Reject TLS 1.2 ciphersuites if not allowed.
[openssl.git] / ssl / s3_clnt.c
2015-11-08 Dr. Stephen HensonReject TLS 1.2 ciphersuites if not allowed.
2015-10-23 Alessandro GhediniRemove useless code
2015-10-23 Alessandro GhediniFix memory leaks and other mistakes on errors
2015-09-28 Emilia KasperRT2772: accept empty SessionTicket
2015-08-11 Guy Leaver (guleaver)Fix seg fault with 0 p val in SKE
2015-07-02 Dr. Stephen HensonFix PSK handling.
2015-06-10 Kurt RoeckxOnly allow a temporary rsa key exchange when they key...
2015-06-10 Kurt RoeckxProperly check certificate in case of export ciphers.
2015-06-04 Matt CaswellRemove misleading comment
2015-06-04 Matt CaswellFix DTLS session resumption
2015-06-02 Matt CaswellFix race condition in NewSessionTicket
2015-05-20 Kurt RoeckxCorrectly check for export size limit
2015-05-20 Emilia Kasperclient: reject handshakes with DH parameters < 768...
2015-05-05 Matt CaswellAdd more error state transitions (client)
2015-04-21 Emilia KasperRepair EAP-FAST session resumption
2015-04-16 Viktor DukhovniCode style: space after 'if'
2015-03-25 Matt CaswellFix RAND_(pseudo_)?_bytes returns
2015-03-10 Matt CaswellPrevent handshake with unseeded PRNG
2015-01-22 Matt CaswellRe-align some comments after running the reformat script. OpenSSL_1_0_2-post-reformat
2015-01-22 Matt CaswellRun util/openssl-format-source -v -c .
2015-01-22 Matt CaswellFix source where indent will not be able to cope
2015-01-22 Tim Hudsonmark all block comments that need format preserving...
2015-01-07 Dr. Stephen Hensonfix error discrepancy
2015-01-06 Dr. Stephen HensonOnly allow ephemeral RSA keys in export ciphersuites.
2015-01-05 Dr. Stephen HensonECDH downgrade bug fix.
2014-12-17 Richard LevitteClear warnings/errors within KSSL_DEBUG code sections
2014-12-16 Dr. Stephen HensonCheck return value of ssl3_output_cert_chain
2014-12-16 Adam LangleyDon't set client_version to the ServerHello version.
2014-11-20 Emilia KasperEnsure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok...
2014-11-20 Emilia KasperAlways require an advertised NewSessionTicket message.
2014-11-20 Emilia KasperRemove ssl3_check_finished.
2014-11-20 Emilia KasperSet s->hit when resuming from external pre-shared secret.
2014-11-20 Emilia KasperReset s->tlsext_ticket_expected in ssl_scan_serverhello...
2014-11-19 Dr. Stephen HensonNew option no-ssl3-method which removes SSLv3_*method
2014-10-28 Emilia KasperTighten session ticket handling
2014-10-24 Dr. Stephen HensonProcess signature algorithms in ClientHello late.
2014-09-21 Tim HudsonFixed error introduced in commit f2be92b94dad3c6cbdf79d...
2014-09-05 Adam Langleypsk_client_callback, 128-byte id bug.
2014-08-15 Matt CaswellFixed out-of-bounds read errors in ssl3_get_key_exchange.
2014-08-08 Dr. Stephen HensonFix SRP authentication ciphersuites.
2014-08-06 Dr. Stephen HensonCheck SRP parameters early.
2014-08-06 Emilia KäsperFix DTLS anonymous EC(DH) denial of service
2014-07-04 Dr. Stephen HensonRemove all RFC5878 code.
2014-06-14 Dr. Stephen HensonAccept CCS after sending finished.
2014-06-07 Dr. Stephen HensonMake tls_session_secret_cb work with CVE-2014-0224...
2014-06-05 Dr. Stephen HensonFix for CVE-2014-0224
2014-06-05 Dr. Stephen HensonFix CVE-2014-3470
2014-02-20 Dr. Stephen Hensonfix WIN32 warnings
2014-02-09 Ben LaurieMerge branch '102_stable_tlsext_suppdata_changes' of...
2014-02-09 Ben LaurieMore cleanup.
