aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls
Commit message (Expand)AuthorAgeFilesLines
* Add missing overrides [ci skip]Jack Lloyd2018-02-191-1/+1
* Fix server use of EC point format extensionJack Lloyd2018-02-131-1/+1
* Remove house curve supportJack Lloyd2018-02-132-9/+0
* Add a test of TLS handshake with custom curve (secp112r1 in this case)Jack Lloyd2018-02-131-4/+21
* Add callback for decoding TLS group paramsJack Lloyd2018-02-134-3/+20
* Remove cruftJack Lloyd2018-02-134-114/+16
* Use enums for TLS key exchange group paramsJack Lloyd2018-02-1312-224/+246
* Use shared representation of EC_GroupJack Lloyd2018-01-311-1/+1
* Move generic TLS tests to test_tls.cppJack Lloyd2018-01-282-5/+7
* Reorder signature scheme listJack Lloyd2018-01-281-12/+20
* Use enums to represent TLS signature and kex algorithms.Jack Lloyd2018-01-2822-716/+1144
* Avoid resuming a session if policy doesn't allow itJack Lloyd2018-01-282-3/+4
* For TLS client auth add callback giving list of trusted CA namesJack Lloyd2018-01-274-5/+40
* Fix a few warningsJack Lloyd2018-01-271-2/+2
* Make it possible to test custom extensionsJack Lloyd2018-01-273-13/+59
* Add an examine callback alsoJack Lloyd2018-01-277-11/+45
* Add ability for application to control which TLS extensions are usedJack Lloyd2018-01-279-1/+56
* Remove vestigial support for TLS compressionJack Lloyd2018-01-2111-118/+60
* Avoid saving a resumed session multiple timesJack Lloyd2017-12-071-1/+3
* Handle #1303 on the server sideJack Lloyd2017-12-071-1/+13
* On resuming a client session, save the certificates that were used.Jack Lloyd2017-12-073-3/+17
* Fix formatting in TLS server code [ci skip]Jack Lloyd2017-12-071-193/+179
* Add copyright statements to files modified in the preceding 2 commitsHarry Reimann2017-12-0413-0/+13
* Move TLS signature and key exchange code into callbacksHarry Reimann2017-12-047-96/+237
* Make support for certificate status messages optional via policyHarry Reimann2017-12-046-10/+40
* Merge GH #1316 Various TLS fixesJack Lloyd2017-11-284-9/+24
|\
| * Add an explicit catch for a server trying to negotiate SSLv3Jack Lloyd2017-11-281-1/+7
| * Correct version selection logic in TLS serverJack Lloyd2017-11-281-0/+5
| * Tighten up checks on signature key exchange messageJack Lloyd2017-11-281-1/+1
| * Return correct alert type on malformed DH/ECDH messages.Jack Lloyd2017-11-281-7/+11
* | Run TLS hello random fields through SHA-256Jack Lloyd2017-11-281-1/+7
|/
* Throw a Decoding_Error if TLS AEAD packet is shorter than the tag.Jack Lloyd2017-11-261-0/+3
* Fix errors caught with tlsfuzzerJack Lloyd2017-11-263-10/+5
* Add <functional> include to TLS headers which use std::functionJack Lloyd2017-11-142-0/+2
* Remove final on TLS policy objects (GH #1292)Jack Lloyd2017-11-131-4/+4
* Add support for ARIA GCM ciphersuitesJack Lloyd2017-11-032-1/+19
* Avoid saving a session to SQL database with empty hostnameJack Lloyd2017-11-021-0/+3
* Merge GH #1275 Avoid needless throw/catch during TLS handshakeJack Lloyd2017-10-261-1/+2
|\
| * Added missing include.Frank Schoenmann2017-10-251-0/+1
| * Perform OIDS lookup before to prevent a guaranteed exception in EC_Group.Frank Schoenmann2017-10-251-1/+1
* | Avoid sending OCSP status request on resumption client helloJack Lloyd2017-10-251-2/+0
|/
* Convert http:// links to https:// where possibleJack Lloyd2017-10-241-1/+1
* Merge GH #1263 Support FFDHE negotiation in TLSJack Lloyd2017-10-229-28/+206
|\
| * Remove check for negotiated DH group in TLS clientRené Korthaus2017-10-201-29/+0
| * Fall back to default group if client does not send any DH groupsRené Korthaus2017-10-202-2/+19
| * Add allowed values for allowed groupsRené Korthaus2017-10-181-3/+13
| * Add supported groups TLS extension (RFC 7919)René Korthaus2017-10-1710-27/+207
* | Remove redundant checkJack Lloyd2017-10-201-3/+0
* | Use base CBC modes to implement TLS CBC ciphersuitesJack Lloyd2017-10-193-49/+36
|/
* Additional final annotationsJack Lloyd2017-10-151-2/+2