aboutsummaryrefslogtreecommitdiff
path: root/ssl
AgeCommit message (Expand)AuthorFilesLines
2018-02-02Make sure that exporting keying material is allowedTatsuhiro Tsujikawa3-1/+12
2018-02-02Remove generation of exporter master secret on client application trafficTatsuhiro Tsujikawa1-10/+0
2018-02-02Generate exporter_master_secret after server FinishedTatsuhiro Tsujikawa1-3/+12
2018-02-01Fix some minor code nitsTodd Short2-6/+8
2018-02-01Free pha_dgst in SSL_clear()Todd Short1-0/+3
2018-02-01Add TLSv1.3 post-handshake authentication (PHA)Todd Short13-53/+443
2018-02-01Fix some instances of the wrong alert type being sentMatt Caswell2-4/+9
2018-01-30Move decisions about whether to accept reneg into the state machineMatt Caswell3-46/+26
2018-01-29Add RAND_DRBG_bytesKurt Roeckx1-2/+4
2018-01-26Fix ssl-trace with TLS 1.3 draft-23 PSS sigalgsBenjamin Kaduk1-3/+6
2018-01-25Fix uninitialized read in sigalg parsing codeBenjamin Kaduk1-1/+1
2018-01-25Add support for the TLS 1.3 signature_algorithms_cert extensionBenjamin Kaduk8-50/+121
2018-01-25Propagate TLS 1.3 sigalgs through tls1_set_sigalgs()Benjamin Kaduk2-14/+57
2018-01-25Add TLS 1.3 draft-23 PSS signature algorithmsBenjamin Kaduk2-9/+24
2018-01-24Updates following review of SSL_stateless() codeMatt Caswell2-9/+9
2018-01-24Add a timestamp to the cookieMatt Caswell1-4/+14
2018-01-24Don't send unexpected_message if we receive CCS while statelessMatt Caswell1-0/+11
2018-01-24Fix the cookie/key_share extensions for use with SSL_stateless()Matt Caswell1-21/+30
2018-01-24Fix the SSL_stateless() return codeMatt Caswell1-3/+3
2018-01-24Fix interaction between SSL_stateless() and SSL_clear()Matt Caswell2-1/+6
2018-01-24Fix logic around when to send an HRR based on cookiesMatt Caswell5-66/+127
2018-01-24Add the SSL_stateless() functionMatt Caswell1-0/+17
2018-01-24Add support for sending TLSv1.3 cookiesMatt Caswell9-13/+424
2018-01-22Move fprintf after assignment to avoid crash.Rich Salz1-3/+4
2018-01-19Copyright update of more files that have changed this yearRichard Levitte4-4/+4
2018-01-10Make data argument const in SSL_dane_tlsa_addPatrick Schlangen1-2/+2
2018-01-09Tolerate DTLS alerts with an incorrect version numberMatt Caswell1-2/+5
2018-01-09Update copyright years on all files merged since Jan 1st 2018Richard Levitte4-4/+4
2018-01-08Avoid only exact duplicates when creating the accepted CA names listTomas Mraz1-4/+23
2018-01-08Use the index that matches the key type (either SSL_PKEY_RSA_PSS_SIGN or SSL_...Noah Robbin1-4/+23
2018-01-08Use size of server key when selecting signature algorithm.Noah Robbin1-0/+34
2018-01-06Stop using unimplemented cipher classes.Bernd Edlinger1-4/+0
2018-01-03Permit the "supported_groups" extension in ServerHellosBenjamin Kaduk1-1/+27
2018-01-02Fix trace of TLSv1.3 Certificate Request messageMatt Caswell1-0/+4
2018-01-02Fix minor 'the the' typosDaniel Bevenius1-1/+1
2017-12-28Disable partial writes for early dataMatt Caswell1-4/+9
2017-12-28Don't flush the ClientHello if we're going to send early dataMatt Caswell7-19/+32
2017-12-27Alternate fix for ../test/recipes/80-test_ssl_old.t with no-ecBernd Edlinger2-35/+1
2017-12-26Remove outdated commentsPaul Yang1-5/+0
2017-12-17Add master DRBG for reseedingDr. Matthias St. Pierre1-1/+1
2017-12-17Remove spaces at end of line in ssl/statemPaul Yang4-4/+4
2017-12-18Add comments to NULL func ptrs in bio_method_stDaniel Bevenius1-3/+3
2017-12-15Fix invalid function type casts.Bernd Edlinger3-36/+88
2017-12-14Make sure we treat records written after HRR as TLSv1.3Matt Caswell1-1/+2
2017-12-14Issue a CCS from the client if we received an HRRMatt Caswell1-4/+14
2017-12-14Fix server side HRR flushingMatt Caswell1-2/+6
2017-12-14Delay flush until after CCS with early_dataMatt Caswell2-17/+22
2017-12-14Ensure CCS sent before early_data has the correct record versionMatt Caswell1-1/+3
2017-12-14Send supported_versions in an HRRMatt Caswell3-1/+17
2017-12-14Make sure supported_versions appears in an HRR tooMatt Caswell1-1/+2
generated by cgit v1.1 at 2024-07-13 09:43:41 +0000