John Baldwin
|
85773128d0
KTLS: Check for unprocessed receive records in ktls_configure_crypto.
|
2 years ago |
Tomas Mraz
|
d5530efada
Add back check for the DH public key size
|
2 years ago |
Richard Levitte
|
d5f9166bac
Move e_os.h to include/internal
|
2 years ago |
Pauli
|
acce055778
ssl: better support TSAN operations
|
2 years ago |
Bernd Edlinger
|
0a10825a00
Enable brainpool curves for TLS1.3
|
5 years ago |
Dr. David von Oheimb
|
af16097feb
Move more general parts of internal/cryptlib.h to new internal/common.h
|
3 years ago |
Dr. David von Oheimb
|
2ff286c26c
Add and use HAS_PREFIX() and CHECK_AND_SKIP_PREFIX() for checking if string has literal prefix
|
3 years ago |
yangyangtiantianlonglong
|
b5557666bd
Fix dtls timeout dead code
|
3 years ago |
Pauli
|
d7b5c648d6
ssl: do not choose auto DH groups that are weaker than the security level
|
3 years ago |
Todd Short
|
25959e04c3
Optimize session cache flushing
|
5 years ago |
Matt Caswell
|
f570d33b02
Only call dtls1_start_timer() once
|
3 years ago |
Pauli
|
407820c0e3
tls: remove TODOs
|
3 years ago |
Juergen Christ
|
4612eec35d
Fix compilation warning with GCC11.
|
3 years ago |
Benjamin Kaduk
|
aa6bd216dd
Promote SSL_get_negotiated_group() for non-TLSv1.3
|
3 years ago |
Rich Salz
|
56bd17830f
Convert SSL_{CTX}_[gs]et_options to 64
|
3 years ago |
Pauli
|
53d85372ca
ssl: fix problem where MAC IDs were globally cached.
|
3 years ago |
Matt Caswell
|
76cb077f81
Deprecate the libssl level SRP APIs
|
3 years ago |
Benjamin Kaduk
|
3bc0b621a7
Remove unused 'peer_type' from SSL_SESSION
|
3 years ago |
Matt Caswell
|
462f4f4bc0
Remove OPENSSL_NO_EC guards from libssl
|
3 years ago |
Matt Caswell
|
8b1db5d329
Make supported_groups code independent of EC and DH
|
3 years ago |
Matt Caswell
|
ddf8f1ce63
Ensure default supported groups works even with no-ec and no-dh
|
3 years ago |
Matt Caswell
|
5b64ce89b0
Remove OPENSSL_NO_DH guards from libssl
|
3 years ago |
Richard Levitte
|
4333b89f50
Update copyright year
|
3 years ago |
Tomas Mraz
|
0c8e98e615
Avoid using OSSL_PKEY_PARAM_GROUP_NAME when the key might be legacy
|
3 years ago |
Shane Lontis
|
5b5eea4b60
Deprecate EC_KEY + Update ec apps to use EVP_PKEY
|
3 years ago |
Michael Baentsch
|
becbacd705
Adding TLS group name retrieval
|
3 years ago |
Richard Levitte
|
d8975dec0c
TLS: Use EVP_PKEY_get_group_name() to get the group name
|
3 years ago |
Matt Caswell
|
cbb85bda0c
Fix builds that specify both no-dh and no-ec
|
3 years ago |
Matt Caswell
|
a68eee679a
Move some libssl global variables into SSL_CTX
|
3 years ago |
Richard Levitte
|
d7e498ac55
Deprecate RSA harder
|
4 years ago |