Age | Commit message (Expand) | Author |
2020-01-26 | typo | Theo Buehler |
2020-01-26 | Document the change in EVP_chacha20(3). | Theo Buehler |
2020-01-26 | Improve the comment explaining why the previous change matches OpenSSL's | Theo Buehler |
2020-01-26 | When an SSL method is set, bump the max version back to that of the | Joel Sing |
2020-01-26 | When switching back to a legacy client or server, ensure we reset the | Joel Sing |
2020-01-26 | Fix basement bug where record layer would not correctly deal with | Bob Beck |
2020-01-26 | Add server side support for requesting client certificates in tls 1.3 | Bob Beck |
2020-01-26 | Add client certificate support for tls 1.3 | Bob Beck |
2020-01-26 | Add sigalgs for server side to enable client certificate processing | Bob Beck |
2020-01-26 | Move pad and verify context into tls13_lib.c | Bob Beck |
2020-01-26 | Adjust EVP_chacha20()'s behavior to match OpenSSL's semantics: | Theo Buehler |
2020-01-26 | Insert two nop instructions after each svc #0 instruction in userland. | Mark Kettenis |
2020-01-25 | Add an underbar for consistency. | Theo Buehler |
2020-01-25 | Revert change to certificate request check from r1.45. | Joel Sing |
2020-01-25 | Only perform the downgrade check if our max version is less than TLSv1.3. | Joel Sing |
2020-01-25 | Preserve the transcript hash for the client finished message, | Bob Beck |
2020-01-25 | Support legacy message callbacks. First step for SSL_set_msg_callback(3) | Theo Buehler |
2020-01-25 | Correct value for SSL_TLSEXT_MSG_HRR. | Joel Sing |
2020-01-25 | Only discard the extension block for client hello and server hello | Joel Sing |
2020-01-25 | Only send an RI extension for pre-TLSv1.3 versions. | Joel Sing |
2020-01-25 | It is possible to receive a pre-TLSv1.3 alert in response to a TLSv1.3 | Joel Sing |
2020-01-25 | Correct backwards test so that we may accept a certificate requst | Bob Beck |
2020-01-24 | Document `kern.allowdt' button. | Martin Pieuchot |
2020-01-24 | Complete the initial TLSv1.3 implementation. | Joel Sing |
2020-01-24 | Preserve the TLS transcript at additional points. | Joel Sing |
2020-01-24 | Permit 0 length writes, because openssl s_client is special | Bob Beck |
2020-01-24 | Store the legacy session identifier from the ClientHello so we can actually | Joel Sing |
2020-01-24 | Switch to encrypted records in the TLSv1.3 server. | Joel Sing |
2020-01-24 | Enable SSL_ENC_FLAG_SIGALGS on TLSv1_3_enc_data. | Joel Sing |
2020-01-24 | Add strings for SSL_aTLS1_3 and SSL_kTLS1_3 to SSL_CIPHER_description(). | Joel Sing |
2020-01-24 | Fix breakage in SSL_connect, SSL_accept, etc. by not propagating | Bob Beck |
2020-01-23 | Implement client hello processing in the TLSv1.3 server. | Joel Sing |
2020-01-23 | Correct several issues in the current TLSv1.3 server code. | Joel Sing |
2020-01-23 | When certificate validation fails, we must send a DECRYPT_ERROR alert | Bob Beck |
2020-01-23 | Remove the ssl_get_message function pointer from SSL_METHOD_INTERNAL. | Joel Sing |
2020-01-23 | Implement sending client certificate requests for 1.3 server | Bob Beck |
2020-01-23 | Correctly handle TLSv1.3 ciphers suites in ssl3_choose_cipher(). | Joel Sing |
2020-01-23 | Build the encrypted extensions for the 1.3 server | Bob Beck |
2020-01-23 | If we are building a legacy server hello, check to see if we are | Bob Beck |
2020-01-23 | Add checking int the client to check the magic values which are | Bob Beck |
2020-01-23 | Add code to build and send a server hello for tls 1.3 | Bob Beck |
2020-01-23 | Save the legacy session id in the client, and enforce that it is returned | Bob Beck |
2020-01-23 | Implement pending for TLSv1.3. | Joel Sing |
2020-01-23 | Remove lies from the SSL_pending man page, Our implementation never | Bob Beck |
2020-01-23 | Switch back to a function pointer for ssl_pending. | Joel Sing |
2020-01-23 | Add a TLS13_IO_ALERT return value so that we can explicitly signal when | Joel Sing |
2020-01-23 | Pass a CBB to TLSv1.3 send handlers. | Joel Sing |
2020-01-22 | The length of the IV of EVP_chacha20 is currently 64 bits, not 96. | Theo Buehler |
2020-01-22 | Wire up the TLSv1.3 server. | Joel Sing |
2020-01-22 | Pass a handshake message content CBS to TLSv1.3 receive handlers. | Joel Sing |