openssl/ssl at 055fa1c35cd8fe60c86973a8ddc2a102f7f7615b - openssl - Atria-soft GIT

generic-library/openssl

History

Mark J. Cox b213966415 Introduce limits to prevent malicious keys being able to

cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]

2006-09-28 11:53:51 +00:00

..

.cvsignore

Add emacs cache files to .cvsignore.

2005-04-11 14:18:14 +00:00

bio_ssl.c

Make it possible to disable OCSP, the speed application, and the use of sockets.

2003-02-14 01:03:06 +00:00

install.com

Update VMS build procedures to match the current status.

2000-12-28 22:26:11 +00:00

kssl_lcl.h

To avoid commit wars over dependencies, let's make it so things that

2001-10-10 07:55:02 +00:00

kssl.c

Eliminate dependency on UNICODE macro.

2005-06-27 21:14:15 +00:00

kssl.h

Make kerberos ciphersuites work with newer headers.

2005-04-09 23:32:37 +00:00

Makefile

Fix from HEAD.

2006-02-04 01:50:41 +00:00

s2_clnt.c

Introduce limits to prevent malicious keys being able to

2006-09-28 11:53:51 +00:00

s2_enc.c

Avoid including cryptlib.h, it's not really needed.

2003-12-27 16:09:59 +00:00

s2_lib.c

Disable invalid ciphersuites

2006-06-14 17:51:36 +00:00

s2_meth.c

fix more race conditions

2002-09-26 15:54:15 +00:00

s2_pkt.c

Avoid including cryptlib.h, it's not really needed.

2003-12-27 16:09:59 +00:00

s2_srvr.c

Backport of other fixes to keep VC++ happy.

2006-01-30 13:49:59 +00:00

s3_both.c

Option to disable auto SSL chain building.

2003-02-12 17:05:17 +00:00

s3_clnt.c

Backport of other fixes to keep VC++ happy.

2006-01-30 13:49:59 +00:00

s3_enc.c

Only allow TLS is FIPS mode.

2005-01-31 01:33:36 +00:00

s3_lib.c

Disable invalid ciphersuites

2006-06-14 17:51:36 +00:00

s3_meth.c

fix more race conditions

2002-09-26 15:54:15 +00:00

s3_pkt.c

Fixes so alerts are sent properly in s3_pkt.c

2004-05-15 17:46:50 +00:00

s3_srvr.c

Introduce limits to prevent malicious keys being able to

2006-09-28 11:53:51 +00:00

s23_clnt.c

Backport of other fixes to keep VC++ happy.

2006-01-30 13:49:59 +00:00

s23_lib.c

Constification.

2005-03-23 08:21:30 +00:00

s23_meth.c

fix more race conditions

2002-09-26 15:54:15 +00:00

s23_pkt.c

Reorder inclusion of header files:

2002-07-10 06:57:54 +00:00

s23_srvr.c

Backport of other fixes to keep VC++ happy.

2006-01-30 13:49:59 +00:00

ssl2.h

Implement msg_callback for SSL 2.0.

2001-11-10 01:16:28 +00:00

ssl3.h

Small bugfixes to the KSSL implementation.

2002-11-26 10:09:28 +00:00

ssl23.h

Import of old SSLeay release: SSLeay 0.9.0b

1998-12-21 10:56:39 +00:00

ssl_algs.c

Use new-style system-id macros everywhere possible. I hope I haven't

2001-02-20 08:13:47 +00:00

ssl_asn1.c

Backport of other fixes to keep VC++ happy.

2006-01-30 13:49:59 +00:00

ssl_cert.c

Thread-safety fixes

2006-06-14 08:50:11 +00:00

ssl_ciph.c

Backport from HEAD: fix ciphersuite selection

2006-09-12 14:41:50 +00:00

ssl_err2.c

Use new-style system-id macros everywhere possible. I hope I haven't

2001-02-20 08:13:47 +00:00

ssl_err.c

Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)

2006-01-08 19:33:31 +00:00

ssl_lib.c

Introduce limits to prevent malicious keys being able to

2006-09-28 11:53:51 +00:00

ssl_locl.h

PR:Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled

2005-05-11 18:26:08 +00:00

ssl_rsa.c

really clear the error queue here

2005-04-01 17:49:33 +00:00

ssl_sess.c

Backport of other fixes to keep VC++ happy.

2006-01-30 13:49:59 +00:00

ssl_stat.c

Prototype info function.

2002-01-12 15:56:13 +00:00

ssl_task.c

Many security improvements (CHATS) and a warning fix.

2002-11-12 13:23:40 +00:00

ssl_txt.c

Constification.

2005-03-23 08:21:30 +00:00

ssl-lib.com

We have some source with \r\n as line ends. DEC C informs about that,

2005-05-29 12:13:05 +00:00

ssl.h

Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)

2006-01-08 19:33:31 +00:00

ssltest.c

Replace detached signature with in-core fingerprinting.

2006-01-21 14:01:30 +00:00

t1_clnt.c

really fix race conditions

2002-09-25 15:38:17 +00:00

t1_enc.c

Only allow TLS is FIPS mode.

2005-01-31 01:33:36 +00:00

t1_lib.c

Move the registration of callback functions to special functions

2000-02-20 23:43:02 +00:00

t1_meth.c

fix more race conditions

2002-09-26 15:54:15 +00:00

t1_srvr.c

really fix race conditions

2002-09-25 15:38:17 +00:00

tls1.h

Disable invalid ciphersuites

2006-06-14 17:51:36 +00:00