summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Expand)Author
2017-02-05Define values for SSL_CTRL_SET_GROUPS{,_LIST} and wire them up to theJoel Sing
2017-02-05Kill leak introduced with refactorBob Beck
2017-02-02fix a comment and rm some dead code as a result of the previous diffOtto Moerbeek
2017-02-01Let realloc handle and produce moved pointers for allocations betweenOtto Moerbeek
2017-01-31tweak previous;Jason McIntyre
2017-01-31Add tls_config_[add|set]keypair_ocsp functions so that ocsp staples may beBob Beck
2017-01-31Disable client-initiated renegotiation for libtls servers.Joel Sing
2017-01-31Provide an SSL_OP_NO_CLIENT_RENEGOTIATION option that disallowsJoel Sing
2017-01-31LibreSSL : Truncated packet could crash via OOB readKinichiro Inoguchi
2017-01-31Document functions returning standard moduli for DH key exchange.Ingo Schwarze
2017-01-30tweak previous;Jason McIntyre
2017-01-30Document BN_set_flags(3) and BN_get_flags(3).Ingo Schwarze
2017-01-29Seriously warn against calling BN_init(3), BN_MONT_CTX_init(3),Ingo Schwarze
2017-01-29remove unused variablesCharles Longeau
2017-01-29return the sio_open notes to the audio section; from michael reedJason McIntyre
2017-01-29Marko Kreen contributed significantly to the ocsp stuff for libtlsBob Beck
2017-01-29Move the ocsp staple to being part of the keypair structure internally,Bob Beck
2017-01-29Send the function codes from the error functions to the bit bucket,Bob Beck
2017-01-29Put comment back in the right place.Joel Sing
2017-01-29Avoid clearing the mac_packet flag in the wrong place.Joel Sing
2017-01-28add HISTORY and AUTHORSIngo Schwarze
2017-01-27Fix Copyright notices; ok beck@ jsing@ tedu@Ingo Schwarze
2017-01-27new sentence, new lineIngo Schwarze
2017-01-27More s/OSCP/OCSP/ typosTom Cosgrove
2017-01-26fix Dt;Jason McIntyre
2017-01-26Use a flag to track when we need to call SSL_shutdown(). This avoids anJoel Sing
2017-01-26Bump TLS_API due to new features being added earlier this week.Joel Sing
2017-01-26Bump libtls minor due to symbol additions earlier this week.Joel Sing
2017-01-26knfBob Beck
2017-01-26Convert ssl3_get_client_hello() to CBS.Joel Sing
2017-01-26Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the uglyBob Beck
2017-01-26Hide SSLerr() under #ifndef LIBRESSL_INTERNAL since we shouldn't beBob Beck
2017-01-26Send the error function codes to rot in the depths of hell where they belongBob Beck
2017-01-26Merge the single two line function from ssl_err2.c into ssl_err.c.Joel Sing
2017-01-26english is hard.Bob Beck
2017-01-26Limit the number of sequential empty records that we will processBob Beck
2017-01-26Refactor the code to generate a WANT_READ into a function, as we areBob Beck
2017-01-26Remove most of SSL3_ENC_METHOD - we can just inline the function callsJoel Sing
2017-01-26Move relatively new version range code from ssl_lib.c into a separateJoel Sing
2017-01-26Rename s3_{both,clnt,pkt_srvr}.c to have an ssl_ prefix since they are noJoel Sing
2017-01-26Merge the client/server version negotiation into the existing (currentlyJoel Sing
2017-01-26Document ERR_load_BN_strings(3).Ingo Schwarze
2017-01-26Remove ssl3_undef_enc_method - if we have internal bugs we want to segfaultJoel Sing
2017-01-26Remove a sess_cert reference from a comment in the public header.Joel Sing
2017-01-25split the tls_init(3) that had grown fat to allow healthy future growth;Ingo Schwarze
2017-01-25document BN_asc2bn(3);Ingo Schwarze
2017-01-25Limit enabled version range by the versions configured on the SSL_CTX/SSL,Joel Sing
2017-01-25__errno() returns a 32-bit pointer, so make sure we write a 32-bitPatrick Wildt
2017-01-25Change the SSL_IS_DTLS() macro to check the version, rather than using aJoel Sing
2017-01-25Construct a BN_gcd_nonct, based on BN_mod_inverse_no_branch, as suggestedBob Beck