Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add Public_Key::estimated_strength which gives an approximation of how | lloyd | 2012-07-27 | 12 | -14/+99 |
| | | | | | | | hard that key is to break. Use it in cert path validation, rejecting keys with estimated strength less than 80 bits. | ||||
* | Small doc tweaks | lloyd | 2012-07-27 | 5 | -20/+23 |
| | |||||
* | Have the release script pull the datestamp from monotone, so it does | lloyd | 2012-07-25 | 3 | -17/+60 |
| | | | | not need to be manually set before a release. | ||||
* | Build on Sheevaplug | lloyd | 2012-07-24 | 1 | -0/+2 |
| | |||||
* | Update for 1.11.0 release1.11.0 | lloyd | 2012-07-19 | 4 | -4/+6 |
| | |||||
* | In RSA and RW signers, add the message contents to the RNG state | lloyd | 2012-07-19 | 2 | -5/+9 |
| | |||||
* | Fix divisibility check in DL_Group::make_dsa_generator | lloyd | 2012-07-19 | 1 | -3/+4 |
| | |||||
* | Move EGD to the end of the priority list for entropy sources, as it | lloyd | 2012-07-18 | 1 | -6/+6 |
| | | | | | really is quite rare at this point given that all modern Unices have a /dev/random. | ||||
* | Add 1.8.14 release notes | lloyd | 2012-07-18 | 3 | -3/+21 |
| | |||||
* | Some changes to HMAC_RNG: | lloyd | 2012-07-18 | 2 | -23/+13 |
| | | | | | | | | | | | | | - Only give out half of K in each iteration. This prevents an attacker who recovers the PRF key and knows some RNG outputs from being able to determine other RNG outputs. - Don't reset the counter on a reseed, and every 1024 outputs (16 Kbytes with default PRF) initiate a poll. - Don't ever reseed when called with add_entropy, just give it to the extractor, as we know that eventually we'll reseed at which time that input will be incorporated. | ||||
* | Add FAQ entry for old Pythons having issues with configure | lloyd | 2012-07-18 | 1 | -0/+30 |
| | |||||
* | Add check for out of range DH keys | lloyd | 2012-07-17 | 1 | -0/+3 |
| | |||||
* | Add helper for writing 24-bit integer | lloyd | 2012-07-16 | 1 | -2/+12 |
| | |||||
* | Add a class that handles writing handshake messages instead of pushing | lloyd | 2012-07-16 | 24 | -166/+248 |
| | | | | that task to Record_Writer. Needed for DTLS work. | ||||
* | Sort by last name | lloyd | 2012-07-13 | 1 | -5/+5 |
| | |||||
* | Make page wider. QNX build report. Link to 1.10.2 notes in 1.10.3. | lloyd | 2012-07-13 | 3 | -6/+10 |
| | |||||
* | Add a set of power mod tests generated by python with highly regular | lloyd | 2012-07-13 | 1 | -0/+2485 |
| | | | | binary structure (tends to expose carry bugs, etc). | ||||
* | Use uintptr_t in ptr_in_pool instead of size_t as uintptr_t is now | lloyd | 2012-07-13 | 2 | -6/+4 |
| | | | | | | | | standard in C++11 and makes more sense than size_t Make m_poolsize a const. There is no real reason to reset it to zero if a failure occurs since a) we are throwing an exception anyway and b) we check for !m_pool first thing. | ||||
* | Hook creating just the handshake reader vs the entire state | lloyd | 2012-07-12 | 6 | -12/+12 |
| | |||||
* | Add an optional parameter to TLS::Client specifying the port number. | lloyd | 2012-07-12 | 9 | -48/+100 |
| | | | | | | Pass this down into the session managers. Also document how to use session tickets with TLS servers. | ||||
* | Changes to version handling in support of DTLS work. | lloyd | 2012-07-12 | 16 | -78/+114 |
| | | | | | | | | | | | | | | | Add a few 'feature tests' to Protocol_Version which helps avoid some explicit comparisons. Additionally, remove the relational comparisons, except for operator> which is still used in a few locations. TLS::Policy has changed and no longer has min_version. The new hook that replaces it is acceptable_protocol_version, which should return true if and only if we are willing to negotiate the version returned. This leads to a somewhat cleaner result and additionally allows one to do maybe interesting though mostly useless things like allowing TLS 1.0 or 1.2 but not 1.1. Fix the version sent in the (unused) DTLS hello verify message. | ||||
* | Update the InnoSetup script: | lloyd | 2012-07-11 | 3 | -19/+69 |
