summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Expand)Author
2017-03-03Set specific error is we have no valid signature algorithms setDr. Stephen Henson
2017-03-03Signature algorithm enhancement.Dr. Stephen Henson
2017-03-03Disallow zero length signature algorithmsDr. Stephen Henson
2017-03-03Don't allow DSA for TLS 1.3Dr. Stephen Henson
2017-03-03Silence some more clang warningsMatt Caswell
2017-03-02Silence some clang warningsMatt Caswell
2017-03-02Update early data API for writing to unauthenticated clientsMatt Caswell
2017-03-02Rename SSL_write_early() to SSL_write_early_data()Matt Caswell
2017-03-02Rename SSL_read_early() to SSL_read_early_data()Matt Caswell
2017-03-02Make SSL_write_early_finish() an internal only functionMatt Caswell
2017-03-02Various fixes required to allow SSL_write/SSL_read during early dataMatt Caswell
2017-03-02Enable the server to call SSL_write() without stopping the ability to call SS...Matt Caswell
2017-03-02Enable the client to call SSL_read() without stopping the ability to call SSL...Matt Caswell
2017-03-02Introduce a new early_data state in the state machineMatt Caswell
2017-03-02Improve the early data sanity check in SSL_do_handshake()Matt Caswell
2017-03-02Tighten sanity checks when calling early data functionsMatt Caswell
2017-03-02Make SSL_get_early_data_status() take a constMatt Caswell
2017-03-02Make SSL_get_max_early_data() and SSL_CTX_get_max_early_data() take a constMatt Caswell
2017-03-02Add a SSL_SESSION_get_max_early_data() functionMatt Caswell
2017-03-02Don't attempt to write more early_data than we know the server will acceptMatt Caswell
2017-03-02Only accept early_data if the negotiated ALPN is the sameMatt Caswell
2017-03-02Skip early_data if appropriate after a HelloRetryRequestMatt Caswell
2017-03-02Don't accept early_data if we are going to issue a HelloRetryRequestMatt Caswell
2017-03-02Add extra validation parsing the server-to-client early_data extensionMatt Caswell
2017-03-02Remove some TLSv1.3 TODOs that are no longer relevantMatt Caswell
2017-03-02Validate the ticket age for resumed sessionsMatt Caswell
2017-03-02Provide a default value for max_early_dataMatt Caswell
2017-03-02Check max_early_data against the amount of early data we actually receiveMatt Caswell
2017-03-02Make sure we reset the read sequence when skipping recordsMatt Caswell
2017-03-02Disallow handshake messages in the middle of early_dataMatt Caswell
2017-03-02Fix seg fault when sending early_data using CCM ciphersuitesMatt Caswell
2017-03-02Implement client side parsing of the early_data extensionMatt Caswell
2017-03-02Fix changing of the cipher state when dealing with early dataMatt Caswell
2017-03-02Construct the server side early_data extensionMatt Caswell
2017-03-02Provide an SSL_read_early() function for reading early dataMatt Caswell
2017-03-02Change the cipher state when sending early dataMatt Caswell
2017-03-02Implement the early data changes required in tls13_change_cipher_state()Matt Caswell
2017-03-02Parse the early_data extensionMatt Caswell
2017-03-02Construct the early_data extensionMatt Caswell
2017-03-02Provide functions to write early dataMatt Caswell
2017-03-02Parse the ticket_early_data_info extensionMatt Caswell
2017-03-02Teach SSL_trace() about the early_data_info extensionMatt Caswell
2017-03-02Construct the ticket_early_data_info extensionMatt Caswell
2017-03-02Fix a compression bugMatt Caswell
2017-03-02Ensure that we never select compression in TLSv1.3Matt Caswell
2017-03-02Check for zero records and return immediatelyJon Spillett
2017-03-01Code health: ssl/ssl_locl.h unused macrosAndy
2017-03-01Remove some obsolete/obscure internal define switches:Emilia Kasper
2017-02-28Remove some commented out code in libsslMatt Caswell
2017-02-28Remove some #if 0 code in ssl, crypto/bioTodd Short