Branch: Tag:

2020-06-18

2020-06-18 10:13:20 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed typo in comment.

2020-05-23

2020-05-23 21:04:39 by Marcus Comstedt <marcus@mc.pp.se>

SSL.Connection: Fix warnings

2020-04-23

2020-04-23 10:07:04 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection [DTLS]: Fixed handshake message truncation issue.

2020-04-22

2020-04-22 15:25:53 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: got_data() now knows about DTLS handshake packets.

2020-04-21

2020-04-21 09:44:35 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed some issues with DTLS defragmentation.

2020-04-20

2020-04-20 18:07:53 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added defragmentation helpers for DTLS.

2020-04-19

2020-04-19 13:49:05 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Filter duplicate DTLS packets.

2020-04-12

2020-04-12 15:16:40 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added dtls flag.

2020-04-09

2020-04-09 13:22:38 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Packet: Added seq_num to Packet.

This is in preparation for implementing DTLS (#10032).

2020-02-24

2020-02-24 00:10:59 by Tobias S. Josefowitz <tobij@tobij.de>

SSL: Do not let hostname match overwrite verification status.

For a little while we allowed successful match of
CN/subjectAlternativeName overwrite the overall verification status of a
certificate chain, which has undesired side effects.

2020-02-24 00:10:59 by Tobias S. Josefowitz <tobij@tobij.de>

SSL: Do not accept MD2, MD5 and SHA1 signatures any longer

Web browsers and others have distrusted SHA1 a long while ago, MD2 and
MD5 are at this point simply dangerous to support. However, we now
support configuration of supported signature algorithms via
@[SSL.Context] in case any use case simply needs to support older
signature algorithms.

2020-02-24 00:09:58 by Tobias S. Josefowitz <tobij@tobij.de>

SSL: Do not accept MD2, MD5 and SHA1 signatures any longer

Web browsers and others have distrusted SHA1 a long while ago, MD2 and
MD5 are at this point simply dangerous to support. However, we now
support configuration of supported signature algorithms via
@[SSL.Context] in case any use case simply needs to support older
signature algorithms.

2020-02-01

2020-02-01 17:47:34 by Tobias S. Josefowitz <tobij@tobij.de>

SSL.File: Signal errors during handshake via close callback

We relatively recently stopped claiming that a connection was
peer_closed when in fact we gave up on the SSL connection with a fatal
alert. This caused us to signal some errors via the write callback
instead. This restores the old signalling behaviour by checking for
local_fatal state in some places we only checked for peer_closed before.

2020-02-01 17:47:03 by Tobias S. Josefowitz <tobij@tobij.de>

SSL: Fix ticket_enabled logic a little bit

In practice this ought to have little effect though, as to accept a
ticket we also need to be in STATE_wait_for_ticket anyway.

2020-02-01 17:43:15 by Tobias S. Josefowitz <tobij@tobij.de>

SSL.File: Signal errors during handshake via close callback

We relatively recently stopped claiming that a connection was
peer_closed when in fact we gave up on the SSL connection with a fatal
alert. This caused us to signal some errors via the write callback
instead. This restores the old signalling behaviour by checking for
local_fatal state in some places we only checked for peer_closed before.

2020-02-01 11:14:58 by Tobias S. Josefowitz <tobij@tobij.de>

SSL: Fix ticket_enabled logic a little bit

In practice this ought to have little effect though, as to accept a
ticket we also need to be in STATE_wait_for_ticket anyway.

2020-01-20

2020-01-20 23:16:28 by Tobias S. Josefowitz <tobij@tobij.de>

SSL: Only accept wildcards for one level

* in CN / SubjectAlternativeName:dNS is supposed to only match one level
of the hostname, i.e. *.example.com matches foo.example.com but not
www.foo.example.com.

