| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Add accessors to change the buffer in a handshake message. | beck | 2019-11-20 | 3 | -3/+20 |
| | | | | | | | Needed for doing TLS 1.3 Post Handshake Handshake messages. ok jsing@ | ||||
| * | Add test for cms -keyopt in appstest.sh | inoguchi | 2019-11-20 | 1 | -2/+4 |
| | | |||||
| * | Fix rsa key output format | inoguchi | 2019-11-20 | 1 | -5/+12 |
| | | | | | | | This fixes openssl(1) rsa -text output format ok tb@ | ||||
| * | Link system call tests to build. | bluhm | 2019-11-19 | 1 | -1/+2 |
| | | |||||
| * | Import NetBSD system call regression tests. They were written with | bluhm | 2019-11-19 | 49 | -0/+10692 |
| | | | | | | | | | ATF (Automated Testing Framework), so we use a small wrapper to map it to our bsd.regress.mk framework. Only half of the 80 NetBSD tests have been taken, the others need more work to adapt. Of them 34 syscall tests pass. Moritz Buhl ported the tests to OpenBSD. | ||||
| * | More return value check in openssl(1) cms | inoguchi | 2019-11-19 | 1 | -23/+29 |
| | | | | | | | Checking return value of sk_.*_new_null(). ok beck@ jsing@ | ||||
| * | Add manual descriptions for openssl(1) req -addext | inoguchi | 2019-11-19 | 1 | -2/+10 |
| | | | | | ok jmc@ | ||||
| * | Add prototypes for the functions that update application secrets | beck | 2019-11-18 | 1 | -1/+3 |
| | | | | | so that the regress tests will work for them | ||||
| * | Remove typedef and check sk_push return value in openssl(1) cms | inoguchi | 2019-11-18 | 1 | -23/+33 |
| | | | | | | | | | - Remove typedef and use 'struct cms_key_param' instead - Check return value of sk_X509_push and sk_OPENSSL_STRING_push - Add a blank line to separate variable declarations from code comments from jsing@ | ||||
| * | Add -keyopt opiton to openssl(1) cms subcommand | inoguchi | 2019-11-18 | 1 | -8/+128 |
| | | | | | | | | This provides rsa_padding_mode:oaep for cms -encrypt, and rsa_padding_mode:pss for cms -sign. ok jsing@ | ||||
| * | Provide a clean interface for sending TLSv1.3 alerts. | jsing | 2019-11-18 | 2 | -5/+17 |
| | | | | | ok beck@ | ||||
| * | fix printing of client app secret | beck | 2019-11-18 | 1 | -2/+2 |
| | | |||||
| * | Add regress for the updating of sever and client application secrets | beck | 2019-11-18 | 1 | -2/+47 |
| | | |||||
| * | Change tls13_record_layer_phh() to take a CBS as this avoids ownership | jsing | 2019-11-17 | 2 | -8/+6 |
| | | | | | | | issues and makes call sites cleaner. ok beck@ | ||||
| * | Correct update of application traffic secrets to use an empty context | beck | 2019-11-17 | 1 | -3/+7 |
| | | | | | | | rather than the hash of an empty context ok jsing@ | ||||
| * | Bring back the ssl_shutdown internal method pointer. | jsing | 2019-11-17 | 3 | -4/+21 |
| | | | | | | | | For now ssl3_shutdown() is called in all cases, however TLSv1.3 will soon get its own version. ok beck@ | ||||
| * | Add a reference for the non-standard post-handshake handshake (PHH). | tb | 2019-11-17 | 1 | -2/+2 |
| | | | | | ok beck, jsing | ||||
| * | Ensure that we are never operating in plaintext mode once the handshake | jsing | 2019-11-17 | 1 | -1/+7 |
| | | | | | | | is complete, which should never occur. ok beck@ | ||||
| * | fail to usage if extra argv are present | deraadt | 2019-11-17 | 1 | -8/+4 |
| | | | | | noticed by jsing and beck, ok tedu | ||||
| * | Provide framework for sending alerts and post-handshake handshake messages. | jsing | 2019-11-17 | 2 | -15/+174 |
| | | | | | | | Discussed at length with beck@ ok beck@ tb@ | ||||
| * | indent with a tab instead of 8 spaces | tb | 2019-11-17 | 1 | -2/+2 |
| | | |||||
| * | Move the TLSv1.3 server message handling stubs. | jsing | 2019-11-17 | 2 | -125/+125 |
| | | |||||
| * | Add the initial framework for the TLSv1.3 server. | jsing | 2019-11-17 | 3 | -3/+84 |
| | | | | | ok beck@ | ||||
