Vincent Hanquez
|
5b139b3199
|
convert stunnel to use getopt.
|
2013-06-03 08:10:53 +01:00 |
|
Vincent Hanquez
|
8c4443aa21
|
disable check ciphers as it's currently broken.
|
2013-06-03 08:10:42 +01:00 |
|
Vincent Hanquez
|
eddac3ab4f
|
bump version of tls-extra and debug dependencies
|
2013-06-02 07:55:17 +01:00 |
|
Kyle Raftogianis
|
347ebdaaf1
|
Rename nullSessionManager to noSessionManager
|
2013-06-01 23:52:38 -07:00 |
|
Vincent Hanquez
|
1c6a1187b2
|
remove cmdarg in favor of getopt.
|
2013-06-02 07:13:00 +01:00 |
|
Vincent Hanquez
|
b3e3a2d648
|
fix compilation
|
2013-06-02 07:12:26 +01:00 |
|
Vincent Hanquez
|
8aebcd7b48
|
update debug for tls 1.2
|
2013-05-30 07:22:08 +01:00 |
|
Vincent Hanquez
|
e35026abe8
|
misc export and convenience functions in extra.
|
2013-05-30 07:21:55 +01:00 |
|
Vincent Hanquez
|
8468556fe8
|
use x509 public key and private key instead of defining our own in tls.
|
2013-05-30 07:21:25 +01:00 |
|
Vincent Hanquez
|
026aba87e5
|
use x509 and x509-validation.
|
2013-05-26 08:02:46 +01:00 |
|
Vincent Hanquez
|
b1478dd618
|
some exporting deprecated aliases.
|
2013-05-26 08:02:20 +01:00 |
|
Vincent Hanquez
|
02b2f01515
|
move certificate stuff in x509 module.
|
2013-05-26 08:02:06 +01:00 |
|
Vincent Hanquez
|
8d39c0103b
|
use not a deprecated alias.
|
2013-05-26 08:01:34 +01:00 |
|
Vincent Hanquez
|
ac7cf0a31e
|
remove some test that are done in core anyway.
|
2013-05-26 08:00:54 +01:00 |
|
Vincent Hanquez
|
a3db8c38a1
|
remove all the old certificate functions and use new things
|
2013-05-26 07:24:19 +01:00 |
|
Vincent Hanquez
|
af29b3dc3f
|
prepare for 1.2 branch
|
2013-05-26 07:24:02 +01:00 |
|
Vincent Hanquez
|
59d61067b0
|
add X509 file.
|
2013-05-26 07:19:59 +01:00 |
|
Vincent Hanquez
|
2d993717e7
|
add ability to use pem output format in tls-retrievecertificate
|
2013-05-19 08:06:00 +01:00 |
|
Vincent Hanquez
|
fc9c6a407d
|
update for x509
|
2013-05-19 08:05:46 +01:00 |
|
Vincent Hanquez
|
378d9dbecb
|
bump version of tls-extra
|
2013-05-16 09:44:51 +01:00 |
|
Vincent Hanquez
|
c2924f82d9
|
don't use DSA.signature for now as it's going some new revision
|
2013-05-16 09:44:01 +01:00 |
|
Kyle Raftogianis
|
2c9fa01197
|
Replace existential session manager with concrete data type
|
2013-05-14 22:42:09 -07:00 |
|
Vincent Hanquez
|
5173b61783
|
comment compression import.
|
2013-02-09 16:57:58 +00:00 |
|
Vincent Hanquez
|
83c1e247e6
|
add extra check for minimum size and being a blocksize multiple for block ciphers.
|
2013-02-09 16:57:22 +00:00 |
|
Vincent Hanquez
|
66cf59c054
|
remove BulkNoneF which only duplicate case for no reason.
|
2013-02-09 16:56:47 +00:00 |
|
Vincent Hanquez
|
75953f1885
|
add a nice friendly error if the certificate for stunnel are not
present.
