summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Expand)Author
2018-09-03Rename SSL[_CTX]_add1_CA_list -> SSL[_CTX]_add1_to_CA_listRichard Levitte
2018-09-01Fix ssl/t1_trce.c to parse certificate chainsErik Forsberg
2018-08-30Fix a mem leak on error in the PSK codeMatt Caswell
2018-08-22Don't detect a downgrade where the server has a protocol version holeMatt Caswell
2018-08-22Use the same min-max version range on the client consistentlyMatt Caswell
2018-08-22Allow TLS-1.3 ciphersuites in @SECLEVEL=3 and aboveTomas Mraz
2018-08-20Add support for SSL_CTX_set_post_handshake_auth()Matt Caswell
2018-08-20Change Post Handshake auth so that it is opt-inMatt Caswell
2018-08-15Turn on TLSv1.3 downgrade protection by defaultMatt Caswell
2018-08-15Update code for the final RFC version of TLSv1.3 (RFC8446)Matt Caswell
2018-08-14Move SSL_DEBUG md fprintf after assignmentDmitry Yakovlev
2018-08-09Improve fallback protectionMatt Caswell
2018-08-08Tolerate encrypted or plaintext alertsMatt Caswell
2018-08-08Ensure that we write out alerts correctly after early_dataMatt Caswell
2018-08-08Fix a missing call to SSLfatalMatt Caswell
2018-08-07Fix setting of ssl_strings_inited.Rich Salz
2018-08-07ssl/*: switch to switch to Thread-Sanitizer-friendly primitives.Andy Polyakov
2018-08-07Harmonize use of sk_TYPE_find's return value.Andy Polyakov
2018-08-06Ensure we send an alert on error when processing a ticketMatt Caswell
2018-07-31Fix some TLSv1.3 alert issuesMatt Caswell
2018-07-26Improve backwards compat for SSL_get_servername()Benjamin Kaduk
2018-07-20Add TODO comment for a nonsensical public APIBenjamin Kaduk
2018-07-20Normalize SNI hostname handling for SSL and SSL_SESSIONBenjamin Kaduk
2018-07-20const-ify some input SSL * argumentsBenjamin Kaduk
2018-07-20Validate legacy_versionMatt Caswell
2018-07-19Don't skip over early_data if we sent an HRRMatt Caswell
2018-07-18Check that the public key OID matches the sig algMatt Caswell
2018-07-17Fix no-pskMatt Caswell
2018-07-17Always issue new tickets when using TLSv1.3 stateful ticketsMatt Caswell
2018-07-17Don't remove sessions from the cache during PHA in TLSv1.3Matt Caswell
2018-07-13As a server don't select TLSv1.3 if we're not capable of itMatt Caswell
2018-07-13Use ssl_version_supported() when choosing server versionMatt Caswell
2018-07-13Do not use GOST sig algs in TLSv1.3 where possibleMatt Caswell
2018-07-06Introduce the recv_max_early_data settingMatt Caswell
2018-07-03Remove TLSv1.3 tickets from the client cache as we use themMatt Caswell
2018-07-03Restore behaviour from commit 36ff232cf that was incorrectly removedMatt Caswell
2018-07-02Add the ability to configure anti-replay via SSL_CONFMatt Caswell
2018-07-02Add setters to set the early_data callbackMatt Caswell
2018-07-02Make the anti-replay feature optionalMatt Caswell
2018-07-02Fix a NULL ptr deref in error path in tls_process_cke_dhe()Matt Caswell
2018-07-01Address coverity-reported NULL dereference in SSL_SESSION_print()Benjamin Kaduk
2018-06-29Check return from BN_set_word.Pauli
2018-06-27Return a fatal error if application data is encountered during shutdownMatt Caswell
2018-06-27Return SSL_ERROR_WANT_READ if SSL_shutdown() encounters handshake dataMatt Caswell
2018-06-27Auto retry if we ditch records during shutdownMatt Caswell
2018-06-26Use stateful tickets if we are doing anti-replayMatt Caswell
2018-06-26Respect SSL_OP_NO_TICKET in TLSv1.3Matt Caswell
2018-06-26Restructure the ticket construction codeMatt Caswell
2018-06-26Update SSL_SESSION_print for TLSv1.3Matt Caswell
2018-06-25Don't change a session once its in the cacheMatt Caswell
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 03:32:16 +0000