Branch: Tag:

2019-06-30

2019-06-30 14:31:39 by Marcus Comstedt <marcus@mc.pp.se>

SSL.Context: Fix typo causing compilation failure

2019-06-24

2019-06-24 12:54:19 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Constants: Renamed some EdDSA-related constants for consistency.

2019-06-08

2019-06-08 11:53:30 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: get_signature_algorithms() now knows about ed25519.

2019-05-28

2019-05-28 14:40:26 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Fixed another place.

2019-05-28 11:38:50 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Use SignatureScheme instead of array({Hash,Signature}Algorithm).

2019-05-28 10:32:10 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Updated cipher_suite_sort_key() to new HASH_*.

2019-03-19

2019-03-19 12:33:55 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge commit '722771973bd' into patches/lyslyskom22891031

* commit '722771973bd': (6177 commits)
Verify that callablep responses are aligned with reality.
...

2019-03-14

2019-03-14 10:39:03 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge commit '2470270f500c728d10b8895314d8d8b07016e37b' into grubba/typechecker-automap

* commit '2470270f500c728d10b8895314d8d8b07016e37b': (18681 commits)
Removed the old typechecker.
...

2018-11-04

2018-11-04 16:11:11 by Arne Goedeke <el@laramies.com>

Merge remote-tracking branch 'origin/master' into new_utf8

2018-11-03

2018-11-03 14:21:37 by Marcus Comstedt <marcus@mc.pp.se>

Merge remote-tracking branch 'origin/8.1' into gobject-introspection

2018-04-15

2018-04-15 23:30:58 by Martin Nilsson <nilsson@fastmail.com>

Default to keylength 256 in configure_suite_b()

2017-12-31

2017-12-31 23:19:10 by Peter Bortas <bortas@gmail.com>

Merge remote-tracking branch 'origin/8.1' into peter/travis

2017-12-12

2017-12-12 13:41:02 by Martin Nilsson <nilsson@fastmail.com>

Sparse list of version support added.

2017-12-11

2017-12-11 21:31:18 by Martin Nilsson <nilsson@fastmail.com>

Implemented supported_versions

2016-12-12

2016-12-12 11:04:56 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Survive Context()->ecc_curves being empty.

Fixes some more of [bug 7825].

2016-12-12 10:55:41 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Survive Context()->ecc_curves being empty.

Fixes some more of [bug 7825].

2016-07-29

2016-07-29 13:19:08 by Martin Nilsson <nilsson@fastmail.com>

Fixed autodoc

2016-07-13

2016-07-13 12:18:00 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.ServerConnection: Session tickets (RFC 4507 and RFC 5077).

Server side support for session tickets.

Note that the default ticket encoding is to use the session_id,
it thus uses server side state. The ticket encoding can be changed
by overriding {en,de}code_ticket() in SSL.Context.

Implementation verified against OpenSSL's s_client.

2016-03-14

2016-03-14 16:15:06 by Martin Nilsson <nilsson@fastmail.com>

Use random_string instead of Crypto.Random.random_string

2016-03-04

2016-03-04 10:24:40 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Prefer AEAD suites to CBC suites of double the key length.

This makes eg AES128/GCM to be preferred to AES256/CBC.

2016-03-04 10:19:30 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Prefer AEAD suites to CBC suites of double the key length.

This makes eg AES128/GCM to be preferred to AES256/CBC.

2015-12-24

2015-12-24 17:29:38 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Fixed documentation typo.

2015-12-18

2015-12-18 13:52:09 by Martin Nilsson <nilsson@fastmail.com>

Rename preferred_auth_methods to client_auth_methods, and fill it with actual certificate type information.

2015-12-18 11:49:06 by Martin Nilsson <nilsson@fastmail.com>

Updated comments and types.

2015-12-07

2015-12-07 08:25:46 by Martin Nilsson <nilsson@fastmail.com>

Get rid of the undefined authlevel that used to be the default.

2015-12-06

2015-12-06 13:11:51 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Deprecated variable require_trust.

Setting of this variable is now equivalent to setting the
auth_level to AUTHLEVEL_require.

2015-12-04

2015-12-04 11:14:27 by Martin Nilsson <nilsson@fastmail.com>

Added AUTHLEVEL_verify to documentation and compat.

2015-12-02

2015-12-02 16:26:31 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Fixed bug in setter for encrypt_then_mac.

2015-12-01

2015-12-01 08:56:27 by Martin Nilsson <nilsson@fastmail.com>

Stop supporting compression by default.

