1. e95b0ca Set the minumum TLS version to (D)TLS 1.2 by default by David Benjamin · 10 months ago
  2. f374e1a Add some tests for SSL_CTX_set_keylog_callback by David Benjamin · 11 months ago
  3. a792f88 Fix a number of cases overwriting certificates, keys, etc. with SSL_CREDENTIAL by David Benjamin · 12 months ago
  4. 91a3f26 Add an SSL_CREDENTIAL API for ECDSA/RSA and delegated credentials by David Benjamin · 1 year, 1 month ago
  5. a6e2be4 Add tests for what happens when no certificate is configured by David Benjamin · 1 year ago
  6. ec2a08d Introduce a test helper for asserting on the error by David Benjamin · 1 year ago
  7. 5d88014 Deprecate and simplify SSL_CTX_check_private_key by David Benjamin · 1 year ago
  8. 0ff377a Add some utilities for testing temporary files by David Benjamin · 1 year, 1 month ago
  9. 4fe29eb Test an unusual split between context and connection configuration by David Benjamin · 1 year, 1 month ago
  10. fbb4133 Add SSL_get0_chain method by Gabriel Redner · 1 year, 1 month ago
  11. 58906ea Merge <openssl/x509v3.h> into <openssl/x509.h> by David Benjamin · 1 year, 3 months ago
  12. 3309ca6 Add ALPS codepoint supports for split handshake by Victor Tan · 1 year, 5 months ago
  13. dd68e4b Add OPENSSL_zalloc by David Benjamin · 1 year, 5 months ago
  14. 558960d Add support for the new ALPS codepoint by Victor Tan · 1 year, 9 months ago
  15. a36ac0a Use std::make_unique when possible by David Benjamin · 1 year, 8 months ago
  16. 556a973f Add SSL_CIPHER_get_handshake_digest by David Benjamin · 1 year, 9 months ago
  17. 6cf9820 Align NIDs vs group IDs in TLS group APIs by David Benjamin · 1 year, 9 months ago
  18. 335523a Align remaining TLS ECDH APIs on "group" terminology by David Benjamin · 1 year, 9 months ago
  19. 2da5ba9 Align on using the "group" over "curve" for ECDH in TLS by David Benjamin · 1 year, 9 months ago
  20. b0251b1 Disable TLS_RSA_WITH_3DES_EDE_CBC_SHA by default by David Benjamin · 1 year, 11 months ago
  21. 2eaf070 Add a thread test for ex_data by David Benjamin · 1 year, 10 months ago
  22. a972b78 Add APIs to query a list of possible strings for TLS features by David Benjamin · 1 year, 10 months ago
  23. b1c6f45 Add back support for TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 by Adam Langley · 1 year, 10 months ago
  24. 1b724a6 Align Kyber names with draft-tls-westerbaan-xyber768d00 by David Benjamin · 1 year, 10 months ago
  25. 4ae4fb7 Drop CECPQ2 support. by Adam Langley · 1 year, 11 months ago
  26. a438519 Fix miscellaneous size_t truncations by David Benjamin · 2 years ago
  27. bf1b792 Remove SSL_CIPHER_get_rfc_name by David Benjamin · 1 year, 11 months ago
  28. f7d37fb Fix various malloc failure paths. by David Benjamin · 2 years, 1 month ago
  29. c7b255e Add NO_CHECK_TIME to SSLTest.ECHBuiltinVerifier too by David Benjamin · 2 years, 3 months ago
  30. 28f96c2 Fix timebomb by disabling time check in this test by Bob Beck · 2 years, 3 months ago
  31. 3a1b730 Don't allow the caller to configure invalid signature algorithms. by David Benjamin · 2 years, 3 months ago
  32. 1045897 Allow using the TLS exporter in more cases. by Nick Harper · 2 years, 4 months ago
  33. 80eb814 Remove the experimental in-place record APIs. by David Benjamin · 2 years, 5 months ago
