summaryrefslogtreecommitdiff
path: root/lib/gnutls_extensions.c
Commit message (Collapse)AuthorAgeFilesLines
* do not reset lengthNikos Mavrogiannopoulos2011-09-081-1/+1
|
* Do not send an empty extension structure in server hello. This affectsNikos Mavrogiannopoulos2011-09-081-0/+1
| | | | | old implementations that do not support extensions. Reported by J. Cameijo Cerdeira.
* Clarify license and copyright.Simon Josefsson2011-08-031-1/+1
|
* Upgraded to LGPLv3.Nikos Mavrogiannopoulos2011-06-231-5/+3
|
* Initial ecc support. Adds support for anonymous ECDH ciphersuites.Nikos Mavrogiannopoulos2011-05-201-0/+9
|
* Some debugging moved to a higher level.Nikos Mavrogiannopoulos2011-05-171-5/+5
|
* Session tickets are included unconditionally.Nikos Mavrogiannopoulos2011-04-161-2/+0
|
* The auth_ and ext_ files were moved to respective directories.Nikos Mavrogiannopoulos2011-04-161-8/+8
|
* Corrected signature generation and verificationNikos Mavrogiannopoulos2011-02-121-1/+1
| | | | | in the Certificate Verify message when in TLS 1.2. Reported by Todd A. Ouska.
* The extensions code is now using the gnutls_buffer_st.Nikos Mavrogiannopoulos2011-02-091-54/+30
|
* Removed functions:Nikos Mavrogiannopoulos2011-02-051-34/+0
| | | | | | gnutls_ext_register, gnutls_certificate_get_x509_crls, gnutls_certificate_get_x509_cas and bumped library version number.
* Do not include deprecated functions to library documentation.Nikos Mavrogiannopoulos2010-12-191-3/+3
|
* Indented code. Use same indentation but with -nut to avoid usage of tabs. In ↵Nikos Mavrogiannopoulos2010-12-161-175/+175
| | | | several editors tabs can be configured not to be 8 spaces and this produces artifacts with the current indentation that is a mixture of tabs and spaces.
* Indent (using GNU indent 2.2.11).Simon Josefsson2010-10-141-145/+175
|
* Corrected bugs when restoring extensions during session resumtion.Nikos Mavrogiannopoulos2010-09-291-7/+8
|
* Use more informative logging for extensions.Nikos Mavrogiannopoulos2010-09-291-0/+4
|
* Added Camellia-128/256, SHA-224/384/512 and support for DSA2 when using nettle.Nikos Mavrogiannopoulos2010-07-291-1/+0
|
* Corrections in the new session packing code. Saving absolute positions in ↵Nikos Mavrogiannopoulos2010-06-191-4/+3
| | | | | | | buffers is no longer done. Now we store only and offset to allow reallocating the buffer and still do the correct reference.
* Simplified and made more safe the packing of data for session storage. ↵Nikos Mavrogiannopoulos2010-06-131-79/+351
| | | | | | | | | Extensions use the internal API to store/retrieve during resumption. Removed OPRFI since it was never standardized and was never actually included in gnutls since it was in inactive ifdef. This was instead of rewriting it to use the new API.
* Change GNUTLS into GnuTLS.Simon Josefsson2010-05-221-2/+2
|
* Indent code.Simon Josefsson2010-04-141-5/+4
|
* Extension generation in SSL 3.0 (as a reply to SCSV) is not usingNikos Mavrogiannopoulos2010-03-111-2/+5
| | | | | common code with normal extension generation. Solve issue reported by Tomas Mraz that caused SSL 3.0 renegotiation fail.
* Fix GTK-DOC syntax. Unfortunately this looses some information.Simon Josefsson2010-02-171-1/+1
|
* Update copyright years.Simon Josefsson2010-01-271-1/+2
|
* Fix FSF copyright notices.Simon Josefsson2010-01-271-1/+1
|
* Specify in detail what to be copied when resuming. It seems thereNikos Mavrogiannopoulos2010-01-131-1/+3
| | | | | | are extensions (like safe renegotiation) that do not need to read the stored values. Moreover this might overcome any bugs by the extensions that used to store pointers in the extension structure.
