Commits · f5b519c416ad70f0bc0e9a5750be1367224eee5a · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL · GitLab

Mar 02, 2017
- Make SSL_get_early_data_status() take a const · f5b519c4
  Matt Caswell authored Feb 24, 2017
  f5b519c4
- Make SSL_get_max_early_data() and SSL_CTX_get_max_early_data() take a const · 46dcb945
  Matt Caswell authored Feb 24, 2017
  46dcb945
- Add a SSL_SESSION_get_max_early_data() function · fcc47578
  Matt Caswell authored Feb 24, 2017
  fcc47578
- Don't attempt to write more early_data than we know the server will accept · 7daf7156
  Matt Caswell authored Feb 24, 2017
  7daf7156
- Only accept early_data if the negotiated ALPN is the same · f6370040
  Matt Caswell authored Feb 24, 2017
  f6370040
- Skip early_data if appropriate after a HelloRetryRequest · a832b5ef
  Matt Caswell authored Feb 24, 2017
  a832b5ef
- Don't accept early_data if we are going to issue a HelloRetryRequest · 38df5a45
  Matt Caswell authored Feb 24, 2017
  38df5a45
- Add extra validation parsing the server-to-client early_data extension · 538bea6c
  Matt Caswell authored Feb 24, 2017
  538bea6c
- Remove some TLSv1.3 TODOs that are no longer relevant · 329114f9
  Matt Caswell authored Feb 24, 2017
  329114f9
- Validate the ticket age for resumed sessions · 2c604cb9
  Matt Caswell authored Feb 24, 2017
  2c604cb9
- Ensure the max_early_data option to s_server can be 0 · 6746648c
  Matt Caswell authored Feb 23, 2017
  6746648c
- Provide a default value for max_early_data · bfa9a9af
  Matt Caswell authored Feb 23, 2017
  bfa9a9af
- Check max_early_data against the amount of early data we actually receive · 70ef40a0
  Matt Caswell authored Feb 23, 2017
  70ef40a0
- Make sure we reset the read sequence when skipping records · 67f78ead
  Matt Caswell authored Feb 23, 2017
  67f78ead
- Disallow handshake messages in the middle of early_data · 10109364
  Matt Caswell authored Feb 23, 2017
  10109364
- Fix seg fault when sending early_data using CCM ciphersuites · c117af67
  Matt Caswell authored Feb 23, 2017
  c117af67
- Get s_client to report on whether early data was accepted or not · 576eb395
  Matt Caswell authored Feb 23, 2017
  576eb395
- Implement client side parsing of the early_data extension · b2cc7f31
  Matt Caswell authored Feb 23, 2017
  b2cc7f31
- Add a "-early_data" option to s_server · e0655186
  Matt Caswell authored Feb 22, 2017
  e0655186
- Fix changing of the cipher state when dealing with early data · fe5e20fd
  Matt Caswell authored Feb 22, 2017
  fe5e20fd
- Construct the server side early_data extension · 1ea4d09a
  Matt Caswell authored Feb 22, 2017
  1ea4d09a
- Provide an SSL_read_early() function for reading early data · d781d247
  Matt Caswell authored Feb 21, 2017
  d781d247
- Change the cipher state when sending early data · 6cb42265
  Matt Caswell authored Feb 21, 2017
  6cb42265
- Implement the early data changes required in tls13_change_cipher_state() · d49e23ec
  Matt Caswell authored Feb 21, 2017
  d49e23ec
- Add an option to s_client to send early_data · 923ac827
  Matt Caswell authored Feb 20, 2017
  923ac827
- Parse the early_data extension · 0a87d0ac
  Matt Caswell authored Feb 20, 2017
  0a87d0ac
- Construct the early_data extension · a4f376af
  Matt Caswell authored Feb 20, 2017
  a4f376af
- Provide functions to write early data · 49e7fe12
  Matt Caswell authored Feb 21, 2017
  49e7fe12
- Parse the ticket_early_data_info extension · 5d5b3fba
  Matt Caswell authored Feb 20, 2017
  5d5b3fba
- Teach SSL_trace() about the early_data_info extension · 29fac541
  Matt Caswell authored Feb 17, 2017
  29fac541
- Add a -max_early_data option to s_server · 048b1893
  Matt Caswell authored Feb 17, 2017
  048b1893
- Construct the ticket_early_data_info extension · 3fc8d856
  Matt Caswell authored Feb 17, 2017
  3fc8d856
- Remove ref to err(7), update copyright. · 73fb82b7
  Rich Salz authored Mar 02, 2017
  73fb82b7
- -precert doesn't work when configured no-ct, don't try to test it then · 51f5930a
  Richard Levitte authored Mar 02, 2017
  51f5930a
- Fix the skip numbers in 80-test_ca.t · a4c5f859
  Richard Levitte authored Mar 02, 2017
  a4c5f859
- Use the built in boolean type for CompressionExpected · b6611753
  Matt Caswell authored Mar 02, 2017
  b6611753
- Add compression tests · 439db0c9
  Matt Caswell authored Mar 01, 2017
  439db0c9
- Fix a compression bug · f33f9dde
  Matt Caswell authored Mar 01, 2017
  f33f9dde
- Ensure that we never select compression in TLSv1.3 · c19602b5
  Matt Caswell authored Mar 01, 2017
  c19602b5
- Add LDAP support (RFC 4511) to s_client ("-starttls ldap") · 398b0bbd
  Robert Scheck authored Feb 27, 2017
  398b0bbd