summaryrefslogtreecommitdiff
path: root/lib/libssl
AgeCommit message (Expand)Author
2019-06-12add missing backlinks to ssl(3)Ingo Schwarze
2019-06-12List all 17 SSL pages that were missing.Ingo Schwarze
2019-06-08remove pointless NOTES section header linesIngo Schwarze
2019-06-05provide getters and setters for the RSA_METHOD interfaceGilles Chehade
2019-05-29Relax parsing of TLS key share extensions on the server.Joel Sing
2019-05-29Do not send an SNI extension when resuming a session that contains a serverJoel Sing
2019-05-28Fix typo and label indent.Joel Sing
2019-05-28Tidy up some names/structures following the renaming of TLS extensionJoel Sing
2019-05-20*an* RSA;Jason McIntyre
2019-05-15s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there isBrent Cook
2019-05-13Remove unused pad check, which is handled by tls1_cbc_remove_padding() now.Brent Cook
2019-05-08In DTLS, use_srtp is part of the extended server hello while in TLSv1.3,Theo Buehler
2019-04-25Use calloc/freezero when allocating and freeing the session ticket data.Joel Sing
2019-04-25Use EVP_CIPHER_CTX_{new,free}() and HMAC_CTX_{new,free}() instead ofJoel Sing
2019-04-25Rename some variables in tls_decrypt_ticket().Joel Sing
2019-04-23Convert tls_decrypt_ticket() to CBS.Joel Sing
2019-04-22Provide a derr label (decode/decrypt error) in tls1_decrypt_ticket().Joel Sing
2019-04-22Pass the session ID down to the session/ticket handling code as a CBS.Joel Sing
2019-04-22Inline and remove the tlsext_tick_md macro.Joel Sing
2019-04-21Clean up tls1_process_ticket().Joel Sing
2019-04-21Cleanup more of tls_decrypt_ticket().Joel Sing
2019-04-21Start cleaning up tls_decrypt_ticket().Joel Sing
2019-04-13Avoid leak in SSL_dup_CA_list()Theo Buehler
2019-04-09Recommend SSL_CTX_add1_chain_cert(3) rather thanIngo Schwarze
2019-04-09Document SSL_CTX_clear_mode(3) and SSL_clear_mode(3).Ingo Schwarze
2019-04-05By design, our state machine is a DAG contrary to the state machine inTheo Buehler
2019-04-05Import SSL_CTX_add1_chain_cert(3) from OpenSSL branch 1.1.1, which is stillIngo Schwarze
2019-04-05Zap two dead #defines that were unused since jsing deleted theTheo Buehler
2019-04-04Implement legacy fallback for the TLS 1.3 client.Joel Sing
2019-04-04Clean up the cipher/digest table mess.Joel Sing
2019-04-04Bump libssl/libtls minors due to symbol addition.Joel Sing
2019-04-04Provide SSL chain/cert chain APIs.Joel Sing
2019-04-04This case also needs to be fatal.Joel Sing
2019-04-01mark ERR_R_INTERNAL_ERROR instead of assert or _exit, sighTheo de Raadt
2019-04-01Correct subtle bug in sigalgs, only care about curve_nid if we areBob Beck
2019-03-31Clean up and simplify the client verify code:Joel Sing
2019-03-25Strip out all of the pkey to sigalg and sigalg to pkey linkages.Joel Sing
2019-03-25tls1_process_sigalgs() is no longer needed.Joel Sing
2019-03-25Defer sigalgs selection until the certificate is known.Joel Sing
2019-03-25Rework ssl_ctx_use_certificate_chain_bio() to use the CERT_PKEY chain.Joel Sing
2019-03-25Remove ssl_get_server_send_cert() which is now unused.Joel Sing
2019-03-25Rework ssl3_output_cert_chain() to take a CERT_PKEY and consider chains.Joel Sing
2019-03-25Add a chain member to CERT_PKEY and provide functions for manipulating it.Joel Sing
2019-03-24If ssl_cipher_apply_rule() is given a specific cipher suite, match on it.Joel Sing
2019-03-24do not call assert(), which has a tendency to leave traces of stuff inTheo de Raadt
2019-03-19Avoid an internal 2 byte overread in ssl_sigalgs().Joel Sing
2019-03-19Revert TLS1_get{,_client}_version simplification because DTLS.Joel Sing
2019-03-18* note that the handshake must be completed firstIngo Schwarze
2019-03-18In ssl.h rev. 1.165, tb@ provided version agnostic DTLS methods.Ingo Schwarze
2019-03-17bump minors after symbol additionTheo Buehler