aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Code for NewSessionTicket handshake messagelloyd2012-01-031-0/+1
|
* Some basic infrastructure pieces for SRP (policy, etc)lloyd2011-12-316-23/+46
|
* Add support for client-side session resumptionlloyd2011-12-3111-167/+305
|
* Better names on the session manager. Plausible client lookup support,lloyd2011-12-303-23/+57
| | | | untested though.
* Rename the session type to 'TLS_Session'. Split the manager out intolloyd2011-12-3015-166/+219
| | | | its own file. Rename tls_state to tls_handshake_state.
* Add a function for getting the version number of an active connection.lloyd2011-12-3018-40/+118
| | | | | | | | Add a new callback that is called with the session info when a handshake completes. Currently only called on the server side as the client doesn't have session resumption yet. Rename CipherSuite to TLS_Cipher_Suite.
* Add support for the maximum fragment length extension. No hooks for itlloyd2011-12-309-141/+288
| | | | | | | on the client side at the moment. Tested with gnutls-cli --recordsize. Save the fragment size and the secure renegotiation flags in the session state.
* New more interesting client, pipes stdin<->remote box via TLS alalloyd2011-12-301-74/+122
| | | | OpenSSL's s_client instead of just doing a one-shot request.
* Prevent ping-ponging of close alerts by tracking both if a handshakelloyd2011-12-304-18/+31
| | | | | has been completed and if the connection has been definitely closed by a fatal alert or a close notify.
* Full support for renegotiation including RFC 5746 extensions forlloyd2011-12-308-42/+133
| | | | | | | | | | | | | client and server. Server side can handle SCSV values as well, client always sends the extension instead. Handle an empty SNI extension coming back from the server - this is used to indicate that it understood the name. Also add better checking for extensions by passing in what the supposed size of the extension is. Only send the secure negotiation extension in the server hello if the client indicated support for it.
* Server side handling of the secure renegotiation extension.lloyd2011-12-303-2/+26
|
* Many renegotiation fixes. Add support for the secure renegotiationlloyd2011-12-3013-36/+209
| | | | | extension (client side only at the moment). Add an interface that allows applications to request renegotiation.
* Reset the sequence numbers when we activate a connection state. Thislloyd2011-12-302-0/+9
| | | | meant up until this point, renegotiation never worked. :(
* About half an implementation of RFC 5746lloyd2011-12-2910-68/+158
|
* Add support for sending server name indicator in client hellolloyd2011-12-2913-75/+387
| | | | | | | | Add support for sending and reading the SRP identifier extension. Add some helper classes for managing TLS extensions Add ciphersuite codes for SRP key exchange.
* Clean up the ordering of constructor args to the various message typeslloyd2011-12-299-99/+108
|
* SSLv3 clients will send this as a warning if the server requests alloyd2011-12-291-0/+1
| | | | client cert and they don't have one.
* Ref mozilla bug alsolloyd2011-12-291-2/+2
|
* Only insert small fragments for application records. Handshakes wouldlloyd2011-12-291-1/+1
| | | | | | only be affected if the attacker can modify the handshake messages, which seems fairly unlikely, and some implementations are known to be unhappy with fragmented handshakes.
* Don't buffer in the record writer at all - we immediately process andlloyd2011-12-287-64/+42
| | | | | | | | send out inputs as they are available. Thus, flushing is never required, and we avoid some unnecessary copying. If we are using a CBC mode cipher in SSLv3/TLSv1.0, send a 1-byte fragment to start to prevent the adaptive plaintext attack.
* Fix for RC4 suiteslloyd2011-12-281-1/+2
|
* Optimization/work on future optimization for the record writer;lloyd2011-12-282-50/+67
| | | | | | collects all the data into a single buffer and encrypts it in one go. Once the support is there for in-place encryption in the cipher modes this will help out substantially.
* Rounding to nearest 0 should be a no-oplloyd2011-12-281-0/+6
|
* Add support for raw deflate in the zlib filterlloyd2011-12-282-12/+35
|
* Just print printablelloyd2011-12-281-2/+0
|
* Comment grammarlloyd2011-12-281-2/+2
|
* Fixlloyd2011-12-281-0/+1
|
* Cleanerlloyd2011-12-282-3/+2
|
* Fixes for DSA authlloyd2011-12-282-8/+11
|
* Don't stall on errorlloyd2011-12-281-3/+6
|
* Add non-null assertion, don't print msg if empty stringlloyd2011-12-282-1/+11
|
* Assert there is nothing left over at the end of packet parsing.lloyd2011-12-281-0/+6
|
* Additional bits for SSLv3 client authlloyd2011-12-285-10/+41
|
* Save peer certs in session info. Use helper function for handshakelloyd2011-12-285-42/+30
| | | | hashing.
* Working though hacking client verify (server side only). Only supportslloyd2011-12-2819-65/+131
| | | | | TLS 1.0/1.1, SSLv3 uses a different hash format. Only RSA certs tested so far.
* Remove debug print, include info in the exception msg insteadlloyd2011-12-281-8/+3
|
* Slightly better alert option for this caselloyd2011-12-281-1/+1
|
* We wouldn't send an alert before handshaking was complete becauselloyd2011-12-281-7/+4
| | | | | | active == false, which made debugging hard and caused timeouts/hangs in clients if (for instance) a ciphersuite couldn't be negotiated. Always send alerts.
* Make TLS_Session_Params a real class. Various cleanups.lloyd2011-12-286-124/+193
|
* Partial bits of the server side of client auth. Incomplete.lloyd2011-12-286-39/+87
| | | | | | Pass a session manager to TLS_Client's constructor. Currently unused. Add time-based session expiration to the in-memory session cache.
* Make tls_session_key.h an internal headerlloyd2011-12-279-8/+18
|
* Actually send the right info in a resumed session server hellolloyd2011-12-271-7/+4
|
* Force resumed session to use previous ciphersuite, etclloyd2011-12-274-26/+73
|
* BER decoder extras needed by previous commitlloyd2011-12-272-17/+68
|
* Session deserializationlloyd2011-12-273-6/+27
|
* Half of session serializationlloyd2011-12-275-77/+181
|
* Clean up SessionKeys implementationlloyd2011-12-272-108/+49
|
* First rev of working session resumption (server side only). Only workslloyd2011-12-277-65/+202
| | | | with TLS at the moment, SessionKeys is a mess.
* Avoid a memory leak if we were using DHE - kex_priv would get a copylloyd2011-12-272-23/+22
| | | | of the server key and then we'd immediately overwrite the pointer.
* Much smarter state transition checking: at each point in thelloyd2011-12-275-159/+170
| | | | | | | | handshake, keep track of exactly which handshake message type(s) we can expect and assert before processing that what we recieved is what we expected. Contrast with previous 'checking' which was more in the style 'could we perhaps plausibly do something with this message?' aka broken.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 13:13:09 +0000