提交 · 0a5942093e06f60f0fa683505ee3693a4fdea070 · btwise / openssl

15 11月, 2002 1 次提交
- R
  We need to read one more byte of the REQUEST-CERTIFICATE message. · 0a594209
  由 Richard Levitte 提交于 11月 15, 2002
```
PR: 300
```
  0a594209
13 11月, 2002 1 次提交
- B
  
  Security fixes brought forward from 0.9.7. · 54a656ef
  由 Ben Laurie 提交于 11月 13, 2002
  
  54a656ef
25 9月, 2002 1 次提交
- B
  really fix race conditions · b8565a9a
  由 Bodo Möller 提交于 9月 25, 2002
```
Submitted by: "Patrick McCormick" <patrick@tellme.com>

PR: 262
PR: 291
```
  b8565a9a
23 9月, 2002 1 次提交
- B
  really fix race condition · e78f1378
  由 Bodo Möller 提交于 9月 23, 2002
```
PR: 262
```
  e78f1378
02 8月, 2002 1 次提交
- B
  
  get rid of OpenSSLDie · 5574e0ed
  由 Bodo Möller 提交于 8月 02, 2002
  
  5574e0ed
30 7月, 2002 1 次提交

OpenSSL Security Advisory [30 July 2002] · c046fffa

由 Lutz Jänicke 提交于 7月 30, 2002

Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.

c046fffa

12 1月, 2002 1 次提交
- B
  
  Prototype info function. · 45d87a1f
  由 Ben Laurie 提交于 1月 12, 2002
  
  45d87a1f
10 11月, 2001 2 次提交
- B
  make code a little more similar to what it looked like before the fixes, · 2b90b1f3
  由 Bodo Möller 提交于 11月 10, 2001
```
call ssl2_part_read again to parse error message
```
  2b90b1f3
- B
  Implement msg_callback for SSL 2.0. · cf82191d
  由 Bodo Möller 提交于 11月 10, 2001
```
Important SSL 2.0 bugfixes (bugs found while implementing msg_callback).
```
  cf82191d
25 10月, 2001 1 次提交
- B
  Fix SSL handshake functions and SSL_clear() such that SSL_clear() · 979689aa
  由 Bodo Möller 提交于 10月 24, 2001
```
never resets s->method to s->ctx->method when called from within
one of the SSL handshake functions.
```
  979689aa
16 10月, 2001 1 次提交

· 20d2186c

由 Dr. Stephen Henson 提交于 10月 16, 2001

Retain compatibility of EVP_DigestInit() and EVP_DigestFinal()
with existing code.

Modify library to use digest *_ex() functions.

20d2186c

31 7月, 2001 1 次提交
- B
  
  Really add the EVP and all of the DES changes. · dbad1690
  由 Ben Laurie 提交于 7月 30, 2001
  
  dbad1690
07 3月, 2001 1 次提交
- B
  
  Fix ERR_R_... problems. · 5277d7cb
  由 Bodo Möller 提交于 3月 07, 2001
  
  5277d7cb
20 2月, 2001 1 次提交

Use new-style system-id macros everywhere possible. I hope I haven't · bc36ee62

由 Richard Levitte 提交于 2月 20, 2001

missed any.

This compiles and runs on Linux, and external applications have no
problems with it.  The definite test will be to build this on VMS.

bc36ee62

10 2月, 2001 1 次提交
- L
  New Option SSL_OP_CIPHER_SERVER_PREFERENCE allows TLS/SSLv3 server to override · 836f9960
  由 Lutz Jänicke 提交于 2月 09, 2001
```
the clients choice; in SSLv2 the client uses the server's preferences.
```
  836f9960
30 11月, 2000 1 次提交
- L
  Store verify_result with sessions to avoid potential security hole. · 0dd2254d
  由 Lutz Jänicke 提交于 11月 29, 2000
```
For the server side this was already done one year ago :-(
```
  0dd2254d
28 5月, 2000 1 次提交
- B
  
  Bugfix: clear error queue after ignoring ssl_verify_cert_chain result. · 1fab73ac
  由 Bodo Möller 提交于 5月 27, 2000
  
  1fab73ac
04 2月, 2000 1 次提交
- U
  
  ispell (and minor modifications) · 657e60fa
  由 Ulf Möller 提交于 2月 03, 2000
  
  657e60fa
25 1月, 2000 1 次提交
- B
  
  Avoid a race condition. · 2557eaea
  由 Bodo Möller 提交于 1月 24, 2000
  
  2557eaea
21 1月, 2000 2 次提交
- B
  Don't "goto err" in client_master_key because no such label exists; · af6f3881
  由 Bodo Möller 提交于 1月 21, 2000
```
just return -1 as in other error cases.
```
  af6f3881
- U
  
  Check RAND_bytes() return value or use RAND_pseudo_bytes(). · e7f97e2d
  由 Ulf Möller 提交于 1月 21, 2000
  
  e7f97e2d
17 1月, 2000 1 次提交

Add missing #ifndefs that caused missing symbols when building libssl · aa82db4f

由 Ulf Möller 提交于 1月 16, 2000

as a shared library without RSA.  Use #ifndef NO_SSL2 instead of
NO_RSA in ssl/s2*.c.

