aboutsummaryrefslogtreecommitdiffstats
path: root/src/libtls
Commit message (Collapse)AuthorAgeFilesLines
* libtls: Move settings to <ns>.tls with fallback to libtlsTobias Brunner2014-02-122-4/+9
|
* Build all shared libraries with -no-undefined and link them properlyTobias Brunner2013-09-121-0/+6
| | | | | | | | | | The flag is required to convince libtool on Cygwin to build DLLs. But on Windows these shared libraries can not have undefined symbols, so we have to link them explicitly to the libraries they reference. For plugins this is currently not done, so only the monolithic build is supported. The plugin loader wouldn't be able to load DLLs anyway, as it tries to load files that don't exist on Cygwin.
* Optimize TLS socket buffer for TLS_MAX_FRAGMENT_LENAndreas Steffen2013-08-191-2/+2
|
* Extract client identity and authentication type from SASL authenticationAndreas Steffen2013-08-151-0/+7
|
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-181-2/+2
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* fixed typoAndreas Steffen2013-03-271-1/+1
|
* Use proper integer types when handling TLS exchangesTobias Brunner2013-03-221-5/+6
| | | | tls_t.build takes a size_t argument not a ssize_t.
* If TLS peer authentication not required, the client does nonetheless, allow ↵Martin Willi2013-03-061-4/+19
| | | | it to fail
* Request a TLS client certificate even if no peer identity is givenMartin Willi2013-02-281-5/+1
| | | | | This allows a peer to perform client authentication if it wants, but skip it if not.
* Wrap tls_t.get_{server,peer}_id methods in tls_socket_tMartin Willi2013-02-282-0/+28
|
* Delegate tls_t.get_{peer,server}_id to handshake layerMartin Willi2013-02-287-29/+78
| | | | | This allows to get updated peer identities if the peer can't authenticate, or does when it is optional.
* Merge branch 'pt-tls'Martin Willi2013-02-143-84/+202
|\
| * Send TLS close notify during tls_socket_t destructionMartin Willi2013-01-151-2/+25
| |
| * Send TLS close notify if application returns SUCCESSMartin Willi2013-01-151-2/+6
| |
| * Block TLS read when sending data, but have to wait for the handshake data firstMartin Willi2013-01-151-4/+11
| |
| * Use a more POSIXy tls_socket interface with more flexibility.Martin Willi2013-01-152-81/+165
| | | | | | | | | | If an unsufficient read buffer is provided, application data gets cached for subsequent read() calls.
* | make AR identities available to IMVs via IF-IMV 1.4 draftAndreas Steffen2013-02-112-0/+28
|/
* Fixed encoding of TLS extensions (elliptic_curves and signature_algorithms)Tobias Brunner2012-11-282-0/+2
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-2410-10/+10
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-242-3/+3
|
* Added missing break when building TLS cipher suitesTobias Brunner2012-09-281-0/+1
|
* Don't allow NULL encryption with PEAPMartin Willi2012-09-121-1/+3
|
* Use memmove on overlapping regions, and operate with correct sizeof()Martin Willi2012-09-121-2/+2
|
* Whitespace cleanups in tls_eapMartin Willi2012-09-121-6/+6
|
* Check if TLS handshake received Finished before processing application dataMartin Willi2012-08-091-0/+6
|
* Fix tls_prf bug introduced with bc474883Martin Willi2012-07-171-4/+7
|
* Add a return value to hasher_t.allocate_hash()Martin Willi2012-07-161-2/+2
|
* Add a return value to hasher_t.get_hash()Martin Willi2012-07-161-4/+4
|
* Add a return value to crypter_t.set_key()Martin Willi2012-07-161-4/+10
|
* Add a return value to crypter_t.decrypt()Martin Willi2012-07-161-1/+6
|
* Add a return value to crypter_t.encryptMartin Willi2012-07-161-1/+10
|
* Check rng return value when generating TLS session identifiersMartin Willi2012-07-161-3/+3
|
* Check rng return value when generating secrets and IVs in libtlsTobias Brunner2012-07-163-16/+20
|
* Add a return value to prf_t.set_key()Martin Willi2012-07-161-5/+4
|
* Add a return value to prf_t.get_bytes()Martin Willi2012-07-161-5/+8
|
* Add a return value to tls_prf_t.set_key()Martin Willi2012-07-163-9/+13
|
* Add a return value to tls_prf_t.get_bytes()Martin Willi2012-07-163-20/+42
|
* Add a return value to signer_t.set_key()Martin Willi2012-07-161-4/+10
|
* Add a return value to tls_crypto_t.derive_secrets()Martin Willi2012-07-164-21/+44
|
* Add a return value to signer_t.get_signature()Martin Willi2012-07-161-8/+9
|
* Add a return value to signer_t.allocate_signature()Martin Willi2012-07-161-1/+5
|
* eliminate message length field in EAP-TNCAndreas Steffen2012-07-111-2/+6
|
* allow to transmit 64k TLS Handshake and Application messages via EAP-[T]TLSAndreas Steffen2012-07-113-19/+23
|
* some tls_eap optimizationsAndreas Steffen2012-07-111-10/+13
|
* max_message_count = 0 disables limitAndreas Steffen2012-07-111-1/+1
|
* log invalid TLS packet lengthAndreas Steffen2012-07-111-1/+2
|
* Install dev headers only if --with-dev-headers= option is setMartin Willi2012-07-111-1/+3
|
* Install libtls development headersMartin Willi2012-07-111-12/+9
|
* Double check if a cached suite is available, overwrite any old suite stateMartin Willi2012-02-071-2/+3
|
* Some Doxygen fixes.Tobias Brunner2012-02-071-9/+9
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-29 13:32:42 +0000