Tomas Mraz
|
336d92eb20
Enable setting SSL_CERT_FLAG_TLS_STRICT with ssl config
|
2 lat temu |
Tomas Mraz
|
d1b3b67413
The -no_legacy_server_connect option applies to client
|
2 lat temu |
Tomas Mraz
|
65b2bb9ca0
Actually implement UnsafeLegacyServerConnect as documented
|
2 lat temu |
Matt Caswell
|
fecb3aae22
Update copyright year
|
2 lat temu |
Dmitry Belyavskiy
|
fba140c735
str[n]casecmp => OPENSSL_strncasecmp
|
2 lat temu |
Daniel Fiala
|
b2b8d1883a
SSL_conf_cmd: Allow DH Parameters at any position.
|
2 lat temu |
yangyangtiantianlonglong
|
a829d53a14
apps: Add option -no_ems to s_client/s_server apps
|
2 lat temu |
Dmitry Belyavskiy
|
4832560be3
Disabling Encrypt-then-MAC extension in s_client/s_server
|
3 lat temu |
Rich Salz
|
55373bfd41
Add SSL_OP_ALLOW_CLIENT_RENEGOTIATION
|
3 lat temu |
Rich Salz
|
f04bb0bce4
Slightly reformat ssl.h.in
|
3 lat temu |
Rich Salz
|
56bd17830f
Convert SSL_{CTX}_[gs]et_options to 64
|
3 lat temu |
Benjamin Kaduk
|
cbbbc8fce4
Correct ssl_conf logic for "legacy_server_connect"
|
3 lat temu |
Matt Caswell
|
a3a54179b6
Only enable KTLS if it is explicitly configured
|
3 lat temu |
Matt Caswell
|
a28d06f3e9
Update copyright year
|
3 lat temu |
Tomas Mraz
|
fe75766c9c
Rename OSSL_ENCODER_CTX_new_by_EVP_PKEY and OSSL_DECODER_CTX_new_by_EVP_PKEY
|
3 lat temu |
Matt Caswell
|
462f4f4bc0
Remove OPENSSL_NO_EC guards from libssl
|
3 lat temu |
Matt Caswell
|
306b8e7e19
Add the nist group names as aliases for the normal TLS group names
|
3 lat temu |
Matt Caswell
|
163f6dc1f7
Implement a replacement for SSL_set_tmp_dh()
|
4 lat temu |
Matt Caswell
|
8b7df247b7
Disable the DHParameters config option in a no-deprecated build
|
4 lat temu |
Richard Levitte
|
c48ffbcca1
SSL: refactor all SSLfatal() calls
|
4 lat temu |
Richard Levitte
|
6849b73ccc
Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call
|
4 lat temu |
Dr. Matthias St. Pierre
|
b425001010
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
|
4 lat temu |
Matt Caswell
|
d8652be06e
Run the withlibctx.pl script
|
4 lat temu |
Matt Caswell
|
e6623cfbff
Fix safestack issues in x509.h
|
4 lat temu |
Shane Lontis
|
6725682d77
Add X509 related libctx changes.
|
4 lat temu |
Viktor Dukhovni
|
7717459892
Avoid errors with a priori inapplicable protocol bounds
|
4 lat temu |
Nikolay Morozov
|
90fc2c26df
SSL_OP_DISABLE_TLSEXT_CA_NAMES option implementation
|
4 lat temu |
Rich Salz
|
852c2ed260
In OpenSSL builds, declare STACK for datatypes ...
|
4 lat temu |
Richard Levitte
|
6dcb100f89
X509_LOOKUP_store: new X509_LOOKUP_METHOD that works by OSSL_STORE URI
|
5 lat temu |
Rich Salz
|
12a765a523
Explicitly test against NULL; do not use !p or similar
|
5 lat temu |