summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Expand)AuthorAgeFilesLines
...
* set error_depth and current_cert to make more legacy callbacks that don't checkbeck2020-09-151-1/+3
* Deduplicate the time validation code between the legacy and newbeck2020-09-153-27/+8
* ifdef out code that is no longer used in here. once we are certainbeck2020-09-151-2/+5
* Cleanup/simplify SSL_set_ssl_method().jsing2020-09-151-18/+18
* Mop up the get_ssl_method function pointer.jsing2020-09-152-50/+2
* Test botan TLS client with libressl, openssl, openssl11 server.bluhm2020-09-154-6/+305
* Move state initialisation from SSL_clear() to ssl3_clear().jsing2020-09-142-4/+4
* Cleanup and simplify SSL_set_session().jsing2020-09-141-36/+22
* Avoid NULL deref SSL_{,CTX_}set_ciphersuitestb2020-09-141-2/+2
* simplify RETURN VALUES for x509_verify(3) after beck@ made the rulesschwarze2020-09-141-7/+3
* Add initial man page for new x509_verify chain validatorbeck2020-09-141-0/+225
* Set error if we are given an NULL ctx in x509_verify, and set errorbeck2020-09-141-5/+3
* nuke a stray spacetb2020-09-141-2/+2
* Fix potential leak when tmpext fails to be added tobeck2020-09-141-2/+6
* Change the known output to be the expected output, so that webeck2020-09-141-1421/+1421
* Use a fixed validation time in these tests so we neverbeck2020-09-141-2/+4
* remove unneeded variable "type".beck2020-09-141-6/+5
* Don't leak names on successbeck2020-09-141-1/+2
* remove unneded variable "time1"beck2020-09-141-6/+6
* remove unneded variable "time"beck2020-09-141-3/+2
* fix bug introduced on review where refactor made it possible tobeck2020-09-141-2/+2
* re-enable new x509 chain verifier as the defaultbeck2020-09-141-3/+1
* Correctly fix double free introduced on review.beck2020-09-142-3/+3
* Fix double free - review moved the pop_free of roots to x509_verify_ctx_freebeck2020-09-141-2/+1
* revert previous, need to fix a problembeck2020-09-141-1/+3
* Enable the use of the new x509 chain validator by default.beck2020-09-141-3/+1
* Connect a client to a server. Both can be current libressl, orbluhm2020-09-145-10/+193
* Add regress for SSL_{CTX_,}set_ciphersuites().jsing2020-09-132-7/+318
* Implement SSL_{CTX_,}set_ciphersuites().jsing2020-09-135-13/+211
* Add new x509 certificate chain validator in x509_verify.cbeck2020-09-1311-68/+1281
* Improve handling of BIO_read()/BIO_write() failures in the TLSv1.3 stack.jsing2020-09-131-1/+9
* Use the correct type for tls1_set_ec_id()tb2020-09-121-3/+3
* Simplify tls1_set_ec_id() a bittb2020-09-121-24/+19
* Unindent a bit of code that performs a few too many checks totb2020-09-121-10/+8
* If CPU does not support AES-NI, LibreSSL TLS 1.3 client prefersbluhm2020-09-121-9/+18
* Avoid an out-of-bounds access in BN_rand()tb2020-09-121-3/+8
* Change over to use the new x509 name constraints verification.beck2020-09-121-28/+7
* remove unused include that breaks regressbeck2020-09-121-1/+0
* Include machine/endian.h in gost2814789.cinoguchi2020-09-121-1/+3
* Enable cert and cipher interop tests. cert just works. cipher hasbluhm2020-09-113-55/+35
* Add x509_constraints.c - a new implementation of x509 name constraints, withbeck2020-09-115-7/+1767
* Remove cipher_list_by_id.jsing2020-09-117-89/+32
* Simplify SSL_get_ciphers().jsing2020-09-111-13/+7
* Rename ssl_cipher_is_permitted()jsing2020-09-113-10/+10
* Some SSL_AD_* defines snuck into the TLSv1.3 code - replace them withjsing2020-09-112-10/+10
* Add issuer cache, to be used by upcoming changes to validation code.beck2020-09-113-1/+216
* Various ciphers related clean up.jsing2020-09-111-41/+36
* Enable test-tls13-large-number-of-extensions.pytb2020-09-101-2/+7
* Wrap long lines, add space in front of goto label in openssl(1) ocsp.cinoguchi2020-09-091-93/+118
* Change SSLv23_client_method to TLS_client_method openssl(1) ocspinoguchi2020-09-091-2/+2
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-26 12:55:58 +0000