summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Expand)Author
2018-11-20Update copyright yearMatt Caswell
2018-11-14Fix no-ec and no-tls1_2Matt Caswell
2018-11-12Added missing signature algorithm reflection functionsViktor Dukhovni
2018-11-12Separate ca_names handling for client and serverMatt Caswell
2018-11-12Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capableMatt Caswell
2018-11-10Unbreak SECLEVEL 3 regression causing it to not accept any ciphers.Tomas Mraz
2018-11-08Give a better error if an attempt is made to set a zero length groups listMatt Caswell
2018-11-08Ignore disabled ciphers when deciding if we are using ECCMatt Caswell
2018-11-06Fix return formatting.Pauli
2018-11-06Cleanse the key log buffer.Pauli
2018-11-03Restore sensible "sess_accept" counter trackingBenjamin Kaduk
2018-10-30Don't call the client_cert_cb immediately in TLSv1.3Matt Caswell
2018-10-29ssl/statem: Don't compare size_t with less than zeroRichard Levitte
2018-10-26Properly handle duplicated messages from the next epochMatt Caswell
2018-10-19Buffer a ClientHello with a cookie received via DTLSv1_listenMatt Caswell
2018-10-19Use the read and write buffers in DTLSv1_listen()Matt Caswell
2018-10-19Fix a DTLS memory leakMatt Caswell
2018-10-19Fix tls_cbc_digest_record is slow using SHA-384 and short messagesarmfazh
2018-10-17Add a missing check on s->s3->tmp.pkeyMansour Ahmadi
2018-10-15Fix no-pskMatt Caswell
2018-10-12ssl/s3_enc.c: fix logical errors in ssl3_final_finish_mac.Andy Polyakov
2018-09-24Reduce stack usage in tls13_hkdf_expandBernd Edlinger
2018-09-21Fix the max psk len for TLSv1.3Matt Caswell
2018-09-21Delay setting the sig algs until after the cert_cb has been calledMatt Caswell
2018-09-19Reset TLS 1.3 ciphers in SSL_CTX_set_ssl_version()Benjamin Kaduk
2018-09-18ssl/ssl_ciph.c: make set_ciphersuites staticDr. Matthias St. Pierre
2018-09-12Fix a possible recursion in SSLfatal handlingBernd Edlinger
2018-09-11Update copyright yearMatt Caswell
2018-09-07Do not reset SNI data in SSL_do_handshake()Matt Caswell
2018-09-07Simplify SSL_get_servername() to avoid session referencesBen Kaduk
2018-09-07Restore historical SSL_get_servername() behaviorBen Kaduk
2018-09-07Ensure certificate callbacks work correctly in TLSv1.3Matt Caswell
2018-09-07Process KeyUpdate and NewSessionTicket messages after a close_notifyMatt Caswell
2018-09-05key zeroization fix for a branch path of tls13_final_finish_macShane Lontis
2018-09-04Don't use an RSA-PSS cert for RSA key exchangeMatt Caswell
2018-09-04Send a NewSessionTicket after using an external PSKMatt Caswell
2018-09-04Ignore EPIPE when sending NewSessionTickets in TLSv1.3Matt Caswell
2018-09-03Rename SSL[_CTX]_add1_CA_list -> SSL[_CTX]_add1_to_CA_listRichard Levitte
2018-09-01Fix ssl/t1_trce.c to parse certificate chainsErik Forsberg
2018-08-30Fix a mem leak on error in the PSK codeMatt Caswell
2018-08-22Don't detect a downgrade where the server has a protocol version holeMatt Caswell
2018-08-22Use the same min-max version range on the client consistentlyMatt Caswell
2018-08-22Allow TLS-1.3 ciphersuites in @SECLEVEL=3 and aboveTomas Mraz
2018-08-20Add support for SSL_CTX_set_post_handshake_auth()Matt Caswell
2018-08-20Change Post Handshake auth so that it is opt-inMatt Caswell
2018-08-15Turn on TLSv1.3 downgrade protection by defaultMatt Caswell
2018-08-15Update code for the final RFC version of TLSv1.3 (RFC8446)Matt Caswell
2018-08-14Move SSL_DEBUG md fprintf after assignmentDmitry Yakovlev
2018-08-09Improve fallback protectionMatt Caswell
2018-08-08Tolerate encrypted or plaintext alertsMatt Caswell
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-09 00:49:58 +0000