aboutsummaryrefslogtreecommitdiff
path: root/src/net/tls.c
AgeCommit message (Expand)AuthorFilesLines
2022-10-11[tls] Add support for Ephemeral Diffie-Hellman key exchangeHEADMichael Brown1-0/+246
2022-10-11[tls] Add key exchange mechanism to definition of cipher suiteMichael Brown1-3/+25
2022-10-11[tls] Record ServerKeyExchange record, if providedMichael Brown1-0/+36
2022-10-11[tls] Generate pre-master secret at point of sending ClientKeyExchangeMichael Brown1-16/+24
2022-10-11[tls] Generate master secret at point of sending ClientKeyExchangeMichael Brown1-8/+13
2022-10-10[crypto] Simplify internal HMAC APIMichael Brown1-29/+22
2020-12-15[crypto] Allow private key to be specified as a TLS connection parameterMichael Brown1-5/+11
2020-12-15[tls] Include root of trust within definition of TLS sessionMichael Brown1-3/+7
2020-12-09[x509] Make root of trust a reference-counted structureMichael Brown1-1/+2
2020-12-08[x509] Record root of trust used when validating a certificateMichael Brown1-2/+6
2020-12-07[tls] Allow provision of a client certificate chainMichael Brown1-30/+77
2020-12-07[tls] Use intf_insert() to add TLS to an interfaceMichael Brown1-4/+9
2020-06-12[tls] Allow a minimum TLS protocol version to be specifiedMichael Brown1-6/+24
2019-08-16[tls] Add missing call to tls_tx_resume() when restarting negotiationMichael Brown1-22/+24
2019-03-10[tls] Display validator messages only while validation is in progressMichael Brown1-3/+9
2019-03-07[tls] Display cross-certificate and OCSP status messagesMichael Brown1-0/+20
2019-03-06[tls] Support stateless session resumptionMichael Brown1-19/+110
2019-03-06[tls] Fix incorrectly duplicated error numberMichael Brown1-1/+1
2019-02-21[tls] Support stateful session resumptionMichael Brown1-8/+191
2018-03-24[tls] Ensure that window change is propagated to plainstream interfaceMichael Brown1-2/+7
2018-03-24[tls] Rename tls_session to tls_connectionMichael Brown1-119/+123
2018-03-23[tls] Ensure received data list is initialised before calling tls_free()Michael Brown1-3/+3
2017-07-04[tls] Support RFC5746 secure renegotiationMichael Brown1-19/+188
2017-05-22[tls] Keep cipherstream window open until TLS negotiation is completeMichael Brown1-0/+16
2016-03-11[tls] Avoid potential out-of-bound reads in length fieldsMichael Brown1-44/+67
2015-08-02[crypto] Support SHA-{224,384,512} in X.509 certificatesMichael Brown1-73/+17
2015-08-02[tls] Report supported signature algorithms in ClientHelloMichael Brown1-0/+25
2015-08-01[tls] Do not access beyond the end of a 24-bit integerMichael Brown1-22/+29
2015-04-24[build] Add missing "const" qualifiersChristian Hesse1-2/+2
2014-03-28[crypto] Generalise X.509 cache to a full certificate storeMichael Brown1-40/+34
2014-03-25[crypto] Remove dynamically-allocated storage for certificate nameMichael Brown1-10/+4
2013-01-31[tls] Concatenate received non-data records before processingMichael Brown1-12/+10
2012-09-28[tls] Fix potential memory leakMichael Brown1-0/+1
2012-09-28[tls] Fix uninitialised variableMichael Brown1-2/+1
2012-09-27[tls] Split received records over multiple I/O buffersMichael Brown1-164/+278
2012-08-25[tls] Disambiguate most error causesMichael Brown1-32/+140
2012-07-20[legal] Update FSF mailing address in GPL licence textsMichael Brown1-1/+2
2012-06-29[tls] Request a maximum fragment length of 2048 bytesMichael Brown1-0/+11
2012-06-09[tls] Mark security negotiation as a pending operationMichael Brown1-3/+13
2012-05-08[tls] Use asynchronous certificate validatorMichael Brown1-46/+113
2012-05-08[crypto] Add x509_append_raw()Michael Brown1-18/+5
2012-05-08[crypto] Allow for X.509 certificates with no common nameMichael Brown1-1/+2
2012-05-04[crypto] Allow certificate chains to be long-lived data structuresMichael Brown1-67/+94
2012-05-04[crypto] Parse OCSP responder URI from X.509 certificateMichael Brown1-1/+1
2012-04-10[tls] Fix wrong memset in function tls_clear_cipherStefan Weil1-1/+1
2012-03-22[crypto] Differentiate "untrusted root" and "incomplete chain" error casesMichael Brown1-5/+5
2012-03-22[crypto] Add previous certificate in chain as a parameter to parse_next()Michael Brown1-1/+4
2012-03-20[tls] Support sending a client certificateMichael Brown1-13/+237
2012-03-20[tls] Treat handshake digest algorithm as a session parameterMichael Brown1-39/+24
2012-03-20[tls] Use hybrid MD5+SHA1 algorithmMichael Brown1-13/+66
generated by cgit v1.1 at 2024-10-13 02:31:40 +0000