2020-01-20 23:15:50 by Tobias S. Josefowitz <tobij@tobij.de>

SSL: Only accept wildcards for one level

* in CN / SubjectAlternativeName:dNS is supposed to only match one level
of the hostname, i.e. *.example.com matches foo.example.com but not
www.foo.example.com.

2019-12-04

2019-12-04 21:53:34 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.clientConnection: Session tickets (RFC 4507 and RFC 5077).

Client side support for session tickets.

Implementation only verified against itself.

Backported from 95ad6e4388b6576d7012110efe0edb3479a8422f by Tobias
Josefowitz.

2019-12-04 21:10:03 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.ServerConnection: Session tickets (RFC 4507 and RFC 5077).

Server side support for session tickets.

Note that the default ticket encoding is to use the session_id,
it thus uses server side state. The ticket encoding can be changed
by overriding {en,de}code_ticket() in SSL.Context.

Implementation verified against OpenSSL's s_client.

Backported from 372b2a05d05fa0d0e052e6634d2acf8d03629ed4 by Tobias
Josefowitz.

2019-10-11

2019-10-11 12:40:30 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Improved diagnostics when handshaking.

2019-10-11 12:39:02 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Improved diagnostics when handshaking.

2019-10-05

2019-10-05 13:28:22 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Only set peer_closed when the peer actually has closed.

2019-10-05 13:24:58 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Only set peer_closed when the peer actually has closed.

2019-05-28

2019-05-28 11:38:50 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Use SignatureScheme instead of array({Hash,Signature}Algorithm).

2019-05-28 09:25:54 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Renumbered HASH_* in preparation for using SignatureScheme.

2019-03-19

2019-03-19 12:33:55 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge commit '722771973bd' into patches/lyslyskom22891031

* commit '722771973bd': (6177 commits)
Verify that callablep responses are aligned with reality.
...

2019-03-14

2019-03-14 10:39:03 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge commit '2470270f500c728d10b8895314d8d8b07016e37b' into grubba/typechecker-automap

* commit '2470270f500c728d10b8895314d8d8b07016e37b': (18681 commits)
Removed the old typechecker.
...

2018-11-04

2018-11-04 16:11:11 by Arne Goedeke <el@laramies.com>

Merge remote-tracking branch 'origin/master' into new_utf8

2018-11-03

2018-11-03 14:21:37 by Marcus Comstedt <marcus@mc.pp.se>

Merge remote-tracking branch 'origin/8.1' into gobject-introspection

2018-05-12

2018-05-12 15:51:19 by Martin Nilsson <nilsson@fastmail.com>

Improved debug messages.

2017-12-31

2017-12-31 23:19:10 by Peter Bortas <bortas@gmail.com>

Merge remote-tracking branch 'origin/8.1' into peter/travis

2017-12-12

2017-12-12 13:41:02 by Martin Nilsson <nilsson@fastmail.com>

Sparse list of version support added.

2017-12-11

2017-12-11 21:31:18 by Martin Nilsson <nilsson@fastmail.com>

Implemented supported_versions

2017-12-09

2017-12-09 10:12:14 by Martin Nilsson <nilsson@fastmail.com>

Remove 1.3 logic, as the handshake is completely overhauled.

2017-02-03

2017-02-03 11:20:56 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Partial revert of 6563e11c15b075b0f1152b796eab373a58376792

The Buffer used in SSL.Connection does not support all features
of Stdio.Buffer...

2017-02-01

2017-02-01 19:48:46 by Martin Nilsson <nilsson@fastmail.com>

Some Stdio.Buffer optimizations.

2016-07-13

2016-07-13 12:18:00 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.ServerConnection: Session tickets (RFC 4507 and RFC 5077).

Server side support for session tickets.

Note that the default ticket encoding is to use the session_id,
it thus uses server side state. The ticket encoding can be changed
by overriding {en,de}code_ticket() in SSL.Context.

Implementation verified against OpenSSL's s_client.

