aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls
Commit message (Expand)AuthorAgeFilesLines
* Use bad_record_mac instead of decode_error for short TLS packetsJack Lloyd2018-04-161-1/+8
* Fix bug that broke session decryption (and thus resumption)Jack Lloyd2018-04-091-1/+1
* Fix off by one when decoding TLS-CBC ciphertextsJack Lloyd2018-04-093-27/+30
* Fix interop bug in TLS serverJack Lloyd2018-04-083-0/+33
* Add RAII versions of get_cipher_mode and get_aeadJack Lloyd2018-04-072-4/+3
* Export TLS::ExtensionJack Lloyd2018-03-311-1/+1
* Catch exceptions by reference not valueJack Lloyd2018-03-161-1/+1
* Avoid std::bind in Channel::received_dataJack Lloyd2018-03-051-2/+1
* Add missing overrides [ci skip]Jack Lloyd2018-02-191-1/+1
* Fix server use of EC point format extensionJack Lloyd2018-02-131-1/+1
* Remove house curve supportJack Lloyd2018-02-132-9/+0
* Add a test of TLS handshake with custom curve (secp112r1 in this case)Jack Lloyd2018-02-131-4/+21
* Add callback for decoding TLS group paramsJack Lloyd2018-02-134-3/+20
* Remove cruftJack Lloyd2018-02-134-114/+16
* Use enums for TLS key exchange group paramsJack Lloyd2018-02-1312-224/+246
* Use shared representation of EC_GroupJack Lloyd2018-01-311-1/+1
* Move generic TLS tests to test_tls.cppJack Lloyd2018-01-282-5/+7
* Reorder signature scheme listJack Lloyd2018-01-281-12/+20
* Use enums to represent TLS signature and kex algorithms.Jack Lloyd2018-01-2822-716/+1144
* Avoid resuming a session if policy doesn't allow itJack Lloyd2018-01-282-3/+4
* For TLS client auth add callback giving list of trusted CA namesJack Lloyd2018-01-274-5/+40
* Fix a few warningsJack Lloyd2018-01-271-2/+2
* Make it possible to test custom extensionsJack Lloyd2018-01-273-13/+59
* Add an examine callback alsoJack Lloyd2018-01-277-11/+45
* Add ability for application to control which TLS extensions are usedJack Lloyd2018-01-279-1/+56
* Remove vestigial support for TLS compressionJack Lloyd2018-01-2111-118/+60
* Avoid saving a resumed session multiple timesJack Lloyd2017-12-071-1/+3
* Handle #1303 on the server sideJack Lloyd2017-12-071-1/+13
* On resuming a client session, save the certificates that were used.Jack Lloyd2017-12-073-3/+17
* Fix formatting in TLS server code [ci skip]Jack Lloyd2017-12-071-193/+179
* Add copyright statements to files modified in the preceding 2 commitsHarry Reimann2017-12-0413-0/+13
* Move TLS signature and key exchange code into callbacksHarry Reimann2017-12-047-96/+237
* Make support for certificate status messages optional via policyHarry Reimann2017-12-046-10/+40
* Merge GH #1316 Various TLS fixesJack Lloyd2017-11-284-9/+24
|\
| * Add an explicit catch for a server trying to negotiate SSLv3Jack Lloyd2017-11-281-1/+7
| * Correct version selection logic in TLS serverJack Lloyd2017-11-281-0/+5
| * Tighten up checks on signature key exchange messageJack Lloyd2017-11-281-1/+1
| * Return correct alert type on malformed DH/ECDH messages.Jack Lloyd2017-11-281-7/+11
* | Run TLS hello random fields through SHA-256Jack Lloyd2017-11-281-1/+7
|/
* Throw a Decoding_Error if TLS AEAD packet is shorter than the tag.Jack Lloyd2017-11-261-0/+3
* Fix errors caught with tlsfuzzerJack Lloyd2017-11-263-10/+5
* Add <functional> include to TLS headers which use std::functionJack Lloyd2017-11-142-0/+2
* Remove final on TLS policy objects (GH #1292)Jack Lloyd2017-11-131-4/+4
* Add support for ARIA GCM ciphersuitesJack Lloyd2017-11-032-1/+19
* Avoid saving a session to SQL database with empty hostnameJack Lloyd2017-11-021-0/+3
* Merge GH #1275 Avoid needless throw/catch during TLS handshakeJack Lloyd2017-10-261-1/+2
|\
| * Added missing include.Frank Schoenmann2017-10-251-0/+1
| * Perform OIDS lookup before to prevent a guaranteed exception in EC_Group.Frank Schoenmann2017-10-251-1/+1
* | Avoid sending OCSP status request on resumption client helloJack Lloyd2017-10-251-2/+0
|/
* Convert http:// links to https:// where possibleJack Lloyd2017-10-241-1/+1