summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Expand)Author
2021-02-27Move handling of cipher/hash based cipher suites into the new record layer.Joel Sing
2021-02-27Identify DTLS based on the version major value.Joel Sing
2021-02-26Set is_trusted in x509_verify_ctx_add_chain()Theo Buehler
2021-02-25Fix two bugs in the legacy verifierTheo Buehler
2021-02-25Only use TLS versions internally (rather than both TLS and DTLS versions).Joel Sing
2021-02-25Rename depth to num_untrusted so it identifies what it actually represents.Joel Sing
2021-02-25Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.Joel Sing
2021-02-25- Make use of the fact that we know how the chunks are aligned, andOtto Moerbeek
2021-02-24Fix comment explaining last_untrusted. This should really be calledTheo Buehler
2021-02-24Make the new validator check for EXFLAG_CRITICALTheo Buehler
2021-02-22Make the ober_get_* set of function to accept a NULL-pointer.Martijn van Duren
2021-02-22Fix bizarre punctuation and capitalization in a comment.Theo Buehler
2021-02-22Simplify version checks in the TLSv1.3 clientTheo Buehler
2021-02-22Factor out/change some of the legacy client version handling code.Joel Sing
2021-02-20ugly whitespaceTheo Buehler
2021-02-20Rename f_err into fatal_err.Theo Buehler
2021-02-20Rename the truncated label into decode_err. This describes its purposeTheo Buehler
2021-02-20Return a min/max version of zero if set to zero.Joel Sing
2021-02-20Add DTLSv1.2 methods.Joel Sing
2021-02-20Handle DTLS1_2_VERSION in various places.Joel Sing
2021-02-20Revise HelloVerifyRequest handling for DTLSv1.2.Joel Sing
2021-02-20Group HelloVerifyRequest decoding and add missing check for trailing data.Joel Sing
2021-02-20Add various public DTLS related defines.Joel Sing
2021-02-20Clean up/simplify dtls1_get_cipher().Joel Sing
2021-02-18Pull in fix for EVP_CipherUpdate() overflow from OpenSSL.Theo Buehler
2021-02-15Back-out USB data toggle fix for HID devices, since we received multipleMarcus Glocker
2021-02-12Some people still argue that rand(3) and random(3) have suitable deterministicTheo de Raadt
2021-02-12Sync cert.pem with Mozilla NSS root CAs, except "GeoTrust Global CA", ok tb@Stuart Henderson
2021-02-11KNFTheo Buehler
2021-02-08correct return type for compressBound();Jason McIntyre
2021-02-08Remove bogus DTLS checks to disable ECC and OCSP.Joel Sing
2021-02-08Enforce read ahead with DTLS.Joel Sing
2021-02-08Use dtls1_retrieve_buffered_record() to load buffered application data.Joel Sing
2021-02-08Revert the convertion of per-process thread into a SMR_TAILQ.Martin Pieuchot
2021-02-07Absorb ssl3_get_algorithm2() into ssl_get_handshake_evp_md().Joel Sing
2021-02-07Correct handshake MAC/PRF for various TLSv1.2 cipher suites.Joel Sing
2021-02-07Factor out the legacy stack version checks.Joel Sing
2021-02-05Remove the terrible_ping_kludge() workaround. We have committed a fix toMarcus Glocker
2021-02-04Referece trpt(8) from the SO_DEBUG section of getsockopt(2).Alexander Bluhm
2021-02-03Fail early in legacy exporter if master secret is not availableTheo Buehler
2021-02-03Adding a hard-trap instruction after the __threxit syscall instructionKurt Miller
2021-02-03Add OID for draft-ietf-opsawg-finding-geofeedsjob
2021-02-02Add a bunch of RPKI OIDsjob
2021-02-02article fixes; from eddie yousephJason McIntyre
2021-02-01Use "EC/RSA key setup failure" to align error with othersTheo Buehler
2021-01-30missing word in commentTheo Buehler
2021-01-28Add '$' to ober_scanf_elements().Martijn van Duren
2021-01-28Remove direct assignment of aead_ctx.Joel Sing
2021-01-28Move AEAD handling into the new TLSv1.2 record layer.Joel Sing
2021-01-27Link SSL_get_finished.3 to build.Theo Buehler