summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Expand)Author
2020-09-22Update copyright yearMatt Caswell
2020-09-21Support keys with RSA_METHOD_FLAG_NO_CHECK with OCSP signNorman Ashley
2020-09-21Disallow certs with explicit curve in verification chainTomas Mraz
2020-09-07Coverity FixesShane Lontis
2020-08-13Avoid segfault in SSL_export_keying_material if there is no sessionTomas Mraz
2020-07-22Avoid errors with a priori inapplicable protocol boundsViktor Dukhovni
2020-07-01Free pre_proc_exts in SSL_free()MiƂosz Kaniewski
2020-06-30Don't attempt to duplicate the BIO state in SSL_dupMatt Caswell
2020-06-30Ensure that SSL_dup copies the min/max protocol versionMatt Caswell
2020-06-17use safe primes in ssl_get_auto_dh()Hubert Kario
2020-06-11Do not allow dropping Extended Master Secret extension on renegotiatonTomas Mraz
2020-05-20t1_trce: Fix remaining places where the 24 bit shift overflow happensTomas Mraz
2020-05-15Fix crash in early data send with out-of-band PSK using AES CCMraja-ashok
2020-05-15Correct alignment calculation in ssl3_setup_writeMatt Caswell
2020-05-07Fix use-after-free in BIO_C_SET_SSL callbackDr. Matthias St. Pierre
2020-04-21Fix NULL dereference in SSL_check_chain() for TLS 1.3Benjamin Kaduk
2020-03-25Partially revert "Detect EOF while reading in libssl"Tomas Mraz
2020-03-17Update copyright yearMatt Caswell
2020-03-13Code to thread-safety in ChangeCipherStateBenjamin Kaduk
2020-03-13Don't write to the session when computing TLS 1.3 keysBenjamin Kaduk
2020-03-13Fix whitespace nit in ssl_generate_master_secret()Benjamin Kaduk
2020-02-20Detect EOF while reading in libsslMatt Caswell
2020-02-19Handle max_fragment_length overflow for DTLSSimon Cornish
2020-02-16Check that ed25519 and ed448 are allowed by the security levelKurt Roeckx
2020-01-30Don't acknowledge a servername following warning alert in servername cbMatt Caswell
2020-01-30Fix SSL_get_servername() and SNI behaviourMatt Caswell
2020-01-25Check that the default signature type is allowedKurt Roeckx
2020-01-21Fix TLS not using aes_cbc_hmac_sha ciphersBernd Edlinger
2020-01-02Update tls13_enc.cdcruette
2019-12-14Parse large GOST ClientKeyExchange messagesDmitry Belyavskiy
2019-12-11Fix some typosVeres Lajos
2019-11-21Fix a race condition in SNI handlingBenjamin Kaduk
2019-11-12SSL: Document SSL_add_{file,dir}_cert_subjects_to_stack()Richard Levitte
2019-11-11Fix misspelled resumption_label for CHARSET_EBCDICIdo Ben-Natan
2019-11-10Workaround for Windows-based GOST implementationsDmitry Belyavskiy
2019-10-10ssl/statem/statem_lib.c: make servercontext/clientcontext arrays of chars ins...Artiom Vaskov
2019-10-07Send bad_record_mac instead of decryption_failedMatt Caswell
2019-10-03'init_buf' memory can be freed when DTLS is used over SCTP (not over UDP).NaveenShivanna86
2019-10-03Do not print extensions in Certificate message for TLS1.2 and lowerDaniil Zotkin
2019-09-27Fix header file include guard namesDr. Matthias St. Pierre
2019-09-27Reorganize local header filesDr. Matthias St. Pierre
2019-09-10Update copyright yearMatt Caswell
2019-09-06Don't send a status_request extension in a CertificateRequest messageMatt Caswell
2019-09-04Fix SSL_set_ciphersuites to set even if no call to SSL_set_cipher_listraja-ashok
2019-09-04Fix bogus check for EVP_PKEY mandatory digest in check_cert_usable()David Woodhouse
2019-08-14Fix SSL_check_chain()Matt Caswell
2019-08-14Add missing EBCDIC stringsopensslonzos-github
2019-08-05Fix SSL_MODE_RELEASE_BUFFERS functionalityMatt Caswell
2019-08-01Use allow_early_data_cb from SSL instead of SSL_CTXraja-ashok
2019-07-25Don't generate an unnecessary Diffie-Hellman key in TLS 1.3 clients.David Benjamin
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-21 21:42:00 +0000