Tobias Brunner
82116dba66
tls-test: Add option to make client authentication optional
2021-02-18 15:39:35 +01:00
Tobias Brunner
11a4687930
libtls: Add control flags and replace GENERIC_NULLOK purpose with one
2021-02-18 15:10:29 +01:00
Tobias Brunner
663969ddf7
libtls: Make min/max TLS version configurable
...
Except for the tls_test tool, the versions now default to those
configured in strongswan.conf.
2021-02-12 14:35:23 +01:00
Pascal Knecht
299cc80094
tls-test: Add support to require/verify client certificates
...
Also add detailed usage output with description of all options.
2021-02-12 14:35:23 +01:00
Pascal Knecht
5e579ebe8f
tls-test: Load keys of any type
...
Only RSA keys were possible until now.
2021-02-12 14:35:23 +01:00
Tobias Brunner
06aad98ff0
tls-test: Make plugin list configurable via environment variable
2021-02-12 14:35:23 +01:00
Tobias Brunner
8e35b1f1a5
tls-test: Add options to configure TLS versions
2021-02-12 11:45:44 +01:00
Tobias Brunner
a7f2818832
tls-socket: Allow configuring both minimum and maximum TLS versions
2021-02-12 11:45:44 +01:00
Tobias Brunner
4099035a0c
tls-test: Make address family configurable and simplify DNS/socket handling
2021-02-12 11:45:44 +01:00
bytinbit
7a2b02667c
libtls: Implement TLS 1.3 handshake on client-side
...
The code is a minimal handshake with the HelloRetryRequest message
implementation missing.
Can be tested with an OpenSSL server running TLS 1.3. The server must
be at least version 1.1.1 (September 2018).
Co-authored-by: ryru <pascal.knecht@hsr.ch>
2021-02-12 11:45:44 +01:00
Martin Willi
e15f64cc81
tls: Support a maximum TLS version to negotiate using TLS socket abstraction
2014-04-01 14:28:55 +02:00
Martin Willi
ddf5222096
tls: Introduce a generic TLS purpose that accepts NULL encryption ciphers
2014-04-01 14:28:55 +02:00
Tobias Brunner
34d3bfcf14
lib: Add global config namespace
2014-02-12 14:34:31 +01:00
Tobias Brunner
b18a531715
plugin-loader: Removed unused path argument of load() method
...
Multiple additional search paths can be added with the add_path()
method.
2013-06-28 10:44:15 +02:00
Martin Willi
3f4300ed1e
Accept a certificate/key pair to use client authentication in tls_test
2013-04-02 16:09:17 +02:00
Tobias Brunner
f05b427265
Moved debug.[ch] to utils folder
2012-10-24 16:00:51 +02:00
Tobias Brunner
2e7cc07ecd
Moved host_t and host_resolver_t to a new networking subfolder
2012-10-24 15:06:18 +02:00
Martin Willi
f8b2906929
Use the TLS socket splicing in tls_test script
2011-12-31 13:14:49 +01:00
Martin Willi
6a5c86b7ad
Implemented TLS session resumption both as client and as server
2011-12-31 13:14:49 +01:00
Martin Willi
fd0bde9a60
Added a TLS debug level option, use debugging hook
2010-08-31 15:35:29 +02:00
Martin Willi
f1a74a3cab
Implemented a TLS utility to test on any TLS secured TCP connection
2010-08-25 12:57:13 +02:00