| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| ... | |
| * | Nuke SSL_OP_CRYPTOPRO_TLSEXT_BUG. | jsing | 2017-08-13 | 1 | -18/+1 |
| * | Rewrite the TLS status request extension to use the new TLS extension framework. | beck | 2017-08-12 | 1 | -173/+3 |
| * | Convert TLS signature algorithms extension handling to the new framework. | jsing | 2017-08-12 | 1 | -50/+13 |
| * | Rewrite session ticket TLS extension handling using CBB/CBS and the new | doug | 2017-08-12 | 1 | -63/+3 |
| * | Remove NPN support. | jsing | 2017-08-12 | 1 | -110/+3 |
| * | Remove support for DSS/DSA, since we removed the cipher suites a while | jsing | 2017-08-12 | 1 | -13/+1 |
| * | Rewrite EllipticCurves TLS extension handling using CBB/CBS and the new | doug | 2017-08-11 | 1 | -73/+3 |
| * | Rewrite the ECPointFormats TLS extension handling using CBB/CBS and the | doug | 2017-08-11 | 1 | -144/+6 |
| * | Clean up the EC key/curve configuration handling. | jsing | 2017-08-10 | 1 | -11/+6 |
| * | Pull out the code that identifies if we have an ECC cipher in the cipher | jsing | 2017-08-09 | 1 | -32/+7 |
| * | Rewrite and move the last remnants of the ServerHello SNI handling into | jsing | 2017-07-24 | 1 | -28/+2 |
| * | Rewrite the TLS Renegotiation Indication extension handling using CBB/CBS | jsing | 2017-07-24 | 1 | -58/+5 |
| * | Hook the TLS extension parsing framework into the serverhello parsing. | jsing | 2017-07-23 | 1 | -1/+6 |
| * | Check the return value of CBB_init_fixed(), since it can fail. | jsing | 2017-07-19 | 1 | -3/+5 |
| * | Start rewriting TLS extension handling. | jsing | 2017-07-16 | 1 | -139/+34 |
| * | Move state from ssl->internal to the handshake structure. | beck | 2017-05-07 | 1 | -2/+2 |
| * | Bring in an SSL_HANDSHAKE structure and commence the great shovelling | beck | 2017-05-06 | 1 | -7/+7 |
| * | Change SSLerror() back to taking two args, with the first one being an SSL *. | beck | 2017-02-07 | 1 | -13/+13 |
| * | Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly | beck | 2017-01-26 | 1 | -23/+12 |
| * | Send the error function codes to rot in the depths of hell where they belong | beck | 2017-01-26 | 1 | -13/+13 |
| * | Remove most of SSL3_ENC_METHOD - we can just inline the function calls | jsing | 2017-01-26 | 1 | -40/+1 |
| * | sk_pop_free() checks for NULL so do not bother doing it from the callers. | jsing | 2017-01-24 | 1 | -5/+3 |
| * | #if 0 the ecformats_list and eccurves_list - these are currently unused but | jsing | 2017-01-24 | 1 | -2/+5 |
| * | Add support for setting the supported EC curves via | jsing | 2017-01-24 | 1 | -13/+96 |
| * | Correct bounds checks used when generating the EC curves extension. | jsing | 2017-01-24 | 1 | -3/+3 |
| * | Fix typo in brainpool curve name within a comment. | jsing | 2017-01-24 | 1 | -2/+2 |
| * | Move options and mode from SSL_CTX and SSL to internal, since these can be | jsing | 2017-01-23 | 1 | -4/+5 |
| * | Split most of SSL_METHOD out into an internal variant, which is opaque. | jsing | 2017-01-23 | 1 | -3/+3 |
| * | send state and rstate from ssl_st into internal. There are accessors | beck | 2017-01-23 | 1 | -2/+2 |
| * | Move a large part of ssl_st into internal, so we can see what squeals. | beck | 2017-01-23 | 1 | -70/+70 |
| * | Move most of the fields in SSL_CTX to internal - the ones that remain are | jsing | 2017-01-23 | 1 | -5/+6 |
| * | move the callbacks from ssl_st to internal | beck | 2017-01-23 | 1 | -15/+15 |
| * | Move callback function pointers and argument pointers from SSL_CTX to | jsing | 2017-01-23 | 1 | -16/+22 |
| * | Move most of the SSL3_STATE fields to internal - the ones that remain are | jsing | 2017-01-22 | 1 | -39/+39 |
| * | Move ALPN and NPN fields from SSL/SSL_CTX to internal. | jsing | 2017-01-22 | 1 | -23/+29 |
| * | Move internal parts of ssl_session_st to internal | beck | 2017-01-22 | 1 | -24/+24 |
| * | Add support for ECDHE with X25519. | jsing | 2016-12-21 | 1 | -2/+6 |
| * | Convert ssl3_get_server_hello() to CBS. | jsing | 2016-12-18 | 1 | -5/+4 |
| * | Convert ssl3_get_server_kex_ecdhe() to CBS, simplifying tls1_check_curve() | jsing | 2016-11-05 | 1 | -16/+4 |
| * | Remove support for fixed ECDH cipher suites - these is not widely supported | jsing | 2016-10-19 | 1 | -6/+4 |
| * | Check for and handle failure of HMAC_{Update,Final} or EVP_DecryptUpdate() | guenther | 2016-10-02 | 1 | -5/+11 |
| * | Detect zero-length encrypted session data early, instead of when malloc(0) | guenther | 2016-10-02 | 1 | -2/+2 |
| * | Avoid unbounded memory growth, which can be triggered by a client | jsing | 2016-09-22 | 1 | -9/+20 |
| * | Improve ticket validity checking when tlsext_ticket_key_cb() callback | guenther | 2016-09-22 | 1 | -4/+25 |
| * | Be more strict when parsing TLS extensions. | jsing | 2016-08-27 | 1 | -17/+37 |
| * | deprecate internal use of EVP_[Cipher|Encrypt|Decrypt]_Final. | beck | 2016-05-30 | 1 | -2/+2 |
| * | http -> https for a few more IETF URLs in comments or man pages | mmcc | 2016-03-10 | 1 | -2/+2 |
| * | Remove most of the SSLv3 version checks and a few TLS v1.0. | doug | 2015-09-12 | 1 | -11/+2 |
| * | Remove the ssl_prepare_{client,server}hello_tlsext() functions, which are | jsing | 2015-09-01 | 1 | -13/+1 |
| * | Properly handle missing TLS extensions in client hello as a non-failure. | bcook | 2015-08-19 | 1 | -1/+3 |
