![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / lib / libssl
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.155, Thu Jan 26 05:51:54 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
CVS Tags: HEAD
Changes since 1.154: +1 -1 lines
FILE REMOVED
Rename s3_{both,clnt,pkt_srvr}.c to have an ssl_ prefix since they are no
longer SSLv3 code.
ok beck@
Revision 1.154 / (download) - annotate - [select for diffs], Thu Jan 26 05:31:25 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.153: +18 -7 lines
Diff to previous 1.153 (colored)
Merge the client/server version negotiation into the existing (currently fixed version) client/server code. ok beck@
Revision 1.153 / (download) - annotate - [select for diffs], Tue Jan 24 14:57:31 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.152: +4 -5 lines
Diff to previous 1.152 (colored)
sk_pop_free() checks for NULL so do not bother doing it from the callers.
Revision 1.152 / (download) - annotate - [select for diffs], Tue Jan 24 12:22:23 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.151: +1 -3 lines
Diff to previous 1.151 (colored)
Remove unused cert variable. Found by bcook@
Revision 1.151 / (download) - annotate - [select for diffs], Tue Jan 24 01:44:00 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.150: +6 -10 lines
Diff to previous 1.150 (colored)
sk_SSL_CIPHER_free() checks for NULL so do not bother doing the same from the callers.
Revision 1.150 / (download) - annotate - [select for diffs], Mon Jan 23 14:35:42 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.149: +4 -4 lines
Diff to previous 1.149 (colored)
Move options and mode from SSL_CTX and SSL to internal, since these can be set and cleared via existing functions.
Revision 1.149 / (download) - annotate - [select for diffs], Mon Jan 23 13:36:13 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.148: +16 -16 lines
Diff to previous 1.148 (colored)
Split most of SSL_METHOD out into an internal variant, which is opaque. Discussed with beck@
Revision 1.148 / (download) - annotate - [select for diffs], Mon Jan 23 08:48:44 2017 UTC (7 years, 4 months ago) by beck
Branch: MAIN
Changes since 1.147: +59 -59 lines
Diff to previous 1.147 (colored)
send state and rstate from ssl_st into internal. There are accessors so these should not be diddled with directly ok jsing@
Revision 1.147 / (download) - annotate - [select for diffs], Mon Jan 23 06:45:30 2017 UTC (7 years, 4 months ago) by beck
Branch: MAIN
Changes since 1.146: +75 -75 lines
Diff to previous 1.146 (colored)
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
Revision 1.146 / (download) - annotate - [select for diffs], Mon Jan 23 05:13:02 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.145: +8 -8 lines
Diff to previous 1.145 (colored)
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use. ok beck@
Revision 1.145 / (download) - annotate - [select for diffs], Mon Jan 23 04:55:27 2017 UTC (7 years, 4 months ago) by beck
Branch: MAIN
Changes since 1.144: +9 -9 lines
Diff to previous 1.144 (colored)
move the callbacks from ssl_st to internal ok jsing@
Revision 1.144 / (download) - annotate - [select for diffs], Mon Jan 23 04:15:28 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.143: +8 -8 lines
Diff to previous 1.143 (colored)
Move callback function pointers and argument pointers from SSL_CTX to internal. ok beck@
Revision 1.143 / (download) - annotate - [select for diffs], Mon Jan 23 01:22:08 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.142: +7 -7 lines
Diff to previous 1.142 (colored)
Move not_resumable and sess_cert from SSL_SESSION to internal. ok beck@
Revision 1.142 / (download) - annotate - [select for diffs], Mon Jan 23 00:12:54 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.141: +4 -4 lines
Diff to previous 1.141 (colored)
Move the stats struct from SSL_CTX to internal. ok beck@
Revision 1.141 / (download) - annotate - [select for diffs], Sun Jan 22 09:02:07 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.140: +76 -76 lines
Diff to previous 1.140 (colored)
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports. ok beck@
Revision 1.140 / (download) - annotate - [select for diffs], Sun Jan 22 07:16:39 2017 UTC (7 years, 4 months ago) by beck
Branch: MAIN
Changes since 1.139: +6 -6 lines
Diff to previous 1.139 (colored)
Move most of DTLS1_STATE to internal. ok jsing@
Revision 1.139 / (download) - annotate - [select for diffs], Sun Jan 22 06:36:49 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.138: +5 -5 lines
Diff to previous 1.138 (colored)
Move ALPN and NPN fields from SSL/SSL_CTX to internal. ok beck@
Revision 1.138 / (download) - annotate - [select for diffs], Wed Dec 21 16:44:31 2016 UTC (7 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.137: +112 -5 lines
Diff to previous 1.137 (colored)
Add support for ECDHE with X25519. Testing of an earlier revision by naddy@. ok beck@
Revision 1.137 / (download) - annotate - [select for diffs], Wed Dec 7 13:18:38 2016 UTC (7 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.136: +29 -26 lines
Diff to previous 1.136 (colored)
Ensure that we zero memory that contiansthe ASN.1 encoded session, since this contains the session master key. ok deraadt@ doug@
Revision 1.136 / (download) - annotate - [select for diffs], Tue Dec 6 13:17:52 2016 UTC (7 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.135: +22 -7 lines
Diff to previous 1.135 (colored)
Convert certificate handshake message generation to CBB, with some clean
up and restructure.
This also adds CBB based variants of the ssl3_handshake_msg_{start,finish}
functions - for the time being these use a CBB to build the messages, then
copy back into the init_buf.
ok doug@
Revision 1.135 / (download) - annotate - [select for diffs], Sun Dec 4 14:20:13 2016 UTC (7 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.134: +41 -21 lines
Diff to previous 1.134 (colored)
Convert ssl3_send_server_hello() to CBB. ok beck@ doug@
Revision 1.134 / (download) - annotate - [select for diffs], Sat Dec 3 12:34:35 2016 UTC (7 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.133: +2 -2 lines
Diff to previous 1.133 (colored)
Avoid signed vs unsigned warnings from clang by adding two casts, slightly rewriting some code and changing the type of an array. ok bcook@ doug@
Revision 1.133 / (download) - annotate - [select for diffs], Thu Nov 17 15:22:41 2016 UTC (7 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.132: +29 -38 lines
Diff to previous 1.132 (colored)
Convert ssl3_get_client_kex_dhe() to CBS and perform some general code cleanup, including the removal of a dead code path. ok beck@
Revision 1.132 / (download) - annotate - [select for diffs], Sun Nov 6 15:06:52 2016 UTC (7 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.131: +386 -318 lines
Diff to previous 1.131 (colored)
Split ssl3_get_client_key_exchange() into separate per algorithm functions. ok beck@
Revision 1.131 / (download) - annotate - [select for diffs], Sun Nov 6 14:44:35 2016 UTC (7 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.130: +1 -8 lines
Diff to previous 1.130 (colored)
Remove pointless check - without fixed ECDH, there is only one way to reach this code path. ok beck@ bcook@
Revision 1.130 / (download) - annotate - [select for diffs], Sun Nov 6 13:35:32 2016 UTC (7 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.129: +221 -203 lines
Diff to previous 1.129 (colored)
Split out the DHE and ECDHE code paths from ssl3_send_server_key_exchange(). ok beck@ bcook@
Revision 1.129 / (download) - annotate - [select for diffs], Sat Nov 5 19:03:39 2016 UTC (7 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.128: +67 -52 lines
Diff to previous 1.128 (colored)
Do a partial CBB conversion of ssl3_send_server_key_exchange(), which will make it easier to do further clean up. ok beck@ miod@
Revision 1.128 / (download) - annotate - [select for diffs], Wed Oct 19 16:38:40 2016 UTC (7 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.127: +7 -15 lines
Diff to previous 1.127 (colored)
Remove support for fixed ECDH cipher suites - these is not widely supported and more importantly they do not provide PFS (if you want to use ECDH, use ECDHE instead). With input from guenther@. ok deraadt@ guenther@
Revision 1.127 / (download) - annotate - [select for diffs], Thu Sep 22 07:17:41 2016 UTC (7 years, 8 months ago) by guenther
Branch: MAIN
Changes since 1.126: +17 -12 lines
Diff to previous 1.126 (colored)
