Commits · 5528d68f6d716f3bd0b75d0fd223fb866a96346c · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL · GitLab

Mar 03, 2017
- Set specific error is we have no valid signature algorithms set · 5528d68f
  Dr. Stephen Henson authored Mar 03, 2017
  5528d68f
- Signature algorithm enhancement. · b0e9ab95
  Dr. Stephen Henson authored Mar 03, 2017
  b0e9ab95
- Disallow zero length signature algorithms · 8f12296e
  Dr. Stephen Henson authored Mar 03, 2017
  8f12296e
- Don't allow DSA for TLS 1.3 · 224b4e37
  Dr. Stephen Henson authored Mar 01, 2017
  224b4e37
- use OSSLzu instead of lu format for size_t display · dbaa069a
  edelangh authored Feb 17, 2017
  dbaa069a
- Reset executable bits on files where not needed. · d7345822
  Bernd Edlinger authored Mar 03, 2017
  d7345822
- Update the cipher(1) documentation to explicitly state that the RSA cipher · f2bcff43
  Pauli authored Mar 02, 2017
  f2bcff43
- sh_malloc & sh_free prototype change to match POSIX · 332dc4fa
  Rich Salz authored Mar 02, 2017
  332dc4fa
- Silence some more clang warnings · 42f50fdf
  Matt Caswell authored Mar 03, 2017
  42f50fdf
Mar 02, 2017
- Silence some clang warnings · 30d1bab1
  Matt Caswell authored Mar 02, 2017
  30d1bab1
- More early data documentation updates following feedback · 83750d9b
  Matt Caswell authored Mar 02, 2017
  83750d9b
- Update the API documentation for the latest early data changes · cd9f7f62
  Matt Caswell authored Mar 02, 2017
  cd9f7f62
- Update early data API for writing to unauthenticated clients · 09f28874
  Matt Caswell authored Mar 02, 2017
  09f28874
- Rename SSL_write_early() to SSL_write_early_data() · 0665b4ed
  Matt Caswell authored Mar 02, 2017
  0665b4ed
- Rename SSL_read_early() to SSL_read_early_data() · f533fbd4
  Matt Caswell authored Mar 02, 2017
  f533fbd4
- Updates to the early data documentation · ef466acc
  Matt Caswell authored Feb 28, 2017
  ef466acc
- Updates to s_server and s_client for the latest early_data API changes · ade1e888
  Matt Caswell authored Feb 27, 2017
  ade1e888
- Make SSL_write_early_finish() an internal only function · 3eaa4170
  Matt Caswell authored Feb 27, 2017
  3eaa4170
- Add early_data tests · 5f982038
  Matt Caswell authored Feb 27, 2017
  5f982038
- Various fixes required to allow SSL_write/SSL_read during early data · f7e393be
  Matt Caswell authored Feb 27, 2017
  f7e393be
- Enable the server to call SSL_write() without stopping the ability to call SSL_read_early() · d7f8783f
  Matt Caswell authored Feb 25, 2017
  d7f8783f
- Enable the client to call SSL_read() without stopping the ability to call SSL_write_early() · 564547e4
  Matt Caswell authored Feb 25, 2017
  564547e4
- Introduce a new early_data state in the state machine · 4004ce5f
  Matt Caswell authored Feb 25, 2017
  4004ce5f
- Improve the early data sanity check in SSL_do_handshake() · bc908c67
  Matt Caswell authored Feb 24, 2017
  bc908c67
- Add documentation for the new s_client and s_server early_data options · 6437b802
  Matt Caswell authored Feb 24, 2017
  6437b802
- Tighten sanity checks when calling early data functions · 0a5ece5b
  Matt Caswell authored Feb 24, 2017
  0a5ece5b
- Add documentation for the early data functions · fd6c1025
  Matt Caswell authored Feb 24, 2017
  fd6c1025
- Make SSL_get_early_data_status() take a const · f5b519c4
  Matt Caswell authored Feb 24, 2017
  f5b519c4
- Make SSL_get_max_early_data() and SSL_CTX_get_max_early_data() take a const · 46dcb945
  Matt Caswell authored Feb 24, 2017
  46dcb945
- Add a SSL_SESSION_get_max_early_data() function · fcc47578
  Matt Caswell authored Feb 24, 2017
  fcc47578
- Don't attempt to write more early_data than we know the server will accept · 7daf7156
  Matt Caswell authored Feb 24, 2017
  7daf7156
- Only accept early_data if the negotiated ALPN is the same · f6370040
  Matt Caswell authored Feb 24, 2017
  f6370040
- Skip early_data if appropriate after a HelloRetryRequest · a832b5ef
  Matt Caswell authored Feb 24, 2017
  a832b5ef
- Don't accept early_data if we are going to issue a HelloRetryRequest · 38df5a45
  Matt Caswell authored Feb 24, 2017
  38df5a45
- Add extra validation parsing the server-to-client early_data extension · 538bea6c
  Matt Caswell authored Feb 24, 2017
  538bea6c
- Remove some TLSv1.3 TODOs that are no longer relevant · 329114f9
  Matt Caswell authored Feb 24, 2017
  329114f9
- Validate the ticket age for resumed sessions · 2c604cb9
  Matt Caswell authored Feb 24, 2017
  2c604cb9
- Ensure the max_early_data option to s_server can be 0 · 6746648c
  Matt Caswell authored Feb 23, 2017
  6746648c
- Provide a default value for max_early_data · bfa9a9af
  Matt Caswell authored Feb 23, 2017
  bfa9a9af
- Check max_early_data against the amount of early data we actually receive · 70ef40a0
  Matt Caswell authored Feb 23, 2017
  70ef40a0