Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | only send EtM extension if we have CBC ciphersuites | Nikos Mavrogiannopoulos | 2015-04-01 | 1 | -0/+1 |
| | |||||
* | Added the CHACHA20-POLY1305 ciphersuites (with random IDs) | Nikos Mavrogiannopoulos | 2015-03-28 | 1 | -0/+20 |
| | |||||
* | do not penalize CBC ciphers with the maximum send data size | Nikos Mavrogiannopoulos | 2015-03-28 | 1 | -6/+0 |
| | | | | | | That reduced the maximum send size for CBC ciphers from 16384 to 16384-(block size), which was unnecessary and was causing issues: https://bugs.winehq.org/show_bug.cgi?id=37500 | ||||
* | gnutls_record_set_max_empty_records: removed | Nikos Mavrogiannopoulos | 2015-03-28 | 1 | -1/+0 |
| | |||||
* | drop support for gnulib's u64 | Nikos Mavrogiannopoulos | 2015-03-24 | 1 | -1/+0 |
| | |||||
* | added gnutls_ext_set_data() and gnutls_ext_get_data() | Nikos Mavrogiannopoulos | 2015-03-20 | 1 | -2/+2 |
| | | | | | | As a side effect the type which holds private data was reduced from union to void * pointer. That simplifies the exported API without reducing the options in the internal API. | ||||
* | Added a way to add custom extensions from public API. | Thierry Quemerais | 2015-03-19 | 1 | -28/+0 |
| | | | | Signed-off-by: Thierry Quemerais <tquemerais@awox.com> | ||||
* | Added the notion of obsolete versions | Nikos Mavrogiannopoulos | 2015-01-16 | 1 | -0/+1 |
| | | | | | | That prevents using these versions as record version numbers, unless they are the only protocol supported. This avoids the issues with servers that have banned SSL 3.0 record versions. | ||||
* | gnutls_sign_callback_set() and gnutls_sign_callback_get() were removed | Nikos Mavrogiannopoulos | 2014-12-03 | 1 | -6/+0 |
| | |||||
* | The record version in the client Hello will be set to the lowest supported ↵ | Nikos Mavrogiannopoulos | 2014-11-21 | 1 | -1/+2 |
| | | | | | | | | | | | | protocol There should have been no harm in keeping it SSL 3.0 but unfortunately in draft-thomson-sslv3-diediedie-00 it has been marked as MUST NOT do that. That will be fixed in a later revision but since then there are servers not accepting SSL 3.0 as a valid record version (note that this is about the record version, which describes the format of the packet, nothing to do with the negotiated version). | ||||
* | Added priority string %NO_SESSION_HASH to prevent advertising the extended ↵ | Nikos Mavrogiannopoulos | 2014-11-13 | 1 | -0/+2 |
| | | | | master secret extension | ||||
* | corrected calculation for max send data and other uses of _gnutls_cipher_type() | Nikos Mavrogiannopoulos | 2014-11-05 | 1 | -1/+1 |
| | |||||
* | introduced GNUTLS_MAX_SESSION_ID_SIZE | Nikos Mavrogiannopoulos | 2014-11-05 | 1 | -3/+1 |
| | |||||
* | Added support for RFC7366 (encrypt then authenticate) | Nikos Mavrogiannopoulos | 2014-11-03 | 1 | -0/+6 |
| | | | | | | | It implements a revised version of RFC7366, to avoid interoperability issues: http://www.ietf.org/mail-archive/web/tls/current/msg14349.html This is currently enabled by default, unless %NO_ETM, or %COMPAT is specified. | ||||
* | Made AEAD type an alternative to stream and block | Nikos Mavrogiannopoulos | 2014-11-03 | 1 | -4/+4 |
| | | | | That way the terminology becomes closer to the TLS rfc. | ||||
* | Improved support of draft-ietf-tls-session-hash-02. | Nikos Mavrogiannopoulos | 2014-10-25 | 1 | -0/+2 |
| | | | | | | Now the session hash is calculated correctly even when a client certificate is sent. That is, the session hash now does not take into account the CertificateVerify message. | ||||
* | Added priority string %NO_TICKETS that disables session ticket support | Nikos Mavrogiannopoulos | 2014-10-24 | 1 | -0/+1 |
| | | | | This is implied by the priority string PFS. | ||||
* | added _gnutls_hello_set_default_version() which allows to override the ↵ | Nikos Mavrogiannopoulos | 2014-10-17 | 1 | -0/+1 |
| | | | | clienthello version | ||||
* | added internal variable to track handshake status | Nikos Mavrogiannopoulos | 2014-10-09 | 1 | -0/+2 |
| | |||||
* | Added support for the extended master secret calculation | Nikos Mavrogiannopoulos | 2014-10-08 | 1 | -8/+11 |
| | | | | | That is performed implicitly unless GNUTLS_NO_EXTENSIONS is specified. The implementation follows draft-ietf-tls-session-hash-02. | ||||
* | the handshake function has a timeout value by default | Nikos Mavrogiannopoulos | 2014-10-02 | 1 | -0/+1 |
| | |||||
* | protect DTLS clients that don't handle GNUTLS_E_LARGE_PACKET from an ↵ | Nikos Mavrogiannopoulos | 2014-09-25 | 1 | -0/+3 |
| | | | | infinite loop on handshake | ||||
* | handshake: Allow the post client hello callback to put the handshake on hold | Nikos Mavrogiannopoulos | 2014-06-09 | 1 | -2/+2 |
