summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Expand)Author
2020-09-15set error_depth and current_cert to make more legacy callbacks that don't checkBob Beck
2020-09-15Deduplicate the time validation code between the legacy and newBob Beck
2020-09-15ifdef out code that is no longer used in here. once we are certainBob Beck
2020-09-15Cleanup/simplify SSL_set_ssl_method().Joel Sing
2020-09-15Mop up the get_ssl_method function pointer.Joel Sing
2020-09-14Move state initialisation from SSL_clear() to ssl3_clear().Joel Sing
2020-09-14Cleanup and simplify SSL_set_session().Joel Sing
2020-09-14Avoid NULL deref SSL_{,CTX_}set_ciphersuitesTheo Buehler
2020-09-14simplify RETURN VALUES for x509_verify(3) after beck@ made the rulesIngo Schwarze
2020-09-14Add initial man page for new x509_verify chain validatorBob Beck
2020-09-14Set error if we are given an NULL ctx in x509_verify, and set errorBob Beck
2020-09-14nuke a stray spaceTheo Buehler
2020-09-14Fix potential leak when tmpext fails to be added toBob Beck
2020-09-14remove unneeded variable "type".Bob Beck
2020-09-14Don't leak names on successBob Beck
2020-09-14remove unneded variable "time1"Bob Beck
2020-09-14remove unneded variable "time"Bob Beck
2020-09-14fix bug introduced on review where refactor made it possible toBob Beck
2020-09-14re-enable new x509 chain verifier as the defaultBob Beck
2020-09-14Correctly fix double free introduced on review.Bob Beck
2020-09-14Fix double free - review moved the pop_free of roots to x509_verify_ctx_freeBob Beck
2020-09-14revert previous, need to fix a problemBob Beck
2020-09-14Enable the use of the new x509 chain validator by default.Bob Beck
2020-09-13Implement SSL_{CTX_,}set_ciphersuites().Joel Sing
2020-09-13Add new x509 certificate chain validator in x509_verify.cBob Beck
2020-09-13Improve handling of BIO_read()/BIO_write() failures in the TLSv1.3 stack.Joel Sing
2020-09-13Spell out n as en for consistency with other parts of the page.Theo Buehler
2020-09-13%lln is percent ell ell n (not dee).Claudio Jeker
2020-09-12Use the correct type for tls1_set_ec_id()Theo Buehler
2020-09-12Simplify tls1_set_ec_id() a bitTheo Buehler
2020-09-12Unindent a bit of code that performs a few too many checks toTheo Buehler
2020-09-12Avoid an out-of-bounds access in BN_rand()Theo Buehler
2020-09-12Change over to use the new x509 name constraints verification.Bob Beck
2020-09-12Fix byte order handling for DLT_LOOP linkskn
2020-09-12Include machine/endian.h in gost2814789.cKinichiro Inoguchi
2020-09-11Add x509_constraints.c - a new implementation of x509 name constraints, withBob Beck
2020-09-11Remove cipher_list_by_id.Joel Sing
2020-09-11Simplify SSL_get_ciphers().Joel Sing
2020-09-11Rename ssl_cipher_is_permitted()Joel Sing
2020-09-11Some SSL_AD_* defines snuck into the TLSv1.3 code - replace them withJoel Sing
2020-09-11Add issuer cache, to be used by upcoming changes to validation code.Bob Beck
2020-09-11Various ciphers related clean up.Joel Sing
2020-09-09Set alpn_selected_len = 0 when alpn_selected is NULLKinichiro Inoguchi
2020-09-09Import latest OPENSSL_NO_* flags from OpenSSL 1.1.1gKinichiro Inoguchi
2020-09-08Mention that EC_KEY_get0_public_key returns a public key.Theo Buehler
2020-09-07Garbage collect renew_ticket in tls_decrypt_ticketTheo Buehler
2020-09-07sync a couple of minor fixes (no API/ABI change) to bring libfido2Damien Miller
2020-09-06For page-sized and larger allocations do not put the pages we'reOtto Moerbeek
2020-09-04Create ERRORS section for ober_read_elements.Martijn van Duren
2020-09-03Missed one case of errno not being set in previous.Martijn van Duren
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-02 08:39:07 +0000