aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
Commit message (Collapse)AuthorAgeFilesLines
...
* Add sync handshake function to Blocking_Clientlloyd2013-03-012-8/+32
|
* Blocking_Client fixes. Add relnotelloyd2013-02-284-16/+7
|
* Initial blocking client interface for simple uses and 1.10 compatlloyd2013-02-282-0/+174
|
* Move the major TLS record MAC check and decrypt routines to their ownlloyd2013-02-111-75/+112
| | | | functions
* Move record decrypt to its own functionlloyd2013-02-111-86/+104
|
* Simplify this catchlloyd2013-02-111-6/+1
|
* Prefer RC4 over AES. Gak.lloyd2013-02-061-3/+3
|
* Don't need to pass the sequence numbers struct in here, all we need islloyd2012-12-143-5/+3
| | | | the value we want to use this time.
* Re-add support for reading SSLv2 client helloslloyd2012-12-102-11/+22
|
* Add a Record struct to combine the record contents, type, sequence #,lloyd2012-12-105-82/+104
| | | | and version into a single value.
* Change Credentials_Manager::trusted_certificate_authorities to returnlloyd2012-11-134-11/+17
| | | | | | | | | a list of Certificate_Stores instead of a list of actual certs, allowing for instance the ability to reference a DB cert store without actually pulling all the certs into memory. Add Certificate_Store::all_subjects which returns the DNs of all contained certificates.
* Changes so DTLS handshake can send messages under different epochs, eglloyd2012-11-127-55/+85
| | | | for retransmitting a flight.
* Remove Channel::m_max_fragment. Instead derive it from the serverlloyd2012-11-074-29/+27
| | | | | | hello. This also fixes a bug where a client which sent the fragment limit would enforce it even for servers which did not support the extension.
* Store the maximum fragment value instead of the code, convert to thelloyd2012-11-072-37/+31
| | | | code on serialize/deserialize.
* Remove Channel::m_connection_closed, instead deriving it from other statelloyd2012-11-072-8/+11
|
* Pass read_record a callback mapping epoch to cipher state so it canlloyd2012-11-064-53/+38
| | | | read out of order messages in DTLS.
* Add Channel::pending_state and Channel::active_state, use where possiblelloyd2012-11-062-73/+84
|
* Store cipher states in Channel instead of Handshake_State. Keep alllloyd2012-11-067-66/+145
| | | | | around by default, expiring them as they are no longer needed. Expiration logic for DTLS needs some work.
* Split asn1_obj.h into asn1_alt_name.h, asn1_attribute.h, andlloyd2012-11-061-0/+6
| | | | asn1_time.h
* Move Channel::is_{active,closed} to source filelloyd2012-11-012-2/+12
|
* Add TLS::Policy::negotiate_heartbeat_support which controls if thelloyd2012-10-135-3/+20
| | | | | | client will offer heartbeats (or if a server will negotiate them if the client offers). Defaults to false, which is probably the right behavior in terms of minimizing surprise and attack surface.
* Remove TLS::Policy::pref_version. Instead pass the version to offer tolloyd2012-10-135-15/+19
| | | | | | | | the Client constructor. Defaults to the most recent version of TLS. Allows TLS or DTLS, and means that it's possible to back down on the offered version, without requiring a Policy implementation with mutable state.
* Add TLS::Server_Information to encapsulate the hostname/port pair.lloyd2012-10-1313-103/+179
| | | | | | | Add a service identifier as well, to help out clients which may want to negotiate multiple protocols over a single port and need to keep the sessions disambiguated. Not sure if that is useful, but it might be.
* Generate the fake pre master needed if the RSA computation fails aheadlloyd2012-10-021-4/+16
| | | | of time. Otherwise we expose a timing channel WRT using the RNG.
* Missing return valuelloyd2012-09-191-0/+1
|
* Inline Channel::{read,write}_cipher_state, only one caller eachlloyd2012-09-142-24/+11
|
* Expose to public in TLS::Channel peer_supports_heartbeats,lloyd2012-09-131-6/+16
| | | | heartbeat_sending_allowed, and secure_renegotiation_supported.
* Store the cipher states in the handshake state object as shared_ptrs.lloyd2012-09-134-43/+94
| | | | | | One notable change here is that after we send a close_alert, we ignore any data that follows. That is somewhat unfortunate actually, but overall this change is important (for DTLS).
* Update creators of Session to new constructorlloyd2012-09-122-2/+0
|
* It seems other implementations define the secure renegotiation flag tolloyd2012-09-123-16/+3
| | | | | | | | be part of the connection rather than part of the session. That really does make more sense, so go with it. Changes the format of serialized sessions, but we already broke that with the crypto change.
* A quite different approach to extension handling, store both inboundlloyd2012-09-128-282/+233
| | | | | | | | | and outbound extensions in an Extension, and pull out values as requested. This is to some extent just a cleanup but also assures us that the client and the server do agree on what extensions were set. Previously it was possible for extensions to mismatch, eg we set a field in the client hello structure but it didn't make it into an extension.
* Spellinglloyd2012-09-126-18/+17
|
* Duplicated extension checks!lloyd2012-09-121-12/+0
|
* Remove Channel::m_secure_renegotiation, instead derive from current state.lloyd2012-09-122-46/+23
|
* CBC overwrote (encrypted) the following block in write_record. Illoyd2012-09-121-1/+4
| | | | | | | | | | | | | | missed it before because the buffer was pre-sized to maximum allowable, thus it just encrypted something we never sent. However after the buffer sizes were set to zero, it would start encrypting ... something ... after the block. This would manifest by strange crashes during a full client renegotiation. The problem was that the buffer was sized up a bit for sending the unencrypted messages (client kex, etc) and so we had some wiggle room. However sending an encrypted client kex took more space than that (due to the MAC, etc) so a full renegotiation would cause values to be overwritten.
* Formattinglloyd2012-09-111-2/+2
|
* Clean up the handling of close notify alerts a bit. Also returnlloyd2012-09-111-6/+7
| | | | | immediately from received_data when we see a fatal alert - we are uninterested in any further data at that point.
* Typolloyd2012-09-111-1/+1
|
* Add helper functionlloyd2012-09-112-7/+8
|
* Set m_readbuf_pos == m_readbuf.size(), resizing the vector as neededlloyd2012-09-115-34/+21
| | | | rather than preallocating the maximum possible size.
* The write buffer is cleared and rewritten by write_record, so we don'tlloyd2012-09-112-6/+5
| | | | | | need to pre-size it. Reorganize Channel members a bit
* Pass the record sequence # up to Channellloyd2012-09-113-12/+13
|
* Move the record type checks up to Channel as besides that the recordlloyd2012-09-113-41/+22
| | | | reader doesn't care what the record type is.
* No reason to pass a u16bit by referencelloyd2012-09-102-2/+2
|
* New logic for DTLS replay detection. Abstracts the sequence handlinglloyd2012-09-106-30/+168
| | | | out a bit. Handling of initial server record is pretty nasty.
* Consider DTLS v1.0 and v1.2 knownlloyd2012-09-091-2/+3
|
* Expect a cookie field in a DTLS client hellolloyd2012-09-091-0/+3
|
* Rename functionlloyd2012-09-092-16/+16
|
* Remove redundant Channel::m_current_versionlloyd2012-09-094-30/+30
|
* Create the IO in Channel and then pass it down to new_handshake_statelloyd2012-09-097-37/+39
| | | | as the logic is the same for both cases.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-22 12:10:40 +0000