summaryrefslogtreecommitdiffstats
path: root/ssl/statem
AgeCommit message (Expand)Author
2019-05-28Update copyright yearRichard Levitte
2019-02-26Go into the error state if a fatal alert is sent or receivedMatt Caswell
2018-08-14Update copyright yearMatt Caswell
2018-07-03Don't create an invalid CertificateRequestMatt Caswell
2018-07-02Fix a NULL ptr deref in error path in tls_process_cke_dhe()Matt Caswell
2018-05-12Don't memcpy the contents of an empty fragmentMatt Caswell
2018-05-11Keep the DTLS timer running after the end of the handshake if appropriateMatt Caswell
2018-05-11Don't fail on an out-of-order CCS in DTLSMatt Caswell
2018-04-24In a reneg use the same client_version we used last timeMatt Caswell
2018-04-18Check the return from EVP_PKEY_get0_DH()Matt Caswell
2018-03-27Update copyright yearMatt Caswell
2018-03-21Don't wait for dry at the end of a handshakeMatt Caswell
2018-03-21Check for alerts while waiting for a dry eventMatt Caswell
2018-02-09Don't calculate the Finished MAC twiceMatt Caswell
2018-01-30Add the SSL_OP_NO_RENEGOTIATION option to 1.1.0Matt Caswell
2017-12-08Standardize syntax of sizeof(foo)Rich Salz
2017-10-04Remove an incorrect commentMatt Caswell
2017-06-21Fix DTLS failure when used in a build which has SCTP enabledMatt Caswell
2017-06-21Don't fail the connection in SSLv3 if server selects ECDHEMatt Caswell
2017-06-09fix broken implementations of GOST ciphersuitesRich Salz
2017-04-25Don't attempt to send fragments > max_send_fragment in DTLSMatt Caswell
2017-04-25Remove special case code for SCTP reneg handlingMatt Caswell
2017-03-30More typo fixesFdaSilvaYY
2017-03-28Fix a few more typosFdaSilvaYY
2017-02-05Combined patch against OpenSSL_1_1_0-stable branch for the following issues:Bernd Edlinger
2017-02-05Majority rules, use session_ctx vs initial_ctxTodd Short
2017-01-28Correct pointer to be freedRichard Levitte
2017-01-26Use correct signature algorithm list when sending or checking.Dr. Stephen Henson
2017-01-26Better check of DH parameters in TLS dataRichard Levitte
2017-01-24Do not overallocate for tmp.ciphers_rawBenjamin Kaduk
2017-01-24Fix SSL_get0_raw_cipherlist()Matt Caswell
2017-01-23Stop server from expecting Certificate message when not requestedMatt Caswell
2017-01-23Stop client from sending Certificate message when not requestedMatt Caswell
2017-01-23Fix SSL_VERIFY_CLIENT_ONCEMatt Caswell
2016-12-08Only call memcpy when the length is larger than 0.Kurt Roeckx
2016-11-23Fix missing NULL checks in CKE processingMatt Caswell
2016-11-09When no SRP identity is found, no error was reported server sideEasySec
2016-11-07Partial revert of "Fix client verify mode to check SSL_VERIFY_PEER"Matt Caswell
2016-11-07Always ensure that init_msg is initialised for a CCSMatt Caswell
2016-09-29Fix missing NULL checks in NewSessionTicket constructionMatt Caswell
2016-09-26Fix Use After Free for large message sizesMatt Caswell
2016-09-22Avoid KCI attack for GOSTDmitry Belyavsky
2016-09-22Fix error message typo, wrong function codeRichard Levitte
2016-09-21Excessive allocation of memory in dtls1_preprocess_fragment()Matt Caswell
2016-09-21Excessive allocation of memory in tls_get_message_header()Matt Caswell
2016-09-21Use switch instead of multiple ifsAlessandro Ghedini
2016-08-30Ensure the CertStatus message adds a DTLS message header where neededMatt Caswell
2016-08-23Fix leak on error in tls_construct_cke_gostMatt Caswell
2016-08-22Fix DTLS buffered message DoS attackMatt Caswell
2016-08-18Indent ssl/Emilia Kasper
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 14:20:33 +0000