 Matt Caswell
|
65d2c16cbe
Fix no-ec and no-tls1_2
|
6 年之前 |
|
Matt Caswell
|
9873297900
Separate ca_names handling for client and server
|
6 年之前 |
|
Matt Caswell
|
de4dc59802
Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capable
|
6 年之前 |
|
Matt Caswell
|
e45620140f
Don't call the client_cert_cb immediately in TLSv1.3
|
6 年之前 |
 Richard Levitte
|
60690b5b83
ssl/statem: Don't compare size_t with less than zero
|
6 年之前 |
|
Matt Caswell
|
cd3b53b8f8
Ensure certificate callbacks work correctly in TLSv1.3
|
6 年之前 |
|
Matt Caswell
|
1bf4cb0fe3
Process KeyUpdate and NewSessionTicket messages after a close_notify
|
6 年之前 |
|
Matt Caswell
|
5627f9f217
Don't detect a downgrade where the server has a protocol version hole
|
6 年之前 |
|
Matt Caswell
|
b5b993b229
Use the same min-max version range on the client consistently
|
6 年之前 |
|
Matt Caswell
|
9f22c52723
Turn on TLSv1.3 downgrade protection by default
|
6 年之前 |
|
Matt Caswell
|
35e742ecac
Update code for the final RFC version of TLSv1.3 (RFC8446)
|
6 年之前 |
 Dmitry Yakovlev
|
572fa0249d
Move SSL_DEBUG md fprintf after assignment
|
6 年之前 |
|
Matt Caswell
|
5df2206048
Improve fallback protection
|
6 年之前 |
|
Matt Caswell
|
de9e884b2f
Tolerate encrypted or plaintext alerts
|
6 年之前 |
 Andy Polyakov
|
9ef9088c15
ssl/*: switch to switch to Thread-Sanitizer-friendly primitives.
|
6 年之前 |
|
Matt Caswell
|
d8434cf856
Validate legacy_version
|
6 年之前 |
|
Matt Caswell
|
d162340d36
Fix no-psk
|
6 年之前 |
|
Matt Caswell
|
baa45c3e74
As a server don't select TLSv1.3 if we're not capable of it
|
6 年之前 |
|
Matt Caswell
|
4fd12788eb
Use ssl_version_supported() when choosing server version
|
6 年之前 |
|
Matt Caswell
|
4cb004573a
Remove TLSv1.3 tickets from the client cache as we use them
|
6 年之前 |
|
Matt Caswell
|
73cc84a132
Suport TLSv1.3 draft 28
|
6 年之前 |
|
Matt Caswell
|
c0638adeec
Fix ticket callbacks in TLSv1.3
|
6 年之前 |
|
Matt Caswell
|
f7506416b1
Keep the DTLS timer running after the end of the handshake if appropriate
|
6 年之前 |
|
Matt Caswell
|
447cc0ad73
In a reneg use the same client_version we used last time
|
6 年之前 |
|
Matt Caswell
|
22eb2d1c80
Remove some logically dead code
|
6 年之前 |
|
Matt Caswell
|
4ce787b97a
Make sure SSL_in_init() returns 0 at SSL_CB_HANDSHAKE_DONE
|
6 年之前 |
|
Matt Caswell
|
c2c1d8a495
Call the info callback on all handshake done events
|
6 年之前 |
 Rich Salz
|
c6d38183d6
Rewrite the X509->alert mapping code
|
6 年之前 |
|
Matt Caswell
|
424afe931e
Don't wait for dry at the end of a handshake
|
6 年之前 |
|
Matt Caswell
|
16ff13427f
Only update the server session cache when the session is ready
|
6 年之前 |
