summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Expand)Author
2020-05-17Send alerts back correctly when handling key shares, includingBob Beck
2020-05-17Free handshake message correctly, noticed by tb@Bob Beck
2020-05-17As done everywhere else, use a local version of MINIMUM() and avoidTheo de Raadt
2020-05-17Send a decode error alert if a server provides an empty certificate list.Joel Sing
2020-05-17Fix forgotten references to removed mixer.4 manualAlexandre Ratchov
2020-05-16Return TLS13_IO_WANT_POLLIN after processing post-handshake messages.Joel Sing
2020-05-16Ensure that a TLSv1.3 server has provided a certificate.Joel Sing
2020-05-16Add TLS13_ERR_NO_CERTIFICATE.Joel Sing
2020-05-16Avoid sending an empty certificate list from the TLSv1.3 server.Joel Sing
2020-05-16document PKCS7_set_type(3);Ingo Schwarze
2020-05-13Fix pesky whitespace.Joel Sing
2020-05-13Remove a no longer relevant XXX comment.Joel Sing
2020-05-13Switch back to the legacy stack where the maximum is less than TLSv1.3.Joel Sing
2020-05-13Switch the legacy version to TLS1_2_VERSION when processing server hello.Joel Sing
2020-05-12there should only be one i in gratuitousTheo Buehler
2020-05-12usb.org was stupid enough to reshuffle their website, update some URIs;Ingo Schwarze
2020-05-11Enable the TLSv1.3 server.Joel Sing
2020-05-11Propagate record overflows to the record layer and alert.Joel Sing
2020-05-11Add record version checks.Joel Sing
2020-05-11Set the record layer legacy version from the TLSv1.3 server.Joel Sing
2020-05-11Provide an alert sent record layer callback.Joel Sing
2020-05-11Move the record layer callbacks into a struct.Joel Sing
2020-05-11Use ssl_get_new_session() in the TLSv1.3 server.Joel Sing
2020-05-10Send dummy ChangeCipherSpec messages from the TLSv1.3 serverTheo Buehler
2020-05-10Honour SSL_VERIFY_FAIL_IF_NO_PEER_CERT in the TLSv1.3 server.Joel Sing
2020-05-10Provide alert defines for TLSv1.3 and use in the TLSv1.3 code.Joel Sing
2020-05-10Provide an easy way to get debug information from TLSv1.3 handshakes.Joel Sing
2020-05-10Use size_t for OCSP response length.Joel Sing
2020-05-10Only reset TLS extension state when parsing client hello or server hello.Joel Sing
2020-05-10Correct tlsext_ocsp_resplen check.Joel Sing
2020-05-09Back out server side CCS sending. It breaks TLSv1.3 client communicationTheo Buehler
2020-05-09Forcibly ensure that only PSS may be used with RSA in TLS 1.3.Bob Beck
2020-05-09Send dummy ChangeCipherSpec messages from the TLSv1.3 serverTheo Buehler
2020-05-09Send dummy ChangeCipherSpec messages from the TLSv1.3 client.Joel Sing
2020-05-09Correct return value check to handle TLS13_IO_EOF case.Joel Sing
2020-05-09Add a middlebox_compat flag and condition session ID randomisation on it.Joel Sing
2020-05-09catch the other place this needs to changeBob Beck
2020-05-09now that 3.1.1 is out the door as a stable release bump the developmentBob Beck
2020-05-09Add support for certificate status requests in TLS 1.3 clientBob Beck
2020-05-09Make the test for the legacy_compression_method vector in the ClientHelloTheo Buehler
2020-05-09Drop a redundant test. It's effectively doing the same test twiceTheo Buehler
2020-05-09On receiving an overlong session ID terminate with an illegal_parameterTheo Buehler
2020-05-09Add support for HelloRetryRequests in the TLSv1.3 server.Joel Sing
2020-05-09crazy whitespace on one lineTheo Buehler
2020-05-09Pull the sending of alerts up into tls13_handshake_perform().Joel Sing
2020-05-09Refactor tls13_server_hello_sent().Joel Sing
2020-05-07On receiving a handshake or alert record with empty inner plaintext,Theo Buehler
2020-05-06Bump LibreSSL version to 3.1.1Theo Buehler
2020-05-03Accept two ChangeCipherSpec messages during a TLSv1.3 handshake.Joel Sing
2020-05-02Add const to TLS1.3 internal vectorsKinichiro Inoguchi