Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | do not reset length | Nikos Mavrogiannopoulos | 2011-09-08 | 1 | -1/+1 |
| | |||||
* | Do not send an empty extension structure in server hello. This affects | Nikos Mavrogiannopoulos | 2011-09-08 | 1 | -0/+1 |
| | | | | | old implementations that do not support extensions. Reported by J. Cameijo Cerdeira. | ||||
* | Clarify license and copyright. | Simon Josefsson | 2011-08-03 | 1 | -1/+1 |
| | |||||
* | Upgraded to LGPLv3. | Nikos Mavrogiannopoulos | 2011-06-23 | 1 | -5/+3 |
| | |||||
* | Initial ecc support. Adds support for anonymous ECDH ciphersuites. | Nikos Mavrogiannopoulos | 2011-05-20 | 1 | -0/+9 |
| | |||||
* | Some debugging moved to a higher level. | Nikos Mavrogiannopoulos | 2011-05-17 | 1 | -5/+5 |
| | |||||
* | Session tickets are included unconditionally. | Nikos Mavrogiannopoulos | 2011-04-16 | 1 | -2/+0 |
| | |||||
* | The auth_ and ext_ files were moved to respective directories. | Nikos Mavrogiannopoulos | 2011-04-16 | 1 | -8/+8 |
| | |||||
* | Corrected signature generation and verification | Nikos Mavrogiannopoulos | 2011-02-12 | 1 | -1/+1 |
| | | | | | in the Certificate Verify message when in TLS 1.2. Reported by Todd A. Ouska. | ||||
* | The extensions code is now using the gnutls_buffer_st. | Nikos Mavrogiannopoulos | 2011-02-09 | 1 | -54/+30 |
| | |||||
* | Removed functions: | Nikos Mavrogiannopoulos | 2011-02-05 | 1 | -34/+0 |
| | | | | | | gnutls_ext_register, gnutls_certificate_get_x509_crls, gnutls_certificate_get_x509_cas and bumped library version number. | ||||
* | Do not include deprecated functions to library documentation. | Nikos Mavrogiannopoulos | 2010-12-19 | 1 | -3/+3 |
| | |||||
* | Indented code. Use same indentation but with -nut to avoid usage of tabs. In ↵ | Nikos Mavrogiannopoulos | 2010-12-16 | 1 | -175/+175 |
| | | | | several editors tabs can be configured not to be 8 spaces and this produces artifacts with the current indentation that is a mixture of tabs and spaces. | ||||
* | Indent (using GNU indent 2.2.11). | Simon Josefsson | 2010-10-14 | 1 | -145/+175 |
| | |||||
* | Corrected bugs when restoring extensions during session resumtion. | Nikos Mavrogiannopoulos | 2010-09-29 | 1 | -7/+8 |
| | |||||
* | Use more informative logging for extensions. | Nikos Mavrogiannopoulos | 2010-09-29 | 1 | -0/+4 |
| | |||||
* | Added Camellia-128/256, SHA-224/384/512 and support for DSA2 when using nettle. | Nikos Mavrogiannopoulos | 2010-07-29 | 1 | -1/+0 |
| | |||||
* | Corrections in the new session packing code. Saving absolute positions in ↵ | Nikos Mavrogiannopoulos | 2010-06-19 | 1 | -4/+3 |
| | | | | | | | buffers is no longer done. Now we store only and offset to allow reallocating the buffer and still do the correct reference. | ||||
* | Simplified and made more safe the packing of data for session storage. ↵ | Nikos Mavrogiannopoulos | 2010-06-13 | 1 | -79/+351 |
| | | | | | | | | | Extensions use the internal API to store/retrieve during resumption. Removed OPRFI since it was never standardized and was never actually included in gnutls since it was in inactive ifdef. This was instead of rewriting it to use the new API. | ||||
* | Change GNUTLS into GnuTLS. | Simon Josefsson | 2010-05-22 | 1 | -2/+2 |
| | |||||
* | Indent code. | Simon Josefsson | 2010-04-14 | 1 | -5/+4 |
| | |||||
* | Extension generation in SSL 3.0 (as a reply to SCSV) is not using | Nikos Mavrogiannopoulos | 2010-03-11 | 1 | -2/+5 |
| | | | | | common code with normal extension generation. Solve issue reported by Tomas Mraz that caused SSL 3.0 renegotiation fail. | ||||
* | Fix GTK-DOC syntax. Unfortunately this looses some information. | Simon Josefsson | 2010-02-17 | 1 | -1/+1 |
| | |||||
* | Update copyright years. | Simon Josefsson | 2010-01-27 | 1 | -1/+2 |
| | |||||
* | Fix FSF copyright notices. | Simon Josefsson | 2010-01-27 | 1 | -1/+1 |
| | |||||
* | Specify in detail what to be copied when resuming. It seems there | Nikos Mavrogiannopoulos | 2010-01-13 | 1 | -1/+3 |
| | | | | | | are extensions (like safe renegotiation) that do not need to read the stored values. Moreover this might overcome any bugs by the extensions that used to store pointers in the extension structure. | ||||
