74 Commits (master)

Author SHA1 Message Date
  Michael Brown fd96acb7de [tls] Add missing call to tls_tx_resume() when restarting negotiation 5 years ago
  Michael Brown 7b63c1275f [tls] Display validator messages only while validation is in progress 5 years ago
  Michael Brown b28ccfc725 [tls] Display cross-certificate and OCSP status messages 5 years ago
  Michael Brown eaba1a22b8 [tls] Support stateless session resumption 5 years ago
  Michael Brown 799781f168 [tls] Fix incorrectly duplicated error number 5 years ago
  Michael Brown 272fe32529 [tls] Support stateful session resumption 5 years ago
  Michael Brown baaf50017d [tls] Ensure that window change is propagated to plainstream interface 6 years ago
  Michael Brown 4152aff103 [tls] Rename tls_session to tls_connection 6 years ago
  Michael Brown ac4fbd47ae [tls] Ensure received data list is initialised before calling tls_free() 6 years ago
  Michael Brown 1e4a3f5bab [tls] Support RFC5746 secure renegotiation 7 years ago
  Michael Brown 2f12690455 [tls] Keep cipherstream window open until TLS negotiation is complete 7 years ago
  Michael Brown 05dcb07cb2 [tls] Avoid potential out-of-bound reads in length fields 8 years ago
  Michael Brown b1caa48e4b [crypto] Support SHA-{224,384,512} in X.509 certificates 9 years ago
  Michael Brown fc7885ed9e [tls] Report supported signature algorithms in ClientHello 9 years ago
  Michael Brown 1ac7434111 [tls] Do not access beyond the end of a 24-bit integer 9 years ago
  Christian Hesse bf40b79734 [build] Add missing "const" qualifiers 9 years ago
  Michael Brown bc8ca6b8ce [crypto] Generalise X.509 cache to a full certificate store 10 years ago
  Michael Brown 01fa7efa38 [crypto] Remove dynamically-allocated storage for certificate name 10 years ago
  Michael Brown 0acc52519d [tls] Concatenate received non-data records before processing 11 years ago
  Michael Brown d23db28488 [tls] Fix potential memory leak 12 years ago
  Michael Brown 1e199c8260 [tls] Fix uninitialised variable 12 years ago
  Michael Brown 72db14640c [tls] Split received records over multiple I/O buffers 12 years ago
  Michael Brown 79300e2ddf [tls] Disambiguate most error causes 12 years ago
  Michael Brown c3b4860ce3 [legal] Update FSF mailing address in GPL licence texts 12 years ago
  Michael Brown 9a8c6b00d4 [tls] Request a maximum fragment length of 2048 bytes 12 years ago
  Michael Brown af47789ef2 [tls] Mark security negotiation as a pending operation 12 years ago
  Michael Brown f19565f58f [tls] Use asynchronous certificate validator 12 years ago
  Michael Brown 99c798d87a [crypto] Add x509_append_raw() 12 years ago
  Michael Brown 0ad8b601dd [crypto] Allow for X.509 certificates with no common name 12 years ago
  Michael Brown 557f467bab [crypto] Allow certificate chains to be long-lived data structures 12 years ago
  Michael Brown 601cb3610f [crypto] Parse OCSP responder URI from X.509 certificate 12 years ago
  Stefan Weil dcccb1fb7b [tls] Fix wrong memset in function tls_clear_cipher 12 years ago
  Michael Brown f2af64aba5 [crypto] Differentiate "untrusted root" and "incomplete chain" error cases 12 years ago
  Michael Brown 2d9d0adc4e [crypto] Add previous certificate in chain as a parameter to parse_next() 12 years ago
  Michael Brown cf78afa5c5 [tls] Support sending a client certificate 12 years ago
  Michael Brown 7869f71ae7 [tls] Treat handshake digest algorithm as a session parameter 12 years ago
  Michael Brown a156c15746 [tls] Use hybrid MD5+SHA1 algorithm 12 years ago
  Michael Brown 8583c323a2 [tls] Check certificate validity period against current date and time 12 years ago
  Michael Brown 5da712385e [tls] Include current time within the client random bytes 12 years ago
  Michael Brown f3a791c6de [tls] Validate server certificate 12 years ago
  Michael Brown 4d3b5473f8 [tls] Add full X.509 certificate parsing 12 years ago
  Michael Brown dc87161c30 [tls] Use iPXE native RSA algorithm 12 years ago
  Michael Brown b63bcd73a0 [tls] Use const to mark incoming data being processed 12 years ago
  Michael Brown 1c29b4d979 [crypto] Upgrade AES and RSA code to upstream axTLS version 1.4.5 12 years ago
  Michael Brown c8f52cccfb [tls] Formalise the definition of a TLS cipher suite 12 years ago
  Michael Brown 6069b09bfc [tls] Support (and prefer) SHA-256 variants of existing cipher suites 12 years ago
  Michael Brown 015c936791 [tls] Support TLS version 1.2 12 years ago
  Michael Brown 281f9aa7a6 [tls] Send empty Certificate record if requested by server 12 years ago
  Michael Brown a42f6cab14 [tls] Verify the contents of the Finished record 12 years ago
  Michael Brown 56a7981d58 [tls] Allow transmitted records to be scheduled independently 12 years ago