evp: prevent underflow in base64 decoding
[openssl.git] / ssl /
2014-04-30 Matt CaswellFixed spelling error in error message. Fix supplied...
2014-04-23 Ben LaurieFix use after free.
2014-04-22 Ben LaurieFix double frees.
2014-04-08 Steven M. SchwedaVMS build fix #2.
2014-04-07 Steven M. SchwedaVMS build fix for older compilers.
2014-04-07 Dr. Stephen HensonAdd heartbeat extension bounds check.
2014-04-05 Dr. Stephen HensonSet TLS padding extension value.
2014-03-10 Dr. Stephen Hensontypo
2014-02-26 Dr. Stephen HensonFix for WIN32 builds with KRB5
2014-02-25 Andy Polyakovssl/t1_enc.c: check EVP_MD_CTX_copy return value.
2014-02-05 Dr. Stephen HensonBackport TLS padding extension from master.
2014-01-28 Dr. Stephen HensonCheck i before r[i].
2014-01-16 Kaspar BrandOmit initial status request callback check.
2014-01-11 Zoltan ArpadffyVMS fixes
2014-01-08 Dr. Stephen HensonFix warning
2014-01-06 Dr. Stephen HensonFix for TLS record tampering bug CVE-2013-4353
2014-01-06 Dr. Stephen Hensonmake update
2014-01-04 Dr. Stephen HensonRestore SSL_OP_MSIE_SSLV2_RSA_PADDING
2014-01-02 Dr. Stephen HensonDon't change version number if session established
2013-12-20 Dr. Stephen HensonFix DTLS retransmission from previous session.
2013-12-19 Dr. Stephen HensonUse version in SSL_METHOD not SSL structure.
2013-12-18 Dr. Stephen HensonCheck EVP errors for handshake digests.
2013-12-08 Dr. Stephen Hensonmake update
2013-11-06 Dr. Stephen HensonEnable PSK in FIPS mode.
2013-11-01 Robin SeggelmannDTLS/SCTP Finished Auth Bug
2013-10-20 Nick MathewsonFix another gmt_unix_time case in server_random
2013-10-20 Dr. Stephen HensonDon't use RSA+MD5 with TLS 1.2
2013-10-19 Ben LaurieMore cleanup.
2013-10-19 Ben LaurieCleanup.
2013-10-19 Ben LaurieMerge branch 'no_gmt_unix_time' of git://github.com...
2013-10-09 Nick MathewsonControl sending time with SSL_SEND_{CLIENT,SERVER}RANDO...
2013-10-09 Nick MathewsonRefactor {client,server}_random to call an intermediate...
2013-09-16 Nick MathewsonDo not include a timestamp in the ServerHello Random...
2013-09-16 Nick MathewsonDo not include a timestamp in the ClientHello Random...
2013-09-16 Rob StradlingTidy up comments.
2013-09-16 Rob StradlingUse TLS version supplied by client when fingerprinting...
2013-09-16 Rob StradlingFix compilation with no-ec and/or no-tlsext.
2013-09-16 Rob StradlingDon't prefer ECDHE-ECDSA ciphers when the client appear...
2013-08-13 Michael TuexenDTLS message_sequence number wrong in rehandshake Serve...
2013-08-08 Michael TuexenDTLS handshake fix.
2013-04-08 Dr. Stephen HensonSet s->d1 to NULL after freeing it.
2013-03-19 Dr. Stephen HensonDisable compression for DTLS.
2013-03-18 Michael TuexenAvoid unnecessary fragmentation.
2013-02-12 David WoodhouseCheck DTLS_BAD_VER for version number.
2013-02-11 Dr. Stephen HensonFix for SSL_get_certificate
2013-02-11 Dr. Stephen HensonFix in ssltest is no-ssl2 configured
2013-02-09 Andy Polyakovssl/*: fix linking errors with no-srtp.
2013-02-09 Andy Polyakovssl/s3_[clnt|srvr].c: fix warnings.
2013-02-08 Andy Polyakovs3_cbc.c: make CBC_MAC_ROTATE_IN_PLACE universal.
2013-02-08 Andy Polyakovs3_cbc.c: get rid of expensive divisions [from master].
2013-02-08 Ben LaurieRemove extraneous brackets (clang doesn't like them).
2013-02-07 Andy Polyakovssl/[d1|s3]_pkt.c: harmomize orig_len handling.
