index
:
tteras/strongswan
master
tteras
tteras-release
tteras' strongSwan tree
gitolite
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
src
/
libtls
/
tls_peer.c
Commit message (
Collapse
)
Author
Age
Files
Lines
*
Delegate tls_t.get_{peer,server}_id to handshake layer
Martin Willi
2013-02-28
1
-2
/
+21
|
|
|
|
|
This allows to get updated peer identities if the peer can't authenticate, or does when it is optional.
*
Fixed encoding of TLS extensions (elliptic_curves and signature_algorithms)
Tobias Brunner
2012-11-28
1
-0
/
+1
|
*
Moved debug.[ch] to utils folder
Tobias Brunner
2012-10-24
1
-1
/
+1
|
*
Check rng return value when generating secrets and IVs in libtls
Tobias Brunner
2012-07-16
1
-6
/
+8
|
*
Add a return value to tls_crypto_t.derive_secrets()
Martin Willi
2012-07-16
1
-8
/
+17
|
*
Implemented TLS session resumption both as client and as server
Martin Willi
2011-12-31
1
-17
/
+60
|
*
Separated cipherspec checking and switching, allowing us to defer the second
Martin Willi
2011-12-31
1
-13
/
+19
|
*
renamed tls_reader|writer to bio_* and moved to libstrongswan
Andreas Steffen
2011-05-31
1
-30
/
+30
|
*
Continue without client authentication if no matching certificate found
Martin Willi
2011-04-14
1
-19
/
+22
|
*
Ignore TLS certificate requests as peer if peer authentication disabled
Martin Willi
2011-04-14
1
-13
/
+14
|
*
Send TLS Server Name Indication as peer if server identity is a FQDN
Martin Willi
2011-04-14
1
-0
/
+14
|
*
Include ec_point_format extension in ClientHello
Martin Willi
2010-09-06
1
-0
/
+6
|
*
Renamed ecp_format to ansi_format, as point formats in TLS use different ↵
Martin Willi
2010-09-06
1
-3
/
+3
|
|
|
|
identifiers
*
Prepend point format to ECDH public key
Martin Willi
2010-09-06
1
-4
/
+14
|
*
Use a dynamic curve enumerator to list/convert TLS named curves
Martin Willi
2010-09-03
1
-24
/
+49
|
*
Use ECDH group check where appropriate
Martin Willi
2010-09-03
1
-27
/
+10
|
*
Select private key based on received cipher suites
Martin Willi
2010-09-03
1
-1
/
+1
|
*
Support for EC curve Hello extension, EC curve fallback
Martin Willi
2010-09-03
1
-1
/
+5
|
*
Added client support for ECDHE key exchange
Martin Willi
2010-09-03
1
-2
/
+103
|
*
Added TLS client side support for DHE suites
Martin Willi
2010-09-02
1
-25
/
+187
|
*
Implemented "signature algorithm" hello extension
Martin Willi
2010-09-02
1
-0
/
+8
|
*
Support different hash/sig algorithms in handshake signing, including ECDSA
Martin Willi
2010-09-02
1
-7
/
+56
|
*
Strictly check if the server certificate matches the TLS server identity
Martin Willi
2010-08-31
1
-0
/
+44
|
*
Send TLS alerts for errors in TLS handshake building
Martin Willi
2010-08-25
1
-0
/
+6
|
*
Pass NULL peer identity to omit TLS peer authentication, added ↵
Martin Willi
2010-08-24
1
-15
/
+19
|
|
|
|
eap-ttls.request_peer_auth option
*
removed some redundant debug output
Andreas Steffen
2010-08-24
1
-2
/
+0
|
*
Implemented TLS Alert handling
Martin Willi
2010-08-23
1
-17
/
+47
|
*
Verify negotiated TLS version
Martin Willi
2010-08-23
1
-2
/
+4
|
*
Introducing a dedicated debug message group for libtls
Martin Willi
2010-08-23
1
-23
/
+23
|
*
Streamlined TLS debugging output
Martin Willi
2010-08-23
1
-7
/
+6
|
*
Use a seperate section for each nested struct member in INIT macro
Martin Willi
2010-08-18
1
-8
/
+9
|
*
added generic TLS application data handler and specific EAP-TTLS instantiation
Andreas Steffen
2010-08-12
1
-0
/
+7
|
*
Added support for different encryption schemes to private/public keys
Martin Willi
2010-08-10
1
-1
/
+2
|
*
support server authentication only for EAP-TTLS
Andreas Steffen
2010-08-07
1
-5
/
+23
|
*
Use certificate subject to get a public key of the TLS server
Martin Willi
2010-08-05
1
-7
/
+11
|
*
added some more TLS debug output
Andreas Steffen
2010-08-05
1
-7
/
+14
|
*
log selected TLS version and cipher suite
Andreas Steffen
2010-08-05
1
-1
/
+6
|
*
Moved TLS stack to its own library
Martin Willi
2010-08-03
1
-0
/
+625