Vincent Hanquez
228928bf15
remaining cleanup and reactive all options, and tls-extra removal
2014-01-27 04:03:53 +00:00
Vincent Hanquez
8b03b9ca86
add Network.TLS.Extra for best compatibility with tls-extra removal
2014-01-27 04:03:26 +00:00
Vincent Hanquez
4905fb1ecb
add ciphers tests.
2014-01-27 03:51:17 +00:00
Vincent Hanquez
182ef6a096
fold tls-extra ciphers in tls.
2014-01-27 03:51:02 +00:00
Vincent Hanquez
c6117b96f3
misc realignement
2014-01-27 03:50:20 +00:00
Vincent Hanquez
ad6ed6beac
add some Show and Eq instances
2014-01-27 03:50:04 +00:00
Vincent Hanquez
51d9c999f0
align properly
2014-01-26 14:15:30 +00:00
Vincent Hanquez
ddc52166e3
repair Retrieve certificate and add ability to show fingerprint
2014-01-26 14:15:18 +00:00
Vincent Hanquez
eb156d78fe
repair simple client
2014-01-26 14:15:10 +00:00
Vincent Hanquez
bc9c1e690d
various updates related to new tls
2014-01-26 08:17:51 +00:00
Vincent Hanquez
72eb1d10f1
repair loggin
2014-01-26 07:06:39 +00:00
Vincent Hanquez
d76ae2efa3
add more ignore files
2014-01-26 07:03:24 +00:00
Vincent Hanquez
86375aaa57
move onHandshake to a serverHooks, and remove CommonHooks everywhere.
...
export modifyHooks as contextModifyHooks
2014-01-26 07:02:43 +00:00
Vincent Hanquez
251a0b2193
move logging into dynamic hooks
2014-01-26 06:50:47 +00:00
Vincent Hanquez
8dccb7d7bd
document hooks
2014-01-26 06:38:53 +00:00
Vincent Hanquez
11575711bc
add dynamic recv certificate hook and remove the static one.
2014-01-26 06:37:17 +00:00
Vincent Hanquez
a880d4081e
remove Connection module, vector as dependencies, and re-add x509/x509-store
2014-01-25 16:56:16 +00:00
Vincent Hanquez
8985ae49cd
update tls extra to the new tls.
2014-01-25 16:54:15 +00:00
Vincent Hanquez
4e5ff7f53d
Change the way parameters are created.
...
This is still WIP and this commit is truly horrific. Sadly, it's just
too much effort to do clean commit with this, and it doesn't mix with
experimentation either.
2014-01-25 16:51:51 +00:00
Vincent Hanquez
8e128a0412
export information and related.
2014-01-17 08:49:16 +00:00
Vincent Hanquez
68594044c7
remove connectVersion.
2014-01-17 07:11:07 +00:00
Vincent Hanquez
f0bc03863b
add a way to get information about a context.
...
WIP need to include certificate information.
2014-01-17 07:10:28 +00:00
Vincent Hanquez
2d1aeb76c2
make compression an instance of Eq.
2014-01-17 07:09:50 +00:00
Vincent Hanquez
439ea6ba85
use the backend class completely and mark contextNewOnX symbols as deprecated
2014-01-17 06:55:33 +00:00
Vincent Hanquez
eb90d5be00
define failOnEitherError
2014-01-16 10:48:47 +00:00
Vincent Hanquez
aa8856c68a
remove connectVersion as it should be the maximum of allowedVersions
2014-01-12 07:15:16 +00:00
Vincent Hanquez
50797bae50
cleanup import
2014-01-10 08:30:30 +00:00
Vincent Hanquez
453fab50ed
split Backend and introduce a new HasBackend class
...
the HasBackend class allow to not have multiples contextNewOnX calls,
but instead will favor only one contextNew that can take all HasBackend types.
2014-01-10 07:01:34 +00:00
Vincent Hanquez
614b5b4c6b
split parameters from context
2014-01-05 11:14:17 +00:00
Vincent Hanquez
8a05317d40
slightly better error when no ciphers are available
2014-01-02 06:09:09 +00:00
Vincent Hanquez
0e0a7ce6ec
generate some dhparams
2013-12-29 07:14:08 +00:00
Vincent Hanquez
f7447925af
add some ciphers to Stunnel
2013-12-29 07:13:52 +00:00
Vincent Hanquez
c729228ca0
add some ciphers to SimpleClient
2013-12-29 07:13:34 +00:00
Vincent Hanquez
a16f8b685d
define some extra DHE+SHA256 ciphers
2013-12-28 20:43:14 +00:00
Vincent Hanquez
22ed5ce172
add support for DHE in stunnel
2013-12-28 20:39:14 +00:00
Vincent Hanquez
60e5064059
update README
2013-12-28 20:11:09 +00:00
Vincent Hanquez
ce4fb75531
update TODO. DHE RSA+DSS is now supported.
2013-12-28 15:30:53 +00:00
Vincent Hanquez
5a3422cbbc
generate DSA certificate and RSA certificate with proper extensions for tests
2013-12-28 15:30:37 +00:00
Vincent Hanquez
fa0d01df0d
update utility with new ciphers and new credentials system.
2013-12-28 15:29:44 +00:00
Vincent Hanquez
5c776b7fc4
add new DHE-DSS ciphers
2013-12-28 15:28:01 +00:00
Vincent Hanquez
323fb95fbe
consistent style in record structure.
2013-12-28 15:26:33 +00:00
Vincent Hanquez
3297441e0b
limit to crypto-pubkey > 0.2.4
2013-12-28 15:26:03 +00:00
Vincent Hanquez
56f89956d0
add tests related to DHE DSS
2013-12-28 15:25:54 +00:00
Vincent Hanquez
85f436afe6
add a system to filter cipher that we can't use because we don't have the right credentials loaded.
2013-12-28 15:25:13 +00:00
Vincent Hanquez
acf9708199
use the new credentials system to be able to handle RSA and DSS certificate at the same time.
2013-12-28 15:24:20 +00:00
Vincent Hanquez
9a05ac9553
limit the X509 import list of what we need
2013-12-28 15:20:07 +00:00
Vincent Hanquez
f72293d32f
properly do DSS/RSA in DHE methods.
2013-12-28 15:19:39 +00:00
Vincent Hanquez
a111d703a4
simplify the handshake key state.
...
we don't need to differentiate client/server, as a remote key will always be public and
the private key always local.
2013-12-28 15:17:42 +00:00
Vincent Hanquez
64946c8fb8
error in serverKeyXchg with RSA.
2013-12-28 15:15:06 +00:00
Vincent Hanquez
761ba1ac5c
add support for DSS signature.
2013-12-28 15:14:09 +00:00