aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/tls_messages.h
Commit message (Expand)AuthorAgeFilesLines
* Add TLS::Policy::minimum_dh_group_size, default 1024. Send anlloyd2012-06-251-0/+1
* Make TLS::Channel::send non-virtual as neither Client nor Serverlloyd2012-06-181-0/+1
* A fix for bug 192. First, when renegotiating in the client, attempt tolloyd2012-06-091-0/+1
* Replace 0 and NULL pointer constants with nullptr. Also fix an oldlloyd2012-05-181-1/+1
* Fairly huge update that replaces the old secmem types with std::vectorlloyd2012-05-181-60/+61
* Add a bool param to renegotiate on if we should force a fulllloyd2012-04-181-0/+1
* Add support for TLS heartbeats (RFC 6520). Heartbeat initiations fromlloyd2012-04-161-15/+22
* Finish up server side SRP support, a little ugly but it works.lloyd2012-04-061-1/+6
* Initial client-side support for SRP (finally!). Tested against OpenSSLlloyd2012-04-051-0/+1
* Limit the lifetime of tickets to Policy::session_ticket_lifetime()lloyd2012-04-041-23/+10
* Revert the session_ticket callback in credentials manager. If a PSKlloyd2012-03-231-0/+1
* Include the curves and sig algos list in a session resumption clientlloyd2012-03-231-0/+1
* Server side handling of session tickets, though currently with alloyd2012-03-221-3/+9
* Basic protocol message flow for session ticketslloyd2012-03-201-12/+10
* Various merge fixups.lloyd2012-03-161-4/+4
* propagate from branch 'net.randombit.botan.tls-state-machine' (head c24b5d6b0...lloyd2012-03-161-101/+126
|\
| * Add SecureQueue::emptylloyd2012-03-071-0/+20
| * Add an abstraction for reading handshake messages (as DTLS handles itlloyd2012-03-051-4/+4
| * Move the handshake serialization code to Record_Writerlloyd2012-03-031-3/+3
| * Server side PSKlloyd2012-01-271-6/+5
| * Somewhat cleaner PSK handlinglloyd2012-01-271-3/+4
| * Server side PSK kexlloyd2012-01-271-2/+3
| * Add client-side support for PSK kex. Tested against OpenSSL.lloyd2012-01-271-0/+4
| * Move all key exchange mechanism code (eg DH/ECDH/SRP) out of thelloyd2012-01-251-3/+9
| * s/tls_suites/tls_ciphersuite/lloyd2012-01-241-1/+1
| * We can now actually handle multiple certificate types in the serverlloyd2012-01-241-2/+4
| * Remove Certificate_Type enumlloyd2012-01-241-2/+2
| * Send the supported elliptic curves extension. Instead of hardcodinglloyd2012-01-241-2/+3
| * Get the list of supported ECC curves out of the client hello, andlloyd2012-01-241-0/+3
| * Working ECDH key exchange. Only tested on client side but seems goodlloyd2012-01-241-2/+1
| * Don't assume the server key exchange consists of a series of BigInts.lloyd2012-01-241-3/+2
| * Make the version number a proper class, makes many things much easierlloyd2012-01-231-12/+12
| * Since this branch is hugely API breaking already, go ahead and putlloyd2012-01-231-21/+25
| * Remove the key() method on server key exchange - instead leave it tolloyd2012-01-231-1/+2
| * Have the client key exchange examine the server key exchange messagelloyd2012-01-231-5/+3
| * When generating a signature in TLS 1.2, respect the request of thelloyd2012-01-201-0/+6
| * Instead of using a hardcoded value for signature_algothms, go withlloyd2012-01-201-1/+3
| * TLS_Ciphersuite_Algos was just a strange level of indirection betweenlloyd2012-01-201-10/+10
| * Basic processing for signature_algorithms extension in client hellolloyd2012-01-201-0/+2
| * Initialize values once in constructor instead of in each branchlloyd2012-01-201-7/+1
| * Many fixes for TLS 1.2 though some things in particular client authlloyd2012-01-201-6/+8
| * Various and sundry bug fixeslloyd2012-01-191-0/+2
| * Kinda maybe working TLS 1.2 for clients. Not well tested at all, but alloyd2012-01-191-1/+7
| * Remove Handshake_Message::deserialize which was an unnecessary hook.lloyd2012-01-191-20/+10
| * I'm not sure if I like this asthetically, but passing around thelloyd2012-01-191-29/+10
| * Support SSLv3 client auth on the client side.lloyd2012-01-191-0/+2
* | Build fixeslloyd2012-01-111-2/+6
* | Outline of RFC 5077 session ticketslloyd2012-01-111-0/+28
|/
* As someone pointed out on the TLS list, NPN isn't really a negotiationlloyd2012-01-041-2/+2
* The first 4 bytes of the client and server randoms are supposed to belloyd2012-01-041-0/+2