| * | tls13_connect() should be static. | jsing | 2019-11-17 | 1 | -2/+2 |
| | | |||||
| * | Fix backoff to legacy when in client auth mode. | beck | 2019-11-17 | 1 | -2/+2 |
| | | | | | ok jsing@ | ||||
| * | Drop back to the legacy tls method if we are doing client authenticaiton | beck | 2019-11-17 | 1 | -1/+7 |
| | | | | | | | from a tls 1.3 connection, for now. ok jsing@ | ||||
| * | Separate the callbacks for recieved and completed post handshake messages | beck | 2019-11-17 | 3 | -10/+22 |
| | | | | | | | from the record layer ok jsing@ | ||||
| * | Allow 1.3 ciphers in libtls. | beck | 2019-11-16 | 1 | -2/+2 |
| | | | | | ok jsing@ | ||||
| * | Revert previous deduplication diff, I broke portable in a strange way. | beck | 2019-11-16 | 1 | -47/+58 |
| | | | | | | I'll figure it out a bit later. Found and diagnosed by inoguchi@ | ||||
| * | Allow portable to override the default CA bundle location | beck | 2019-11-16 | 2 | -3/+7 |
| | | | | | ok kinichiro@ jsing@ | ||||
| * | Deduplicate some extension processing code. | beck | 2019-11-15 | 1 | -58/+47 |
| | | | | | ok tb@ inoguchi@ | ||||
| * | Add missing cross-reference to NOTES section. | millert | 2019-11-14 | 1 | -3/+3 |
| | | | | | OK kn@ tb@ | ||||
| * | refactor the nc pool loop to not shut down the socket early, and | beck | 2019-11-13 | 1 | -36/+64 |
| | | | | | | | | to handle tls_shutdown correctly if using TLS, doing tls_shutdown correctly if we are using the -N flag ok sthen@ | ||||
| * | It has been called to my attention that the cookie monster ascii art | beck | 2019-11-10 | 1 | -17/+7 |
| | | | | | | | | | | in this test which I had obtained from a site purporting it to be free for use with artist attribtion might not be. After looking at at some other muppett ascii art for inspiration I am replacing this with my own ascii art muppet to replace the previously used cookie monster. The copyright for the art is the same as my code. | ||||
| * | Add test for req -addext in appstest.sh | inoguchi | 2019-11-09 | 1 | -1/+2 |
| | | |||||
| * | Check return value and remove unnecessary variable | inoguchi | 2019-11-06 | 1 | -7/+7 |
| | | | | | | | | - Check NCONF_new() return value - Remove unnecessary 'i' comments from jsing@ | ||||
| * | Add -addext option to openssl(1) req subcommand | inoguchi | 2019-11-06 | 1 | -3/+133 |
| | | | | | | | First step of adding -addext option to openssl(1) req from OpenSSL 1.1.1d. ok jsing@ | ||||
| * | use curly braces for consistency | tb | 2019-11-06 | 1 | -2/+2 |
| | | |||||
| * | Remove trailing space in appstest.sh | inoguchi | 2019-11-05 | 1 | -15/+15 |
| | | |||||
| * | Add test for cms in appstest.sh | inoguchi | 2019-11-05 | 1 | -1/+57 |
| | | |||||
| * | Allow ip addresses as argument to SSL_set1_host() but be careful to not | otto | 2019-11-04 | 1 | -2/+14 |
| | | | | | poison the context. ok and help jsing@ tb@ | ||||
| * | Fix an out of bound read/write when using a proxy. | millert | 2019-11-04 | 2 | -11/+21 |
| | | | | | From Lucas AT sexy DOT is. OK job@ kn@ | ||||
| * | Indent labels for diffability. | jsing | 2019-11-04 | 1 | -5/+5 |
| | | |||||
| * | Remove spaces between * and variable names. | jsing | 2019-11-04 | 1 | -25/+25 |
| | | |||||
| * | Remove explicit NULL checks before *_free() calls. | jsing | 2019-11-04 | 1 | -21/+14 |
| | | |||||
| * | Hook openssl(1) cms back up. | jsing | 2019-11-04 | 3 | -4/+8 |
| | | |||||
| * | Currently we need to include pem.h before cms.h... | jsing | 2019-11-04 | 1 | -2/+3 |
| | | |||||
| * | Remove engine argument from load_cert() calls. | jsing | 2019-11-04 | 1 | -8/+8 |
| | | | | | This was cleaned up after cms went to the attic. | ||||
| * | Bring openssl(1) cms back from the attic. | jsing | 2019-11-04 | 1 | -0/+1142 |
| | | |||||
| * | Add regress for CMS sign and verify. | jsing | 2019-11-04 | 1 | -2/+125 |
| | | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |