Vincent Hanquez
378d9dbecb
bump version of tls-extra
2013-05-16 09:44:51 +01:00
Vincent Hanquez
c2924f82d9
don't use DSA.signature for now as it's going some new revision
2013-05-16 09:44:01 +01:00
Vincent Hanquez
5173b61783
comment compression import.
2013-02-09 16:57:58 +00:00
Vincent Hanquez
83c1e247e6
add extra check for minimum size and being a blocksize multiple for block ciphers.
2013-02-09 16:57:22 +00:00
Vincent Hanquez
66cf59c054
remove BulkNoneF which only duplicate case for no reason.
2013-02-09 16:56:47 +00:00
Vincent Hanquez
75953f1885
add a nice friendly error if the certificate for stunnel are not
...
present.
2013-02-09 14:20:01 +00:00
Vincent Hanquez
c26cf3d1fd
use strict bytestring in the test. avoid using deprecated symbol.
2013-02-09 10:51:29 +00:00
Vincent Hanquez
e711a49446
fold
2013-02-09 10:50:51 +00:00
Vincent Hanquez
29863194bc
use the certificate reading helpers in extra.
2013-02-09 10:50:12 +00:00
Vincent Hanquez
339d2ca33a
reorganize the disengage decryptData function for further change.
2013-02-09 08:10:13 +00:00
Vincent Hanquez
35910529cc
recv more data than 1 chunk in the simpleClient debug tool.
...
Use the timeout feature (2s per recv) to get out of a blocking http1.1 reading.
2013-02-09 08:07:47 +00:00
bartavelle
4b5be1ee30
Adding support for SHA256
...
This one line change seems to add support for SHA256 signatures.
2013-02-01 13:51:56 +01:00
Vincent Hanquez
89afb971ea
bump tls-debug version
2013-01-27 16:13:14 +00:00
Vincent Hanquez
0e628cf2c1
bump tls version
2013-01-27 16:09:49 +00:00
Vincent Hanquez
822a864b95
add a way to turn off sni for testing.
2013-01-27 16:09:33 +00:00
Vincent Hanquez
5afd866070
add SNI extension if it has been specified in the ClientUseServerName
2013-01-27 16:09:08 +00:00
Vincent Hanquez
510dcdd752
fix encoding of ServerName extension.
2013-01-27 16:08:39 +00:00
Vincent Hanquez
f27d31d65b
expand tabs
2013-01-27 14:17:36 +00:00
Vincent Hanquez
1a219e589d
remove warning with defaulting to integer
2013-01-20 04:55:41 +00:00
Vincent Hanquez
c41086fcab
add groom to show certificate in full.
2013-01-19 22:16:13 +00:00
Vincent Hanquez
c94898ea6f
improve verifychain function.
...
add basic information to be able to verify BasicConstraints pathlen.
2013-01-19 22:15:55 +00:00
Vincent Hanquez
678afe4d31
fix example.
2013-01-19 20:12:16 +00:00
Vincent Hanquez
af78b1db4c
remove CPP.
2013-01-19 20:12:05 +00:00
Vincent Hanquez
845e245d62
remove fastaes flag. cipher-aes is now the only choice.
2013-01-19 20:11:56 +00:00
Vincent Hanquez
0d6e8e84e8
remove spurious file.
2013-01-19 20:11:29 +00:00
Vincent Hanquez
61e0677ce2
bump version
2013-01-19 11:42:32 +00:00
Vincent Hanquez
fe3bcd2748
bump version of extra's dependencies debug.
2013-01-19 11:42:25 +00:00
Vincent Hanquez
a33ac97baa
bump version
2013-01-19 11:41:57 +00:00
Vincent Hanquez
15885c0649
check that a certificate has the ability to actually sign another certificate.
...
this is done basically by verifying that the CA is set in basic constraints,
and then that the key usage allow certificate signing.
2013-01-19 11:41:49 +00:00
Vincent Hanquez
0b51f14b80
require certificate 1.3.5
2013-01-19 11:37:06 +00:00
Vincent Hanquez
125f4b4304
reorg
2013-01-19 11:03:48 +00:00
Vincent Hanquez
6191f53a20
expands spaces
2013-01-19 10:41:11 +00:00
Vincent Hanquez
8553074677
bump version
2013-01-13 06:54:06 +00:00
Vincent Hanquez
a1815c8fb2
remove -fhpc by default in cabal file.
2013-01-13 06:54:03 +00:00
Vincent Hanquez
58ef7baa8b
bump version
2013-01-10 09:08:21 +00:00
Vincent Hanquez
8b267338f5
bump dependencies version
2013-01-10 09:08:13 +00:00
Vincent Hanquez
76c4272010
bump version
2013-01-10 09:07:02 +00:00
Vincent Hanquez
8f93e0a648
update to crypto-pubkey
2013-01-10 09:04:44 +00:00
Vincent Hanquez
91d000748f
remove cryptocipher
2013-01-09 22:09:55 +00:00
Vincent Hanquez
dab21da9d0
remove cryptocipher dependency
2013-01-06 09:41:40 +00:00
Vincent Hanquez
8c9bff15e3
remove old definition
2013-01-04 09:01:12 +00:00
Vincent Hanquez
5a4b194848
bump version to crypto-random-api 0.2
2013-01-04 08:38:11 +00:00
Vincent Hanquez
0f0471a0d5
in a nice closing alert, we try to reply as well before closing connections
2012-12-31 15:55:22 +00:00
Vincent Hanquez
a2355f33ee
handle early termination and bad remote side more effectively.
...
mark the session has invalid and also try to
reply to the other side that we're closing the connection.
Finally a new terminated exception is raised to userspace to notify
the failure.
2012-12-31 15:49:34 +00:00
Vincent Hanquez
fd922e90d3
define a new Terminated exception
2012-12-31 15:48:04 +00:00
Vincent Hanquez
6f5804bb2d
typo
2012-12-31 14:43:15 +00:00
Vincent Hanquez
17c5de82b3
spring cleanup errors that are not used anymore
2012-12-31 14:42:41 +00:00
Vincent Hanquez
02a50fc142
reorganize the recvData function to be nicer.
2012-12-31 14:08:51 +00:00
Vincent Hanquez
7c6815b738
only send packet if we are in the client context.
2012-12-31 13:37:33 +00:00
Vincent Hanquez
ea06a793b7
add SHA1 and remove unneeded import
2012-12-31 13:37:19 +00:00