Commit Graph

Select branches

Hide Pull Requests

laforge/swu

lynxis/gsup_refactor

lynxis/osmo-epdg

lynxis/pco

lynxis/wip

master

osmo-epdg

4.0.0

4.0.1

4.0.2

4.0.3

4.0.4

4.0.5

4.0.6

4.0.7

4.1.0

4.1.1

4.1.10

4.1.11

4.1.2

4.1.3

4.1.4

4.1.5

4.1.6

4.1.7

4.1.8

4.1.9

4.2.0

4.2.1

4.2.10

4.2.11

4.2.12

4.2.13

4.2.14

4.2.15

4.2.16

4.2.17

4.2.2

4.2.3

4.2.4

4.2.5

4.2.6

4.2.7

4.2.8

4.2.9

4.3.0

4.3.1

4.3.2

4.3.3

4.3.4

4.3.5

4.3.5rc1

4.3.6

4.3.7

4.4.0

4.4.1

4.5.0

4.5.1

4.5.2

4.5.3

4.6.0

4.6.1

4.6.2

4.6.3

4.6.4

5.0.0

5.0.1

5.0.2

5.0.2dr4

5.0.2rc1

5.0.3

5.0.3dr1

5.0.3dr2

5.0.3dr3

5.0.3rc1

5.0.4

5.1.0

5.1.0dr1

5.1.0dr2

5.1.0rc1

5.1.1

5.1.1dr1

5.1.1dr2

5.1.1dr3

5.1.1dr4

5.1.1rc1

5.1.2

5.1.2.dr2

5.1.2dr1

5.1.2dr3

5.1.2rc1

5.1.2rc2

5.1.3

5.1.3dr1

5.1.3rc1

5.2.0

5.2.0dr1

5.2.0dr2

5.2.0dr3

5.2.0dr4

5.2.0dr5

5.2.0dr6

5.2.0rc1

5.2.1

5.2.1dr1

5.2.1rc1

5.2.2

5.2.2dr1

5.2.2rc1

5.3.0

5.3.0dr1

5.3.0rc1

5.3.1

5.3.1dr1

5.3.1rc1

5.3.2

5.3.3

5.3.3dr1

5.3.3dr3

5.3.3dr4

5.3.3dr5

5.3.3dr6

5.3.3rc2

5.3.4

5.3.4dr1

5.3.4dr2

5.3.4dr3

5.3.4rc1

5.3.5

5.4.0

5.4.0dr1

5.4.0dr2

5.4.0dr3

5.4.0dr4

5.4.0dr5

5.4.0dr6

5.4.0dr7

5.4.0dr8

5.4.0rc1

5.4.1dr1

5.4.1dr2

5.4.1dr3

5.4.1dr4

5.5.0

5.5.0dr1

5.5.0rc1

5.5.1

5.5.1dr1

5.5.1dr2

5.5.1dr3

5.5.1dr4

5.5.1dr5

5.5.1rc1

5.5.1rc2

5.5.2

5.5.2dr1

5.5.2dr2

5.5.2dr3

5.5.2dr4

5.5.2dr5

5.5.2dr6

5.5.2dr7

5.5.2rc1

5.5.3

5.5.3dr1

5.5.3dr2

5.6.0

5.6.0dr1

5.6.0dr2

5.6.0dr3

5.6.0dr4

5.6.0rc1

5.6.0rc2

5.6.1

5.6.1dr1

5.6.1dr2

5.6.1dr3

5.6.1rc1

5.6.2

5.6.2dr1

5.6.2dr2

5.6.2dr3

5.6.2dr4

5.6.2rc1

5.6.3

5.6.3dr1

5.6.3dr2

5.6.3rc1

5.7.0

5.7.0dr1

5.7.0dr2

5.7.0dr3

5.7.0dr4

5.7.0dr5

5.7.0dr6

5.7.0dr8

5.7.0rc1

5.7.0rc2

5.7.1

5.7.2

5.7.2dr1

5.7.2dr2

5.7.2dr3

5.7.2dr4

5.7.2rc1

5.8.0

5.8.0dr2

5.8.0rc1

5.8.1

5.8.1dr1

5.8.1rc2

5.8.2

5.8.2dr1

5.8.2dr2

5.8.2rc1

5.8.2rc2

5.8.3

5.8.3rc1

5.8.4

5.9.0

5.9.0dr1

5.9.0dr2

5.9.0rc1

5.9.1

5.9.1dr1

5.9.1rc1

5.9.2

5.9.2dr1

5.9.2dr2

5.9.2rc1

5.9.2rc2

5.9.3

5.9.3dr1

5.9.3dr2

5.9.3dr3

5.9.3dr4

5.9.3rc1

6.0dr7

android-2.3.3

android-2.3.3-1

Mono Color

• eb399fb438 botan: Look for Botan 3 in configure script Tobias Brunner 2021-01-29 16:45:02 +0100
• 97857eaa12 ike-sa: Avoid possible integer underflow when scheduling reauth after rekeying Tobias Brunner 2021-01-15 16:19:49 +0100
• 20dfbcad08 ha: Register new IKE_SAs before calling inherit_post() Tobias Brunner 2021-01-15 16:28:24 +0100
• 1c5cef1b89 ike-rekey: Register new IKE_SA before calling inherit_post() Tobias Brunner 2021-01-15 16:25:54 +0100
• 5d97af5894 ike-sa-manager: Add a method to register/check out new IKE_SAs Tobias Brunner 2021-01-15 16:09:59 +0100
• bde5bd47bd ike-sa-manager: Rename checkout_new() to create_new() Tobias Brunner 2021-01-15 16:08:20 +0100
• 7f6386afd9 Remove redundant calls to set peer config after checking out IKE_SAs by config Tobias Brunner 2021-01-15 17:14:07 +0100
• c46c40ef24 ike-sa-manager: Make checkout_by_config() atomic Tobias Brunner 2020-03-17 09:39:17 +0100
• c7a0f2698d Merge branch 'tls13' Tobias Brunner 2021-02-12 15:14:37 +0100
• 74b9ba7cdb tls-crypto: Simplify and extend cipher config filter Tobias Brunner 2021-02-11 18:10:56 +0100
