Skip to content
  1. Sep 08, 2013
    • Dr. Stephen Henson's avatar
      Partial path fix. · 52073b76
      Dr. Stephen Henson authored
      When verifying a partial path always check to see if the EE certificate
      is explicitly trusted: the path could contain other untrusted certificates.
      52073b76
    • Dr. Stephen Henson's avatar
      Document extension clash. · a6e7d1c0
      Dr. Stephen Henson authored
      a6e7d1c0
    • Dr. Stephen Henson's avatar
      Experimental encrypt-then-mac support. · 5e3ff62c
      Dr. Stephen Henson authored
      Experimental support for encrypt then mac from
      draft-gutmann-tls-encrypt-then-mac-02.txt
      
      To enable it set the appropriate extension number (0x10 for the test server)
      using e.g. -DTLSEXT_TYPE_encrypt_then_mac=0x10
      
      For non-compliant peers (i.e. just about everything) this should have no
      effect.
      5e3ff62c
  2. Sep 07, 2013
  3. Sep 06, 2013
  4. Sep 05, 2013
  5. Sep 03, 2013
  6. Aug 21, 2013
  7. Aug 18, 2013
  8. Aug 17, 2013
  9. Aug 14, 2013
  10. Aug 13, 2013
    • Michael Tuexen's avatar
      DTLS message_sequence number wrong in rehandshake ServerHello · b62f4daa
      Michael Tuexen authored
      This fix ensures that
      * A HelloRequest is retransmitted if not responded by a ClientHello
      * The HelloRequest "consumes" the sequence number 0. The subsequent
      ServerHello uses the sequence number 1.
      * The client also expects the sequence number of the ServerHello to
      be 1 if a HelloRequest was received earlier.
      This patch fixes the RFC violation.
      b62f4daa
  11. Aug 08, 2013
    • Michael Tuexen's avatar
      DTLS handshake fix. · 0c75eeac
      Michael Tuexen authored
      Reported by: Prashant Jaikumar <rmstar@gmail.com>
      
      Fix handling of application data received before a handshake.
      0c75eeac
  12. Aug 06, 2013
  13. Aug 05, 2013