2014-02-09 Ben LaurieMake it build.
2014-02-09 Ben LaurieFix whitespace, new-style comments.
2014-02-09 Scott DeboyRe-add alert variables removed during rebase
2014-02-09 Scott DeboyUpdate custom TLS extension and supplemental data ...
2014-02-09 Scott DeboyAdd callbacks supporting generation and retrieval of...
2014-01-27 Dr. Stephen HensonSupport retries in certificate callback
2013-10-20 Nick MathewsonDo not include a timestamp in the Client/ServerHello...
2013-10-01 Ben LaurieMerge remote-tracking branch 'agl/1.0.2alpn' into agl...
2013-09-18 Dr. Stephen HensonDTLS version usage fixes.
2013-09-18 Dr. Stephen HensonSuite B support for DTLS 1.2
2013-09-18 Dr. Stephen HensonDual DTLS version methods.
2013-09-18 Dr. Stephen HensonUpdate fixed DH requirements.
2013-09-18 Dr. Stephen HensonProvisional DTLS 1.2 support.
2013-09-18 Dr. Stephen HensonUse enc_flags when deciding protocol variations.
2013-09-18 Dr. Stephen HensonDTLS revision.
2013-01-15 Dr. Stephen HensonMake whitespace consistent with master branch.
2012-12-26 Dr. Stephen Hensonperform sanity checks on server certificate type as...
2012-12-26 Dr. Stephen Hensongive more meaningful error if presented with wrong...
2012-12-26 Dr. Stephen HensonAdd three Suite B modes to TLS code, supporting RFC6460.
2012-12-26 Dr. Stephen HensonMake tls1_check_chain return a set of flags indicating...
2012-12-26 Dr. Stephen HensonAbort handshake if signature algorithm used not support...
2012-12-26 Dr. Stephen Hensoncheck EC tmp key matches preferences
2012-12-26 Dr. Stephen HensonNew function ssl_set_client_disabled to set masks for...
2012-12-26 Dr. Stephen HensonAdd new ctrl to retrieve client certificate types,...
2012-12-26 Dr. Stephen HensonAdd certificate callback. If set this is called wheneve...
2012-06-06 Ben LaurieVersion skew reduction.
2012-06-03 Ben LaurieReduce version skew: trivia (I hope).
2012-05-29 Ben LaurieRFC 5878 support.
2012-04-24 Dr. Stephen HensonSubmitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
2012-04-17 Dr. Stephen HensonAdditional workaround for PR#2771
2012-04-06 Dr. Stephen HensonBackport: Revise ssl code to use CERT_PKEY structure...
2012-04-06 Dr. Stephen HensonBackport: initialise dh_clnt (from HEAD)
2012-04-06 Dr. Stephen HensonBackport DH client certificate support (from HEAD)
2012-04-06 Dr. Stephen HensonBackport support for fixed DH ciphersuites (from HEAD)
2012-03-21 cvs2svnThis commit was manufactured by cvs2svn to create branch
2012-02-09 Dr. Stephen HensonModify client hello version when renegotiating to enhan...
2011-12-31 Dr. Stephen HensonPR: 2658
2011-12-26 Dr. Stephen HensonPR: 2326
2011-11-25 Dr. Stephen HensonPR: 1794
2011-11-24 Ben LaurieDon't send NPN during renegotiation.
2011-11-13 Ben LaurieAdd Next Protocol Negotiation.
2011-09-05 Bodo MöllerFix session handling.
2011-07-25 Dr. Stephen HensonAdd HMAC ECC ciphersuites from RFC5289. Include SHA384...
2011-06-08 Dr. Stephen Hensonfix memory leak
2011-05-25 Dr. Stephen Hensonuse TLS1_get_version macro to check version so TLS...
2011-05-19 Dr. Stephen Hensonadd FIPS support to ssl: doesn't do anything on this...
2011-05-12 Dr. Stephen HensonProvisional support for TLS v1.2 client authentication...
2011-05-12 Dr. Stephen HensonProcess signature algorithms during TLS v1.2 client...
2011-05-11 Dr. Stephen HensonBackport TLS v1.2 support from HEAD.
2011-03-16 Dr. Stephen HensonFix SRP error codes (from HEAD).
next