| Commit message (Collapse) | Author | Age | Lines |
| |
|
|
|
|
|
|
|
|
| |
Apparently a prehistoric server implementation would send a certificate_authorities field
that didn't include the outer DER SEQUENCE tag, so PSM attempted to detect this and
work around it.
This prehistoric server implementation isn't in use anywhere anymore, so this 18-yo
server bug workaround can be removed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Added HACL*Poly1305 32-bit (INRIA/Microsoft)
- Updated to final TLS 1.3 draft version (28)
- Removed TLS 1.3 prerelease draft limit check
- Removed NPN code
- Enabled dev/urandom-only RNG on Linux with NSS_SEED_ONLY_DEV_URANDOM for non-standard environments
- Fixed several bugs with TLS 1.3 negotiation
- Updated internal certificate store
- Added support for the TLS Record Size Limit Extension.
- Fixed CVE-2018-0495
- Various security fixes in the ASN.1 code.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Since Bug 1030963, functions that make use of libcrmf has been removed
from the codebase. Therefore, it's no longer necessary to link with
libcrmf.
This commit completely removes the '-lcrmf' for --with-system-nss
builds, as libcrmf is not available on all systems (eg. Arch Linux)
This commit is a follow up to #364
|
|
|
|
| |
This reverts commit a910f57af64271e391c1fb33cbdd97da1ddfe2d6.
|
|
|
|
| |
Note: 3rd party lib support (NSS, etc.) has not been touched.
|
| |
|
|
|
|
|
| |
--HG--
extra : rebase_source : cb9ac8a678b6f565091f6d7733b6cd86afde0da7
|
| |
|
|
|
|
| |
This resolves #18.
|
| |
|
|
|