Sebastian Hahn
|
8200a85323
Fix a check-spaces complaint
|
13 years ago |
Nick Mathewson
|
69dd993a92
Make certificate skew into a protocol warning
|
13 years ago |
Nick Mathewson
|
87622e4c7e
Allow up to a 30 days future skew, 48 hours past skew in certs.
|
13 years ago |
George Kadianakis
|
406ae1ba5a
Use callback-driven approach to block renegotiations.
|
13 years ago |
George Kadianakis
|
e097bffaed
Fix issues pointed out by nickm.
|
13 years ago |
Nick Mathewson
|
7a8960cf1b
Fix a memory-poisoning memset in tortls.c
|
13 years ago |
Sebastian Hahn
|
2dec6597af
Merge branch 'maint-0.2.2_secfix' into master_secfix
|
13 years ago |
Sebastian Hahn
|
df05e5ef4d
Merge branch 'maint-0.2.1_secfix' into maint-0.2.2_secfix
|
13 years ago |
Nick Mathewson
|
638fdedcf1
Don't send a certificate chain on outgoing TLS connections from non-relays
|
13 years ago |
Robert Ransom
|
9976df9e56
Maintain separate server and client TLS contexts.
|
14 years ago |
Robert Ransom
|
8781640111
Refactor tor_tls_context_new:
|
14 years ago |
George Kadianakis
|
e2b3527106
Also handle needless renegotiations in SSL_write().
|
13 years ago |
George Kadianakis
|
340809dd22
Get rid of tor_tls_block_renegotiation().
|
13 years ago |
George Kadianakis
|
ecd239e3b5
Detect and deny excess renegotiations attempts.
|
13 years ago |
George Kadianakis
|
4fd79f9def
Detect renegotiation when it actually happens.
|
13 years ago |
George Kadianakis
|
69a821ea1c
Refactor the SSL_set_info_callback() callbacks.
|
13 years ago |
Nick Mathewson
|
87a93917c3
Fix a reference-leak in tor_tls_received_v3_certificate
|
13 years ago |
Nick Mathewson
|
80cf342e47
Fix memory leak in prop176 code
|
13 years ago |
Nick Mathewson
|
8af0cfc10d
Add some points to make it easy to turn off v3 support
|
13 years ago |
Sebastian Hahn
|
35fe4825fc
Quiet two notices, and spelling mistake cleanup
|
13 years ago |
Nick Mathewson
|
e56d7a3809
Give tor_cert_get_id_digests() fail-fast behavior
|
13 years ago |
Nick Mathewson
|
40f0d111c2
Fix some more issues wrt tor_cert_new found by asn
|
13 years ago |
Nick Mathewson
|
6bfb31ff56
Generate certificates that enable v3 handshake
|
13 years ago |
Nick Mathewson
|
9a77ebc794
Make tor_tls_cert_is_valid check key lengths
|
13 years ago |
Nick Mathewson
|
e48e47fa03
Function to return peer cert as tor_tls_cert
|
13 years ago |
Nick Mathewson
|
a6fc5059cd
Add AUTH keys as specified in proposal 176
|
13 years ago |
Nick Mathewson
|
0a4f562772
Functions to get a public RSA key from a cert
|
13 years ago |
Nick Mathewson
|
92602345e0
Function to detect certificate types that signal v3 certificates
|
13 years ago |
Nick Mathewson
|
8c9fdecfe9
Function to get digests of the certs and their keys
|
13 years ago |
Nick Mathewson
|
f4c1fa2a04
More functions to manipulate certs received in cells
|
13 years ago |