* | When resuming no extensions were parsed thus the safe | Nikos Mavrogiannopoulos | 2010-01-12 | 1 | -1/+1 |
| | | | | | | | | renegotiation extension was ignored as well causing a false detection of unsafe session. Corrected by making a special class of extensions called RESUMED. Those are parsed even when resuming (normally we don't do it to prevent clients overwriting capabilities and credentials). | ||||
* | Added Steve Dispensa's patch for safe renegotiation (with artistic changes). | Nikos Mavrogiannopoulos | 2010-01-12 | 1 | -1/+2 |
| | | | | Effectively reverted my previous patch 1a338cbaaeec11d958de8da4d1ae036979fccf3e. | ||||
* | Added safe renegotiation patch from Steve Dispensa, modified to suit gnutls | Nikos Mavrogiannopoulos | 2010-01-11 | 1 | -0/+9 |
| | | | | | | | code style and error checking. Modified to conform to draft-ietf-tls-renegotiation-03.txt. gnutls-cli will search input for **RENEGOTIATION** to perform a renegotiation and gnutls-serv will perform one if requested. | ||||
* | Indent code. | Simon Josefsson | 2009-11-05 | 1 | -8/+8 |
| | |||||
* | Improved TLS 1.2 support. Added support for the SignatureAlgorithm extension | Nikos Mavrogiannopoulos | 2009-11-01 | 1 | -0/+9 |
| | | | | | | | | | as well for the SignatureAlgorithm in certificate request. Limitation for TLS 1.2 clients: Only SHA1 or SHA256 are supported for generating signatures in certificate verify message. That is to avoid storing all handshake messages in memory. To be reconsidered in the future. | ||||
* | Fix whitespace. | Simon Josefsson | 2009-08-19 | 1 | -1/+1 |
| | |||||
* | session ticket support | Daiki Ueno | 2009-08-19 | 1 | -2/+27 |
| | | | | Signed-off-by: Simon Josefsson <simon@josefsson.org> | ||||
* | Mark global extfunc_size as having static scope. | Simon Josefsson | 2009-06-08 | 1 | -1/+1 |
| | |||||
* | Deinitalize extension global variable properly. | Simon Josefsson | 2009-06-08 | 1 | -1/+3 |
| | | | | See <http://bugs.gentoo.org/272388>. | ||||
* | Fix warnings. | Simon Josefsson | 2008-11-12 | 1 | -1/+1 |
| | |||||
* | Fix warnings. | Simon Josefsson | 2008-11-12 | 1 | -2/+2 |
| | |||||
* | Fix mem leak. | Simon Josefsson | 2008-11-11 | 1 | -0/+6 |
| | |||||
* | Indent. | Simon Josefsson | 2008-09-16 | 1 | -4/+4 |
| | |||||
* | Re-add, but mark static. | Simon Josefsson | 2008-08-29 | 1 | -0/+12 |
| | |||||
* | Fix warnings. | Simon Josefsson | 2008-08-28 | 1 | -12/+0 |
| | |||||
* | Doc fixes. | Simon Josefsson | 2008-08-14 | 1 | -0/+2 |
| | |||||
* | Move TLS/IA features to libgnutls-extra. | Simon Josefsson | 2008-07-08 | 1 | -9/+0 |
| | |||||
* | Add APIs to register TLS extension handlers. | Simon Josefsson | 2008-07-03 | 1 | -82/+140 |
| | |||||
* | Indent code. | Simon Josefsson | 2008-07-02 | 1 | -15/+19 |
| | |||||
* | Fix gcc warnings. | Simon Josefsson | 2008-03-19 | 1 | -2/+2 |
| | |||||
* | Changes for post_client_hello_function(). The extensions are now parsed in a | Nikos | 2007-12-16 | 1 | -7/+13 |
| | | | | | | | | | | callback friendly way. Extensions are now split to APPLICATION and TLS layer. The APPLICATION layer extensions are parsed before the callback function is called and the others afterwards. This allows the callback to change the behavior of the TLS layer parsers by using the data of the APPLICATION layer extensions. Currently the only application layer extension is defined to be the server name indication extension. | ||||
* | Changed my name to my "official" name. | Nikos Mavrogiannopoulos | 2007-10-30 | 1 | -1/+1 |
| | |||||
* | Remove tls-authz. | Simon Josefsson | 2007-10-17 | 1 | -9/+0 |
| | |||||
* | ** Added capability to set a callback after the client hello is received | Nikos Mavrogiannopoulos | 2007-10-08 | 1 | -2/+2 |
| | | | | | | | | | | | | by the server in order to adjust parameters before the handshake. ** SRP was corrected to adhere (more) to the latest draft (published soon as RFC) ** Corrected bug which did not allow a server to run without supporting certificates. ** Updated the DN parser which now prints wrongly decoded values as hex strings. |