Matt Caswell
|
51256b34d8
Send a NewSessionTicket after using an external PSK
|
6 years ago |
Matt Caswell
|
35e742ecac
Update code for the final RFC version of TLSv1.3 (RFC8446)
|
6 years ago |
Benjamin Kaduk
|
1c4aa31d79
Normalize SNI hostname handling for SSL and SSL_SESSION
|
6 years ago |
Matt Caswell
|
5f26ddff7e
Always issue new tickets when using TLSv1.3 stateful tickets
|
6 years ago |
Matt Caswell
|
5d263fb78b
Make the anti-replay feature optional
|
6 years ago |
Matt Caswell
|
e880d4e58d
Use stateful tickets if we are doing anti-replay
|
6 years ago |
Matt Caswell
|
6cc0b3c217
Respect SSL_OP_NO_TICKET in TLSv1.3
|
6 years ago |
Matt Caswell
|
1aac20f509
Fix no-ec in combination with no-dh
|
6 years ago |
Matt Caswell
|
73cc84a132
Suport TLSv1.3 draft 28
|
6 years ago |
Matt Caswell
|
61fb59238d
Rework the decrypt ticket callback
|
6 years ago |
Matt Caswell
|
ded4a83d31
Ignore the status_request extension in a resumption handshake
|
6 years ago |
Matt Caswell
|
c2b290c3d0
Fix no-psk
|
6 years ago |
Matt Caswell
|
66d7de1634
Add an anti-replay mechanism
|
6 years ago |
Matt Caswell
|
f929439f61
Rename EVP_PKEY_new_private_key()/EVP_PKEY_new_public_key()
|
6 years ago |
Matt Caswell
|
e32b52a27e
Add support for setting raw private HMAC keys
|
6 years ago |
Matt Caswell
|
27e462f1b0
Only allow supported_versions in a TLSv1.3 ServerHello
|
6 years ago |
Benjamin Saunders
|
3fa2812f32
Introduce SSL_CTX_set_stateless_cookie_{generate,verify}_cb
|
6 years ago |
Todd Short
|
df0fed9aab
Session Ticket app data
|
7 years ago |
Matt Caswell
|
e440f51395
Give more information in the SSL_stateless return code
|
6 years ago |
Matt Caswell
|
f3d40db1b9
Fallback on old style PSK callbacks if the new style ones aren't present
|
6 years ago |
Matt Caswell
|
6738bf1417
Update copyright year
|
6 years ago |
Todd Short
|
9d75dce3e1
Add TLSv1.3 post-handshake authentication (PHA)
|
7 years ago |
Benjamin Kaduk
|
c589c34e61
Add support for the TLS 1.3 signature_algorithms_cert extension
|
6 years ago |
Matt Caswell
|
97ea1e7f42
Updates following review of SSL_stateless() code
|
6 years ago |
Matt Caswell
|
d0debc0a1c
Add a timestamp to the cookie
|
6 years ago |
Matt Caswell
|
dd77962e09
Fix the cookie/key_share extensions for use with SSL_stateless()
|
7 years ago |
Matt Caswell
|
c36001c3a8
Fix logic around when to send an HRR based on cookies
|
7 years ago |
Matt Caswell
|
43054d3d73
Add support for sending TLSv1.3 cookies
|
7 years ago |
Paul Yang
|
56d362881e
Remove spaces at end of line in ssl/statem
|
7 years ago |
Matt Caswell
|
fc7129dc37
Update state machine to send CCS based on whether we did an HRR
|
7 years ago |