aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/tls_extensions.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Mass-prefix member vars with m_René Korthaus2016-01-081-14/+14
|
* String comparision fixesDaniel Neus2016-01-041-2/+2
| | | | fix PVS-Studio perfomance warnings
* Add extended master secret extension (RFC 7627) to TLSJack Lloyd2016-01-031-2/+17
| | | | Interop tested with mbed TLS
* Reroot the exception hierarchy into a toplevel Exception classJack Lloyd2015-12-111-1/+1
| | | | | | | | As the alternatives are unfortunate for applications trying to catch all library errors, and it seems deriving from std::runtime_error causes problems with MSVC DLLs (GH #340) Effectively reverts 2837e915d82e43
* Fix various bugs found by Coverity scanner.lloyd2015-05-151-0/+4
| | | | | | | Uninitialized variables, missing divide by zero checks, missing virtual destructor, etc. Only thing serious is bug in TLS maximum fragment decoder; missing breaks in switch statement meant receiver would treat any negotiated max frament as 4k limit.
* Add ALPN (RFC 7301) and remove NPNlloyd2015-03-201-11/+28
|
* Ensure all files have copyright and license info.lloyd2015-01-101-1/+1
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Add DTLS-SRTP key establishment from RFC 5764 (required for WebRTC).lloyd2015-01-041-26/+67
| | | | | | | | | | | | | | Github issue 27. Refactor server hello handling to make it easier to handle other extensions. The manual specified that 224 bit NIST primes were disabled by default for TLS but they were not. Additionaly disable the 256k1 curve and reorder the remaining curves by size. Rewrite the max fragment length extension code to roughly what an ideal compiler would have turned the original code into, using a switch instead of a lookup into a small constant std::map.
* Have TLS_Data_Reader decoding errors include the actual msg type namelloyd2014-04-121-1/+1
|
* Verify that the server did not send any extension that the client didn'tlloyd2014-04-111-0/+8
| | | | offer. Previously the client only checked a couple of special cases.
* Move lib into srclloyd2014-01-101-0/+533