aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/tls_policy.cpp
Commit message (Expand)AuthorAgeFilesLines
* Use enums for TLS key exchange group paramsJack Lloyd2018-02-131-75/+57
* Use enums to represent TLS signature and kex algorithms.Jack Lloyd2018-01-281-6/+28
* Avoid resuming a session if policy doesn't allow itJack Lloyd2018-01-281-2/+3
* Remove vestigial support for TLS compressionJack Lloyd2018-01-211-8/+0
* Add copyright statements to files modified in the preceding 2 commitsHarry Reimann2017-12-041-0/+1
* Make support for certificate status messages optional via policyHarry Reimann2017-12-041-0/+2
* Add support for ARIA GCM ciphersuitesJack Lloyd2017-11-031-0/+2
* Add supported groups TLS extension (RFC 7919)René Korthaus2017-10-171-5/+46
* Apply final annotations to the library alsoJack Lloyd2017-09-221-1/+1
* De-inline TLS::Text_PolicyJack Lloyd2017-09-211-0/+2
* More include header cleanupsJack Lloyd2017-09-211-1/+0
* Header file cleanupsJack Lloyd2017-09-211-0/+1
* Merge GH #872 Add ability for TLS servers to prohibit renegotiationJack Lloyd2017-09-191-0/+1
|\
| * Fix logic of renegotiation checkJack Lloyd2017-02-201-1/+1
| * Add TLS::Policy::allow_client_initiated_renegotiationJack Lloyd2017-02-191-0/+1
* | Correct TLS::Policy::latest_supported_versionJack Lloyd2017-09-041-2/+16
* | Enforce signature hash policy properlyJack Lloyd2017-08-311-0/+5
|/
* Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-051-0/+10
* Increase default TLS DH min to 2048 bits, and add BSI policy class.Jack Lloyd2016-12-301-2/+1
* Prohibit SHA256/SHA384 ciphersuites in TLS 1.0/1.1 (GH #496)Jack Lloyd2016-12-281-3/+10
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-181-7/+7
* Add TLS::Policy::require_cert_revocation_infoJack Lloyd2016-11-281-0/+5
* Add TLS::Policy::to_stringJack Lloyd2016-11-261-0/+7
* Add minimum_signature_strenght to Text_PolicyJack Lloyd2016-11-251-1/+2
* Add TLS::Policy::minimum_signature_strengthJack Lloyd2016-11-251-0/+5
* Order default TLS ECC curve preferences by performanceJack Lloyd2016-11-191-4/+6
* Add CECPQ1 TLS ciphersuitesJack Lloyd2016-11-171-1/+2
* Pubkey cleanupsJack Lloyd2016-11-121-3/+1
* Change TLS default policy to disable DSA, CCM-8, and static RSAJack Lloyd2016-11-021-8/+23
* X25519 key exchange for TLSJack Lloyd2016-10-211-0/+1
* TLS: Split CBC+HMAC modes to standalone AEAD_ModeJack Lloyd2016-10-071-1/+8
* Support encoding of supported point formats extensionRené Korthaus2016-10-031-0/+5
* Address some issues with PR 492Jack Lloyd2016-08-131-9/+60
* Encrypt-then-MAC extension (RFC 7366)Juraj Somorovsky2016-05-111-0/+2
* TLS Policy supportChristian Mainka2016-05-031-11/+39
* Remove support for TLS v1.2 MD5 and SHA-224 signatures.Jack Lloyd2016-03-171-11/+0
* Client must verify that the server sent an ECC curve which policy accepts.Jack Lloyd2016-03-171-0/+5
* Check that TLS signature type is accepted by the policy.Jack Lloyd2016-03-061-0/+5
* Make SRP6 support optional in TLSJack Lloyd2016-02-071-2/+2
* Remove TLS heartbeat support.Jack Lloyd2016-02-071-2/+0
* Avoid set<Ciphersuite>Jack Lloyd2016-01-171-6/+7
* Remove all remaining uses of throwing a std:: exception directlyJack Lloyd2015-12-191-1/+1
* Add TLS_PSK testsJack Lloyd2015-11-131-5/+2
* TLS improvementsJack Lloyd2015-10-251-2/+11
* Add a runtime map of string->func() which when called returnlloyd2015-01-281-14/+42
* Add Strict_Policy. Disable server initiated renegotiation by default.lloyd2015-01-231-9/+6
* Add support for configuring a TLS::Policy by text filelloyd2015-01-231-2/+46
* Update TLS OCB ciphersuites to match draft-zauner-tls-aes-ocb-00lloyd2015-01-211-0/+2
* Ensure all files have copyright and license info.lloyd2015-01-101-1/+1
* Remove config used for testing DTLS-SRTPlloyd2015-01-041-3/+2