2015-12-01 08:55:12 by Martin Nilsson <nilsson@fastmail.com>

Stop supporting compression by default.

2015-11-27

2015-11-27 14:34:57 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: TLS 1.1 and before don't support hashes other than md5 and sha1.

Improves interoperation with some versions of OpenSSL.

2015-11-27 14:27:05 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: TLS 1.1 and before don't support hashes other than md5 and sha1.

Improves interoperation with some versions of OpenSSL.

2015-11-19

2015-11-19 16:34:58 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Added some references to RFCs.

2015-11-18

2015-11-18 17:56:39 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Added some documentation for trusted_issuers_cache.

2015-11-08

2015-11-08 01:27:58 by Martin Nilsson <nilsson@fastmail.com>

Fix documentation issue.

2015-11-06

2015-11-06 10:22:23 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Encrypt then MAC mode is an RFC now...

2015-11-01

2015-11-01 17:56:56 by Martin Nilsson <nilsson@fastmail.com>

Rename HASH_sha to HASH_sha1.

2015-11-01 17:44:19 by Martin Nilsson <nilsson@fastmail.com>

NSA IA now only recommends AES-256, P-384, SHA-384, 3072+ bit DH, 3072+ bit RSA

2015-10-25

2015-10-25 21:54:03 by Martin Nilsson <nilsson@fastmail.com>

Documentation fix.

2015-10-21

2015-10-21 23:21:43 by Martin Nilsson <nilsson@fastmail.com>

A very, very small fix.

2015-09-24

2015-09-24 02:24:30 by Martin Nilsson <nilsson@fastmail.com>

Missed a sentence.

2015-09-24 02:21:11 by Martin Nilsson <nilsson@fastmail.com>

Allow fine grained control over what extensions to use.

2015-09-13

2015-09-13 10:10:12 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Added option to disable renegotiation.

This is a feature required by HTTP/2 (RFC 7540 9.2.1).

2015-09-02

2015-09-02 20:16:22 by Martin Nilsson <nilsson@fastmail.com>

Disable extended master secret extension by default. It isn't standardized yet, and currently doesn't interopt with Chrome.

2015-09-02 20:08:06 by Martin Nilsson <nilsson@fastmail.com>

Truncated HMAC may be a security issues, and isn't really supported by anyone else. Disable it by default.

2015-09-02 19:58:53 by Martin Nilsson <nilsson@fastmail.com>

Documentation updates.

2015-09-01

2015-09-01 11:53:57 by Per Hedbor <ph@opera.com>

Merge branch '8.1' into per/substrings

2015-08-26

2015-08-26 17:58:50 by Martin Nilsson <nilsson@fastmail.com>

Comment update

2015-08-22

2015-08-22 18:54:15 by Martin Nilsson <nilsson@fastmail.com>

Support linking direct to RFC anchor.

2015-08-21

2015-08-21 23:56:32 by Martin Nilsson <nilsson@fastmail.com>

Use @rfc{@} autodoc syntax.

2015-08-17

2015-08-17 13:26:18 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Default to the FFDHE2048 group.

Changes the default DHE group from MODP group 24 to FFDHE2048.

This makes SMACKTest (http://smacktest.com/) happy, and reduces
the risk of precalculated attacks against the MODP group.

2015-07-06

2015-07-06 03:56:34 by Martin Nilsson <nilsson@fastmail.com>

Do the cheap test before the expensive one.

2015-07-04

2015-07-04 17:21:35 by Martin Nilsson <nilsson@fastmail.com>

Removed unused variable.

2015-07-03

2015-07-03 16:51:19 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Block RC4 a bit more.

TLS 1.3 prohibits RC4.

2015-06-24

2015-06-24 16:56:07 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Fixed warning about unused variable.

2015-06-10

2015-06-10 15:59:22 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL [SNI]: Match against specific globs before the fallback glob.

Fixes glob cert matching when there also are fallback ("*") certificates.

2015-06-10 15:56:58 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL [SNI]: Match against specific globs before the fallback glob.

Fixes glob cert matching when there also are fallback ("*") certificates.

2015-05-01

2015-05-01 13:50:26 by Martin Nilsson <nilsson@opera.com>

Indentation fix.

2015-04-23

2015-04-23 09:18:32 by Martin Nilsson <nilsson@opera.com>

Be less aggressive with when to prune old sessions.

2015-04-22

2015-04-22 15:04:58 by Martin Nilsson <nilsson@opera.com>

Keep track of Session activity, so they can be removed when inactive, not just old.

