Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | priorities: Added internal option to allow key usage violations in server side | Nikos Mavrogiannopoulos | 2015-08-14 | 1 | -0/+1 |
| | |||||
* | handshake: add FALLBACK_SCSV priority option | Alessandro Ghedini | 2015-08-01 | 1 | -0/+1 |
| | | | | | This allows clients to enable the TLS_FALLBACK_SCSV mechanism during the handshake, as defined in RFC7507. | ||||
* | Added priority string %NO_SESSION_HASH to prevent advertising the extended ↵ | Nikos Mavrogiannopoulos | 2014-11-13 | 1 | -0/+1 |
| | | | | master secret extension | ||||
* | Added support for RFC7366 (encrypt then authenticate) | Nikos Mavrogiannopoulos | 2014-11-03 | 1 | -0/+1 |
| | | | | | | | It implements a revised version of RFC7366, to avoid interoperability issues: http://www.ietf.org/mail-archive/web/tls/current/msg14349.html This is currently enabled by default, unless %NO_ETM, or %COMPAT is specified. | ||||
* | Added priority string %NO_TICKETS that disables session ticket support | Nikos Mavrogiannopoulos | 2014-10-24 | 1 | -0/+1 |
| | | | | This is implied by the priority string PFS. | ||||
* | Added the 'very weak' certificate verification profile. | Nikos Mavrogiannopoulos | 2014-05-05 | 1 | -0/+1 |
| | | | | | This profile corresponds to a 64-bit security level (e.g., RSA parameters of 768 bits). | ||||
* | Added priority string %DISABLE_WILDCARDS. | Nikos Mavrogiannopoulos | 2014-04-02 | 1 | -0/+1 |
| | | | | | This will disable any wildcard matching when comparing hostnames in certificates. | ||||
* | NEW_PADDING has been removed. | Nikos Mavrogiannopoulos | 2014-03-05 | 1 | -1/+1 |
| | | | | | | | This extension did not get accepted by IETF so it is now being removed. The gnutls_range API is kept in case length hiding is implemented in a different way at some point. | ||||
* | priority string flag VERIFY_ALLOW_X509_V1_CA_CRT is now a dummy | Nikos Mavrogiannopoulos | 2014-02-18 | 1 | -1/+1 |
| | |||||
* | GNUTLS_SEC_PARAM_NORMAL was renamed to GNUTLS_SEC_PARAM_MEDIUM | Nikos Mavrogiannopoulos | 2014-01-14 | 1 | -1/+1 |
| | | | | | | That was done to avoid confusion with the NORMAL priority string. Also when setting a PROFILE explicitly as priority string the session security level is adjusted accordingly. | ||||
* | Use gperf to find priority string options. | Nikos Mavrogiannopoulos | 2014-01-13 | 1 | -0/+30 |