Richard Levitte
|
b646179229
Copyright year updates
|
8 months ago |
Matt Caswell
|
a86714041d
When selecting a method ensure we use the correct client/server version
|
10 months ago |
Frederik Wedel-Heinen
|
4897bd2022
Move increment of dtls epoch to change cipher state function
|
10 months ago |
Frederik Wedel-Heinen
|
6fd3794814
Simplify ssl protocol version comparisons.
|
10 months ago |
Matt Caswell
|
702bb16b9f
Ignore a bad signature in a CertificateVerify message while fuzzing
|
1 year ago |
Tomas Mraz
|
eb1eaa9af4
Always use uint8_t for TLS record type
|
1 year ago |
Matt Caswell
|
84a149254f
Change the TLS handshake keys early if we're not doing early data
|
1 year ago |
shub-al
|
d561fe5a0a
ssl_get_min_max_version(): Remove unused variable single
|
1 year ago |
Matt Caswell
|
404fb9965e
Fix ssl3_do_write() to correctly handle retries
|
1 year ago |
Dimitri Papadopoulos
|
eb4129e12c
Fix typos found by codespell
|
1 year ago |
Matt Caswell
|
861cd8964b
Be more accurate about what we accept as a valid DTLS version
|
1 year ago |
Todd Short
|
3c95ef22df
RFC7250 (RPK) support
|
3 years ago |
Michael Baentsch
|
ee58915cfd
first cut at sigalg loading
|
2 years ago |
Matt Caswell
|
d03fe5de8d
Add the ability to mutate TLS handshake messages before they are written
|
1 year ago |
Philippe Antoine
|
1dbfd7fe24
fuzz: fix coverity warnings
|
1 year ago |
Philippe Antoine
|
2b9e2afc38
fuzz: make post handshake reachable
|
1 year ago |
Matt Caswell
|
a7f41885b3
Create the SSL object for QUIC-TLS
|
2 years ago |
Tomas Mraz
|
97b8db1af2
Make error reason for disallowed legacy sigalg more specific
|
1 year ago |
Todd Short
|
3840271e98
Add zlib oneshot compression
|
2 years ago |
Matt Caswell
|
b92fc4ae18
Remove some redundant code
|
2 years ago |
Todd Short
|
72620ac791
Add `for_comp` flag when retrieving certs for compression
|
2 years ago |
Todd Short
|
7e3cacac94
Update COMP_METHOD
|
2 years ago |
Todd Short
|
b67cb09f8d
Add support for compressed certificates (RFC8879)
|
3 years ago |
Matt Caswell
|
16f0e91cf8
Partial revert and reimplement "Enable brainpool curves for TLS1.3"
|
2 years ago |
Richard Levitte
|
e077455e9e
Stop raising ERR_R_MALLOC_FAILURE in most places
|
2 years ago |
Matt Caswell
|
1d3676778c
Move logic for figuring out the record version out of record layer
|
2 years ago |
Matt Caswell
|
67ec6d2b74
Use an enum for the return value from a construction function
|
2 years ago |
Todd Short
|
44e4732817
Cleanup EBCDIC string defintions
|
2 years ago |
Matt Caswell
|
cffafb5f57
Move some fields out of the SSL object and into the record layer object
|
2 years ago |
Matt Caswell
|
222cf410d5
Remove reliance on the SSL object from the DTLS read record layer code
|
2 years ago |