2015-04-09

2015-04-09 11:30:43 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Reduce aggressivity of purge_session() for <= TLS 1.2.

In TLS 1.2 and earlier it is possible to have multiple concurrent
connections using the same session. In particular there may be a
concurrent connection performing session resumption handshaking
at the same time as the session is being purged.

Fixes "Internal server error: Bad argument 1 to sizeof()." in
__builtin.Nettle.Hash() called via Connection.hash_messages(),
which was often triggered by Google Chrome.

2015-04-09 11:20:31 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Reduce aggressivity of purge_session() for <= TLS 1.2.

In TLS 1.2 and earlier it is possible to have multiple concurrent
connections using the same session. In particular there may be a
concurrent connection performing session resumption handshaking
at the same time as the session is being purged.

Fixes "Internal server error: Bad argument 1 to sizeof()." in
__builtin.Nettle.Hash() called via Connection.hash_messages(),
which was often triggered by Google Chrome.

2015-03-31

2015-03-31 03:41:36 by Martin Nilsson <nilsson@opera.com>

Optimize export crypto a bit for the testsuite.

2015-03-23

2015-03-23 23:36:04 by Martin Nilsson <nilsson@opera.com>

No one is seriously using export ciphers, so stop optimizing them and throw out some code. (My desktop is doing 710 keys per second)

2015-03-09

2015-03-09 13:32:58 by Martin Nilsson <nilsson@opera.com>

Don't use RC4 by default.

2015-03-07

2015-03-07 13:42:51 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Added support for private FFDHE-groups.

2015-03-04

2015-03-04 19:54:38 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Constants: Added KE_rsa_export.

This is in preparation for breaking out the export-RSA handshaking
from KeyExchangeRSA.

2015-02-27

2015-02-27 14:29:22 by Martin Nilsson <nilsson@opera.com>

Remove trailing white spaces.

2015-02-25

2015-02-25 00:53:49 by Martin Nilsson <nilsson@opera.com>

Moved common preprocesor defines to tls.h

2015-02-19

2015-02-19 16:17:17 by Martin Nilsson <nilsson@opera.com>

Added support for DHE PSK.

2015-02-19 15:24:49 by Martin Nilsson <nilsson@opera.com>

Return appropriate alert if key id or hint was not recognized.

2015-02-19 14:53:32 by Martin Nilsson <nilsson@opera.com>

Some documentation. Perhaps we want to move all this to an abstract class PSKContext?

2015-02-18

2015-02-18 17:37:15 by Martin Nilsson <nilsson@opera.com>

Support for plain PSK.

2015-02-02

2015-02-02 13:44:05 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: get_suites() now also filters on the version range.

2015-01-27

2015-01-27 17:34:03 by Martin Nilsson <nilsson@opera.com>

Updated comment.

2015-01-19

2015-01-19 13:32:40 by Martin Nilsson <nilsson@opera.com>

Deprecated verify_certificates, as auth_level does the same thing. This breaks some tests that appears to be incomplete, so disable them.

2014-12-15

2014-12-15 21:10:53 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Support the Negotiated FF-DHE Parameters draft.

NB: This draft has been incorporated into the TLS 1.3 draft.

2014-11-29

2014-11-29 16:37:19 by Martin Nilsson <nilsson@opera.com>

OO more.

2014-11-29 16:37:00 by Martin Nilsson <nilsson@opera.com>

UUID v4 is essentially just an random string, so let's use random string directly instead.

2014-11-29 16:31:27 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Ensure that session identifiers are unique.

Now uses Standards.UUID to generate the session identifiers.

This works around a bug in the testsuite where session identifiers
apparently could be reused.

2014-11-29 16:31:04 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: purge_session() now works client-side too.

2014-11-25

2014-11-25 11:28:42 by Martin Nilsson <nilsson@opera.com>

OO more.

2014-11-25 11:23:50 by Martin Nilsson <nilsson@opera.com>

UUID v4 is essentially just an random string, so let's use random string directly instead.

2014-11-24

2014-11-24 23:14:16 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Ensure that session identifiers are unique.

Now uses Standards.UUID to generate the session identifiers.

This works around a bug in the testsuite where session identifiers
apparently could be reused.

2014-11-24 19:02:50 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: purge_session() now works client-side too.

2014-11-03

2014-11-03 18:47:26 by Martin Nilsson <nilsson@opera.com>

Moved deprecated methods to compat.