* When resuming no extensions were parsed thus the safeNikos Mavrogiannopoulos2010-01-121-1/+1
| | | | | | | | renegotiation extension was ignored as well causing a false detection of unsafe session. Corrected by making a special class of extensions called RESUMED. Those are parsed even when resuming (normally we don't do it to prevent clients overwriting capabilities and credentials).
* Added Steve Dispensa's patch for safe renegotiation (with artistic changes).Nikos Mavrogiannopoulos2010-01-121-1/+2
| | | | Effectively reverted my previous patch 1a338cbaaeec11d958de8da4d1ae036979fccf3e.
* Added safe renegotiation patch from Steve Dispensa, modified to suit gnutlsNikos Mavrogiannopoulos2010-01-111-0/+9
| | | | | | | code style and error checking. Modified to conform to draft-ietf-tls-renegotiation-03.txt. gnutls-cli will search input for **RENEGOTIATION** to perform a renegotiation and gnutls-serv will perform one if requested.
* Indent code.Simon Josefsson2009-11-051-8/+8
|
* Improved TLS 1.2 support. Added support for the SignatureAlgorithm extensionNikos Mavrogiannopoulos2009-11-011-0/+9
| | | | | | | | | as well for the SignatureAlgorithm in certificate request. Limitation for TLS 1.2 clients: Only SHA1 or SHA256 are supported for generating signatures in certificate verify message. That is to avoid storing all handshake messages in memory. To be reconsidered in the future.
* Fix whitespace.Simon Josefsson2009-08-191-1/+1
|
* session ticket supportDaiki Ueno2009-08-191-2/+27
| | | | Signed-off-by: Simon Josefsson <simon@josefsson.org>
* Mark global extfunc_size as having static scope.Simon Josefsson2009-06-081-1/+1
|
* Deinitalize extension global variable properly.Simon Josefsson2009-06-081-1/+3
| | | | See <http://bugs.gentoo.org/272388>.
* Fix warnings.Simon Josefsson2008-11-121-1/+1
|
* Fix warnings.Simon Josefsson2008-11-121-2/+2
|
* Fix mem leak.Simon Josefsson2008-11-111-0/+6
|
* Indent.Simon Josefsson2008-09-161-4/+4
|
* Re-add, but mark static.Simon Josefsson2008-08-291-0/+12
|
* Fix warnings.Simon Josefsson2008-08-281-12/+0
|
* Doc fixes.Simon Josefsson2008-08-141-0/+2
|
* Move TLS/IA features to libgnutls-extra.Simon Josefsson2008-07-081-9/+0
|
* Add APIs to register TLS extension handlers.Simon Josefsson2008-07-031-82/+140
|
* Indent code.Simon Josefsson2008-07-021-15/+19
|
* Fix gcc warnings.Simon Josefsson2008-03-191-2/+2
|
* Changes for post_client_hello_function(). The extensions are now parsed in aNikos2007-12-161-7/+13
| | | | | | | | | | callback friendly way. Extensions are now split to APPLICATION and TLS layer. The APPLICATION layer extensions are parsed before the callback function is called and the others afterwards. This allows the callback to change the behavior of the TLS layer parsers by using the data of the APPLICATION layer extensions. Currently the only application layer extension is defined to be the server name indication extension.
* Changed my name to my "official" name.Nikos Mavrogiannopoulos2007-10-301-1/+1
|
* Remove tls-authz.Simon Josefsson2007-10-171-9/+0
|
* ** Added capability to set a callback after the client hello is receivedNikos Mavrogiannopoulos2007-10-081-2/+2
| | | | | | | | | | | | by the server in order to adjust parameters before the handshake. ** SRP was corrected to adhere (more) to the latest draft (published soon as RFC) ** Corrected bug which did not allow a server to run without supporting certificates. ** Updated the DN parser which now prints wrongly decoded values as hex strings.