Age | Commit message (Expand) | Author |
2017-08-09 | Pull out the code that identifies if we have an ECC cipher in the cipher | Joel Sing |
2017-07-24 | Rewrite and move the last remnants of the ServerHello SNI handling into | Joel Sing |
2017-07-24 | Rewrite the TLS Renegotiation Indication extension handling using CBB/CBS | Joel Sing |
2017-07-23 | Hook the TLS extension parsing framework into the serverhello parsing. | Joel Sing |
2017-07-19 | Check the return value of CBB_init_fixed(), since it can fail. | Joel Sing |
2017-07-16 | Start rewriting TLS extension handling. | Joel Sing |
2017-05-07 | Move state from ssl->internal to the handshake structure. | Bob Beck |
2017-05-06 | Bring in an SSL_HANDSHAKE structure and commence the great shovelling | Bob Beck |
2017-02-07 | Change SSLerror() back to taking two args, with the first one being an SSL *. | Bob Beck |
2017-01-26 | Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly | Bob Beck |
2017-01-26 | Send the error function codes to rot in the depths of hell where they belong | Bob Beck |
2017-01-26 | Remove most of SSL3_ENC_METHOD - we can just inline the function calls | Joel Sing |
2017-01-24 | sk_pop_free() checks for NULL so do not bother doing it from the callers. | Joel Sing |
2017-01-24 | #if 0 the ecformats_list and eccurves_list - these are currently unused but | Joel Sing |
2017-01-24 | Add support for setting the supported EC curves via | Joel Sing |
2017-01-24 | Correct bounds checks used when generating the EC curves extension. | Joel Sing |
2017-01-24 | Fix typo in brainpool curve name within a comment. | Joel Sing |
2017-01-23 | Move options and mode from SSL_CTX and SSL to internal, since these can be | Joel Sing |
2017-01-23 | Split most of SSL_METHOD out into an internal variant, which is opaque. | Joel Sing |
2017-01-23 | send state and rstate from ssl_st into internal. There are accessors | Bob Beck |
2017-01-23 | Move a large part of ssl_st into internal, so we can see what squeals. | Bob Beck |
2017-01-23 | Move most of the fields in SSL_CTX to internal - the ones that remain are | Joel Sing |
2017-01-23 | move the callbacks from ssl_st to internal | Bob Beck |
2017-01-23 | Move callback function pointers and argument pointers from SSL_CTX to | Joel Sing |
2017-01-22 | Move most of the SSL3_STATE fields to internal - the ones that remain are | Joel Sing |
2017-01-22 | Move ALPN and NPN fields from SSL/SSL_CTX to internal. | Joel Sing |
2017-01-22 | Move internal parts of ssl_session_st to internal | Bob Beck |
2016-12-21 | Add support for ECDHE with X25519. | Joel Sing |
2016-12-18 | Convert ssl3_get_server_hello() to CBS. | Joel Sing |
2016-11-05 | Convert ssl3_get_server_kex_ecdhe() to CBS, simplifying tls1_check_curve() | Joel Sing |
2016-10-19 | Remove support for fixed ECDH cipher suites - these is not widely supported | Joel Sing |
2016-10-02 | Check for and handle failure of HMAC_{Update,Final} or EVP_DecryptUpdate() | Philip Guenther |
2016-10-02 | Detect zero-length encrypted session data early, instead of when malloc(0) | Philip Guenther |
2016-09-22 | Avoid unbounded memory growth, which can be triggered by a client | Joel Sing |
2016-09-22 | Improve ticket validity checking when tlsext_ticket_key_cb() callback | Philip Guenther |
2016-08-27 | Be more strict when parsing TLS extensions. | Joel Sing |
2016-05-30 | deprecate internal use of EVP_[Cipher|Encrypt|Decrypt]_Final. | Bob Beck |
2016-03-10 | http -> https for a few more IETF URLs in comments or man pages | Michael McConville |
2015-09-12 | Remove most of the SSLv3 version checks and a few TLS v1.0. | Doug Hogan |
2015-09-01 | Remove the ssl_prepare_{client,server}hello_tlsext() functions, which are | Joel Sing |
2015-08-19 | Properly handle missing TLS extensions in client hello as a non-failure. | Brent Cook |
2015-07-24 | Convert tls1_process_ticket to CBS. | Doug Hogan |
2015-07-24 | Convert tls1_process_sigalgs to CBS. | Doug Hogan |
2015-07-19 | Allow *_free() functions in libssl to handle NULL input. | Doug Hogan |
2015-07-17 | Remove compat hack that disabled ECDHE-ECDSA on OS X. | Doug Hogan |
2015-06-19 | Convert tls1_alpn_handle_client_hello() to CBS. | Doug Hogan |
2015-06-17 | Convert ssl_next_proto_validate to CBS. | Doug Hogan |
2015-06-17 | Convert tls1_check_curve to CBS. | Doug Hogan |
2015-03-02 | Fix a minor information leak that was introduced in t1_lib.c r1.71, whereby | Joel Sing |
2014-12-14 | unifdef OPENSSL_NO_NEXTPROTONEG, which is one of the last standing #ifndef | Joel Sing |