Check for packet with truncated DTLS cookie. Flip pointer comparison logic to avoid beyond-end-of-buffer pointers to make it less likely a compiler will decide to screw you. Based on parts of openssl commits 6f35f6deb5ca7daebe289f86477e061ce3ee5f46 and 89c2720298f875ac80777da2da88a64859775898 ok jsing@
Revision 1.126 / (download) - annotate - [select for diffs], Mon May 30 13:42:54 2016 UTC (8 years ago) by beck
Branch: MAIN
Changes since 1.125: +2 -2 lines
Diff to previous 1.125 (colored)
deprecate internal use of EVP_[Cipher|Encrypt|Decrypt]_Final. 14 years ago these were changed in OpenSSL to be the same as the _ex functions. We use the _ex functions only internally to ensure it is obvious the ctx must be cleared. ok bcook@
Revision 1.125 / (download) - annotate - [select for diffs], Fri Mar 11 07:08:45 2016 UTC (8 years, 3 months ago) by mmcc
Branch: MAIN
Changes since 1.124: +3 -5 lines
Diff to previous 1.124 (colored)
X509_free(3) is NULL-safe, so remove NULL checks before its calls. ok doug@
Revision 1.100.4.1 / (download) - annotate - [select for diffs], Wed Jan 27 02:11:34 2016 UTC (8 years, 4 months ago) by beck
Changes since 1.100: +5 -20 lines
Diff to previous 1.100 (colored) next main 1.101 (colored)
deprecate SSL_OP_SINGLE_DH_USE ok jsing@
Revision 1.112.4.1 / (download) - annotate - [select for diffs], Wed Jan 27 02:09:51 2016 UTC (8 years, 4 months ago) by beck
Changes since 1.112: +5 -20 lines
Diff to previous 1.112 (colored) next main 1.113 (colored)
deprecate SSL_OP_SINGLE_DH_USE ok jsing@
Revision 1.124 / (download) - annotate - [select for diffs], Wed Jan 27 02:06:16 2016 UTC (8 years, 4 months ago) by beck
Branch: MAIN
Changes since 1.123: +5 -20 lines
Diff to previous 1.123 (colored)
deprecate SSL_OP_SINGLE_DH_USE ok jsing@
Revision 1.123 / (download) - annotate - [select for diffs], Sun Sep 13 12:39:16 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.122: +6 -6 lines
Diff to previous 1.122 (colored)
Use ECDH_size() instead of rolling our own. ok beck@
Revision 1.122 / (download) - annotate - [select for diffs], Sun Sep 13 09:20:19 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.121: +25 -16 lines
Diff to previous 1.121 (colored)
The *_accept() functions increment in_handshake at the start of the function, then decrement it and call a callback on exit from the function. As such, these functions should not return in the middle, otherwise in_handshake is never decremented and the callback never called. ok beck@ "with many sighs" miod@
Revision 1.121 / (download) - annotate - [select for diffs], Sat Sep 12 16:10:07 2015 UTC (8 years, 9 months ago) by doug
Branch: MAIN
Changes since 1.120: +24 -37 lines
Diff to previous 1.120 (colored)
Remove most of the SSLv3 version checks and a few TLS v1.0. We can now assume >= TLS v1.0 since SSL2_VERSION, SSL3_VERSION and DTLS1_BAD_VER support was removed. "reads ok" miod@
Revision 1.120 / (download) - annotate - [select for diffs], Sat Sep 12 15:03:39 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.119: +8 -5 lines
Diff to previous 1.119 (colored)
Move handshake message header length determination into a separate ssl3_handshake_msg_hdr_len() function. Use this to correct several places that have magic numbers with header lengths hardcoded as '4'. ok beck@
Revision 1.119 / (download) - annotate - [select for diffs], Sat Sep 12 13:03:06 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.118: +34 -43 lines
Diff to previous 1.118 (colored)
Convert the rest of the server handshake functions to ssl3_handshake_msg_*. ok beck@
Revision 1.118 / (download) - annotate - [select for diffs], Fri Sep 11 18:08:21 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.117: +9 -9 lines
Diff to previous 1.117 (colored)
Rename functions that moved to t1_enc.c, with a tls1_ prefix instead of a ssl3_ prefix. ok beck@
Revision 1.117 / (download) - annotate - [select for diffs], Thu Sep 10 17:57:50 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.116: +2 -2 lines
Diff to previous 1.116 (colored)
Remove support for DTLS_BAD_VER. We do not support non-standard and incomplete implementations just so that we can interoperate with products from vendors who have not bothered to fix things in the last ~10 years. ok bcook@ miod@
Revision 1.116 / (download) - annotate - [select for diffs], Thu Sep 10 15:56:26 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.115: +4 -4 lines
Diff to previous 1.115 (colored)
Correct spelling of OPENSSL_cleanse. ok miod@
Revision 1.115 / (download) - annotate - [select for diffs], Tue Sep 1 13:38:27 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.114: +1 -6 lines
Diff to previous 1.114 (colored)
Remove the ssl_prepare_{client,server}hello_tlsext() functions, which are
now nothing more than noops.
ok bcook@ doug@
Revision 1.114 / (download) - annotate - [select for diffs], Sat Aug 29 16:51:17 2015 UTC (8 years, 9 months ago) by doug
Branch: MAIN
Changes since 1.113: +1 -41 lines
Diff to previous 1.113 (colored)
Remove SSLv3 method data structs and unlink s3_meth.c from the build. ok jsing@
Revision 1.113 / (download) - annotate - [select for diffs], Thu Aug 27 06:21:15 2015 UTC (8 years, 9 months ago) by doug
Branch: MAIN
Changes since 1.112: +1 -15 lines
Diff to previous 1.112 (colored)
Remove SSLv3 support from LibreSSL. This is the first wave of SSLv3 removal which removes the main SSLv3 functions. Future commits will remove the rest of the SSLv3 support. Discussed the plan at c2k15. Input from jsing@, beck@, miod@, bcook@, sthen@, naddy@, and deraadt@. ok jsing@, beck@
Revision 1.112 / (download) - annotate - [select for diffs], Wed Jul 29 19:16:09 2015 UTC (8 years, 10 months ago) by miod
Branch: MAIN
Changes since 1.111: +7 -1 lines
Diff to previous 1.111 (colored)
Add linker warnings in case SSLv3_{,client,server}_method are referenced.
Use of this symbols proves the existence of a code path willingly using SSLv3,
even with OPENSSL_NO_SSL3 being defined, which hints that it needs fixing.
Discussed with the LibreSSL cabal during c2k15; ok deraadt@
Revision 1.111 / (download) - annotate - [select for diffs], Sat Jul 18 01:42:26 2015 UTC (8 years, 10 months ago) by doug
Branch: MAIN
Changes since 1.110: +4 -8 lines
Diff to previous 1.110 (colored)
Remove support for the SSL_OP_TLS_D5_BUG compat hack from SSLeay. This is a 17 year old workaround from SSLeay 0.9.0b. It was for clients that send RSA client key exchange in TLS using SSLv3 format (no length prefix). ok jsing@
Revision 1.110 / (download) - annotate - [select for diffs], Tue Jul 14 05:16:47 2015 UTC (8 years, 11 months ago) by doug
Branch: MAIN
Changes since 1.109: +19 -15 lines
Diff to previous 1.109 (colored)
Convert ssl3_get_client_certificate to CBS. ok miod@ jsing@
Revision 1.109 / (download) - annotate - [select for diffs], Sat Jun 20 17:04:07 2015 UTC (8 years, 11 months ago) by doug
Branch: MAIN
Changes since 1.108: +19 -14 lines
Diff to previous 1.108 (colored)
Convert ssl3_get_next_proto to CBS. tweak + ok miod@ jsing@
Revision 1.108 / (download) - annotate - [select for diffs], Thu Jun 18 22:51:05 2015 UTC (8 years, 11 months ago) by doug
Branch: MAIN
Changes since 1.107: +7 -56 lines
Diff to previous 1.107 (colored)
Remove Microsoft Server Gated Crypto. Another relic due to the old US crypto policy. From OpenSSL commit 63eab8a620944a990ab3985620966ccd9f48d681 and 95275599399e277e71d064790a1f828a99fc661a. ok jsing@ miod@
Revision 1.107 / (download) - annotate - [select for diffs], Wed Jun 17 07:29:33 2015 UTC (8 years, 11 months ago) by doug
Branch: MAIN
Changes since 1.106: +3 -2 lines
Diff to previous 1.106 (colored)
KNF whitespace. ok miod@ jsing@
Revision 1.106 / (download) - annotate - [select for diffs], Mon Jun 15 05:32:58 2015 UTC (8 years, 11 months ago) by doug
Branch: MAIN
Changes since 1.105: +5 -15 lines
Diff to previous 1.105 (colored)
Remove ancient SSL_OP_NETSCAPE_CA_DN_BUG from SSLeay days. This commit matches the OpenSSL removal in commit 3c33c6f6b10864355553961e638514a6d1bb00f6. ok deraadt@
Revision 1.105 / (download) - annotate - [select for diffs], Mon Jun 15 05:16:56 2015 UTC (8 years, 11 months ago) by doug
Branch: MAIN
Changes since 1.104: +1 -24 lines
Diff to previous 1.104 (colored)
Remove ancient compat hack SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG. This was imported into OpenSSL from SSLeay. It was recently deleted in OpenSSL commit 7a4dadc3a6a487db92619622b820eb4f7be512c9
Revision 1.104 / (download) - annotate - [select for diffs], Mon Jun 15 03:32:59 2015 UTC (8 years, 11 months ago) by doug
Branch: MAIN
Changes since 1.103: +4 -9 lines
Diff to previous 1.103 (colored)
Remove 1997's compat hack SSL_OP_SSLEAY_080_CLIENT_DH_BUG. This is a hack for an old version of SSLeay which predates OpenSSL.
