summaryrefslogtreecommitdiffstats
path: root/ssl/statem/statem_lib.c
AgeCommit message (Expand)Author
2018-12-06Following the license change, modify the boilerplates in ssl/Richard Levitte
2018-11-27Fix access zero memory if SSL_DEBUG is enabledPaul Yang
2018-11-14Fix no-ec and no-tls1_2Matt Caswell
2018-11-12Separate ca_names handling for client and serverMatt Caswell
2018-11-12Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capableMatt Caswell
2018-10-30Don't call the client_cert_cb immediately in TLSv1.3Matt Caswell
2018-10-29ssl/statem: Don't compare size_t with less than zeroRichard Levitte
2018-09-07Ensure certificate callbacks work correctly in TLSv1.3Matt Caswell
2018-09-07Process KeyUpdate and NewSessionTicket messages after a close_notifyMatt Caswell
2018-08-22Don't detect a downgrade where the server has a protocol version holeMatt Caswell
2018-08-22Use the same min-max version range on the client consistentlyMatt Caswell
2018-08-15Turn on TLSv1.3 downgrade protection by defaultMatt Caswell
2018-08-15Update code for the final RFC version of TLSv1.3 (RFC8446)Matt Caswell
2018-08-14Move SSL_DEBUG md fprintf after assignmentDmitry Yakovlev
2018-08-09Improve fallback protectionMatt Caswell
2018-08-08Tolerate encrypted or plaintext alertsMatt Caswell
2018-08-07ssl/*: switch to switch to Thread-Sanitizer-friendly primitives.Andy Polyakov
2018-07-20Validate legacy_versionMatt Caswell
2018-07-17Fix no-pskMatt Caswell
2018-07-13As a server don't select TLSv1.3 if we're not capable of itMatt Caswell
2018-07-13Use ssl_version_supported() when choosing server versionMatt Caswell
2018-07-03Remove TLSv1.3 tickets from the client cache as we use themMatt Caswell
2018-05-15Suport TLSv1.3 draft 28Matt Caswell
2018-05-11Fix ticket callbacks in TLSv1.3Matt Caswell
2018-05-08Keep the DTLS timer running after the end of the handshake if appropriateMatt Caswell
2018-04-24In a reneg use the same client_version we used last timeMatt Caswell
2018-04-24Remove some logically dead codeMatt Caswell
2018-04-20Make sure SSL_in_init() returns 0 at SSL_CB_HANDSHAKE_DONEMatt Caswell
2018-04-17Call the info callback on all handshake done eventsMatt Caswell
2018-03-28Rewrite the X509->alert mapping codeRich Salz
2018-03-21Don't wait for dry at the end of a handshakeMatt Caswell
2018-03-15Only update the server session cache when the session is readyMatt Caswell
2018-02-09Don't calculate the Finished MAC twiceMatt Caswell
2018-02-01Add TLSv1.3 post-handshake authentication (PHA)Todd Short
2018-01-30Move decisions about whether to accept reneg into the state machineMatt Caswell
2018-01-24Don't send unexpected_message if we receive CCS while statelessMatt Caswell
2018-01-24Add support for sending TLSv1.3 cookiesMatt Caswell
2017-12-28Don't flush the ClientHello if we're going to send early dataMatt Caswell
2017-12-14Update state machine to send CCS based on whether we did an HRRMatt Caswell
2017-12-14Fix an HRR bugMatt Caswell
2017-12-14Merge HRR into ServerHelloMatt Caswell
2017-12-14Update ServerHello to new draft-22 formatMatt Caswell
2017-12-04Add some more cleanupsMatt Caswell
2017-12-04Convert more functions in ssl/statem/statem.c to use SSLfatal()Matt Caswell
2017-12-04Convert remaining functions in statem_clnt.c to use SSLfatal()Matt Caswell
2017-12-04Convert the state machine code to use SSLfatal()Matt Caswell
2017-12-04Replace some usage of SSLerr with SSLfatal()Matt Caswell
2017-11-13Resolve warnings in VC-WIN32 build, which allows to add /WX.Andy Polyakov
2017-10-30Normalize on session_ctx for stats where possibleBenjamin Kaduk
2017-10-30Use atomics for SSL_CTX statisticsBenjamin Kaduk
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-29 09:40:52 +0000