summaryrefslogtreecommitdiffstats
path: root/crypto
AgeCommit message (Collapse)Author
2012-01-04update for next versionDr. Stephen Henson
2012-01-04prepare for 0.9.8s releaseDr. Stephen Henson
2012-01-04Fix double free in policy check code (CVE-2011-4109)Dr. Stephen Henson
2012-01-04Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)Dr. Stephen Henson
2011-12-09x86-mont.pl: fix bug in integer-only squaring path [from HEAD].Andy Polyakov
PR: 2648
2011-12-02Fix ecdsatest.c.Bodo Möller
Submitted by: Emilia Kasper
2011-12-02Fix BIO_f_buffer().Bodo Möller
Submitted by: Adam Langley Reviewed by: Bodo Moeller
2011-11-05ppc.pl: fix bug in bn_mul_comba4 [from HEAD].Andy Polyakov
PR: 2636 Submitted by: Charles Bryant
2011-10-26PR: 2632Dr. Stephen Henson
Submitted by: emmanuel.azencot@bull.net Reviewed by: steve Return -1 immediately if not affine coordinates as BN_CTX has not been set up.
2011-10-19BN_BLINDING multi-threading fix.Bodo Möller
Submitted by: Emilia Kasper (Google)
2011-10-09PR: 2482Dr. Stephen Henson
Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
2011-09-23PR: 2606Dr. Stephen Henson
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de> Reviewed by: steve Handle timezones correctly in UTCTime.
2011-09-05Fix memory leak on bad inputs.Bodo Möller
2011-09-05Move OPENSSL_init declaration out of auto-generated code sectionBodo Möller
(it is not auto-generated).
2011-09-02PR: 2576Dr. Stephen Henson
Submitted by: Doug Goldstein <cardoe@gentoo.org> Reviewed by: steve Include header file stdlib.h which is needed on some platforms to get getenv() declaration.
2011-09-01PR: 2340Dr. Stephen Henson
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar> Reviewed by: steve Stop warnings if OPENSSL_NO_DGRAM is defined.
2011-09-01make timing attack protection unconditionalDr. Stephen Henson
2011-09-01PR: 2588Dr. Stephen Henson
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com> Reviewed by: steve Close file pointer.
2011-07-20PR: 2559Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS socket error bug
2011-07-14PR: 2556 (partial)Dr. Stephen Henson
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de> Reviewed by: steve Fix OID routines. Check on encoding leading zero rejection should start at beginning of encoding. Allow for initial digit when testing when to use BIGNUMs which can increase first value by 2 * 40.
2011-07-13perlasm/cbc.pl: fix tail processing bug [from HEAD].Andy Polyakov
PR: 2557
2011-06-22PR: 2470Dr. Stephen Henson
Submitted by: Corinna Vinschen <vinschen@redhat.com> Reviewed by: steve Don't call ERR_remove_state from DllMain.
2011-06-22PR: 2540Dr. Stephen Henson
Submitted by: emmanuel.azencot@bull.net Reviewed by: steve Prevent infinite loop in BN_GF2m_mod_inv().
2011-06-22correctly encode OIDs near 2^32Dr. Stephen Henson
2011-06-06rc4_skey.c [0.9.8]: at some point rc4_skey and x86[_64]cpuid were modifiedAndy Polyakov
to examine bit#20 on x86[_64], but it was erroneously reverted to bit#28 in 2008 in process of FIPS integration.
2011-05-25Fix the ECDSA timing attack mentioned in the paper at:Dr. Stephen Henson
http://eprint.iacr.org/2011/232.pdf Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for bringing this to our attention.
2011-05-25Fix the ECDSA timing attack mentioned in the paper at:Dr. Stephen Henson
http://eprint.iacr.org/2011/232.pdf Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for bringing this to our attention.
2011-04-06check buffer is larger enough before overwritingDr. Stephen Henson
2011-02-08start 0.9.8s-devBodo Möller
2011-02-08OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d)OpenSSL_0_9_8rBodo Möller
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
2011-02-03Assorted bugfixes:Bodo Möller
- RLE decompression boundary case - SSL 2.0 key arg length check Submitted by: Google (Neel Mehta, Bodo Moeller)
2011-01-24PR: 2433Dr. Stephen Henson
Submitted by: Chris Wilson <chris@qwirx.com> Reviewed by: steve Constify ASN1_STRING_set_default_mask_asc().
2011-01-24check EC public key isn't point at infinityDr. Stephen Henson
2011-01-24PR: 1612Dr. Stephen Henson
Submitted by: Robert Jackson <robert@rjsweb.net> Reviewed by: steve Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
2011-01-03PR: 2411Dr. Stephen Henson
Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Fix corner cases in RFC3779 code.
2011-01-03Fix escaping code for string printing. If *any* escaping is enabled weDr. Stephen Henson
must escape the escape character itself (backslash).
2011-01-03PR: 2410Dr. Stephen Henson
Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Use OPENSSL_assert() instead of assert().
2011-01-03use fips-dev not dev-fipsDr. Stephen Henson
2011-01-03PR: 2416Dr. Stephen Henson
Submitted by: Mark Phalan <mark.phalan@oracle.com> Reviewed by: steve Use L suffix in version number.
2010-12-13Add missing explicit instruction size.Bodo Möller
[CVS head and later branches have this since revision 1.7 of this file.] Submitted by: Chandler Carruth (Google)
2010-12-02update for next releaseDr. Stephen Henson
2010-12-02prepare for releaseOpenSSL_0_9_8qDr. Stephen Henson
2010-12-02PR: 2386Dr. Stephen Henson
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch> Reviewed by: steve Correct SKM_ASN1_SET_OF_d2i macro.
2010-11-27../comm.txtDr. Stephen Henson
2010-11-26Backport J-PAKE fix.Ben Laurie
2010-11-16update for next versionDr. Stephen Henson
2010-11-16oops, correct version numberOpenSSL_0_9_8pDr. Stephen Henson
2010-11-16prepare for releaseDr. Stephen Henson
2010-11-02Submitted by: Jonathan Dixon <joth@chromium.org>Dr. Stephen Henson
Reviewed by: steve If store is NULL set flags correctly.
2010-10-11PR: 2295Dr. Stephen Henson
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination.
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-21 08:20:13 +0000