2016-04-04

2016-04-04 21:37:39 by Martin Nilsson <nilsson@fastmail.com>

Type fixes and paranoia.

2016-01-16

2016-01-16 21:50:08 by Martin Nilsson <nilsson@fastmail.com>

Fix an issue where EC client certificate would overwrite EC KE on server side.

2015-12-10

2015-12-10 16:47:57 by Martin Nilsson <nilsson@fastmail.com>

Paranoia against broken certificate ASN.1

2015-12-06

2015-12-06 13:11:51 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Deprecated variable require_trust.

Setting of this variable is now equivalent to setting the
auth_level to AUTHLEVEL_require.

2015-12-04

2015-12-04 10:01:29 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed some warnings.

2015-12-04 10:00:49 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed some warnings.

2015-12-04 09:43:04 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Code clean up and improved robustness.

2015-12-04 09:41:03 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Perform a case-insensitive hostname check.

2015-12-04 09:38:10 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Perform a case-insensitive hostname check.

2015-12-03

2015-12-03 15:31:43 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Unify the server_name check with cert check.

2015-12-03 15:27:57 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Unify the server_name check with cert check.

2015-12-03 15:09:33 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed typo.

2015-12-03 15:07:56 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed typo.

2015-12-03 14:48:07 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added server_name validation against cert.

cert_data->server_name_verified will be set to 1 on success, 0 on
failure, and be UNDEFINED on unknown (ie server_name not set).

2015-12-03 14:41:39 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added server_name validation against cert.

cert_data->server_name_verified will be set to 1 on success, 0 on
failure, and be UNDEFINED on unknown (ie server_name not set).

2015-12-02

2015-12-02 10:14:07 by Martin Nilsson <nilsson@fastmail.com>

If AUTHLEVEL_none is used, don't perform any checks on the certificates.

2015-11-08

2015-11-08 19:45:58 by Martin Nilsson <nilsson@fastmail.com>

Broken ASN.1 would create an exception that closes the connection. Catch it and consider the certificates invalid instead.

2015-11-08 00:04:36 by Martin Nilsson <nilsson@fastmail.com>

Always set the cert_data after verification, even if it fails, as the error codes are listed in the mapping.

2015-10-27

2015-10-27 17:39:59 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed issue with hash_messages().

hash_messages() ignored the len argument if used with TLS 1.0 or
TLS 1.1. This caused an interop problem with extended master secret
and TLS 1.0 or TLS 1.1. Note that there still seems to be more interop
issues remaining with extended master secret.

2015-09-13

2015-09-13 10:10:12 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Added option to disable renegotiation.

This is a feature required by HTTP/2 (RFC 7540 9.2.1).

2015-08-21

2015-08-21 23:56:32 by Martin Nilsson <nilsson@fastmail.com>

Use @rfc{@} autodoc syntax.

2015-08-05

2015-08-05 12:31:45 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added shutdown().

2015-07-31

2015-07-31 14:56:16 by Martin Nilsson <nilsson@fastmail.com>

Use this instead of this_object().

2015-07-30

2015-07-30 23:11:12 by Martin Nilsson <nilsson@fastmail.com>

Stricter types.

2015-07-30 22:27:14 by Martin Nilsson <nilsson@fastmail.com>

Hash can work on Stdio.Buffer objects directly.

2015-07-06

2015-07-06 13:52:56 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.ClientConnection: Support ALPN being accepted.

Fixes [LysLysKOM 21365565].

2015-07-06 13:36:00 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.ClientConnection: Support ALPN being accepted.

Fixes [LysLysKOM 21365565].

2015-04-22

2015-04-22 15:04:58 by Martin Nilsson <nilsson@opera.com>

Keep track of Session activity, so they can be removed when inactive, not just old.

2015-04-15

2015-04-15 15:52:33 by Martin Nilsson <nilsson@opera.com>

Simplified handshake_packet a bit.

