| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2010-10-11 | PR: 2295 | Dr. Stephen Henson | |
| Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination. | |||
| 2010-06-12 | Fix gcc 4.6 warnings. Check TLS server hello extension length. | Ben Laurie | |
| 2009-09-27 | Make it build, plus make depend. | Ben Laurie | |
| 2009-09-22 | Don't set non fips allow flags when calling RSA_new() and DSA_new(). | Dr. Stephen Henson | |
| 2009-09-09 | Seed PRNG with DSA and ECDSA digests for additional protection against | Dr. Stephen Henson | |
| possible PRNG state duplication. | |||
| 2008-11-05 | Change old obsolete email address... | Dr. Stephen Henson | |
| 2008-09-17 | Make update: delete duplicate error code. | Dr. Stephen Henson | |
| 2008-09-16 | Merge changes to build system from fips branch. | Dr. Stephen Henson | |
| 2008-09-16 | Merge public key FIPS code, RSA, DSA, DH. | Dr. Stephen Henson | |
| 2008-09-14 | Fix error code discrepancy. | Dr. Stephen Henson | |
| Make update. | |||
| 2007-10-05 | Fix from fips branch. | Dr. Stephen Henson | |
| 2007-03-28 | Change to mitigate branch prediction attacks | Bodo Möller | |
| Submitted by: Matthew D Wood Reviewed by: Bodo Moeller | |||
| 2007-01-21 | Update from HEAD. | Dr. Stephen Henson | |
| 2006-11-21 | Rebuild error file C source files. | Dr. Stephen Henson | |
| 2006-09-28 | Introduce limits to prevent malicious keys being able to | Mark J. Cox | |
| cause a denial of service. (CVE-2006-2940) [Steve Henson, Bodo Moeller] Fix ASN.1 parsing of certain invalid structures that can result in a denial of service. (CVE-2006-2937) [Steve Henson] Fix buffer overflow in SSL_get_shared_ciphers() function. (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team] Fix SSL client code which could crash if connecting to a malicious SSLv2 server. (CVE-2006-4343) [Tavis Ormandy and Will Drewry, Google Security Team] | |||
| 2006-02-04 | Update filenames in makefiles | Dr. Stephen Henson | |
| 2005-07-16 | make | Nils Larsch | |
| ./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa] make all test work again (+ make update) PR: 1159 | |||
| 2005-05-27 | Use BN_with_flags() in a cleaner way. | Bodo Möller | |
| 2005-05-26 | make sure DSA signing exponentiations really are constant-time | Bodo Möller | |
| 2005-05-16 | Further BUILDENV refinement, further fool-proofing of Makefiles and | Andy Polyakov | |
| [most importantly] put back dependencies accidentaly eliminated in check-in #13342. | |||
| 2005-05-16 | Implement fixed-window exponentiation to mitigate hyper-threading | Bodo Möller | |
| timing attacks. BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for RSA/DSA/DH private key computations unless RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/ DH_FLAG_NO_EXP_CONSTTIME is set. Submitted by: Matthew D Wood Reviewed by: Bodo Moeller | |||
| 2005-05-15 | Fool-proofing Makefiles | Andy Polyakov | |
| 2005-05-09 | improve comment readability | Bodo Möller | |
| 2005-04-27 | Change method_mont_p from (char *) to (BN_MONT_CTX *) and remove several | Dr. Stephen Henson | |
| casts. | |||
| 2005-04-26 | Port BN_MONT_CTX_set_locked() from stable branch. | Dr. Stephen Henson | |
| The function rsa_eay_mont_helper() has been removed because it is no longer needed after this change. | |||
| 2005-04-23 | Add debug target, remove cast, note possible bug. | Ben Laurie | |
| 2005-04-22 | - use BN_set_negative and BN_is_negative instead of BN_set_sign | Nils Larsch | |
| and BN_get_sign - implement BN_set_negative as a function - always use "#define BN_is_zero(a) ((a)->top == 0)" | |||
| 2005-04-12 | Rebuild error codes. | Dr. Stephen Henson | |
| 2005-04-11 | Add emacs cache files to .cvsignore. | Richard Levitte | |
| 2005-03-31 | Give everything prototypes (well, everything that's actually used). | Ben Laurie | |
| 2005-03-30 | Blow away Makefile.ssl. | Ben Laurie | |
| 2005-03-28 | when building with OPENSSL_NO_DEPRECATED defined BN_zero is a macro | Nils Larsch | |
| which cannot be evaluated in an if statement | |||
| 2004-12-05 | Remaing bits of PR:620 relevant to 0.9.8. | Dr. Stephen Henson | |
| 2004-11-02 | Don't use $(EXHEADER) directly in for loops, as most shells will break | Richard Levitte | |
| if $(EXHEADER) is empty. Notified by many, solution suggested by Carson Gaspar <carson@taltos.org> | |||
| 2004-05-17 | After the latest round of header-hacking, regenerate the dependencies in | Geoff Thorpe | |
| the Makefiles. NB: this commit is probably going to generate a huge posting and it is highly uninteresting to read. | |||
| 2004-05-17 | Deprecate the recursive includes of bn.h from various API headers (asn1.h, | Geoff Thorpe | |
| dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are already declared in ossl_typ.h. Add explicit includes for bn.h in those C files that need access to structure internals or API functions+macros. | |||
| 2004-04-28 | The new BN_CTX code makes this sort of abuse unnecessary. | Geoff Thorpe | |
| 2004-04-19 | make update | Geoff Thorpe | |
| 2004-04-19 | (oops) Apologies all, that last header-cleanup commit was from the wrong | Geoff Thorpe | |
| tree. This further reduces header interdependencies, and makes some associated cleanups. | |||
| 2004-04-19 | Reduce header interdependencies, initially in engine.h (the rest of the | Geoff Thorpe | |
| changes are the fallout). As this could break source code that doesn't directly include headers for interfaces it uses, changes to recursive includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to define this when building and using openssl, and then adapt code where necessary - this is how to stay current. However the mechanism exists for the lethargic. | |||
| 2003-12-27 | Use sh explicitely to run point.sh | Richard Levitte | |
| This is part of a large change submitted by Markus Friedl <markus@openbsd.org> | |||
| 2003-11-28 | Netware-specific changes, | Richard Levitte | |
| PR: 780 Submitted by: Verdon Walker <VWalker@novell.com> Reviewed by: Richard Levitte | |||
| 2003-10-29 | Update any code that was using deprecated functions so that everything builds | Geoff Thorpe | |
| and links with OPENSSL_NO_DEPRECATED defined. | |||
| 2003-10-29 | When OPENSSL_NO_DEPRECATED is defined, deprecated functions are (or should | Geoff Thorpe | |
| be) precompiled out in the API headers. This change is to ensure that if it is defined when compiling openssl, the deprecated functions aren't implemented either. | |||
| 2003-05-01 | make update | Richard Levitte | |
| 2003-04-10 | make update | Richard Levitte | |
| 2003-04-08 | We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form | Richard Levitte | |
| of unneeded includes of openssl/engine.h. | |||
| 2003-04-03 | Correct a lot of printing calls. Remove extra arguments... | Richard Levitte | |
| 2003-03-20 | Make sure we get the definition of OPENSSL_NO_DSA and OPENSSL_NO_SHA. | Richard Levitte | |
| 2003-03-20 | Make sure we get the definition of OPENSSL_NO_ERR. | Richard Levitte | |
 |
index : openssl | |
| Mirror of https://github.com/openssl/openssl | matthias |
| summaryrefslogtreecommitdiffstats |