summaryrefslogtreecommitdiff
path: root/src (unfollow)
Commit message (Expand)AuthorFilesLines
2020-06-04Align tls13_server_select_certificate() withtb1-3/+7
2020-06-04Improve client certificate selection for TLSv1.3tb1-16/+80
2020-06-04mention that TLS_method(3) also supports TLSv1.3;schwarze1-3/+3
2020-06-04Collapse the x509v3 directory into x509.jsing38-47/+44
2020-06-04new manual page PKCS7_add_attribute(3);schwarze7-12/+201
2020-06-03Properly document PKCS7_final(3), which was already mentionedschwarze10-32/+263
2020-06-03Enable the record layer limits test and mark two finished test cases astb1-5/+8
2020-06-02Remove const modifier in return type of tls13_handshake_active_state()tb1-3/+3
2020-06-02distracting whitespacetb1-5/+5
2020-06-01Split the handling of post handshake handshake messages into itstb1-55/+44
2020-06-01Remove expired certificate, ok tb@sthen1-53/+1
2020-06-01Enable the test-tls13-zero-length-data.py test, skipping thetb1-8/+10
2020-06-01Enable test-dhe-rsa-key-exchange-with-bad-messages.pytb1-4/+2
2020-06-01Send an illegal_parameter alert if a client sends us invalid DH keytb1-3/+15
2020-06-01Add a mechanism to set an alert in those parts of the read half oftb1-3/+21
2020-06-01bump to LibreSSL 3.2.1libressl-v3.2.0bcook1-3/+3
2020-05-31Replace ssl_max_server_version() with ssl_downgrade_max_version()jsing3-30/+6
2020-05-31When building a chain look for non-expired certificates first.jsing1-8/+29
2020-05-31Correct downgrade sentinels when a version pinned method is in use.jsing4-7/+40
2020-05-31Fix printing long doubles on architectures with hm and lm bits.mortimer1-1/+9
2020-05-29Improve server certificate selection for TLSv1.3.jsing2-23/+94
2020-05-29Handle the case where we receive a valid 0 byte application data record.jsing1-1/+10
2020-05-29Wire up the servername callback in the TLSv1.3 server.jsing3-3/+45
2020-05-29Mop up servername_done, which is unused.jsing3-14/+3
2020-05-29Add checks for SH downgrade sentinel and HRR hash in appstest.shinoguchi1-1/+27
2020-05-27more tests after getopt_long.c rev. 1.32;schwarze1-10/+43
2020-05-27This patch fixes one bug and one instance of undesirable behaviour.schwarze1-9/+1
2020-05-27document PKCS7_dataFinal(3);schwarze3-3/+162
2020-05-26minor cleanup ahead of the following work:schwarze1-12/+14
2020-05-26Add additional length checks for TLSv1.3 plaintext and inner plaintext.jsing1-1/+6
2020-05-24Previous commit caught a few errx() cases by accident. undo them.tb1-25/+25
2020-05-24Fix some stylistic nits from jsing.tb1-8/+11
2020-05-24Clear SSL_MODE_AUTO_RETRY in libtls, since we handle WANT_POLLIN correctly.jsing1-1/+3
2020-05-24include newlines in FAIL messagestb1-108/+108
2020-05-24address some nits from jsingtb1-7/+11
2020-05-24Minimally document PKCS7_dataInit(3).schwarze4-5/+215
2020-05-24Briefly mention the obsolete function OPENSSL_init(3).schwarze1-7/+23
2020-05-24The version detection doesn't work on bluhm's test machine, causingtb1-3/+3
2020-05-23Define REGRESS_TARGETS explicitly.tb1-2/+4
2020-05-23Enforce that SNI hostnames be correct as per rfc 6066 and 5980.beck3-18/+159
2020-05-23While the second SSL_CTX in this code is only used on servernametb1-1/+2
2020-05-23In ssl_lib.c revision 1.217, jsing enabled SSL_MODE_AUTO_RETRY bytb2-2/+7
2020-05-23Enable SSL_MODE_AUTO_RETRY by default.jsing1-1/+2
2020-05-23Wire up SSL_MODE_AUTO_RETRY mode to retrying after PHH messages.jsing2-2/+8
2020-05-23Provide the option to retry or return after post-handshake messages.jsing2-4/+16
2020-05-23fix a confusingly wrapped linetb1-3/+3
2020-05-23Avoid an out-of-bounds array access in the s_server.tb1-1/+3
2020-05-23Do not assume that server_group != 0 or tlsext_supportedgroups != NULLtb2-9/+15
2020-05-22sockaddr should be sockaddr_storage, otherwise "openssl s_client -6 -dtls1"deraadt1-3/+4
2020-05-22Ensure we only attach an ocsp staple to a leaf certificate, becausebeck2-5/+16
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-27 09:16:34 +0000