2015-04-15 12:00:20 by Martin Nilsson <nilsson@opera.com>

handshake_messages now use Buffer, and gets a small bit of abstraction also.

2015-04-13

2015-04-13 14:27:05 by Martin Nilsson <nilsson@opera.com>

Let the packet errors be generated by the recv caller.

2015-04-13 12:50:00 by Martin Nilsson <nilsson@opera.com>

Revert "Give less data to the alert_callback to avoid adding new data to buffered data."

This reverts commit 8a7572836d757ccdc9b48bb29f85c681fcabbf85.

2015-04-13 12:42:48 by Martin Nilsson <nilsson@opera.com>

Streamlined the handling of illegal incoming packets a bit more.

2015-04-13 12:33:27 by Martin Nilsson <nilsson@opera.com>

Send copy of current read_buffer to the alert callback.

2015-04-13 11:37:55 by Martin Nilsson <nilsson@opera.com>

Put data into the read buffer without abstractions that doesn't make sense anymore. Give alert_callback the raw received data for the current call.

2015-04-05

2015-04-05 18:13:45 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Improved handling of close/fail.

2015-04-05 03:14:19 by Martin Nilsson <nilsson@opera.com>

Treat deprecated alerts as fatal.

2015-04-04

2015-04-04 00:02:47 by Martin Nilsson <nilsson@opera.com>

Streamline the KE verification a bit.

2015-03-31

2015-03-31 17:07:03 by Martin Nilsson <nilsson@opera.com>

Give less data to the alert_callback to avoid adding new data to buffered data.

2015-03-31 17:05:16 by Martin Nilsson <nilsson@opera.com>

Don't process any more handshake packages once handshake is completed.

2015-03-31 16:18:01 by Martin Nilsson <nilsson@opera.com>

Changed packet parsing to use Stdio.Buffer objects. The Packet factory is still weird and needs some more thought.

2015-03-31 14:50:11 by Martin Nilsson <nilsson@opera.com>

Small improvements to SSL3_PROFILING. Less code in hash_messages.

2015-03-31 10:30:04 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Support immediate renegotiation in TLS 1.2 and earlier.

In TLS 1.2 and earlier the handshake processing may be restarted
to renegotiate the session parameters.

2015-03-31 06:31:34 by Martin Nilsson <nilsson@opera.com>

Serialize packets directly into the output buffer.

2015-03-31 05:43:43 by Martin Nilsson <nilsson@opera.com>

Change to_write API to return 0 on no data instead of empty string.

2015-03-31 04:40:03 by Martin Nilsson <nilsson@opera.com>

Small optimization. Don't serialize chiper change packages for TLS 1.3, since they are not sent.

2015-03-31 03:54:13 by Martin Nilsson <nilsson@opera.com>

Give less data to the alert_callback to avoid adding new data to buffered data.

2015-03-31 03:10:30 by Martin Nilsson <nilsson@opera.com>

Change alert_buffer to an Stdio.Buffer object. Improved internal documentation and types.

2015-03-30

2015-03-30 23:14:02 by Martin Nilsson <nilsson@opera.com>

Check for extra packet data after calling handle_handshake. This will break the code is we are currently incorrectly ignoring any packet data.

2015-03-30 22:49:38 by Martin Nilsson <nilsson@opera.com>

Don't process any more handshake packages once handshake is completed.

2015-03-30 21:30:19 by Martin Nilsson <nilsson@opera.com>

Use Buffer objects instead of strings for handle_handshake API.

2015-03-11

2015-03-11 19:01:40 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added missing line break in debug message.

2015-02-27

2015-02-27 14:29:22 by Martin Nilsson <nilsson@opera.com>

Remove trailing white spaces.

2015-02-25

2015-02-25 01:09:27 by Martin Nilsson <nilsson@opera.com>

Abstract the fatal alerts a bit.

