Age | Commit message (Expand) | Author |
2018-12-07 | Remove an ugly hack in the client certificate verification code that works | Theo Buehler |
2018-12-03 | Send SSL_AD_DECODE alerts in the case of a bad hello request or an | Theo Buehler |
2018-11-29 | Refactor a tangle in ssl3_send_client_verify() into one function for each | Theo Buehler |
2018-11-21 | Fix DTLS transcript handling for HelloVerifyRequest. | Joel Sing |
2018-11-19 | Revert previous - DTLSv1 uses MD5+SHA1 for RSA signature verification. | Joel Sing |
2018-11-19 | Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}. | Joel Sing |
2018-11-17 | Fix DTLS, because DTLS still remains a special flower, allows regress to pass | Bob Beck |
2018-11-16 | revert previous | Bob Beck |
2018-11-16 | Fix DTLS. Because the DTLS code is strange. I am really coming around to | Bob Beck |
2018-11-16 | Unbreak legacy ciphers for prior to 1.1 by setting having a legacy | Bob Beck |
2018-11-14 | Fix wrong sizeof argument by using 'uint16_t *', with minor nit from tb@, | Ricardo Mestre |
2018-11-14 | In TLS1.2 we use evp_sha1 if we fall back this far, not evp_md5_sha1 as in 1.1 | Bob Beck |
2018-11-13 | Temporary workaround for breakage seen in www.videolan.org with curve mismatch | Bob Beck |
2018-11-13 | NULL out mdctx to prevent possible double free introduced in version 1.4 | Bob Beck |
2018-11-13 | Fix pkey_ok to be less strange, and add cuve checks required for the EC ones | Bob Beck |
2018-11-11 | Add check function to verify that pkey is usable with a sigalg. | Bob Beck |
2018-11-11 | quiet warning on other compilers | Brent Cook |
2018-11-11 | bump minors after symbol addition. | Theo Buehler |
2018-11-11 | Add SSL_set1_host(), a thin wrapper around X509_VERIFY_PARAM_set1_host(). | Theo Buehler |
2018-11-11 | Nuke trailing whitespace | Bob Beck |
2018-11-11 | Free the server tls transcript in case session reuse did not work. | Alexander Bluhm |
2018-11-11 | Add support for RSA PSS algorithims being used in sigalgs. | Bob Beck |
2018-11-11 | Convert signatures and verifcation to use the EVP_DigestXXX api | Bob Beck |
2018-11-10 | Remove dead code | Bob Beck |
2018-11-10 | Tweak and improve the TLSv1.3 state machine. | Joel Sing |
2018-11-10 | Avoid a double allocation and memory leak. | Joel Sing |
2018-11-10 | Stop keeping track of sigalgs by guessing it from digest and pkey, | Bob Beck |
2018-11-10 | Use TLS13_HS_{CLIENT,SERVER} instead of using a redundant _SEND{,S}. | Theo Buehler |
2018-11-10 | Fix last of the empty hash nonsense | Bob Beck |
2018-11-09 | Fix the TLSv1.3 key schedule implementation. | Joel Sing |
2018-11-09 | Use "send" and "recv" consistently instead of mixing them with "read" | Theo Buehler |
2018-11-09 | Ensure we free the handshake transcript upon session resumption. | Joel Sing |
2018-11-09 | Ensure we only choose sigalgs from our prefernce list, not the whole list | Bob Beck |
2018-11-09 | Add the ability to have a separate priority list for sigalgs. | Bob Beck |
2018-11-09 | Correct defines for writer tests in connect/accept loops. | Joel Sing |
2018-11-09 | Correct function naming for tls13_handshake_advance_state_machine(). | Joel Sing |
2018-11-09 | Avoid leak: free existing SRTP connection profiles before | Theo Buehler |
2018-11-09 | Add header guards and hidden declarations. | Joel Sing |
2018-11-09 | Add header guards and hidden declarations. | Joel Sing |
2018-11-09 | Reimplement the sigalgs processing code into a new implementation | Bob Beck |
2018-11-08 | First skeleton of the TLS 1.3 state machine. Based on RFC 8446 and | Theo Buehler |
2018-11-08 | KNF | Bob Beck |
2018-11-08 | Clean up and simplify the handshake transcript code. | Joel Sing |
2018-11-08 | Stop pretending that a cert member in a SSL and SSL_CTX can be NULL. | Joel Sing |
2018-11-08 | Move #include <openssl/evp.h> to the header. | Theo Buehler |
2018-11-08 | Ensure the handshake transcript is cleaned up. | Joel Sing |
2018-11-07 | Add initial TLS 1.3 key schedule support with basic regress tests | Bob Beck |
2018-11-07 | Add TLSv1.3 cipher suites (with appropriate guards). | Joel Sing |
2018-11-06 | Add TLS extension type values for TLSv1.3 (under guards). | Joel Sing |
2018-11-06 | Include TLSv1.3 in version handling code. | Joel Sing |