Improve fallback protection
[openssl.git] / ssl / statem / statem_lib.c
2018-08-09 Matt CaswellImprove fallback protection
2018-08-08 Matt CaswellTolerate encrypted or plaintext alerts
2018-08-07 Andy Polyakovssl/*: switch to switch to Thread-Sanitizer-friendly...
2018-07-20 Matt CaswellValidate legacy_version
2018-07-17 Matt CaswellFix no-psk
2018-07-13 Matt CaswellAs a server don't select TLSv1.3 if we're not capable...
2018-07-13 Matt CaswellUse ssl_version_supported() when choosing server version
2018-07-03 Matt CaswellRemove TLSv1.3 tickets from the client cache as we...
2018-05-15 Matt CaswellSuport TLSv1.3 draft 28
2018-05-11 Matt CaswellFix ticket callbacks in TLSv1.3
2018-05-08 Matt CaswellKeep the DTLS timer running after the end of the handsh...
2018-04-24 Matt CaswellIn a reneg use the same client_version we used last...
2018-04-24 Matt CaswellRemove some logically dead code
2018-04-20 Matt CaswellMake sure SSL_in_init() returns 0 at SSL_CB_HANDSHAKE_DONE
2018-04-17 Matt CaswellCall the info callback on all handshake done events
2018-03-28 Rich SalzRewrite the X509->alert mapping code
2018-03-21 Matt CaswellDon't wait for dry at the end of a handshake
2018-03-15 Matt CaswellOnly update the server session cache when the session...
2018-02-09 Matt CaswellDon't calculate the Finished MAC twice
2018-02-01 Todd ShortAdd TLSv1.3 post-handshake authentication (PHA)
2018-01-30 Matt CaswellMove decisions about whether to accept reneg into the...
2018-01-24 Matt CaswellDon't send unexpected_message if we receive CCS while...
2018-01-24 Matt CaswellAdd support for sending TLSv1.3 cookies
2017-12-28 Matt CaswellDon't flush the ClientHello if we're going to send...
2017-12-14 Matt CaswellUpdate state machine to send CCS based on whether we...
2017-12-14 Matt CaswellFix an HRR bug
2017-12-14 Matt CaswellMerge HRR into ServerHello
2017-12-14 Matt CaswellUpdate ServerHello to new draft-22 format
2017-12-04 Matt CaswellAdd some more cleanups
2017-12-04 Matt CaswellConvert more functions in ssl/statem/statem.c to use...
2017-12-04 Matt CaswellConvert remaining functions in statem_clnt.c to use...
2017-12-04 Matt CaswellConvert the state machine code to use SSLfatal()
2017-12-04 Matt CaswellReplace some usage of SSLerr with SSLfatal()
2017-11-13 Andy PolyakovResolve warnings in VC-WIN32 build, which allows to...
2017-10-30 Benjamin KadukNormalize on session_ctx for stats where possible
2017-10-30 Benjamin KadukUse atomics for SSL_CTX statistics
2017-10-18 KaoruTodaRemove parentheses of return.
2017-10-09 KaoruTodaSince return is inconsistent, I removed unnecessary...
2017-09-22 Dr. Stephen HensonStore groups as uint16_t
2017-09-01 Andy Polyakovssl/statem/*.c: address "enum mixed with another type...
2017-08-03 Matt CaswellMove ossl_assert
2017-08-01 Matt CaswellFix new_session_cb calls in TLSv1.3
2017-07-13 Dr. Stephen HensonUse cert tables instead of X509_certificate_type
2017-07-13 Dr. Stephen HensonUse certificate tables instead of ssl_cert_type
2017-07-03 Bernd EdlingerFix potential crash in tls_construct_finished.
2017-06-23 Matt CaswellFix another EVP_DigestVerify() instance
2017-06-21 Dr. Stephen HensonUse EVP_PKEY_X25519, EVP_PKEY_ED25519 instead of NIDs...
