aboutsummaryrefslogtreecommitdiffstats
path: root/src/libtls
Commit message (Collapse)AuthorAgeFilesLines
* Double check if a cached suite is available, overwrite any old suite stateMartin Willi2012-02-071-2/+3
|
* Some Doxygen fixes.Tobias Brunner2012-02-071-9/+9
|
* Fix TLS EAP-MSK derivation, uses different order of randoms than key expansionMartin Willi2012-02-071-0/+1
|
* Filter TLS suite MAC by HMAC algorithm, as the hash is not necessarily the sameMartin Willi2012-02-071-4/+4
|
* Added a tls_socket_t.splice method to wrap a file descriptor into TLSMartin Willi2011-12-312-5/+107
|
* Implemented TLS session resumption both as client and as serverMartin Willi2011-12-3111-100/+266
|
* Implemented a TLS session cacheMartin Willi2011-12-313-0/+316
|
* Check for cipherspec changes after each handshake messageMartin Willi2011-12-311-2/+6
|
* Separated cipherspec checking and switching, allowing us to defer the secondMartin Willi2011-12-314-33/+49
|
* Be less verbose about TLS extensionsMartin Willi2011-12-241-1/+1
|
* In TLS 1.2, PRF and HASH function use at least SHA-256, not the MAC hash ↵Martin Willi2011-12-241-20/+20
| | | | function
* Added a getter for the tls_socket file descriptorMartin Willi2011-12-242-0/+14
|
* added dummy libtls_init() function needed for integrity testingAndreas Steffen2011-11-082-0/+13
|
* Don't allocate extra memory to MAC the TLS headerMartin Willi2011-09-281-22/+23
|
* Verify TLS MAC even if padding is invalid to prevent timing attacksMartin Willi2011-09-281-6/+4
|
* Install and use libtls as dynamic library, as we have our private libdir nowMartin Willi2011-08-081-1/+1
|
* Fixed common misspellings.Tobias Brunner2011-07-204-4/+4
| | | | Mostly found by 'codespell'.
* renamed tls_reader|writer to bio_* and moved to libstrongswanAndreas Steffen2011-05-319-100/+98
|
* fixed typeAndreas Steffen2011-05-314-704/+0
|
* raw TLS debug outputAndreas Steffen2011-05-291-0/+3
|
* debug type is EAP_TLSAndreas Steffen2011-04-211-4/+4
|
* do not include length field in non-fragmented EAP-PEAP packetsAndreas Steffen2011-04-212-12/+45
|
* Revert alloc_str changesMartin Willi2011-04-211-8/+4
| | | | | | This reverts commit fdead26ffe1da8501a6ff5e0639a6f44c723e763. This reverts commit 3e2419ebe32de72d824864eb2e0e677a7c197af1. This reverts commit 17ce69b47a1efd6234960cf7d1f50712aee61db5.
* Use thread save settings alloc_str function where appropriateMartin Willi2011-04-211-4/+8
|
* Continue without client authentication if no matching certificate foundMartin Willi2011-04-141-19/+22
|
* Ignore TLS certificate requests as peer if peer authentication disabledMartin Willi2011-04-141-13/+14
|
* Send TLS Server Name Indication as peer if server identity is a FQDNMartin Willi2011-04-142-0/+18
|
* Fix tls_writer wrap functionsMartin Willi2011-04-141-4/+4
|
* added TLS renegotiation_info extensionAndreas Steffen2011-04-142-1/+7
|
* added TLS_PURPOSE_EAP_PEAPAndreas Steffen2011-04-053-0/+4
|
* implemented get|set_identifier() for tls_eap_tAndreas Steffen2011-04-052-24/+85
|
* Some typos fixed.Tobias Brunner2011-02-071-1/+1
|
* Increase tls_writer buffer by at least 4 bytesMartin Willi2011-01-191-1/+1
|
* cast enumerated algorithm type as intAndreas Steffen2010-12-181-3/+4
|
* trace back crypto algorithms to the plugins that registered themAndreas Steffen2010-12-181-2/+5
|
* output TLS-independent error messagesAndreas Steffen2010-12-051-9/+9
|
* call is_complete() if tls protocol returns with SUCCESSAndreas Steffen2010-11-161-4/+8
|
* set EAP-TTLS/TNC version also in acknowledgement packetsAndreas Steffen2010-10-041-0/+11
|
* Do not change cipherspec while we have buffered handshake fragments pendingMartin Willi2010-09-091-6/+6
|
* added explanatory commentsAndreas Steffen2010-09-091-5/+5
|
* max max_message_count configurable and move it into tls_eap_tAndreas Steffen2010-09-082-3/+25
|
* handle TLS_PURPOSE_EAP_TNCAndreas Steffen2010-09-081-0/+2
|
* moved tls_t existance test into tls_eap_create() againAndreas Steffen2010-09-081-0/+5
|
* generalized tls_eap_t to support EAP_TNC wrapping the TNC_IF_TNCCS protocolAndreas Steffen2010-09-083-36/+40
|
* Read the compression type byte for EC groups, onlyMartin Willi2010-09-081-6/+10
|
* Include ec_point_format extension in ClientHelloMartin Willi2010-09-061-0/+6
|
* Added TLS specific EC point formatsMartin Willi2010-09-062-0/+23
|
* Renamed ecp_format to ansi_format, as point formats in TLS use different ↵Martin Willi2010-09-064-15/+15
| | | | identifiers
* Accept TLS records with zero-length plaintextMartin Willi2010-09-061-1/+1
|
* Added strongswan.conf option to filter for specific TLS suitesMartin Willi2010-09-061-0/+32
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-19 12:02:41 +0000