summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Expand)Author
2021-02-15Back-out USB data toggle fix for HID devices, since we received multipleMarcus Glocker
2021-02-12Some people still argue that rand(3) and random(3) have suitable deterministicTheo de Raadt
2021-02-12Sync cert.pem with Mozilla NSS root CAs, except "GeoTrust Global CA", ok tb@Stuart Henderson
2021-02-11KNFTheo Buehler
2021-02-08correct return type for compressBound();Jason McIntyre
2021-02-08Remove bogus DTLS checks to disable ECC and OCSP.Joel Sing
2021-02-08Enforce read ahead with DTLS.Joel Sing
2021-02-08Use dtls1_retrieve_buffered_record() to load buffered application data.Joel Sing
2021-02-08Revert the convertion of per-process thread into a SMR_TAILQ.Martin Pieuchot
2021-02-07Absorb ssl3_get_algorithm2() into ssl_get_handshake_evp_md().Joel Sing
2021-02-07Correct handshake MAC/PRF for various TLSv1.2 cipher suites.Joel Sing
2021-02-07Factor out the legacy stack version checks.Joel Sing
2021-02-05Remove the terrible_ping_kludge() workaround. We have committed a fix toMarcus Glocker
2021-02-04Referece trpt(8) from the SO_DEBUG section of getsockopt(2).Alexander Bluhm
2021-02-03Fail early in legacy exporter if master secret is not availableTheo Buehler
2021-02-03Adding a hard-trap instruction after the __threxit syscall instructionKurt Miller
2021-02-03Add OID for draft-ietf-opsawg-finding-geofeedsjob
2021-02-02Add a bunch of RPKI OIDsjob
2021-02-02article fixes; from eddie yousephJason McIntyre
2021-02-01Use "EC/RSA key setup failure" to align error with othersTheo Buehler
2021-01-30missing word in commentTheo Buehler
2021-01-28Add '$' to ober_scanf_elements().Martijn van Duren
2021-01-28Remove direct assignment of aead_ctx.Joel Sing
2021-01-28Move AEAD handling into the new TLSv1.2 record layer.Joel Sing
2021-01-27Link SSL_get_finished.3 to build.Theo Buehler
2021-01-27Write SSL_get_finished() documentation from scratch.Theo Buehler
2021-01-27Merge SSL_set_hostflags documentation from OpenSSL 1.1.1i andTheo Buehler
2021-01-26Rewrap a comment line to fit into 80 columns.Theo Buehler
2021-01-26zap a tabTheo Buehler
2021-01-26Prepare to provide SSL_set_hostflags()Theo Buehler
2021-01-26Move sequence numbers into the new TLSv1.2 record layer.Joel Sing
2021-01-26Move private key setup to a helper function with proper errorEric Faurot
2021-01-26When checking for available address family for AI_ADDRCONFIG considerFlorian Obser
2021-01-22Gracefully handle any erroneous closing bracket/brace trailers inrob
2021-01-22Valid integer and enumerated types always have non-zero length. Performrob
2021-01-21when using fake keys, skip the private key checkEric Faurot
2021-01-21return -1 on error for consistencyEric Faurot
2021-01-21minor bump after symbol additionEric Faurot
2021-01-21Allow setting a keypair on a tls context without specifying the privateEric Faurot
2021-01-21Mop up unused dtls1_build_sequence_number() function.Joel Sing
2021-01-20Missing return value; ok jmc@Otto Moerbeek
2021-01-20typo; spotted by jmcStuart Henderson
2021-01-20Drop unneeded cast in seal_record_protected_cipherTheo Buehler
2021-01-19Add code to handle change of cipher state in the new TLSv1.2 record layer.Joel Sing
2021-01-19Provide functions to determine if TLSv1.2 record protection is engaged.Joel Sing
2021-01-19Provide record layer overhead for DTLS.Joel Sing
2021-01-19Factor out code for explicit IV length, block size and MAC length.Joel Sing
2021-01-19Prevent an overflow in inet_net_pton(3) when the passed in buffer isFlorian Obser
2021-01-18support PCAP_NETMASK_UNKNOWN, adapted from an old commit in upstreamStuart Henderson
2021-01-18Move sessid definition to keynote-verify.c to avoid issues with -fno-commonmortimer