aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/tls_record.cpp
Commit message (Expand)AuthorAgeFilesLines
* Rewrite the TLS padding comparison to be constant timelloyd2013-04-161-6/+6
* Add support for AEAD modes in TLS. Add GCM ciphersuites.lloyd2013-04-111-5/+121
* Mark Channel IO buffers for zeroinglloyd2013-04-101-3/+3
* Add a param to Connection_Cipher_State so it knows which directionlloyd2013-04-101-0/+1
* Move assert.h from internal to very public (included in types.h)lloyd2013-03-131-1/+0
* Move the major TLS record MAC check and decrypt routines to their ownlloyd2013-02-111-75/+112
* Move record decrypt to its own functionlloyd2013-02-111-86/+104
* Don't need to pass the sequence numbers struct in here, all we need islloyd2012-12-141-3/+1
* Re-add support for reading SSLv2 client helloslloyd2012-12-101-11/+13
* Add a Record struct to combine the record contents, type, sequence #,lloyd2012-12-101-14/+21
* Changes so DTLS handshake can send messages under different epochs, eglloyd2012-11-121-5/+6
* Pass read_record a callback mapping epoch to cipher state so it canlloyd2012-11-061-4/+22
* Store cipher states in Channel instead of Handshake_State. Keep alllloyd2012-11-061-7/+8
* CBC overwrote (encrypted) the following block in write_record. Illoyd2012-09-121-1/+4
* Set m_readbuf_pos == m_readbuf.size(), resizing the vector as neededlloyd2012-09-111-27/+20
* Pass the record sequence # up to Channellloyd2012-09-111-8/+7
* Move the record type checks up to Channel as besides that the recordlloyd2012-09-111-19/+1
* New logic for DTLS replay detection. Abstracts the sequence handlinglloyd2012-09-101-4/+19
* Create the IO in Channel and then pass it down to new_handshake_statelloyd2012-09-091-1/+2
* Store the is-SSLv3 flag in the cipher state as the difference is onlylloyd2012-09-091-21/+13
* Clean up includeslloyd2012-09-091-0/+2
* Small cleanuplloyd2012-09-081-1/+5
* This check is boguslloyd2012-09-071-9/+0
* Fixes for server record handling, where we don't know the versionlloyd2012-09-071-31/+43
* In Channel move some checks to after we've verified needed == 0 tolloyd2012-09-071-8/+9
* Remove bogus forced 64 byte mtu.lloyd2012-09-071-3/+15
* Minimize header size dependencies in record readinglloyd2012-09-061-13/+18
* Reject a SSLv2 mapped DTLS client hello as serious bogosity.lloyd2012-09-061-0/+4
* Avoid secure_vector allocation per block on TLS CBC decryptlloyd2012-09-061-1/+3
* Have write_record resize the vector as it goes, thus the return valuelloyd2012-09-061-36/+26
* Make Channel::m_state privatelloyd2012-09-061-1/+0
* Inline Record_Reader to Channel as welllloyd2012-09-061-1/+1
* Move record reading also to a stand alone functionlloyd2012-09-061-1/+274
* Move the actual creation of new TLS records to TLS::write_record whichlloyd2012-09-061-0/+119
* Move record cipher state to its own class. Currently write side only.lloyd2012-09-061-0/+75