• 8b2b5a647b proposal: Add aliases for AES-GCM/CCM without explicit ICV length Tobias Brunner 2021-02-11 18:06:49 +0100
• 966a26eaa2 tls-server: Support x25519/448 for TLS 1.2 Tobias Brunner 2021-02-11 17:47:55 +0100
• f77ecf0728 tls-crypto: Fallback to any supported ECDH group Tobias Brunner 2021-02-11 17:46:17 +0100
• 311405c34d tls-crypto: Don't filter suites with specific ECDH group if any is available Tobias Brunner 2021-02-11 17:09:04 +0100
• 85bde019d3 diffie-hellman: Classify x25519 and x448 as ECDH methods Tobias Brunner 2021-02-11 17:00:05 +0100
• e3757300eb tls-crypto: Add signature scheme config file filter Pascal Knecht 2021-02-01 21:41:56 +0100
• e5b6565730 tls-crypto: Rename DH group/key exchange method config option Pascal Knecht 2021-01-18 18:11:55 +0100
• a60e248b0d libtls: Increase default min version to 1.2 Tobias Brunner 2021-01-27 14:40:22 +0100
• 3abcbf82b5 tls-peer: Verify server selects the same cipher suite after HelloRetryRequest Tobias Brunner 2021-01-22 10:19:57 +0100
• ab226b3927 tls-server: Select cipher suite also when handling HelloRetryRequest Tobias Brunner 2021-01-22 10:06:05 +0100
• 111e907168 tls-server: Remove unused variable Tobias Brunner 2021-01-22 09:41:22 +0100
• dc9f6c68df libtls: Add downgrade protection for TLS 1.3 and TLS 1.2 Pascal Knecht 2021-01-17 16:33:02 +0100
• a4a128bd2f tls-server: Optionally omit CAs in CertificateRequest messages Shmulik Ladkani 2021-01-15 14:45:34 +0100
• 083f38259c tls-eap: Conclude EAP method also after processing packets Tobias Brunner 2021-01-14 18:02:00 +0100
• a00ace0fe2 libtls: Only run socket tests with EdDSA keys if they are supported Tobias Brunner 2021-01-14 15:45:34 +0100
• 7b64880a8c tls-peer: Don't log anything if we are not sending supported groups Tobias Brunner 2021-01-14 16:14:47 +0100
• 8cf3998f1a tls-crypto: Only log modified TLS versions if successfully set Tobias Brunner 2021-01-14 15:11:13 +0100
• 92aef122c3 libtls: Reduce default max version to 1.2 Tobias Brunner 2021-01-13 15:26:33 +0100
• 663969ddf7 libtls: Make min/max TLS version configurable Tobias Brunner 2021-01-13 14:40:40 +0100
• 9389fef78a test-hkdf: Add two test cases and restructure all tests Pascal Knecht 2020-11-22 21:37:37 +0100
• 7797c058d9 tls-hkdf: Implement binder PSK generation Pascal Knecht 2020-12-04 19:01:00 +0100
• 3e535c31b4 tls-hkdf: Implement resumption key generation Pascal Knecht 2020-11-22 21:30:45 +0100
• 9ef46cfaf9 tls-peer: Mutual authentication support for TLS 1.3 Pascal Knecht 2020-11-10 14:50:59 +0100
• 2d933f318b tls-peer: Derive application traffic keys after server finished message Pascal Knecht 2020-11-10 14:44:51 +0100
• d41d8b0039 tls-peer: Use private key enumeration also in TLS versions < 1.2 Pascal Knecht 2020-11-17 17:54:55 +0100
• d8e42a3d4e tls-crypto: Share private key search between client and server Pascal Knecht 2020-11-10 10:22:12 +0100
• 299cc80094 tls-test: Add support to require/verify client certificates Pascal Knecht 2020-11-01 16:39:00 +0100
• d2fc9b0961 tls-server: Mutual authentication support for TLS 1.3 Pascal Knecht 2020-10-30 15:15:30 +0100
• dc49d457a2 tls-server: Terminate connection if peer certificate is required but not sent Pascal Knecht 2020-11-04 13:07:49 +0100
• 4bba89fff3 tls-server: Make CertificateRequest conditional in old TLS versions Pascal Knecht 2020-11-04 12:22:58 +0100
