aboutsummaryrefslogtreecommitdiff
path: root/ssl
AgeCommit message (Expand)AuthorFilesLines
2018-02-26Export keying material using early exporter master secretTatsuhiro Tsujikawa5-0/+104
2018-02-23Remove OSSLzu, and fix the one place that used it.Rich Salz1-1/+1
2018-02-23Remove unreachable statement.Pauli1-1/+0
2018-02-21Sanity check the ticket length before using key name/IVMatt Caswell1-6/+12
2018-02-19The record version for ClientHello2 should be TLS1.2Matt Caswell1-1/+3
2018-02-15If s->ctx is NULL then this is an internal errorMatt Caswell1-3/+8
2018-02-14Ignore an s_client psk in TLSv1.3 if not TLSv1.3 suitableMatt Caswell1-1/+1
2018-02-13DRBG: make the derivation function the default for ctr_drbgDr. Matthias St. Pierre1-2/+1
2018-02-13Update copyright yearMatt Caswell11-11/+11
2018-02-12The function ssl_get_min_max_version() can failMatt Caswell4-6/+17
2018-02-12Don't overestimate the ticket ageMatt Caswell1-0/+10
2018-02-09Swap the check in ssl3_write_pending to avoid usingBernd Edlinger1-2/+2
2018-02-09Don't calculate the Finished MAC twiceMatt Caswell4-40/+27
2018-02-02Make sure that exporting keying material is allowedTatsuhiro Tsujikawa3-1/+12
2018-02-02Remove generation of exporter master secret on client application trafficTatsuhiro Tsujikawa1-10/+0
2018-02-02Generate exporter_master_secret after server FinishedTatsuhiro Tsujikawa1-3/+12
2018-02-01Fix some minor code nitsTodd Short2-6/+8
2018-02-01Free pha_dgst in SSL_clear()Todd Short1-0/+3
2018-02-01Add TLSv1.3 post-handshake authentication (PHA)Todd Short13-53/+443
2018-02-01Fix some instances of the wrong alert type being sentMatt Caswell2-4/+9
2018-01-30Move decisions about whether to accept reneg into the state machineMatt Caswell3-46/+26
2018-01-29Add RAND_DRBG_bytesKurt Roeckx1-2/+4
2018-01-26Fix ssl-trace with TLS 1.3 draft-23 PSS sigalgsBenjamin Kaduk1-3/+6
2018-01-25Fix uninitialized read in sigalg parsing codeBenjamin Kaduk1-1/+1
2018-01-25Add support for the TLS 1.3 signature_algorithms_cert extensionBenjamin Kaduk8-50/+121
2018-01-25Propagate TLS 1.3 sigalgs through tls1_set_sigalgs()Benjamin Kaduk2-14/+57
2018-01-25Add TLS 1.3 draft-23 PSS signature algorithmsBenjamin Kaduk2-9/+24
2018-01-24Updates following review of SSL_stateless() codeMatt Caswell2-9/+9
2018-01-24Add a timestamp to the cookieMatt Caswell1-4/+14
2018-01-24Don't send unexpected_message if we receive CCS while statelessMatt Caswell1-0/+11
2018-01-24Fix the cookie/key_share extensions for use with SSL_stateless()Matt Caswell1-21/+30
2018-01-24Fix the SSL_stateless() return codeMatt Caswell1-3/+3
2018-01-24Fix interaction between SSL_stateless() and SSL_clear()Matt Caswell2-1/+6
2018-01-24Fix logic around when to send an HRR based on cookiesMatt Caswell5-66/+127
2018-01-24Add the SSL_stateless() functionMatt Caswell1-0/+17
2018-01-24Add support for sending TLSv1.3 cookiesMatt Caswell9-13/+424
2018-01-22Move fprintf after assignment to avoid crash.Rich Salz1-3/+4
2018-01-19Copyright update of more files that have changed this yearRichard Levitte4-4/+4
2018-01-10Make data argument const in SSL_dane_tlsa_addPatrick Schlangen1-2/+2
2018-01-09Tolerate DTLS alerts with an incorrect version numberMatt Caswell1-2/+5
2018-01-09Update copyright years on all files merged since Jan 1st 2018Richard Levitte4-4/+4
2018-01-08Avoid only exact duplicates when creating the accepted CA names listTomas Mraz1-4/+23
2018-01-08Use the index that matches the key type (either SSL_PKEY_RSA_PSS_SIGN or SSL_...Noah Robbin1-4/+23
2018-01-08Use size of server key when selecting signature algorithm.Noah Robbin1-0/+34
2018-01-06Stop using unimplemented cipher classes.Bernd Edlinger1-4/+0
2018-01-03Permit the "supported_groups" extension in ServerHellosBenjamin Kaduk1-1/+27
2018-01-02Fix trace of TLSv1.3 Certificate Request messageMatt Caswell1-0/+4
2018-01-02Fix minor 'the the' typosDaniel Bevenius1-1/+1
2017-12-28Disable partial writes for early dataMatt Caswell1-4/+9
2017-12-28Don't flush the ClientHello if we're going to send early dataMatt Caswell7-19/+32
generated by cgit v1.1 at 2024-08-07 00:45:06 +0000