summaryrefslogtreecommitdiff
path: root/lib/libssl/ssl_tlsext.c
AgeCommit message (Expand)Author
2020-06-06Implement a rolling hash of the ClientHello message, Enforce RFC 8446Bob Beck
2020-05-29Mop up servername_done, which is unused.Joel Sing
2020-05-24Fix some stylistic nits from jsing.Theo Buehler
2020-05-23Enforce that SNI hostnames be correct as per rfc 6066 and 5980.Bob Beck
2020-05-23Do not assume that server_group != 0 or tlsext_supportedgroups != NULLTheo Buehler
2020-05-19Only send ocsp staples if the client asked for ocsp certificate status.Bob Beck
2020-05-19Add support for TLS 1.3 server to send certificate statusBob Beck
2020-05-13Fix pesky whitespace.Joel Sing
2020-05-10Use size_t for OCSP response length.Joel Sing
2020-05-10Only reset TLS extension state when parsing client hello or server hello.Joel Sing
2020-05-09Add support for certificate status requests in TLS 1.3 clientBob Beck
2020-05-09Add support for HelloRetryRequests in the TLSv1.3 server.Joel Sing
2020-04-21Handle TLSv1.3 key shares other than X25519 on the server side.Joel Sing
2020-02-18drop unused include <openssl/curve25519.h>Theo Buehler
2020-02-16Avoid potential NULL dereference when parsing a server keyshare extension.Joel Sing
2020-02-06Correctly handle key share extensions in a hello retry request.Joel Sing
2020-02-01Correctly unpack client key shares.Joel Sing
2020-01-30Provide struct/functions for handling TLSv1.3 key shares.Joel Sing
2020-01-26Add sigalgs for server side to enable client certificate processingBob Beck
2020-01-25Only discard the extension block for client hello and server helloJoel Sing
2020-01-25Only send an RI extension for pre-TLSv1.3 versions.Joel Sing
2020-01-22Rename failure into alert_desc in tlsext_ocsp_server_parse().Theo Buehler
2020-01-22fix previous: alert_desc needs to be an int.Theo Buehler
2020-01-22Avoid modifying alert in the success path.Theo Buehler
2019-11-16Revert previous deduplication diff, I broke portable in a strange way.Bob Beck
2019-11-15Deduplicate some extension processing code.Bob Beck
2019-05-29Relax parsing of TLS key share extensions on the server.Joel Sing
2019-05-29Do not send an SNI extension when resuming a session that contains a serverJoel Sing
2019-05-28Fix typo and label indent.Joel Sing
2019-05-28Tidy up some names/structures following the renaming of TLS extensionJoel Sing
2019-05-08In DTLS, use_srtp is part of the extended server hello while in TLSv1.3,Theo Buehler
2019-03-25Defer sigalgs selection until the certificate is known.Joel Sing
2019-03-19Revert TLS1_get{,_client}_version simplification because DTLS.Joel Sing
2019-03-17Partially clean up the TLS1_get_{,client}_version macros.Joel Sing
2019-02-03Revert r1.38 as it introduces use of a stack value post function return.Joel Sing
2019-01-31unwrap a line introduced in previous.Theo Buehler
2019-01-30Correct handling of TLS sigalgs extension for TLSv1.0/TLSv1.1.Joel Sing
2019-01-28Deduplicate a bunch of replicated code in the extension handlingBob Beck
2019-01-28Add tls_extension_seen(), a utility to know if a particular extensionBob Beck
2019-01-24Add server side of versions, keyshare, and client and server of cookieBob Beck
2019-01-24move the extensions_seen into the handshake structBob Beck
2019-01-23Modify sigalgs extension processing to accomodate TLS 1.3.Bob Beck
2019-01-23revert previous, accidentally contained another diff in additionBob Beck
2019-01-23Modify sigalgs extension processing for TLS 1.3.Bob Beck
2019-01-20TLS 1.3 clients always need to send the supported groups extension.Joel Sing
2019-01-18bump copyright years appopriatelyBob Beck
2019-01-18Add client side of supported versions and keyshare extensions with basic regressBob Beck
2019-01-18Add support for RFC 8446 section 4.2 enforcing which extensions mayBob Beck
2019-01-18Rename TLS extension handling to use less "hello".Joel Sing
2018-11-09Add the ability to have a separate priority list for sigalgs.Bob Beck
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 09:45:31 +0000