SSL.Packet: Added seq_num to Packet.
This is in preparation for implementing DTLS (#10032).
Change "?->" to the new "->?" syntax throughout Pike
Merge commit '722771973bd' into patches/lyslyskom22891031
* commit '722771973bd': (6177 commits)
Verify that callablep responses are aligned with reality.
Merge commit '2470270f500c728d10b8895314d8d8b07016e37b' into grubba/typechecker-automap
* commit '2470270f500c728d10b8895314d8d8b07016e37b': (18681 commits)
Removed the old typechecker.
Merge remote-tracking branch 'origin/8.1' into gobject-introspection
SSL.State: Improved interop with gnutls.
The encrypt-then-mac mode now interoperates with gnutls 3.4.6.
Added SSL3_DEBUG_CRYPT_MSG to make State a bit ore readable.
Moved empty fragment paranoia check to before any access to the fragment. Removed redundant size check for decompressed data (already done in Packet).
SSL.State: Added some SSL3_DEBUG_CRYPT debug.
SSL.state: Fixed type for compress().
Correctly check the fragment size in the different stages of decoding.
Stop operating directly on packet->fragment.
Stop sending the protocol version around so much.
Fail when uncompressed packet > 2^14 bytes
SSL: Support EXTENSION_encrypt_then_mac.
This draft extension improves security for old CBC suites by
hashing the encrypted data including the padding. This works
around the various TLS padding attacks.
SSL.State: Allow for AEAD suites with implicit iv/nonce.
The ChaCha20-Poly1305 suites use a fully implicit nonce, so make sure
to support this.
Fixes ChaCha20-Poly1305 TLS interoperability with Google's GFE/2.0.
Documentation and debug updates.
SSL: Added support for the ChaCha20-Poly1305 suites.
Renamed session to Session.
Got rid of the Alert function.
Rename state to State.
Use Context.random for IV generation.
SSL.State: The AEAD length field is gone in TLS 1.3.