Vincent Hanquez
a14b37d528
use new crypto-pubkey
2012-12-30 15:31:13 +00:00
Vincent Hanquez
141e6fc491
use the {decrypt,sign}Safer alternative.
2012-12-05 08:22:47 +00:00
Vincent Hanquez
68e45d829f
use a CPRG when signing with RSA.
2012-12-05 08:19:40 +00:00
Vincent Hanquez
bd2883683b
use a CPRG when using decrypt RSA.
2012-12-05 08:16:32 +00:00
Vincent Hanquez
7a03dc1834
create a test-suite that use tls as a library instead of using directly.
...
use the secret Network.TLS.Internal module, and as a result,
compile tls modules once now instead of twice each.
2012-12-05 07:57:13 +00:00
Vincent Hanquez
cedd5b2c86
switch to CPRG instead of CryptoRandomGen
2012-12-05 07:48:11 +00:00
Vincent Hanquez
3282b61e02
bump version
2012-12-04 08:58:14 +00:00
Vincent Hanquez
d614eb09e2
requires cprng-aes >= 0.3.0 and fix api change.
2012-12-04 08:35:21 +00:00
Vincent Hanquez
cfa2c2e1dc
Merge branch 'SSLv2Hello'
2012-12-04 08:33:02 +00:00
Vincent Hanquez
1e690cf8fb
add a SSLv2 compat flag to enable reception of compat Client Hello only
...
for the first packet received in a server context.
The client side never try to use the compat code.
2012-12-04 08:31:22 +00:00
Vincent Hanquez
cf63849c9d
add the SSLv2_COMPATIBLE flag to the tests.
...
add flag default to true.
2012-12-04 08:13:54 +00:00
Vincent Hanquez
c048a97d1b
Add a flag to recvRecord to enable SSLv2 compat reception.
2012-12-03 18:56:14 +00:00
Vincent Hanquez
b8e3000ef9
remove warning for useless binding
2012-12-03 18:55:30 +00:00
Vincent Hanquez
db1232aea8
remove warnings, add some more #ifdef.
2012-12-03 17:26:50 +00:00
Vincent Hanquez
ee92845b03
bump version
2012-11-19 09:55:07 +00:00
Vincent Hanquez
3e82cc744a
fix issue when re-handshaking with a different cipher.
...
tls was correctly accounting for the difference between pending state
and active state in most place except for the actual cipher
encryption/decryption functions in use.
Hence when re-negociating with a different cipher than the current
cipher, which is fairly unusual but perfectly allowed, the lowlevel
function were switch at the server hello instead of being switch at the
switch(Tx/Rx).
2012-11-19 09:39:35 +00:00
notogawa
1605c4bd00
add flag to reject SSLv2 compatible handshake.
2012-11-17 01:01:41 +09:00
notogawa
d41c53f6b5
reject SSLv2 re-handshaking message.
2012-11-17 00:37:05 +09:00
notogawa
a4f06256fe
accept SSLv2 format 'ClientHello' Handshake message.
2012-11-10 19:34:37 +09:00
Vincent Hanquez
9bc41f62c4
bump version
2012-10-30 04:52:32 +00:00
Vincent Hanquez
513d13029f
use gets where possible and make thing nicer
2012-10-30 04:46:19 +00:00
Vincent Hanquez
0eb95ab9a7
do not returns empty app data to the user as it might be confused with EOF.
2012-10-29 21:23:44 +00:00
Vincent Hanquez
1c90962e9a
tweak how things are exported. simplify code.
...
use correct type alias
2012-10-21 20:35:32 +01:00
Vincent Hanquez
60f7197b0a
export everything required.
2012-10-21 18:32:07 +01:00
Vincent Hanquez
78a0e36397
remove semicolon and useless parens
2012-10-20 09:00:55 +01:00
Vincent Hanquez
8b665c05fd
define new fields in the client structure for max fragment length and server name
2012-10-20 09:00:30 +01:00
Vincent Hanquez
1b8696ddbf
properly define the server name extension to be a variant type.
...
This allow to have a better high level type and simplify the user side.
2012-10-20 08:59:39 +01:00
Vincent Hanquez
88d373165c
do not use a put monad as the encoding is a single byte bytestring
2012-10-20 08:58:36 +01:00
Vincent Hanquez
10e0a22950
properly set the type of maxfragmentlength
2012-10-20 08:58:14 +01:00
Vincent Hanquez
325cfd1eab
bind n so that we can report the error in decoding maxfragmentlength
2012-10-20 08:57:53 +01:00
Vincent Hanquez
8dae53a2ef
correct a typo.
2012-10-20 08:57:28 +01:00
Vincent Hanquez
aa910bfd9c
reindent
2012-10-20 08:56:53 +01:00
Vincent Hanquez
5627e3ddf9
add some spaces
2012-10-20 08:56:39 +01:00
Vincent Hanquez
acc4ef5ca5
add MaxFragmentLength extension
2012-10-17 07:30:41 +01:00
Vincent Hanquez
b0849b0785
export ServerName
2012-10-17 07:30:26 +01:00
Vincent Hanquez
d33a3df303
define the ServerName's extensionID
2012-10-17 07:30:07 +01:00
Vincent Hanquez
676608b017
make server name description more precise
2012-10-17 07:28:35 +01:00
Vincent Hanquez
b125a04215
bump certificate version
2012-10-16 08:03:00 +01:00
Vincent Hanquez
7d55744060
remove useless symbols. fixes warnings.
2012-10-16 08:02:44 +01:00
Vincent Hanquez
2132dd91c3
repair Core's tests.
2012-10-16 08:02:18 +01:00
Vincent Hanquez
a1b735bed1
update LICENSE files and add a root one.
2012-09-30 16:16:58 +01:00
Vincent Hanquez
0794cc3d0b
Disable optimisation for ghc 7.6.1 to workaround the bad record mac problem
...
Temporary fix until the bug is resolved upstream.
see http://hackage.haskell.org/trac/ghc/ticket/7270
2012-09-25 08:09:37 +01:00
Vincent Hanquez
c9dbce0636
realign fields.
2012-09-25 08:04:58 +01:00
Vincent Hanquez
89df5a893f
fix use of catch to make sure it's usuable on ghc-7.6 and older versions.
2012-09-23 22:54:43 +01:00
Vincent Hanquez
670f826f0a
fix link related to the new all in one repository for tls and co.
2012-09-05 06:50:45 +01:00
Vincent Hanquez
957a005664
move all tls into a core directory.
2012-09-05 06:27:06 +01:00