summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Expand)Author
2020-01-26typoTheo Buehler
2020-01-26Document the change in EVP_chacha20(3).Theo Buehler
2020-01-26Improve the comment explaining why the previous change matches OpenSSL'sTheo Buehler
2020-01-26When an SSL method is set, bump the max version back to that of theJoel Sing
2020-01-26When switching back to a legacy client or server, ensure we reset theJoel Sing
2020-01-26Fix basement bug where record layer would not correctly deal withBob Beck
2020-01-26Add server side support for requesting client certificates in tls 1.3Bob Beck
2020-01-26Add client certificate support for tls 1.3Bob Beck
2020-01-26Add sigalgs for server side to enable client certificate processingBob Beck
2020-01-26Move pad and verify context into tls13_lib.cBob Beck
2020-01-26Adjust EVP_chacha20()'s behavior to match OpenSSL's semantics:Theo Buehler
2020-01-26Insert two nop instructions after each svc #0 instruction in userland.Mark Kettenis
2020-01-25Add an underbar for consistency.Theo Buehler
2020-01-25Revert change to certificate request check from r1.45.Joel Sing
2020-01-25Only perform the downgrade check if our max version is less than TLSv1.3.Joel Sing
2020-01-25Preserve the transcript hash for the client finished message,Bob Beck
2020-01-25Support legacy message callbacks. First step for SSL_set_msg_callback(3)Theo Buehler
2020-01-25Correct value for SSL_TLSEXT_MSG_HRR.Joel Sing
2020-01-25Only discard the extension block for client hello and server helloJoel Sing
2020-01-25Only send an RI extension for pre-TLSv1.3 versions.Joel Sing
2020-01-25It is possible to receive a pre-TLSv1.3 alert in response to a TLSv1.3Joel Sing
2020-01-25Correct backwards test so that we may accept a certificate requstBob Beck
2020-01-24Document `kern.allowdt' button.Martin Pieuchot
2020-01-24Complete the initial TLSv1.3 implementation.Joel Sing
2020-01-24Preserve the TLS transcript at additional points.Joel Sing
2020-01-24Permit 0 length writes, because openssl s_client is specialBob Beck
2020-01-24Store the legacy session identifier from the ClientHello so we can actuallyJoel Sing
2020-01-24Switch to encrypted records in the TLSv1.3 server.Joel Sing
2020-01-24Enable SSL_ENC_FLAG_SIGALGS on TLSv1_3_enc_data.Joel Sing
2020-01-24Add strings for SSL_aTLS1_3 and SSL_kTLS1_3 to SSL_CIPHER_description().Joel Sing
2020-01-24Fix breakage in SSL_connect, SSL_accept, etc. by not propagatingBob Beck
2020-01-23Implement client hello processing in the TLSv1.3 server.Joel Sing
2020-01-23Correct several issues in the current TLSv1.3 server code.Joel Sing
2020-01-23When certificate validation fails, we must send a DECRYPT_ERROR alertBob Beck
2020-01-23Remove the ssl_get_message function pointer from SSL_METHOD_INTERNAL.Joel Sing
2020-01-23Implement sending client certificate requests for 1.3 serverBob Beck
2020-01-23Correctly handle TLSv1.3 ciphers suites in ssl3_choose_cipher().Joel Sing
2020-01-23Build the encrypted extensions for the 1.3 serverBob Beck
2020-01-23If we are building a legacy server hello, check to see if we areBob Beck
2020-01-23Add checking int the client to check the magic values which areBob Beck
2020-01-23Add code to build and send a server hello for tls 1.3Bob Beck
2020-01-23Save the legacy session id in the client, and enforce that it is returnedBob Beck
2020-01-23Implement pending for TLSv1.3.Joel Sing
2020-01-23Remove lies from the SSL_pending man page, Our implementation neverBob Beck
2020-01-23Switch back to a function pointer for ssl_pending.Joel Sing
2020-01-23Add a TLS13_IO_ALERT return value so that we can explicitly signal whenJoel Sing
2020-01-23Pass a CBB to TLSv1.3 send handlers.Joel Sing
2020-01-22The length of the IV of EVP_chacha20 is currently 64 bits, not 96.Theo Buehler
2020-01-22Wire up the TLSv1.3 server.Joel Sing
2020-01-22Pass a handshake message content CBS to TLSv1.3 receive handlers.Joel Sing