Age | Commit message (Collapse) | Author | |
---|---|---|---|
2010-06-15 | Fix warnings (From HEAD, original patch by Ben). | Dr. Stephen Henson | |
2009-04-16 | PR: 1894 | Dr. Stephen Henson | |
Submitted by: Ger Hobbelt <ger@hobbelt.com> Approved by: steve@openssl.org Fix various typos and stuff. | |||
2009-04-05 | Fix error codes. | Dr. Stephen Henson | |
2008-12-29 | If we're going to return errors (no matter how stupid), then we should | Ben Laurie | |
test for them! | |||
2008-12-29 | Die earlier if hash is NULL. (Coverity IDs 137 & 138). | Ben Laurie | |
2008-12-29 | Die earlier if we have no hash function. | Ben Laurie | |
2008-12-27 | Handle the unlikely event that BIO_get_mem_data() returns -ve. | Ben Laurie | |
2007-09-07 | Fix warnings: computed value not use, incompatible pointer initialization | Dr. Stephen Henson | |
and cast from pointer to int of different size (linux-x86_64 and align). | |||
2007-08-31 | Update ssl code to support digests other than MD5+SHA1 in handshake. | Dr. Stephen Henson | |
Submitted by: Victor B. Wagner <vitus@cryptocom.ru> | |||
2007-06-04 | Update ssl library to support EVP_PKEY MAC API. Include generic MAC support. | Dr. Stephen Henson | |
2007-02-17 | Reorganize the data used for SSL ciphersuite pattern matching. | Bodo Möller | |
This change resolves a number of problems and obviates multiple kludges. A new feature is that you can now say "AES256" or "AES128" (not just "AES", which enables both). In some cases the ciphersuite list generated from a given string is affected by this change. I hope this is just in those cases where the previous behaviour did not make sense. | |||
2007-02-16 | ensure that the EVP_CIPHER_CTX object is initialized | Nils Larsch | |
PR: 1490 | |||
2006-03-10 | add initial support for RFC 4279 PSK SSL ciphersuites | Nils Larsch | |
PR: 1191 Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation Reviewed by: Nils Larsch | |||
2006-01-07 | prepare for additional RFC3546 alerts | Bodo Möller | |
2006-01-07 | make sure that the unrecognized_name alert actually gets sent | Bodo Möller | |
Submitted by: Peter Sylvester | |||
2005-10-01 | Fix compilation without OPENSSL_NO_COMP :-) | Dr. Stephen Henson | |
2005-09-30 | Make OPENSSL_NO_COMP compile again. | Dr. Stephen Henson | |
2005-04-26 | Add DTLS support. | Ben Laurie | |
2003-11-04 | Avoid some shadowed variable names. | Geoff Thorpe | |
Submitted by: Nils Larsch | |||
2003-10-29 | A general spring-cleaning (in autumn) to fix up signed/unsigned warnings. | Geoff Thorpe | |
I have tried to convert 'len' type variable declarations to unsigned as a means to address these warnings when appropriate, but when in doubt I have used casts in the comparisons instead. The better solution (that would get us all lynched by API users) would be to go through and convert all the function prototypes and structure definitions to use unsigned variables except when signed is necessary. The proliferation of (signed) "int" for strictly non-negative uses is unfortunate. | |||
2003-02-12 | comments | Bodo Möller | |
2002-11-28 | Cleanse memory using the new OPENSSL_cleanse() function. | Richard Levitte | |
I've covered all the memset()s I felt safe modifying, but may have missed some. | |||
2002-11-13 | Security fixes brought forward from 0.9.7. | Ben Laurie | |
2002-07-10 | Reorder inclusion of header files: | Lutz Jänicke | |
des_old.h redefines crypt: #define crypt(b,s)\ DES_crypt((b),(s)) This scheme leads to failure, if header files with the OS's true definition of crypt() are processed _after_ des_old.h was processed. This is e.g. the case on HP-UX with unistd.h. As evp.h now again includes des.h (which includes des_old.h), this problem only came up after this modification. Solution: move header files (indirectly) including e_os.h before the header files (indirectly) including evp.h. Submitted by: Reviewed by: PR: | |||
