Vincent Hanquez
d4ca9e0d9d
export Cipher constructor.
2011-08-12 18:32:18 +01:00
Vincent Hanquez
abc571223a
Change compression API to work properly.
...
- distinguish compression from decompression
- add a context
- move from a record structure to typeclass + wrapping data for hiding the existential quantification.
2011-08-12 18:31:58 +01:00
Vincent Hanquez
b6a5149108
bump version for dev
2011-08-12 18:24:51 +01:00
Vincent Hanquez
b34af4195f
fix compilation error
2011-08-07 10:03:34 +01:00
Vincent Hanquez
284f82c5fc
bump version to 0.7.2
2011-08-07 10:00:46 +01:00
Vincent Hanquez
a48795d867
update description to be more accurate and descriptive
2011-08-07 09:59:57 +01:00
Vincent Hanquez
9591a395a9
use functor <$> instead of maybe
2011-07-07 22:21:23 +01:00
Vincent Hanquez
4d5bd5b453
bump version to 0.7.1
2011-06-19 21:24:11 +01:00
Vincent Hanquez
28e04f8849
Use the encode function to encode the secure renegotiation extension.
...
fix a bug on the client side when secure renegotiation is enabled on client and server.
2011-06-19 21:23:01 +01:00
Vincent Hanquez
c27fc6187d
properly encode/decode secure renegotiation extension
2011-06-13 08:33:14 +01:00
Vincent Hanquez
d2e6235410
throw proper error with partial packets and EOF
2011-06-13 08:19:29 +01:00
Vincent Hanquez
1b8474d388
create a sendClientKeyXchg
2011-06-12 21:55:22 +01:00
Vincent Hanquez
02f77a1225
set server and client parameter directly in core, not in the sending processing layer.
2011-06-12 21:42:55 +01:00
Vincent Hanquez
2d33ea3fad
separate the IO operation from the decoding.
2011-06-12 21:40:02 +01:00
Vincent Hanquez
69a40eb656
use throwCore instead of error
2011-06-12 21:39:34 +01:00
Vincent Hanquez
30d52f0398
fix comment
2011-06-12 21:39:17 +01:00
Vincent Hanquez
5ecff01d94
fix tests
2011-06-12 21:38:51 +01:00
Vincent Hanquez
6945147122
add label to serialize get operations
2011-06-12 21:38:42 +01:00
Vincent Hanquez
1358a2ef56
throw error if recvPacket errors instead of ignoring it.
2011-06-12 21:38:18 +01:00
Vincent Hanquez
5207a41a57
reflect the fact in types that the record layer record returns list of same header type.
2011-06-10 21:24:46 +01:00
Vincent Hanquez
f56f5d6e41
add more handling of server key xchg and dh_anon
2011-06-07 08:59:20 +01:00
Vincent Hanquez
2e6c963ace
update TODO
2011-06-07 08:30:49 +01:00
Vincent Hanquez
32e81622e5
update LICENSE
2011-06-07 08:28:49 +01:00
Vincent Hanquez
8329187394
fill the server hello in the server and check the return value in the client.
2011-06-07 08:28:02 +01:00
Vincent Hanquez
96e6979ed4
misc change and start to trickle through the support for secure renegotiation
2011-06-07 08:13:43 +01:00
Vincent Hanquez
d3de5de4cd
add way to store verified data and to activate/deactivate the feature
2011-06-07 07:41:31 +01:00
Vincent Hanquez
093cd2c9fb
use bytes directly instead of pointlessly unpacking it for extensions and finishedData
2011-06-06 08:16:24 +01:00
Vincent Hanquez
cead67c558
add secure renegociation flag in state
2011-06-06 08:03:18 +01:00
Vincent Hanquez
03c07ce173
hello extensions can be present since SSL3
2011-06-06 07:56:10 +01:00
Vincent Hanquez
a2059de7c0
simplify decoding by just getting the remaining content
2011-06-06 07:55:09 +01:00
Vincent Hanquez
0710d44f3d
code alignment
2011-06-06 07:54:40 +01:00
Vincent Hanquez
f74626e065
throw proper error if we receive an unexpected transition.
2011-05-13 21:40:11 +01:00
Vincent Hanquez
dd1ab24f10
bump version to 0.7.0
2011-05-13 21:05:44 +01:00
Vincent Hanquez
9cd0ed0515
handle exception in handshake and report to the user if the handshake has been successful or not.
2011-05-13 08:39:15 +01:00
Vincent Hanquez
6eef56c60f
[SECURITY] fix TLS1.1 block cipher IV usage.
...
In TLS1.1 and above, the IV is explicitely carried to the other side and
is generated from random. It doesn't come from the CBC residue.
2011-05-13 08:10:13 +01:00
Vincent Hanquez
432639688f
properly handle the mvar to put the st back if an exception happens.
2011-05-13 07:12:54 +01:00
Vincent Hanquez
8434cb24e2
use proper protocol error in the server during clienthello
2011-05-13 07:08:27 +01:00
Vincent Hanquez
f7ed7f541a
throw a proper protocol error in case the version is not supported
2011-05-13 07:03:16 +01:00
Vincent Hanquez
f140e1c579
change onRecvCertificate callback to be able to track the reason of rejection, and returns the proper alert to the other side.
2011-05-13 07:02:44 +01:00
Vincent Hanquez
f1222ece5d
add placeholder code to handle alerts during recvData.
2011-05-12 09:13:53 +01:00
Vincent Hanquez
fa384d87c7
raise a proper HandshakeFailure if no cipher works
2011-05-12 09:13:53 +01:00
Vincent Hanquez
3b76a3ed7c
raise a ProtocolVersion error if version negociated is SSL2
2011-05-12 09:13:53 +01:00
Vincent Hanquez
eac638bc27
if we received a packet too big, raise a RecordOverflow error
2011-05-12 09:13:53 +01:00
Vincent Hanquez
f569440782
add throw IO ability to core
2011-05-12 09:13:53 +01:00
Vincent Hanquez
0582234934
cleanup for not having to use fromJust
2011-05-12 09:13:53 +01:00
Vincent Hanquez
9db7ccbfca
throw proper error for bad record mac
2011-05-12 09:13:53 +01:00
Vincent Hanquez
a435a9add1
remove unnecessary import
2011-05-12 09:13:53 +01:00
Vincent Hanquez
bdba471ebe
define a more generic protocol error, and remove the digest error
2011-05-12 09:13:53 +01:00
Vincent Hanquez
e4f40cf55e
comment
2011-05-12 09:13:53 +01:00
Vincent Hanquez
277e39b931
define TLSError as Exception material
2011-05-12 09:13:53 +01:00