Submitted by: Kris Kennaway <kris@hub.freebsd.org>
Modified by Ulf Möller

aa82db4f

14 1月, 2000 1 次提交

Precautions against using the PRNG uninitialized: RAND_bytes() now · eb952088

由 Ulf Möller 提交于 1月 13, 2000

returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.

eb952088

09 1月, 2000 1 次提交
- B
  
  Make NO_RSA compile with pedantic. · 752d706a
  由 Ben Laurie 提交于 1月 08, 2000
  
  752d706a
04 1月, 2000 1 次提交
- A
  Rhapsody 5.5 (a.k.a. MacOS X) compiler bug workaround. At the very least · 37b0d5d0
  由 Andy Polyakov 提交于 1月 04, 2000
```
passes 'make test' now:-)
```
  37b0d5d0
17 11月, 1999 1 次提交
- B
  
  Store verify_result with sessions to avoid potential security hole. · b1fe6ca1
  由 Bodo Möller 提交于 11月 16, 1999
  
  b1fe6ca1
13 5月, 1999 1 次提交

New structure type SESS_CERT used instead of CERT inside SSL_SESSION. · b56bce4f

由 Bodo Möller 提交于 5月 13, 1999

While modifying the sources, I found some inconsistencies on the use of
s->cert vs. s->session->sess_cert; I don't know if those could
really have caused problems, but possibly this is a proper bug-fix
and not just a clean-up.

b56bce4f

10 5月, 1999 1 次提交

No actual change, but the cert_st member of struct ssl_session_st is now · 9d5cceac

由 Bodo Möller 提交于 5月 09, 1999

called sess_cert instead of just cert.  This is in preparation of further
changes: Probably often when s->session->sess_cert is used, we should
use s->cert instead; s->session->sess_cert should be a new structure
containing only the stuff that is for just one connection (e.g.
the peer's certificate, which the SSL client implementations currently
store in s->session->[sess_]cert, which is a very confusing thing to do).
Submitted by:
Reviewed by:
PR:

9d5cceac

30 4月, 1999 1 次提交
- D
  Fix a couple of cases where an attempt is made to lock an already locked · 801294f8
  由 Dr. Stephen Henson 提交于 4月 29, 1999
```
mutex.
```
  801294f8
27 4月, 1999 2 次提交
- U
  
  New Configure option no-<cipher> (rsa, idea, rc5, ...). · 79df9d62
  由 Ulf Möller 提交于 4月 27, 1999
  
  79df9d62
- U
  
  Remove NOPROTO definitions and error code comments. · a9be3af5
  由 Ulf Möller 提交于 4月 26, 1999
  
  a9be3af5
24 4月, 1999 1 次提交
- B
  Change #include filenames from <foo.h> to <openssl.h>. · ec577822
  由 Bodo Möller 提交于 4月 23, 1999
```
Submitted by:
Reviewed by:
PR:
```
  ec577822
22 4月, 1999 1 次提交
- B
  Fixed some race conditions. · 5cc146f3
  由 Bodo Möller 提交于 4月 22, 1999
```
Submitted by:
Reviewed by:
PR:
```
  5cc146f3
20 4月, 1999 1 次提交
- U
  
  Change functions to ANSI C. · 6b691a5c
  由 Ulf Möller 提交于 4月 19, 1999
  
  6b691a5c
18 4月, 1999 1 次提交
- B
  
  Massive constification. · e778802f
  由 Ben Laurie 提交于 4月 17, 1999
  
  e778802f
13 4月, 1999 1 次提交
- B
  
  Add type-safe STACKs and SETs. · f73e07cf
  由 Ben Laurie 提交于 4月 12, 1999
  
  f73e07cf
31 3月, 1999 1 次提交
- B
  New option "-showcerts" for s_client · 6d02d8e4
  由 Bodo Möller 提交于 3月 31, 1999
```
Slight cleanup in ssl/
```
  6d02d8e4
22 2月, 1999 1 次提交
- B
  
  Add support for new TLS export ciphersuites. · 06ab81f9
  由 Ben Laurie 提交于 2月 21, 1999
  
  06ab81f9
16 2月, 1999 2 次提交

Updates to the new SSL compression code · 413c4f45

由 Mark J. Cox 提交于 2月 16, 1999

     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Fix so that the version number in the master secret, when passed
     via RSA, checks that if TLS was proposed, but we roll back to SSLv3
     (because the server will not accept higher), that the version number
     is 0x03,0x01, not 0x03,0x00
     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Submitted by:
Reviewed by:
PR:

413c4f45

D

Fix various memory leaks in SSL, apps and DSA · a8236c8c
由 Dr. Stephen Henson 提交于 2月 15, 1999

a8236c8c