ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
17,934 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

82 Commits

Author SHA1 Message Date
Martin Willi 4caa380625 Separated cipherspec checking and switching, allowing us to defer the second 2011-12-31 13:14:49 +01:00
Andreas Steffen 7e432eff6b renamed tls_reader|writer to bio_* and moved to libstrongswan 2011-05-31 15:46:51 +02:00
Martin Willi 2db8b58f62 Continue without client authentication if no matching certificate found 2011-04-14 20:02:12 +02:00
Martin Willi 6a8f1a578f Ignore TLS certificate requests as peer if peer authentication disabled 2011-04-14 20:02:12 +02:00
Martin Willi 1c21f47a06 Send TLS Server Name Indication as peer if server identity is a FQDN 2011-04-14 20:02:12 +02:00
Martin Willi 31c65eb362 Include ec_point_format extension in ClientHello 2010-09-06 18:51:38 +02:00
Martin Willi ec7d4e70d3 Renamed ecp_format to ansi_format, as point formats in TLS use different identifiers 2010-09-06 18:37:24 +02:00
Martin Willi e6cce7ff0d Prepend point format to ECDH public key 2010-09-06 15:37:51 +02:00
Martin Willi 3f7bb88ba3 Use a dynamic curve enumerator to list/convert TLS named curves 2010-09-03 17:24:23 +02:00
Martin Willi f4c98ae664 Use ECDH group check where appropriate 2010-09-03 16:53:36 +02:00
Martin Willi 4cdade5aae Select private key based on received cipher suites 2010-09-03 14:54:43 +02:00
Martin Willi 37a59a8fbf Support for EC curve Hello extension, EC curve fallback 2010-09-03 14:54:43 +02:00
Martin Willi 5fc7297e38 Added client support for ECDHE key exchange 2010-09-03 14:54:43 +02:00
Martin Willi da3f4a9fd0 Added TLS client side support for DHE suites 2010-09-02 19:33:08 +02:00
Martin Willi 06109c4717 Implemented "signature algorithm" hello extension 2010-09-02 19:33:08 +02:00
Martin Willi dbb7c0306c Support different hash/sig algorithms in handshake signing, including ECDSA 2010-09-02 13:07:25 +02:00
Martin Willi c811479986 Strictly check if the server certificate matches the TLS server identity 2010-08-31 18:10:23 +02:00
Martin Willi a596006e3f Send TLS alerts for errors in TLS handshake building 2010-08-25 18:24:27 +02:00
Martin Willi 69e8bb2e8d Pass NULL peer identity to omit TLS peer authentication, added eap-ttls.request_peer_auth option 2010-08-24 11:34:43 +02:00
Andreas Steffen c1a929daa7 removed some redundant debug output 2010-08-24 09:02:51 +02:00
Martin Willi e6f3ef1330 Implemented TLS Alert handling 2010-08-23 15:13:37 +02:00
Martin Willi f154e30431 Verify negotiated TLS version 2010-08-23 09:47:03 +02:00
Martin Willi 3c19b3461f Introducing a dedicated debug message group for libtls 2010-08-23 09:47:03 +02:00
Martin Willi 0bcef5fe7a Streamlined TLS debugging output 2010-08-23 09:45:33 +02:00
Martin Willi ba31fe1fd6 Use a seperate section for each nested struct member in INIT macro 2010-08-18 12:15:03 +02:00
Andreas Steffen 1327839da8 added generic TLS application data handler and specific EAP-TTLS instantiation 2010-08-12 23:58:54 +02:00
Martin Willi 33ddaaabec Added support for different encryption schemes to private/public keys 2010-08-10 18:46:30 +02:00
Andreas Steffen b4d30a425e support server authentication only for EAP-TTLS 2010-08-07 11:26:04 +02:00
Martin Willi e85bca7f22 Use certificate subject to get a public key of the TLS server 2010-08-05 13:13:45 +02:00
Andreas Steffen 7ea87db00d added some more TLS debug output 2010-08-05 09:51:05 +02:00
Andreas Steffen 4657b3a42a log selected TLS version and cipher suite 2010-08-05 01:21:59 +02:00
Martin Willi 0f82a47063 Moved TLS stack to its own library 2010-08-03 15:39:26 +02:00