summaryrefslogtreecommitdiffstats
path: root/ssl (follow)
Commit message (Expand)AuthorAgeFilesLines
* tls: reduce the strength of CCM_8 ciphers due to their short IV.Pauli2021-09-241-22/+22
* Change TLS RC4 cipher strength check to be data driven.slontis2021-09-232-13/+10
* Update copyright yearRichard Levitte2021-09-071-1/+1
* Fix indentation of tls13_hkdf_expand parametersDaniel Bevenius2021-09-031-3/+3
* Make the -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION pass testsTomas Mraz2021-08-311-1/+1
* Fix the array size of dtlsseq in tls1_encBernd Edlinger2021-08-251-1/+1
* Fix state name abbreviationTodd Short2021-08-191-4/+4
* Fix potential double-freeTodd Short2021-08-161-1/+1
* Omitted signature_algorithms extension alerts updatedDmitry Belyavskiy2021-08-111-2/+2
* tls/prov: move the TLS 1.3 KDF code to providersPauli2021-08-051-82/+34
* Fix dtls timeout dead codeyangyangtiantianlonglong2021-07-292-19/+6
* Update copyright yearMatt Caswell2021-07-291-1/+1
* Add missing session timeout calcTodd Short2021-07-281-0/+1
* KTLS: AES-CCM in TLS-1.3 is broken on 5.x kernels, disable itTomas Mraz2021-07-271-1/+2
* tls_process_{client,server}_certificate(): allow verify_callback return > 1Dr. David von Oheimb2021-07-212-8/+0
* Fix some minor record layer issuesMatt Caswell2021-07-173-21/+21
* Disallow SSL_key_update() if there are writes pendingMatt Caswell2021-07-161-0/+5
* Don't reset the packet pointer in ssl3_setup_read_bufferMatt Caswell2021-07-161-1/+0
* Avoid "excessive message size" for session ticketsMatt Caswell2021-07-062-1/+4
* fips module header inclusion fine-tunningTomas Mraz2021-07-061-1/+3
* Adapt other parts of the source to the changed EVP_Q_digest() and EVP_Q_mac()Richard Levitte2021-06-231-4/+2
* cross-reference the DH and RSA SECLEVEL to level of security mappingsHubert Kario2021-06-231-0/+5
* ssl: fix indentationPauli2021-06-191-1/+1
* ssl: fix indentationPauli2021-06-191-8/+8
* ssl: replace tabs with spacesPauli2021-06-194-10/+10
* ssl: do not choose auto DH groups that are weaker than the security levelPauli2021-06-193-10/+31
* Update copyright yearMatt Caswell2021-06-175-5/+5
* Disabling Encrypt-then-MAC extension in s_client/s_serverDmitry Belyavskiy2021-06-151-1/+5
* Do not duplicate symbols between libcrypto and libssl in static buildsTomas Mraz2021-06-141-7/+8
* Optimize session cache flushingTodd Short2021-06-105-59/+180
* Only call dtls1_start_timer() onceMatt Caswell2021-06-042-3/+1
* tls: remove TODOsPauli2021-06-0219-59/+13
* Modify ssl_handshake_hash to call SSLfatalTrev Larock2021-06-011-1/+3
* Rename all getters to use get/get0 in nameTomas Mraz2021-06-0118-143/+150
* ssl: ass size_t to RAND_bytes_ex()Pauli2021-06-012-4/+5
* ssl: add zero strenght arguments to BN and RAND RNG callsPauli2021-05-298-18/+18
* Call SSLfatal when the generate_ticket_cb returns 0Todd Short2021-05-271-2/+3
* Fix compilation warning with GCC11.Juergen Christ2021-05-272-3/+3
* Use "" for include crypto/xxxRich Salz2021-05-271-1/+1
* Use "" for include internal/xxxRich Salz2021-05-271-1/+1
* err: rename err_load_xxx_strings_int functionsPauli2021-05-264-5/+5
* Allow TLS13_AD_MISSING_EXTENSION for older versionsBenjamin Kaduk2021-05-252-0/+4
* Cleanup the peer point formats on regotiationDmitry Belyavskiy2021-05-211-1/+11
* Update copyright yearMatt Caswell2021-05-203-3/+3
* Let SSL_new_session_ticket() enter init immediatelyBenjamin Kaduk2021-05-191-1/+5
* Add SSL_OP_ALLOW_CLIENT_RENEGOTIATIONRich Salz2021-05-173-13/+25
* Promote SSL_get_negotiated_group() for non-TLSv1.3Benjamin Kaduk2021-05-167-4/+54
* Slightly reformat ssl.h.inRich Salz2021-05-141-2/+2
* Convert SSL_{CTX}_[gs]et_options to 64Rich Salz2021-05-143-19/+18
* Replace EVP_PKEY_supports_digest_nidTomas Mraz2021-05-131-5/+8