| | | | | | That is, when the callback returns GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED the handshake will return GNUTLS_E_INTERRUPTED, and can be resumed when needed. | ||||
* | When assigning the TLS version, double check that it is valid. | Nikos Mavrogiannopoulos | 2014-05-22 | 1 | -4/+9 |
| | |||||
* | Ensure that there is no remainders in the TLS handshake packets. | Nikos Mavrogiannopoulos | 2014-05-05 | 1 | -0/+5 |
| | | | | The issue was discovered using the codenomicon TLS suite. | ||||
* | Prevent gnulib from replacing strdup as we don't include this gnulib module. | Nikos Mavrogiannopoulos | 2014-04-09 | 1 | -0/+6 |
| | |||||
* | Use the IANA assigned padding extension number. | Nikos Mavrogiannopoulos | 2014-04-07 | 1 | -1/+3 |
| | |||||
* | The %COMPAT keyword no longer reduces security. | Nikos Mavrogiannopoulos | 2014-03-27 | 1 | -2/+1 |
| | | | | | | | Introduced the LEGACY keyword which will enable the settings used in GnuTLS 3.2.x for NORMAL keyword. That is to be used in cases where compatibility with weak or misconfigured servers is required. | ||||
* | stricter type usage | Nikos Mavrogiannopoulos | 2014-03-08 | 1 | -2/+4 |
| | |||||
* | NEW_PADDING has been removed. | Nikos Mavrogiannopoulos | 2014-03-05 | 1 | -8/+0 |
| | | | | | | | This extension did not get accepted by IETF so it is now being removed. The gnutls_range API is kept in case length hiding is implemented in a different way at some point. | ||||
* | %COMPAT implies %DUMBFW | Nikos Mavrogiannopoulos | 2014-01-19 | 1 | -0/+1 |
| | |||||
* | The simple bit size check in certificates is now replaced by the ↵ | Nikos Mavrogiannopoulos | 2014-01-15 | 1 | -2/+0 |
| | | | | verification profiles. | ||||
* | no need to set profile to LOW as it is already the default | Nikos Mavrogiannopoulos | 2014-01-15 | 1 | -2/+0 |
| | |||||
* | When verifying a certificate's security level ensure that the hash is within ↵ | Nikos Mavrogiannopoulos | 2014-01-15 | 1 | -1/+3 |
| | | | | the level | ||||
* | enforce certificate verification profiles when setting priority strings | Nikos Mavrogiannopoulos | 2014-01-13 | 1 | -1/+4 |
| | |||||
* | use better definitions | Nikos Mavrogiannopoulos | 2013-12-15 | 1 | -0/+4 |
| | |||||
* | Align on 16-byte boundaries the buffers provided to cryptodev. | Nikos Mavrogiannopoulos | 2013-12-15 | 1 | -2/+3 |
| | | | | | | | When gnutls is compiled with support for cryptodev, the buffers provided to crypto backend are ensured to be 16-byte aligned (except the ones provided by the user). That increases performance in several crypto accelerators. | ||||
* | FIPS140 mode is detected on run-time. | Nikos Mavrogiannopoulos | 2013-12-09 | 1 | -0/+2 |
| | | | | | That allows a library compiled in FIPS140 mode to operate as the full library if the system is not in FIPS mode. | ||||
* | DH key exchange uses the _gnutls_pk_derive and _gnutls_pk_generate_key ↵ | Nikos Mavrogiannopoulos | 2013-11-28 | 1 | -4/+7 |
| | | | | | | functions. This allows handling DH key generation in the crypto backend files. | ||||
* | overwrite temp buffers of private keys. | Nikos Mavrogiannopoulos | 2013-11-27 | 1 | -14/+0 |
| | |||||
* | zeroize ECC secret scalars and points. | Nikos Mavrogiannopoulos | 2013-11-27 | 1 | -3/+6 |
| | |||||
* | Added key zeroization primitives. | Nikos Mavrogiannopoulos | 2013-11-27 | 1 | -0/+11 |
| | |||||
* | Corrected bug which affected compressed records. | Nikos Mavrogiannopoulos | 2013-11-22 | 1 | -4/+6 |
| | | | | | | | | | Less space was provided for decryption than the required causing disconnection issues when compression was used. The issue was pointed by Frank Zschockelt. Also replaced the macros MAX_RECORD_RECV_SIZE and MAX_RECV_SIZE with max_decrypted_size() and max_record_recv_size(). | ||||
* | Use AES-GCM to encrypt session tickets. | Nikos Mavrogiannopoulos | 2013-11-22 | 1 | -2/+0 |
| | |||||
* | use the bool expression instead of unsigned int:1. | Nikos Mavrogiannopoulos | 2013-11-12 | 1 | -38/+39 |
| | |||||
* | Added %DUMBFW priority string option. | Nikos Mavrogiannopoulos | 2013-11-10 | 1 | -0/+2 |
| | | | | This works around issues when connecting behind some firewalls. | ||||
* | reindented code | Nikos Mavrogiannopoulos | 2013-11-08 | 1 | -686/+652 |
| | |||||
* | separated the TLS IV size and the cipher IV size. | Nikos Mavrogiannopoulos | 2013-11-06 | 1 | -1/+2 |
| | |||||
* | corrected max_user_send_size() for DTLS. | Nikos Mavrogiannopoulos | 2013-09-01 | 1 | -6/+9 |
| | |||||
* | _gnutls_send_tlen_int() accepts the actual pad rather than the intended ↵ | Nikos Mavrogiannopoulos | 2013-09-01 | 1 | -1/+19 |
| | | | | data. Corrections in sending records with %NEW_PADDING. |