summaryrefslogtreecommitdiff
path: root/lib/libssl/tls13_server.c
AgeCommit message (Expand)Author
2022-02-03Cleanup/simplify ssl_cert_type()Joel Sing
2022-01-11Remove peer_pkeys from SSL_SESSION.Joel Sing
2022-01-11Rename 'peer' to 'peer_cert' in SSL_SESSION.Joel Sing
2022-01-08Merge SESS_CERT into SSL_SESSION.Joel Sing
2022-01-08Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.Joel Sing
2022-01-07Convert legacy server to tls_key_share.Joel Sing
2022-01-05Rename tls13_key_share to tls_key_share.Joel Sing
2021-12-26Correct SSL_get_peer_cert_chain() when used with the TLSv1.3 stack.Joel Sing
2021-10-31libssl: stop reaching into the X509 struct and simplify some code byTheo Buehler
2021-10-25Fold SSL_SESSION_INTERNAL back into SSL_SESSION.Joel Sing
2021-10-23Provide a way to determine our maximum legacy version.Joel Sing
2021-10-23Use X509_STORE_CTX_get0_chain() instead of grabbing the chain directlyTheo Buehler
2021-07-01Merge SSL_METHOD_INTERNAL into SSL_METHOD.Joel Sing
2021-06-29Provide a ssl_sigalg_for_peer() function and use in the TLSv1.3 code.Joel Sing
2021-06-29Move the RSA-PSS check for TLSv1.3 to ssl_sigalg_pkey_ok().Joel Sing
2021-06-27Track the sigalgs used by ourselves and our peer.Joel Sing
2021-06-27Change ssl_sigalgs_from_value() to perform sigalg list selection.Joel Sing
2021-06-27Rename ssl_sigalg() to ssl_sigalg_from_value().Joel Sing
2021-06-11Indent all labels with a single space.Joel Sing
2021-06-08TLSv1.3 server: avoid sending alerts in legacy recordsTheo Buehler
2021-05-16Make local header inclusion consistent.Joel Sing
2021-05-16Avoid pulling ssl_sigalgs.h in via ssl_locl.h.Joel Sing
2021-03-29Move finished and peer finished to the handshake struct.Joel Sing
2021-03-24Rename new_cipher to cipher.Joel Sing
2021-03-21Move the TLSv1.3 handshake struct inside the shared handshake struct.Joel Sing
2021-03-10Improve internal version handling.Joel Sing
2021-02-25Only use TLS versions internally (rather than both TLS and DTLS versions).Joel Sing
2021-01-09Add support for SSL_get_shared_ciphers() in TLSv1.3Theo Buehler
2021-01-07Rename two local variables ssl to s for consistencyTheo Buehler
2021-01-06Use tls13_secret_{init,cleanup}() for the finished_keyTheo Buehler
2021-01-05Use consistent names in tls13_{client,server}_finished_{recv,send}().Joel Sing
2021-01-05Use legacy verifier when building auto chains.Joel Sing
2020-12-14Fix SSL_get{,_peer}_finished() with TLSv1.3Theo Buehler
2020-11-17typo & punctuation in commentTheo Buehler
2020-11-11Implement auto chain for the TLSv1.3 server.Joel Sing
2020-07-03Improve argument order for the internal tlsext APITheo Buehler
2020-06-25Switch the order of the two tests in tls13_client_hello_required_extensionsTheo Buehler
2020-06-24Enforce restrictions for ClientHello extensionsTheo Buehler
2020-06-06Implement a rolling hash of the ClientHello message, Enforce RFC 8446Bob Beck
2020-06-04Align tls13_server_select_certificate() withTheo Buehler
2020-06-02distracting whitespaceTheo Buehler
2020-05-29Improve server certificate selection for TLSv1.3.Joel Sing
2020-05-29Wire up the servername callback in the TLSv1.3 server.Joel Sing
2020-05-23Wire up SSL_MODE_AUTO_RETRY mode to retrying after PHH messages.Joel Sing
2020-05-23Do not assume that server_group != 0 or tlsext_supportedgroups != NULLTheo Buehler
2020-05-22Ensure we only attach an ocsp staple to a leaf certificate, becauseBob Beck
2020-05-21Actually set the hrr flag when sending a HelloRetryRequest.Joel Sing
2020-05-19Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.Joel Sing
2020-05-19Add support for TLS 1.3 server to send certificate statusBob Beck
2020-05-16Avoid sending an empty certificate list from the TLSv1.3 server.Joel Sing