aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/tls_policy.cpp
Commit message (Expand)AuthorAgeFilesLines
* Fix DTLS version string.lloyd2012-07-281-8/+10
* Add a class that handles writing handshake messages instead of pushinglloyd2012-07-161-5/+5
* Changes to version handling in support of DTLS work.lloyd2012-07-121-2/+5
* Split TLS::Policy::allowed_hashes into allowed_signature_hashes andlloyd2012-06-291-17/+26
* Add TLS::Policy::minimum_dh_group_size, default 1024. Send anlloyd2012-06-251-0/+5
* Commented out entry for anon in default policy:lloyd2012-06-171-0/+1
* Profiling with valgrind shows that the 2**16 iteration for findinglloyd2012-06-141-16/+6
* Use initialize lists here, much cleanerlloyd2012-06-091-53/+44
* Compile fixlloyd2012-04-201-1/+1
* Put the implementation of Policy::dh_group in source so it's easier tolloyd2012-04-191-0/+5
* Finish up server side SRP support, a little ugly but it works.lloyd2012-04-061-14/+8
* Remove Policy::choose_compression and move to tls_serverlloyd2012-04-041-44/+30
* Limit the lifetime of tickets to Policy::session_ticket_lifetime()lloyd2012-04-041-40/+23
* Add anonymous DH/ECDH ciphersuites to the cipher list. Interop checkedlloyd2012-04-021-3/+4
* Remove the Ciphersuite_Code enum and move all ciphersuitelloyd2012-03-301-6/+3
* Move min_version and pref_version to the source file so they can belloyd2012-03-021-0/+10
* Support getting ciphersuites by name as well as suite IDlloyd2012-01-281-4/+5
* Add Camellia ciphersuites from RFC 4132.lloyd2012-01-281-1/+10
* Change naming convention to match RFCslloyd2012-01-271-2/+2
* Working though somewhat clumsy DHE_PSK and ECDHE_PSK. Tested against GnuTLSlloyd2012-01-271-1/+2
* Server side PSK kexlloyd2012-01-271-1/+4
* Add client-side support for PSK kex. Tested against OpenSSL.lloyd2012-01-271-4/+8
* Make Alert a first class object ala Version. Move the alert codes intolloyd2012-01-261-0/+1
* In earlier versions, key exchange == "RSA" meant export-stylelloyd2012-01-251-3/+5
* Go back to choosing the ciphersuite based on the server's preferences.lloyd2012-01-251-13/+9
* s/tls_suites/tls_ciphersuite/lloyd2012-01-241-1/+1
* Add support for the IDEA ciphersuite, though don't require it to belloyd2012-01-241-1/+7
* Fix ECC curve negotiation on the server side.lloyd2012-01-241-3/+8
* We can now actually handle multiple certificate types in the serverlloyd2012-01-241-14/+8
* ECDSA support. Only client side testedlloyd2012-01-241-1/+1
* Send the supported elliptic curves extension. Instead of hardcodinglloyd2012-01-241-0/+31
* Get the list of supported ECC curves out of the client hello, andlloyd2012-01-241-3/+7
* Allow ECDH negotiation by defaultlloyd2012-01-241-4/+1
* Cleanuplloyd2012-01-241-10/+10
* Since this branch is hugely API breaking already, go ahead and putlloyd2012-01-231-13/+17
* When generating a signature in TLS 1.2, respect the request of thelloyd2012-01-201-0/+3
* Ignore ECDH suites in replyinglloyd2012-01-201-0/+3
* Instead of using a hardcoded value for signature_algothms, go withlloyd2012-01-201-0/+3
* New policy methods. User provides lists of ciphers, hashes, etc theylloyd2012-01-201-81/+151
* Various and sundry bug fixeslloyd2012-01-191-2/+2
* Add the AES/SHA-256 suites to the standard lists. Works under TLS 1.2lloyd2012-01-191-0/+13
* Some basic infrastructure pieces for SRP (policy, etc)lloyd2011-12-311-8/+29
* Rename ssl module to tlslloyd2011-12-231-0/+118