2015-02-25 00:53:49 by Martin Nilsson <nilsson@opera.com>

Moved common preprocesor defines to tls.h

2015-02-22

2015-02-22 18:37:49 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Implemented EXTENSION_extended_master_secret.

2015-01-27

2015-01-27 17:35:28 by Martin Nilsson <nilsson@opera.com>

Fixed the fix.

2015-01-27 17:34:03 by Martin Nilsson <nilsson@opera.com>

Fixed an alert message.

2015-01-26

2015-01-26 16:56:48 by Martin Nilsson <nilsson@opera.com>

Use peer_public_key insteand of peer_certificate_chain to determine if we got any certificates.

2015-01-26 16:49:54 by Martin Nilsson <nilsson@opera.com>

Always check that the certifiate handshake packet is fully consumed. Don't decode certificates more than once.

2015-01-26 16:29:28 by Martin Nilsson <nilsson@opera.com>

Merge common certificate decoding code. No changes in behavior.

2015-01-24

2015-01-24 12:45:48 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.ServerConnection: Reduced code duplication somewhat.

All server-side derivation of the master secret is now done by
SSL.Connection::derive_master_secret().

2015-01-19

2015-01-19 13:32:40 by Martin Nilsson <nilsson@opera.com>

Deprecated verify_certificates, as auth_level does the same thing. This breaks some tests that appears to be incomplete, so disable them.

2015-01-18

2015-01-18 12:27:35 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Implemented TLS 1.3 draft 4 CertificateVerify.

2015-01-11

2015-01-11 18:07:17 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: derive_master_secret() now knows about TLS 1.3 draft 4.

2015-01-11 18:04:04 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: hash_messages() now takes a length argument.

In TLS 1.3 hash_messages() will be used to generate the various
master keys, which are longer than 12 bytes.

2015-01-10

2015-01-10 12:22:15 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Keep handshake_messages running.

In TLS 1.3 multiple ClientHello messages may show up validly in
the handshake transcript, so don't truncate the transcript.

2015-01-10 11:55:26 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Support multiple concurrent pending keys.

In TLS 1.3 multiple keys will be in use in a short span of time.
This change reduces the risk of overwriting not yet used keys
due to timing issues.

2015-01-09

2015-01-09 10:58:23 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: ChangeCipherSpec is not sent on the wire in TLS 1.3.

2015-01-06

2015-01-06 14:25:28 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Enforce handshake packet order.

All currently supported handshake packets are allocated in order.

2015-01-06 14:09:23 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Clean up CCS handling.

expect_change_cipher is now only set by change_cipher_packet().

This is in preparation for TLS 1.3 where CCS won't be on the wire.

2015-01-06 13:23:21 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added derive_master_secret().

More unification of code in client and server.

2015-01-05

2015-01-05 12:00:16 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: handshake_packet() now accepts Stdio.Buffer.

Also converts some #defines to protected constants to avoid
syntax errors.

2014-12-30

2014-12-30 16:40:44 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Moved certificate_verify_packet() to Connection.

In TLS 1.3 this packet will be generated on the server side too.

2014-12-21

2014-12-21 04:47:34 by Martin Nilsson <nilsson@opera.com>

cert is always set in all callers, and the current code would crash anyay if it wasn't. Remove check.

2014-12-05

2014-12-05 08:44:34 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Received fatal alerts now invalidate the session.

2014-12-05 08:42:24 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Received fatal alerts now invalidate the session.

2014-12-04

2014-12-04 19:27:03 by Martin Nilsson <nilsson@opera.com>

Stop sending the protocol version around so much.

2014-12-04 19:27:01 by Martin Nilsson <nilsson@opera.com>

Less code.

2014-12-04 19:27:01 by Martin Nilsson <nilsson@opera.com>

Zero size fragments are not allowed for handshake, alert and changecipherspec packets.

2014-12-04 19:26:59 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added lfun::_sprintf().

2014-12-04 19:26:51 by Martin Nilsson <nilsson@opera.com>

Alerts messages are printed out when SSL3_DEBUG is enabled. Cut down the redundancy.

