Age | Commit message (Collapse) | Author | |
---|---|---|---|
2012-04-26 | prepare for next version | Dr. Stephen Henson | |
2012-04-26 | make updateOpenSSL_1_0_1b | Dr. Stephen Henson | |
2012-04-26 | prepare for 1.0.1b release | Dr. Stephen Henson | |
2012-04-26 | update NEWS | Dr. Stephen Henson | |
2012-04-26 | CHANGES: clarify. | Andy Polyakov | |
2012-04-26 | CHANGEs: fix typos and clarify. | Andy Polyakov | |
2012-04-25 | Change value of SSL_OP_NO_TLSv1_1 to avoid clash with SSL_OP_ALL and | Dr. Stephen Henson | |
OpenSSL 1.0.0. Add CHANGES entry noting the consequences. | |||
2012-04-25 | s23_clnt.c: ensure interoperability by maitaining client "version capability" | Andy Polyakov | |
vector contiguous [from HEAD]. PR: 2802 | |||
2012-04-22 | correct error code | Dr. Stephen Henson | |
2012-04-22 | check correctness of errors before updating them so we don't get bogus ↵ | Dr. Stephen Henson | |
errors added | |||
2012-04-22 | correct old FAQ answers, sync with HEAD | Dr. Stephen Henson | |
2012-04-20 | e_rc4_hmac_md5.c: reapply commit#21726, which was erroneously omitted. | Andy Polyakov | |
PR: 2797, 2792 | |||
2012-04-20 | call OPENSSL_init when calling FIPS_mode too | Dr. Stephen Henson | |
2012-04-20 | make ciphers work again for FIPS builds | Dr. Stephen Henson | |
2012-04-19 | e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms | Andy Polyakov | |
[from HEAD]. PR: 2792 | |||
2012-04-19 | update for next version | Dr. Stephen Henson | |
2012-04-19 | prepare for 1.0.1a releaseOpenSSL_1_0_1a | Dr. Stephen Henson | |
2012-04-19 | update NEWS | Dr. Stephen Henson | |
2012-04-19 | Check for potentially exploitable overflows in asn1_d2i_read_bio | Dr. Stephen Henson | |
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer in CRYPTO_realloc_clean. Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110) | |||
2012-04-19 | Makefile.org: clear yet another environment variable [from HEAD]. | Andy Polyakov | |
PR: 2793 | |||
2012-04-18 | only call FIPS_cipherinit in FIPS mode | Dr. Stephen Henson | |
2012-04-18 | e_rc4_hmac_md5.c: update from HEAD, fixes crash on legacy Intel CPUs. | Andy Polyakov | |
PR: 2792 | |||
2012-04-18 | update NEWS | Dr. Stephen Henson | |
2012-04-18 | correct error code | Dr. Stephen Henson | |
2012-04-17 | Disable SHA-2 ciphersuites in < TLS 1.2 connections. | Bodo Möller | |
(TLS 1.2 clients could end up negotiating these with an OpenSSL server with TLS 1.2 disabled, which is problematic.) Submitted by: Adam Langley | |||
2012-04-17 | Additional workaround for PR#2771 | Dr. Stephen Henson | |
If OPENSSL_MAX_TLS1_2_CIPHER_LENGTH is set then limit the size of client ciphersuites to this value. A value of 50 should be sufficient. Document workarounds in CHANGES. | |||
2012-04-17 | Partial workaround for PR#2771. | Dr. Stephen Henson | |
Some servers hang when presented with a client hello record length exceeding 255 bytes but will work with longer client hellos if the TLS record version in client hello does not exceed TLS v1.0. Unfortunately this doesn't fix all cases... | |||
2012-04-16 | OPENSSL_NO_SOCK fixes [from HEAD]. | Andy Polyakov | |
PR: 2791 Submitted by: Ben Noordhuis | |||
2012-04-16 | Minor compatibility fixes [from HEAD]. | Andy Polyakov | |
PR: 2790 Submitted by: Alexei Khlebnikov | |||
2012-04-15 | s3_srvr.c: fix typo [from HEAD]. | Andy Polyakov | |
PR: 2538 | |||
2012-04-15 | e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag | Andy Polyakov | |
countermeasure [from HEAD]. PR: 2778 | |||
2012-04-12 | s390x asm pack: fix typos. | Andy Polyakov | |
2012-04-11 | oops, macro not present in OpenSSL 1.0.2 | Dr. Stephen Henson | |
2012-04-11 | fix reset fix | Dr. Stephen Henson | |
2012-04-11 | make reinitialisation work for CMAC | Dr. Stephen Henson | |
2012-04-10 | update rather ancient EVP digest documentation | Dr. Stephen Henson | |
2012-04-09 | aes-s390x.pl: fix crash in AES_set_decrypt_key in linux32-s390x build [from ↵ | Andy Polyakov | |
HEAD]. | |||
2012-04-05 | aes-armv4.pl: make it more foolproof [inspired by aes-s390x.pl in 1.0.1]. | Andy Polyakov | |
2012-04-05 | aes-s390x.pl: fix endless loop in linux32-s390x build. | Andy Polyakov | |
2012-04-04 | ssl/ssl_ciph.c: interim solution for assertion in d1_pkt.c(444) [from HEAD]. | Andy Polyakov | |
PR: 2778 | |||
2012-03-31 | CHANGES: mention vpaes fix and harmonize with 1.0.0. | Andy Polyakov | |
PR: 2775 | |||
2012-03-31 | PR: 2778(part) | Dr. Stephen Henson | |
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com> Time is always encoded as 4 bytes, not sizeof(Time). | |||
2012-03-31 | modes_lcl.h: make it work on i386 [from HEAD]. | Andy Polyakov | |
PR: 2780 | |||
2012-03-31 | vpaes-x86[_64].pl: handle zero length in vpaes_cbc_encrypt [from HEAD]. | Andy Polyakov | |
PR: 2775 | |||
2012-03-31 | util/cygwin.sh update [from HEAD]. | Andy Polyakov | |
PR: 2761 Submitted by: Corinna Vinschen | |||
2012-03-30 | bn/bn_gf2m.c: make new BN_GF2m_mod_inv work with BN_DEBUG_RAND [from HEAD]. | Andy Polyakov | |
2012-03-29 | Experimental workaround to large client hello issue (see PR#2771). | Dr. Stephen Henson | |
If OPENSSL_NO_TLS1_2_CLIENT is set then TLS v1.2 is disabled for clients only. | |||
2012-03-29 | perlasm/x86masm.pl: fix last fix [from HEAD]. | Andy Polyakov | |
2012-03-29 | ans1/tasn_prn.c: avoid bool in variable names [from HEAD]. | Andy Polyakov | |
PR: 2776 | |||
2012-03-22 | fix leak | Dr. Stephen Henson | |