| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2021-11-09 | devtls: reject zero length records (thanks sigrid) | cinap_lenrek | |
| zero length record causes ensure() todo nothing, while qgrab() assumes there is at least one buffer in the queue and would dereference the nil buffer. | |||
| 2021-10-16 | devtls: implement "hangup" ctl message | cinap_lenrek | |
| This makes devtls connection directories compatible to hangup function (see dial(2)). | |||
| 2021-09-25 | devtls: fix bwrite memory leak when channel stops being open | cinap_lenrek | |
| tlsbwrite() would call checkstate() before calling tlsrecwrite() to make sure the channel is open. however, because checkstate() only raises the error, the Block* passed wont be freed and would result in a memory leak. move the checkstate() call inside tlsrecwrite() to reuse the error handling that frees the block on error. | |||
| 2019-01-22 | devtls: remove static "already" flag in tlsinit(). this function is only run ↵ | cinap_lenrek | |
| once. | |||
| 2017-12-28 | devtls, devssl: avoid ~0UL comparsion (from drawterm) | cinap_lenrek | |
| 2016-11-17 | devtls: remove unused get32() function | cinap_lenrek | |
| 2016-09-11 | kernel: replace various custom random iv buffer filling functions with calls ↵ | cinap_lenrek | |
| to prng() | |||
| 2016-08-27 | devtls: allocate cipher states in secret memory | cinap_lenrek | |
| 2016-07-24 | devtls, devssl: make sure channel has ORDWR mode and is not a mount chan on ↵ | cinap_lenrek | |
| fdtochan() | |||
| 2016-05-11 | devssl, devtls: fix permission checks | cinap_lenrek | |
| 2016-03-28 | devtls: print the path of the underlying chan in status file | cinap_lenrek | |
| to figure out what network connection a particular tls conversation refers to, we add the path of the underlying we send the encrypted tls traffic over in the status file, example: term% grep -n '^Chan:' '#a'/tls/*/status #a/tls/0/status:7: Chan: /net/tcp/6/data #a/tls/1/status:7: Chan: /net/tcp/0/data | |||
| 2016-03-23 | devtls: zero secret information before freeing, cleanup | cinap_lenrek | |
| 2016-03-23 | add portable AES-GCM (Galois/Counter Mode) implementation to libsec and devtls | cinap_lenrek | |
| 2016-03-09 | devtls: fix wrong iounit | cinap_lenrek | |
| devtls writes are only atomic up to MaxRecLen as this is the maximum payload size we put in a record application message. | |||
| 2016-01-07 | format pointer subtraction results with %zd instead of %ld (for long -> ↵ | cinap_lenrek | |
| intptr on amd64) | |||
| 2015-12-21 | tls: implement chacha20/poly1305 aead cipher suits | cinap_lenrek | |
| 2015-10-28 | devtls: reject SHA2_256 mac for SSL, but TLS is fine | cinap_lenrek | |
| sha256 is only defined for TLS1.2, however, technically, theres no reason not to use it in TLS1.0/TLS1.1. the choice is up to tlshand and pushtls, not the kernel. | |||
| 2015-08-27 | devtls: add sha256 mac | mischief | |
| 2015-08-25 | fix fuckup | glenda | |
| 2015-08-25 | import E script from bell labs | mischief | |
| 2015-08-15 | devtls: TLS1.1 explicit iv support | cinap_lenrek | |
| using nrand() to fill the explicit iv, which isnt great but better than no iv. | |||
| 2015-06-01 | devtls: ignore UnrecogniedName (112) alert message (for SNI) | cinap_lenrek | |
| 2014-09-15 | devtls: fix typo in debug print | cinap_lenrek | |
| 2014-02-25 | devtls: spelling | mischief | |
| 2013-01-09 | devtls: fix hmac buffer size for SHA1 hashes (from erik) | cinap_lenrek | |
| the buffer isn't big enough for SHA1 hashes, which are larger than MD5 hashes. | |||
| 2012-12-04 | devtls: add support for aes_128_cbc and aes_256_cbc (import from sources) | cinap_lenrek | |
| 2011-03-30 | Import sources from 2011-03-30 iso image - lib | Taru Karttunen | |
| 2011-03-30 | Import sources from 2011-03-30 iso image | Taru Karttunen | |
 |
index : plan9front.git | |
| Unnamed repository; edit this file 'description' to name the repository. |
| summaryrefslogtreecommitdiff |