Revision 1.103 / (download) - annotate - [select for diffs], Fri May 15 11:00:14 2015 UTC (9 years ago) by jsg
Branch: MAIN
Changes since 1.102: +2 -1 lines
Diff to previous 1.102 (colored)
Fix return paths with missing EVP_CIPHER_CTX_cleanup() calls. ok doug@
Revision 1.102 / (download) - annotate - [select for diffs], Wed Apr 15 16:25:43 2015 UTC (9 years, 1 month ago) by jsing
Branch: MAIN
Changes since 1.101: +4 -4 lines
Diff to previous 1.101 (colored)
Clean up the ssl_bytes_to_cipher_list() API - rather than having the ability to pass or not pass a STACK_OF(SSL_CIPHER) *, which is then either zeroed or if NULL a new one is allocated, always allocate one and return it directly. Inspired by simliar changes in BoringSSL. ok beck@ doug@
Revision 1.101 / (download) - annotate - [select for diffs], Fri Mar 27 12:29:54 2015 UTC (9 years, 2 months ago) by jsing
Branch: MAIN
Changes since 1.100: +4 -15 lines
Diff to previous 1.100 (colored)
Factor out the init_buf initialisation code, rather than duplicating it in four different places. ok doug@ guenther@
Revision 1.100 / (download) - annotate - [select for diffs], Wed Feb 25 03:49:21 2015 UTC (9 years, 3 months ago) by bcook
Branch: MAIN
Changes since 1.99: +2 -2 lines
Diff to previous 1.99 (colored)
Fix CVE-2015-0205: Do not accept client authentication with Diffie-Hellman certificates without requiring a CertificateVerify message. From OpenSSL commit: https://github.com/openssl/openssl/commit/1421e0c584ae9120ca1b88098f13d6d2e90b83a3 Thanks to Karthikeyan Bhargavan for reporting this. ok miod@
Revision 1.99 / (download) - annotate - [select for diffs], Sat Feb 7 08:56:39 2015 UTC (9 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.98: +25 -57 lines
Diff to previous 1.98 (colored)
Convert several of the server side handshake functions to the new handshake message handling routines. ok miod@
Revision 1.98 / (download) - annotate - [select for diffs], Fri Feb 6 10:04:07 2015 UTC (9 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.97: +1 -22 lines
Diff to previous 1.97 (colored)
Unifdef NETSCAPE_HANG_BUG. If you're still using a buggy version of Netscape from 2000, for HTTPS with client certificates, it is probably a good time to find a new browser. "kill it softly... with napalm and kisses" miod@
Revision 1.97 / (download) - annotate - [select for diffs], Fri Feb 6 08:30:23 2015 UTC (9 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.96: +3 -1 lines
Diff to previous 1.96 (colored)
Bring back the horrible API that is get_cipher_by_char/put_cipher_by_char. This API was intended to be an internal only, however like many things in OpenSSL, it is exposed externally and parts of the software ecosystem are now using it since there is no real alternative within the public API. ok doug@, tedu@ and reluctantly miod@
Revision 1.96 / (download) - annotate - [select for diffs], Mon Dec 29 16:12:59 2014 UTC (9 years, 5 months ago) by tedu
Branch: MAIN
Changes since 1.95: +10 -5 lines
Diff to previous 1.95 (colored)
don't leak timing info about padding errors by generating a fake key afterwards. openssl has a more complicated fix, but it's less intrusive for now to simply hoist the expensive part (fake key generation) up without sweating a branch or two. ok bcook jsing
Revision 1.95 / (download) - annotate - [select for diffs], Mon Dec 15 00:46:53 2014 UTC (9 years, 5 months ago) by doug
Branch: MAIN
Changes since 1.94: +4 -3 lines
Diff to previous 1.94 (colored)
Add error handling for EVP_DigestInit_ex(). A few EVP_DigestInit_ex() calls were left alone since reporting an error would change the public API. Changed internal ssl3_cbc_digest_record() to return a value due to the above change. It will also now set md_out_size=0 on failure. This is based on part of BoringSSL's commit to fix malloc crashes: https://boringssl.googlesource.com/boringssl/+/69a01608f33ab6fe2c3485d94aef1fe9eacf5364 ok miod@
Revision 1.94 / (download) - annotate - [select for diffs], Sun Dec 14 14:34:43 2014 UTC (9 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.93: +1 -17 lines
Diff to previous 1.93 (colored)
unifdef OPENSSL_NO_NEXTPROTONEG, which is one of the last standing #ifndef mazes in libssl. NPN is being replaced by ALPN, however it is still going to be around for a while yet. ok miod@
Revision 1.93 / (download) - annotate - [select for diffs], Wed Dec 10 15:43:31 2014 UTC (9 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.92: +10 -3 lines
Diff to previous 1.92 (colored)
ssl3_init_finished_mac() calls BIO_new() which can fail since it in turn calls malloc(). Instead of silently continuing on failure, check the return value of BIO_new() and propagate failure back to the caller for appropriate handling. ok bcook@
Revision 1.92 / (download) - annotate - [select for diffs], Wed Dec 10 15:36:47 2014 UTC (9 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.91: +2 -4 lines
Diff to previous 1.91 (colored)
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway. Discussed with Dmitry Eremin-Solenikov.
Revision 1.91 / (download) - annotate - [select for diffs], Tue Nov 18 05:33:43 2014 UTC (9 years, 6 months ago) by miod
Branch: MAIN
Changes since 1.90: +56 -22 lines
Diff to previous 1.90 (colored)
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov. This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
Revision 1.90 / (download) - annotate - [select for diffs], Sun Nov 16 14:12:47 2014 UTC (9 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.89: +7 -5 lines
Diff to previous 1.89 (colored)
Sort and group includes.
Revision 1.89 / (download) - annotate - [select for diffs], Fri Oct 31 15:25:55 2014 UTC (9 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.88: +17 -4 lines
Diff to previous 1.88 (colored)
Add support for automatic DH ephemeral keys. This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length. Partly based on OpenSSL.
Revision 1.88 / (download) - annotate - [select for diffs], Fri Oct 31 14:51:01 2014 UTC (9 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.87: +14 -80 lines
Diff to previous 1.87 (colored)
Remove support for ephemeral/temporary RSA private keys. The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers). ok bcook@ miod@
Revision 1.87 / (download) - annotate - [select for diffs], Sat Oct 18 16:13:16 2014 UTC (9 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.86: +4 -9 lines
Diff to previous 1.86 (colored)
Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes(). arc4random provides high quality pseudo-random numbers, hence there is no need to differentiate between "strong" and "pseudo". Furthermore, the arc4random_buf() function is guaranteed to succeed, which avoids the need to check for and handle failure, simplifying the code. It is worth noting that a number of the replaced RAND_bytes() and RAND_pseudo_bytes() calls were missing return value checks and these functions can fail for a number of reasons (at least in OpenSSL - thankfully they were converted to wrappers around arc4random_buf() some time ago in LibreSSL). ok beck@ deraadt@ miod@
Revision 1.86 / (download) - annotate - [select for diffs], Fri Oct 3 13:58:18 2014 UTC (9 years, 8 months ago) by jsing
Branch: MAIN
Changes since 1.85: +11 -3 lines
Diff to previous 1.85 (colored)
Add support for automatic ephemeral EC keys. This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve. Based on OpenSSL with inspiration from boringssl. ok miod@
Revision 1.85 / (download) - annotate - [select for diffs], Sat Sep 27 11:03:43 2014 UTC (9 years, 8 months ago) by jsing
Branch: MAIN
Changes since 1.84: +3 -8 lines
Diff to previous 1.84 (colored)
There is not much point checking ecdhp is not NULL... twice. ok miod@
Revision 1.84 / (download) - annotate - [select for diffs], Fri Sep 19 14:32:24 2014 UTC (9 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.83: +9 -9 lines
Diff to previous 1.83 (colored)
remove obfuscating parens. man operator is your friend.
