summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Expand)Author
2017-05-04Add a ciphersuite config sanity check for serversMatt Caswell
2017-05-04Add a ciphersuite config sanity check for clientsMatt Caswell
2017-03-21Fix resumption after HRRMatt Caswell
2017-03-15Remove dead codeBenjamin Kaduk
2017-03-15Tighten up client status_request processingBenjamin Kaduk
2017-03-15Clear alpn_selected_len for clients, tooBenjamin Kaduk
2017-03-14De-obfuscateBenjamin Kaduk
2017-03-14Fix some -Wshadow warningsBenjamin Kaduk
2017-03-10Use the callbacks from the SSL object instead of the SSL_CTX objectPauli
2017-03-10Avoid questionable use of the value of a pointerBernd Edlinger
2017-03-10Use the new TLSv1.3 certificate_required alert where appropriateMatt Caswell
2017-03-10Check that the PSK extension is lastMatt Caswell
2017-03-10Fixup previous merge.Bernd Edlinger
2017-03-08this change will prevent undefined behavior when src and dst are equal (memcp...Roberto Guimaraes
2017-03-08Fix no-compMatt Caswell
2017-03-07Check TLSv1.3 ServerHello, Finished and KeyUpdates are on record boundaryMatt Caswell
2017-03-07Provide a function to test whether we have unread records pendingMatt Caswell
2017-03-07Get pointer type right in BIO_ssl_shutdown()Rich Salz
2017-03-06Tweak the TLSv1.3 record overflow limitsMatt Caswell
2017-03-06Fix double free in cookie generation.Kurt Roeckx
2017-03-04Don't call memcmp with a NULL pointerMatt Caswell
2017-03-04Add basic TLSv1.3 cookie supportMatt Caswell
2017-03-04Fix a memory leak on an error pathMatt Caswell
2017-03-03Set specific error is we have no valid signature algorithms setDr. Stephen Henson
2017-03-03Signature algorithm enhancement.Dr. Stephen Henson
2017-03-03Disallow zero length signature algorithmsDr. Stephen Henson
2017-03-03Don't allow DSA for TLS 1.3Dr. Stephen Henson
2017-03-03Silence some more clang warningsMatt Caswell
2017-03-02Silence some clang warningsMatt Caswell
2017-03-02Update early data API for writing to unauthenticated clientsMatt Caswell
2017-03-02Rename SSL_write_early() to SSL_write_early_data()Matt Caswell
2017-03-02Rename SSL_read_early() to SSL_read_early_data()Matt Caswell
2017-03-02Make SSL_write_early_finish() an internal only functionMatt Caswell
2017-03-02Various fixes required to allow SSL_write/SSL_read during early dataMatt Caswell
2017-03-02Enable the server to call SSL_write() without stopping the ability to call SS...Matt Caswell
2017-03-02Enable the client to call SSL_read() without stopping the ability to call SSL...Matt Caswell
2017-03-02Introduce a new early_data state in the state machineMatt Caswell
2017-03-02Improve the early data sanity check in SSL_do_handshake()Matt Caswell
2017-03-02Tighten sanity checks when calling early data functionsMatt Caswell
2017-03-02Make SSL_get_early_data_status() take a constMatt Caswell
2017-03-02Make SSL_get_max_early_data() and SSL_CTX_get_max_early_data() take a constMatt Caswell
2017-03-02Add a SSL_SESSION_get_max_early_data() functionMatt Caswell
2017-03-02Don't attempt to write more early_data than we know the server will acceptMatt Caswell
2017-03-02Only accept early_data if the negotiated ALPN is the sameMatt Caswell
2017-03-02Skip early_data if appropriate after a HelloRetryRequestMatt Caswell
2017-03-02Don't accept early_data if we are going to issue a HelloRetryRequestMatt Caswell
2017-03-02Add extra validation parsing the server-to-client early_data extensionMatt Caswell
2017-03-02Remove some TLSv1.3 TODOs that are no longer relevantMatt Caswell
2017-03-02Validate the ticket age for resumed sessionsMatt Caswell
2017-03-02Provide a default value for max_early_dataMatt Caswell
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-10 03:34:49 +0000