Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | New Option SSL_OP_CIPHER_SERVER_PREFERENCE allows TLS/SSLv3 server to override | Lutz Jänicke | 2001-02-09 | 1 | -8/+24 |
| | | | | the clients choice; in SSLv2 the client uses the server's preferences. | ||||
* | Store verify_result with sessions to avoid potential security hole. | Lutz Jänicke | 2000-11-29 | 1 | -0/+1 |
| | | | | For the server side this was already done one year ago :-( | ||||
* | Bugfix: clear error queue after ignoring ssl_verify_cert_chain result. | Bodo Möller | 2000-05-27 | 1 | -0/+1 |
| | |||||
* | ispell (and minor modifications) | Ulf Möller | 2000-02-03 | 1 | -4/+4 |
| | |||||
* | Avoid a race condition. | Bodo Möller | 2000-01-24 | 1 | -18/+20 |
| | |||||
* | Don't "goto err" in client_master_key because no such label exists; | Bodo Möller | 2000-01-21 | 1 | -1/+1 |
| | | | | just return -1 as in other error cases. | ||||
* | Check RAND_bytes() return value or use RAND_pseudo_bytes(). | Ulf Möller | 2000-01-21 | 1 | -3/+10 |
| | |||||
* | Add missing #ifndefs that caused missing symbols when building libssl | Ulf Möller | 2000-01-16 | 1 | -3/+3 |
| | | | | | | | | as a shared library without RSA. Use #ifndef NO_SSL2 instead of NO_RSA in ssl/s2*.c. Submitted by: Kris Kennaway <kris@hub.freebsd.org> Modified by Ulf Möller | ||||
* | Precautions against using the PRNG uninitialized: RAND_bytes() now | Ulf Möller | 2000-01-13 | 1 | -1/+1 |
| | | | | | | returns int (1 = ok, 0 = not seeded). New function RAND_add() is the same as RAND_seed() but takes an estimate of the entropy as an additional argument. | ||||
* | Make NO_RSA compile with pedantic. | Ben Laurie | 2000-01-08 | 1 | -0/+6 |
| | |||||
* | Rhapsody 5.5 (a.k.a. MacOS X) compiler bug workaround. At the very least | Andy Polyakov | 2000-01-04 | 1 | -0/+6 |
| | | | | passes 'make test' now:-) | ||||
* | Store verify_result with sessions to avoid potential security hole. | Bodo Möller | 1999-11-16 | 1 | -1/+1 |
| | |||||
* | New structure type SESS_CERT used instead of CERT inside SSL_SESSION. | Bodo Möller | 1999-05-13 | 1 | -19/+21 |
| | | | | | | | While modifying the sources, I found some inconsistencies on the use of s->cert vs. s->session->sess_cert; I don't know if those could really have caused problems, but possibly this is a proper bug-fix and not just a clean-up. | ||||
* | No actual change, but the cert_st member of struct ssl_session_st is now | Bodo Möller | 1999-05-09 | 1 | -5/+5 |
| | | | | | | | | | | | | called sess_cert instead of just cert. This is in preparation of further changes: Probably often when s->session->sess_cert is used, we should use s->cert instead; s->session->sess_cert should be a new structure containing only the stuff that is for just one connection (e.g. the peer's certificate, which the SSL client implementations currently store in s->session->[sess_]cert, which is a very confusing thing to do). Submitted by: Reviewed by: PR: | ||||
* | Fix a couple of cases where an attempt is made to lock an already locked | Dr. Stephen Henson | 1999-04-29 | 1 | -1/+3 |
| | | | | mutex. | ||||
* | New Configure option no-<cipher> (rsa, idea, rc5, ...). | Ulf Möller | 1999-04-27 | 1 | -1/+2 |
| | |||||
* | Remove NOPROTO definitions and error code comments. | Ulf Möller | 1999-04-26 | 1 | -13/+0 |
| | |||||
* | Change #include filenames from <foo.h> to <openssl.h>. | Bodo Möller | 1999-04-23 | 1 | -4/+4 |
| | | | | | | Submitted by: Reviewed by: PR: | ||||
* | Fixed some race conditions. | Bodo Möller | 1999-04-22 | 1 | -1/+1 |
| | | | | | | Submitted by: Reviewed by: PR: | ||||
* | Change functions to ANSI C. | Ulf Möller | 1999-04-19 | 1 | -30/+13 |
| | |||||
* | Massive constification. | Ben Laurie | 1999-04-17 | 1 | -2/+2 |
| | |||||
* | Add type-safe STACKs and SETs. | Ben Laurie | 1999-04-12 | 1 | -11/+11 |
| | |||||
* | New option "-showcerts" for s_client | Bodo Möller | 1999-03-31 | 1 | -1/+1 |
| | | | | Slight cleanup in ssl/ | ||||
* | Add support for new TLS export ciphersuites. | Ben Laurie | 1999-02-21 | 1 | -1/+1 |
| | |||||
* | Updates to the new SSL compression code | Mark J. Cox | 1999-02-16 | 1 | -6/+10 |
| | | | | | | | | | | | | | | [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)] Fix so that the version number in the master secret, when passed via RSA, checks that if TLS was proposed, but we roll back to SSLv3 (because the server will not accept higher), that the version number is 0x03,0x01, not 0x03,0x00 [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)] Submitted by: Reviewed by: PR: | ||||
* | Fix various memory leaks in SSL, apps and DSA | Dr. Stephen Henson | 1999-02-15 | 1 | -2/+4 |
| | |||||
* | More exactitude with function arguments. | Ben Laurie | 1999-02-09 | 1 | -1/+1 |
| | |||||
* | Fix various stuff: that VC++ 5.0 chokes on: | Dr. Stephen Henson | 1999-01-31 | 1 | -0/+2 |
| | | | | | | | | 1. Add *lots* of missing prototypes for static ssl functions. 2. VC++ doesn't understand the 'LL' suffix for 64 bits constants: change bn.org 3. Add a few missing prototypes in pem.org Fix mk1mf.pl so it outputs a Makefile that doesn't choke Win95. Fix mkdef.pl so it doesn't truncate longer names. | ||||
* | Import of old SSLeay release: SSLeay 0.9.1b (unreleased) | Ralf S. Engelschall | 1998-12-21 | 1 | -1/+6 |
| | |||||
* | Import of old SSLeay release: SSLeay 0.9.0b | Ralf S. Engelschall | 1998-12-21 | 1 | -12/+13 |
| | |||||
* | Import of old SSLeay release: SSLeay 0.8.1b | Ralf S. Engelschall | 1998-12-21 | 1 | -0/+982 |