summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Expand)Author
2017-03-02Check for zero records and return immediatelyJon Spillett
2017-02-22Add some more consistency checks in tls_decrypt_ticket.Bernd Edlinger
2017-02-22Fix i2d_SSL_SESSION pp output parameter should point to end of asn1 data.Bernd Edlinger
2017-02-16Remove an OPENSSL_assert() and replace with a soft assert and checkMatt Caswell
2017-02-16Don't change the state of the ETM flags until CCS processingMatt Caswell
2017-02-15Rework error handling of custom_ext_meth_add towards strong exception safety.Bernd Edlinger
2017-02-14Use TLSEXT_KEYNAME_LENGTH in tls_decrypt_ticket.Bernd Edlinger
2017-02-14mem leak on error path and error propagation fixYuchi
2017-02-09Don't read uninitialised data for short session IDs.David Benjamin
2017-02-05Combined patch against OpenSSL_1_1_0-stable branch for the following issues:Bernd Edlinger
2017-02-05Majority rules, use session_ctx vs initial_ctxTodd Short
2017-01-28Correct pointer to be freedRichard Levitte
2017-01-26Use correct signature algorithm list when sending or checking.Dr. Stephen Henson
2017-01-26Better check of DH parameters in TLS dataRichard Levitte
2017-01-24Replace div-spoiler hack with simpler code, GH#1027,2253.Andy Polyakov
2017-01-24Cleanup EVP_CIPH/EP_CTRL duplicate definesTodd Short
2017-01-24Do not overallocate for tmp.ciphers_rawBenjamin Kaduk
2017-01-24Fix SSL_get0_raw_cipherlist()Matt Caswell
2017-01-24Fix a ssl session leak due to OOM in lh_SSL_SESSION_insertBernd Edlinger
2017-01-23Stop server from expecting Certificate message when not requestedMatt Caswell
2017-01-23Stop client from sending Certificate message when not requestedMatt Caswell
2017-01-23Fix SSL_VERIFY_CLIENT_ONCEMatt Caswell
2017-01-23fix a memory leak in ssl3_generate_key_block fix the error handling in ssl3_c...Bernd Edlinger
2017-01-18If client doesn't send curves list, don't assume all.Rich Salz
2017-01-10Mark a HelloRequest record as read if we ignore itMatt Caswell
2016-12-12Fix a leak in SSL_clear()Matt Caswell
2016-12-08Only call memcpy when the length is larger than 0.Kurt Roeckx
2016-11-29Ensure we are in accept state in DTLSv1_listenMatt Caswell
2016-11-23Fix missing NULL checks in CKE processingMatt Caswell
2016-11-21Make SSL_read and SSL_write return the old behaviour and document it.Kurt Roeckx
2016-11-16Remove a hack from ssl_test_oldMatt Caswell
2016-11-15Check that SCT timestamps are not in the futureRob Percival
2016-11-09When no SRP identity is found, no error was reported server sideEasySec
2016-11-07Partial revert of "Fix client verify mode to check SSL_VERIFY_PEER"Matt Caswell
2016-11-07Always ensure that init_msg is initialised for a CCSMatt Caswell
2016-11-02Fail if an unrecognised record type is receivedMatt Caswell
2016-11-02Fix read_aheadMatt Caswell
2016-10-28Implement length checks as a macroMatt Caswell
2016-10-28Ensure we have length checks for all extensionsMatt Caswell
2016-10-28Fix length check writing status request extensionMatt Caswell
2016-10-28A zero return from BIO_read()/BIO_write() could be retryableMatt Caswell
2016-10-20Disable encrypt_then_mac negotiation for DTLS.David Woodhouse
2016-09-29Fix missing NULL checks in NewSessionTicket constructionMatt Caswell
2016-09-29Fix an Uninit read in DTLSMatt Caswell
2016-09-26Fix Use After Free for large message sizesMatt Caswell
2016-09-22Avoid KCI attack for GOSTDmitry Belyavsky
2016-09-22Fix a hang with SSL_peek()Matt Caswell
2016-09-22Fix a mem leak in NPN handlingMatt Caswell
2016-09-22Fix OCSP Status Request extension unbounded memory growthMatt Caswell
2016-09-22Fix error message typo, wrong function codeRichard Levitte
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 10:08:35 +0000