aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Remove Record_Writer::send_alert. Move Alert serialization to Alert::serializelloyd2012-09-046-29/+31
|
* Rename m_writer to m_send_hslloyd2012-09-042-15/+15
|
* Use a std::function so handshake_io only has access Record_Writer'slloyd2012-09-047-23/+35
| | | | send function.
* Avoid putting dword typedef in global namespacelloyd2012-09-041-5/+5
|
* Avoid conditionals in the power mod opslloyd2012-09-042-22/+35
|
* Add a --chost option to configure that takes a GNU style triplet.lloyd2012-08-315-5/+24
| | | | | | Add a couple aliases so the GNU canonical names are understood by us. Add an Ivy Bridge entry, match it up with the new GCC -march flag
* Require servers to send us a session ticket message if they sent alloyd2012-08-141-3/+2
| | | | | | | | | session ticket extension in their hello. This avoids an ambiguity in the DTLS handshake, as there the change cipher spec is not ordered with respect to the other handshake messages. This was never legal per spec, but some versions of GnuTLS seem to offer a session ticket in their hello but then not send a ticket message in the case where they don't have a session ticket key configured.
* Fix various issues flagged by cppcheck. Nothing too interesting.lloyd2012-08-138-12/+11
|
* Missing constantlloyd2012-08-131-0/+2
|
* Includes for <functional> don't need to be a special case in thelloyd2012-08-131-1/+1
| | | | | amalgamation anymore. Was for TR1 because VC++ put it in <functional> and everyone else put it in <tr1/functional>
* Reject SRP6 values which are negative or larger than p since these arelloyd2012-08-112-15/+25
| | | | likely totally bogus.
* Working fragmentation. Initial start at flight tracking.lloyd2012-08-102-14/+63
|
* Hooks for DTLS fragmentationlloyd2012-08-102-12/+32
|
* Make the CCS message a Handshake_Msg and send it through the handshakelloyd2012-08-105-12/+31
| | | | | IO layer. Needed for DTLS which needs to be able to track and retransmit the CCS if needed.
* Const arg of Handshake_IO::sendlloyd2012-08-102-5/+5
|
* TLS doc updateslloyd2012-08-091-7/+8
|
* Instead of using static salts in the KDF for generating the cipher andlloyd2012-08-092-17/+40
| | | | | | MAC keys for session encryption, randomly generate two 80-bit salt values which are included in the session blob and run the KDF over the master key and the random salts to create the keys.
* Remove stray newlinelloyd2012-08-091-1/+0
|
* Remove octal referenceslloyd2012-08-091-16/+8
|
* More 1.11.1 notes. Update TLS docslloyd2012-08-092-7/+53
|
* Lame but usable DTLS defragmentationlloyd2012-08-092-7/+15
|
* Add a field in credits for Bitcoin addresses.lloyd2012-08-091-2/+3
|
* We weren't handling DTLS handshake fragments at all. Now reject themlloyd2012-08-082-24/+35
| | | | | while continuing to work with unfragmented records and add the framework for defragmentation.
* Clean up DTLS handshake formattinglloyd2012-08-082-19/+21
|
* Make Handshake_IO::format constlloyd2012-08-082-5/+5
|
* Fix DTLS handshake encoding. Handle multiple messages in a packet.lloyd2012-08-082-31/+72
| | | | Handle DTLS CCS correctly.
* DTLS needs some help with ChangeCipherSpec because it is not includedlloyd2012-08-085-11/+51
| | | | | | | | in the message_seq count. When we are asking for the next handshake msg, tell the handshake IO layer if we are expecting a CCS or not. Then DTLS just needs to track which epoch(s) it has seen the CCS for, and which epoch it is currently in. This is all ignored by the stream IO layer.
* Move check of plaintext size to after MAC check. Use assign instead oflloyd2012-08-071-8/+8
| | | | resize+copy_mem.
* Remove Handshake_IO::have_full_record and Handshake_IO::emptylloyd2012-08-073-50/+14
| | | | | Have get_next_record return NONE+empty vector if no record availabe. IO::empty was completely unused.
* This was in an awkward placelloyd2012-08-071-2/+1
|
* Track the sequence number and return it from the record reader. Takelloyd2012-08-075-15/+33
| | | | | | | the sequence number into the handshake parser. This is ignored entirely by the stream handshake reader which does not need it, but is needed for DTLS. Track which epoch(s) we have seen a change cipher spec for.
* Wrap lineslloyd2012-08-062-2/+7
|
* Fix parenslloyd2012-08-061-1/+1
|
* Add a Policy item for if a client will accept a server-initiatedlloyd2012-08-062-1/+7
| | | | | renegotiation request. Defaults to true. If false, the client will send a non-fatal no_renegotiation alert.
* Expose Handshake_Message as an API type.lloyd2012-08-069-66/+117
| | | | | | | | | | | Use override as appropriate in tls_messages.h Add a callback to Handshake_State which, if set, is called for each Handshake_Message& as it is received or sent. Not yet exposed at the application level. Use default values in client and server hellos to minimize the need for explicit settings in constructors.
* Don't need to make these privatelloyd2012-08-061-5/+3
|
* Turn on NPNlloyd2012-08-061-1/+2
|
* The client wasn't sending a next protocol message on a sessionlloyd2012-08-061-0/+11
| | | | resumption.
* A heartbeat request send by the counterparty during a handshake wouldlloyd2012-08-061-5/+8
| | | | be passed to the application callback as a heartbeat response.
* Move server-specific parts of the handshake state to a server subclass.lloyd2012-08-064-21/+29
|
* Move things that are client specific in the handshake state to alloyd2012-08-062-16/+28
| | | | subclass created by Client::new_handshake_state
* Make the handshake hash privatelloyd2012-08-067-33/+36
|
* Make handshake session keys private with get/setlloyd2012-08-066-24/+33
|
* Make the handshake Ciphersuite only available by const reference.lloyd2012-08-068-36/+35
| | | | Derive it when the server hello is set.
* Const Handshake_State args where possiblelloyd2012-08-063-5/+5
|
* Move Certificate message to it's own file.lloyd2012-08-064-68/+89
| | | | Remove ~Extensions declaration, not used anymore.
* Use unique_ptr in Server_Kex_Exchange and Extensionslloyd2012-08-064-37/+19
|
* Store record MAC objects in unique_ptrlloyd2012-08-063-21/+12
|
* Have all the TLS handshake messages stored in unique_ptrs with onlylloyd2012-08-0615-294/+436
| | | | const access after setting them. Fix some const issues.
* m_ namespace remaining TLS messageslloyd2012-08-065-78/+78
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 02:43:52 +0000