  34. 10fef97 Prefer established session properties mid renegotiation. by David Benjamin · 2 years, 6 months ago
  35. ebd8b89 Track SSL_ERROR_ZERO_RETURN explicitly. by David Benjamin · 2 years, 7 months ago
  36. 401137f Add a test for SSL_CTX_set_quiet_shutdown. by David Benjamin · 2 years, 7 months ago
  37. 4da5a94 Fix SSL_load_client_CA_file when given an empty file. by David Benjamin · 2 years, 7 months ago
  38. 5cb597e Test that close_notify state does not impair SSL_ERROR_SYSCALL. by David Benjamin · 2 years, 7 months ago
  39. b95c7e5 Fix up book-keeping between the write buffer and pending writes. by David Benjamin · 2 years, 8 months ago
  40. 64bf8c5 Fix an edge case in SSL_write's retry mechanism. by David Benjamin · 2 years, 8 months ago
  41. 5697a92 Add SSL_CTX_get_num_tickets. by David Benjamin · 2 years, 8 months ago
  42. dfddbc4 Align with OpenSSL on TLS 1.3 cipher suite constants. by David Benjamin · 2 years, 8 months ago
  43. 955ef79 Rewrite SSL_add_file_cert_subjects_to_stack by David Benjamin · 2 years, 9 months ago
  44. 3f180b8 Implement SSL_CTX_set_num_tickets. by David Benjamin · 2 years, 10 months ago
  45. 50e7ea5 LSC: Apply clang-tidy's modernize-use-bool-literals to boringssl by Anton Bikineev · 3 years, 1 month ago
  46. 4f1fae3 Fix the easy -Wformat-signedness errors. by David Benjamin · 3 years, 3 months ago
  47. c3c540b Remove non-standard X.509 DNS wildcard matching. by David Benjamin · 3 years, 3 months ago
  48. 7e7e6b6 Add |SSL_set1_host| and |SSL_set_hostflags|. by Adam Langley · 3 years, 3 months ago
  49. b3ed071 Add SSL_has_pending. by David Benjamin · 3 years, 4 months ago
  50. 7a4df8e Tidy up SSLTest.SetVersion. by David Benjamin · 3 years, 5 months ago
  51. 1a668b3 Switch to the new, simpler WHATWG URL formulation. by David Benjamin · 3 years, 6 months ago
  52. 18b6836 Update to draft-ietf-tls-esni-13. by David Benjamin · 3 years, 9 months ago
  53. ba423c9 Implement ClientHelloOuter handshakes. by David Benjamin · 3 years, 9 months ago
  54. a10017c Reduce bouncing on the cache lock in ssl_update_cache. by David Benjamin · 3 years, 9 months ago
  55. 9cbe737 Validate ECH public names. by David Benjamin · 3 years, 9 months ago
  56. 9734e44 More reliably report handshake errors through SSL_write. by David Benjamin · 3 years, 9 months ago
  57. e9c5d72 Add an option to permute ClientHello extension order. by David Benjamin · 3 years, 9 months ago
  58. 83a4993 Add most of an ECH client implementation. by David Benjamin · 3 years, 10 months ago
  59. 24545c5 Add a basic API to make ECHConfigs. by David Benjamin · 3 years, 9 months ago
  60. c890ae5 Make ECH server APIs take EVP_HPKE_KEY. by David Benjamin · 3 years, 9 months ago
  61. c3b373b Rename SSL_ECH_SERVER_CONFIG_LIST to SSL_ECH_KEYS. by David Benjamin · 3 years, 9 months ago
  62. 47cefed Don't copy client's session ID into server's session. by Adam Langley · 3 years, 9 months ago
  63. 1d58cd1 Shift the KEM dependency in HPKE up a step. by David Benjamin · 3 years, 10 months ago
  64. 9b2cdb7 Add SSL_can_release_private_key. by David Benjamin · 4 years ago
  65. f39c81d Introduce EVP_HPKE_{AEAD,KDF} types. by David Benjamin · 3 years, 10 months ago
  66. 9f70097 Remove HKDF-SHA384 and HKDF-SHA512 from HPKE. by David Benjamin · 3 years, 10 months ago