2002-07-09 | emtpy fragments are not necessary for SSL_eNULL | Bodo Möller | |
(but noone uses it anyway) fix t1_enc.c: use OPENSSL_NO_RC4, not NO_RC4 | |||
2002-06-14 | New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC | Bodo Möller | |
vulnerability workaround (included in SSL_OP_ALL). PR: #90 | |||
2002-04-13 | Implement known-IV countermeasure. | Bodo Möller | |
Fix length checks in ssl3_get_client_hello(). Use s->s3->in_read_app_data differently to fix ssl3_read_internal(). | |||
2001-10-22 | Fix memory leak. | Bodo Möller | |
2001-10-17 | Modify EVP cipher behaviour in a similar way | Dr. Stephen Henson | |
to digests to retain compatibility. | |||
2001-10-16 | Retain compatibility of EVP_DigestInit() and EVP_DigestFinal() | Dr. Stephen Henson | |
with existing code. Modify library to use digest *_ex() functions. | |||
2001-09-24 | comment | Bodo Möller | |
2001-09-20 | Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't | Bodo Möller | |
reveal whether illegal block cipher padding was found or a MAC verification error occured. In ssl/s2_pkt.c, verify that the purported number of padding bytes is in the legal range. | |||
2001-07-30 | Really add the EVP and all of the DES changes. | Ben Laurie | |
2001-06-19 | Change all calls to low level digest routines in the library and | Dr. Stephen Henson | |
applications to use EVP. Add missing calls to HMAC_cleanup() and don't assume HMAC_CTX can be copied using memcpy(). Note: this is almost identical to the patch submitted to openssl-dev by Verdon Walker <VWalker@novell.com> except some redundant EVP_add_digest_()/EVP_cleanup() calls were removed and some changes made to avoid compiler warnings. | |||
2001-06-15 | pay attention to blocksize before attempting decryption | Bodo Möller | |
2001-06-07 | Use memmove() instead of memcpy() on areas that may overlap. | Richard Levitte | |
Spotted by Nalin Dahyabhai <nalin@redhat.com> | |||
2001-04-08 | Avoid assert() in the library. | Bodo Möller | |
2001-04-08 | Resize a local buffer to accomodate the size requirements of AES. | Richard Levitte | |
Protect against future mistakes with an assert(). | |||
2001-04-03 | This change should be suitable as a workaround for the Solaris x86 | Bodo Möller | |
compiler bug reported in <01032110293775.22278@weba3.iname.net> (the '++seq[i]' condition is evaluated as 256 rather than 0 when the previous value is 255). | |||
2001-03-07 | Fix ERR_R_... problems. | Bodo Möller | |
2000-06-01 | There have been a number of complaints from a number of sources that names | Richard Levitte | |
like Malloc, Realloc and especially Free conflict with already existing names on some operating systems or other packages. That is reason enough to change the names of the OpenSSL memory allocation macros to something that has a better chance of being unique, like prepending them with OPENSSL_. This change includes all the name changes needed throughout all C files. | |||
2000-02-22 | Change EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md for | Dr. Stephen Henson | |
the old functionality. Various warning fixes. Initial EVP symmetric cipher docs. | |||
2000-02-20 | Tolerate fragmentation and interleaving in the SSL 3/TLS record layer. | Bodo Möller | |
2000-02-03 | ispell (and minor modifications) | Ulf Möller | |
2000-01-06 | Use separate arrays for certificate verify and for finished hashes. | Bodo Möller | |
2000-01-05 | Use prototypes. | Bodo Möller | |
1999-12-29 | Delete NO_PROTO section (which apparently was just a typo for NOPROTO -- | Bodo Möller | |
if anyone had actually ever needed that they should have fixed this typo) | |||
1999-06-04 | Support the EBCDIC character set and BS2000/OSD-POSIX (work in progress). | Ulf Möller | |
Submitted by: Martin Kraemer <Martin.Kraemer@MchP.Siemens.De> | |||
1999-04-27 | Message digest stuff. | Ulf Möller | |
1999-04-23 | Change #include filenames from <foo.h> to <openssl.h>. | Bodo Möller | |
Submitted by: Reviewed by: PR: |