summaryrefslogtreecommitdiff
path: root/src (unfollow)
Commit message (Expand)AuthorFilesLines
2021-02-25Update regress to match TLS versions change.jsing1-6/+6
2021-02-25Only use TLS versions internally (rather than both TLS and DTLS versions).jsing9-128/+132
2021-02-25Rename depth to num_untrusted so it identifies what it actually represents.jsing1-6/+6
2021-02-25Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.jsing1-3/+2
2021-02-25- Make use of the fact that we know how the chunks are aligned, andotto2-49/+83
2021-02-24Fix comment explaining last_untrusted. This should really be calledtb1-2/+2
2021-02-24Make the new validator check for EXFLAG_CRITICALtb1-8/+15
2021-02-23Make this test module aware so it passes with Go 1.16tb2-0/+8
2021-02-22Fix bizarre punctuation and capitalization in a comment.tb1-2/+2
2021-02-22Simplify version checks in the TLSv1.3 clienttb1-22/+10
2021-02-22Factor out/change some of the legacy client version handling code.jsing3-12/+36
2021-02-20ugly whitespacetb2-14/+14
2021-02-20Rename f_err into fatal_err.tb7-183/+183
2021-02-20Rename the truncated label into decode_err. This describes its purposetb2-73/+73
2021-02-20Revise regress to match change in SSL{_CTX,}_get_{min,max}_proto_version().jsing1-34/+45
2021-02-20Return a min/max version of zero if set to zero.jsing3-17/+41
2021-02-20Add DTLSv1.2 methods.jsing2-3/+159
2021-02-20Handle DTLS1_2_VERSION in various places.jsing3-6/+9
2021-02-20Revise HelloVerifyRequest handling for DTLSv1.2.jsing2-4/+14
2021-02-20Group HelloVerifyRequest decoding and add missing check for trailing data.jsing1-4/+5
2021-02-20Add various public DTLS related defines.jsing2-2/+14
2021-02-20Clean up/simplify dtls1_get_cipher().jsing1-7/+8
2021-02-18Pull in fix for EVP_CipherUpdate() overflow from OpenSSL.tb1-1/+23
2021-02-18mark test-inlabel-wildcard-cert-no-CA-client as an expected failuretb1-1/+2
2021-02-16Add x509 certificate validation regression testsjan3-2/+242
2021-02-15Only print the certificate file once on verifification failure.jsing1-4/+2
2021-02-12Some people still argue that rand(3) and random(3) have suitable deterministicderaadt2-4/+10
2021-02-12Sync cert.pem with Mozilla NSS root CAs, except "GeoTrust Global CA", ok tb@sthen1-659/+417
2021-02-12A few more flag combo's to testotto1-2/+14
2021-02-11KNFtb1-4/+7
2021-02-09Walk over all results from getaddrinfo() instead of giving up after theclaudio1-2/+1
2021-02-08Update DTLS client hello due to ECC changes.jsing1-5/+8
2021-02-08Remove bogus DTLS checks to disable ECC and OCSP.jsing2-10/+3
2021-02-08Enforce read ahead with DTLS.jsing1-5/+5
2021-02-08Use dtls1_retrieve_buffered_record() to load buffered application data.jsing1-11/+3
2021-02-07Absorb ssl3_get_algorithm2() into ssl_get_handshake_evp_md().jsing4-22/+19
2021-02-07Correct handshake MAC/PRF for various TLSv1.2 cipher suites.jsing1-8/+8
2021-02-07Factor out the legacy stack version checks.jsing4-28/+24
2021-02-07Enable auto DHE and disable session tickets for some tests.jsing1-12/+13
2021-02-06Only hexdump packets/messages on higher debug levels.jsing1-3/+4
2021-02-06Test reads and writes between the client and server.jsing1-3/+49
2021-02-03Fail early in legacy exporter if master secret is not availabletb1-1/+6
2021-02-03Add OID for draft-ietf-opsawg-finding-geofeedsjob2-0/+2
2021-02-02Add a bunch of RPKI OIDsjob2-1/+26
2021-02-01Use "EC/RSA key setup failure" to align error with otherstb1-3/+3
2021-01-30missing word in commenttb1-3/+3
2021-01-28Remove direct assignment of aead_ctx.jsing1-13/+7
2021-01-28Move AEAD handling into the new TLSv1.2 record layer.jsing4-134/+102
2021-01-27wrap an overlong linetb1-2/+3
2021-01-27Link SSL_get_finished.3 to build.tb1-1/+2
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-30 00:54:21 +0000