| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | This patch fixes one bug and one instance of undesirable behaviour. | schwarze | 2020-05-27 | 1 | -9/+1 |
| * | document PKCS7_dataFinal(3); | schwarze | 2020-05-27 | 3 | -3/+162 |
| * | minor cleanup ahead of the following work: | schwarze | 2020-05-26 | 1 | -12/+14 |
| * | Add additional length checks for TLSv1.3 plaintext and inner plaintext. | jsing | 2020-05-26 | 1 | -1/+6 |
| * | Fix some stylistic nits from jsing. | tb | 2020-05-24 | 1 | -8/+11 |
| * | Clear SSL_MODE_AUTO_RETRY in libtls, since we handle WANT_POLLIN correctly. | jsing | 2020-05-24 | 1 | -1/+3 |
| * | Minimally document PKCS7_dataInit(3). | schwarze | 2020-05-24 | 4 | -5/+215 |
| * | Briefly mention the obsolete function OPENSSL_init(3). | schwarze | 2020-05-24 | 1 | -7/+23 |
| * | Enforce that SNI hostnames be correct as per rfc 6066 and 5980. | beck | 2020-05-23 | 2 | -17/+80 |
| * | Enable SSL_MODE_AUTO_RETRY by default. | jsing | 2020-05-23 | 1 | -1/+2 |
| * | Wire up SSL_MODE_AUTO_RETRY mode to retrying after PHH messages. | jsing | 2020-05-23 | 2 | -2/+8 |
| * | Provide the option to retry or return after post-handshake messages. | jsing | 2020-05-23 | 2 | -4/+16 |
| * | fix a confusingly wrapped line | tb | 2020-05-23 | 1 | -3/+3 |
| * | Do not assume that server_group != 0 or tlsext_supportedgroups != NULL | tb | 2020-05-23 | 2 | -9/+15 |
| * | Ensure we only attach an ocsp staple to a leaf certificate, because | beck | 2020-05-22 | 2 | -5/+16 |
| * | Simplify: transform a dangling else into an early return and | tb | 2020-05-21 | 1 | -20/+20 |
| * | Make ssl_set_cert_masks() more consistent and closer to readable. | jsing | 2020-05-21 | 1 | -44/+27 |
| * | Avoid a shadowing issue by renaming cbs and cbb to cbb_hs and cbb_hs, | tb | 2020-05-21 | 1 | -8/+7 |
| * | A failure of tls13_handshake_msg_new() could lead to a NULL deref | tb | 2020-05-21 | 1 | -11/+15 |
| * | Actually set the hrr flag when sending a HelloRetryRequest. | jsing | 2020-05-21 | 1 | -1/+3 |
| * | Revert 1.43 - this fix for PHH in blocking mode breaks SSL_accept and | beck | 2020-05-20 | 1 | -2/+2 |
| * | new manual page for PKCS7_set_content(3) and PKCS7_content_new(3); | schwarze | 2020-05-20 | 4 | -5/+127 |
| * | Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA. | jsing | 2020-05-19 | 8 | -46/+31 |
| * | Only send ocsp staples if the client asked for ocsp certificate status. | beck | 2020-05-19 | 1 | -1/+2 |
| * | Add support for TLS 1.3 server to send certificate status | beck | 2020-05-19 | 5 | -15/+38 |
| * | Send alerts back correctly when handling key shares, including | beck | 2020-05-17 | 1 | -8/+19 |
| * | Free handshake message correctly, noticed by tb@ | beck | 2020-05-17 | 1 | -2/+2 |
| * | As done everywhere else, use a local version of MINIMUM() and avoid | deraadt | 2020-05-17 | 5 | -21/+21 |
| * | Send a decode error alert if a server provides an empty certificate list. | jsing | 2020-05-17 | 1 | -2/+2 |
| * | Return TLS13_IO_WANT_POLLIN after processing post-handshake messages. | jsing | 2020-05-16 | 1 | -2/+2 |
| * | Ensure that a TLSv1.3 server has provided a certificate. | jsing | 2020-05-16 | 1 | -1/+9 |
| * | Add TLS13_ERR_NO_CERTIFICATE. | jsing | 2020-05-16 | 2 | -3/+7 |
| * | Avoid sending an empty certificate list from the TLSv1.3 server. | jsing | 2020-05-16 | 1 | -5/+8 |
| * | document PKCS7_set_type(3); | schwarze | 2020-05-16 | 3 | -3/+123 |
| * | Fix pesky whitespace. | jsing | 2020-05-13 | 1 | -2/+2 |
| * | Remove a no longer relevant XXX comment. | jsing | 2020-05-13 | 1 | -3/+1 |
| * | Switch back to the legacy stack where the maximum is less than TLSv1.3. | jsing | 2020-05-13 | 1 | -2/+2 |
| * | Switch the legacy version to TLS1_2_VERSION when processing server hello. | jsing | 2020-05-13 | 1 | -2/+2 |
| * | there should only be one i in gratuitous | tb | 2020-05-12 | 1 | -3/+3 |
| * | Enable the TLSv1.3 server. | jsing | 2020-05-11 | 1 | -1/+5 |
| * | Propagate record overflows to the record layer and alert. | jsing | 2020-05-11 | 3 | -6/+8 |
| * | Add record version checks. | jsing | 2020-05-11 | 3 | -18/+28 |
| * | Set the record layer legacy version from the TLSv1.3 server. | jsing | 2020-05-11 | 1 | -1/+5 |
| * | Provide an alert sent record layer callback. | jsing | 2020-05-11 | 4 | -8/+29 |
| * | Move the record layer callbacks into a struct. | jsing | 2020-05-11 | 3 | -35/+33 |
| * | Use ssl_get_new_session() in the TLSv1.3 server. | jsing | 2020-05-11 | 1 | -4/+3 |
| * | Send dummy ChangeCipherSpec messages from the TLSv1.3 server | tb | 2020-05-10 | 3 | -3/+41 |
| * | Honour SSL_VERIFY_FAIL_IF_NO_PEER_CERT in the TLSv1.3 server. | jsing | 2020-05-10 | 3 | -8/+16 |
| * | Provide alert defines for TLSv1.3 and use in the TLSv1.3 code. | jsing | 2020-05-10 | 7 | -65/+97 |
| * | Provide an easy way to get debug information from TLSv1.3 handshakes. | jsing | 2020-05-10 | 2 | -3/+61 |
