| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Improve client certificate selection to allow EC certificates
instead of only RSA certificates.
* Do not error out if a TLSv1.3 server requests an OCSP response as
part of a certificate request.
* Fix SSL_shutdown behavior to match the legacy stack. The previous
behaviour could cause a hang.
* Fix a memory leak and add a missing error check in the handling of
the key update message.
* Fix a memory leak in tls13_record_layer_set_traffic_key.
* Avoid calling freezero with a negative size if a server sends a
malformed plaintext of all zeroes.
* Ensure that only PSS may be used with RSA in TLSv1.3 in order
to avoid using PKCS1-based signatures.
* Add the P-521 curve to the list of curves supported by default
in the client.
This is errata/6.7/019_libssl.patch.sig
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
in this test which I had obtained from a site purporting it to be
free for use with artist attribtion might not be.
After looking at at some other muppett ascii art for inspiration I am
replacing this with my own ascii art muppet to replace the previously
used cookie monster. The copyright for the art is the same as my code.
|
| | |
|
| |
|
|
|
|
|
| |
Otherwise, if tlsext_keyshare_server_build() fails we call free with a
pointer to static memory and bad things happen.
Reported by bcook@
|
| |
|
|
|
|
|
|
| |
extensions for tls1.3.
versions is currently defanged to ignore its result until tls13 server
side wired in full, so that server side code still works today when
we only support tls 1.2
ok bcook@ tb@ jsing@
|
| |
|
|
|
| |
Remove GOST based sigalgs from TLS 1.2 since they don't work with TLS 1.2.
ok jsing@
|
| |
|
|
|
|
|
|
|
|
| |
- Make a separate sigalgs list for TLS 1.3 including only modern
algorithm choices which we use when the handshake will not negotiate
TLS 1.2.
- Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as
mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2
from a 1.3 handshake.
ok jsing@ tb@
|
| |
|
|
| |
to the one I intended to commit
|
| |
|
|
|
|
|
|
|
| |
- Make a separate sigalgs list for TLS 1.3 including only modern
algorithm choices which we use when the handshake will not negotiate
TLS 1.2
- Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as
mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2
ok jsing@ tb@
|
| |
|
|
| |
ok jsing@
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
NULL pointer dereference in ssl_using_ecc_cipher(). Some compilers avoid
triggering this, likely due to the EC formats list also being NULL.
While here, setup the EC formats list so that we actually include the EC
points format extension in the server hello extensions.
Found the hard way by bcook@
|
| |
|
|
|
| |
extensions, both with extensions being present and not present. The not
present case currently fails.
|
| |
|
|
|
| |
that we have consumed all of the extension data. This catches the ALPN
extension handling issue that was just fixed.
|
| |
|
|
| |
input + ok beck@, jsing@
|
| | |
|
| |
|
|
|
| |
ok bcook@ beck@
input + ok jsing@
|
| |
|
|
| |
ok jsing@
|
| | |
|
| |
|
|
|
|
| |
extension framework.
ok jsing@ beck@
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
extension framework.
input + ok jsing@
|
| |
|
|
|
|
| |
new extension framework.
input + ok jsing@
|
| |
|
|
|
|
| |
after a successful tlsext_sni_serverhello_parse() and that
tlsext_sni_clienthello_parse() fails if we have an existing session and
the SNI is mismatched.
|
| | |
|
|
|
the newly converted SNI code.
|
