aboutsummaryrefslogtreecommitdiffstats
path: root/src/libtls/tls.c
Commit message (Collapse)AuthorAgeFilesLines
* Use standard unsigned integer typesAndreas Steffen2016-03-241-3/+3
|
* libtls: Add getters for TLS handshake authentication detailsMartin Willi2015-03-031-0/+7
|
* libtls: Don't send TLS close notifies in EAP after application succeedsMartin Willi2015-02-191-1/+1
| | | | | | | | | | | | | With the introduction of PT-TLS, we started sending TLS close notifies after the application layer completes (7bbf7aa9). While this makes sense for TCP based transports, it is not required in EAP methods. In EAP, handshake completion can be directly signaled using the outer EAP-SUCCESS message. This also saves one round-trip in the EAP exchange. Windows 7/8 does not seem to like TLS close notifies at all in EAP, and either stalls (EAP-TTLS) or disconnects (PEAP). Fixes #556.
* tls: Move variable sized tls_record_t struct to end of tls_t dataMartin Willi2014-05-161-4/+4
| | | | clang complains about the the non-last variable length member.
* tls: Introduce a generic TLS purpose that accepts NULL encryption ciphersMartin Willi2014-04-011-0/+1
|
* tls: Check for minimal TLS record length before each record iterationMartin Willi2014-03-311-8/+8
| | | | | | Fixes fragment reassembling if a buffer contains more than one record, but the last record contains a partial TLS record header. Thanks to Nick Saunders and Jamil Nimeh for identifying this issue and providing a fix for it.
* libtls: Move settings to <ns>.tls with fallback to libtlsTobias Brunner2014-02-121-0/+1
|
* Delegate tls_t.get_{peer,server}_id to handshake layerMartin Willi2013-02-281-18/+4
| | | | | This allows to get updated peer identities if the peer can't authenticate, or does when it is optional.
* make AR identities available to IMVs via IF-IMV 1.4 draftAndreas Steffen2013-02-111-0/+14
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-241-1/+1
|
* Implemented TLS session resumption both as client and as serverMartin Willi2011-12-311-2/+2
|
* added dummy libtls_init() function needed for integrity testingAndreas Steffen2011-11-081-0/+8
|
* added TLS renegotiation_info extensionAndreas Steffen2011-04-141-1/+5
|
* added TLS_PURPOSE_EAP_PEAPAndreas Steffen2011-04-051-0/+1
|
* Added TLS extension identifiers from RFC 3546Martin Willi2010-09-061-7/+20
|
* Support for EC curve Hello extension, EC curve fallbackMartin Willi2010-09-031-1/+4
|
* removed redundant debug outputAndreas Steffen2010-09-021-2/+0
|
* Added TLS extension identifiersMartin Willi2010-09-021-0/+4
|
* clarified debug outputAndreas Steffen2010-08-311-1/+1
|
* Support processing of partial TLS record headersMartin Willi2010-08-311-15/+39
|
* Support output fragmentation of TLS recordsMartin Willi2010-08-311-30/+81
|
* Implemented buffering of partial records in TLS stackMartin Willi2010-08-311-15/+65
|
* Added a simple high level TLS wrapper for socketsMartin Willi2010-08-251-0/+1
|
* Initialize output chunk before appending data to itMartin Willi2010-08-251-0/+1
|
* Pass NULL peer identity to omit TLS peer authentication, added ↵Martin Willi2010-08-241-2/+2
| | | | eap-ttls.request_peer_auth option
* Check if the application layer has completed successfullyMartin Willi2010-08-241-1/+9
|
* Moved TLS record parsing/generation to tls.cMartin Willi2010-08-241-4/+65
|
* Implemented TLS Alert handlingMartin Willi2010-08-231-5/+13
|
* Verify negotiated TLS versionMartin Willi2010-08-231-2/+17
|
* Introducing simple purposes for the TLS stack, switches various optionsMartin Willi2010-08-201-6/+27
|
* optional certificate-based peer authentication on TLS server sideAndreas Steffen2010-08-151-3/+4
|
* added generic TLS application data handler and specific EAP-TTLS instantiationAndreas Steffen2010-08-121-2/+11
|
* EAP-TLS and EAP-TTLS use different constant MSK PRF labelAndreas Steffen2010-08-071-2/+2
|
* Moved TLS stack to its own libraryMartin Willi2010-08-031-0/+213
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-27 22:32:05 +0000