summaryrefslogtreecommitdiffstats
path: root/ssl/t1_lib.c
AgeCommit message (Expand)Author
2022-06-21Update copyright yearMatt Caswell
2022-06-03Fix strict client chain check with TLS-1.3Tomas Mraz
2022-05-24Fix a crash in ssl_security_cert_chainBernd Edlinger
2021-08-24Update copyright yearMatt Caswell
2021-07-08ssl: do not choose auto DH groups that are weaker than the security levelPauli
2020-06-17use safe primes in ssl_get_auto_dh()Hubert Kario
2020-04-21Fix NULL dereference in SSL_check_chain() for TLS 1.3Benjamin Kaduk
2020-03-17Update copyright yearMatt Caswell
2020-02-16Check that ed25519 and ed448 are allowed by the security levelKurt Roeckx
2020-01-25Check that the default signature type is allowedKurt Roeckx
2019-11-10Workaround for Windows-based GOST implementationsDmitry Belyavskiy
2019-09-27Reorganize local header filesDr. Matthias St. Pierre
2019-09-10Update copyright yearMatt Caswell
2019-09-04Fix bogus check for EVP_PKEY mandatory digest in check_cert_usable()David Woodhouse
2019-08-14Fix SSL_check_chain()Matt Caswell
2019-06-26Move 'shared_sigalgs' from cert_st to ssl_stBenjamin Kaduk
2019-06-18Following the previous 2 commits also move ecpointformats out of sessionMatt Caswell
2018-11-24Honour mandatory digest on private key in has_usable_cert()David Woodhouse
2018-11-14Fix no-ec and no-tls1_2Matt Caswell
2018-11-12Added missing signature algorithm reflection functionsViktor Dukhovni
2018-11-12Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capableMatt Caswell
2018-11-08Give a better error if an attempt is made to set a zero length groups listMatt Caswell
2018-09-04Don't use an RSA-PSS cert for RSA key exchangeMatt Caswell
2018-08-22Use the same min-max version range on the client consistentlyMatt Caswell
2018-07-18Check that the public key OID matches the sig algMatt Caswell
2018-07-13Do not use GOST sig algs in TLSv1.3 where possibleMatt Caswell
2018-06-29Check return from BN_set_word.Pauli
2018-06-07Fix EAP-FASTMatt Caswell
2018-05-30Send GOST SignatureAlgorithms when TLS 1.2 in useDmitry Belyavskiy
2018-05-30Bugfix: GOST2012 certificates for GOST ciphersuites were broken.Dmitry Belyavskiy
2018-05-12Set sess to NULL after freeing it.Kurt Roeckx
2018-05-11Rework the decrypt ticket callbackMatt Caswell
2018-05-11Fix ticket callbacks in TLSv1.3Matt Caswell
2018-04-25Fix the MAX_CURVELIST definitionMatt Caswell
2018-04-24Allow TLSv1.3 EC certs to use compressed pointsMatt Caswell
2018-04-03Set error code on alloc failuresRich Salz
2018-03-28Tolerate a Certificate using a non-supported group on server sideMatt Caswell
2018-03-19Place ticket keys into secure memoryTodd Short
2018-03-19Always call the new_session_cb when issuing a NewSessionTicket in TLSv1.3Matt Caswell
2018-03-12Session Ticket app dataTodd Short
2018-03-05Add X448/Ed448 support to libsslMatt Caswell
2018-02-21Sanity check the ticket length before using key name/IVMatt Caswell
2018-02-12The function ssl_get_min_max_version() can failMatt Caswell
2018-01-25Fix uninitialized read in sigalg parsing codeBenjamin Kaduk
2018-01-25Add support for the TLS 1.3 signature_algorithms_cert extensionBenjamin Kaduk
2018-01-25Propagate TLS 1.3 sigalgs through tls1_set_sigalgs()Benjamin Kaduk
2018-01-25Add TLS 1.3 draft-23 PSS signature algorithmsBenjamin Kaduk
2018-01-09Update copyright years on all files merged since Jan 1st 2018Richard Levitte
2018-01-08Use the index that matches the key type (either SSL_PKEY_RSA_PSS_SIGN or SSL_...Noah Robbin
2018-01-08Use size of server key when selecting signature algorithm.Noah Robbin
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-12 07:39:52 +0000