2014-12-04 19:26:48 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added query_write_queue_size().

This provides an easy API to see whether it is meaningful to
call to_write().

2014-12-04 19:26:47 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Added get_signature_algorithms().

Also extends the documentation for the signature_algorithms
variable a bit.

2014-12-04 19:26:33 by Martin Nilsson <nilsson@opera.com>

sslfile -> File and sslport -> port

2014-12-04 19:26:33 by Martin Nilsson <nilsson@opera.com>

Simplified certificate_packet code.

2014-12-04 19:26:28 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Unified several state variables into one.

SSL.Connection()->{closing,dying,handshake_finished} are now unified
into SSL.Connection()->state with named states.

It also keeps track of some of the stuff in SSL.sslfile()->close_state and
SSL.sslfile()->close_packet_send_state, which are likely to be removed soon.

2014-12-04 19:26:23 by Martin Nilsson <nilsson@opera.com>

Improved alert debug messages.

2014-12-04 19:26:23 by Martin Nilsson <nilsson@opera.com>

Have list of acceptable hash-signature-pairs in context.

2014-12-04 19:26:22 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added some doc for got_data().

Removed some dead code in got_data() that originated in
the old blocking-mode.

Also improved a few types.

2014-12-04 19:26:21 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed documentation typo.

2014-12-04 19:26:21 by Martin Nilsson <nilsson@opera.com>

Documentation and debug updates.

2014-12-04 19:26:20 by Martin Nilsson <nilsson@opera.com>

0..255 -> 8bit

2014-12-04 19:26:20 by Martin Nilsson <nilsson@opera.com>

Fixed some warnings.

2014-12-04 19:26:19 by Martin Nilsson <nilsson@opera.com>

Got rid of the Alert function.

2014-12-04 19:26:19 by Martin Nilsson <nilsson@opera.com>

Renamed SSL.context to SSL.Context.

2014-12-04 19:26:19 by Martin Nilsson <nilsson@opera.com>

Renamed session to Session.

2014-12-04 19:26:19 by Martin Nilsson <nilsson@opera.com>

Rename state to State.

2014-12-04 19:26:09 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Improved documentation.

Updates the documentation to mention {Client,Server}Connection,
and adds a few crossreferences.

2014-12-04 19:26:08 by Martin Nilsson <nilsson@opera.com>

Divide more mode-specific code between the subclasses.

2014-12-04 19:26:08 by Martin Nilsson <nilsson@opera.com>

Fail predicably with a fatal decoding_error on any low level syntax errors.

2014-12-04 19:26:08 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Unified the handshake states.

Now that there is separate code for the server and client
handshake state-machines, there's no reason for them to
have different STATE_* codes.

Also splits and moves finished_packet() to {Client,Server}Connection.

2014-12-04 19:26:08 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Moved handle_handshake() to {Server,Client}Connection.

Splitted the handshake handling into server and client specific code,
and moved it to the respective corresponding module.

2014-12-04 19:26:07 by Martin Nilsson <nilsson@opera.com>

Trivially move out hello_request and client_hello.

2014-11-29

2014-11-29 16:27:42 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.ClientConnection: Added some support for resuming sessions.

2014-11-27

2014-11-27 12:40:50 by Martin Nilsson <nilsson@opera.com>

Type fix

2014-11-26

2014-11-26 12:01:42 by Martin Nilsson <nilsson@opera.com>

Allow hash_messages to be called multiple times.

2014-11-25

2014-11-25 16:03:38 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Interoperability fix.

The handshake messages are hashed twice, so avoid
zapping them too early.

The SSL module now interoperates with other implementations again.

FIXME: What about renegotiation?

2014-11-25 14:57:52 by Martin Nilsson <nilsson@opera.com>

Allow buffer objects in handshake_packet() and hearbeat_packet().

