aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Add Public_Key::estimated_strength which gives an approximation of howlloyd2012-07-2712-14/+99
| | | | | | | hard that key is to break. Use it in cert path validation, rejecting keys with estimated strength less than 80 bits.
* Small doc tweakslloyd2012-07-275-20/+23
|
* Have the release script pull the datestamp from monotone, so it doeslloyd2012-07-253-17/+60
| | | | not need to be manually set before a release.
* Build on Sheevapluglloyd2012-07-241-0/+2
|
* Update for 1.11.0 release1.11.0lloyd2012-07-194-4/+6
|
* In RSA and RW signers, add the message contents to the RNG statelloyd2012-07-192-5/+9
|
* Fix divisibility check in DL_Group::make_dsa_generatorlloyd2012-07-191-3/+4
|
* Move EGD to the end of the priority list for entropy sources, as itlloyd2012-07-181-6/+6
| | | | | really is quite rare at this point given that all modern Unices have a /dev/random.
* Add 1.8.14 release noteslloyd2012-07-183-3/+21
|
* Some changes to HMAC_RNG:lloyd2012-07-182-23/+13
| | | | | | | | | | | | | - Only give out half of K in each iteration. This prevents an attacker who recovers the PRF key and knows some RNG outputs from being able to determine other RNG outputs. - Don't reset the counter on a reseed, and every 1024 outputs (16 Kbytes with default PRF) initiate a poll. - Don't ever reseed when called with add_entropy, just give it to the extractor, as we know that eventually we'll reseed at which time that input will be incorporated.
* Add FAQ entry for old Pythons having issues with configurelloyd2012-07-181-0/+30
|
* Add check for out of range DH keyslloyd2012-07-171-0/+3
|
* Add helper for writing 24-bit integerlloyd2012-07-161-2/+12
|
* Add a class that handles writing handshake messages instead of pushinglloyd2012-07-1624-166/+248
| | | | that task to Record_Writer. Needed for DTLS work.
* Sort by last namelloyd2012-07-131-5/+5
|
* Make page wider. QNX build report. Link to 1.10.2 notes in 1.10.3.lloyd2012-07-133-6/+10
|
* Add a set of power mod tests generated by python with highly regularlloyd2012-07-131-0/+2485
| | | | binary structure (tends to expose carry bugs, etc).
* Use uintptr_t in ptr_in_pool instead of size_t as uintptr_t is nowlloyd2012-07-132-6/+4
| | | | | | | | standard in C++11 and makes more sense than size_t Make m_poolsize a const. There is no real reason to reset it to zero if a failure occurs since a) we are throwing an exception anyway and b) we check for !m_pool first thing.
* Hook creating just the handshake reader vs the entire statelloyd2012-07-126-12/+12
|
* Add an optional parameter to TLS::Client specifying the port number.lloyd2012-07-129-48/+100
| | | | | | Pass this down into the session managers. Also document how to use session tickets with TLS servers.
* Changes to version handling in support of DTLS work.lloyd2012-07-1216-78/+114
| | | | | | | | | | | | | | | Add a few 'feature tests' to Protocol_Version which helps avoid some explicit comparisons. Additionally, remove the relational comparisons, except for operator> which is still used in a few locations. TLS::Policy has changed and no longer has min_version. The new hook that replaces it is acceptable_protocol_version, which should return true if and only if we are willing to negotiate the version returned. This leads to a somewhat cleaner result and additionally allows one to do maybe interesting though mostly useless things like allowing TLS 1.0 or 1.2 but not 1.1. Fix the version sent in the (unused) DTLS hello verify message.
