Age | Commit message (Expand) | Author |
2019-06-14 | Further improve the documentation of library initialization and configuration. | Ingo Schwarze |
2019-06-12 | add missing backlinks to ssl(3) | Ingo Schwarze |
2019-06-12 | List all 17 SSL pages that were missing. | Ingo Schwarze |
2019-06-08 | remove pointless NOTES section header lines | Ingo Schwarze |
2019-06-05 | provide getters and setters for the RSA_METHOD interface | Gilles Chehade |
2019-05-29 | Relax parsing of TLS key share extensions on the server. | Joel Sing |
2019-05-29 | Do not send an SNI extension when resuming a session that contains a server | Joel Sing |
2019-05-28 | Fix typo and label indent. | Joel Sing |
2019-05-28 | Tidy up some names/structures following the renaming of TLS extension | Joel Sing |
2019-05-20 | *an* RSA; | Jason McIntyre |
2019-05-15 | s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is | Brent Cook |
2019-05-13 | Remove unused pad check, which is handled by tls1_cbc_remove_padding() now. | Brent Cook |
2019-05-08 | In DTLS, use_srtp is part of the extended server hello while in TLSv1.3, | Theo Buehler |
2019-04-25 | Use calloc/freezero when allocating and freeing the session ticket data. | Joel Sing |
2019-04-25 | Use EVP_CIPHER_CTX_{new,free}() and HMAC_CTX_{new,free}() instead of | Joel Sing |
2019-04-25 | Rename some variables in tls_decrypt_ticket(). | Joel Sing |
2019-04-23 | Convert tls_decrypt_ticket() to CBS. | Joel Sing |
2019-04-22 | Provide a derr label (decode/decrypt error) in tls1_decrypt_ticket(). | Joel Sing |
2019-04-22 | Pass the session ID down to the session/ticket handling code as a CBS. | Joel Sing |
2019-04-22 | Inline and remove the tlsext_tick_md macro. | Joel Sing |
2019-04-21 | Clean up tls1_process_ticket(). | Joel Sing |
2019-04-21 | Cleanup more of tls_decrypt_ticket(). | Joel Sing |
2019-04-21 | Start cleaning up tls_decrypt_ticket(). | Joel Sing |
2019-04-13 | Avoid leak in SSL_dup_CA_list() | Theo Buehler |
2019-04-09 | Recommend SSL_CTX_add1_chain_cert(3) rather than | Ingo Schwarze |
2019-04-09 | Document SSL_CTX_clear_mode(3) and SSL_clear_mode(3). | Ingo Schwarze |
2019-04-05 | By design, our state machine is a DAG contrary to the state machine in | Theo Buehler |
2019-04-05 | Import SSL_CTX_add1_chain_cert(3) from OpenSSL branch 1.1.1, which is still | Ingo Schwarze |
2019-04-05 | Zap two dead #defines that were unused since jsing deleted the | Theo Buehler |
2019-04-04 | Implement legacy fallback for the TLS 1.3 client. | Joel Sing |
2019-04-04 | Clean up the cipher/digest table mess. | Joel Sing |
2019-04-04 | Bump libssl/libtls minors due to symbol addition. | Joel Sing |
2019-04-04 | Provide SSL chain/cert chain APIs. | Joel Sing |
2019-04-04 | This case also needs to be fatal. | Joel Sing |
2019-04-01 | mark ERR_R_INTERNAL_ERROR instead of assert or _exit, sigh | Theo de Raadt |
2019-04-01 | Correct subtle bug in sigalgs, only care about curve_nid if we are | Bob Beck |
2019-03-31 | Clean up and simplify the client verify code: | Joel Sing |
2019-03-25 | Strip out all of the pkey to sigalg and sigalg to pkey linkages. | Joel Sing |
2019-03-25 | tls1_process_sigalgs() is no longer needed. | Joel Sing |
2019-03-25 | Defer sigalgs selection until the certificate is known. | Joel Sing |
2019-03-25 | Rework ssl_ctx_use_certificate_chain_bio() to use the CERT_PKEY chain. | Joel Sing |
2019-03-25 | Remove ssl_get_server_send_cert() which is now unused. | Joel Sing |
2019-03-25 | Rework ssl3_output_cert_chain() to take a CERT_PKEY and consider chains. | Joel Sing |
2019-03-25 | Add a chain member to CERT_PKEY and provide functions for manipulating it. | Joel Sing |
2019-03-24 | If ssl_cipher_apply_rule() is given a specific cipher suite, match on it. | Joel Sing |
2019-03-24 | do not call assert(), which has a tendency to leave traces of stuff in | Theo de Raadt |
2019-03-19 | Avoid an internal 2 byte overread in ssl_sigalgs(). | Joel Sing |
2019-03-19 | Revert TLS1_get{,_client}_version simplification because DTLS. | Joel Sing |
2019-03-18 | * note that the handshake must be completed first | Ingo Schwarze |
2019-03-18 | In ssl.h rev. 1.165, tb@ provided version agnostic DTLS methods. | Ingo Schwarze |