summaryrefslogtreecommitdiffstats
path: root/ssl/statem
AgeCommit message (Expand)Author
9 daysSet the server sig algs before calling the session_secret_cbMatt Caswell
2024-04-26ssl/statem: Replace size_t with int and add the checksJiasheng Jiang
2024-04-22Use empty renegotiate extension instead of SCSV for TLS > 1.0Tim Perry
2024-04-09Copyright year updatesRichard Levitte
2024-04-08Fix unconstrained session cache growth in TLSv1.3Matt Caswell
2024-03-14Avoid a memcpy in dtls_get_reassembled_message()Frederik Wedel-Heinen
2024-01-31When selecting a method ensure we use the correct client/server versionMatt Caswell
2024-01-18Move increment of dtls epoch to change cipher state functionFrederik Wedel-Heinen
2024-01-03Simplify ssl protocol version comparisons.Frederik Wedel-Heinen
2023-12-29Fix new typos found by codespellDimitri Papadopoulos
2023-12-18Remove redundant logic for DTLS server version selectionFrederik Wedel-Heinen
2023-12-18Handle tls and dtls server version selection similarlyFrederik Wedel-Heinen
2023-11-30Fix implementation of `PreferNoDHEKEX` option.Markus Minichmayr
2023-11-27Make scsv read-onlyHugo Landau
2023-11-27Make bitmask table read onlyHugo Landau
2023-11-24Add option `SSL_OP_PREFER_NO_DHE_KEX`, allowing the server to prefer non-dhe ...Markus Minichmayr
2023-11-22Fix a possible use-after-free in custom_exts_freeBernd Edlinger
2023-11-21Move freeing of an old record layer to dtls1_clear_sent_bufferMatt Caswell
2023-11-21zero data in hm_fragment on allocNeil Horman
2023-11-13set_client_ciphersuite(): Fix for potential UB if session->cipher is NULLAlexey Fofanov
2023-11-08Fix a possible memory leak in custom_ext_addBernd Edlinger
2023-11-02TLS: Fix use of an uninitialized valueHugo Landau
2023-10-23Ignore a bad signature in a CertificateVerify message while fuzzingMatt Caswell
2023-09-13Fix typos found by codespellDimitri Papadopoulos
2023-09-11"foo * bar" should be "foo *bar"Dimitri Papadopoulos
2023-09-11Remove repeated wordsDimitri Papadopoulos
2023-09-07Copyright year updatesMatt Caswell
2023-08-25Always use uint8_t for TLS record typeTomas Mraz
2023-08-24Change the TLS handshake keys early if we're not doing early dataMatt Caswell
2023-08-20ssl_get_min_max_version(): Remove unused variable singleshub-al
2023-08-15TLS KeyUpdate messages are not allowed in QUICMatt Caswell
2023-08-15NewSessionTickets with an early_data extension must have a valid max valueMatt Caswell
2023-08-04Resolves some magic values that has a hello_retry_request enum type.Frederik Wedel-Heinen
2023-07-17Fix ssl3_do_write() to correctly handle retriesMatt Caswell
2023-06-23Don't ask for an invalid group in an HRRMatt Caswell
2023-06-15Fix typos found by codespellDimitri Papadopoulos
2023-06-02[feat] SSL RTT in both client and server statem. SSL_get_handshake_rtt makes ...Jairus Christensen
2023-05-30ssl/statem_srvr.c: clean up handling of EVP_PKEY_decrypt() outlenDr. David von Oheimb
2023-05-05Be more accurate about what we accept as a valid DTLS versionMatt Caswell
2023-05-02Do not send the empty renegotiation info SCSV in QUICTomas Mraz
2023-04-12Make the data field for get_record() constMatt Caswell
2023-03-28RFC7250 (RPK) supportTodd Short
2023-03-21Added `CERTIFICATE_VERIFY_MAX_LENGTH` constantVeronikaNguyen
2023-03-01Fix early_data age calculationMatt Caswell
2023-02-24first cut at sigalg loadingMichael Baentsch
2023-02-22Add the ability to mutate TLS handshake messages before they are writtenMatt Caswell
2023-02-20fuzz: fix coverity warningsPhilippe Antoine
2023-02-08fuzz: make post handshake reachablePhilippe Antoine
2023-01-24Add the ability to add a custom extension on an SSL objectMatt Caswell
2023-01-24Extend the new_record_layer functionMatt Caswell
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-15 20:29:20 +0000