2014-10-14

2014-10-14 12:48:39 by Martin Nilsson <nilsson@opera.com>

Make TLS 1.0 loweset default TLS in Pike 8.0 too.

2014-10-12

2014-10-12 23:48:17 by Martin Nilsson <nilsson@opera.com>

Put the default lower version at TLS 1.0. IE users on pre XP need to upgrade.

2014-09-05

2014-09-05 00:34:55 by Martin Nilsson <nilsson@opera.com>

Added get_certificates().

2014-09-04

2014-09-04 15:57:43 by Arne Goedeke <el@laramies.com>

Merge remote-tracking branch 'origin/8.0' into string_alloc

Conflicts:
src/stralloc.c

2014-09-04 14:31:05 by Martin Nilsson <nilsson@opera.com>

Allow add_cert private key to be a DER encoded string.

2014-09-01

2014-09-01 13:04:14 by Martin Nilsson <nilsson@opera.com>

Select DH group based on symmetric key strength.

2014-08-28

2014-08-28 20:13:35 by Per Hedbor <ph@opera.com>

Silence type warning when Crypto.ECC.Curve is missing (old nettle)

filter() seems to get the return type wrong.

2014-08-14

2014-08-14 14:51:37 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Updated to the new Crypto.Sign API.

2014-08-06

2014-08-06 14:27:44 by Martin Nilsson <nilsson@opera.com>

Make heartbleed probing optional and default off.

2014-07-31

2014-07-31 19:00:41 by Martin Nilsson <nilsson@opera.com>

Improved some comments.

2014-07-16

2014-07-16 13:45:21 by Martin Nilsson <nilsson@opera.com>

Comments and fixmes.

2014-07-16 11:04:00 by Martin Nilsson <nilsson@opera.com>

No SNI in Pike 7.8.

2014-07-15

2014-07-15 21:36:36 by Martin Nilsson <nilsson@opera.com>

These didn't exists in 7.8, so no compat.

2014-07-15 21:33:56 by Martin Nilsson <nilsson@opera.com>

Refactored certificate lookup.

2014-07-15 15:53:23 by Martin Nilsson <nilsson@opera.com>

OO harder. Let CertificatePair sort themselves according to perceived certificate strength.

2014-07-15 14:55:16 by Martin Nilsson <nilsson@opera.com>

Moved and trimmed code to generate CipherPair glob array to separate function.

2014-07-14

2014-07-14 17:04:00 by Martin Nilsson <nilsson@opera.com>

Sort Context items into Global, Cryptography, Certificates/authentication and Sessions

2014-07-07

2014-07-07 15:20:32 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Added get_signature_algorithms().

Also extends the documentation for the signature_algorithms
variable a bit.

2014-06-29

2014-06-29 14:58:49 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Support EXTENSION_encrypt_then_mac.

This draft extension improves security for old CBC suites by
hashing the encrypted data including the padding. This works
around the various TLS padding attacks.

2014-06-01

2014-06-01 11:49:27 by Martin Nilsson <nilsson@opera.com>

sslfile -> File and sslport -> port

2014-05-27

2014-05-27 13:35:01 by Martin Nilsson <nilsson@opera.com>

Removed #if 0 code.

2014-05-20

2014-05-20 21:39:14 by Martin Nilsson <nilsson@opera.com>

Don't use dsa-sha512 is there is no PKCS id for it.

2014-05-20 12:17:12 by Martin Nilsson <nilsson@opera.com>

Fixes for Nettle < 2.1 and Nettle < 2.8

2014-05-20 10:08:45 by Martin Nilsson <nilsson@opera.com>

Have list of acceptable hash-signature-pairs in context.

2014-05-17

2014-05-17 10:50:00 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.ClientConnection: Improved SNI API.

Made SNI handling an explicit argument to create(), to allow for using
the same SSL.Context for client connections to multiple servers.

2014-05-16

2014-05-16 21:01:17 by Martin Nilsson <nilsson@opera.com>

Documentation and debug updates.

2014-05-16 18:10:39 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added support for the ChaCha20-Poly1305 suites.

2014-05-16 11:22:00 by Martin Nilsson <nilsson@opera.com>

Don't assume zlib.

2014-05-15

2014-05-15 23:20:23 by Martin Nilsson <nilsson@opera.com>

0..255 -> 8bit

2014-05-15 21:19:59 by Martin Nilsson <nilsson@opera.com>

import .

2014-05-15 20:20:05 by Martin Nilsson <nilsson@opera.com>

Renamed SSL.context to SSL.Context.