index
:
openbsd
OPENBSD_2_0
OPENBSD_2_1
OPENBSD_2_2
OPENBSD_2_3
OPENBSD_2_4
OPENBSD_2_5
OPENBSD_2_6
OPENBSD_2_7
OPENBSD_2_8
OPENBSD_2_9
OPENBSD_3_0
OPENBSD_3_1
OPENBSD_3_2
OPENBSD_3_3
OPENBSD_3_4
OPENBSD_3_5
OPENBSD_3_6
OPENBSD_3_7
OPENBSD_3_8
OPENBSD_3_9
OPENBSD_4_0
OPENBSD_4_1
OPENBSD_4_2
OPENBSD_4_3
OPENBSD_4_4
OPENBSD_4_5
OPENBSD_4_6
OPENBSD_4_7
OPENBSD_4_8
OPENBSD_4_9
OPENBSD_5_0
OPENBSD_5_1
OPENBSD_5_2
OPENBSD_5_3
OPENBSD_5_4
OPENBSD_5_5
OPENBSD_5_6
OPENBSD_5_7
OPENBSD_5_8
OPENBSD_5_9
OPENBSD_6_0
OPENBSD_6_1
OPENBSD_6_2
OPENBSD_6_3
OPENBSD_6_4
OPENBSD_6_5
OPENBSD_6_6
OPENBSD_6_7
OPENBSD_6_8
OPENBSD_6_9
OPENBSD_7_0
OPENBSD_7_1
OPENBSD_7_2
OPENBSD_7_3
OPENBSD_7_4
OPENBSD_7_5
OPENBSD_7_6
master
A mirror of https://github.com/libressl/openbsd.git
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
/
lib
(
follow
)
Commit message (
Expand
)
Author
Age
Files
Lines
*
Enforce that SNI hostnames be correct as per rfc 6066 and 5980.
beck
2020-05-23
2
-17
/
+80
*
Enable SSL_MODE_AUTO_RETRY by default.
jsing
2020-05-23
1
-1
/
+2
*
Wire up SSL_MODE_AUTO_RETRY mode to retrying after PHH messages.
jsing
2020-05-23
2
-2
/
+8
*
Provide the option to retry or return after post-handshake messages.
jsing
2020-05-23
2
-4
/
+16
*
fix a confusingly wrapped line
tb
2020-05-23
1
-3
/
+3
*
Do not assume that server_group != 0 or tlsext_supportedgroups != NULL
tb
2020-05-23
2
-9
/
+15
*
Ensure we only attach an ocsp staple to a leaf certificate, because
beck
2020-05-22
2
-5
/
+16
*
Simplify: transform a dangling else into an early return and
tb
2020-05-21
1
-20
/
+20
*
Make ssl_set_cert_masks() more consistent and closer to readable.
jsing
2020-05-21
1
-44
/
+27
*
Avoid a shadowing issue by renaming cbs and cbb to cbb_hs and cbb_hs,
tb
2020-05-21
1
-8
/
+7
*
A failure of tls13_handshake_msg_new() could lead to a NULL deref
tb
2020-05-21
1
-11
/
+15
*
Actually set the hrr flag when sending a HelloRetryRequest.
jsing
2020-05-21
1
-1
/
+3
*
Revert 1.43 - this fix for PHH in blocking mode breaks SSL_accept and
beck
2020-05-20
1
-2
/
+2
*
new manual page for PKCS7_set_content(3) and PKCS7_content_new(3);
schwarze
2020-05-20
4
-5
/
+127
*
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
jsing
2020-05-19
8
-46
/
+31
*
Only send ocsp staples if the client asked for ocsp certificate status.
beck
2020-05-19
1
-1
/
+2
*
Add support for TLS 1.3 server to send certificate status
beck
2020-05-19
5
-15
/
+38
*
Send alerts back correctly when handling key shares, including
beck
2020-05-17
1
-8
/
+19
*
Free handshake message correctly, noticed by tb@
beck
2020-05-17
1
-2
/
+2
*
As done everywhere else, use a local version of MINIMUM() and avoid
deraadt
2020-05-17
5
-21
/
+21
*
Send a decode error alert if a server provides an empty certificate list.
jsing
2020-05-17
1
-2
/
+2
*
Return TLS13_IO_WANT_POLLIN after processing post-handshake messages.
jsing
2020-05-16
1
-2
/
+2
*
Ensure that a TLSv1.3 server has provided a certificate.
jsing
2020-05-16
1
-1
/
+9
*
Add TLS13_ERR_NO_CERTIFICATE.
jsing
2020-05-16
2
-3
/
+7
*
Avoid sending an empty certificate list from the TLSv1.3 server.
jsing
2020-05-16
1
-5
/
+8
*
document PKCS7_set_type(3);
schwarze
2020-05-16
3
-3
/
+123
*
Fix pesky whitespace.
jsing
2020-05-13
1
-2
/
+2
*
Remove a no longer relevant XXX comment.
jsing
2020-05-13
1
-3
/
+1
*
Switch back to the legacy stack where the maximum is less than TLSv1.3.
jsing
2020-05-13
1
-2
/
+2
*
Switch the legacy version to TLS1_2_VERSION when processing server hello.
jsing
2020-05-13
1
-2
/
+2
*
there should only be one i in gratuitous
tb
2020-05-12
1
-3
/
+3
*
Enable the TLSv1.3 server.
jsing
2020-05-11
1
-1
/
+5
*
Propagate record overflows to the record layer and alert.
jsing
2020-05-11
3
-6
/
+8
*
Add record version checks.
jsing
2020-05-11
3
-18
/
+28
*
Set the record layer legacy version from the TLSv1.3 server.
jsing
2020-05-11
1
-1
/
+5
*
Provide an alert sent record layer callback.
jsing
2020-05-11
4
-8
/
+29
*
Move the record layer callbacks into a struct.
jsing
2020-05-11
3
-35
/
+33
*
Use ssl_get_new_session() in the TLSv1.3 server.
jsing
2020-05-11
1
-4
/
+3
*
Send dummy ChangeCipherSpec messages from the TLSv1.3 server
tb
2020-05-10
3
-3
/
+41
*
Honour SSL_VERIFY_FAIL_IF_NO_PEER_CERT in the TLSv1.3 server.
jsing
2020-05-10
3
-8
/
+16
*
Provide alert defines for TLSv1.3 and use in the TLSv1.3 code.
jsing
2020-05-10
7
-65
/
+97
*
Provide an easy way to get debug information from TLSv1.3 handshakes.
jsing
2020-05-10
2
-3
/
+61
*
Use size_t for OCSP response length.
jsing
2020-05-10
8
-27
/
+35
*
Only reset TLS extension state when parsing client hello or server hello.
jsing
2020-05-10
1
-5
/
+7
*
Correct tlsext_ocsp_resplen check.
jsing
2020-05-10
1
-2
/
+2
*
Back out server side CCS sending. It breaks TLSv1.3 client communication
tb
2020-05-09
3
-34
/
+3
*
Forcibly ensure that only PSS may be used with RSA in TLS 1.3.
beck
2020-05-09
1
-2
/
+8
*
Send dummy ChangeCipherSpec messages from the TLSv1.3 server
tb
2020-05-09
3
-3
/
+34
*
Send dummy ChangeCipherSpec messages from the TLSv1.3 client.
jsing
2020-05-09
4
-6
/
+45
*
Correct return value check to handle TLS13_IO_EOF case.
jsing
2020-05-09
1
-2
/
+2
[next]