2017-06-21 Dr. Stephen HensonConvert key exchange to one shot call
2017-06-21 Dr. Stephen HensonHandle signature algorithms with no associated digest
2017-06-21 Dr. Stephen HensonAdd index for ED25519
2017-06-20 Rich SalzModify Sun copyright to follow OpenSSL style
2017-06-09 Pichulin Dmitriifix check of broken implementations of GOST ciphersuites
2017-06-06 Todd ShortFix #2400 Add NO_RENEGOTIATE option
2017-05-23 Dr. Stephen HensonDon't use one shot API for SSLv3.
2017-05-22 Matt CaswellConvert existing usage of assert() to ossl_assert(...
2017-05-22 Matt CaswellReplace instances of OPENSSL_assert() with soft asserts...
2017-05-19 Matt CaswellTry to be more consistent about the alerts we send
2017-05-17 Matt CaswellFail if we receive a response to an extension that...
2017-05-11 Bernd EdlingerFix gcc-7 warnings.
2017-05-11 Matt CaswellAdd some extra comments following alert changes
2017-05-11 Matt CaswellSend an illegal parameter alert if the update type...
2017-05-11 Dr. Stephen HensonAdd EVP_DigestSign and EVP_DigesVerify
2017-05-08 Matt CaswellSend the supported_groups extension in EE where applicable
2017-04-26 Matt CaswellAdd a ciphersuite config sanity check for servers
2017-04-25 Matt CaswellRemove special case code for SCTP reneg handling
2017-04-07 Matt CaswellMove the extensions context codes into the public API
2017-04-03 Dr. Stephen HensonDon't use client specific functions to retrieve CA...
2017-04-03 Dr. Stephen HensonNew certificate_authorities functions
2017-03-29 Qin LongFix the build warning under OPENSSL_NO_GOST
2017-03-29 Benjamin KadukFurther de-obfuscation
2017-03-28 FdaSilvaYYFix a few more typos
2017-03-24 Matt CaswellMove the downgrade sentinel declarations to a header...
2017-03-24 Matt CaswellAdd client side support for TLSv1.3 downgrade mechanism
2017-03-24 Matt CaswellAdd server side support for TLSv1.3 downgrade mechanism
2017-03-17 Dr. Stephen HensonMove parsing and construction of CA names to separate...
2017-03-16 Matt CaswellUpdates following review feedback
2017-03-16 Matt CaswellHelloRetryRequest updates for draft-19
2017-03-16 Matt CaswellUpdate end of early data processing for draft-19
2017-03-07 Matt CaswellCheck TLSv1.3 ServerHello, Finished and KeyUpdates...
2017-03-02 Matt CaswellVarious fixes required to allow SSL_write/SSL_read...
2017-03-02 Matt CaswellIntroduce a new early_data state in the state machine
2017-03-02 Matt CaswellProvide an SSL_read_early() function for reading early...
2017-02-28 Emilia KasperClean up references to FIPS
2017-02-17 Matt CaswellUpdates following review feedback
2017-02-17 Matt CaswellLimit the number of KeyUpdate messages we can process
2017-02-17 Matt CaswellActually update the keys when a KeyUpdate message is...
2017-02-17 Matt CaswellIf we receive an "update_requested" KeyUpdate then...
2017-02-17 Matt CaswellAdd the ability for a client to send a KeyUpdate message
2017-02-17 Matt CaswellAdd the ability for a client to receive a KeyUpdate...
2017-02-17 Matt CaswellProvide a function to send a KeyUpdate message
2017-02-16 Dr. Stephen HensonUse tls_choose_sigalg for client auth.
2017-02-15 Dr. Stephen HensonUse cert_index and sigalg
2017-02-14 Matt CaswellFix no-ec compilation
2017-02-14 Matt CaswellImplement support for resumption with a HelloRetryRequest
2017-02-14 Matt CaswellAdd client side support for parsing Hello Retry Request
2017-02-14 Matt CaswellAdd server side support for creating the Hello Retry...
2017-02-10 Dr. Stephen HensonReplace SSL_PKEY_RSA_ENC, SSL_PKEY_RSA_SIGN
2017-02-03 Bernd EdlingerCombined patch against master branch for the following...
2017-02-02 Dr. Stephen HensonRemove special case for TLS 1.3.
2017-02-02 Cory BenfieldAdd support for logging out TLSv1.3 secrets
next