2013-02-07 Dr. Stephen HensonFix IV check and padding removal.
2013-02-06 Adam LangleyFix for EXP-RC2-CBC-MD5
2013-02-04 Dr. Stephen Hensonmake update
2013-02-04 Dr. Stephen HensonFix error codes.
2013-02-02 Andy Polyakove_aes_cbc_hmac_sha1.c: address the CBC decrypt timing...
2013-02-01 Andy Polyakovssl/*: remove SSL3_RECORD->orig_len to restore binary...
2013-02-01 Andy Polyakovssl/*: remove SSL3_RECORD->orig_len to restore binary...
2013-02-01 Dr. Stephen HensonDon't access EVP_MD_CTX internals directly.
2013-02-01 Andy Polyakovs3/s3_cbc.c: allow for compilations with NO_SHA256...
2013-02-01 Andy Polyakovssl/s3_cbc.c: md_state alignment portability fix.
2013-02-01 Andy Polyakovssl/s3_cbc.c: uint64_t portability fix.
2013-01-31 Dr. Stephen Hensontypo.
2013-01-31 Dr. Stephen HensonMerge branch 'ben/timing-1.0.1' into OpenSSL_1_0_1...
2013-01-31 Dr. Stephen HensonTiming fix mitigation for FIPS mode.
2013-01-28 Ben LaurieOops. Add missing file.
2013-01-28 Ben LaurieUpdate DTLS code to match CBC decoding in TLS.
2013-01-28 Ben LaurieDon't crash when processing a zero-length, TLS >= 1...
2013-01-28 Ben LaurieMake CBC decoding constant time.
2013-01-28 Ben LaurieAdd and use a constant-time memcmp.
2012-11-22 Dr. Stephen Hensonreject zero length point format list or supported curve...
2012-11-15 Dr. Stephen Hensonadd "missing" TLSv1.2 cipher alias
2012-09-21 Dr. Stephen HensonMinor enhancement to PR#2836 fix. Instead of modifying...
2012-09-21 Richard Levitte* ssl/t1_enc.c (tls1_change_cipher_state): Stupid bug...
2012-09-17 Ben LaurieCall OCSP Stapling callback after ciphersuite has been...
2012-06-27 Dr. Stephen Hensondon't use pseudo digests for default values of keys
2012-06-08 Ben LaurieReduce version skew.
2012-05-16 Andy Polyakovs2_clnt.c: compensate for compiler bug [from HEAD].
2012-05-11 Dr. Stephen HensonPR: 2811
2012-05-10 Dr. Stephen HensonPR: 2806
2012-05-10 Dr. Stephen HensonSanity check record length before skipping explicit...
2012-05-10 Richard LevitteDon't forget to install srtp.h as well
2012-05-10 Dr. Stephen Hensonoops, revert unrelated change
2012-05-10 Dr. Stephen HensonReported by: Solar Designer of Openwall
2012-04-26 Dr. Stephen HensonDon't try to use unvalidated composite ciphers in FIPS...
2012-04-25 Dr. Stephen HensonChange value of SSL_OP_NO_TLSv1_1 to avoid clash with...
2012-04-25 Andy Polyakovs23_clnt.c: ensure interoperability by maitaining clien...
2012-04-18 Dr. Stephen Hensoncorrect error code
2012-04-17 Bodo MöllerDisable SHA-2 ciphersuites in < TLS 1.2 connections.
2012-04-17 Dr. Stephen HensonAdditional workaround for PR#2771
2012-04-17 Dr. Stephen HensonPartial workaround for PR#2771.
2012-04-16 Andy PolyakovOPENSSL_NO_SOCK fixes [from HEAD].
2012-04-15 Andy Polyakovs3_srvr.c: fix typo [from HEAD].
2012-04-15 Andy Polyakove_aes_cbc_hmac_sha1.c: handle zero-length payload and...
2012-04-04 Andy Polyakovssl/ssl_ciph.c: interim solution for assertion in d1_pk...
2012-03-31 Dr. Stephen HensonPR: 2778(part)
2012-03-29 Dr. Stephen HensonExperimental workaround to large client hello issue...
2012-03-21 Dr. Stephen Hensonuse client version when deciding whether to send suppor...
2012-03-13 Andy Polyakovssl/t1_enc.c: pay attention to EVP_CIPH_FLAG_CUSTOM_CIP...