summaryrefslogtreecommitdiff
path: root/src/lib/libssl (follow)
Commit message (Expand)AuthorAgeFilesLines
* Cleanup aead_ctxinoguchi2020-08-041-1/+3
* Only parse a client's status_request in the CHtb2020-08-031-1/+4
* Ensure clients only send a status_request in the CHtb2020-08-031-3/+7
* Correctly handle server requests for an OCSP responsetb2020-08-031-1/+12
* Check the return value of tls1_enc() in the write path.jsing2020-08-022-6/+6
* Clean up/simplify more of the dtls1/ssl3 record writing code:jsing2020-08-012-73/+34
* Pull record version selection code up and pass it as an argument tojsing2020-08-011-15/+15
* Have ssl_init_wbio_buffer() push the buffering BIO rather than doing itjsing2020-07-301-5/+2
* Clean up and simplify some of the SSL3/DTLS1 record writing code.jsing2020-07-302-76/+72
* Add minimal info callback support for TLSv1.3tb2020-07-303-3/+32
* Handle SSL_MODE_AUTO_RETRY being changed during a TLSv1.3 session.jsing2020-07-251-1/+4
* Dedup the use legacy stack code.jsing2020-07-141-56/+25
* Revert the TLSv1.3 version switching fix/hack.jsing2020-07-141-10/+1
* Remove some unnecessary function pointers from SSL_METHOD_INTERNAL.jsing2020-07-075-64/+17
* Enable TLSv1.3 for the generic TLS_method().jsing2020-07-072-5/+52
* zap trailing whitespace on one linetb2020-07-031-2/+2
* Make the message type available to the extension functionstb2020-07-032-167/+181
* Improve argument order for the internal tlsext APItb2020-07-038-39/+39
* Switch the order of the two tests in tls13_client_hello_required_extensionstb2020-06-251-9/+9
* Make tls13_legacy_shutdown() match ssl3_shutdown() semantics.jsing2020-06-241-21/+22
* Enforce restrictions for ClientHello extensionstb2020-06-241-1/+44
* We inherited the constant time CBC padding removal from BoringSSL, buttb2020-06-191-4/+4
* The check_includes step is incorrect dependency management model forderaadt2020-06-091-11/+1
* Implement a rolling hash of the ClientHello message, Enforce RFC 8446beck2020-06-066-7/+179
* Use IANA allocated GOST ClientCertificateTypes.jsing2020-06-053-9/+15
* Stop sending GOST R 34.10-94 as a CertificateType.jsing2020-06-051-3/+1
* Handle GOST in ssl_cert_dup().jsing2020-06-051-1/+5
* Enable GOST_SIG_FORMAT_RS_LE when verifying certificate signatures.jsing2020-06-052-2/+15
* Align tls13_server_select_certificate() withtb2020-06-041-3/+7
* Improve client certificate selection for TLSv1.3tb2020-06-041-16/+80
* mention that TLS_method(3) also supports TLSv1.3;schwarze2020-06-041-3/+3
* Remove const modifier in return type of tls13_handshake_active_state()tb2020-06-021-3/+3
* distracting whitespacetb2020-06-021-5/+5
* Split the handling of post handshake handshake messages into itstb2020-06-011-55/+44
* Send an illegal_parameter alert if a client sends us invalid DH keytb2020-06-011-3/+15
* Add a mechanism to set an alert in those parts of the read half oftb2020-06-011-3/+21
* Replace ssl_max_server_version() with ssl_downgrade_max_version()jsing2020-05-313-30/+6
* Correct downgrade sentinels when a version pinned method is in use.jsing2020-05-314-7/+40
* Improve server certificate selection for TLSv1.3.jsing2020-05-292-23/+94
* Handle the case where we receive a valid 0 byte application data record.jsing2020-05-291-1/+10
* Wire up the servername callback in the TLSv1.3 server.jsing2020-05-293-3/+45
* Mop up servername_done, which is unused.jsing2020-05-293-14/+3
* minor cleanup ahead of the following work:schwarze2020-05-261-12/+14
* Add additional length checks for TLSv1.3 plaintext and inner plaintext.jsing2020-05-261-1/+6
* Fix some stylistic nits from jsing.tb2020-05-241-8/+11
* Enforce that SNI hostnames be correct as per rfc 6066 and 5980.beck2020-05-232-17/+80
* Enable SSL_MODE_AUTO_RETRY by default.jsing2020-05-231-1/+2
* Wire up SSL_MODE_AUTO_RETRY mode to retrying after PHH messages.jsing2020-05-232-2/+8
* Provide the option to retry or return after post-handshake messages.jsing2020-05-232-4/+16
* fix a confusingly wrapped linetb2020-05-231-3/+3