summaryrefslogtreecommitdiffstats
path: root/lib
AgeCommit message (Expand)AuthorFilesLines
2021-03-09Early daemons like dhcpleased(8), slaacd(8), unwind(8), resolvd(8)bluhm1-4/+6
2021-03-09Change the implementation of the malloc cache to keep lists ofotto1-152/+118
2021-03-07LibreSSL 3.3.2bcook1-3/+3
2021-03-05Stop abusing display blocks under the authors section in order toanton1-4/+4
2021-03-03s/byte/charactermartijn1-8/+8
2021-03-02document ENOTSUP wxallowed/wxneeded behaviour more clearly; ok kurtderaadt1-4/+8
2021-03-02Separate variable declaration and assignment.jsing1-2/+4
2021-03-02Replace two handrolled tls12_record_protection_engaged().jsing1-3/+3
2021-03-02Move key/IV length checks closer to usage sites.jsing1-5/+11
2021-03-02Add tls12_record_protection_unused() and call from CCS functions.jsing1-8/+17
2021-03-02Fix misleading indentation in SSL_get_error()tb1-2/+2
2021-02-27Move handling of cipher/hash based cipher suites into the new record layer.jsing5-200/+141
2021-02-27Identify DTLS based on the version major value.jsing1-2/+2
2021-02-26Set is_trusted in x509_verify_ctx_add_chain()tb1-2/+2
2021-02-25Fix two bugs in the legacy verifiertb1-6/+10
2021-02-25Only use TLS versions internally (rather than both TLS and DTLS versions).jsing9-128/+132
2021-02-25Rename depth to num_untrusted so it identifies what it actually represents.jsing1-6/+6
2021-02-25Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.jsing1-3/+2
2021-02-25- Make use of the fact that we know how the chunks are aligned, andotto2-49/+83
2021-02-24Fix comment explaining last_untrusted. This should really be calledtb1-2/+2
2021-02-24Make the new validator check for EXFLAG_CRITICALtb1-8/+15
2021-02-22Make the ober_get_* set of function to accept a NULL-pointer.martijn2-16/+55
2021-02-22Fix bizarre punctuation and capitalization in a comment.tb1-2/+2
2021-02-22Simplify version checks in the TLSv1.3 clienttb1-22/+10
2021-02-22Factor out/change some of the legacy client version handling code.jsing3-12/+36
2021-02-20ugly whitespacetb2-14/+14
2021-02-20Rename f_err into fatal_err.tb7-183/+183
2021-02-20Rename the truncated label into decode_err. This describes its purposetb2-73/+73
2021-02-20Return a min/max version of zero if set to zero.jsing3-17/+41
2021-02-20Add DTLSv1.2 methods.jsing2-3/+159
2021-02-20Handle DTLS1_2_VERSION in various places.jsing3-6/+9
2021-02-20Revise HelloVerifyRequest handling for DTLSv1.2.jsing2-4/+14
2021-02-20Group HelloVerifyRequest decoding and add missing check for trailing data.jsing1-4/+5
2021-02-20Add various public DTLS related defines.jsing2-2/+14
2021-02-20Clean up/simplify dtls1_get_cipher().jsing1-7/+8
2021-02-18Pull in fix for EVP_CipherUpdate() overflow from OpenSSL.tb1-1/+23
2021-02-15Back-out USB data toggle fix for HID devices, since we received multiplemglocker1-0/+66
2021-02-12Some people still argue that rand(3) and random(3) have suitable deterministicderaadt2-4/+10
2021-02-12Sync cert.pem with Mozilla NSS root CAs, except "GeoTrust Global CA", ok tb@sthen1-657/+415
2021-02-11KNFtb1-4/+7
2021-02-08correct return type for compressBound();jmc1-3/+3
2021-02-08Remove bogus DTLS checks to disable ECC and OCSP.jsing2-10/+3
2021-02-08Enforce read ahead with DTLS.jsing1-5/+5
2021-02-08Use dtls1_retrieve_buffered_record() to load buffered application data.jsing1-11/+3
2021-02-08Revert the convertion of per-process thread into a SMR_TAILQ.mpi1-6/+5
2021-02-07Absorb ssl3_get_algorithm2() into ssl_get_handshake_evp_md().jsing4-22/+19
2021-02-07Correct handshake MAC/PRF for various TLSv1.2 cipher suites.jsing1-8/+8
2021-02-07Factor out the legacy stack version checks.jsing4-28/+24
2021-02-05Remove the terrible_ping_kludge() workaround. We have committed a fix tomglocker1-66/+0
2021-02-04Referece trpt(8) from the SO_DEBUG section of getsockopt(2).bluhm1-2/+4