summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Expand)Author
2022-10-26ssl_cipher_process_rulestr: don't read outside rule_str bufferTodd C. Miller
2022-10-21stack: Do not add error if pop/shift/value accesses outside of the stackTomas Mraz
2022-10-19Ensure that the key share group is allowed for our protocol versionMatt Caswell
2022-10-11Update copyright yearMatt Caswell
2022-09-28Test TLS extension orderingTodd Short
2022-09-27ssl_log_secret call in tls13_key_updatevisbjn
2022-09-27If a ticket key callback returns 0 in TLSv1.3 don't send a ticketMatt Caswell
2022-09-22Correctly handle a retransmitted ClientHelloMatt Caswell
2022-09-16stack.c: add missing direct error reporting and improve coding styleDr. David von Oheimb
2022-09-06Coverity 1513478: negative returnPauli
2022-08-26Convert serverinfo in SSL_CTX_use_serverinfo() to v2.Daniel Fiala
2022-08-22Coverity 1508506: misuse of time_tPauli
2022-08-19Coverity 1508534 & 1508540: misuses of time_tPauli
2022-08-17Fix SSL_pending() and SSL_has_pending() with DTLSMatt Caswell
2022-08-02Check that IV length is not less than zeroDmitry Belyavskiy
2022-08-01Free up space in the session cache before adding.Todd Short
2022-07-13Check for EVP_MD being NULL inside ssl.slontis
2022-07-08ssl/tls_srp.c: Add check for BN_dupJiasheng Jiang
2022-06-22Improve diagnostics on setting groupsDmitry Belyavskiy
2022-06-21Update copyright yearMatt Caswell
2022-06-10add_provider_groups: Clean up algorithm pointer on failureTomas Mraz
2022-06-03Fix strict client chain check with TLS-1.3Tomas Mraz
2022-06-02Fix the erroneous checks of EVP_PKEY_CTX_set_group_namePeiwei Hu
2022-05-27The -no_legacy_server_connect option applies to clientTomas Mraz
2022-05-27Actually implement UnsafeLegacyServerConnect as documentedTomas Mraz
2022-05-26Fix check of dtls1_process_recordPeiwei Hu
2022-05-24Use safe pattern for buffer size determining in case of GOST key exchangeDmitry Belyavskiy
2022-05-24Fix a crash in ssl_security_cert_chainBernd Edlinger
2022-05-24Fix check of EVP_CIPHER_CTX_ctrlPeiwei Hu
2022-05-16Add return value check of EVP_PKEY_copy_parameters () in ssl_set_cert_and_key()Zhou Qingyang
2022-05-10err: get rid of err_free_strings_int()Dr. Matthias St. Pierre
2022-05-09Fix leakage when the cacheline is 32-bytes in CBC_MAC_ROTATE_IN_PLACEbasavesh
2022-05-03Update copyright yearMatt Caswell
2022-04-27Add SSL_(CTX_)?get0_(verify|chain)_cert_store functionsHugo Landau
2022-04-21str[n]casecmp => OPENSSL_strncasecmpDmitry Belyavskiy
2022-04-14Fix an assertion in the DTLS server codeBernd Edlinger
2022-04-12SSL_conf_cmd: Allow DH Parameters at any position.Daniel Fiala
2022-03-30tls_process_server_hello: Disallow repeated HRRTomas Mraz
2022-03-25ticket_lifetime_hint may exceed 1 week in TLSv1.3Todd Short
2022-03-23Fix Coverity 1498611 & 1498608: uninitialised readPauli
2022-03-18print SSL session, fix build warnings on OpenBSD.David Carlier
2022-03-15Update copyright yearMatt Caswell
2022-03-14Replace handling of negative verification result with SSL_set_retry_verify()Tomas Mraz
2022-03-03Add back check for the DH public key sizeTomas Mraz
2022-03-02[ssl] Add SSL_kDHEPSK and SSL_kECDHEPSK as PFS ciphersuites for SECLEVEL >= 3Nicola Tuveri
2022-03-02[ssl] Prefer SSL_k(EC)?DHE to the SSL_kE(EC)?DH aliasNicola Tuveri
2022-02-12Cleanup record length checks for KTLSBernd Edlinger
2022-01-19ssl: better support TSAN operationsPauli
2022-01-17ssl/t1_enc: Fix kTLS RX offload pathDmytro Podgornyi
2022-01-11Fix: some patches related to error exitingPeiwei Hu