Fix a crash in tls_construct_client_certificate.
[openssl.git] / ssl /
2017-07-03 Bernd EdlingerFix a crash in tls_construct_client_certificate.
2017-07-03 Matt CaswellFix TLSv1.3 exporter
2017-06-30 Matt CaswellDrop support for OPENSSL_NO_TLS1_3_METHOD
2017-06-29 Matt CaswellUpdates following review of SSL_export_key_material...
2017-06-29 Matt CaswellUpdate SSL_export_keying_material() for TLSv1.3
2017-06-28 Todd Shortssl_session_dup() missing ext.alpn_session
2017-06-25 Benjamin KadukDisallow DSA/SHA1/etc. for pure TLS 1.3 ClientHellos
2017-06-23 Matt CaswellFix another EVP_DigestVerify() instance
2017-06-23 Matt CaswellTreat all failures from EVP_DigestVerify() as a bad...
2017-06-22 Alexey KomninFix tls1_generate_master_secret
2017-06-22 David BenjaminFix the names of ChaCha20-Poly1305 cipher suites in...
2017-06-21 Paul YangAvoid compiler complaining
2017-06-21 Matt CaswellAdd documentation for the SSL_export_keying_material...
2017-06-21 Matt CaswellFix DTLS failure when used in a build which has SCTP...
2017-06-21 Matt CaswellPSK related tweaks based on review feedback
2017-06-21 Matt CaswellFix some bugs in the TLSv1.3 PSK code
2017-06-21 Matt CaswellMake the input parameters for SSL_SESSION_set1_master_k...
2017-06-21 Matt CaswellAdd SSL_SESSION_set_protocol_version()
2017-06-21 Matt CaswellAdd SSL_SESSION_set_cipher()
2017-06-21 Matt CaswellAdd SSL_SESSION_set1_master_key()
2017-06-21 Matt CaswellAdd a function to get the handshake digest for an SSL_C...
2017-06-21 Matt CaswellAdd public API functions for setting TLSv1.3 PSK callbacks
2017-06-21 Matt CaswellAdd TLSv1.3 client side external PSK support
2017-06-21 Matt CaswellAdd TLSv1.3 server side external PSK support
2017-06-21 Dr. Stephen HensonUse EVP_PKEY_X25519, EVP_PKEY_ED25519 instead of NIDs...
2017-06-21 Dr. Stephen HensonAllow Ed25519 in TLS 1.2
2017-06-21 Dr. Stephen HensonConvert key exchange to one shot call
2017-06-21 Dr. Stephen HensonAdd Ed25519 to trace output
2017-06-21 Dr. Stephen HensonHandle signature algorithms with no associated digest
2017-06-21 Dr. Stephen HensonAdd Ed25519 signature algorithm
2017-06-21 Dr. Stephen HensonAdd Ed25519 to signature algorithm table
2017-06-21 Dr. Stephen HensonAdd index for ED25519
2017-06-21 Dr. Stephen HensonUse X509_get_signature_info to get signature strength.
2017-06-21 Rich SalzMerge Nokia copyright notice into standard
2017-06-20 Rich SalzModify Sun copyright to follow OpenSSL style
2017-06-16 Matt CaswellTweak the check that a ciphersuite has not changed...
2017-06-16 Matt CaswellFix an uninitialised variable warning
2017-06-16 Matt CaswellMove ciphersuite selection before session resumption...
2017-06-16 Matt CaswellAllow the server to change the ciphersuite on resume
2017-06-15 Benjamin KadukFix no-ec
2017-06-12 Bernd EdlingerFix a memleak in tls13_generate_secret.
2017-06-12 Rich SalzPut message strings in state files
2017-06-12 Benjamin KadukAdd SSL_early_get1_extensions_present()
2017-06-12 Benjamin Kadukdrop some no-longer-relevant TODO(TLS1.3) entries
2017-06-11 Rich SalzIf-guard to avoid null ptr deref in statem_srvr.c
2017-06-09 Pichulin Dmitriifix check of broken implementations of GOST ciphersuites
2017-06-09 Paul YangFix a bundle of trailing spaces in several files
2017-06-08 Tomas MrazIgnore -named_curve auto value to improve backwards...
