aboutsummaryrefslogtreecommitdiffstats
path: root/src/cli/tls_server.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Tracing socket feature for the CLI TLS server.David Carlier2019-03-291-0/+27
| | | | For now FreeBSD DTrace support.
* Fix some extra semicolonsJack Lloyd2019-03-271-1/+1
|
* Windows compilation fixVitaly Ivanov2019-02-221-1/+1
|
* macOS fix for tls_server in UDP/DTLS modeVitaly Ivanov2019-02-211-1/+4
|
* Sandboxing feature from CLI pov.David Carlier2019-01-141-1/+3
| | | | | No resources to free with actual OS features but might be of use for later.
* Proposal of sandboxing feature.David Carlier2019-01-061-0/+6
| | | | For now only used by the TLS server.
* Avoid calling memset, memcpy within library codeJack Lloyd2018-11-171-1/+1
| | | | | | | | | Prefer using wrappers in mem_utils for this. Current exception is where memcpy is being used to convert between two different types, since copy_mem requires input and output pointers have the same type. There should be a new function to handle conversion-via-memcpy operation.
* Fix file descriptor leak in tls_serverJack Lloyd2018-06-291-0/+2
| | | | Coverity find
* Add --max-clients= option to tls_server CLIJack Lloyd2018-06-281-1/+8
| | | | | | | Killing the process seems to result in the coverage info being lost. I think because gcov writes during an exit handler which ends up not running if we SIGTERM
* Reorganize code to avoid cli/test build failures if filesystem disabledJack Lloyd2018-01-191-1/+2
| | | | Fixes #1422
* Merge GH #1387 Improve help output of cli toolJack Lloyd2018-01-141-0/+10
|\
| * Print a command description for cli helpRené Korthaus2018-01-041-0/+10
| |
* | Test OS features by the feature vs the OS nameJack Lloyd2017-12-301-1/+1
|/
* Convert TLS server to new style TLS interface (GH #1350)Jack Lloyd2017-12-231-78/+71
|
* Add wrapper functions to clean up cli code using socketsJack Lloyd2017-12-231-43/+4
|
* Refactor option parsing in cli and test codeJack Lloyd2017-10-241-0/+1
| | | | Allows cleaning up header includes, also somewhat smaller binaries.
* Remove various unused variablesJack Lloyd2017-10-021-1/+0
| | | | Sonar finds
* Use explicit :: or std:: to refer to functions in namespacesJack Lloyd2017-10-011-2/+2
|
* More include header cleanupsJack Lloyd2017-09-211-0/+1
|
* Fix bad write if a socket error occurred using --dump-tracesJack Lloyd2017-09-071-5/+5
| | | | Found by Coverity
* Add --dump-traces option to tls_serverJack Lloyd2017-09-021-1/+18
|
* Add a script for running TLS-Attacker, remove old shell scriptsJack Lloyd2017-09-021-20/+18
| | | | [ci skip]
* Enforce signature hash policy properlyJack Lloyd2017-08-311-1/+1
| | | | | | | | Previously if the client did not send signature_algorithms, or if it only included algos not in the policy, we would just fallback to the hardcoded SHA-1 default of TLS v1.2 Instead check the policy before accepting anything.
* Add support for Windows sockets to http_utilRené Korthaus2017-08-041-1/+38
| | | | | | Based on the work by @slicer4ever, adds support for Windows sockets to http_util. As a bonus, we get Windows support for tls_client and tls_server CLI.
* Reformat code with astyle + fix code styleTomasz Frydrych2017-05-011-29/+56
|
* TLS CBC functionality now exposed to the library developer. Useful for ↵Juraj Somorovsky2016-11-191-20/+31
| | | | | | direct TLS CBC testing. CLI TLS server now catches an exception if an invalid connection is received (Otherwise, the server always stopped working)
* Remove remaining old style casts.Jack Lloyd2016-11-091-3/+3
| | | | | | Still not a hard error even in maintainer mode because sometimes system headers pull in C style casts via macros (eg MAP_FAILED). But, it not being a hard error makes it easy to backslide.
* TLS Policy supportChristian Mainka2016-05-031-3/+20
| | | | | | | * --policy works for TLS Server and TLS Client * Example policy BSI_TR-02102-2.txt * Fine granular configuration for TLS 1.0, 1.1, 1.2 and DTLS 1.0 and 1.2 * Minimum ecdh and rsa group size
* Clean up PK decryption encoding.Jack Lloyd2016-03-201-21/+28
| | | | | | | Previously RSA and ElGamal stripped off leading zeros which were then assumed by the padding decoders. Instead have them produce ciphertexts with leading zeros. Changes EME_Raw to strip leading zeros to match existing behavior.
* Fix remaining Wshadow warnings and enable on gcc and clangRené Korthaus2016-02-181-3/+3
|
* Add final attribute to many classesJack Lloyd2016-01-101-1/+1
| | | | | | | In some cases this can offer better optimization, via devirtualization. And it lets the user know the class is not intended for derivation. Some discussion in GH #402
* Avoid having Command* objects be created until requested.Jack Lloyd2015-12-301-1/+1
| | | | Avoids various static init and destruction hassles.
* Add Command::rng()Jack Lloyd2015-12-271-6/+3
| | | | | | | for when a command wants an RNG but doesn't much care what kind. This adds a place where a future --rng-type= option can be consulted to eg use the system RNG or a user seeded DRBG.
* Remove all remaining uses of throwing a std:: exception directlyJack Lloyd2015-12-191-6/+6
| | | | See GH #340 and 6b9a3a5 for background
* CLI rewriteJack Lloyd2015-12-191-154/+130
| | | | | | | | | | | | | | | | | | The command line tools' origin as a collection of examples and test programs glued together led to some unfortunate problems; lots of hardcoded values, missing parameters, and obsolete crypto. Adds a small library for writing command line programs of the sort needed here (cli.h), which cuts the length of many of the commands in half and makes commands more pleasant to write and extend. Generalizes a lot of the commands also, eg previously only signing/verification with DSA/SHA-1 was included! Removes the fuzzer entry point since that's fairly useless outside of an instrumented build. Removes the in-library API for benchmarking.
* Rename cmd/app -> cliSimon Warta2015-12-091-0/+270