Tobias Brunner
48f4f9f667
pt-tls-server: Make TLS client authentication optional as appropriate
2021-02-18 15:41:52 +01:00
Tobias Brunner
11a4687930
libtls: Add control flags and replace GENERIC_NULLOK purpose with one
2021-02-18 15:10:29 +01:00
Tobias Brunner
602947d48a
pt-tls-server: Explicitly request client authentication if necessary
...
The PT_TLS_AUTH_TLS_OR_SASL case currently can't be implemented properly
as TLS authentication will be enforced if a client identity is configured
on the TLS server socket.
2021-02-18 12:49:54 +01:00
Tobias Brunner
663969ddf7
libtls: Make min/max TLS version configurable
...
Except for the tls_test tool, the versions now default to those
configured in strongswan.conf.
2021-02-12 14:35:23 +01:00
Tobias Brunner
a7f2818832
tls-socket: Allow configuring both minimum and maximum TLS versions
2021-02-12 11:45:44 +01:00
Tobias Brunner
2db6d5b8b3
Fixed some typos, courtesy of codespell
2018-02-13 12:19:54 +01:00
Andreas Steffen
b12c53ce77
Use standard unsigned integer types
2016-03-24 18:52:48 +01:00
Martin Willi
e15f64cc81
tls: Support a maximum TLS version to negotiate using TLS socket abstraction
2014-04-01 14:28:55 +02:00
Martin Willi
5313880261
tls: Support a null encryption flag on TLS socket abstraction
2014-04-01 14:28:55 +02:00
Andreas Steffen
1e92d5f114
Process PB-TNC batches received via PT-TLS asynchronously
2013-08-19 09:52:12 +02:00
Andreas Steffen
e689de6b8c
Optimized PT-TLS data transfer
2013-08-15 23:34:23 +02:00
Andreas Steffen
0a09b02dcf
Set client identity with TLS certificate authentication
2013-08-15 23:34:23 +02:00
Andreas Steffen
7c027f7983
Use client identities from successful authentications, only
2013-08-15 23:34:23 +02:00
Andreas Steffen
97b1d39de5
Extract client identity and authentication type from SASL authentication
2013-08-15 23:34:22 +02:00
Andreas Steffen
6d6100c2bc
Added some debug statements
2013-08-15 23:34:22 +02:00
Andreas Steffen
180a2f2642
rapid PT-TLS AR/PDP prototype
2013-08-15 23:34:22 +02:00
Martin Willi
61f1693df1
Support different authentication schemes for PT-TLS
2013-02-28 16:46:08 +01:00
Martin Willi
3542c4f18a
Implement SASL authentication in PT-TLS server
2013-02-28 16:46:07 +01:00
Martin Willi
16ef69d70a
Pass a constructor callback to create TNCCS server instances while dispatching
2013-01-17 16:34:34 +01:00
Martin Willi
18d56a1891
Add a libpttls providing NEA PT-TLS / TNC IF-T for TLS transport layer
2013-01-16 13:53:32 +01:00