• 4635f348fa tls-server: Share trusted public key search between client and server Pascal Knecht 2020-11-01 17:01:14 +0100
• 6b23543abd tls-crypto: Move AEAD ownership to the protection layer Pascal Knecht 2020-10-28 21:54:09 +0100
• 534a781646 tls-hkdf: Always use correct base key to derive finished message Pascal Knecht 2020-11-08 15:34:39 +0100
• 0aaf1242d9 libtls: Add unit tests for Ed25519 and Ed448 keys Pascal Knecht 2020-10-23 22:56:03 +0200
• 5e579ebe8f tls-test: Load keys of any type Pascal Knecht 2020-10-23 16:01:03 +0200
• 34f66ce6cb tls-crypto: Support EdDSA keys with ECDSA cipher suites Pascal Knecht 2020-10-23 16:17:16 +0200
• 9803fb82f4 tls-server: Consider supported signature algorithms when selecting key/certificate Pascal Knecht 2020-10-12 18:58:53 +0200
• 06112f3fe2 tls-crypto: Distinguish between signing and verifying signature schemes Pascal Knecht 2020-10-13 13:54:38 +0200
• e731396280 tls-server: Check if peer sent hash and signature algorithms Pascal Knecht 2020-10-16 09:28:49 +0200
• 91c9e4d576 tls-crypto: Add missing signature scheme constants Pascal Knecht 2020-10-10 17:10:37 +0200
• 0dfe1590b6 tls-server: Fix invalid signature algorithm and supported groups parsing Pascal Knecht 2020-10-09 19:14:11 +0200
• 3767a4a655 tls-server: Support multiple client key shares Pascal Knecht 2020-10-02 18:11:45 +0200
• 64e2506f5b libtls: Add TLS version negotiation test cases Pascal Knecht 2020-09-29 14:15:19 +0200
• c3e7132468 tls-server: Support HelloRetryRequest (HRR) Pascal Knecht 2020-09-26 13:17:43 +0200
• e53bee9dbe tls-crypto: Add support to configure DH groups to use Pascal Knecht 2020-09-26 22:19:16 +0200
• 9514aa2dcc diffie-hellman: Add enum names that match proposal keywords Tobias Brunner 2021-01-27 14:35:37 +0100
• 066ac8809c tls-crypto: Generalizing DH group to TLS group mapping Pascal Knecht 2020-09-30 14:57:14 +0200
• ab70f68cf9 tls-server: Support KeyUpdate requests and answers Pascal Knecht 2020-09-27 16:43:08 +0200
• 5c4cb40e47 tls-server: Refactor writing of key share extensions Pascal Knecht 2020-09-21 22:19:34 +0200
• 7fbe2e27ec tls-server: TLS 1.3 support for TLS server implementation Pascal Knecht 2020-09-08 15:58:14 +0200
• 328d7af6d2 tls-crypto: Rename parameter to be more consistent Pascal Knecht 2020-09-16 14:10:57 +0200
• 6549adb608 tls-crypto: Fix invalid signature algorithm list building Pascal Knecht 2020-09-16 08:54:54 +0200
• f81c04e9e3 libtls: Add missing cipher suite and TLS extension constants Pascal Knecht 2020-09-15 16:08:08 +0200
• d107198fcb tls-crypto: Rework cipher suite preference order Pascal Knecht 2020-09-04 19:36:40 +0200
• 06424efa17 tls-server: Determine supported/configured suites and versions early Tobias Brunner 2020-11-19 14:40:30 +0100
• 8a6edc08a4 tls-crypto: Check if TLS versions and cipher suites match Pascal Knecht 2020-09-04 18:29:43 +0200
• f920125304 tls-peer: Don't initiate TLS connection if no cipher suites are supported Pascal Knecht 2020-09-03 21:53:52 +0200
• 06aad98ff0 tls-test: Make plugin list configurable via environment variable Tobias Brunner 2020-09-03 15:56:14 +0200
• 00a6280aab tls-peer: Return INVALID_STATE after changing TLS 1.3 keys Tobias Brunner 2020-09-01 18:59:17 +0200
• 121ac4b9e3 tls-crypto: Generate MSK for TLS 1.3 Tobias Brunner 2020-09-01 18:51:32 +0200
