aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Force a reseed in HMAC_RNG after 20 bytes have been added, rather thanlloyd2012-02-151-5/+12
| | | | | | waiting for a full kilobyte. This is for the benefit of DSA/ECDSA which want a call to add_entropy to update the state in some way, passing just a hash input which might be as small as 20 bytes.
* Support ECDH key creation in the key factory function. Patch from Seanlloyd2012-02-031-0/+14
| | | | Cassidy, sent to the mailing list.
* Whitespacelloyd2012-02-022-4/+3
|
* Disable this version of the SSL code by defaultlloyd2012-02-012-2/+10
|
* Remove debug printfs, stdio includeslloyd2012-01-303-11/+0
|
* Pointer writing seems cleanerlloyd2012-01-302-102/+102
|
* Partially de-unroll the loop to make changes easierlloyd2012-01-301-86/+41
|
* Add a slow but functional implementation of Camellialloyd2012-01-287-1/+428
|
* Fix lib suffixlloyd2012-01-252-3/+9
|
* Fix -Wreorder warninglloyd2012-01-251-1/+1
|
* Use initializer list, make destructor virtuallloyd2012-01-061-2/+2
|
* Remove the autheticator generation from the SRP code as it's not usedlloyd2011-12-314-52/+143
| | | | | by TLS (relies on the finished message check). Add a class for reading files created by GnuTLS's srptool.
* A bad decrypt on a TLS 1.0/1.1 message would cause a mostly infinitelloyd2011-12-311-1/+6
| | | | | loop (size_t overflow), likely causing a segfault. Not exploitable as far as I can tell, beyond the obvious crashing.
* Dirty hack to support multiple 'define' options in a module info file.lloyd2011-12-231-8/+16
| | | | | | | | If the default value is a list we will append to it instead of overwriting it. (Previouly, multiple define targets 'worked' with last one winning as the values were progressively overwritten). This might be useful for other things, compiler warning options maybe?
* Add code point for the SRP identifier extension and add a check for itlloyd2011-12-173-0/+13
| | | | | in the Client_Hello parser. Works, tested with GnuTLS command line client.
* Initial run at an SRP-6a implementation. Not entirely sure about thelloyd2011-12-175-0/+291
| | | | | interface but it's a plausible start. Will probably have more insights after adding TLS hooks.
* Add the 2048 bit SRP group from RFC 5054lloyd2011-12-171-0/+15
|
* Basic instructions for building the docslloyd2011-12-171-5/+17
|
* Make this exception somewhat more understandable. I think.lloyd2011-12-171-1/+1
|
* Add TCHead to list of userslloyd2011-12-171-0/+3
|
* Use LoadLibraryA instead of bare LoadLibrary so things work if used inlloyd2011-12-131-1/+1
| | | | an amalgamation and the app is compiled in Unicode mode.
* Fix readme URLslloyd2011-12-081-4/+4
|
* Fix PR 166lloyd2011-12-081-5/+9
|
* Add basic NaCl targetlloyd2011-12-082-0/+6
|
* Warn the user if targetting for GCC on Windows without an explicitlloyd2011-12-022-9/+17
| | | | | --os=windows since likely they actually wanted either --os=cygwin or --os=mingw
* LoadLibrary apparently works on MinGWlloyd2011-12-021-0/+1
|
* GCC doesn't like casting a function pointer to void* without anlloyd2011-12-022-1/+4
| | | | explicit cast.
* Add AltiVec detection on OpenBSD, contributed by Brad Smith in PR 162lloyd2011-11-282-1/+17
|
* Fix PGP key linklloyd2011-11-281-1/+1
|
* Fix link, and use sphinx to generatelloyd2011-11-281-3/+2
|
* Call cpuid via inline asm on x86-64, so we can use it with Clang (nolloyd2011-11-181-2/+16
| | | | cpuid intrinsic) and older GCC (no cpuid.h before 4.3)
* Add model name for Sandy Bridge. Use -march=corei7 with GCC and Clanglloyd2011-11-183-12/+16
| | | | as they seem to understand it as of GCC 4.6 and Clang 2.9.
* Fix declarationlloyd2011-11-181-2/+1
|
* Manually rename registers instead of rotating. Performance is aboutlloyd2011-11-181-638/+638
| | | | | the same, so clearly GCC 4.6 and/or the Core i7 are very good about renames, but might help on less capable systems.
* Poll clock_gettime in High_Resolution_Timestamp::poll with whateverlloyd2011-11-113-1/+42
| | | | clock types we know about that have macros defined for them.
* Log the detected revision, if mtn reports somethinglloyd2011-11-101-0/+2
|
* PyPy workslloyd2011-11-091-7/+6
|
* Add AltiVec detection for POWER7 processorslloyd2011-11-022-0/+4
|
* Include the needed sub in the log noteslloyd2011-11-011-1/+2
|
* Mention the 1.8 branchlloyd2011-10-181-2/+3
|
* Switch to the Python 3 syntax in configure.py. A Perl one-liner in thelloyd2011-10-182-10/+17
| | | | header shows how to return it to 2.5 compatability.
* If running a non-released version and monotone wasn't installed (orlloyd2011-10-181-9/+16
| | | | | wasn't in path), get_vc_revision would not catch an OSError exception from subprocess and the whole configure would fail
* Don't set the soname on OpenBSD (PR 158)lloyd2011-10-112-0/+8
|
* Python 3.1's subprocess.Popen.communicate returns a bytes rather thanlloyd2011-10-101-2/+5
| | | | a str. Sigh.
* Name the params for DER_Encoder in headerlloyd2011-10-061-24/+47
|
* Note --cpu fix, bump versionlloyd2011-09-012-2/+10
|
* Make dir path more explicitlloyd2011-08-301-1/+1
|
* Search for an exact match in both arch and submodel before tryinglloyd2011-08-191-4/+15
| | | | | regex matching. Increases the odds we'll get the correct/intended target. Debian bug 638347.
* Avoid using -march=i386 if an i386 is 'detected', instead uselloyd2011-08-151-2/+5
| | | | | | | | -mtune=generic as with i486. Python's platform reports an i386 when running on a Core Duo on MacOS X 10.6, then using -march=i368 causes a link failure due to missing atomic adds in libstdc++. PR 152 Also use generic for i586.
* Add the start of Python docslloyd2011-08-065-6/+42
| | | | | | Describe how to build a universal binary on OS X Fix tr1::function syntax so Sphinx is happy.