summaryrefslogtreecommitdiffstats
path: root/ssl/statem
AgeCommit message (Expand)Author
2022-10-21stack: Do not add error if pop/shift/value accesses outside of the stackTomas Mraz
2022-10-19Ensure that the key share group is allowed for our protocol versionMatt Caswell
2022-10-11Update copyright yearMatt Caswell
2022-09-28Test TLS extension orderingTodd Short
2022-09-27If a ticket key callback returns 0 in TLSv1.3 don't send a ticketMatt Caswell
2022-09-22Correctly handle a retransmitted ClientHelloMatt Caswell
2022-09-16stack.c: add missing direct error reporting and improve coding styleDr. David von Oheimb
2022-08-22Coverity 1508506: misuse of time_tPauli
2022-08-19Coverity 1508534 & 1508540: misuses of time_tPauli
2022-08-02Check that IV length is not less than zeroDmitry Belyavskiy
2022-07-13Check for EVP_MD being NULL inside ssl.slontis
2022-05-24Use safe pattern for buffer size determining in case of GOST key exchangeDmitry Belyavskiy
2022-05-03Update copyright yearMatt Caswell
2022-04-14Fix an assertion in the DTLS server codeBernd Edlinger
2022-03-30tls_process_server_hello: Disallow repeated HRRTomas Mraz
2022-03-25ticket_lifetime_hint may exceed 1 week in TLSv1.3Todd Short
2022-03-15Update copyright yearMatt Caswell
2022-03-14Replace handling of negative verification result with SSL_set_retry_verify()Tomas Mraz
2022-03-03Add back check for the DH public key sizeTomas Mraz
2022-01-19ssl: better support TSAN operationsPauli
2022-01-11Fix: some patches related to error exitingPeiwei Hu
2022-01-07fix the return check of EVP_PKEY_CTX_ctrl() in 5 spotsxkernel
2022-01-06properly free the resource from CRYPTO_mallocxkernel
2021-12-14Fix invalid handling of verify errors in libsslMatt Caswell
2021-11-29No EtM for GOST ciphers in TLS 1.2Dmitry Belyavskiy
2021-11-04Fix a memory leak in tls_parse_stoc_key_shareBernd Edlinger
2021-10-27free the Post-Handshake Auth digest when there is an error saving the digestx2018
2021-10-11New extensions can be sent in a certificate requestMatt Caswell
2021-09-27ssl: Correct filename in READMETianjia Zhang
2021-08-16Fix potential double-freeTodd Short
2021-07-21tls_process_{client,server}_certificate(): allow verify_callback return > 1Dr. David von Oheimb
2021-07-06Avoid "excessive message size" for session ticketsMatt Caswell
2021-06-19ssl: fix indentationPauli
2021-06-19ssl: replace tabs with spacesPauli
2021-06-10Optimize session cache flushingTodd Short
2021-06-02tls: remove TODOsPauli
2021-06-01Rename all getters to use get/get0 in nameTomas Mraz
2021-06-01ssl: ass size_t to RAND_bytes_ex()Pauli
2021-05-29ssl: add zero strenght arguments to BN and RAND RNG callsPauli
2021-05-27Call SSLfatal when the generate_ticket_cb returns 0Todd Short
2021-05-27Use "" for include internal/xxxRich Salz
2021-05-21Cleanup the peer point formats on regotiationDmitry Belyavskiy
2021-05-17Add SSL_OP_ALLOW_CLIENT_RENEGOTIATIONRich Salz
2021-05-15Promote SSL_get_negotiated_group() for non-TLSv1.3Benjamin Kaduk
2021-05-12Don't send key_share for PSK-only key exchangeBenjamin Kaduk
2021-05-12Improve RFC 8446 PSK key exchange mode complianceBenjamin Kaduk
2021-05-01Use OCSP-specific error code for clarityDmitry Belyavskiy
2021-04-28Defer Finished MAC handling until after state transitionMatt Caswell
2021-04-22Update copyright yearMatt Caswell
2021-04-18Add "origin" field to EVP_CIPHER, EVP_MDRich Salz