aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/tls_policy.cpp
Commit message (Expand)AuthorAgeFilesLines
* Shuffle things around. Add NIST X.509 test to build.lloyd2014-01-011-286/+0
* Have default TLS policy reject SSLv3. Add TLS::Policy::acceptable_ciphersuitelloyd2013-12-101-7/+15
* Disable RC4 in TLS by defaultlloyd2013-11-291-1/+1
* Add Brainpool curves to TLS, and prefer them by default.lloyd2013-09-081-0/+3
* Enable CCM ciphersuites in TLS. Disable SHA-1 for signatures in TLS v1.2lloyd2013-09-061-4/+8
* Change default policy to prohibit DTLS to minimize surprise.lloyd2013-07-101-3/+4
* Some small TLS doc updateslloyd2013-04-191-0/+2
* Rename ARC4 to RC4lloyd2013-04-191-2/+2
* Add a policy for Suite B 128-bitlloyd2013-04-121-5/+0
* Add support for AEAD modes in TLS. Add GCM ciphersuites.lloyd2013-04-111-4/+6
* Only negotiate an AEAD mode when using 1.2lloyd2013-04-111-0/+4
* Make ciphersuite_list a virtual member of TLS::Policylloyd2013-04-101-8/+9
* Add TLS::Policy::server_uses_own_ciphersuite_preferences()lloyd2013-03-211-0/+8
* Prefer RC4 over AES. Gak.lloyd2013-02-061-3/+3
* Changes so DTLS handshake can send messages under different epochs, eglloyd2012-11-121-4/+1
* Remove TLS::Policy::pref_version. Instead pass the version to offer tolloyd2012-10-131-5/+0
* No reason to pass a u16bit by referencelloyd2012-09-101-1/+1
* Fix DTLS version string.lloyd2012-07-281-8/+10
* Add a class that handles writing handshake messages instead of pushinglloyd2012-07-161-5/+5
* Changes to version handling in support of DTLS work.lloyd2012-07-121-2/+5
* Split TLS::Policy::allowed_hashes into allowed_signature_hashes andlloyd2012-06-291-17/+26
* Add TLS::Policy::minimum_dh_group_size, default 1024. Send anlloyd2012-06-251-0/+5
* Commented out entry for anon in default policy:lloyd2012-06-171-0/+1
* Profiling with valgrind shows that the 2**16 iteration for findinglloyd2012-06-141-16/+6
* Use initialize lists here, much cleanerlloyd2012-06-091-53/+44
* Compile fixlloyd2012-04-201-1/+1
* Put the implementation of Policy::dh_group in source so it's easier tolloyd2012-04-191-0/+5
* Finish up server side SRP support, a little ugly but it works.lloyd2012-04-061-14/+8
* Remove Policy::choose_compression and move to tls_serverlloyd2012-04-041-44/+30
* Limit the lifetime of tickets to Policy::session_ticket_lifetime()lloyd2012-04-041-40/+23
* Add anonymous DH/ECDH ciphersuites to the cipher list. Interop checkedlloyd2012-04-021-3/+4
* Remove the Ciphersuite_Code enum and move all ciphersuitelloyd2012-03-301-6/+3
* Move min_version and pref_version to the source file so they can belloyd2012-03-021-0/+10
* Support getting ciphersuites by name as well as suite IDlloyd2012-01-281-4/+5
* Add Camellia ciphersuites from RFC 4132.lloyd2012-01-281-1/+10
* Change naming convention to match RFCslloyd2012-01-271-2/+2
* Working though somewhat clumsy DHE_PSK and ECDHE_PSK. Tested against GnuTLSlloyd2012-01-271-1/+2
* Server side PSK kexlloyd2012-01-271-1/+4
* Add client-side support for PSK kex. Tested against OpenSSL.lloyd2012-01-271-4/+8
* Make Alert a first class object ala Version. Move the alert codes intolloyd2012-01-261-0/+1
* In earlier versions, key exchange == "RSA" meant export-stylelloyd2012-01-251-3/+5
* Go back to choosing the ciphersuite based on the server's preferences.lloyd2012-01-251-13/+9
* s/tls_suites/tls_ciphersuite/lloyd2012-01-241-1/+1
* Add support for the IDEA ciphersuite, though don't require it to belloyd2012-01-241-1/+7
* Fix ECC curve negotiation on the server side.lloyd2012-01-241-3/+8
* We can now actually handle multiple certificate types in the serverlloyd2012-01-241-14/+8
* ECDSA support. Only client side testedlloyd2012-01-241-1/+1
* Send the supported elliptic curves extension. Instead of hardcodinglloyd2012-01-241-0/+31
* Get the list of supported ECC curves out of the client hello, andlloyd2012-01-241-3/+7
* Allow ECDH negotiation by defaultlloyd2012-01-241-4/+1
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-21 07:42:33 +0000