Revision 1.83 / (download) - annotate - [select for diffs], Sun Sep 7 12:16:23 2014 UTC (9 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.82: +3 -5 lines
Diff to previous 1.82 (colored)
Remove SSL_kDHr, SSL_kDHd and SSL_aDH. No supported ciphersuites use them, nor do we plan on supporting them. ok guenther@
Revision 1.82 / (download) - annotate - [select for diffs], Sun Aug 24 14:36:45 2014 UTC (9 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.81: +3 -4 lines
Diff to previous 1.81 (colored)
Replace the remaining uses of ssl3_put_cipher_by_char() with s2n and a ssl3_cipher_get_value() helper function, which returns the cipher suite value for the given cipher. ok miod@
Revision 1.81 / (download) - annotate - [select for diffs], Mon Aug 11 04:46:42 2014 UTC (9 years, 10 months ago) by miod
Branch: MAIN
Changes since 1.80: +12 -5 lines
Diff to previous 1.80 (colored)
Unchecked memory allocation and potential leak upon error in ssl3_get_cert_verify(). ok guenther@ jsing@
Revision 1.80 / (download) - annotate - [select for diffs], Sun Aug 10 14:42:56 2014 UTC (9 years, 10 months ago) by jsing
Branch: MAIN
Changes since 1.79: +1 -3 lines
Diff to previous 1.79 (colored)
Since we no longer need to support SSLv2-style cipher lists, start
unravelling the maze of function pointers and callbacks by directly
calling ssl3_{get,put}_cipher_by_char() and removing the
ssl_{get,put}_cipher_by_char macros.
Prompted by similar changes in boringssl.
ok guenther.
Revision 1.29.4.2 / (download) - annotate - [select for diffs], Sat Aug 9 16:55:55 2014 UTC (9 years, 10 months ago) by tedu
Changes since 1.29.4.1: +7 -0 lines
Diff to previous 1.29.4.1 (colored) next main 1.30 (colored)
backport relevant security fixes from openssl 1.0.1i tested by bcook jsg
Revision 1.29.8.2 / (download) - annotate - [select for diffs], Sat Aug 9 16:54:58 2014 UTC (9 years, 10 months ago) by tedu
Changes since 1.29.8.1: +7 -0 lines
Diff to previous 1.29.8.1 (colored) next main 1.30 (colored)
backport relevant security fixes from openssl 1.0.1i tested by bcook jsg
Revision 1.79 / (download) - annotate - [select for diffs], Mon Jul 28 04:23:12 2014 UTC (9 years, 10 months ago) by guenther
Branch: MAIN
Changes since 1.78: +7 -4 lines
Diff to previous 1.78 (colored)
The RSA, DH, and ECDH temporary key callbacks expect the number of keybits for the key (expressed in RSA key bits, which makes *no sense* for ECDH) as their second argument, not zero. (jsing@ notes that the RSA callback is only invoked for 'export' ciphers, which have been removed from LibreSSL, and for the SSL_OP_EPHEMERAL_RSA option, which is makes the application non-compliant. More fuel for the tedu fire...) jasper@ noted the breakage and bisected it down to the diff that broke this ok jsing@ miod@
Revision 1.78 / (download) - annotate - [select for diffs], Sat Jul 12 22:33:39 2014 UTC (9 years, 11 months ago) by jsing
Branch: MAIN
Changes since 1.77: +9 -9 lines
Diff to previous 1.77 (colored)
The correct name for EDH is DHE, likewise EECDH should be ECDHE. Based on changes to OpenSSL trunk. ok beck@ miod@
Revision 1.77 / (download) - annotate - [select for diffs], Sat Jul 12 13:11:53 2014 UTC (9 years, 11 months ago) by jsing
Branch: MAIN
Changes since 1.76: +16 -40 lines
Diff to previous 1.76 (colored)
Remove remnants from PSK, KRB5 and SRP. ok beck@ miod@
Revision 1.76 / (download) - annotate - [select for diffs], Sat Jul 12 10:06:04 2014 UTC (9 years, 11 months ago) by jsing
Branch: MAIN
Changes since 1.75: +31 -29 lines
Diff to previous 1.75 (colored)
Place comments in a block above the if statement, rather than attempting to interleave them within the conditions. Also fix wrapping and indentation.
Revision 1.75 / (download) - annotate - [select for diffs], Fri Jul 11 22:57:25 2014 UTC (9 years, 11 months ago) by miod
Branch: MAIN
Changes since 1.74: +65 -41 lines
Diff to previous 1.74 (colored)
As reported by David Ramos, most consumer of ssl_get_message() perform late bounds check, after reading the 2-, 3- or 4-byte size of the next chunk to process. But the size fields themselves are not checked for being entirely contained in the buffer. Since reading past your bounds is bad practice, and may not possible if you are using a secure memory allocator, we need to add the necessary bounds check, at the expense of some readability. As a bonus, a wrong size GOST session key will now trigger an error instead of a printf to stderr and it being handled as if it had the correct size. Creating this diff made my eyes bleed (in the real sense); reviewing it made guenther@'s and beck@'s eyes bleed too (in the literal sense). ok guenther@ beck@
Revision 1.74 / (download) - annotate - [select for diffs], Fri Jul 11 15:18:52 2014 UTC (9 years, 11 months ago) by miod
Branch: MAIN
Changes since 1.73: +2 -3 lines
Diff to previous 1.73 (colored)
In ssl3_get_cert_verify(), allow for larger messages to accomodate keys larger than 4096-bit RSA which the most paranoid of us are using; OpenSSL PR #319 via OpenSSL trunk.
Revision 1.73 / (download) - annotate - [select for diffs], Fri Jul 11 12:24:51 2014 UTC (9 years, 11 months ago) by miod
Branch: MAIN
Changes since 1.72: +8 -13 lines
Diff to previous 1.72 (colored)
In ssl3_get_client_key_exchange() parsing a GOST session key, invoke the regular ASN.1 parser rather than trying to handroll one and potentially misbehave; OpenSSL PR #3335 via OpenSSL trunk.
Revision 1.72 / (download) - annotate - [select for diffs], Fri Jul 11 09:24:44 2014 UTC (9 years, 11 months ago) by beck
Branch: MAIN
Changes since 1.71: +1 -108 lines
Diff to previous 1.71 (colored)
Remove the PSK code. We don't need to drag around this baggage. ok miod@ jsing@
Revision 1.71 / (download) - annotate - [select for diffs], Thu Jul 10 21:36:49 2014 UTC (9 years, 11 months ago) by bcook
Branch: MAIN
Changes since 1.70: +2 -3 lines
Diff to previous 1.70 (colored)
remove unused variable from ssl3_get_client_hello ok tedu@ miod@
Revision 1.70 / (download) - annotate - [select for diffs], Thu Jul 10 08:51:14 2014 UTC (9 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.69: +1 -96 lines
Diff to previous 1.69 (colored)
decompress libssl. ok beck jsing
Revision 1.69 / (download) - annotate - [select for diffs], Thu Jul 10 08:25:00 2014 UTC (9 years, 11 months ago) by guenther
Branch: MAIN
Changes since 1.68: +41 -32 lines
Diff to previous 1.68 (colored)
KNF comments, reflowing and moving out of the middle of argument lists in places ok jsing@
Revision 1.68 / (download) - annotate - [select for diffs], Wed Jul 9 11:25:42 2014 UTC (9 years, 11 months ago) by jsing
Branch: MAIN
Changes since 1.67: +6 -27 lines
Diff to previous 1.67 (colored)
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it. ok beck@ miod@
Revision 1.67 / (download) - annotate - [select for diffs], Mon Jun 30 14:13:27 2014 UTC (9 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.66: +3 -2 lines
Diff to previous 1.66 (colored)
fix the identical leak in three different files. reported by Brent Cook, original diff by logan
Revision 1.66 / (download) - annotate - [select for diffs], Thu Jun 19 21:29:51 2014 UTC (9 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)
convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoring libc interfaces over libcrypto interfaces. for now we also prefer timingsafe_memcmp over timingsafe_bcmp, even when the latter is acceptable. ok beck deraadt matthew miod
Revision 1.65 / (download) - annotate - [select for diffs], Wed Jun 18 04:51:31 2014 UTC (9 years, 11 months ago) by miod
Branch: MAIN
Changes since 1.64: +4 -2 lines
Diff to previous 1.64 (colored)
In ssl3_send_newsession_ticket(), fix a memory leak in an error path.