2014-11-25 14:47:17 by Martin Nilsson <nilsson@opera.com>

Narrower.

2014-11-25 14:06:48 by Martin Nilsson <nilsson@opera.com>

Refactored send_streaming_data

2014-11-25 13:48:08 by Martin Nilsson <nilsson@opera.com>

More OO.

2014-11-25 12:19:19 by Martin Nilsson <nilsson@opera.com>

Renamed methods for consistency with Stdio.Buffer

2014-11-25 11:14:22 by Martin Nilsson <nilsson@opera.com>

Remove handshake messages once they have been hashed. Saves 1-2k per connection.

2014-11-24

2014-11-24 17:43:14 by Martin Nilsson <nilsson@opera.com>

Add signature_algorithms as Buffer instead of string.

2014-11-24 17:40:17 by Martin Nilsson <nilsson@opera.com>

Mark key exchange packets as 8bit.

2014-11-24 17:22:30 by Martin Nilsson <nilsson@opera.com>

Replaced pop_data() with read() or direct buffer usage.

2014-11-24 16:29:55 by Martin Nilsson <nilsson@opera.com>

Use SSL.Buffer instead of ADT.struct

2014-11-22

2014-11-22 13:10:33 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.ClientConnection: Added some support for resuming sessions.

2014-11-21

2014-11-21 10:42:24 by Martin Nilsson <nilsson@opera.com>

Changed a few ADT.struct to Stdio.Buffer

2014-11-20

2014-11-20 12:20:30 by Martin Nilsson <nilsson@opera.com>

Use Context.random for IV generation.

2014-11-13

2014-11-13 12:50:51 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed race condition with alert callbacks.

to_write() could get called with the pending alert before
the alert callback had determined what to do about the alert.

This caused the http to https redirect fallback in Roxen to fail,
due to to_write() having closed the stream before the callback
could steal it.

2014-11-13 12:46:58 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed race condition with alert callbacks.

to_write() could get called with the pending alert before
the alert callback had determined what to do about the alert.

This caused the http to https redirect fallback in Roxen to fail,
due to to_write() having closed the stream before the callback
could steal it.

2014-10-14

2014-10-14 16:09:33 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: Propagate fatal alerts to close and write callbacks.

SSL did not call the close_callback on SSL.File()s that connect outgoing
and abort the handshake by sending fatal alerts to the server.

Fatal alerts generated locally (ie due to broken data from peer)
are now signalled on the close and write callbacks with errno set
to ECONNABORTED and fatal alerts received from the peer have errno
set to ECONNRESET.

Thanks to Tobias S. Josefowitz <tobij@tobij.de> for the report.

Tentative fix for [LysLysKOM 21005266].

2014-10-14 16:09:18 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: Propagate fatal alerts to close and write callbacks.

SSL did not call the close_callback on SSL.File()s that connect outgoing
and abort the handshake by sending fatal alerts to the server.

Fatal alerts generated locally (ie due to broken data from peer)
are now signalled on the close and write callbacks with errno set
to ECONNABORTED and fatal alerts received from the peer have errno
set to ECONNRESET.

Thanks to Tobias S. Josefowitz <tobij@tobij.de> for the report.

Tentative fix for [LysLysKOM 21005266].

2014-09-04

2014-09-04 15:57:43 by Arne Goedeke <el@laramies.com>

Merge remote-tracking branch 'origin/8.0' into string_alloc

Conflicts:
src/stralloc.c

2014-08-27

2014-08-27 18:55:31 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Fix lost close packets.

Removed some erroneous code.

2014-08-24

2014-08-24 12:11:46 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Improved support for renegotiation.

2014-08-07

2014-08-07 15:37:42 by Martin Nilsson <nilsson@opera.com>

Stop sending the protocol version around so much.

2014-08-05

2014-08-05 14:39:35 by Martin Nilsson <nilsson@opera.com>

Less code.

