Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Last u32bit->size_t for ssl | lloyd | 2010-10-15 | 1 | -25/+25 |
| | |||||
* | Require a TLS_Policy | lloyd | 2010-09-17 | 1 | -8/+11 |
| | |||||
* | Add a helper function for encoding TLS values with length tagging | lloyd | 2010-09-15 | 1 | -18/+4 |
| | |||||
* | Hide a number of the internal SSL headers from the user, you can still | lloyd | 2010-09-15 | 1 | -1/+1 |
| | | | | see too much but better than before. | ||||
* | Update all uses of MemoryRegion::append to use either push_back or operator+= | lloyd | 2010-09-15 | 1 | -20/+22 |
| | |||||
* | More vector->pointer conversion removals. | lloyd | 2010-09-13 | 1 | -5/+3 |
| | | | | | | | | | | | Add RandomNumberGenerator::random_vec, which takes an length n and returns a new SecureVector with randomized contents of that size. This nicely covers most of the cases where randomize was being called on a vector, and is a little cleaner in the code as well, instead of vec.resize(length); rng.randomize(&vec[0], vec.size()); we just write vec = rng.random_vec(length); | ||||
* | Use "/*" instead of "/**" in starting comments at the begining of a file. | lloyd | 2010-06-07 | 1 | -1/+1 |
| | | | | | This caused Doxygen to think this was markup meant for it, which really caused some clutter in the namespace page. | ||||
* | If we couldn't agree on a suite, fail immediately | lloyd | 2010-04-20 | 1 | -0/+5 |
| | |||||
* | Add support for reading SSLv2 client hellos | lloyd | 2010-04-17 | 1 | -0/+34 |
| | |||||
* | Instead of just discarding the extension size, confirm that the | lloyd | 2010-03-30 | 1 | -1/+4 |
| | | | | | claimed length matches the length of the data left in the client hello packet. | ||||
* | Support TLS Extensions, specifically SNI | lloyd | 2010-03-30 | 1 | -35/+29 |
| | |||||
* | Add a class that knows how to decode a (very small subset of) TLS data | lloyd | 2010-03-30 | 1 | -45/+76 |
| | | | | | | formatting. Particularly useful in the ClientHello, but generally helps centralize the offset handling, which was particularly unreadable in the hello messages. | ||||
* | Don't fail simply because the client sent a version code that we don't | lloyd | 2010-03-30 | 1 | -6/+0 |
| | | | | | | | | know about; just continue and the server will choose either whatever the client supports, if it knows about it, or else the latest version it supports. So for instance if a client attempts to negotiate TLS 1.2, we'll not know about that version and return a ServerHello for 1.1 instead. | ||||
* | Fix server handshake. | lloyd | 2010-03-30 | 1 | -4/+6 |
| | | | | Support TLS 1.1 servers | ||||
* | Add support for TLS v1.1's per-record random IV. Tested against GnuTLS server. | lloyd | 2010-03-30 | 1 | -1/+5 |
| | |||||
* | Remove use of old PKCS8_ and X509_ typedefs | lloyd | 2010-02-16 | 1 | -1/+1 |
| | |||||
* | Rename Policy to TLS_Policy. | lloyd | 2010-02-16 | 1 | -2/+2 |
| | | | | Put TLS_ in all the header guards to reduce the odds of conflicts. | ||||
* | Various minor SSL fixes | lloyd | 2010-02-14 | 1 | -2/+0 |
| | |||||
* | Import latest version of Ajisai into src/ssl; once this hits mainline | lloyd | 2010-01-11 | 1 | -0/+267 |
I'll officially kill off Ajisai (instead of it just lingering as a zombine as it is currently). Apparently I broke something (or multiple things) during the import process; servers crash and clients gets MAC errors on connect. |