Fixed d2i_X509 in-place not re-hashing the ex_flags
[oweals/openssl.git] / ssl /
2018-03-19 Matt CaswellAdd an anti-replay mechanism
2018-03-19 Matt CaswellDon't update the session cache when processing a client...
2018-03-19 Matt CaswellAlways call the new_session_cb when issuing a NewSessio...
2018-03-17 Dr. Matthias St... Fix miscellaneous typos in docs and source
2018-03-17 Bernd EdlingerFix a memory leak in tls1_mac
2018-03-17 Bernd EdlingerFix a memory leak in n_ssl3_mac
2018-03-16 Dr. Matthias St... RAND_DRBG: add a function for setting the default DRBG...
2018-03-15 Dr. Matthias St... Publish the RAND_DRBG API
2018-03-15 Matt CaswellRename EVP_PKEY_new_private_key()/EVP_PKEY_new_public_key()
2018-03-15 Matt CaswellAdd support for setting raw private HMAC keys
2018-03-15 Matt CaswellOnly update the server session cache when the session...
2018-03-14 Matt CaswellPut the default set of TLSv1.3 ciphersuites in a header...
2018-03-14 Matt CaswellSplit configuration of TLSv1.3 ciphers from older ciphers
2018-03-14 Matt CaswellOnly allow supported_versions in a TLSv1.3 ServerHello
2018-03-14 Matt CaswellUse the TLSv1.3 record header as AAD
2018-03-13 Tim Hudsonupdate SRP copyright notice
2018-03-12 Matt CaswellFix enable-ssl-trace
2018-03-12 Benjamin SaundersIntroduce SSL_CTX_set_stateless_cookie_{generate,verify}_cb
2018-03-12 Todd ShortSession Ticket app data
2018-03-09 Benjamin KadukReuse extension_is_relevant() in should_add_extension()
2018-03-09 Todd ShortAdd SSL/SSL_CTX_use_cert_and_key()
2018-03-09 Matt CaswellGive more information in the SSL_stateless return code
2018-03-09 Matt CaswellFallback on old style PSK callbacks if the new style...
2018-03-09 Matt CaswellTolerate TLSv1.3 PSKs that are a different size to...
2018-03-08 FdaSilvaYYDuplicate entries ssl_handshake_tbl trace entries...
2018-03-05 Todd ShortIf not sending key_share (no TLSv1.3), return appropria...
2018-03-05 Matt CaswellFix status_request and SCT extensions
2018-03-05 Matt CaswellAdd X448/Ed448 support to libssl
2018-03-01 Benjamin KadukDo not set a nonzero default max_early_data
2018-02-28 Kurt RoeckxTell the ciphers which DRBG to use for generating rando...
2018-02-26 Tatsuhiro TsujikawaExport keying material using early exporter master...
2018-02-23 Rich SalzRemove OSSLzu, and fix the one place that used it.
2018-02-23 PauliRemove unreachable statement.
2018-02-21 Matt CaswellSanity check the ticket length before using key name/IV
2018-02-19 Matt CaswellThe record version for ClientHello2 should be TLS1.2
2018-02-15 Matt CaswellIf s->ctx is NULL then this is an internal error
2018-02-14 Matt CaswellIgnore an s_client psk in TLSv1.3 if not TLSv1.3 suitable
2018-02-13 Dr. Matthias St... DRBG: make the derivation function the default for...
2018-02-13 Matt CaswellUpdate copyright year
2018-02-12 Matt CaswellThe function ssl_get_min_max_version() can fail
2018-02-12 Matt CaswellDon't overestimate the ticket age
2018-02-09 Bernd EdlingerSwap the check in ssl3_write_pending to avoid using
2018-02-09 Matt CaswellDon't calculate the Finished MAC twice
2018-02-02 Tatsuhiro TsujikawaMake sure that exporting keying material is allowed
2018-02-02 Tatsuhiro TsujikawaRemove generation of exporter master secret on client...
2018-02-02 Tatsuhiro TsujikawaGenerate exporter_master_secret after server Finished
2018-02-01 Todd ShortFix some minor code nits
2018-02-01 Todd ShortFree pha_dgst in SSL_clear()
2018-02-01 Todd ShortAdd TLSv1.3 post-handshake authentication (PHA)
2018-02-01 Matt CaswellFix some instances of the wrong alert type being sent
2018-01-30 Matt CaswellMove decisions about whether to accept reneg into the...