2017-06-08 Diego Santa CruzUse memset to clear SRP_CTX instead of NULL and zero...
2017-06-08 Diego Santa CruzMake SRP_CTX.info ownership and lifetime be the same...
2017-06-08 Matt CaswellAdd back support for SHA224 based sig algs
2017-06-07 Rich Salzmake error tables const and separate header file
2017-06-06 Todd ShortFix #2400 Add NO_RENEGOTIATE option
2017-06-06 Todd ShortAlways flush the BIO when we send any alert
2017-06-02 Todd ShortFix ex_data and session_dup issues
2017-05-26 Todd ShortFix inconsistent check of UNSAFE_LEGACY_RENEGOTIATION
2017-05-23 Dr. Stephen HensonDon't use one shot API for SSLv3.
2017-05-22 Matt CaswellAdd an error to the stack on failure in dtls1_write_bytes()
2017-05-22 Matt CaswellConvert existing usage of assert() to ossl_assert(...
2017-05-22 Matt CaswellFix some style issues in returns
2017-05-22 Matt CaswellReplace instances of OPENSSL_assert() with soft asserts...
2017-05-19 Matt CaswellFix return code in tls1_mac
2017-05-19 Matt CaswellMake SSL_is_server() accept a const SSL
2017-05-19 Matt CaswellTry to be more consistent about the alerts we send
2017-05-18 Matt CaswellFix EXT_RETURN usage for add_key_share()
2017-05-17 Matt CaswellAllow a missing sig algs extension if resuming
2017-05-17 Matt CaswellAdd a new unsolicited extension error code and add...
2017-05-17 Matt CaswellFail if we receive a response to an extension that...
2017-05-17 Matt CaswellDon't allow fragmented alerts
2017-05-11 Bernd EdlingerFix gcc-7 warnings.
2017-05-11 Matt CaswellAdd some extra comments following alert changes
2017-05-11 Matt CaswellAdd some checks for trailing data after extension blocks
2017-05-11 Matt CaswellSend a missing_extension alert if key_share/supported...
2017-05-11 Matt CaswellTLSv1.3 alert and handshake messages can never be 0...
2017-05-11 Matt CaswellTLSv1.3 alerts cannot be fragmented and only one per...
2017-05-11 Matt CaswellCheck that a TLSv1.3 encrypted message has an app data...
2017-05-11 Matt CaswellSend an illegal parameter alert if the update type...
2017-05-11 Matt CaswellEnsure we fail with a decode error alert if the server...
2017-05-11 Matt CaswellFix more alert codes
2017-05-11 Matt CaswellVerify that there is no trailing data after the extensi...
2017-05-11 Matt CaswellFix some alert codes
2017-05-11 Matt CaswellReject unknown warning alerts in TLSv1.3
2017-05-11 Dr. Stephen HensonAdd EVP_DigestSign and EVP_DigesVerify
2017-05-10 Matt CaswellCopy custom extension flags in a call to SSL_set_SSL_CTX()
2017-05-10 Richard LevitteFix 'no-ec'
2017-05-09 Matt CaswellVerify that if we have an HRR then something will change
2017-05-09 Matt CaswellFix HRR bug
2017-05-09 Matt CaswellDon't do the final key_share checks if we are in an HRR
2017-05-09 Matt CaswellVerify that only NULL compression is sent in TLSv1...
2017-05-08 Matt CaswellAdd support to SSL_trace() for inner content types
2017-05-08 Matt CaswellRemove support for OPENSSL_SSL_TRACE_CRYPTO
2017-05-08 Matt CaswellUpdates to supported_groups following review feedback
2017-05-08 Matt CaswellSend the supported_groups extension in EE where applicable
2017-05-04 Matt CaswellUpdates to serverinfo fix based on review feedback
2017-05-04 Matt CaswellFix SSL_CTX_use_serverinfo_ex() et al to properly handl...
2017-05-04 Matt CaswellRevert "Fix clang compile time error"
2017-05-04 Todd ShortFix clang compile time error
2017-05-03 Matt CaswellUpdate the HKDF labels for draft-20
2017-05-03 Todd ShortLimit padded record to max plaintext
2017-05-03 Matt CaswellClarify serverinfo usage with Certificate messages
next