|
2013-02-09 14:20:01 +00:00 |
|
Vincent Hanquez
|
c26cf3d1fd
|
use strict bytestring in the test. avoid using deprecated symbol.
|
2013-02-09 10:51:29 +00:00 |
|
Vincent Hanquez
|
e711a49446
|
fold
|
2013-02-09 10:50:51 +00:00 |
|
Vincent Hanquez
|
29863194bc
|
use the certificate reading helpers in extra.
|
2013-02-09 10:50:12 +00:00 |
|
Vincent Hanquez
|
339d2ca33a
|
reorganize the disengage decryptData function for further change.
|
2013-02-09 08:10:13 +00:00 |
|
Vincent Hanquez
|
35910529cc
|
recv more data than 1 chunk in the simpleClient debug tool.
Use the timeout feature (2s per recv) to get out of a blocking http1.1 reading.
|
2013-02-09 08:07:47 +00:00 |
|
bartavelle
|
4b5be1ee30
|
Adding support for SHA256
This one line change seems to add support for SHA256 signatures.
|
2013-02-01 13:51:56 +01:00 |
|
Vincent Hanquez
|
89afb971ea
|
bump tls-debug version
|
2013-01-27 16:13:14 +00:00 |
|
Vincent Hanquez
|
0e628cf2c1
|
bump tls version
|
2013-01-27 16:09:49 +00:00 |
|
Vincent Hanquez
|
822a864b95
|
add a way to turn off sni for testing.
|
2013-01-27 16:09:33 +00:00 |
|
Vincent Hanquez
|
5afd866070
|
add SNI extension if it has been specified in the ClientUseServerName
|
2013-01-27 16:09:08 +00:00 |
|
Vincent Hanquez
|
510dcdd752
|
fix encoding of ServerName extension.
|
2013-01-27 16:08:39 +00:00 |
|
Vincent Hanquez
|
f27d31d65b
|
expand tabs
|
2013-01-27 14:17:36 +00:00 |
|
Vincent Hanquez
|
1a219e589d
|
remove warning with defaulting to integer
|
2013-01-20 04:55:41 +00:00 |
|
Vincent Hanquez
|
c41086fcab
|
add groom to show certificate in full.
|
2013-01-19 22:16:13 +00:00 |
|
Vincent Hanquez
|
c94898ea6f
|
improve verifychain function.
add basic information to be able to verify BasicConstraints pathlen.
|
2013-01-19 22:15:55 +00:00 |
|
Vincent Hanquez
|
678afe4d31
|
fix example.
|
2013-01-19 20:12:16 +00:00 |
|
Vincent Hanquez
|
af78b1db4c
|
remove CPP.
|
2013-01-19 20:12:05 +00:00 |
|
Vincent Hanquez
|
845e245d62
|
remove fastaes flag. cipher-aes is now the only choice.
|
2013-01-19 20:11:56 +00:00 |
|
Vincent Hanquez
|
0d6e8e84e8
|
remove spurious file.
|
2013-01-19 20:11:29 +00:00 |
|
Vincent Hanquez
|
61e0677ce2
|
bump version
|
2013-01-19 11:42:32 +00:00 |
|
Vincent Hanquez
|
fe3bcd2748
|
bump version of extra's dependencies debug.
|
2013-01-19 11:42:25 +00:00 |
|
Vincent Hanquez
|
a33ac97baa
|
bump version
|
2013-01-19 11:41:57 +00:00 |
|
Vincent Hanquez
|
15885c0649
|
check that a certificate has the ability to actually sign another certificate.
this is done basically by verifying that the CA is set in basic constraints,
and then that the key usage allow certificate signing.
|
2013-01-19 11:41:49 +00:00 |
|
Vincent Hanquez
|
0b51f14b80
|
require certificate 1.3.5
|
2013-01-19 11:37:06 +00:00 |
|