| | | | | | | | | | | | | | | | | | | | | | - Have configure.py create a new var %{innosetup_arch} which means one doesn't have to remmeber to uncomment the ArchitecturesAllowed and ArchitecturesInstallIn64BitMode for 64-bit installs. Also it would theoretically work out of the box for IA-64 installs though this is completely untested. - InnoSetup 5.5 drops support for Windows 95/98/ME. While I'm in there, move MinVersion to 5.1 (XP) since 2000 is (as with 9x) totally an unknown quantity (not to mention EOLed). - No PDF manual anymore, don't try to install it - The files under doc are .rst rather than .txt now - Include %{arch} in OutputBaseFilename so I don't have to rename the output afterwards. and outline the process for creating the installer in release_process.rst | ||||
* | Use subsections in 1.11.0 release notes. | lloyd | 2012-07-11 | 4 | -32/+48 |
| | | | | | | | | | Remove installer link for 1.8. Update 1.10 installer to 1.10.3 and link to signatures as well. Add note in download links that 1.11 requires a C++11 compiler. Add build records for Windows 1.10.3 with VC 2010. | ||||
* | More release process docs | lloyd | 2012-07-10 | 1 | -13/+22 |
| | |||||
* | Traceback by default on an exception throw | lloyd | 2012-07-10 | 1 | -3/+3 |
| | |||||
* | Fix --output-dir which did not work at all. Make compatible with | lloyd | 2012-07-10 | 1 | -53/+71 |
| | | | | | Python 3 (at the expense of 2.5 due to the exception catching syntax). Clean up exception handling a bit. | ||||
* | Typo in the search and replace | lloyd | 2012-07-10 | 1 | -2/+2 |
| | |||||
* | Add deleted copy constructors/assignment operators where appropriate. | lloyd | 2012-07-10 | 14 | -18/+67 |
| | | | | | Replace C++98 style private copy constructors/assignment ops with ones annotated with delete. | ||||
* | Add a basic outline of how releases occur while it is fresh in my | lloyd | 2012-07-10 | 2 | -0/+44 |
| | | | | memory from the 1.10.3 release. | ||||
* | Add relnotes and update download links for 1.10.3 | lloyd | 2012-07-10 | 3 | -3/+15 |
| | |||||
* | Add a patch from Markus Wanner that extends DataSource (including | lloyd | 2012-07-09 | 10 | -0/+72 |
| | | | | | Pipe) with get_bytes_read() which returns the number of bytes read so far from that source. | ||||
* | Add TLS::Channel::new_handshake_state which abstracts creating the | lloyd | 2012-07-09 | 6 | -11/+27 |
| | | | | handshaking state. | ||||
* | More Doxygen warning fixes | lloyd | 2012-07-09 | 3 | -0/+15 |
| | |||||
* | Doxygen warning fixes | lloyd | 2012-07-09 | 6 | -6/+44 |
| | |||||
* | Fix leak in read_ssh example, reported by Martin Olsson to the mailing list | lloyd | 2012-07-09 | 1 | -2/+3 |
| | |||||
* | Add a LZMA filter contributed by Vojtech Kral | lloyd | 2012-07-09 | 7 | -1/+422 |
| | |||||
* | Ignoring key/crt/pem is obnoxious because monotone won't let you even | lloyd | 2012-07-09 | 1 | -1/+1 |
| | | | | explicitly add an ignored file. | ||||
* | Drop the support page as FlexSecure doesn't provide any info about | lloyd | 2012-07-09 | 4 | -24/+15 |
| | | | | | | InSiTo or botan support anymore. Build records for 1.11.0 and 1.10.2 | ||||
* | The messages for assertion checks were done both ways, both "assertion | lloyd | 2012-07-09 | 15 | -25/+29 |
| | | | | | | X is true" and "assertion X is false". Convert all of them to the form "assertion X is true" thus making it clear what it is that we are attempting to assert by testing the expression provided. | ||||
* | Fix for bug 209. Required some reworking of the ASN.1 bytestring | lloyd | 2012-07-09 | 8 | -47/+86 |
| | | | | decoding code but seems an improvement. | ||||
* | Remove BOTAN_ASSERT_FUNCTION, use __func__ which is now standard in C++11 | lloyd | 2012-07-09 | 2 | -41/+35 |
| | |||||
* | Add a comment so I remember how to get warnings | lloyd | 2012-07-06 | 1 | -1/+3 |
| | |||||
* | Doxygen comments | lloyd | 2012-07-06 | 7 | -11/+133 |
| | |||||
* | Add wikipedia extlinks target. Warn about SRP verifier being secret | lloyd | 2012-07-06 | 2 | -2/+18 |
| | |||||
* | Disable generating LaTeX Doxygen output as we don't really need it and | lloyd | 2012-07-06 | 1 | -0/+8 |
| | | | | it is very slow to generate. | ||||
* | More Doxygen comments | lloyd | 2012-07-06 | 2 | -3/+12 |
| | |||||
* | Correct Doxygen comments | lloyd | 2012-07-06 | 2 | -5/+5 |
| | |||||
* | Outline of docs for SRP | lloyd | 2012-07-06 | 2 | -0/+26 |
| | |||||
* | Basic PSK documentation | lloyd | 2012-07-06 | 1 | -3/+15 |
| | |||||
* | A bit more OCSP documentation | lloyd | 2012-07-05 | 1 | -3/+8 |
| |