summaryrefslogtreecommitdiffstats
path: root/src/net/tls.c
Commit message (Expand)AuthorAgeFilesLines
* [tls] Display validator messages only while validation is in progressMichael Brown2019-03-101-3/+9
* [tls] Display cross-certificate and OCSP status messagesMichael Brown2019-03-071-0/+20
* [tls] Support stateless session resumptionMichael Brown2019-03-061-19/+110
* [tls] Fix incorrectly duplicated error numberMichael Brown2019-03-061-1/+1
* [tls] Support stateful session resumptionMichael Brown2019-02-211-8/+191
* [tls] Ensure that window change is propagated to plainstream interfaceMichael Brown2018-03-241-2/+7
* [tls] Rename tls_session to tls_connectionMichael Brown2018-03-241-119/+123
* [tls] Ensure received data list is initialised before calling tls_free()Michael Brown2018-03-231-3/+3
* [tls] Support RFC5746 secure renegotiationMichael Brown2017-07-041-19/+188
* [tls] Keep cipherstream window open until TLS negotiation is completeMichael Brown2017-05-221-0/+16
* [tls] Avoid potential out-of-bound reads in length fieldsMichael Brown2016-03-111-44/+67
* [crypto] Support SHA-{224,384,512} in X.509 certificatesMichael Brown2015-08-021-73/+17Star
* [tls] Report supported signature algorithms in ClientHelloMichael Brown2015-08-021-0/+25
* [tls] Do not access beyond the end of a 24-bit integerMichael Brown2015-08-011-22/+29
* [build] Add missing "const" qualifiersChristian Hesse2015-04-241-2/+2
* [crypto] Generalise X.509 cache to a full certificate storeMichael Brown2014-03-281-40/+34Star
* [crypto] Remove dynamically-allocated storage for certificate nameMichael Brown2014-03-251-10/+4Star
* [tls] Concatenate received non-data records before processingMichael Brown2013-01-311-12/+10Star
* [tls] Fix potential memory leakMichael Brown2012-09-281-0/+1
* [tls] Fix uninitialised variableMichael Brown2012-09-281-2/+1Star
* [tls] Split received records over multiple I/O buffersMichael Brown2012-09-271-164/+278
* [tls] Disambiguate most error causesMichael Brown2012-08-251-32/+140
* [legal] Update FSF mailing address in GPL licence textsMichael Brown2012-07-201-1/+2
* [tls] Request a maximum fragment length of 2048 bytesMichael Brown2012-06-291-0/+11
* [tls] Mark security negotiation as a pending operationMichael Brown2012-06-091-3/+13
* [tls] Use asynchronous certificate validatorMichael Brown2012-05-081-46/+113
* [crypto] Add x509_append_raw()Michael Brown2012-05-081-18/+5Star
* [crypto] Allow for X.509 certificates with no common nameMichael Brown2012-05-081-1/+2
* [crypto] Allow certificate chains to be long-lived data structuresMichael Brown2012-05-041-67/+94
* [crypto] Parse OCSP responder URI from X.509 certificateMichael Brown2012-05-041-1/+1
* [tls] Fix wrong memset in function tls_clear_cipherStefan Weil2012-04-101-1/+1
* [crypto] Differentiate "untrusted root" and "incomplete chain" error casesMichael Brown2012-03-221-5/+5
* [crypto] Add previous certificate in chain as a parameter to parse_next()Michael Brown2012-03-221-1/+4
* [tls] Support sending a client certificateMichael Brown2012-03-201-13/+237
* [tls] Treat handshake digest algorithm as a session parameterMichael Brown2012-03-201-39/+24Star
* [tls] Use hybrid MD5+SHA1 algorithmMichael Brown2012-03-201-13/+66
* [tls] Check certificate validity period against current date and timeMichael Brown2012-03-201-1/+3
* [tls] Include current time within the client random bytesMichael Brown2012-03-201-1/+2
* [tls] Validate server certificateMichael Brown2012-03-191-36/+93
* [tls] Add full X.509 certificate parsingMichael Brown2012-03-191-10/+12
* [tls] Use iPXE native RSA algorithmMichael Brown2012-03-181-37/+51
* [tls] Use const to mark incoming data being processedMichael Brown2012-03-131-26/+28
* [crypto] Upgrade AES and RSA code to upstream axTLS version 1.4.5Michael Brown2012-03-091-1/+1
* [tls] Formalise the definition of a TLS cipher suiteMichael Brown2012-03-061-81/+114
* [tls] Support (and prefer) SHA-256 variants of existing cipher suitesMichael Brown2012-03-051-3/+15
* [tls] Support TLS version 1.2Michael Brown2012-03-051-35/+72
* [tls] Send empty Certificate record if requested by serverMichael Brown2012-03-031-0/+57
* [tls] Verify the contents of the Finished recordMichael Brown2012-03-031-3/+24
* [tls] Allow transmitted records to be scheduled independentlyMichael Brown2012-03-031-83/+29Star
* [tls] Add support for Server Name Indication (SNI)Michael Brown2012-03-031-3/+29
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-14 01:09:15 +0200