summaryrefslogtreecommitdiff
path: root/lib/ext/Makefile.am
Commit message (Collapse)AuthorAgeFilesLines
* Use https:// for www.gnu.org and www.example.comTim Rühsen2019-03-131-1/+1
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Implemented RFC7250 certificate type negotiation extensions.Tom Vrancken2018-08-201-1/+4
| | | | Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
* ext/record_size_limit: new extensionDaiki Ueno2018-08-201-1/+2
| | | | | | | | | | | This implements the record_size_limit extension as defined in RFC 8449. Although it obsoletes the max_record_size extension, for compatibility reasons GnuTLS still sends it on certain occasions. For example, when the new size is representable as the codepoint defined for max_record_size. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* TLS 1.3: ignore "early_data" extensionDaiki Ueno2018-08-061-1/+2
| | | | | | | | | | As 0-RTT is still not implemented in GnuTLS, the server responds with 1-RTT, by skipping decryption failure up to max_early_data_size, as suggested in 4.2.10 Early Data Detection. Resolves #512 Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Renamed extension supported ECC to supported groups. Fixes #451.Tom Vrancken2018-05-291-2/+4
| | | | | | Split combined ECC extensions into different files. Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
* Added support for out-of-band Pre-shared keys under TLS1.3Ander Juaristi2018-04-061-1/+2
| | | | | | | | | | | That adds support for pre-shared keys with and without Diffie-Hellman key exchange. That's a modified version of initial Ander's patch. Resolves #414 Resolves #125 Signed-off-by: Ander Juaristi <a@juaristi.eus> Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.org>
* handshake: added support for reading and sending cookie extensionNikos Mavrogiannopoulos2018-02-191-1/+2
| | | | | | That introduces an internal API to associate data to an extension. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Added support for key share extensionNikos Mavrogiannopoulos2018-02-191-1/+1
| | | | | | This enables TLS 1.3 key exchange based on the key share extension. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Added support for post handshake auth extensionNikos Mavrogiannopoulos2018-02-191-1/+2
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* handshake: added support for negotiating version using extensionNikos Mavrogiannopoulos2018-02-191-1/+2
| | | | | | | That is, introduced the TLS 1.3 supported_versions extension. It is currently only being used if negotiating TLS 1.3 or later. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Removed support for openpgp certificates and keysNikos Mavrogiannopoulos2017-06-161-4/+3
| | | | | | Resolves #178 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Makefile.am: moved common rules (AM_CFLAGS) to common.mkNikos Mavrogiannopoulos2016-04-121-1/+2
|
* Added support for RFC7366 (encrypt then authenticate)Nikos Mavrogiannopoulos2014-11-031-1/+1
| | | | | | | It implements a revised version of RFC7366, to avoid interoperability issues: http://www.ietf.org/mail-archive/web/tls/current/msg14349.html This is currently enabled by default, unless %NO_ETM, or %COMPAT is specified.
* Added support for the extended master secret calculationNikos Mavrogiannopoulos2014-10-081-2/+2
| | | | | That is performed implicitly unless GNUTLS_NO_EXTENSIONS is specified. The implementation follows draft-ietf-tls-session-hash-02.
* NEW_PADDING has been removed.Nikos Mavrogiannopoulos2014-03-051-2/+2
| | | | | | | This extension did not get accepted by IETF so it is now being removed. The gnutls_range API is kept in case length hiding is implemented in a different way at some point.
* Added %DUMBFW priority string option.Nikos Mavrogiannopoulos2013-11-101-1/+1
| | | | This works around issues when connecting behind some firewalls.
* Add NETTLE_CFLAGS in makefilesMartin Storsjo2013-06-061-1/+1
| | | | | | | | This is required for using nettle/memxor.h, which now is included implicitly via gnutls_int.h, if the nettle include directories aren't in one of the compiler standard paths. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Added support for the ALPN extension.Nikos Mavrogiannopoulos2013-04-101-0/+4
|
* Added a new record padding mechanism.Nikos Mavrogiannopoulos2013-01-021-1/+2
| | | | | | | | | | | | | It is negotiated via an extension and record data are now formatted as: ciphered-struct { opaque pad<0..2^16-1> opaque content[TLSCompressed.length]; opaque MAC[CipherSpec.hash_size]; } The ciphered-struct size is always 0 modulo the block size in block ciphers to avoid any need for additional padding. Added extension to negotiate new record padding.
* Added conditional to disable DTLS-SRTP support.Nikos Mavrogiannopoulos2012-11-051-1/+4
|
* Add support for DTLS-SRTP profile negotiation (RFC 5764)Martin Storsjo2012-11-011-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Implement status_request OCSP extension.Simon Josefsson2012-09-281-1/+3
|
* Added Heartbeat extension support.Olga2012-08-301-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Run 'make update-copyright'.Simon Josefsson2012-01-161-1/+1
|
* more builddir fixes by David Hoyt.Nikos Mavrogiannopoulos2011-10-221-0/+1
|
* Added -I$(builddir)/../../gl to CFLAGS.Nikos Mavrogiannopoulos2011-10-211-0/+1
|
* Clarify license and copyright.Simon Josefsson2011-08-031-7/+4
|
* Added new headers.gnutls_2_99_2Nikos Mavrogiannopoulos2011-05-261-1/+1
|
* Initial ecc support. Adds support for anonymous ECDH ciphersuites.Nikos Mavrogiannopoulos2011-05-201-1/+1
|
* The auth_ and ext_ files were moved to respective directories.Nikos Mavrogiannopoulos2011-04-161-0/+42
View Lorry Controller Status