aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls
Commit message (Expand)AuthorAgeFilesLines
* Clean up TLS ciphersuite handlingJack Lloyd2016-08-163-696/+193
* Remove unused kdf2 dependency from tls moduleRené Korthaus2016-07-041-1/+0
* Various fixes with bsi module policyRené Korthaus2016-07-042-2/+8
* Merge GH #495 Add label argument to KDF::derive_keyJack Lloyd2016-06-173-10/+12
|\
| * make sure kdf labels are always usedKai Michaelis2016-06-013-10/+12
| * add label parameter to KDF::derive_keyKai Michaelis2016-05-193-4/+4
* | Save the IETF ciphersute name directly in TLS::CiphersuiteJack Lloyd2016-06-093-444/+364
|/
* Add explicit static_cast operations to eliminate implicit cast compiler warni...Dan Brown2016-04-278-23/+21
* Change calls to 'get_byte' to explicitly cast parameters and eliminate compil...Dan Brown2016-04-275-25/+25
* Fix return type of TLS_Reader::get_u32bitJack Lloyd2016-04-211-2/+2
* Don't reject TLS packets with zero plaintext bytesJack Lloyd2016-04-151-13/+13
* Update OCB ciphersuites to follow new nonce scheme from -04 draftJack Lloyd2016-04-041-37/+37
* Add IETF standard ChaCha20Poly1305 ciphersuites to TLSJack Lloyd2016-03-233-23/+83
* Add PK_Decryptor::decrypt_or_randomJack Lloyd2016-03-201-30/+22
* Remove support for TLS v1.2 MD5 and SHA-224 signatures.Jack Lloyd2016-03-172-53/+3
* Client must verify that the server sent an ECC curve which policy accepts.Jack Lloyd2016-03-173-0/+13
* TLS client featuresJack Lloyd2016-03-161-0/+3
* Check that TLS signature type is accepted by the policy.Jack Lloyd2016-03-069-38/+106
* Remaining cppcheck fixes that are not covered by GH #444Daniel Neus2016-03-059-33/+20
* cppcheck fixes: Class 'X' has a constructor with 1 argument that is not expli...Daniel Neus2016-03-058-27/+27
* Fix remaining Wshadow warnings and enable on gcc and clangRené Korthaus2016-02-181-2/+4
* Reject zero length TLS records out of hand.Jack Lloyd2016-02-161-4/+11
* Make SRP6 support optional in TLSJack Lloyd2016-02-0710-20/+72
* Remove support for the TLS min fragment length extension.Jack Lloyd2016-02-0711-147/+18
* Remove TLS heartbeat support.Jack Lloyd2016-02-0715-290/+1
* Avoid set<Ciphersuite>Jack Lloyd2016-01-171-6/+7
* Add final attribute to many classesJack Lloyd2016-01-106-30/+30
* Mass-prefix member vars with m_René Korthaus2016-01-086-54/+54
* Precompile the list of TLS ciphersuitesJack Lloyd2016-01-063-294/+458
* String comparision fixesDaniel Neus2016-01-048-14/+14
* Add extended master secret extension (RFC 7627) to TLSJack Lloyd2016-01-0310-12/+118
* Merge pull request #378 from neusdan/warning_fixesJack Lloyd2015-12-261-1/+1
|\
| * some trivial compiler/PVS-Studio warning fixesDaniel Neus2015-12-221-1/+1
* | Fix a few clang warnings. Set clang sanitizer flagsJack Lloyd2015-12-241-1/+1
|/
* Remove debug printfJack Lloyd2015-12-211-1/+0
* Remove all remaining uses of throwing a std:: exception directlyJack Lloyd2015-12-191-1/+1
* CLI rewriteJack Lloyd2015-12-191-2/+0
* Missing addsJack Lloyd2015-12-113-3/+0
* Reroot the exception hierarchy into a toplevel Exception classJack Lloyd2015-12-1110-19/+19
* Fix bug causing TLS client to sometimes reject DHE server kexJack Lloyd2015-11-132-35/+16
* Add remove_all to TLS session manager interfaceJack Lloyd2015-11-135-44/+57
* Drop the DH group check to a weaker version of the checksJack Lloyd2015-11-131-2/+3
* Add TLS_PSK testsJack Lloyd2015-11-133-14/+5
* Add check for path validation result in Credentials_Manager. GH #324Jack Lloyd2015-11-041-5/+8
* Merge pull request #314 from randombit/ct-tls-cbc-paddingJack Lloyd2015-10-2617-190/+382
|\
| * Asan fix - referencing &vec[vec.size()] instead of vec.end()Jack Lloyd2015-10-261-22/+3
| * TLS improvementsJack Lloyd2015-10-2516-168/+379
* | Fix cert validation bugs found by x509test.Jack Lloyd2015-10-231-7/+14
|/
* Remove use of lookup.h in favor of new T::create API.Jack Lloyd2015-09-215-25/+14
* Internal header cleanupsJack Lloyd2015-09-192-2/+1