Prevent OOB in SRP base64 code.
[openssl.git] / ssl / statem /
2017-02-21 Dr. Stephen Hensonremove md array: it is not used any more.
2017-02-17 Matt CaswellUpdates following review feedback
2017-02-17 Matt CaswellUpdates following review feedback
2017-02-17 Matt CaswellLimit the number of KeyUpdate messages we can process
2017-02-17 Matt CaswellActually update the keys when a KeyUpdate message is...
2017-02-17 Matt CaswellIf we receive an "update_requested" KeyUpdate then...
2017-02-17 Matt CaswellAdd the ability for a server to receive a KeyUpdate...
2017-02-17 Matt CaswellAdd the ability for a client to send a KeyUpdate message
2017-02-17 Matt CaswellAdd the ability for a client to receive a KeyUpdate...
2017-02-17 Matt CaswellProvide a function to send a KeyUpdate message
2017-02-16 Dr. Stephen HensonUse tls_choose_sigalg for client auth.
2017-02-16 Matt CaswellDon't change the state of the ETM flags until CCS proce...
2017-02-15 Dr. Stephen HensonUse CERT_PKEY pointer instead of index
2017-02-15 Dr. Stephen HensonSimplify tls_construct_server_key_exchange
2017-02-15 Dr. Stephen HensonUse cert_index and sigalg
2017-02-15 Dr. Stephen HensonChange tls_choose_sigalg so it can set errors and alerts.
2017-02-14 Matt CaswellFix no-ec compilation
2017-02-14 Matt CaswellRemove a double call to ssl3_send_alert()
2017-02-14 Matt CaswellFix a bogus uninit variable warning
2017-02-14 Matt CaswellAdd a bytestogroup macro
2017-02-14 Matt CaswellVarious style fixes following review feedback
2017-02-14 Matt CaswellImplement support for resumption with a HelloRetryRequest
2017-02-14 Matt CaswellAdd client side support for parsing Hello Retry Request
2017-02-14 Matt CaswellAdd server side support for creating the Hello Retry...
2017-02-14 Matt CaswellMake the context available to the extensions parse...
2017-02-10 Dr. Stephen HensonReplace SSL_PKEY_RSA_ENC, SSL_PKEY_RSA_SIGN
2017-02-03 Bernd EdlingerCombined patch against master branch for the following...
2017-02-02 Dr. Stephen HensonRemove special case for TLS 1.3.
2017-02-02 Dr. Stephen HensonSet signature algorithm when choosing cipher
2017-02-02 Dr. Stephen HensonCosmetic change
2017-02-02 Cory BenfieldAdd support for logging out TLSv1.3 secrets
2017-02-01 Todd ShortMajority rules, use session_ctx vs initial_ctx
2017-01-31 Dr. Stephen HensonRemove peer_md and use peer_sigalg instead.
2017-01-31 Dr. Stephen HensonDon't check certificate type against ciphersuite for...
2017-01-30 Matt CaswellFree up the memory for the NewSessionTicket extensions
2017-01-30 Dr. Stephen Hensonfix style issues
2017-01-30 Dr. Stephen HensonStore peer signature type.
2017-01-30 Dr. Stephen HensonUse uint16_t for signature scheme.
2017-01-30 Dr. Stephen Hensonuse RSA_PSS_SALTLEN_DIGEST constant
2017-01-30 Matt CaswellExpand comment in tls_process_hello_req()
2017-01-30 Matt CaswellAdd a TODO around validating the ticket age
2017-01-30 Matt CaswellVarious style fixes following review feedback
2017-01-30 Matt CaswellIf we have no suitable PSK kex modes then don't attempt...
2017-01-30 Matt CaswellMiscellaneous style tweaks based on feedback received
2017-01-30 Matt CaswellEnsure the al variable is properly ininitialised in...
2017-01-30 Matt CaswellEnsure the age_add variable is properly initialised
2017-01-30 Matt CaswellAlways ensure that session->cipher is set
2017-01-30 Matt CaswellUse the correct session resumption mechanism
2017-01-30 Matt CaswellMove session version consistency check
2017-01-30 Matt CaswellSet the kex modes on the client too.