  67. 94a63a5 Implement ECH draft 10 and update HPKE to draft 08. by Steven Valdez · 3 years, 10 months ago
  68. 2f3958a Fix issuerUID and subjectUID parsing in the key usage checker. by David Benjamin · 3 years, 11 months ago
  69. 12a3e7e Check for invalid ALPN inputs in SSL_(CTX_)set_alpn_protos. by David Benjamin · 3 years, 11 months ago
  70. 00e434d Add ECH server (draft-ietf-tls-esni-09). by Daniel McArdle · 4 years, 1 month ago
  71. c47bfce Define TLSEXT_TYPE_quic_transport_parameters to the old code point for now. by David Benjamin · 4 years, 1 month ago
  72. 3d8b8c3 Add support for the new QUIC TLS extension codepoint by David Schinazi · 4 years, 2 months ago
  73. ca058c0 Revert "Add support for the new QUIC TLS extension codepoint" by Adam Langley · 4 years, 3 months ago
  74. 7ba96a6 Add support for the new QUIC TLS extension codepoint by David Schinazi · 4 years, 3 months ago
  75. 51607f1 Implement draft-vvv-tls-alps-01. by Steven Valdez · 4 years, 7 months ago
  76. 3989c99 Fix crash when flushing an SSL BIO. by David Benjamin · 4 years, 5 months ago
  77. 5e08695 Fix handling of quic_early_data_context. by Nick Harper · 4 years, 5 months ago
  78. 74161f4 Enforce presence of ALPN when QUIC is in use. by Nick Harper · 4 years, 7 months ago
  79. 1b81947 Test resumability of same, different, and default ticket keys. by David Benjamin · 4 years, 9 months ago
  80. 53a17f5 Add a |SSL_process_tls13_new_session_ticket|. by Adam Langley · 4 years, 9 months ago
  81. 8519432 Modify how QUIC 0-RTT go/no-go decision is made. by Nick Harper · 4 years, 10 months ago
  82. 7c52299 Restrict when 0-RTT will be accepted in QUIC. by Nick Harper · 4 years, 10 months ago
  83. e32549e Disable TLS 1.3 compatibility mode for QUIC. by Nick Harper · 4 years, 10 months ago
  84. f9e0cda Add SSL_SESSION_copy_without_early_data. by David Benjamin · 5 years ago
  85. 72cff81 Require QUIC method with Transport Parameters and vice versa by Nick Harper · 5 years ago
  86. 6bfd25c Add is_quic bit to SSL_SESSION by Nick Harper · 5 years ago
  87. 964256d Add |SSL_CTX_get0_chain|. by Adam Langley · 5 years ago
  88. 5298ef9 Configure QUIC secrets inside set_{read,write}_state. by David Benjamin · 5 years ago
  89. 80ddfc7 Allow setting QUIC transport parameters after parsing the client's by Nick Harper · 5 years ago
  90. 1e85905 Revise QUIC encryption secret APIs. by David Benjamin · 5 years ago
  91. 2fb729d Don't infinite loop when QUIC tests fail. by David Benjamin · 5 years ago
  92. 472d91c Fix a couple of comment typos. by Adam Langley · 5 years ago
  93. f9cc26f Require handshake flights end at record boundaries. by David Benjamin · 5 years ago
  94. 4f3e821 ssl_test: test early data with split handshakes. by Matthew Braithwaite · 5 years ago
  95. 243b5cc Fix MSan error in SSLTest.Handoff test. by David Benjamin · 5 years ago
  96. 134fb89 SSLTest.Handoff: extend to include a session resumption. by Matthew Braithwaite · 5 years ago
  97. ee0716f Defer early keys to QUIC clients to after certificate reverification. by David Benjamin · 5 years ago
  98. fd32089 Defer releasing early secrets to QUIC servers. by David Benjamin · 5 years ago
  99. 58d56f4 Enable TLS 1.3 by default. by Matthew Braithwaite · 5 years ago
  100. ff746c1 Add GrowableArray<T> to ssl/internal.h. by Daniel McArdle · 5 years ago