Commit History

Autor SHA1 Mensaxe Data
  Richard Levitte 2c18d164f5 Following the license change, modify the boilerplates in ssl/ %!s(int64=6) %!d(string=hai) anos
  Matt Caswell 65d2c16cbe Fix no-ec and no-tls1_2 %!s(int64=6) %!d(string=hai) anos
  Viktor Dukhovni a51c9f637c Added missing signature algorithm reflection functions %!s(int64=6) %!d(string=hai) anos
  Matt Caswell de4dc59802 Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capable %!s(int64=6) %!d(string=hai) anos
  David Woodhouse ecbb2fca93 Add EVP_PKEY_supports_digest_nid() %!s(int64=6) %!d(string=hai) anos
  David Woodhouse 2d263a4a73 Honour mandatory digest on private key in has_usable_cert() %!s(int64=6) %!d(string=hai) anos
  Matt Caswell 680bd131b6 Give a better error if an attempt is made to set a zero length groups list %!s(int64=6) %!d(string=hai) anos
  Matt Caswell b8fef8ee92 Don't use an RSA-PSS cert for RSA key exchange %!s(int64=6) %!d(string=hai) anos
  Matt Caswell b5b993b229 Use the same min-max version range on the client consistently %!s(int64=6) %!d(string=hai) anos
  Matt Caswell 11d2641f96 Check that the public key OID matches the sig alg %!s(int64=6) %!d(string=hai) anos
  Matt Caswell 871980a9ad Do not use GOST sig algs in TLSv1.3 where possible %!s(int64=6) %!d(string=hai) anos
  Pauli 8eab767a71 Check return from BN_set_word. %!s(int64=6) %!d(string=hai) anos
  Matt Caswell 309371d626 Fix EAP-FAST %!s(int64=6) %!d(string=hai) anos
  Dmitry Belyavskiy 41f10305d8 Send GOST SignatureAlgorithms when TLS 1.2 in use %!s(int64=6) %!d(string=hai) anos
  Dmitry Belyavskiy 1f65c0459a Bugfix: GOST2012 certificates for GOST ciphersuites were broken. %!s(int64=6) %!d(string=hai) anos
  Kurt Roeckx 5f96a95e25 Set sess to NULL after freeing it. %!s(int64=6) %!d(string=hai) anos
  Matt Caswell 61fb59238d Rework the decrypt ticket callback %!s(int64=6) %!d(string=hai) anos
  Matt Caswell c0638adeec Fix ticket callbacks in TLSv1.3 %!s(int64=6) %!d(string=hai) anos
  Matt Caswell ca50cd911c Fix the MAX_CURVELIST definition %!s(int64=6) %!d(string=hai) anos
  Matt Caswell 7500bc337a Allow TLSv1.3 EC certs to use compressed points %!s(int64=6) %!d(string=hai) anos
  Rich Salz cdb10bae3f Set error code on alloc failures %!s(int64=6) %!d(string=hai) anos
  Matt Caswell dcf8b01f44 Tolerate a Certificate using a non-supported group on server side %!s(int64=6) %!d(string=hai) anos
  Todd Short 4bfb96f2ad Place ticket keys into secure memory %!s(int64=6) %!d(string=hai) anos
  Matt Caswell 32305f8850 Always call the new_session_cb when issuing a NewSessionTicket in TLSv1.3 %!s(int64=6) %!d(string=hai) anos
  Todd Short df0fed9aab Session Ticket app data %!s(int64=7) %!d(string=hai) anos
  Matt Caswell 0e1d6ecf37 Add X448/Ed448 support to libssl %!s(int64=6) %!d(string=hai) anos
  Matt Caswell ee76349525 Sanity check the ticket length before using key name/IV %!s(int64=6) %!d(string=hai) anos
  Matt Caswell 1d0c08b496 The function ssl_get_min_max_version() can fail %!s(int64=6) %!d(string=hai) anos
  Benjamin Kaduk c1acef9263 Fix uninitialized read in sigalg parsing code %!s(int64=6) %!d(string=hai) anos
  Benjamin Kaduk c589c34e61 Add support for the TLS 1.3 signature_algorithms_cert extension %!s(int64=6) %!d(string=hai) anos