| Commit message (Expand) | Author | Age | Files | Lines |
* | Replace 0 and NULL pointer constants with nullptr. Also fix an old | lloyd | 2012-05-18 | 1 | -5/+5 |
* | Fairly huge update that replaces the old secmem types with std::vector | lloyd | 2012-05-18 | 1 | -6/+6 |
* | Huge pile of post merge fixups, mtn really fucked that merge | lloyd | 2012-04-25 | 1 | -6/+6 |
* | Add a bool param to renegotiate on if we should force a full | lloyd | 2012-04-18 | 1 | -7/+12 |
* | The secure renegotiation state was not updated on a session | lloyd | 2012-04-18 | 1 | -9/+7 |
* | As best I can tell the client is allowed to send a certificate chain | lloyd | 2012-04-16 | 1 | -5/+0 |
* | Add support for TLS heartbeats (RFC 6520). Heartbeat initiations from | lloyd | 2012-04-16 | 1 | -0/+5 |
* | Finish up server side SRP support, a little ugly but it works. | lloyd | 2012-04-06 | 1 | -3/+22 |
* | Remove Policy::choose_compression and move to tls_server | lloyd | 2012-04-04 | 1 | -2/+19 |
* | Limit the lifetime of tickets to Policy::session_ticket_lifetime() | lloyd | 2012-04-04 | 1 | -22/+60 |
* | Revert the session_ticket callback in credentials manager. If a PSK | lloyd | 2012-03-23 | 1 | -38/+29 |
* | Add a special hook in credentials manager for the session ticket key, | lloyd | 2012-03-23 | 1 | -17/+33 |
* | Only claim we support session tickets if we actually have a key of | lloyd | 2012-03-23 | 1 | -3/+10 |
* | Call Credentials_Manager::psk for the session ticket key. | lloyd | 2012-03-22 | 1 | -11/+24 |
* | Server side handling of session tickets, though currently with a | lloyd | 2012-03-22 | 1 | -24/+68 |
* | Basic protocol message flow for session tickets | lloyd | 2012-03-20 | 1 | -0/+1 |
* | Add an abstraction for reading handshake messages (as DTLS handles it | lloyd | 2012-03-05 | 1 | -9/+9 |
* | We would call the handshake callback twice on session resumption: | lloyd | 2012-02-28 | 1 | -20/+19 |
* | Actually check CA signatures in Credentials_Manager. This area needs a | lloyd | 2012-02-01 | 1 | -1/+1 |
* | Support getting ciphersuites by name as well as suite ID | lloyd | 2012-01-28 | 1 | -2/+2 |
* | Server side PSK | lloyd | 2012-01-27 | 1 | -7/+4 |
* | Somewhat cleaner PSK handling | lloyd | 2012-01-27 | 1 | -2/+2 |
* | Server side PSK kex | lloyd | 2012-01-27 | 1 | -3/+2 |
* | First attempt to get certificates matching the name the client sent in | lloyd | 2012-01-27 | 1 | -3/+27 |
* | Change callback interface to pass the Alert object itself instead | lloyd | 2012-01-26 | 1 | -3/+3 |
* | Make Alert a first class object ala Version. Move the alert codes into | lloyd | 2012-01-26 | 1 | -7/+7 |
* | Deleting the return of private_key_for in the TLS server forces the | lloyd | 2012-01-26 | 1 | -7/+9 |
* | Move around the order of arguments to activate() and add the | lloyd | 2012-01-25 | 1 | -3/+6 |
* | In earlier versions, key exchange == "RSA" meant export-style | lloyd | 2012-01-25 | 1 | -2/+2 |
* | Move all key exchange mechanism code (eg DH/ECDH/SRP) out of the | lloyd | 2012-01-25 | 1 | -37/+16 |
* | Fix printing PSK ciphersuites. Better assert msg. | lloyd | 2012-01-25 | 1 | -1/+2 |
* | Go back to choosing the ciphersuite based on the server's preferences. | lloyd | 2012-01-25 | 1 | -0/+3 |
* | We can now actually handle multiple certificate types in the server | lloyd | 2012-01-24 | 1 | -17/+31 |
* | Send the supported elliptic curves extension. Instead of hardcoding | lloyd | 2012-01-24 | 1 | -1/+12 |
* | Forgot to check in server side ECDH key gen | lloyd | 2012-01-24 | 1 | -3/+11 |
* | The credentials manager interface seems a much better place for cert | lloyd | 2012-01-23 | 1 | -2/+10 |
* | Add Ciphersuite::to_string | lloyd | 2012-01-23 | 1 | -2/+2 |
* | Make the version number a proper class, makes many things much easier | lloyd | 2012-01-23 | 1 | -11/+11 |
* | Since this branch is hugely API breaking already, go ahead and put | lloyd | 2012-01-23 | 1 | -19/+23 |
* | Instead of using a hardcoded value for signature_algothms, go with | lloyd | 2012-01-20 | 1 | -0/+1 |
* | New policy methods. User provides lists of ciphers, hashes, etc they | lloyd | 2012-01-20 | 1 | -7/+4 |
* | If the client sent something > TLS 1.2, we sould respond as TLS 1.1 | lloyd | 2012-01-20 | 1 | -16/+10 |
* | Somewhat contorted, but fixes the issue with sending hash/sig ids with | lloyd | 2012-01-20 | 1 | -2/+3 |
* | TLS_Ciphersuite_Algos was just a strange level of indirection between | lloyd | 2012-01-20 | 1 | -5/+5 |
* | Many fixes for TLS 1.2 though some things in particular client auth | lloyd | 2012-01-20 | 1 | -3/+7 |
* | Various and sundry bug fixes | lloyd | 2012-01-19 | 1 | -1/+1 |
* | I'm not sure if I like this asthetically, but passing around the | lloyd | 2012-01-19 | 1 | -27/+10 |
* | The server would incorrectly send a server key exchange message when a | lloyd | 2012-01-06 | 1 | -19/+13 |
* | If the maximum fragment extension was negotiated, enforce it. Also | lloyd | 2012-01-05 | 1 | -0/+6 |
* | Add a hook in TLS_Channel that is called when an alert is received. | lloyd | 2012-01-04 | 1 | -0/+12 |