Vincent Hanquez
|
9591a395a9
|
use functor <$> instead of maybe
|
2011-07-07 22:21:23 +01:00 |
|
Vincent Hanquez
|
4d5bd5b453
|
bump version to 0.7.1
|
2011-06-19 21:24:11 +01:00 |
|
Vincent Hanquez
|
28e04f8849
|
Use the encode function to encode the secure renegotiation extension.
fix a bug on the client side when secure renegotiation is enabled on client and server.
|
2011-06-19 21:23:01 +01:00 |
|
Vincent Hanquez
|
686ced12c6
|
bump to 0.3.1
|
2011-06-19 11:59:40 +01:00 |
|
Vincent Hanquez
|
4b90486f10
|
fixup dummy windows/macos X implementation
|
2011-06-19 11:59:11 +01:00 |
|
Vincent Hanquez
|
c27fc6187d
|
properly encode/decode secure renegotiation extension
|
2011-06-13 08:33:14 +01:00 |
|
Vincent Hanquez
|
d2e6235410
|
throw proper error with partial packets and EOF
|
2011-06-13 08:19:29 +01:00 |
|
Vincent Hanquez
|
1b8474d388
|
create a sendClientKeyXchg
|
2011-06-12 21:55:22 +01:00 |
|
Vincent Hanquez
|
02f77a1225
|
set server and client parameter directly in core, not in the sending processing layer.
|
2011-06-12 21:42:55 +01:00 |
|
Vincent Hanquez
|
2d33ea3fad
|
separate the IO operation from the decoding.
|
2011-06-12 21:40:02 +01:00 |
|
Vincent Hanquez
|
69a40eb656
|
use throwCore instead of error
|
2011-06-12 21:39:34 +01:00 |
|
Vincent Hanquez
|
30d52f0398
|
fix comment
|
2011-06-12 21:39:17 +01:00 |
|
Vincent Hanquez
|
5ecff01d94
|
fix tests
|
2011-06-12 21:38:51 +01:00 |
|
Vincent Hanquez
|
6945147122
|
add label to serialize get operations
|
2011-06-12 21:38:42 +01:00 |
|
Vincent Hanquez
|
1358a2ef56
|
throw error if recvPacket errors instead of ignoring it.
|
2011-06-12 21:38:18 +01:00 |
|
Vincent Hanquez
|
8d59e6a3a0
|
allow experimental connection on fd too.
|
2011-06-12 19:23:31 +01:00 |
|
Vincent Hanquez
|
ad47dcdcc0
|
add debuggability of the server side too.
|
2011-06-12 19:23:17 +01:00 |
|
Vincent Hanquez
|
a93bd26770
|
check handshake return value
|
2011-06-12 19:22:32 +01:00 |
|
Vincent Hanquez
|
1b342d8223
|
use the handshake returns value to know if we need to carry on.
|
2011-06-11 11:49:44 +01:00 |
|
Vincent Hanquez
|
ecaee55802
|
fixup related to tls refactoring of the record layer.
|
2011-06-10 21:25:56 +01:00 |
|
Vincent Hanquez
|
5207a41a57
|
reflect the fact in types that the record layer record returns list of same header type.
|
2011-06-10 21:24:46 +01:00 |
|
Vincent Hanquez
|
206205091b
|
put secure renegotiation as a quickcheck parameter.
|
2011-06-08 08:39:16 +01:00 |
|
Vincent Hanquez
|
1fff2eb2f6
|
update for new TLS 0.7
|
2011-06-08 07:47:37 +01:00 |
|
Vincent Hanquez
|
ee6b0ad97a
|
update LICENSE
|
2011-06-08 07:47:32 +01:00 |
|
Vincent Hanquez
|
f56f5d6e41
|
add more handling of server key xchg and dh_anon
|
2011-06-07 08:59:20 +01:00 |
|
Vincent Hanquez
|
2e6c963ace
|
update TODO
|
2011-06-07 08:30:49 +01:00 |
|
Vincent Hanquez
|
32e81622e5
|
update LICENSE
|
2011-06-07 08:28:49 +01:00 |
|
Vincent Hanquez
|
8329187394
|
fill the server hello in the server and check the return value in the client.
