summaryrefslogtreecommitdiffstats
path: root/ssl/t1_lib.c
AgeCommit message (Expand)Author
2013-04-04Make TLS 1.2 ciphers work again.Dr. Stephen Henson
2013-03-28Enable TLS 1.2 ciphers in DTLS 1.2.Dr. Stephen Henson
2013-03-26Enable various DTLS extensions.Dr. Stephen Henson
2013-03-18Use enc_flags when deciding protocol variations.Dr. Stephen Henson
2013-03-18DTLS revision.Dr. Stephen Henson
2013-02-06Add and use a constant-time memcmp.Ben Laurie
2013-01-24Fix warning: lenmax isn't used any more.Dr. Stephen Henson
2013-01-19Remove extraneous brackets (clang doesn't like them).Ben Laurie
2013-01-19Can't check a size_t for < 0.Ben Laurie
2012-12-18Use client version when deciding which cipher suites to disable.Dr. Stephen Henson
2012-12-10revert SUITEB128ONLY patch, anything wanting to use P-384 can use SUITEB128 i...Dr. Stephen Henson
2012-12-09allow ECDSA+SHA384 signature algorithm in SUITEB128ONLY modeDr. Stephen Henson
2012-11-26Use default point formats extension for server side as well as clientDr. Stephen Henson
2012-11-22reject zero length point format list or supported curves extensionsDr. Stephen Henson
2012-11-19fix typo and warningDr. Stephen Henson
2012-11-08new feature: if ctx==NULL in SSL_CTX_ctrl perform syntax checking only for so...Dr. Stephen Henson
2012-09-11Minor enhancement to PR#2836 fix. Instead of modifying SSL_get_certificateDr. Stephen Henson
2012-09-11Call OCSP Stapling callback after ciphersuite has been chosen, so theBen Laurie
2012-09-07store and print out message digest peer signed with in TLS 1.2Dr. Stephen Henson
2012-08-29Add compilation flag to disable certain protocol checks and allow use ofDr. Stephen Henson
2012-08-15Add three Suite B modes to TLS code, supporting RFC6460.Dr. Stephen Henson
2012-07-27Make tls1_check_chain return a set of flags indicating checks passedDr. Stephen Henson
2012-07-24Abort handshake if signature algorithm used not supported by peer.Dr. Stephen Henson
2012-07-24check EC tmp key matches preferencesDr. Stephen Henson
2012-07-24typoDr. Stephen Henson
2012-07-19stop warningDr. Stephen Henson
2012-07-18New function ssl_set_client_disabled to set masks for any ciphersuitesDr. Stephen Henson
2012-07-03no need to check s->server as default_nid is never used for TLS 1.2 client au...Dr. Stephen Henson
2012-07-03Separate client and server permitted signature algorithm support: by defaultDr. Stephen Henson
2012-06-29Add certificate callback. If set this is called whenever a certificateDr. Stephen Henson
2012-06-28Function tls1_check_ec_server_key is now redundant as we makeDr. Stephen Henson
2012-06-28Add new "valid_flags" field to CERT_PKEY structure which determines whatDr. Stephen Henson
2012-06-27don't use pseudo digests for default values of keysDr. Stephen Henson
2012-06-25Reorganise supported signature algorithm extension processing.Dr. Stephen Henson
2012-06-22Add support for application defined signature algorithms for use withDr. Stephen Henson
2012-06-11Fix memory leak.Ben Laurie
2012-06-06Parse authz correctly.Ben Laurie
2012-06-03Version skew reduction: trivia (I hope).Ben Laurie
2012-05-30RFC 5878 support.Ben Laurie
2012-04-24Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>Dr. Stephen Henson
2012-04-18correct error codesDr. Stephen Henson
2012-04-06Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>Dr. Stephen Henson
2012-04-05Add support for automatic ECDH temporary key parameter selection. WhenDr. Stephen Henson
2012-04-04Tidy up EC parameter check code: instead of accessing internal structuresDr. Stephen Henson
2012-03-28Initial revision of ECC extension handling.Dr. Stephen Henson
2012-03-21use client version when deciding whether to send supported signature algorith...Dr. Stephen Henson
2012-03-14oops, revert unrelated patchesDr. Stephen Henson
2012-03-14update FAQ, NEWSDr. Stephen Henson
2012-03-06New ctrls to retrieve supported signature algorithms and curves andDr. Stephen Henson
2012-02-27PR: 2739Dr. Stephen Henson
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 10:39:18 +0000