Revision 1.64 / (download) - annotate - [select for diffs], Thu Jun 12 15:49:31 2014 UTC (10 years ago) by deraadt
Branch: MAIN
Changes since 1.63: +1 -1 lines
Diff to previous 1.63 (colored)
tags as requested by miod and tedu
Revision 1.63 / (download) - annotate - [select for diffs], Wed Jun 11 15:44:10 2014 UTC (10 years ago) by jsing
Branch: MAIN
Changes since 1.62: +0 -2 lines
Diff to previous 1.62 (colored)
Stop setting the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW - it has been ignored since OpenSSL 1.0.0. ok miod@ (a little while back)
Revision 1.62 / (download) - annotate - [select for diffs], Wed Jun 11 01:53:03 2014 UTC (10 years ago) by deraadt
Branch: MAIN
Changes since 1.61: +1 -1 lines
Diff to previous 1.61 (colored)
c-file-style hints, begone; ok beck
Revision 1.61 / (download) - annotate - [select for diffs], Sat Jun 7 22:23:12 2014 UTC (10 years ago) by deraadt
Branch: MAIN
Changes since 1.60: +1 -4 lines
Diff to previous 1.60 (colored)
http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2016265dfbab162ec30718b5e7480add42598158 Don't know the full story, but it looks like a "can't do random perfectly, so do it god awful" problem was found in 2013, and replaced with "only do it badly if a flag is set". New flags (SSL_MODE_SEND_SERVERHELLO_TIME and SSL_MODE_SEND_SERVERHELLO_TIME) were added [Ben Laurie?] to support the old scheme of "use time_t for first 4 bytes of the random buffer". Nothing uses these flags [ecosystem scan by sthen] Fully discourage use of these flags in the future by removing support & definition of them. The buflen < 4 check is also interesting, because no entropy would be returned. No callers passed such small buffers. ok miod sthen
Revision 1.60 / (download) - annotate - [select for diffs], Sat Jun 7 14:10:35 2014 UTC (10 years ago) by jsing
Branch: MAIN
Changes since 1.59: +6 -11 lines
Diff to previous 1.59 (colored)
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
Revision 1.29.4.1 / (download) - annotate - [select for diffs], Thu Jun 5 20:37:47 2014 UTC (10 years ago) by sthen
Changes since 1.29: +5 -2 lines
Diff to previous 1.29 (colored)
MFC ChangeCipherSpec fixes (CVE-2014-0224 and additional safeguard), ok jsing@ "Be selective as to when ChangeCipherSpec messages will be accepted. Without this an early ChangeCipherSpec message would result in session keys being generated, along with the Finished hash for the handshake, using an empty master secret." From s3_clnt.c r1.64, s3_pkt.c r1.42, s3_srvr.c r1.59, ssl3.h r1.19 - note that the ssl3.h change has been applied to s3_locl.h instead to simplify patching. "Ensure that we do not process a ChangeCipherSpec with an empty master secret. This is an additional safeguard against early ChangeCipherSpec handling." From s3_pkt.c:1.43
Revision 1.29.8.1 / (download) - annotate - [select for diffs], Thu Jun 5 17:05:16 2014 UTC (10 years ago) by sthen
Changes since 1.29: +5 -2 lines
Diff to previous 1.29 (colored)
MFC ChangeCipherSpec fixes (CVE-2014-0224 and additional safeguard), ok jsing@ "Be selective as to when ChangeCipherSpec messages will be accepted. Without this an early ChangeCipherSpec message would result in session keys being generated, along with the Finished hash for the handshake, using an empty master secret." From s3_clnt.c r1.64, s3_pkt.c r1.42, s3_srvr.c r1.59, ssl3.h r1.19 - note that the ssl3.h change has been applied to s3_locl.h instead to simplify patching. "Ensure that we do not process a ChangeCipherSpec with an empty master secret. This is an additional safeguard against early ChangeCipherSpec handling." From s3_pkt.c:1.43
Revision 1.59 / (download) - annotate - [select for diffs], Thu Jun 5 15:46:24 2014 UTC (10 years ago) by jsing
Branch: MAIN
Changes since 1.58: +5 -2 lines
Diff to previous 1.58 (colored)
Be selective as to when ChangeCipherSpec messages will be accepted. Without this an early ChangeCipherSpec message would result in session keys being generated, along with the Finished hash for the handshake, using an empty master secret. For a detailed analysis see: https://www.imperialviolet.org/2014/06/05/earlyccs.html This is a fix for CVE-2014-0224, from OpenSSL. This issue was reported to OpenSSL by KIKUCHI Masashi. Unfortunately the recent OpenSSL commit was the first we were made aware of the issue. ok deraadt@ sthen@
Revision 1.58 / (download) - annotate - [select for diffs], Wed Jun 4 14:10:23 2014 UTC (10 years ago) by tedu
Branch: MAIN
Changes since 1.57: +1 -1 lines
Diff to previous 1.57 (colored)
without overthinking it, replace a few memcmp calls with CRYPTO_memcmp where it is feasible to do so. better safe than sorry.
Revision 1.57 / (download) - annotate - [select for diffs], Sat May 31 13:55:45 2014 UTC (10 years ago) by jsing
Branch: MAIN
Changes since 1.56: +4 -4 lines
Diff to previous 1.56 (colored)
More manual OPENSSL_NO_EC and OPENSSL_NO_TLSEXT cleanup.
Revision 1.56 / (download) - annotate - [select for diffs], Sat May 31 10:49:28 2014 UTC (10 years ago) by jsing
Branch: MAIN
Changes since 1.55: +0 -27 lines
Diff to previous 1.55 (colored)
TLS would not be entirely functional without extensions, so unifdef OPENSSL_NO_TLSEXT. ok tedu@
Revision 1.55 / (download) - annotate - [select for diffs], Fri May 30 14:01:11 2014 UTC (10 years ago) by jsing
Branch: MAIN
Changes since 1.54: +13 -19 lines
Diff to previous 1.54 (colored)
Make use of SSL_IS_DTLS, SSL_USE_EXPLICIT_IV, SSL_USE_SIGALGS and SSL_USE_TLS1_2_CIPHERS. Largely based on OpenSSL head.
Revision 1.54 / (download) - annotate - [select for diffs], Thu May 29 21:25:16 2014 UTC (10 years ago) by tedu
Branch: MAIN
Changes since 1.53: +1 -6 lines
Diff to previous 1.53 (colored)
the comment says RAND_pseudo_bytes should be RAND_bytes. make it so. ok deraadt
Revision 1.53 / (download) - annotate - [select for diffs], Thu May 29 18:11:13 2014 UTC (10 years ago) by tedu
Branch: MAIN
Changes since 1.52: +0 -30 lines
Diff to previous 1.52 (colored)
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
Revision 1.52 / (download) - annotate - [select for diffs], Wed May 28 13:03:24 2014 UTC (10 years ago) by jsing
Branch: MAIN
Changes since 1.51: +3 -6 lines
Diff to previous 1.51 (colored)
There is no point in checking if a pointer is non-NULL before calling free, since free already does this for us. Also remove some pointless NULL assignments, where the result from malloc(3) is immediately assigned to the same variable. ok miod@
Revision 1.51 / (download) - annotate - [select for diffs], Sun May 25 16:23:10 2014 UTC (10 years ago) by jsing
Branch: MAIN
Changes since 1.50: +0 -19 lines
Diff to previous 1.50 (colored)
Remove TLS_DEBUG, SSL_DEBUG, CIPHER_DEBUG and OPENSSL_RI_DEBUG. Much of this is sporadic, hacked up and can easily be put back in an improved form should we ever need it. ok miod@
Revision 1.50 / (download) - annotate - [select for diffs], Sat May 24 12:44:48 2014 UTC (10 years ago) by jsing
Branch: MAIN
Changes since 1.49: +38 -4 lines
Diff to previous 1.49 (colored)
DeIMPLEMENT libssl. Expand the IMPLEMENT_* macros since it is far more readable and one less layer of abstraction. Use C99 initialisers for clarity, grepability and to protect from future field reordering/removal. ok miod@ (tedu@ also thought it was a wonderful idea, beck@ also agreed, but ran away squealing since it reminded him of the VOP layer...)
