Vincent Hanquez
15885c0649
check that a certificate has the ability to actually sign another certificate.
...
this is done basically by verifying that the CA is set in basic constraints,
and then that the key usage allow certificate signing.
2013-01-19 11:41:49 +00:00
Vincent Hanquez
0b51f14b80
require certificate 1.3.5
2013-01-19 11:37:06 +00:00
Vincent Hanquez
125f4b4304
reorg
2013-01-19 11:03:48 +00:00
Vincent Hanquez
6191f53a20
expands spaces
2013-01-19 10:41:11 +00:00
Vincent Hanquez
8553074677
bump version
2013-01-13 06:54:06 +00:00
Vincent Hanquez
a1815c8fb2
remove -fhpc by default in cabal file.
2013-01-13 06:54:03 +00:00
Vincent Hanquez
58ef7baa8b
bump version
2013-01-10 09:08:21 +00:00
Vincent Hanquez
8b267338f5
bump dependencies version
2013-01-10 09:08:13 +00:00
Vincent Hanquez
76c4272010
bump version
2013-01-10 09:07:02 +00:00
Vincent Hanquez
8f93e0a648
update to crypto-pubkey
2013-01-10 09:04:44 +00:00
Vincent Hanquez
91d000748f
remove cryptocipher
2013-01-09 22:09:55 +00:00
Vincent Hanquez
dab21da9d0
remove cryptocipher dependency
2013-01-06 09:41:40 +00:00
Vincent Hanquez
8c9bff15e3
remove old definition
2013-01-04 09:01:12 +00:00
Vincent Hanquez
5a4b194848
bump version to crypto-random-api 0.2
2013-01-04 08:38:11 +00:00
Vincent Hanquez
0f0471a0d5
in a nice closing alert, we try to reply as well before closing connections
2012-12-31 15:55:22 +00:00
Vincent Hanquez
a2355f33ee
handle early termination and bad remote side more effectively.
...
mark the session has invalid and also try to
reply to the other side that we're closing the connection.
Finally a new terminated exception is raised to userspace to notify
the failure.
2012-12-31 15:49:34 +00:00
Vincent Hanquez
fd922e90d3
define a new Terminated exception
2012-12-31 15:48:04 +00:00
Vincent Hanquez
6f5804bb2d
typo
2012-12-31 14:43:15 +00:00
Vincent Hanquez
17c5de82b3
spring cleanup errors that are not used anymore
2012-12-31 14:42:41 +00:00
Vincent Hanquez
02a50fc142
reorganize the recvData function to be nicer.
2012-12-31 14:08:51 +00:00
Vincent Hanquez
7c6815b738
only send packet if we are in the client context.
2012-12-31 13:37:33 +00:00
Vincent Hanquez
ea06a793b7
add SHA1 and remove unneeded import
2012-12-31 13:37:19 +00:00
Vincent Hanquez
f80f2e5dec
re-indent
2012-12-31 13:37:03 +00:00
Vincent Hanquez
8a88309676
use cipher-aes on windows and macosx as well.
2012-12-30 15:31:52 +00:00
Vincent Hanquez
19f2071ad3
bump extra dependency on core
2012-12-30 15:31:37 +00:00
Vincent Hanquez
0dd4a97d29
bump core version
2012-12-30 15:31:25 +00:00
Vincent Hanquez
a14b37d528
use new crypto-pubkey
2012-12-30 15:31:13 +00:00
Vincent Hanquez
98f4127bc9
crypto-random-types -> crypto-random-api.
2012-12-11 09:23:13 +00:00
Vincent Hanquez
52c28bee63
use cipher-rc4 instead of cryptocipher implementation.
2012-12-11 09:22:17 +00:00
Vincent Hanquez
141e6fc491
use the {decrypt,sign}Safer alternative.
2012-12-05 08:22:47 +00:00
Vincent Hanquez
68e45d829f
use a CPRG when signing with RSA.
2012-12-05 08:19:40 +00:00
Vincent Hanquez
bd2883683b
use a CPRG when using decrypt RSA.
2012-12-05 08:16:32 +00:00
Vincent Hanquez
7a03dc1834
create a test-suite that use tls as a library instead of using directly.
...
use the secret Network.TLS.Internal module, and as a result,
compile tls modules once now instead of twice each.
2012-12-05 07:57:13 +00:00
Vincent Hanquez
cedd5b2c86
switch to CPRG instead of CryptoRandomGen
2012-12-05 07:48:11 +00:00
Vincent Hanquez
ce421b40c8
add simpleclient information
2012-12-04 14:15:51 +00:00
Vincent Hanquez
01c1c6e045
bump version
2012-12-04 08:59:43 +00:00
Vincent Hanquez
39a1a8b4b5
bump version
2012-12-04 08:59:20 +00:00
Vincent Hanquez
3282b61e02
bump version
2012-12-04 08:58:14 +00:00
Vincent Hanquez
1ee62330ee
fix issue with the HTTP protocol version missing the required / between HTTP and version.
2012-12-04 08:57:51 +00:00
Vincent Hanquez
6b2d1bc89d
add better usage.
...
also add a -h / --help flag to request the usage.
2012-12-04 08:56:55 +00:00
Vincent Hanquez
c0bdb30482
fix client hello relative to the new deprecated record field.
2012-12-04 08:56:15 +00:00
Vincent Hanquez
8b022c48e9
bump minimum required cprng-aes to 0.3.0
2012-12-04 08:55:59 +00:00
Vincent Hanquez
d614eb09e2
requires cprng-aes >= 0.3.0 and fix api change.
2012-12-04 08:35:21 +00:00
Vincent Hanquez
cfa2c2e1dc
Merge branch 'SSLv2Hello'
2012-12-04 08:33:02 +00:00
Vincent Hanquez
1e690cf8fb
add a SSLv2 compat flag to enable reception of compat Client Hello only
...
for the first packet received in a server context.
The client side never try to use the compat code.
2012-12-04 08:31:22 +00:00
Vincent Hanquez
cf63849c9d
add the SSLv2_COMPATIBLE flag to the tests.
...
add flag default to true.
2012-12-04 08:13:54 +00:00
Vincent Hanquez
c048a97d1b
Add a flag to recvRecord to enable SSLv2 compat reception.
2012-12-03 18:56:14 +00:00
Vincent Hanquez
b8e3000ef9
remove warning for useless binding
2012-12-03 18:55:30 +00:00
Vincent Hanquez
db1232aea8
remove warnings, add some more #ifdef.
2012-12-03 17:26:50 +00:00
Vincent Hanquez
ee92845b03
bump version
2012-11-19 09:55:07 +00:00