summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* More return value check in openssl(1) cmsinoguchi2019-11-191-23/+29
| | | | | | Checking return value of sk_.*_new_null(). ok beck@ jsing@
* Add manual descriptions for openssl(1) req -addextinoguchi2019-11-191-2/+10
| | | | ok jmc@
* Add prototypes for the functions that update application secretsbeck2019-11-181-1/+3
| | | | so that the regress tests will work for them
* Remove typedef and check sk_push return value in openssl(1) cmsinoguchi2019-11-181-23/+33
| | | | | | | | - Remove typedef and use 'struct cms_key_param' instead - Check return value of sk_X509_push and sk_OPENSSL_STRING_push - Add a blank line to separate variable declarations from code comments from jsing@
* Add -keyopt opiton to openssl(1) cms subcommandinoguchi2019-11-181-8/+128
| | | | | | | This provides rsa_padding_mode:oaep for cms -encrypt, and rsa_padding_mode:pss for cms -sign. ok jsing@
* Provide a clean interface for sending TLSv1.3 alerts.jsing2019-11-182-5/+17
| | | | ok beck@
* fix printing of client app secretbeck2019-11-181-2/+2
|
* Add regress for the updating of sever and client application secretsbeck2019-11-181-2/+47
|
* Change tls13_record_layer_phh() to take a CBS as this avoids ownershipjsing2019-11-172-8/+6
| | | | | | issues and makes call sites cleaner. ok beck@
* Correct update of application traffic secrets to use an empty contextbeck2019-11-171-3/+7
| | | | | | rather than the hash of an empty context ok jsing@
* Bring back the ssl_shutdown internal method pointer.jsing2019-11-173-4/+21
| | | | | | | For now ssl3_shutdown() is called in all cases, however TLSv1.3 will soon get its own version. ok beck@
* Add a reference for the non-standard post-handshake handshake (PHH).tb2019-11-171-2/+2
| | | | ok beck, jsing
* Ensure that we are never operating in plaintext mode once the handshakejsing2019-11-171-1/+7
| | | | | | is complete, which should never occur. ok beck@
* fail to usage if extra argv are presentderaadt2019-11-171-8/+4
| | | | noticed by jsing and beck, ok tedu
* Provide framework for sending alerts and post-handshake handshake messages.jsing2019-11-172-15/+174
| | | | | | Discussed at length with beck@ ok beck@ tb@
* indent with a tab instead of 8 spacestb2019-11-171-2/+2
|
* Move the TLSv1.3 server message handling stubs.jsing2019-11-172-125/+125
|
* Add the initial framework for the TLSv1.3 server.jsing2019-11-173-3/+84
| | | | ok beck@
* tls13_connect() should be static.jsing2019-11-171-2/+2
|
* Fix backoff to legacy when in client auth mode.beck2019-11-171-2/+2
| | | | ok jsing@
* Drop back to the legacy tls method if we are doing client authenticaitonbeck2019-11-171-1/+7
| | | | | | from a tls 1.3 connection, for now. ok jsing@
* Separate the callbacks for recieved and completed post handshake messagesbeck2019-11-173-10/+22
| | | | | | from the record layer ok jsing@
* Allow 1.3 ciphers in libtls.beck2019-11-161-2/+2
| | | | ok jsing@
* Revert previous deduplication diff, I broke portable in a strange way.beck2019-11-161-47/+58
| | | | | I'll figure it out a bit later. Found and diagnosed by inoguchi@
* Allow portable to override the default CA bundle locationbeck2019-11-162-3/+7
| | | | ok kinichiro@ jsing@
* Deduplicate some extension processing code.beck2019-11-151-58/+47
| | | | ok tb@ inoguchi@
* Add missing cross-reference to NOTES section.millert2019-11-141-3/+3
| | | | OK kn@ tb@
* refactor the nc pool loop to not shut down the socket early, andbeck2019-11-131-36/+64
| | | | | | | to handle tls_shutdown correctly if using TLS, doing tls_shutdown correctly if we are using the -N flag ok sthen@
* It has been called to my attention that the cookie monster ascii artbeck2019-11-101-17/+7
| | | | | | | | | in this test which I had obtained from a site purporting it to be free for use with artist attribtion might not be. After looking at at some other muppett ascii art for inspiration I am replacing this with my own ascii art muppet to replace the previously used cookie monster. The copyright for the art is the same as my code.
* Add test for req -addext in appstest.shinoguchi2019-11-091-1/+2
|
* Check return value and remove unnecessary variableinoguchi2019-11-061-7/+7
| | | | | | | - Check NCONF_new() return value - Remove unnecessary 'i' comments from jsing@
* Add -addext option to openssl(1) req subcommandinoguchi2019-11-061-3/+133
| | | | | | First step of adding -addext option to openssl(1) req from OpenSSL 1.1.1d. ok jsing@
* use curly braces for consistencytb2019-11-061-2/+2
|
* Remove trailing space in appstest.shinoguchi2019-11-051-15/+15
|
* Add test for cms in appstest.shinoguchi2019-11-051-1/+57
|
* Allow ip addresses as argument to SSL_set1_host() but be careful to nototto2019-11-041-2/+14
| | | | poison the context. ok and help jsing@ tb@
* Fix an out of bound read/write when using a proxy.millert2019-11-042-11/+21
| | | | From Lucas AT sexy DOT is. OK job@ kn@
* Indent labels for diffability.jsing2019-11-041-5/+5
|
* Remove spaces between * and variable names.jsing2019-11-041-25/+25
|
* Remove explicit NULL checks before *_free() calls.jsing2019-11-041-21/+14
|
* Hook openssl(1) cms back up.jsing2019-11-043-4/+8
|
* Currently we need to include pem.h before cms.h...jsing2019-11-041-2/+3
|
* Remove engine argument from load_cert() calls.jsing2019-11-041-8/+8
| | | | This was cleaned up after cms went to the attic.
* Bring openssl(1) cms back from the attic.jsing2019-11-041-0/+1142
|
* Add regress for CMS sign and verify.jsing2019-11-041-2/+125
|
* Reshuffle RSA_PSS_PARAMS and RSA_OAEP_PARAMS to avoid duplicate typedef.jsing2019-11-041-21/+19
| | | | | | Issue spotted by bcook@ ok bcook@ inoguchi@
* Add RSA-PSS test for genpkey in appstest.shinoguchi2019-11-031-1/+9
|
* Sort standard_methods by pkey_id.inoguchi2019-11-021-4/+4
| | | | ok jsing@
* CMS didn't make the 6.6 release: adjust the text in the HISTORY sectionsschwarze2019-11-0223-69/+69
|
* Hook cms regress.jsing2019-11-021-1/+2
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-25 00:36:36 +0000