2018-01-29 Kurt RoeckxAdd RAND_DRBG_bytes
2018-01-26 Benjamin KadukFix ssl-trace with TLS 1.3 draft-23 PSS sigalgs
2018-01-26 Benjamin KadukFix uninitialized read in sigalg parsing code
2018-01-25 Benjamin KadukAdd support for the TLS 1.3 signature_algorithms_cert...
2018-01-25 Benjamin KadukPropagate TLS 1.3 sigalgs through tls1_set_sigalgs()
2018-01-25 Benjamin KadukAdd TLS 1.3 draft-23 PSS signature algorithms
2018-01-24 Matt CaswellUpdates following review of SSL_stateless() code
2018-01-24 Matt CaswellAdd a timestamp to the cookie
2018-01-24 Matt CaswellDon't send unexpected_message if we receive CCS while...
2018-01-24 Matt CaswellFix the cookie/key_share extensions for use with SSL_st...
2018-01-24 Matt CaswellFix the SSL_stateless() return code
2018-01-24 Matt CaswellFix interaction between SSL_stateless() and SSL_clear()
2018-01-24 Matt CaswellFix logic around when to send an HRR based on cookies
2018-01-24 Matt CaswellAdd the SSL_stateless() function
2018-01-24 Matt CaswellAdd support for sending TLSv1.3 cookies
2018-01-22 Rich SalzMove fprintf after assignment to avoid crash.
2018-01-19 Richard LevitteCopyright update of more files that have changed this...
2018-01-10 Patrick SchlangenMake data argument const in SSL_dane_tlsa_add
2018-01-09 Matt CaswellTolerate DTLS alerts with an incorrect version number
2018-01-09 Richard LevitteUpdate copyright years on all files merged since Jan...
2018-01-08 Tomas MrazAvoid only exact duplicates when creating the accepted...
2018-01-08 Noah RobbinUse the index that matches the key type (either SSL_PKE...
2018-01-08 Noah RobbinUse size of server key when selecting signature algorithm.
2018-01-06 Bernd EdlingerStop using unimplemented cipher classes.
2018-01-03 Benjamin KadukPermit the "supported_groups" extension in ServerHellos
2018-01-02 Matt CaswellFix trace of TLSv1.3 Certificate Request message
2018-01-02 Daniel BeveniusFix minor 'the the' typos
2017-12-28 Matt CaswellDisable partial writes for early data
2017-12-28 Matt CaswellDon't flush the ClientHello if we're going to send...
2017-12-27 Bernd EdlingerAlternate fix for ../test/recipes/80-test_ssl_old.t...
2017-12-26 Paul YangRemove outdated comments
2017-12-17 Dr. Matthias St... Add master DRBG for reseeding
2017-12-17 Paul YangRemove spaces at end of line in ssl/statem
2017-12-17 Daniel BeveniusAdd comments to NULL func ptrs in bio_method_st
2017-12-15 Bernd EdlingerFix invalid function type casts.
2017-12-14 Matt CaswellMake sure we treat records written after HRR as TLSv1.3
2017-12-14 Matt CaswellIssue a CCS from the client if we received an HRR
2017-12-14 Matt CaswellFix server side HRR flushing
2017-12-14 Matt CaswellDelay flush until after CCS with early_data
2017-12-14 Matt CaswellEnsure CCS sent before early_data has the correct recor...
2017-12-14 Matt CaswellSend supported_versions in an HRR
2017-12-14 Matt CaswellMake sure supported_versions appears in an HRR too
2017-12-14 Matt CaswellUpdate state machine to send CCS based on whether we...
2017-12-14 Matt CaswellFix an HRR bug
2017-12-14 Matt CaswellMerge HRR into ServerHello
2017-12-14 Matt CaswellSend a CCS after ServerHello in TLSv1.3 if using middle...
2017-12-14 Matt CaswellSend a CCS from a client in an early_data handshake
2017-12-14 Matt CaswellSend a CCS from the client in a non-early_data handshake
2017-12-14 Matt CaswellRemove TLSv1.3 specific write transition for ClientHello
next