aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Many renegotiation fixes. Add support for the secure renegotiationlloyd2011-12-3013-36/+209
| | | | | extension (client side only at the moment). Add an interface that allows applications to request renegotiation.
* Reset the sequence numbers when we activate a connection state. Thislloyd2011-12-302-0/+9
| | | | meant up until this point, renegotiation never worked. :(
* About half an implementation of RFC 5746lloyd2011-12-2910-68/+158
|
* Add support for sending server name indicator in client hellolloyd2011-12-2913-75/+387
| | | | | | | | Add support for sending and reading the SRP identifier extension. Add some helper classes for managing TLS extensions Add ciphersuite codes for SRP key exchange.
* Clean up the ordering of constructor args to the various message typeslloyd2011-12-299-99/+108
|
* SSLv3 clients will send this as a warning if the server requests alloyd2011-12-291-0/+1
| | | | client cert and they don't have one.
* Ref mozilla bug alsolloyd2011-12-291-2/+2
|
* Only insert small fragments for application records. Handshakes wouldlloyd2011-12-291-1/+1
| | | | | | only be affected if the attacker can modify the handshake messages, which seems fairly unlikely, and some implementations are known to be unhappy with fragmented handshakes.
* Don't buffer in the record writer at all - we immediately process andlloyd2011-12-287-64/+42
| | | | | | | | send out inputs as they are available. Thus, flushing is never required, and we avoid some unnecessary copying. If we are using a CBC mode cipher in SSLv3/TLSv1.0, send a 1-byte fragment to start to prevent the adaptive plaintext attack.
* Fix for RC4 suiteslloyd2011-12-281-1/+2
|
* Optimization/work on future optimization for the record writer;lloyd2011-12-282-50/+67
| | | | | | collects all the data into a single buffer and encrypts it in one go. Once the support is there for in-place encryption in the cipher modes this will help out substantially.
* Rounding to nearest 0 should be a no-oplloyd2011-12-281-0/+6
|
* Add support for raw deflate in the zlib filterlloyd2011-12-282-12/+35
|
* Just print printablelloyd2011-12-281-2/+0
|
* Comment grammarlloyd2011-12-281-2/+2
|
* Fixlloyd2011-12-281-0/+1
|
* Cleanerlloyd2011-12-282-3/+2
|
* Fixes for DSA authlloyd2011-12-282-8/+11
|
* Don't stall on errorlloyd2011-12-281-3/+6
|
* Add non-null assertion, don't print msg if empty stringlloyd2011-12-282-1/+11
|
* Assert there is nothing left over at the end of packet parsing.lloyd2011-12-281-0/+6
|
* Additional bits for SSLv3 client authlloyd2011-12-285-10/+41
|
* Save peer certs in session info. Use helper function for handshakelloyd2011-12-285-42/+30
| | | | hashing.
* Working though hacking client verify (server side only). Only supportslloyd2011-12-2819-65/+131
| | | | | TLS 1.0/1.1, SSLv3 uses a different hash format. Only RSA certs tested so far.
* Remove debug print, include info in the exception msg insteadlloyd2011-12-281-8/+3
|
* Slightly better alert option for this caselloyd2011-12-281-1/+1
|
* We wouldn't send an alert before handshaking was complete becauselloyd2011-12-281-7/+4
| | | | | | active == false, which made debugging hard and caused timeouts/hangs in clients if (for instance) a ciphersuite couldn't be negotiated. Always send alerts.
* Make TLS_Session_Params a real class. Various cleanups.lloyd2011-12-286-124/+193
|
* Partial bits of the server side of client auth. Incomplete.lloyd2011-12-286-39/+87
| | | | | | Pass a session manager to TLS_Client's constructor. Currently unused. Add time-based session expiration to the in-memory session cache.
* Make tls_session_key.h an internal headerlloyd2011-12-279-8/+18
|
* Actually send the right info in a resumed session server hellolloyd2011-12-271-7/+4
|
* Force resumed session to use previous ciphersuite, etclloyd2011-12-274-26/+73
|
* BER decoder extras needed by previous commitlloyd2011-12-272-17/+68
|
* Session deserializationlloyd2011-12-273-6/+27
|
* Half of session serializationlloyd2011-12-275-77/+181
|
* Clean up SessionKeys implementationlloyd2011-12-272-108/+49
|
* First rev of working session resumption (server side only). Only workslloyd2011-12-277-65/+202
| | | | with TLS at the moment, SessionKeys is a mess.
* Avoid a memory leak if we were using DHE - kex_priv would get a copylloyd2011-12-272-23/+22
| | | | of the server key and then we'd immediately overwrite the pointer.
* Much smarter state transition checking: at each point in thelloyd2011-12-275-159/+170
| | | | | | | | handshake, keep track of exactly which handshake message type(s) we can expect and assert before processing that what we recieved is what we expected. Contrast with previous 'checking' which was more in the style 'could we perhaps plausibly do something with this message?' aka broken.
* Make the server example less fragile, write a class that emulates thelloyd2011-12-271-30/+118
| | | | old blocking interface and use that.
* Compile fixlloyd2011-12-271-1/+1
|
* Add the code for DHE/DSS with RC4, not 'official' but the codepointlloyd2011-12-272-0/+7
| | | | | | | was included in a now-expired ID (draft-ietf-tls-56-bit-ciphersuites-01) and mentioned in Rescorla's SSL book. Not implemented by OpenSSL but does appear to be included in GnuTLS.
* Compile fix, also save version #lloyd2011-12-231-1/+2
|
* Fix crashlloyd2011-12-231-1/+6
|
* Initial hooks for session resumptionlloyd2011-12-2316-163/+280
|
* Centralize a lot of the handshaking and message parsing in TLS_Channellloyd2011-12-2312-679/+344
| | | | Also delete the obsolete/never worked CMS examples
* propagate from branch 'net.randombit.botan' (head ↵lloyd2011-12-2332-265/+211
|\ | | | | | | | | | | 6c2809f0c11ba10a137601a2e7eed7ac1f083002) to branch 'net.randombit.botan.tls-state-machine' (head a302f3e8a1d2571835d461a7af7b4e8e805de446)
| * Rename ssl module to tlslloyd2011-12-2329-0/+0
| |
| * First stab at an event driven TLS client.lloyd2011-12-239-265/+211
| |
* | Dirty hack to support multiple 'define' options in a module info file.lloyd2011-12-231-8/+16
|/ | | | | | | | If the default value is a list we will append to it instead of overwriting it. (Previouly, multiple define targets 'worked' with last one winning as the values were progressively overwritten). This might be useful for other things, compiler warning options maybe?
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-27 04:47:09 +0000