summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Expand)AuthorAgeFilesLines
...
* Use a fixed validation time in these tests so we neverbeck2020-09-141-2/+4
* remove unneeded variable "type".beck2020-09-141-6/+5
* Don't leak names on successbeck2020-09-141-1/+2
* remove unneded variable "time1"beck2020-09-141-6/+6
* remove unneded variable "time"beck2020-09-141-3/+2
* fix bug introduced on review where refactor made it possible tobeck2020-09-141-2/+2
* re-enable new x509 chain verifier as the defaultbeck2020-09-141-3/+1
* Correctly fix double free introduced on review.beck2020-09-142-3/+3
* Fix double free - review moved the pop_free of roots to x509_verify_ctx_freebeck2020-09-141-2/+1
* revert previous, need to fix a problembeck2020-09-141-1/+3
* Enable the use of the new x509 chain validator by default.beck2020-09-141-3/+1
* Connect a client to a server. Both can be current libressl, orbluhm2020-09-145-10/+193
* Add regress for SSL_{CTX_,}set_ciphersuites().jsing2020-09-132-7/+318
* Implement SSL_{CTX_,}set_ciphersuites().jsing2020-09-135-13/+211
* Add new x509 certificate chain validator in x509_verify.cbeck2020-09-1311-68/+1281
* Improve handling of BIO_read()/BIO_write() failures in the TLSv1.3 stack.jsing2020-09-131-1/+9
* Use the correct type for tls1_set_ec_id()tb2020-09-121-3/+3
* Simplify tls1_set_ec_id() a bittb2020-09-121-24/+19
* Unindent a bit of code that performs a few too many checks totb2020-09-121-10/+8
* If CPU does not support AES-NI, LibreSSL TLS 1.3 client prefersbluhm2020-09-121-9/+18
* Avoid an out-of-bounds access in BN_rand()tb2020-09-121-3/+8
* Change over to use the new x509 name constraints verification.beck2020-09-121-28/+7
* remove unused include that breaks regressbeck2020-09-121-1/+0
* Include machine/endian.h in gost2814789.cinoguchi2020-09-121-1/+3
* Enable cert and cipher interop tests. cert just works. cipher hasbluhm2020-09-113-55/+35
* Add x509_constraints.c - a new implementation of x509 name constraints, withbeck2020-09-115-7/+1767
* Remove cipher_list_by_id.jsing2020-09-117-89/+32
* Simplify SSL_get_ciphers().jsing2020-09-111-13/+7
* Rename ssl_cipher_is_permitted()jsing2020-09-113-10/+10
* Some SSL_AD_* defines snuck into the TLSv1.3 code - replace them withjsing2020-09-112-10/+10
* Add issuer cache, to be used by upcoming changes to validation code.beck2020-09-113-1/+216
* Various ciphers related clean up.jsing2020-09-111-41/+36
* Enable test-tls13-large-number-of-extensions.pytb2020-09-101-2/+7
* Wrap long lines, add space in front of goto label in openssl(1) ocsp.cinoguchi2020-09-091-93/+118
* Change SSLv23_client_method to TLS_client_method openssl(1) ocspinoguchi2020-09-091-2/+2
* Remove space between pointer '*' and variable name in ocsp.cinoguchi2020-09-091-39/+39
* Convert openssl(1) ocsp option handlinginoguchi2020-09-091-443/+725
* Add option type OPTION_UL_VALUE_ORinoguchi2020-09-092-2/+9
* Set alpn_selected_len = 0 when alpn_selected is NULLinoguchi2020-09-091-1/+4
* Import latest OPENSSL_NO_* flags from OpenSSL 1.1.1ginoguchi2020-09-091-0/+8
* Mention that EC_KEY_get0_public_key returns a public key.tb2020-09-081-3/+5
* Garbage collect renew_ticket in tls_decrypt_tickettb2020-09-071-8/+5
* For page-sized and larger allocations do not put the pages we'reotto2020-09-061-21/+18
* Ignore ftruncate failure with errno == EAGAINtb2020-09-041-2/+5
* Clean up asn1/x_info.ctb2020-09-031-22/+9
* Remove unnecessary zeroing after recallocarray(3)tb2020-09-031-3/+1
* KNF and comment tweakstb2020-09-021-8/+10
* Zero out data to avoid leaving stack garbage in the tail oftb2020-09-011-1/+3
* The bumping of sess_cb_hit stats can wait until handling oftb2020-09-011-4/+3
* In the explanatory comment of ssl_get_prev_session fix the spelling oftb2020-09-011-5/+6