summaryrefslogtreecommitdiff
path: root/ssl
Commit message (Expand)AuthorAgeFilesLines
* Update copyright yearMatt Caswell2018-09-111-1/+1
* Do not reset SNI data in SSL_do_handshake()Matt Caswell2018-09-072-7/+5
* Simplify SSL_get_servername() to avoid session referencesBen Kaduk2018-09-071-11/+7
* Restore historical SSL_get_servername() behaviorBen Kaduk2018-09-071-5/+2
* Ensure certificate callbacks work correctly in TLSv1.3Matt Caswell2018-09-071-2/+3
* Process KeyUpdate and NewSessionTicket messages after a close_notifyMatt Caswell2018-09-073-27/+49
* key zeroization fix for a branch path of tls13_final_finish_macShane Lontis2018-09-051-0/+1
* Don't use an RSA-PSS cert for RSA key exchangeMatt Caswell2018-09-041-3/+7
* Send a NewSessionTicket after using an external PSKMatt Caswell2018-09-041-0/+2
* Ignore EPIPE when sending NewSessionTickets in TLSv1.3Matt Caswell2018-09-041-1/+32
* Rename SSL[_CTX]_add1_CA_list -> SSL[_CTX]_add1_to_CA_listRichard Levitte2018-09-031-2/+6
* Fix ssl/t1_trce.c to parse certificate chainsErik Forsberg2018-09-011-10/+17
* Fix a mem leak on error in the PSK codeMatt Caswell2018-08-301-0/+1
* Don't detect a downgrade where the server has a protocol version holeMatt Caswell2018-08-221-3/+10
* Use the same min-max version range on the client consistentlyMatt Caswell2018-08-225-63/+79
* Allow TLS-1.3 ciphersuites in @SECLEVEL=3 and aboveTomas Mraz2018-08-221-1/+2
* Add support for SSL_CTX_set_post_handshake_auth()Matt Caswell2018-08-202-0/+9
* Change Post Handshake auth so that it is opt-inMatt Caswell2018-08-203-20/+5
* Turn on TLSv1.3 downgrade protection by defaultMatt Caswell2018-08-152-4/+2
* Update code for the final RFC version of TLSv1.3 (RFC8446)Matt Caswell2018-08-155-67/+5
* Move SSL_DEBUG md fprintf after assignmentDmitry Yakovlev2018-08-141-3/+5
* Improve fallback protectionMatt Caswell2018-08-091-0/+3
* Tolerate encrypted or plaintext alertsMatt Caswell2018-08-086-14/+44
* Ensure that we write out alerts correctly after early_dataMatt Caswell2018-08-087-15/+36
* Fix a missing call to SSLfatalMatt Caswell2018-08-081-9/+13
* Fix setting of ssl_strings_inited.Rich Salz2018-08-071-1/+1
* ssl/*: switch to switch to Thread-Sanitizer-friendly primitives.Andy Polyakov2018-08-076-80/+49
* Harmonize use of sk_TYPE_find's return value.Andy Polyakov2018-08-071-4/+1
* Ensure we send an alert on error when processing a ticketMatt Caswell2018-08-061-4/+10
* Fix some TLSv1.3 alert issuesMatt Caswell2018-07-312-1/+6
* Improve backwards compat for SSL_get_servername()Benjamin Kaduk2018-07-261-1/+4
* Add TODO comment for a nonsensical public APIBenjamin Kaduk2018-07-201-0/+9
* Normalize SNI hostname handling for SSL and SSL_SESSIONBenjamin Kaduk2018-07-204-20/+43
* const-ify some input SSL * argumentsBenjamin Kaduk2018-07-201-3/+3
* Validate legacy_versionMatt Caswell2018-07-202-0/+13
* Don't skip over early_data if we sent an HRRMatt Caswell2018-07-191-1/+3
* Check that the public key OID matches the sig algMatt Caswell2018-07-183-10/+32
* Fix no-pskMatt Caswell2018-07-171-1/+6
* Always issue new tickets when using TLSv1.3 stateful ticketsMatt Caswell2018-07-171-1/+2
* Don't remove sessions from the cache during PHA in TLSv1.3Matt Caswell2018-07-171-9/+0
* As a server don't select TLSv1.3 if we're not capable of itMatt Caswell2018-07-131-3/+35
* Use ssl_version_supported() when choosing server versionMatt Caswell2018-07-133-19/+11
* Do not use GOST sig algs in TLSv1.3 where possibleMatt Caswell2018-07-131-0/+41
* Introduce the recv_max_early_data settingMatt Caswell2018-07-063-5/+63
* Remove TLSv1.3 tickets from the client cache as we use themMatt Caswell2018-07-032-5/+15
* Restore behaviour from commit 36ff232cf that was incorrectly removedMatt Caswell2018-07-031-0/+11
* Add the ability to configure anti-replay via SSL_CONFMatt Caswell2018-07-021-2/+9
* Add setters to set the early_data callbackMatt Caswell2018-07-023-3/+31
* Make the anti-replay feature optionalMatt Caswell2018-07-024-4/+12
* Fix a NULL ptr deref in error path in tls_process_cke_dhe()Matt Caswell2018-07-021-4/+3
View Lorry Controller Status