Age | Commit message (Collapse) | Author |
|
This also extends the TLSContext interface with methods required
for server mode.
Test-Information:
Added unit tests that test new functionality in TLSContex.
This includes test certificates in the source file that are
not for public use. This new ClientServerTest is only enabled
for OpenSSL, as other TLS backends do not support the new
functionality yet.
Tested on macOS 10.13.3 with clang-trunk.
Change-Id: I8e43476057608067eb3b9852328aa21cd22974a0
|
|
Removed trailing spaces and whitespace on empty lines
in the process.
Changed CheckTabs.py tool to disallow hard tabs in source
files.
Test-Information:
Manually checked 30 random files that the conversion worked
as expected.
Change-Id: I874f99d617bd3d2bb55f02d58f22f58f9b094480
|
|
Changed "" style includes to <> style.
Test-Information:
Build with Clang 3.9.0 and ran all tests on OS X 10.11.4.
Change-Id: Ic05e53f2e5dba39cc1307b116fc5f17b62ab9eb8
|
|
This patch adds an option 'disconnectOnCardRemoval' to system-settings.xml which
when set to false allows the user's session to stay connected if the smartcard
is removed. The default value of this option is true if it is not specified.
Test-information:
Tested on Windows using NIST smartcards.
Tested true and false values set for this option in the file and also when
option is not specified (true).
Unit tests pass.
Change-Id: I7e421b4153ff7d3000f41999add20d339076c96e
|
|
Some servers have very restrictive TLS stacks that respond badly
to a bug in the SChannel TLS implementation, meaning that TLS
has to be limited to 1.0.
Add ClientOptions.tlsOptions. This is a method of passing options into
the TLS stack. It's currently
only used for the TLS 1.0 workaround in SChannel, but we might reasonably
expose other options in the future, such as limiting cypher suites.
Disables use of SSLv3 for SChannel
Also updates the coding style in SchannelContext a bit.
Test-Information:
Compiles on both OS X and Windows(SChannel). OS X doesn't show the new
option. Windows shows it, and remembers it between logins. Not tested
against a server requiring 1.0 only, but a previous hack with the
same approach was tested.
Change-Id: I1e7854d43811fd173f21f98d4dc3915fc7a4b322
|
|
Change-Id: I94ab4bbb68c603fe872abeb8090575de042f5cb4
|
|
|
|
This reverts commit 856f970d14c5c32b80fc5ea359d4e567b51578a0.
|
|
Added a method on TLSContextFactory to disable revocation checks if
wanted.
|
|
|
|
TLSLayer is now independent of TLS implementation. The implementation-specifics are now in TLSContext and TLSContextFactory.
|
|
|
|
|