Revision 1.49 / (download) - annotate - [select for diffs], Thu May 22 17:33:17 2014 UTC (10 years ago) by jsing
Branch: MAIN
Changes since 1.48: +0 -1 lines
Diff to previous 1.48 (colored)
Stop including kssl_lcl.h and nuke it from orbit - it is a no-op now. ok beck@ miod@
Revision 1.48 / (download) - annotate - [select for diffs], Sun May 18 16:10:26 2014 UTC (10 years ago) by miod
Branch: MAIN
Changes since 1.47: +6 -1 lines
Diff to previous 1.47 (colored)
In ssl3_send_certificate_request(), when adding the extra payload if NETSCAPE_HANG_BUG is defined, make sure we BUF_MEM_grow() the buffer to accomodate for the payload size. Issue reported by David Ramos; ok beck@
Revision 1.47 / (download) - annotate - [select for diffs], Mon May 5 15:03:22 2014 UTC (10 years, 1 month ago) by tedu
Branch: MAIN
Changes since 1.46: +0 -317 lines
Diff to previous 1.46 (colored)
Remove SRP and Kerberos support from libssl. These are complex protocols all on their own and we can't effectively maintain them without using them, which we don't. If the need arises, the code can be resurrected.
Revision 1.46 / (download) - annotate - [select for diffs], Thu Apr 24 13:06:52 2014 UTC (10 years, 1 month ago) by mcbride
Branch: MAIN
Changes since 1.45: +92 -74 lines
Diff to previous 1.45 (colored)
More KNF, things that couldn't be verified with md5(1), and some whitespace I missed on the first go around.
Revision 1.45 / (download) - annotate - [select for diffs], Wed Apr 23 05:13:57 2014 UTC (10 years, 1 month ago) by beck
Branch: MAIN
Changes since 1.44: +1 -1 lines
Diff to previous 1.44 (colored)
Make libssl and libcrypto compile with -Werror ok miod@
Revision 1.44 / (download) - annotate - [select for diffs], Mon Apr 21 16:34:43 2014 UTC (10 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.43: +1 -2 lines
Diff to previous 1.43 (colored)
more malloc/realloc/calloc cleanups; ok beck kettenis
Revision 1.43 / (download) - annotate - [select for diffs], Sat Apr 19 08:52:32 2014 UTC (10 years, 1 month ago) by guenther
Branch: MAIN
Changes since 1.42: +3 -4 lines
Diff to previous 1.42 (colored)
More KNF and style consistency tweaks
Revision 1.42 / (download) - annotate - [select for diffs], Thu Apr 17 23:35:40 2014 UTC (10 years, 1 month ago) by tedu
Branch: MAIN
Changes since 1.41: +0 -18 lines
Diff to previous 1.41 (colored)
whack a bunch of disabled code. ok beck lteo
Revision 1.41 / (download) - annotate - [select for diffs], Thu Apr 17 21:37:37 2014 UTC (10 years, 1 month ago) by tedu
Branch: MAIN
Changes since 1.40: +0 -16 lines
Diff to previous 1.40 (colored)
always build in RSA and DSA. ok deraadt miod
Revision 1.40 / (download) - annotate - [select for diffs], Thu Apr 17 13:37:50 2014 UTC (10 years, 1 month ago) by beck
Branch: MAIN
Changes since 1.39: +12 -12 lines
Diff to previous 1.39 (colored)
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
Revision 1.39 / (download) - annotate - [select for diffs], Wed Apr 16 20:39:09 2014 UTC (10 years, 1 month ago) by tedu
Branch: MAIN
Changes since 1.38: +122 -0 lines
Diff to previous 1.38 (colored)
add back SRP. i was being too greedy.
Revision 1.38 / (download) - annotate - [select for diffs], Wed Apr 16 18:05:55 2014 UTC (10 years, 1 month ago) by beck
Branch: MAIN
Changes since 1.37: +1 -3 lines
Diff to previous 1.37 (colored)
Thanks to the knobs in http://tools.ietf.org/html/rfc5746, we have a knob to say "allow this connection to negotiate insecurely". de-fang the code that respects this option to ignore it. ok miod@
Revision 1.37 / (download) - annotate - [select for diffs], Wed Apr 16 17:59:16 2014 UTC (10 years, 1 month ago) by tedu
Branch: MAIN
Changes since 1.36: +0 -122 lines
Diff to previous 1.36 (colored)
disentangle SRP code from TLS
Revision 1.36 / (download) - annotate - [select for diffs], Wed Apr 16 01:43:06 2014 UTC (10 years, 1 month ago) by tedu
Branch: MAIN
Changes since 1.35: +9 -8 lines
Diff to previous 1.35 (colored)
strncpy(d, s, strlen(s)) is a special kind of stupid. even when it's right, it looks wrong. replace with auditable code and eliminate many strlen calls to improve efficiency. (wait, did somebody say FASTER?) ok beck
Revision 1.35 / (download) - annotate - [select for diffs], Wed Apr 16 00:13:30 2014 UTC (10 years, 1 month ago) by mcbride
Branch: MAIN
Changes since 1.34: +619 -361 lines
Diff to previous 1.34 (colored)
KNF
Revision 1.34 / (download) - annotate - [select for diffs], Mon Apr 14 18:45:55 2014 UTC (10 years, 1 month ago) by tedu
Branch: MAIN
Changes since 1.33: +0 -11 lines
Diff to previous 1.33 (colored)
make OPENSSL_NO_HEARTBLEED the default and only option. ok deraadt miod
Revision 1.33 / (download) - annotate - [select for diffs], Mon Apr 14 17:45:38 2014 UTC (10 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.32: +1 -2 lines
Diff to previous 1.32 (colored)
So the OpenSSL codebase does "get the time, add it as a random seed" in a bunch of places inside the TLS engine, to try to keep entropy high. I wonder if their moto is "If you can't solve a problem, at least try to do it badly". ok miod
Revision 1.32 / (download) - annotate - [select for diffs], Mon Apr 14 16:43:25 2014 UTC (10 years, 1 month ago) by jsing
Branch: MAIN
Changes since 1.31: +1601 -1896 lines
Diff to previous 1.31 (colored)
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
Revision 1.31 / (download) - annotate - [select for diffs], Sun Apr 13 21:11:19 2014 UTC (10 years, 2 months ago) by mpi
Branch: MAIN
Changes since 1.30: +1 -1 lines
Diff to previous 1.30 (colored)
Do not include "e_os.h" anymore. Simply pull in the necessary headers. ok miod@, deraadt@
Revision 1.30 / (download) - annotate - [select for diffs], Sun Apr 13 15:25:34 2014 UTC (10 years, 2 months ago) by miod
Branch: MAIN
Changes since 1.29: +23 -16 lines
Diff to previous 1.29 (colored)
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
Revision 1.1.1.16 / (download) - annotate - [select for diffs] (vendor branch), Sun Apr 13 15:16:36 2014 UTC (10 years, 2 months ago) by miod
Changes since 1.1.1.15: +23 -16 lines
Diff to previous 1.1.1.15 (colored)
Import OpenSSL 1.0.1g
Revision 1.29 / (download) - annotate - [select for diffs], Sat Oct 13 21:25:14 2012 UTC (11 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.28: +460 -86 lines
Diff to previous 1.28 (colored)
resolve conflicts
Revision 1.1.1.15 / (download) - annotate - [select for diffs] (vendor branch), Sat Oct 13 21:23:49 2012 UTC (11 years, 8 months ago) by djm
Changes since 1.1.1.14: +460 -86 lines
Diff to previous 1.1.1.14 (colored)
import OpenSSL-1.0.1c
Revision 1.28 / (download) - annotate - [select for diffs], Thu Jan 5 23:01:39 2012 UTC (12 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.27: +11 -0 lines
Diff to previous 1.27 (colored)
OpenSSL 1.0.0f: merge
Revision 1.1.1.14 / (download) - annotate - [select for diffs] (vendor branch), Thu Jan 5 22:59:09 2012 UTC (12 years, 5 months ago) by djm
Changes since 1.1.1.13: +11 -0 lines
Diff to previous 1.1.1.13 (colored)
OpenSSL 1.0.0f: import upstream source
Revision 1.27 / (download) - annotate - [select for diffs], Thu Nov 3 02:34:33 2011 UTC (12 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.26: +26 -10 lines
Diff to previous 1.26 (colored)
openssl-1.0.0e: resolve conflicts
