Hugo Landau
|
5fb4433606
Make ssl_cert_info read-only
|
11 meses atrás |
Pauli
|
43a07d6dd4
tls: update to structure based atomics
|
1 ano atrás |
Tomas Mraz
|
3155b5a90e
Fix regression of no-posix-io builds
|
1 ano atrás |
Todd Short
|
3c95ef22df
RFC7250 (RPK) support
|
3 anos atrás |
Pauli
|
b36e677f8f
Coverity 1521490: resource leak
|
1 ano atrás |
Michael Baentsch
|
ee58915cfd
first cut at sigalg loading
|
2 anos atrás |
olszomal
|
1dc35d44f3
Skip subdirectories in SSL_add_dir_cert_subjects_to_stack()
|
1 ano atrás |
Todd Short
|
b67cb09f8d
Add support for compressed certificates (RFC8879)
|
3 anos atrás |
Richard Levitte
|
e077455e9e
Stop raising ERR_R_MALLOC_FAILURE in most places
|
2 anos atrás |
Tomas Mraz
|
38b051a1fe
SSL object refactoring using SSL_CONNECTION object
|
2 anos atrás |
Pauli
|
7bf2e4d7f0
tls: ban SSL3, TLS1, TLS1.1 and DTLS1.0 at security level one and above
|
2 anos atrás |
Matt Caswell
|
fecb3aae22
Update copyright year
|
2 anos atrás |
Hugo Landau
|
948cf52179
Add SSL_(CTX_)?get0_(verify|chain)_cert_store functions
|
2 anos atrás |
Nicola Tuveri
|
b139a95665
[ssl] Add SSL_kDHEPSK and SSL_kECDHEPSK as PFS ciphersuites for SECLEVEL >= 3
|
2 anos atrás |
Nicola Tuveri
|
66914fc024
[ssl] Prefer SSL_k(EC)?DHE to the SSL_kE(EC)?DH alias
|
2 anos atrás |
Dr. David von Oheimb
|
79b2a2f2ee
add OSSL_STACK_OF_X509_free() for commonly used pattern
|
2 anos atrás |
Matt Caswell
|
c1c1bb7c5e
Fix invalid handling of verify errors in libssl
|
2 anos atrás |
Peiwei Hu
|
e3f0362407
BIO_read_filename: fix return check
|
3 anos atrás |
slontis
|
c3b5fa4ab7
Change TLS RC4 cipher strength check to be data driven.
|
3 anos atrás |
Hubert Kario
|
657489e812
cross-reference the DH and RSA SECLEVEL to level of security mappings
|
3 anos atrás |
Pauli
|
d7b5c648d6
ssl: do not choose auto DH groups that are weaker than the security level
|
3 anos atrás |
Shane Lontis
|
4e4ae84056
Fix NULL access in ssl_build_cert_chain() when ctx is NULL.
|
3 anos atrás |
Matt Caswell
|
5b64ce89b0
Remove OPENSSL_NO_DH guards from libssl
|
3 anos atrás |
Richard Levitte
|
4333b89f50
Update copyright year
|
3 anos atrás |
Dr. David von Oheimb
|
bf973d0697
Add X509_NAME_hash_ex() to be able to check if it failed due to unsupported SHA1
|
3 anos atrás |
Matt Caswell
|
13c453728c
Only disabled what we need to in a no-dh build
|
4 anos atrás |
Richard Levitte
|
c48ffbcca1
SSL: refactor all SSLfatal() calls
|
4 anos atrás |
Richard Levitte
|
6849b73ccc
Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call
|
4 anos atrás |
Dr. Matthias St. Pierre
|
b425001010
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
|
4 anos atrás |
Matt Caswell
|
d8652be06e
Run the withlibctx.pl script
|
4 anos atrás |