2001-10-10 Richard LevitteTo avoid commit wars over dependencies, let's make...
2001-09-11 Lutz JänickeMake maximum certifcate chain size accepted from the...
2001-08-07 Bodo MöllerBugfix: larger message size in ssl3_get_key_exchange...
2001-07-31 Richard LevitteMore Kerberos SSL changes from Jeffrey Altman <jaltman...
2001-07-30 Ben LaurieReally add the EVP and all of the DES changes.
2001-07-12 Richard LevitteSome of the Kerberos code had dissapeared. Reapply.
2001-07-11 Richard LevitteInclude kssl_lcl.h where needed.
2001-07-09 Richard LevittePatches from Vern Staats <staatsvr@asc.hpc.mil> to...
2001-06-19 Dr. Stephen HensonChange all calls to low level digest routines in the...
2001-03-07 Bodo MöllerFix ERR_R_... problems.
2001-02-20 Richard LevitteUse new-style system-id macros everywhere possible...
2000-11-30 Richard LevitteFirst tentative impementation of Kerberos 5 cryptos...
2000-11-29 Lutz JänickeStore verify_result with sessions to avoid potential...
2000-09-04 Bodo MöllerAvoid abort() throughout the library, except when prepr...
2000-07-02 Bodo MöllerFix code structure (if ... else if ... where both parts
2000-06-01 Geoff ThorpeThe previous commit to crypto/stack/*.[ch] pulled the...
2000-05-27 Bodo MöllerBugfix: clear error queue after ignoring ssl_verify_cer...
2000-03-27 Bodo MöllerComments for SSL_get_peer_cert_chain inconsistency.
2000-02-03 Ulf Möllerispell (and minor modifications)
next