|
2011-06-07 08:28:02 +01:00 |
|
Vincent Hanquez
|
96e6979ed4
|
misc change and start to trickle through the support for secure renegotiation
|
2011-06-07 08:13:43 +01:00 |
|
Vincent Hanquez
|
d3de5de4cd
|
add way to store verified data and to activate/deactivate the feature
|
2011-06-07 07:41:31 +01:00 |
|
Vincent Hanquez
|
093cd2c9fb
|
use bytes directly instead of pointlessly unpacking it for extensions and finishedData
|
2011-06-06 08:16:24 +01:00 |
|
Vincent Hanquez
|
cead67c558
|
add secure renegociation flag in state
|
2011-06-06 08:03:18 +01:00 |
|
Vincent Hanquez
|
03c07ce173
|
hello extensions can be present since SSL3
|
2011-06-06 07:56:10 +01:00 |
|
Vincent Hanquez
|
a2059de7c0
|
simplify decoding by just getting the remaining content
|
2011-06-06 07:55:09 +01:00 |
|
Vincent Hanquez
|
0710d44f3d
|
code alignment
|
2011-06-06 07:54:40 +01:00 |
|
Vincent Hanquez
|
5789a2cd22
|
fix certificateVerifyChain to not assume there's a chain.
|
2011-05-31 21:38:45 +01:00 |
|
Vincent Hanquez
|
6462d8069b
|
add self signed functions
|
2011-05-31 21:37:46 +01:00 |
|
Vincent Hanquez
|
8df0b64b9d
|
adding some documentation
|
2011-05-31 21:36:56 +01:00 |
|
Vincent Hanquez
|
a0ef8b36b3
|
remove commented code
|
2011-05-31 21:36:38 +01:00 |
|
Vincent Hanquez
|
cb41a771c3
|
fixup tls 0.7 new certificate callback usage
|
2011-05-14 09:12:30 +01:00 |
|
Vincent Hanquez
|
688bc7b951
|
rename CipherKeyExchangeRSA
|
2011-05-13 21:42:57 +01:00 |
|
Vincent Hanquez
|
283a1a8831
|
bump tls dependency to 0.7.0
|
2011-05-13 21:42:47 +01:00 |
|
Vincent Hanquez
|
ad5ed604f9
|
bump tls-extra
|
2011-05-13 21:42:37 +01:00 |
|
Vincent Hanquez
|
f74626e065
|
throw proper error if we receive an unexpected transition.
|
2011-05-13 21:40:11 +01:00 |
|
Vincent Hanquez
|
dd1ab24f10
|
bump version to 0.7.0
|
2011-05-13 21:05:44 +01:00 |
|
Vincent Hanquez
|
9cd0ed0515
|
handle exception in handshake and report to the user if the handshake has been successful or not.
|
2011-05-13 08:39:15 +01:00 |
|
Vincent Hanquez
|
6eef56c60f
|
[SECURITY] fix TLS1.1 block cipher IV usage.
In TLS1.1 and above, the IV is explicitely carried to the other side and
is generated from random. It doesn't come from the CBC residue.
|
2011-05-13 08:10:13 +01:00 |
|
Vincent Hanquez
|
432639688f
|
properly handle the mvar to put the st back if an exception happens.
|
2011-05-13 07:12:54 +01:00 |
|
Vincent Hanquez
|
8434cb24e2
|
use proper protocol error in the server during clienthello
|
2011-05-13 07:08:27 +01:00 |
|
Vincent Hanquez
|
f7ed7f541a
|
throw a proper protocol error in case the version is not supported
|
2011-05-13 07:03:16 +01:00 |
|