aboutsummaryrefslogtreecommitdiff
path: root/src/openvpn/ssl.c
AgeCommit message (Expand)Author
2020-12-02Remove auth_user_pass.wait_for_push variableArne Schwabe
2020-11-24Also announce IV_CIPHERS as client in OpenVPN 2.4Arne Schwabe
2020-11-24Normalise ncp-ciphers option and restrict it to 127 bytesArne Schwabe
2020-05-30Switch assertion failure to returning falseJeremy Evans
2020-04-16Fix broken async push with NCP is usedLev Stipakov
2019-11-06Fix broken fragmentation logic when using NCPLev Stipakov
2018-12-10Fallback to password authentication when auth-token failsArne Schwabe
2018-10-11Add better support for showing TLS 1.3 ciphersuites in --show-tlsArne Schwabe
2018-10-11options.c: fix broken unary minus usageLev Stipakov
2018-10-10Add support for tls-ciphersuites for TLS 1.3Arne Schwabe
2018-07-18Minor reliability layer documentation fixesGert van Dijk
2018-03-07Check for more data in control channelSteffan Karger
2018-02-20Log pre-handshake packet drops using D_MULTI_DROPPEDSteffan Karger
2018-02-01Update copyright to include 2018 plus company name changeDavid Sommerseth
2018-01-20Add support for TLS 1.3 in --tls-version-{min, max}Steffan Karger
2018-01-20Fix --tls-version-min and --tls-version-max for OpenSSL 1.1+Steffan Karger
2017-11-19Add --tls-cert-profile option.Steffan Karger
2017-09-07tls-crypt: don't leak memory for incorrect tls-crypt messagesSteffan Karger
2017-08-17crypto: create function to initialize encrypt and decrypt keySteffan Karger
2017-08-14Always use default keysize for NCP'd ciphersSteffan Karger
2017-08-14add missing static attribute to functionsAntonio Quartulli
2017-08-11remove unused functionsAntonio Quartulli
2017-08-11make function declarations C99 compliantAntonio Quartulli
2017-06-29Undo cipher push in client options state if cipher is rejectedSteffan Karger
2017-06-27Set tls-cipher restriction before loading certificatesArne Schwabe
2017-06-19Ignore auth-nocache for auth-user-pass if auth-token is pushedAntonio Quartulli
2017-06-18OpenSSL: don't use direct access to the internal of HMAC_CTXEmmanuel Deloget
2017-06-16copyright: Update GPLv2 license textsDavid Sommerseth
2017-05-17Log the negotiated (NCP) cipherSteffan Karger
2017-05-11Don't assert out on receiving too-large control packets (CVE-2017-7478)Steffan Karger
2017-05-09Always clear username/password from memory on errorSteffan Karger
2017-05-09Restore pre-NCP frame parameters for new sessionsSteffan Karger
2017-03-16CRL: use time_t instead of struct timespec to store last mtimeAntonio Quartulli
2017-03-15Remove duplicate X509 env variablesSteffan Karger
2017-01-18More broadly enforce Allman style and braces-around-conditionalsSteffan Karger
2016-12-26Remove IV_RGI6=1 peer-info signalling.Gert Doering
2016-12-21Update copyrightsDavid Sommerseth
2016-12-14The Great Reformatting - first phaseDavid Sommerseth
2016-12-07Fix (and cleanup) crypto flags in combination with NCPSteffan Karger
2016-12-01reload CRL only if file was modifiedAntonio Quartulli
2016-11-29Introduce and use secure_memzero() to erase secretsSteffan Karger
2016-11-28Unconditionally enable TLS_AGGREGATE_ACKSteffan Karger
2016-11-28tls_process: don't set variable that's never readSteffan Karger
2016-11-23Refactor data channel key generation APISteffan Karger
2016-11-23Poor man's NCP for non-NCP peersSteffan Karger
2016-11-22generate_key_expansion: make assumption explicit, use C99 featuresSteffan Karger
2016-11-22--tls-crypt fixesSteffan Karger
2016-11-16Add control channel encryption (--tls-crypt)Steffan Karger
2016-11-16Remove unneeded check for extra_certs_file_inlineSteffan Karger
2016-11-16Refactor CRL handlingSteffan Karger
generated by cgit v1.1 at 2024-10-07 02:14:42 +0000