aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Move version to 1.11.14lloyd2015-01-211-1/+1
|
* Update TLS OCB ciphersuites to match draft-zauner-tls-aes-ocb-00lloyd2015-01-217-20/+84
| | | | | and enable them in the default build, though still not enabled in the runtime policy.
* Save to file by defaultlloyd2015-01-211-5/+6
|
* Fix string formattinglloyd2015-01-121-1/+1
|
* Update for 1.11.13 release1.11.13lloyd2015-01-112-3/+3
|
* Fixes for Windows paths. Based on Github pull 41 from cdesjardinsgit2015-01-114-7/+9
| | | | with some modifications by randombit.
* Fixlloyd2015-01-111-2/+1
|
* Better to have a RNG state per connection and avoid lock contentionlloyd2015-01-111-18/+5
|
* Proxy tweakslloyd2015-01-111-3/+16
|
* Add SipHashlloyd2015-01-1110-8/+229
|
* Remove DES startup selftestslloyd2015-01-111-19/+0
|
* Remove SSLv3 and handling of SSLv2 client hellos.lloyd2015-01-1132-779/+59
|
* Clean up base64 handling. Github pull 40 from webmaster128lloyd2015-01-111-11/+10
|
* Have TLS server take certificate and key from command linelloyd2015-01-114-395/+119
|
* Support any key length for TLS session encryption by hashing with HMAClloyd2015-01-101-4/+16
|
* Create a combined news page for the websitelloyd2015-01-103-2/+3
|
* Convert the asio server from a weird example server to a generic proxy server.lloyd2015-01-104-334/+599
|
* Dead codelloyd2015-01-101-14/+0
|
* Move license text to a plain text file without ReST marketlloyd2015-01-105-61/+60
|
* Ensure all files have copyright and license info.lloyd2015-01-10767-748/+1066
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Add MCEIES, an integrated encryption system using McEliece and AES-256/OCBlloyd2015-01-085-47/+266
|
* This assumed other headers it did not includelloyd2015-01-081-1/+2
|
* No need to reseed RNG in DSA sign as RNG is no longer usedlloyd2015-01-081-4/+2
|
* Side channel commentarylloyd2015-01-082-0/+26
|
* Dist script now defaults to tgz onlylloyd2015-01-081-1/+1
|
* Joel also wrote Threaded_Forklloyd2015-01-081-0/+1
|
* Add a sketch of a support roadmaplloyd2015-01-081-0/+59
|
* Inline BigInt::get_bit and byte_atlloyd2015-01-082-23/+9
|
* Change TLS session encryption to use AES-256/GCM instead of CBC+HMAClloyd2015-01-087-211/+53
|
* Cleanuplloyd2015-01-081-7/+5
|
* Add missing includelloyd2015-01-081-0/+1
|
* Handle zero length inputs correctly in base64. Github issue 37lloyd2015-01-081-2/+9
|
* In install, get version from build vars instead of directly fromlloyd2015-01-081-21/+17
| | | | | python file, as this broke if PYTHONPATH didn't contain '.' Github issue 39.
* Add OID for SHA-512/256lloyd2015-01-081-0/+2
|
* Add SHA-512/256lloyd2015-01-0817-75/+136
| | | | | Define some new functions for copying out arrays of words and use them across hashes.
* Avoid referencing &vec[vec.size()] as this triggers iterator debugginglloyd2015-01-074-6/+6
| | | | asserts in MSVC 2013. Github pull 36 from Simon Warta.
* Support setting the number of pad bytes in a heartbeat message. Uselloyd2015-01-075-70/+86
| | | | | random instead of all-zero padding. Check on sanity of received pads to the extent possible. Bugzilla 269.
* Use RtlSecureZeroMemory or memset_s if availablelloyd2015-01-073-0/+15
|
* Add todo.rst derived from enhancement tickets in bugzillalloyd2015-01-071-0/+69
|
* The pkgconfig file should be installed relative to the library dirlloyd2015-01-072-13/+5
| | | | | | rather than the base destdir. Pointed out by hexchain in github pull 38. Version the docdir with the full version incl patch.
* Netsieben.com appears to be gone but there is a fork on githublloyd2015-01-061-1/+1
|
* Fix install script under Python3lloyd2015-01-064-15/+35
|
* Fix doc bugslloyd2015-01-052-2/+2
|
* Add Brainpool and secp160r1 ECDSA testslloyd2015-01-052-1/+153
|
* Update relnoteslloyd2015-01-041-0/+8
|
* If no certificate stores at all are available skip OCSP checkslloyd2015-01-041-5/+7
|
* Remove config used for testing DTLS-SRTPlloyd2015-01-041-3/+2
|
* Add DTLS-SRTP key establishment from RFC 5764 (required for WebRTC).lloyd2015-01-0412-138/+298
| | | | | | | | | | | | | | Github issue 27. Refactor server hello handling to make it easier to handle other extensions. The manual specified that 224 bit NIST primes were disabled by default for TLS but they were not. Additionaly disable the 256k1 curve and reorder the remaining curves by size. Rewrite the max fragment length extension code to roughly what an ideal compiler would have turned the original code into, using a switch instead of a lookup into a small constant std::map.
* Make the help output slightly more helpfullloyd2015-01-041-1/+1
|
* Put the includes in the right (versioned) subdir on installlloyd2015-01-041-12/+14
|