summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Expand)Author
2020-05-29Mop up servername_done, which is unused.Joel Sing
2020-05-29from edgar pettijohn: correct return type in pcap_open_live.3;Jason McIntyre
2020-05-27This patch fixes one bug and one instance of undesirable behaviour.Ingo Schwarze
2020-05-27document PKCS7_dataFinal(3);Ingo Schwarze
2020-05-27add support for pcap_breakloop when reading packets from files.David Gwynne
2020-05-26minor cleanup ahead of the following work:Ingo Schwarze
2020-05-26Add additional length checks for TLSv1.3 plaintext and inner plaintext.Joel Sing
2020-05-25from edgar pettijohn:Jason McIntyre
2020-05-25Add missing .Xr and .Nm, reword and simplify few sentencesAlexandre Ratchov
2020-05-24Fix some stylistic nits from jsing.Theo Buehler
2020-05-24Clear SSL_MODE_AUTO_RETRY in libtls, since we handle WANT_POLLIN correctly.Joel Sing
2020-05-24Minimally document PKCS7_dataInit(3).Ingo Schwarze
2020-05-24Briefly mention the obsolete function OPENSSL_init(3).Ingo Schwarze
2020-05-23Enforce that SNI hostnames be correct as per rfc 6066 and 5980.Bob Beck
2020-05-23Enable SSL_MODE_AUTO_RETRY by default.Joel Sing
2020-05-23Wire up SSL_MODE_AUTO_RETRY mode to retrying after PHH messages.Joel Sing
2020-05-23Provide the option to retry or return after post-handshake messages.Joel Sing
2020-05-23fix a confusingly wrapped lineTheo Buehler
2020-05-23Do not assume that server_group != 0 or tlsext_supportedgroups != NULLTheo Buehler
2020-05-22Ensure we only attach an ocsp staple to a leaf certificate, becauseBob Beck
2020-05-21Simplify: transform a dangling else into an early return andTheo Buehler
2020-05-21Make ssl_set_cert_masks() more consistent and closer to readable.Joel Sing
2020-05-21Avoid a shadowing issue by renaming cbs and cbb to cbb_hs and cbb_hs,Theo Buehler
2020-05-21A failure of tls13_handshake_msg_new() could lead to a NULL derefTheo Buehler
2020-05-21Actually set the hrr flag when sending a HelloRetryRequest.Joel Sing
2020-05-20Revert 1.43 - this fix for PHH in blocking mode breaks SSL_accept andBob Beck
2020-05-20new manual page for PKCS7_set_content(3) and PKCS7_content_new(3);Ingo Schwarze
2020-05-19Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.Joel Sing
2020-05-19Disable builtins on ppc in order to prevent the compiler from optimizing inmortimer
2020-05-19remove information already given in same sentence;Jason McIntyre
2020-05-19Replace off-topic parts of the desciption by an architecture overviewAlexandre Ratchov
2020-05-19Only send ocsp staples if the client asked for ocsp certificate status.Bob Beck
2020-05-19Add support for TLS 1.3 server to send certificate statusBob Beck
2020-05-18update libelf from elftoolchain r3717 to r3833Jonathan Gray
2020-05-17Send alerts back correctly when handling key shares, includingBob Beck
2020-05-17Free handshake message correctly, noticed by tb@Bob Beck
2020-05-17As done everywhere else, use a local version of MINIMUM() and avoidTheo de Raadt
2020-05-17Send a decode error alert if a server provides an empty certificate list.Joel Sing
2020-05-17Fix forgotten references to removed mixer.4 manualAlexandre Ratchov
2020-05-16Return TLS13_IO_WANT_POLLIN after processing post-handshake messages.Joel Sing
2020-05-16Ensure that a TLSv1.3 server has provided a certificate.Joel Sing
2020-05-16Add TLS13_ERR_NO_CERTIFICATE.Joel Sing
2020-05-16Avoid sending an empty certificate list from the TLSv1.3 server.Joel Sing
2020-05-16document PKCS7_set_type(3);Ingo Schwarze
2020-05-13Fix pesky whitespace.Joel Sing
2020-05-13Remove a no longer relevant XXX comment.Joel Sing
2020-05-13Switch back to the legacy stack where the maximum is less than TLSv1.3.Joel Sing
2020-05-13Switch the legacy version to TLS1_2_VERSION when processing server hello.Joel Sing
2020-05-12there should only be one i in gratuitousTheo Buehler
2020-05-12usb.org was stupid enough to reshuffle their website, update some URIs;Ingo Schwarze