• d2fe921cf5 tls-hkdf: Add method that allows exporting key material Tobias Brunner 2020-09-01 18:50:47 +0200
• 86cda1a3c0 tls-hkdf: Handle label expansion inside expand_label() Tobias Brunner 2020-09-01 18:48:41 +0200
• 3e89d26e1c tls-hkdf: Pass secret to derive_secret() explicitly Tobias Brunner 2020-09-01 18:35:02 +0200
• 4e2b8f9c71 tls-hkdf: Store OKM in local variables Tobias Brunner 2020-08-31 17:08:07 +0200
• 1b593e1d48 tls-crypto: Add support for RSA-PSS signatures Tobias Brunner 2020-08-28 08:59:37 +0200
• e02f19e3c6 tls-peer: Support answering KeyUpdate requests Tobias Brunner 2020-08-28 10:23:43 +0200
• 27360d3407 tls-socket: Change how EOF of the underlying socket is handled Tobias Brunner 2020-08-28 11:56:36 +0200
• bfcb49b393 tls-peer: Add support to handle KeyUpdate message Tobias Brunner 2020-08-27 11:51:58 +0200
• 1466d4da25 tls-crypto: Add method to update application traffic keys Tobias Brunner 2020-08-27 11:51:00 +0200
• b51c1d468e tls-hkdf: Support updating client/server traffic secrets Tobias Brunner 2020-08-27 11:50:00 +0200
• 09fbaad6bd tls-socket: Don't fail reading if sending data failed Tobias Brunner 2020-08-26 17:42:21 +0200
• d532d6c7bc tls-peer: Correctly handle classic ECDH key-share format Tobias Brunner 2020-08-26 16:08:26 +0200
• 8e35b1f1a5 tls-test: Add options to configure TLS versions Tobias Brunner 2020-08-26 15:00:30 +0200
• a7f2818832 tls-socket: Allow configuring both minimum and maximum TLS versions Tobias Brunner 2020-08-26 14:40:51 +0200
• c4576a1f57 tls: Allow setting both minimum and maximum TLS versions Tobias Brunner 2020-08-26 14:37:59 +0200
• 2b6565c236 tls-peer: Handle HelloRetryRequest Tobias Brunner 2020-08-25 17:23:45 +0200
• 2271d67f07 tls-crypto: Add method to hash handshake data and use result as initial transcript Tobias Brunner 2020-08-25 17:17:55 +0200
• 64e63c68c8 tls-crypto: Destroy HKDF instance if keys are derived multiple times Tobias Brunner 2020-08-25 17:13:17 +0200
• 851b605e21 tls-peer: Refactor writing of extensions and use less hard-coded DH group Tobias Brunner 2020-08-25 16:18:27 +0200
• de31646a09 tls-peer: Refactor sending/processing finished message Tobias Brunner 2020-08-25 16:25:37 +0200
• 44cda40d58 tls-peer: Simply ignore certificate request context Tobias Brunner 2020-08-25 17:21:02 +0200
• bfa3178836 tls-peer: Use existing code to verify certificate and signature Tobias Brunner 2020-08-25 16:17:27 +0200
• c78b2bee5d tls-peer: Refactor parsing of TLS extensions Tobias Brunner 2020-08-25 16:14:54 +0200
• f0ed5f9125 tls-peer: Fix parsing of encrypted extensions Tobias Brunner 2020-08-28 08:54:49 +0200
• 4c40a3d3f0 tls-peer: Fix parsing of intermediate CA certificates Tobias Brunner 2020-08-25 16:11:59 +0200
• 2e1c0a2776 tls-crypto: Rename methods to calculate finished message Tobias Brunner 2020-08-25 16:52:20 +0200
• f116a4823f tls-crypto: Use internal PRF of tls-hkdf to generate finished message Tobias Brunner 2020-08-25 16:49:52 +0200
• a9f661f52a tls-hkdf: Add helper method to allocate data from the internal PRF Tobias Brunner 2020-08-25 16:44:17 +0200
• 6a0ee0c23c tls-hkdf: Cleanups and refactorings Tobias Brunner 2020-08-25 16:01:27 +0200
• de983a3cb9 tls-crypto: Simplify signature creation/verification Tobias Brunner 2020-08-25 15:58:46 +0200