aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls
Commit message (Expand)AuthorAgeFilesLines
* Merge GH #872 Add ability for TLS servers to prohibit renegotiationJack Lloyd2017-09-193-2/+16
|\
| * Fix logic of renegotiation checkJack Lloyd2017-02-203-4/+6
| * Add TLS::Policy::allow_client_initiated_renegotiationJack Lloyd2017-02-193-2/+14
* | Use constant_time_compare instead of same_memJack Lloyd2017-09-162-3/+3
* | Correct TLS::Policy::latest_supported_versionJack Lloyd2017-09-041-2/+16
* | De-inline accessor functions in Client_Hello typeJack Lloyd2017-09-012-93/+130
* | Don't try enforcing the hash policy for PSK ciphersuitesJack Lloyd2017-09-011-1/+1
* | Enforce signature hash policy properlyJack Lloyd2017-08-314-17/+61
* | More MSVC warnings fixesJack Lloyd2017-08-312-6/+6
* | Fix various MSVC warningsJack Lloyd2017-08-312-4/+7
* | Avoid false positive valgrind in TLS CBC decryptionJack Lloyd2017-08-291-2/+2
* | Add support for ECDHE_PSK AEAD ciphersuitesJack Lloyd2017-08-221-2/+6
* | Initialize member var in Certificate_Status_RequestJack Lloyd2017-08-031-1/+2
* | Correct failure when renegotiating with old serverJack Lloyd2017-06-041-1/+1
* | Make it easier to customize Text_Policy when inheriting from itlouiz’2017-04-271-1/+1
* | Add some missing function overrides in TLS::Text_Policylouiz’2017-04-251-0/+12
* | Use 3 arg BOTAN_UNUSED in a codepath that is compiled oftenSimon Warta2017-04-171-3/+1
* | Content:Tomasz Frydrych2017-04-0314-68/+60
* | Remove "Dirty hack" for multiple defines in lex_me_harder()Simon Warta2017-04-024-4/+12
|/
* Add static_cast in uint8_t vs enum comparison.Jack Lloyd2017-01-281-2/+2
* Merge GH #814 Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-061-0/+10
|\
| * Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-051-0/+10
* | Add tests for certificate status messageJack Lloyd2017-01-041-8/+8
|/
* Increase default TLS DH min to 2048 bits, and add BSI policy class.Jack Lloyd2016-12-302-2/+56
* Add CECPQ1 OCB ciphersuitesJack Lloyd2016-12-301-1/+3
* Prohibit SHA256/SHA384 ciphersuites in TLS 1.0/1.1 (GH #496)Jack Lloyd2016-12-281-3/+10
* Export tls_messages.h as a public headerRené Korthaus2016-12-2320-30/+43
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-1855-880/+881
* Disable TLS signature and finished message checks in fuzzer modeJack Lloyd2016-12-173-3/+23
* Fix bad deref when ciphersuite value is larger than largest known idJack Lloyd2016-12-051-1/+1
* Add TLS::Policy::require_cert_revocation_infoJack Lloyd2016-11-283-1/+14
* Merge GH #738 Add OCSP stapling to TLS clientJack Lloyd2016-11-2812-44/+291
|\
| * Add OCSP stapling support to TLS clientJack Lloyd2016-11-2612-44/+291
* | No reason to deprecate this (only internally called) constructorJack Lloyd2016-11-261-1/+2
* | Add TLS::Policy::to_stringJack Lloyd2016-11-262-0/+13
|/
* Merge GH #653 OCSP and X.509 path validation refactorJack Lloyd2016-11-259-86/+149
|\
| * Add missing Doxygen param [ci skip]Jack Lloyd2016-11-251-0/+2
| * Add minimum_signature_strenght to Text_PolicyJack Lloyd2016-11-252-3/+9
| * Add TLS::Policy::minimum_signature_strengthJack Lloyd2016-11-256-5/+25
| * Address review comments from @cordneyJack Lloyd2016-11-251-0/+1
| * Add the documented function for OCSP timeoutsJack Lloyd2016-11-232-3/+10
| * Move TLS cert verification callback from Credentials_Manager to TLS::CallbacksJack Lloyd2016-11-237-83/+110
* | Simplify TLS::Ciphersuite::cbc_ciphersuiteJack Lloyd2016-11-251-3/+1
* | Simplify TLS::Handshake_Hash::updateJack Lloyd2016-11-251-9/+5
|/
* TLS CBC functionality now exposed to the library developer. Useful for direct...Juraj Somorovsky2016-11-191-1/+1
* Order default TLS ECC curve preferences by performanceJack Lloyd2016-11-191-4/+6
* Add CECPQ1 TLS ciphersuitesJack Lloyd2016-11-176-14/+92
* Fix incompatability with (some) common TLS stackJack Lloyd2016-11-164-15/+26
* Add new TLS callback for when session is activatedJack Lloyd2016-11-162-0/+8
* Pubkey cleanupsJack Lloyd2016-11-121-3/+1