* Update the InnoSetup script:lloyd2012-07-113-19/+69
| | | | | | | | | | | | | | | | | | | | | - Have configure.py create a new var %{innosetup_arch} which means one doesn't have to remmeber to uncomment the ArchitecturesAllowed and ArchitecturesInstallIn64BitMode for 64-bit installs. Also it would theoretically work out of the box for IA-64 installs though this is completely untested. - InnoSetup 5.5 drops support for Windows 95/98/ME. While I'm in there, move MinVersion to 5.1 (XP) since 2000 is (as with 9x) totally an unknown quantity (not to mention EOLed). - No PDF manual anymore, don't try to install it - The files under doc are .rst rather than .txt now - Include %{arch} in OutputBaseFilename so I don't have to rename the output afterwards. and outline the process for creating the installer in release_process.rst
* Use subsections in 1.11.0 release notes.lloyd2012-07-114-32/+48
| | | | | | | | | Remove installer link for 1.8. Update 1.10 installer to 1.10.3 and link to signatures as well. Add note in download links that 1.11 requires a C++11 compiler. Add build records for Windows 1.10.3 with VC 2010.
* More release process docslloyd2012-07-101-13/+22
|
* Traceback by default on an exception throwlloyd2012-07-101-3/+3
|
* Fix --output-dir which did not work at all. Make compatible withlloyd2012-07-101-53/+71
| | | | | Python 3 (at the expense of 2.5 due to the exception catching syntax). Clean up exception handling a bit.
* Typo in the search and replacelloyd2012-07-101-2/+2
|
* Add deleted copy constructors/assignment operators where appropriate.lloyd2012-07-1014-18/+67
| | | | | Replace C++98 style private copy constructors/assignment ops with ones annotated with delete.
* Add a basic outline of how releases occur while it is fresh in mylloyd2012-07-102-0/+44
| | | | memory from the 1.10.3 release.
* Add relnotes and update download links for 1.10.3lloyd2012-07-103-3/+15
|
* Add a patch from Markus Wanner that extends DataSource (includinglloyd2012-07-0910-0/+72
| | | | | Pipe) with get_bytes_read() which returns the number of bytes read so far from that source.
* Add TLS::Channel::new_handshake_state which abstracts creating thelloyd2012-07-096-11/+27
| | | | handshaking state.
* More Doxygen warning fixeslloyd2012-07-093-0/+15
|
* Doxygen warning fixeslloyd2012-07-096-6/+44
|
* Fix leak in read_ssh example, reported by Martin Olsson to the mailing listlloyd2012-07-091-2/+3
|
* Add a LZMA filter contributed by Vojtech Krallloyd2012-07-097-1/+422
|
* Ignoring key/crt/pem is obnoxious because monotone won't let you evenlloyd2012-07-091-1/+1
| | | | explicitly add an ignored file.
* Drop the support page as FlexSecure doesn't provide any info aboutlloyd2012-07-094-24/+15
| | | | | | InSiTo or botan support anymore. Build records for 1.11.0 and 1.10.2
* The messages for assertion checks were done both ways, both "assertionlloyd2012-07-0915-25/+29
| | | | | | X is true" and "assertion X is false". Convert all of them to the form "assertion X is true" thus making it clear what it is that we are attempting to assert by testing the expression provided.
* Fix for bug 209. Required some reworking of the ASN.1 bytestringlloyd2012-07-098-47/+86
| | | | decoding code but seems an improvement.
* Remove BOTAN_ASSERT_FUNCTION, use __func__ which is now standard in C++11lloyd2012-07-092-41/+35
|
* Add a comment so I remember how to get warningslloyd2012-07-061-1/+3
|
* Doxygen commentslloyd2012-07-067-11/+133
|
* Add wikipedia extlinks target. Warn about SRP verifier being secretlloyd2012-07-062-2/+18
|
* Disable generating LaTeX Doxygen output as we don't really need it andlloyd2012-07-061-0/+8
| | | | it is very slow to generate.
* More Doxygen commentslloyd2012-07-062-3/+12
|
* Correct Doxygen commentslloyd2012-07-062-5/+5
|
* Outline of docs for SRPlloyd2012-07-062-0/+26
|
* Basic PSK documentationlloyd2012-07-061-3/+15
|
* A bit more OCSP documentationlloyd2012-07-051-3/+8
|