2014-08-05 14:37:55 by Martin Nilsson <nilsson@opera.com>

Zero size fragments are not allowed for handshake, alert and changecipherspec packets.

2014-08-01

2014-08-01 06:52:50 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added lfun::_sprintf().

2014-07-16

2014-07-16 12:57:30 by Martin Nilsson <nilsson@opera.com>

Alerts messages are printed out when SSL3_DEBUG is enabled. Cut down the redundancy.

2014-07-13

2014-07-13 10:26:02 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added query_write_queue_size().

This provides an easy API to see whether it is meaningful to
call to_write().

2014-07-07

2014-07-07 15:20:32 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Added get_signature_algorithms().

Also extends the documentation for the signature_algorithms
variable a bit.

2014-06-01

2014-06-01 11:49:27 by Martin Nilsson <nilsson@opera.com>

sslfile -> File and sslport -> port

2014-05-31

2014-05-31 19:33:26 by Martin Nilsson <nilsson@opera.com>

Simplified certificate_packet code.

2014-05-23

2014-05-23 19:14:54 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Unified several state variables into one.

SSL.Connection()->{closing,dying,handshake_finished} are now unified
into SSL.Connection()->state with named states.

It also keeps track of some of the stuff in SSL.sslfile()->close_state and
SSL.sslfile()->close_packet_send_state, which are likely to be removed soon.

2014-05-20

2014-05-20 10:08:45 by Martin Nilsson <nilsson@opera.com>

Have list of acceptable hash-signature-pairs in context.

2014-05-19

2014-05-19 21:18:43 by Martin Nilsson <nilsson@opera.com>

Improved alert debug messages.

2014-05-18

2014-05-18 19:36:24 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added some doc for got_data().

Removed some dead code in got_data() that originated in
the old blocking-mode.

Also improved a few types.

2014-05-17

2014-05-17 10:55:36 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed documentation typo.

2014-05-16

2014-05-16 21:01:17 by Martin Nilsson <nilsson@opera.com>

Documentation and debug updates.

2014-05-16 12:11:21 by Martin Nilsson <nilsson@opera.com>

Fixed some warnings.

2014-05-15

2014-05-15 23:20:23 by Martin Nilsson <nilsson@opera.com>

0..255 -> 8bit

2014-05-15 20:43:25 by Martin Nilsson <nilsson@opera.com>

Got rid of the Alert function.

2014-05-15 20:20:05 by Martin Nilsson <nilsson@opera.com>

Renamed SSL.context to SSL.Context.

2014-05-15 19:57:24 by Martin Nilsson <nilsson@opera.com>

Renamed session to Session.

2014-05-15 19:50:17 by Martin Nilsson <nilsson@opera.com>

Rename state to State.

2014-05-05

2014-05-05 16:47:37 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Improved documentation.

Updates the documentation to mention {Client,Server}Connection,
and adds a few crossreferences.

2014-05-04

2014-05-04 22:38:54 by Martin Nilsson <nilsson@opera.com>

Divide more mode-specific code between the subclasses.

2014-05-04 22:13:10 by Martin Nilsson <nilsson@opera.com>

Fail predicably with a fatal decoding_error on any low level syntax errors.

2014-05-04 20:38:00 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Unified the handshake states.

Now that there is separate code for the server and client
handshake state-machines, there's no reason for them to
have different STATE_* codes.

Also splits and moves finished_packet() to {Client,Server}Connection.

2014-05-04 20:09:07 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Moved handle_handshake() to {Server,Client}Connection.

Splitted the handshake handling into server and client specific code,
and moved it to the respective corresponding module.

2014-05-04 18:00:13 by Martin Nilsson <nilsson@opera.com>

Trivially move out hello_request and client_hello.

2014-05-04 17:10:53 by Martin Nilsson <nilsson@opera.com>

Merge handshake and connection into Connection. Then make that as a base class for ClientConnectio and ServerConnection, that assumes respective role.