summaryrefslogtreecommitdiff
path: root/src/usr.sbin (unfollow)
Commit message (Expand)AuthorFilesLines
2021-03-17Enable DTLSv1.2.jsing1-1/+5
2021-03-17Update for DTLSv1.2 version handling.jsing1-6/+90
2021-03-17Add support for DTLSv1.2 version handling.jsing1-45/+117
2021-03-13Use EXFLAG_INVALID to handle out of memory and parse errors intobhe2-11/+45
2021-03-12Zap a useless variable.tb1-4/+2
2021-03-12Missing void in function definitiontb1-2/+2
2021-03-12Fix checks of memory caps of constraints namestb3-20/+32
2021-03-12spelling: refenece -> referencejmc1-3/+3
2021-03-12spellingjsg12-37/+37
2021-03-11Remove ssl_downgrade_max_version().jsing5-54/+15
2021-03-11Check for the existence of p5-IO-Socket-SSL by checking for its SSL.pmtb1-3/+4
2021-03-10Guard TLS1_get_{client_,}version() macros with #ifndef LIBRESSL_INTERNAL.jsing1-1/+3
2021-03-10Revise TLS extension regress to match version handling changes.jsing1-57/+25
2021-03-10Improve internal version handling.jsing9-108/+145
2021-03-09Change the implementation of the malloc cache to keep lists ofotto1-152/+118
2021-03-07LibreSSL 3.3.2bcook1-3/+3
2021-03-02Separate variable declaration and assignment.jsing1-2/+4
2021-03-02Replace two handrolled tls12_record_protection_engaged().jsing1-3/+3
2021-03-02Move key/IV length checks closer to usage sites.jsing1-5/+11
2021-03-02Add tls12_record_protection_unused() and call from CCS functions.jsing1-8/+17
2021-03-02Fix misleading indentation in SSL_get_error()tb1-2/+2
2021-02-27Move handling of cipher/hash based cipher suites into the new record layer.jsing5-200/+141
2021-02-27Identify DTLS based on the version major value.jsing1-2/+2
2021-02-26Set is_trusted in x509_verify_ctx_add_chain()tb1-2/+2
2021-02-26zap spades of trailing whitespacetb1-266/+266
2021-02-25Fix two bugs in the legacy verifiertb1-6/+10
2021-02-25Update regress to match TLS versions change.jsing1-6/+6
2021-02-25Only use TLS versions internally (rather than both TLS and DTLS versions).jsing9-128/+132
2021-02-25Rename depth to num_untrusted so it identifies what it actually represents.jsing1-6/+6
2021-02-25Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.jsing1-3/+2
2021-02-25- Make use of the fact that we know how the chunks are aligned, andotto2-49/+83
2021-02-24Fix comment explaining last_untrusted. This should really be calledtb1-2/+2
2021-02-24Make the new validator check for EXFLAG_CRITICALtb1-8/+15
2021-02-23Make this test module aware so it passes with Go 1.16tb2-0/+8
2021-02-22Fix bizarre punctuation and capitalization in a comment.tb1-2/+2
2021-02-22Simplify version checks in the TLSv1.3 clienttb1-22/+10
2021-02-22Factor out/change some of the legacy client version handling code.jsing3-12/+36
2021-02-20ugly whitespacetb2-14/+14
2021-02-20Rename f_err into fatal_err.tb7-183/+183
2021-02-20Rename the truncated label into decode_err. This describes its purposetb2-73/+73
2021-02-20Revise regress to match change in SSL{_CTX,}_get_{min,max}_proto_version().jsing1-34/+45
2021-02-20Return a min/max version of zero if set to zero.jsing3-17/+41
2021-02-20Add DTLSv1.2 methods.jsing2-3/+159
2021-02-20Handle DTLS1_2_VERSION in various places.jsing3-6/+9
2021-02-20Revise HelloVerifyRequest handling for DTLSv1.2.jsing2-4/+14
2021-02-20Group HelloVerifyRequest decoding and add missing check for trailing data.jsing1-4/+5
2021-02-20Add various public DTLS related defines.jsing2-2/+14
2021-02-20Clean up/simplify dtls1_get_cipher().jsing1-7/+8
2021-02-18Pull in fix for EVP_CipherUpdate() overflow from OpenSSL.tb1-1/+23
2021-02-18mark test-inlabel-wildcard-cert-no-CA-client as an expected failuretb1-1/+2
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 00:55:28 +0000