index
:
openbsd
OPENBSD_2_0
OPENBSD_2_1
OPENBSD_2_2
OPENBSD_2_3
OPENBSD_2_4
OPENBSD_2_5
OPENBSD_2_6
OPENBSD_2_7
OPENBSD_2_8
OPENBSD_2_9
OPENBSD_3_0
OPENBSD_3_1
OPENBSD_3_2
OPENBSD_3_3
OPENBSD_3_4
OPENBSD_3_5
OPENBSD_3_6
OPENBSD_3_7
OPENBSD_3_8
OPENBSD_3_9
OPENBSD_4_0
OPENBSD_4_1
OPENBSD_4_2
OPENBSD_4_3
OPENBSD_4_4
OPENBSD_4_5
OPENBSD_4_6
OPENBSD_4_7
OPENBSD_4_8
OPENBSD_4_9
OPENBSD_5_0
OPENBSD_5_1
OPENBSD_5_2
OPENBSD_5_3
OPENBSD_5_4
OPENBSD_5_5
OPENBSD_5_6
OPENBSD_5_7
OPENBSD_5_8
OPENBSD_5_9
OPENBSD_6_0
OPENBSD_6_1
OPENBSD_6_2
OPENBSD_6_3
OPENBSD_6_4
OPENBSD_6_5
OPENBSD_6_6
OPENBSD_6_7
OPENBSD_6_8
OPENBSD_6_9
OPENBSD_7_0
OPENBSD_7_1
OPENBSD_7_2
OPENBSD_7_3
OPENBSD_7_4
OPENBSD_7_5
OPENBSD_7_6
master
A mirror of https://github.com/libressl/openbsd.git
summary
refs
log
tree
commit
diff
log msg
author
committer
range
Commit message (
Expand
)
Author
Age
Files
Lines
...
*
Remove expired certificate, ok tb@
sthen
2020-06-01
1
-53
/
+1
*
Enable the test-tls13-zero-length-data.py test, skipping the
tb
2020-06-01
1
-8
/
+10
*
Enable test-dhe-rsa-key-exchange-with-bad-messages.py
tb
2020-06-01
1
-4
/
+2
*
Send an illegal_parameter alert if a client sends us invalid DH key
tb
2020-06-01
1
-3
/
+15
*
Add a mechanism to set an alert in those parts of the read half of
tb
2020-06-01
1
-3
/
+21
*
bump to LibreSSL 3.2.1
libressl-v3.2.0
bcook
2020-06-01
1
-3
/
+3
*
Replace ssl_max_server_version() with ssl_downgrade_max_version()
jsing
2020-05-31
3
-30
/
+6
*
When building a chain look for non-expired certificates first.
jsing
2020-05-31
1
-8
/
+29
*
Correct downgrade sentinels when a version pinned method is in use.
jsing
2020-05-31
4
-7
/
+40
*
Fix printing long doubles on architectures with hm and lm bits.
mortimer
2020-05-31
1
-1
/
+9
*
Improve server certificate selection for TLSv1.3.
jsing
2020-05-29
2
-23
/
+94
*
Handle the case where we receive a valid 0 byte application data record.
jsing
2020-05-29
1
-1
/
+10
*
Wire up the servername callback in the TLSv1.3 server.
jsing
2020-05-29
3
-3
/
+45
*
Mop up servername_done, which is unused.
jsing
2020-05-29
3
-14
/
+3
*
Add checks for SH downgrade sentinel and HRR hash in appstest.sh
inoguchi
2020-05-29
1
-1
/
+27
*
more tests after getopt_long.c rev. 1.32;
schwarze
2020-05-27
1
-10
/
+43
*
This patch fixes one bug and one instance of undesirable behaviour.
schwarze
2020-05-27
1
-9
/
+1
*
document PKCS7_dataFinal(3);
schwarze
2020-05-27
3
-3
/
+162
*
minor cleanup ahead of the following work:
schwarze
2020-05-26
1
-12
/
+14
*
Add additional length checks for TLSv1.3 plaintext and inner plaintext.
jsing
2020-05-26
1
-1
/
+6
*
Previous commit caught a few errx() cases by accident. undo them.
tb
2020-05-24
1
-25
/
+25
*
Fix some stylistic nits from jsing.
tb
2020-05-24
1
-8
/
+11
*
Clear SSL_MODE_AUTO_RETRY in libtls, since we handle WANT_POLLIN correctly.
jsing
2020-05-24
1
-1
/
+3
*
include newlines in FAIL messages
tb
2020-05-24
1
-108
/
+108
*
address some nits from jsing
tb
2020-05-24
1
-7
/
+11
*
Minimally document PKCS7_dataInit(3).
schwarze
2020-05-24
4
-5
/
+215
*
Briefly mention the obsolete function OPENSSL_init(3).
schwarze
2020-05-24
1
-7
/
+23
*
The version detection doesn't work on bluhm's test machine, causing
tb
2020-05-24
1
-3
/
+3
*
Define REGRESS_TARGETS explicitly.
tb
2020-05-23
1
-2
/
+4
*
Enforce that SNI hostnames be correct as per rfc 6066 and 5980.
beck
2020-05-23
3
-18
/
+159
*
While the second SSL_CTX in this code is only used on servername
tb
2020-05-23
1
-1
/
+2
*
In ssl_lib.c revision 1.217, jsing enabled SSL_MODE_AUTO_RETRY by
tb
2020-05-23
2
-2
/
+7
*
Enable SSL_MODE_AUTO_RETRY by default.
jsing
2020-05-23
1
-1
/
+2
*
Wire up SSL_MODE_AUTO_RETRY mode to retrying after PHH messages.
jsing
2020-05-23
2
-2
/
+8
*
Provide the option to retry or return after post-handshake messages.
jsing
2020-05-23
2
-4
/
+16
*
fix a confusingly wrapped line
tb
2020-05-23
1
-3
/
+3
*
Avoid an out-of-bounds array access in the s_server.
tb
2020-05-23
1
-1
/
+3
*
Do not assume that server_group != 0 or tlsext_supportedgroups != NULL
tb
2020-05-23
2
-9
/
+15
*
sockaddr should be sockaddr_storage, otherwise "openssl s_client -6 -dtls1"
deraadt
2020-05-22
1
-3
/
+4
*
Ensure we only attach an ocsp staple to a leaf certificate, because
beck
2020-05-22
2
-5
/
+16
*
Simplify: transform a dangling else into an early return and
tb
2020-05-21
1
-20
/
+20
*
Make ssl_set_cert_masks() more consistent and closer to readable.
jsing
2020-05-21
1
-44
/
+27
*
Avoid a shadowing issue by renaming cbs and cbb to cbb_hs and cbb_hs,
tb
2020-05-21
1
-8
/
+7
*
A failure of tls13_handshake_msg_new() could lead to a NULL deref
tb
2020-05-21
1
-11
/
+15
*
beck fixed most of the keyupdate tests. update annotation
tb
2020-05-21
1
-3
/
+8
*
Actually set the hrr flag when sending a HelloRetryRequest.
jsing
2020-05-21
1
-1
/
+3
*
hook tlsfuzzer to regress
tb
2020-05-21
1
-1
/
+2
*
Add a harness that runs tests from tlsfuzzer
tb
2020-05-21
2
-0
/
+781
*
Revert 1.43 - this fix for PHH in blocking mode breaks SSL_accept and
beck
2020-05-20
1
-2
/
+2
*
new manual page for PKCS7_set_content(3) and PKCS7_content_new(3);
schwarze
2020-05-20
4
-5
/
+127
[prev]
[next]
