summaryrefslogtreecommitdiff
path: root/src/lib/libssl (follow)
Commit message (Expand)AuthorAgeFilesLines
...
* Add a mechanism to set an alert in those parts of the read half oftb2020-06-011-3/+21
* Replace ssl_max_server_version() with ssl_downgrade_max_version()jsing2020-05-313-30/+6
* Correct downgrade sentinels when a version pinned method is in use.jsing2020-05-314-7/+40
* Improve server certificate selection for TLSv1.3.jsing2020-05-292-23/+94
* Handle the case where we receive a valid 0 byte application data record.jsing2020-05-291-1/+10
* Wire up the servername callback in the TLSv1.3 server.jsing2020-05-293-3/+45
* Mop up servername_done, which is unused.jsing2020-05-293-14/+3
* minor cleanup ahead of the following work:schwarze2020-05-261-12/+14
* Add additional length checks for TLSv1.3 plaintext and inner plaintext.jsing2020-05-261-1/+6
* Fix some stylistic nits from jsing.tb2020-05-241-8/+11
* Enforce that SNI hostnames be correct as per rfc 6066 and 5980.beck2020-05-232-17/+80
* Enable SSL_MODE_AUTO_RETRY by default.jsing2020-05-231-1/+2
* Wire up SSL_MODE_AUTO_RETRY mode to retrying after PHH messages.jsing2020-05-232-2/+8
* Provide the option to retry or return after post-handshake messages.jsing2020-05-232-4/+16
* fix a confusingly wrapped linetb2020-05-231-3/+3
* Do not assume that server_group != 0 or tlsext_supportedgroups != NULLtb2020-05-232-9/+15
* Ensure we only attach an ocsp staple to a leaf certificate, becausebeck2020-05-222-5/+16
* Simplify: transform a dangling else into an early return andtb2020-05-211-20/+20
* Make ssl_set_cert_masks() more consistent and closer to readable.jsing2020-05-211-44/+27
* Avoid a shadowing issue by renaming cbs and cbb to cbb_hs and cbb_hs,tb2020-05-211-8/+7
* A failure of tls13_handshake_msg_new() could lead to a NULL dereftb2020-05-211-11/+15
* Actually set the hrr flag when sending a HelloRetryRequest.jsing2020-05-211-1/+3
* Revert 1.43 - this fix for PHH in blocking mode breaks SSL_accept andbeck2020-05-201-2/+2
* Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.jsing2020-05-198-46/+31
* Only send ocsp staples if the client asked for ocsp certificate status.beck2020-05-191-1/+2
* Add support for TLS 1.3 server to send certificate statusbeck2020-05-195-15/+38
* Send alerts back correctly when handling key shares, includingbeck2020-05-171-8/+19
* Free handshake message correctly, noticed by tb@beck2020-05-171-2/+2
* Send a decode error alert if a server provides an empty certificate list.jsing2020-05-171-2/+2
* Return TLS13_IO_WANT_POLLIN after processing post-handshake messages.jsing2020-05-161-2/+2
* Ensure that a TLSv1.3 server has provided a certificate.jsing2020-05-161-1/+9
* Add TLS13_ERR_NO_CERTIFICATE.jsing2020-05-162-3/+7
* Avoid sending an empty certificate list from the TLSv1.3 server.jsing2020-05-161-5/+8
* Fix pesky whitespace.jsing2020-05-131-2/+2
* Remove a no longer relevant XXX comment.jsing2020-05-131-3/+1
* Switch back to the legacy stack where the maximum is less than TLSv1.3.jsing2020-05-131-2/+2
* Switch the legacy version to TLS1_2_VERSION when processing server hello.jsing2020-05-131-2/+2
* there should only be one i in gratuitoustb2020-05-121-3/+3
* Enable the TLSv1.3 server.jsing2020-05-111-1/+5
* Propagate record overflows to the record layer and alert.jsing2020-05-113-6/+8
* Add record version checks.jsing2020-05-113-18/+28
* Set the record layer legacy version from the TLSv1.3 server.jsing2020-05-111-1/+5
* Provide an alert sent record layer callback.jsing2020-05-114-8/+29
* Move the record layer callbacks into a struct.jsing2020-05-113-35/+33
* Use ssl_get_new_session() in the TLSv1.3 server.jsing2020-05-111-4/+3
* Send dummy ChangeCipherSpec messages from the TLSv1.3 servertb2020-05-103-3/+41
* Honour SSL_VERIFY_FAIL_IF_NO_PEER_CERT in the TLSv1.3 server.jsing2020-05-103-8/+16
* Provide alert defines for TLSv1.3 and use in the TLSv1.3 code.jsing2020-05-107-65/+97
* Provide an easy way to get debug information from TLSv1.3 handshakes.jsing2020-05-102-3/+61
* Use size_t for OCSP response length.jsing2020-05-108-27/+35
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-25 23:12:44 +0000