2017-01-30 Matt CaswellImplement server side of PSK extension construction
2017-01-30 Matt CaswellImplement Server side of PSK extension parsing
2017-01-30 Matt CaswellMake sure we also cleanse the finished key
2017-01-30 Matt CaswellProvide a key_share extension finaliser
2017-01-30 Matt CaswellAdd support for client side parsing of the PSK extension
2017-01-30 Matt CaswellAdd support for the age_add field
2017-01-30 Matt CaswellConstruct the client side psk extension for TLSv1.3
2017-01-30 Matt CaswellNever send a session id in TLS1.3
2017-01-30 Matt CaswellProcess incoming NewSessionTicket messages on the clien...
2017-01-30 Matt CaswellCreate the NewSessionTicket message in TLSv1.3
2017-01-30 Matt CaswellAdd support for the psk_key_exchange_modes extension
2017-01-30 Matt CaswellMove TLSv1.3 Session Ticket processing into the state...
2017-01-30 Matt CaswellMove state machine knowledge out of the record layer
2017-01-30 Matt CaswellRemove use of the SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS...
2017-01-28 Richard LevitteCorrect pointer to be freed
2017-01-26 Dr. Stephen HensonUse correct signature algorithm list when sending or...
2017-01-26 Richard LevitteBetter check of DH parameters in TLS data
2017-01-25 Matt CaswellFix memory leaks in the Certificate extensions code
2017-01-25 FdaSilvaYYFix a few double ;
2017-01-25 FdaSilvaYYTypo, fix a comment
2017-01-24 Benjamin KadukDo not overallocate for tmp.ciphers_raw
2017-01-24 Matt CaswellFix SSL_get0_raw_cipherlist()
2017-01-23 Cory BenfieldAdd support for key logging callbacks.
2017-01-23 Matt CaswellStop server from expecting Certificate message when...
2017-01-23 Matt CaswellStop client from sending Certificate message when not...
2017-01-23 Matt CaswellFix SSL_VERIFY_CLIENT_ONCE
2017-01-10 Matt CaswellFix an uninit read picked up by Travis
2017-01-10 Matt CaswellExtend PSS signature support to TLSv1.2
2017-01-10 Matt CaswellVerify that the sig algs extension has been sent for...
2017-01-10 Matt CaswellUse NIDs instead of the old TLSv1.2 sigalgs hash and...
2017-01-10 Matt CaswellConvert Sigalgs processing to use ints
2017-01-10 Matt CaswellSign CertificateVerify messages using PSS padding
2017-01-10 Matt CaswellMake CertificateVerify TLS1.3 aware
2017-01-10 Matt CaswellMove Certificate Verify construction and processing...
2017-01-10 Rich SalzUse typedefs for PSK, NPN, ALPN callback functions
2017-01-10 Rich SalzMove extension data into sub-structs
2017-01-06 Matt CaswellFix various style issues following feedback
2017-01-06 Matt CaswellRename the chain variable to chainidx
2017-01-06 Matt CaswellInitialise the al variable
2017-01-06 Matt CaswellImplement TLSv1.3 style CertificateStatus
2017-01-06 Matt CaswellCreate Certificate messages in TLS1.3 format
2017-01-06 Matt CaswellExtends extension parsing to take the Certificate
2017-01-06 Matt CaswellExtend tls_construct_extensions() to enable passing...
2017-01-04 Richard LevitteDon't build OCSP stuff when OCSP is disabled
2016-12-29 Matt CaswellFix compilation with no-ec
2016-12-29 Matt CaswellFix extension for various no- options
2016-12-29 Matt CaswellFix the EC point formats extension
2016-12-19 Richard LevitteFix erroneous goto lable
2016-12-18 Kurt RoeckxFix memory leak in tls_parse_stoc_key_share
2016-12-08 Kurt RoeckxOnly call memcpy when the length is larger than 0.
next