summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Expand)Author
2017-01-26Better check of DH parameters in TLS dataRichard Levitte
2017-01-24Fix a ssl session leak due to OOM in lh_SSL_SESSION_insertBernd Edlinger
2017-01-23Fix SSL_VERIFY_CLIENT_ONCEMatt Caswell
2017-01-10Fix error handling in SSL_CTX_newBernd Edlinger
2016-12-14zero pad DHE public key in ServerKeyExchange message for interoprussor
2016-12-14Fix ssl_cert_dup: change one 'return NULL' to 'goto err'Richard Levitte
2016-12-14Make 'err' lable in ssl_cert_dup unconditionalRichard Levitte
2016-12-13Fix a bug in clienthello processingBenjamin Kaduk
2016-11-29Revert "Fix heartbeat_test"Matt Caswell
2016-11-21Make SSL_read and SSL_write return the old behaviour and document it.Kurt Roeckx
2016-11-12Solution proposal for issue #1647.Matthias Kraft
2016-11-02Fail if an unrecognised record type is receivedMatt Caswell
2016-11-02Fix heartbeat_testMatt Caswell
2016-10-28Implement length checks as a macroMatt Caswell
2016-10-28Ensure we have length checks for all extensionsMatt Caswell
2016-10-28Fix length check writing status request extensionMatt Caswell
2016-10-28A zero return from BIO_read/BIO_write() could be retryableMatt Caswell
2016-10-14Degrade 3DES to MEDIUM in SSL2Vitezslav Cizek
2016-10-11Add missing error string for SSL_R_TOO_MANY_WARN_ALERTSKurt Cancemi
2016-09-22Fix build with no-nextprotonegDirk Feytons
2016-09-22Avoid KCI attack for GOSTDmitry Belyavsky
2016-09-22Fix a mem leak in NPN handlingMatt Caswell
2016-09-22Fix OCSP Status Request extension unbounded memory growthMatt Caswell
2016-09-21Don't allow too many consecutive warning alertsMatt Caswell
2016-09-21Make message buffer slightly larger than message.Dr. Stephen Henson
2016-09-21Use SSL3_HM_HEADER_LENGTH instead of 4.Dr. Stephen Henson
2016-09-21Remove unnecessary check.Dr. Stephen Henson
2016-09-21Fix small OOB reads.Dr. Stephen Henson
2016-09-15Revert "Abort on unrecognised warning alerts"Matt Caswell
2016-09-15Fix memory leak on realloc error.Dr. Stephen Henson
2016-09-15Fix memory leak on error.Dr. Stephen Henson
2016-09-13Abort on unrecognised warning alertsMatt Caswell
2016-08-30Ensure the CertStatus message adds a DTLS message header where neededMatt Caswell
2016-08-26Add basic test for Cisco DTLS1_BAD_VER and record replay handlingDavid Woodhouse
2016-08-26Fix ubsan 'left shift of negative value -1' error in satsub64be()David Woodhouse
2016-08-26Fix SSL_export_keying_material() for DTLS1_BAD_VERDavid Woodhouse
2016-08-26Fix the no-tls1 optionMatt Caswell
2016-08-26Always use session_ctx when removing a sessionTodd Short
2016-08-24SWEET32 (CVE-2016-2183): Move DES from HIGH to MEDIUMRich Salz
2016-08-24Fix no-ecMatt Caswell
2016-08-23Sanity check ticket length.Dr. Stephen Henson
2016-08-22VMS: Use strict refdef extern model when building library object filesRichard Levitte
2016-08-22Prevent DTLS Finished message injectionMatt Caswell
2016-08-22Fix DTLS buffered message DoS attackMatt Caswell
2016-08-22Silence some "maybe used uninitialised" warningsMatt Caswell
2016-08-19Fix NULL-return checks in 1.0.2Rich Salz
2016-08-19Update function error codeMatt Caswell
2016-08-19Fix DTLS replay protectionMatt Caswell
2016-08-19Add DTLS replay protection testMatt Caswell
2016-08-19Fix DTLS unprocessed records bugMatt Caswell
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 17:35:54 +0000