Revision 1.1.1.13 / (download) - annotate - [select for diffs] (vendor branch), Thu Nov 3 02:32:21 2011 UTC (12 years, 7 months ago) by djm
Changes since 1.1.1.12: +31 -10 lines
Diff to previous 1.1.1.12 (colored)
import OpenSSL 1.0.0e
Revision 1.24.2.1 / (download) - annotate - [select for diffs], Wed Dec 15 09:44:23 2010 UTC (13 years, 5 months ago) by jasper
Changes since 1.24: +5 -0 lines
Diff to previous 1.24 (colored) next main 1.25 (colored)
Security fix for CVE-2010-4180 as mentioned in http://www.openssl.org/news/secadv_20101202.txt. where clients could modify the stored session cache ciphersuite and in some cases even downgrade the suite to weaker ones. This code is not enabled by default. ok djm@
Revision 1.24.4.1 / (download) - annotate - [select for diffs], Wed Dec 15 09:43:53 2010 UTC (13 years, 5 months ago) by jasper
Changes since 1.24: +5 -0 lines
Diff to previous 1.24 (colored) next main 1.25 (colored)
Security fix for CVE-2010-4180 as mentioned in http://www.openssl.org/news/secadv_20101202.txt. where clients could modify the stored session cache ciphersuite and in some cases even downgrade the suite to weaker ones. This code is not enabled by default. ok djm@
Revision 1.26 / (download) - annotate - [select for diffs], Wed Dec 15 09:42:29 2010 UTC (13 years, 5 months ago) by jasper
Branch: MAIN
Changes since 1.25: +5 -0 lines
Diff to previous 1.25 (colored)
Security fix for CVE-2010-4180 as mentioned in http://www.openssl.org/news/secadv_20101202.txt. where clients could modify the stored session cache ciphersuite and in some cases even downgrade the suite to weaker ones. This code is not enabled by default. ok djm@
Revision 1.25 / (download) - annotate - [select for diffs], Fri Oct 1 22:59:00 2010 UTC (13 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.24: +598 -271 lines
Diff to previous 1.24 (colored)
resolve conflicts, fix local changes
Revision 1.1.1.12 / (download) - annotate - [select for diffs] (vendor branch), Fri Oct 1 22:54:16 2010 UTC (13 years, 8 months ago) by djm
Changes since 1.1.1.11: +598 -263 lines
Diff to previous 1.1.1.11 (colored)
import OpenSSL-1.0.0a
Revision 1.23.6.1 / (download) - annotate - [select for diffs], Tue Nov 17 14:34:52 2009 UTC (14 years, 6 months ago) by sthen
Changes since 1.23: +8 -0 lines
Diff to previous 1.23 (colored) next main 1.24 (colored)
Pull Ben Lauries blind prefix injection fix for CVE-2009-3555 from openssl 0.9.8l. As suggested by markus@, for -stable the header change is being restricted to a private file, so the minor version is not cranked here. Discussed with markus, djm, deraadt.
Revision 1.23.2.1 / (download) - annotate - [select for diffs], Tue Nov 17 14:34:37 2009 UTC (14 years, 6 months ago) by sthen
Changes since 1.23: +8 -0 lines
Diff to previous 1.23 (colored) next main 1.24 (colored)
Pull Ben Lauries blind prefix injection fix for CVE-2009-3555 from openssl 0.9.8l. As suggested by markus@, for -stable the header change is being restricted to a private file, so the minor version is not cranked here. Discussed with markus, djm, deraadt.
Revision 1.24 / (download) - annotate - [select for diffs], Tue Nov 10 09:09:40 2009 UTC (14 years, 7 months ago) by markus
Branch: MAIN
Changes since 1.23: +8 -0 lines
Diff to previous 1.23 (colored)
pull Ben Lauries blind prefix injection fix for CVE-2009-3555 from openssl 0.9.8l; crank minor version; ok djm@ deraadt@; initially from jsg@
Revision 1.23 / (download) - annotate - [select for diffs], Fri Jan 9 12:15:52 2009 UTC (15 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.22: +19 -13 lines
Diff to previous 1.22 (colored)
resolve conflicts
Revision 1.1.1.11 / (download) - annotate - [select for diffs] (vendor branch), Fri Jan 9 12:14:07 2009 UTC (15 years, 5 months ago) by djm
Changes since 1.1.1.10: +24 -16 lines
Diff to previous 1.1.1.10 (colored)
import openssl-0.9.8j
Revision 1.20.8.1 / (download) - annotate - [select for diffs], Fri Jan 9 11:40:50 2009 UTC (15 years, 5 months ago) by djm
Changes since 1.20: +1 -1 lines
Diff to previous 1.20 (colored) next main 1.21 (colored)
Fix CVE-2008-5077: Incorrect checks for malformed signatures
Revision 1.20.10.1 / (download) - annotate - [select for diffs], Fri Jan 9 11:40:35 2009 UTC (15 years, 5 months ago) by djm
Changes since 1.20: +1 -1 lines
Diff to previous 1.20 (colored) next main 1.21 (colored)
Fix CVE-2008-5077: Incorrect checks for malformed signatures
Revision 1.22 / (download) - annotate - [select for diffs], Mon Jan 5 21:36:39 2009 UTC (15 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.21: +5 -3 lines
Diff to previous 1.21 (colored)
update to openssl-0.9.8i; tested by several, especially krw@
Revision 1.21 / (download) - annotate - [select for diffs], Sat Sep 6 12:17:53 2008 UTC (15 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.20: +846 -91 lines
Diff to previous 1.20 (colored)
resolve conflicts
Revision 1.1.1.10 / (download) - annotate - [select for diffs] (vendor branch), Sat Sep 6 12:15:51 2008 UTC (15 years, 9 months ago) by djm
Changes since 1.1.1.9: +846 -91 lines
Diff to previous 1.1.1.9 (colored)
import of OpenSSL 0.9.8h
Revision 1.20 / (download) - annotate - [select for diffs], Tue Jun 27 05:07:03 2006 UTC (17 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)
resolve conflicts
Revision 1.1.1.9 / (download) - annotate - [select for diffs] (vendor branch), Tue Jun 27 05:05:39 2006 UTC (17 years, 11 months ago) by djm
Changes since 1.1.1.8: +2 -2 lines
Diff to previous 1.1.1.8 (colored)
import of openssl-0.9.7j
Revision 1.19 / (download) - annotate - [select for diffs], Fri Apr 29 05:39:31 2005 UTC (19 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.18: +11 -6 lines
Diff to previous 1.18 (colored)
resolve conflicts
Revision 1.1.1.8 / (download) - annotate - [select for diffs] (vendor branch), Fri Apr 29 05:37:27 2005 UTC (19 years, 1 month ago) by djm
Changes since 1.1.1.7: +11 -6 lines
Diff to previous 1.1.1.7 (colored)
import of openssl-0.9.7g; tested on platforms from alpha to zaurus, ok deraadt@
Revision 1.1.1.7 / (download) - annotate - [select for diffs] (vendor branch), Wed Apr 7 20:42:06 2004 UTC (20 years, 2 months ago) by markus
Changes since 1.1.1.6: +18 -1 lines
Diff to previous 1.1.1.6 (colored)
import openssl-0.9.7d
Revision 1.18 / (download) - annotate - [select for diffs], Wed Mar 17 14:22:02 2004 UTC (20 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.17: +16 -0 lines
Diff to previous 1.17 (colored)
out-of-bounds read in (unused) kerberos ciphersuites (CAN-2004-0112)
Revision 1.1.1.6 / (download) - annotate - [select for diffs] (vendor branch), Tue Nov 11 21:21:10 2003 UTC (20 years, 7 months ago) by markus
Changes since 1.1.1.5: +10 -4 lines
Diff to previous 1.1.1.5 (colored)
import 0.9.7c
Revision 1.16.2.1 / (download) - annotate - [select for diffs], Fri Oct 31 00:13:15 2003 UTC (20 years, 7 months ago) by brad
Changes since 1.16: +10 -4 lines
Diff to previous 1.16 (colored) next main 1.17 (colored)
Pull patch from -current: SECURITY FIX Fixed by markus@ security fix from http://www.openssl.org/news/secadv_20030930.txt ok markus@ deraadt@
Revision 1.14.2.2 / (download) - annotate - [select for diffs], Wed Oct 1 22:46:19 2003 UTC (20 years, 8 months ago) by brad
Changes since 1.14.2.1: +10 -4 lines
