- Jun 29, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by:
Matt Caswell <matt@openssl.org> (cherry picked from commit 5fced239)
-
- Jun 25, 2015
-
-
Dr. Stephen Henson authored
PR#3923 Reviewed-by:
Tim Hudson <tjh@openssl.org> (cherry picked from commit ffbf304d)
-
- Jun 24, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Jun 23, 2015
-
-
Vitezslav Cizek authored
Signed-off-by:
Rich Salz <rsalz@akamai.com> Reviewed-by:
-
Rich Salz authored
Found by Kurt Cancemi (Manual cherry-pick of f8e427154bbc0c33f29fa7aad001b1b655e5995b) Reviewed-by: -
Russell Webb authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
A small rearrangement so the inclusion of rsaz_exp.h would be unconditional, but what that header defines becomes conditional. This solves the weirdness where rsaz_exp.h gets in and out of the dependency list for bn_exp.c, depending on the present architecture. Reviewed-by: -
Rich Salz authored
Typo in local variable name; introduced by previous fix. Reviewed-by:
Richard Levitte <levitte@openssl.org> (cherry picked from commit cc3f3fc2)
-
- Jun 22, 2015
-
-
Rich Salz authored
Reviewed-by:
-
- Jun 21, 2015
-
-
Rich Salz authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
More fprintf()s and printf()s to turn into BIO calls. Reviewed-by: -
Richard Levitte authored
Construct bio_err and bio_stdout from file handles instead of FILE pointers, since the latter might not be implemented (when OPENSSL_NO_STDIO is defined). Convert all output to use BIO_printf. Change lh_foo to lh_SSL_SESSION_foo. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Rich Salz authored
Backport to 1.0.1 and 1.0.2 to fix RT 3905 Reviewed-by:
-
- Jun 20, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Jun 16, 2015
-
-
Richard Levitte authored
Reviewed-by:
Kurt Roeckx <kurt@openssl.org> (cherry picked from commit b4f0d1a4)
-
Richard Levitte authored
Reviewed-by:
-
- Jun 12, 2015
-
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Adam Langley authored
It is valid for an extension block to be present in a ClientHello, but to be of zero length. Reviewed-by:
-
Matt Caswell authored
Recent HMAC changes broke ABI compatibility due to a new field in HMAC_CTX. This backs that change out, and does it a different way. Thanks to Timo Teras for the concept. Conflicts: crypto/hmac/hmac.c Reviewed-by:
-
- Jun 11, 2015
-
-
Matt Caswell authored
Reviewed-by:Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Andy Polyakov authored
CVE-2015-1788 Reviewed-by:
-
Matt Caswell authored
Updates to CHANGES and NEWS to take account of the latest security fixes. Reviewed-by: -
Emilia Kasper authored
CVE-2015-1790 Reviewed-by: -
Emilia Kasper authored
Also tighten X509_cmp_time to reject more than three fractional seconds in the time; and to reject trailing garbage after the offset. CVE-2015-1789 Reviewed-by:
Viktor Dukhovni <viktor@openssl.org> Reviewed-by:
-
Dr. Stephen Henson authored
Fix loop in do_free_upto if cmsbio is NULL: this will happen when attempting to verify and a digest is not recognised. Reported by Johannes Bauer. CVE-2015-1792 Reviewed-by: -
Richard Levitte authored
Reviewed-by: -
Richard Levitte authored
$(PROGS) was mistakenly removed, adding it back. Reviewed-by: -
Matt Caswell authored
Fix error handling in ssl_session_dup, as well as incorrect setting up of the session ticket. Follow on from CVE-2015-1791. Thanks to LibreSSL project for reporting these issues. Conflicts: ssl/ssl_sess.c Reviewed-by:
-
