generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
Mark J. Cox 951dfbb13a Introduce limits to prevent malicious keys being able to 
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
..
.cvsignore
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
bio_ssl.c
Fix various incorrect error function codes.
2005-04-26 18:53:22 +00:00
d1_both.c
fix warnings when building openssl with (gcc 3.3.1):
2005-08-28 23:20:52 +00:00
d1_clnt.c
Fix from HEAD.
2005-12-05 17:32:22 +00:00
d1_enc.c
backport recent changes from the cvs head
2006-02-08 19:16:33 +00:00
d1_lib.c
fix typo
2005-08-08 19:26:35 +00:00
d1_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
d1_pkt.c
Update from HEAD.
2006-09-23 17:30:25 +00:00
d1_srvr.c
Fix from HEAD.
2005-12-05 17:32:22 +00:00
dtls1.h
pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't
2005-05-30 22:34:28 +00:00
install.com
Synchronise more with the Unix build
2005-05-31 20:28:55 +00:00
kssl_lcl.h
To avoid commit wars over dependencies, let's make it so things that
2001-10-10 07:55:02 +00:00
kssl.c
Eliminate dependency on UNICODE macro.
2005-06-27 21:21:12 +00:00
kssl.h
Make kerberos ciphersuite code work with newer header files
2005-04-09 23:55:55 +00:00
Makefile
Update filenames in makefiles
2006-02-04 01:49:36 +00:00
s2_clnt.c
Introduce limits to prevent malicious keys being able to
2006-09-28 11:29:03 +00:00
s2_enc.c
Avoid including cryptlib.h, it's not really needed.
2003-12-27 16:10:30 +00:00
s2_lib.c
Disable invalid ciphersuites
2006-06-14 17:52:01 +00:00
s2_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
s2_pkt.c
Avoid including cryptlib.h, it's not really needed.
2003-12-27 16:10:30 +00:00
s2_srvr.c
Fix from HEAD.
2005-12-05 17:32:22 +00:00
s3_both.c
Add DTLS support.
2005-04-26 16:02:40 +00:00
s3_clnt.c
update TLS-ECC code
2005-12-13 07:41:47 +00:00
s3_enc.c
As HEAD.
2005-10-01 00:41:24 +00:00
s3_lib.c
Put ECCdraft ciphersuites back into default build (but disabled
2006-06-22 12:35:54 +00:00
s3_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
s3_pkt.c
Update from HEAD.
2005-09-30 23:38:20 +00:00
s3_srvr.c
Introduce limits to prevent malicious keys being able to
2006-09-28 11:29:03 +00:00
s23_clnt.c
Fix from HEAD.
2005-12-05 17:32:22 +00:00
s23_lib.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
s23_meth.c
make "./configure no-ssl2" work again
2006-01-15 16:57:01 +00:00
s23_pkt.c
Reorder inclusion of header files:
2002-07-10 07:01:54 +00:00
s23_srvr.c
Fix from HEAD.
2005-12-05 17:32:22 +00:00
ssl2.h
Implement msg_callback for SSL 2.0.
2001-11-10 01:16:28 +00:00
ssl3.h
Update from HEAD.
2005-09-30 23:38:20 +00:00
ssl23.h
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
ssl_algs.c
Camellia cipher, contributed by NTT
2006-06-09 15:42:21 +00:00
ssl_asn1.c
Fix from HEAD.
2005-12-05 17:32:22 +00:00
ssl_cert.c
Thread-safety fixes
2006-06-14 08:51:41 +00:00
ssl_ciph.c
ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0
2006-09-11 09:48:46 +00:00
ssl_err2.c
Use new-style system-id macros everywhere possible. I hope I haven't
2001-02-20 08:13:47 +00:00
ssl_err.c
Avoid contradictive error code assignments.
2006-01-08 21:52:46 +00:00
ssl_lib.c
Introduce limits to prevent malicious keys being able to
2006-09-28 11:29:03 +00:00
ssl_locl.h
Camellia cipher, contributed by NTT
2006-06-09 15:42:21 +00:00
ssl_rsa.c
add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()
2005-04-08 22:52:42 +00:00
ssl_sess.c
Rewrite timeout computation in a way that is less prone to overflow.
2005-12-30 23:51:57 +00:00
ssl_stat.c
Prototype info function.
2002-01-12 15:56:13 +00:00
ssl_task.c
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
ssl_txt.c
Update from HEAD.
2005-09-30 23:38:20 +00:00
ssl-lib.com
Synchronise more with the Unix build
2005-05-31 20:28:55 +00:00
ssl.h
Make sure that AES ciphersuites get priority over Camellia ciphersuites
2006-06-14 13:52:49 +00:00
ssltest.c
fix no-dh configure option; patch supplied by Peter Meerwald
2006-02-24 17:58:35 +00:00
t1_clnt.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
t1_enc.c
Don't check for padding bug if compression is negotiated.
2006-05-07 12:27:48 +00:00
t1_lib.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
t1_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
t1_srvr.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
tls1.h
Disable invalid ciphersuites
2006-06-14 17:52:01 +00:00