Matt Caswell
|
fb62e47c78
Don't send a warning alert in TLSv1.3
|
6 år sedan |
Matt Caswell
|
4ff1a52666
Fix TLSv1.3 ticket nonces
|
6 år sedan |
Matt Caswell
|
bceae201b4
EVP_MD_size() can return an error
|
6 år sedan |
Matt Caswell
|
f929439f61
Rename EVP_PKEY_new_private_key()/EVP_PKEY_new_public_key()
|
6 år sedan |
Matt Caswell
|
e32b52a27e
Add support for setting raw private HMAC keys
|
6 år sedan |
Matt Caswell
|
27e462f1b0
Only allow supported_versions in a TLSv1.3 ServerHello
|
6 år sedan |
Benjamin Kaduk
|
ee36b963ae
Reuse extension_is_relevant() in should_add_extension()
|
7 år sedan |
Matt Caswell
|
e73c6eaeff
Tolerate TLSv1.3 PSKs that are a different size to the hash size
|
6 år sedan |
Matt Caswell
|
5de683d2c6
Fix status_request and SCT extensions
|
6 år sedan |
Matt Caswell
|
c471521243
If s->ctx is NULL then this is an internal error
|
6 år sedan |
Matt Caswell
|
6e99ae58c8
Ignore an s_client psk in TLSv1.3 if not TLSv1.3 suitable
|
6 år sedan |
Todd Short
|
e43e6b1951
Fix some minor code nits
|
6 år sedan |
Todd Short
|
9d75dce3e1
Add TLSv1.3 post-handshake authentication (PHA)
|
7 år sedan |
Benjamin Kaduk
|
c589c34e61
Add support for the TLS 1.3 signature_algorithms_cert extension
|
6 år sedan |
Matt Caswell
|
97ea1e7f42
Updates following review of SSL_stateless() code
|
6 år sedan |
Matt Caswell
|
c36001c3a8
Fix logic around when to send an HRR based on cookies
|
7 år sedan |
Matt Caswell
|
43054d3d73
Add support for sending TLSv1.3 cookies
|
7 år sedan |
Richard Levitte
|
3c7d0945b6
Update copyright years on all files merged since Jan 1st 2018
|
6 år sedan |
Benjamin Kaduk
|
7bc2bddb14
Permit the "supported_groups" extension in ServerHellos
|
7 år sedan |
Paul Yang
|
56d362881e
Remove spaces at end of line in ssl/statem
|
7 år sedan |
Matt Caswell
|
e7dd763e51
Make sure supported_versions appears in an HRR too
|
7 år sedan |
Matt Caswell
|
fc7129dc37
Update state machine to send CCS based on whether we did an HRR
|
7 år sedan |
Matt Caswell
|
88050dd196
Update ServerHello to new draft-22 format
|
7 år sedan |
Matt Caswell
|
29bfd5b79a
Add some more cleanups
|
7 år sedan |
Matt Caswell
|
635c8f7715
Fix up a few places in the state machine that got missed with SSLfatal()
|
7 år sedan |
Matt Caswell
|
f63a17d66d
Convert the state machine code to use SSLfatal()
|
7 år sedan |
Matt Caswell
|
281bf2332c
If a server is not acknowledging SNI then don't reject early_data
|
7 år sedan |
FdaSilvaYY
|
cf72c75792
Implement Maximum Fragment Length TLS extension.
|
7 år sedan |
Benjamin Kaduk
|
3be08e3011
Provide SSL_CTX.stats.sess_accept for switched ctxs
|
7 år sedan |
Matt Caswell
|
a2b97bdf3d
Don't do version neg on an HRR
|
7 år sedan |