Diff to previous 1.14.2.1 (colored) next main 1.15 (colored)
Pull patch from -current: SECURITY FIX Fixed by markus@ security fix from http://www.openssl.org/news/secadv_20030930.txt ok markus@ deraadt@
Revision 1.15.2.1 / (download) - annotate - [select for diffs], Wed Oct 1 15:58:04 2003 UTC (20 years, 8 months ago) by margarida
Changes since 1.15: +10 -4 lines
Diff to previous 1.15 (colored) next main 1.16 (colored)
Pull patch from -current: SECURITY FIX Fixed by markus@ security fix from http://www.openssl.org/news/secadv_20030930.txt ok markus@ deraadt@
Revision 1.17 / (download) - annotate - [select for diffs], Tue Sep 30 21:30:28 2003 UTC (20 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.16: +10 -4 lines
Diff to previous 1.16 (colored)
more fixes from 0.9.7c, ok deraadt, cloder
Revision 1.16 / (download) - annotate - [select for diffs], Mon May 12 02:18:40 2003 UTC (21 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.15: +18 -12 lines
Diff to previous 1.15 (colored)
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
Revision 1.1.1.5 / (download) - annotate - [select for diffs] (vendor branch), Sun May 11 21:36:42 2003 UTC (21 years, 1 month ago) by markus
Changes since 1.1.1.4: +29 -24 lines
Diff to previous 1.1.1.4 (colored)
import 0.9.7b (without idea and rc5)
Revision 1.14.2.1 / (download) - annotate - [select for diffs], Wed Mar 19 23:39:12 2003 UTC (21 years, 2 months ago) by margarida
Changes since 1.14: +12 -13 lines
Diff to previous 1.14 (colored)
Errata #11 (markus): Fix for Klima-Pokorny-Rosa attack on RSA in SSL/TLS
Revision 1.7.4.2 / (download) - annotate - [select for diffs], Wed Mar 19 23:25:40 2003 UTC (21 years, 2 months ago) by miod
Changes since 1.7.4.1: +12 -14 lines
Diff to previous 1.7.4.1 (colored) next main 1.8 (colored)
Errata #025 (markus): Fix for Klima-Pokorny-Rosa attack on RSA in SSL/TLS
Revision 1.15 / (download) - annotate - [select for diffs], Wed Mar 19 23:03:01 2003 UTC (21 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.14: +12 -13 lines
Diff to previous 1.14 (colored)
Fix for Klima-Pokorny-Rosa attack on RSA in SSL/TLS, see http://marc.theaimsgroup.com/?l=bugtraq&m=104811162730834&w=2
Revision 1.14 / (download) - annotate - [select for diffs], Sat Sep 14 11:18:03 2002 UTC (21 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.13: +5 -1 lines
Diff to previous 1.13 (colored)
merge with openssl-0.9.7-stable-SNAP-20020911, new minor for libcrypto (_X509_REQ_print_ex) tested by miod@, pb@
Revision 1.1.1.4 / (download) - annotate - [select for diffs] (vendor branch), Thu Sep 12 20:52:44 2002 UTC (21 years, 9 months ago) by markus
Changes since 1.1.1.3: +6 -2 lines
Diff to previous 1.1.1.3 (colored)
import openssl-0.9.7-stable-SNAP-20020911 (without idea)
Revision 1.13 / (download) - annotate - [select for diffs], Tue Sep 10 16:31:57 2002 UTC (21 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)
merge openssl-0.9.7-beta3, tested on vax by miod@
Revision 1.1.1.3 / (download) - annotate - [select for diffs] (vendor branch), Thu Sep 5 22:44:15 2002 UTC (21 years, 9 months ago) by markus
Changes since 1.1.1.2: +16 -4 lines
Diff to previous 1.1.1.2 (colored)
import openssl-0.9.7-beta3
Revision 1.12 / (download) - annotate - [select for diffs], Thu Sep 5 22:12:11 2002 UTC (21 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)
merge with 0.9.7-beta1
Revision 1.1.1.2 / (download) - annotate - [select for diffs] (vendor branch), Thu Sep 5 12:51:36 2002 UTC (21 years, 9 months ago) by markus
Changes since 1.1.1.1: +624 -266 lines
Diff to previous 1.1.1.1 (colored)
import openssl-0.9.7-beta1
Revision 1.11 / (download) - annotate - [select for diffs], Fri Aug 30 21:05:53 2002 UTC (21 years, 9 months ago) by markus
Branch: MAIN
Changes since 1.10: +2 -0 lines
Diff to previous 1.10 (colored)
protect <openssl/krb5_asn.h> with OPENSSL_NO_KRB5
Revision 1.10 / (download) - annotate - [select for diffs], Tue Jul 30 16:00:16 2002 UTC (21 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.9: +14 -4 lines
Diff to previous 1.9 (colored)
sync with http://www.openssl.org/news/patch_20020730_0_9_7.txt (adds fix for unused kerberos and engine code, and some more assertions, as well as a 64bit integer string fix for conf_mod.c)
Revision 1.7.4.1 / (download) - annotate - [select for diffs], Tue Jul 30 15:47:52 2002 UTC (21 years, 10 months ago) by jason
Changes since 1.7: +2 -0 lines
Diff to previous 1.7 (colored)
Pull in patch from current: Fix (markus), errata 013: apply patches from OpenSSL Security Advisory [30 July 2002], http://marc.theaimsgroup.com/?l=openssl-dev&m=102802395104110&w=2
Revision 1.9 / (download) - annotate - [select for diffs], Tue Jul 30 11:08:06 2002 UTC (21 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.8: +1 -0 lines
Diff to previous 1.8 (colored)
apply patches from OpenSSL Security Advisory [30 July 2002], http://marc.theaimsgroup.com/?l=openssl-dev&m=102802395104110&w=2
Revision 1.7.2.1 / (download) - annotate - [select for diffs], Tue Jul 30 11:07:33 2002 UTC (21 years, 10 months ago) by miod
Changes since 1.7: +2 -0 lines
Diff to previous 1.7 (colored) next main 1.8 (colored)
Errata #030 (markus): Fixes for the "OpenSSL Security Advisory [30 July 2002]"
Revision 1.8 / (download) - annotate - [select for diffs], Wed May 15 02:29:20 2002 UTC (22 years, 1 month ago) by beck
Branch: MAIN
Changes since 1.7: +321 -65 lines
Diff to previous 1.7 (colored)
OpenSSL 0.9.7 stable 2002 05 08 merge
Revision 1.7 / (download) - annotate - [select for diffs], Wed Aug 1 19:51:17 2001 UTC (22 years, 10 months ago) by beck
Branch: MAIN
Changes since 1.6: +24 -2 lines
Diff to previous 1.6 (colored)
merge openssl 0.9.6b-engine Note that this is a maintenence release, API's appear *not* to have changed. As such, I have only increased the minor number on these libraries
Revision 1.6 / (download) - annotate - [select for diffs], Sun Apr 22 23:33:04 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.5: +1 -0 lines
Diff to previous 1.5 (colored)
CRT and DH+SSL fix from 0.9.6a, ok provos@/deraadt@
Revision 1.5 / (download) - annotate - [select for diffs], Fri Dec 15 02:58:38 2000 UTC (23 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.4: +20 -6 lines
Diff to previous 1.4 (colored)
openssl-engine-0.9.6 merge
Revision 1.4 / (download) - annotate - [select for diffs], Sat Apr 15 06:18:50 2000 UTC (24 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.3: +2 -0 lines
Diff to previous 1.3 (colored)
OpenSSL 0.9.5a merge
Revision 1.3 / (download) - annotate - [select for diffs], Sun Mar 19 11:13:30 2000 UTC (24 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.2: +120 -65 lines
Diff to previous 1.2 (colored)
OpenSSL 0.9.5 merge *warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
Revision 1.2 / (download) - annotate - [select for diffs], Wed Sep 29 04:37:28 1999 UTC (24 years, 8 months ago) by beck
Branch: MAIN
Changes since 1.1: +173 -165 lines
Diff to previous 1.1 (colored)
OpenSSL 0.9.4 merge
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Mon Oct 5 20:13:12 1998 UTC (25 years, 8 months ago) by ryker
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
Revision 1.1 / (download) - annotate - [select for diffs], Mon Oct 5 20:13:12 1998 UTC (25 years, 8 months ago) by ryker
Branch: MAIN
Initial revision