summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2012-05-05Revert "Re-enable revocation check."Remko Tronçon
This reverts commit 856f970d14c5c32b80fc5ea359d4e567b51578a0.
2012-04-25Support channel binding with Schannel.Remko Tronçon
Resolves: #1012
2012-04-24Fixed compilation problems on windows.Remko Tronçon
2012-04-24Re-enable revocation check.Remko Tronçon
Added a method on TLSContextFactory to disable revocation checks if wanted.
2012-04-24* Added additional cert store to chain validation. * Turned off revocation ↵dreijer
checking.
2012-04-24Statically check the log severity level.Remko Tronçon
Resolves: #1099
2012-04-12Tidy up of assorted Schannel/CAPI stuffs.Kevin Smith
Makes Swift disconnect if a smartcard used for auth is removed. Fixes compilation. Changes code style in a few places.
2012-04-11Added support for determining SmartCard Reader associated with a certificate ↵Alexey Melnikov
(if any) This patch implements monitoring for SmartCard ejection. This is done by periodically (currently every second) polling smart card reader for the smart card status. If the smart card status becomes "absent" or "unknown" (an error to query the smartcard), the TLS session is aborted. This usually results in an attempt to reestablish TLS which will pop up "please insert the smart card" dialog. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2012-03-23Forgotten file for TLSError patchKevin Smith
2012-03-23Allow TLS errors to bubble further up the stackKevin Smith
2012-03-22Manual certificate verification. Added two additional TLS errors related to ↵dreijer
revocation. License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
2012-03-08Fixed several bugs in CAPI/Schannel code on WindowsAlexey Melnikov
This patch includes the following fixes: 1) Correctly hex encode SHA1 hashes when generating certstore: URIs 2) Use the newly parsed certificate store reference, not the old value 3) Need to call findCertificateInStore() when finding the selected TLS certificate in Schannel code. Without that "sha1:XXXX" URIs don't work Also minor optimization of string operations. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2012-03-06Fix missing includeKevin Smith
Resolves: #903
2012-02-28Changed certstore: URIs to use SHA1 hashes of certificatesAlexey Melnikov
Value of the certificate's subject DN leftmost RDN is not necessarily unique. This change switches to using SHA1 hash of DER certificates, which should guaranty uniqueness. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2012-02-23Compile when non-SChannelKevin Smith
2012-02-22Fix up for previous CAPI patchKevin Smith
Now connects successfully with or without TLS(with cert)
2012-02-22Initial implementation of using CAPI certificates with Schannel.Alexey Melnikov
Introduced a new parent class for all certificates with keys (class CertificateWithKey is the new parent for PKCS12Certificate.) Switched to using "CertificateWithKey *" instead of "const CertificateWithKey&" Added calling of a Windows dialog for certificate selection when Schannel TLS implementation is used. This compiles, but is not tested. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2011-11-03Quick brush up after previous patch.Kevin Smith
Includes: Initial cleanup of SChannel code; compiling on non-Windows Be willing to compile Swift with SChannel Undo some (presumably accidental) OpenSSL changes Where TLS doesn't support finish messages (SChannel), don't try -PLUS
2011-11-03* Added Schannel support.dreijer
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
2011-06-13Fixed some CppCheck warnings.Remko Tronçon
2011-06-03Limit the use of the SafeString type.Remko Tronçon
2011-05-18Propagate use of SafeByteArray down to the connection.Remko Tronçon
2011-05-13Removed some explicit new's.Remko Tronçon
2011-05-05Replace ByteArray by typedef.Remko Tronçon
2011-05-02Replace header include guards by pragma once.Remko Tronçon
2011-04-30Replace #icnlude "" by #include <> in Swiften.Remko Tronçon
2011-04-18Explicitly add system store trust anchors on Mac OS X 10.5.swift-1.0Remko Tronçon
2011-03-16Added possibility to dynamically link Swiften.Remko Tronçon
Resolves: #798
2011-03-12Fixed OpenSSL compilation.Remko Tronçon
2011-03-12Make ByteArray an std::vector<unsigned char>.Remko Tronçon
2011-02-14Removed Swift::String.Remko Tronçon
2010-12-30Show certificate fingerprint in 'Trust certificate' dialog.Remko Tronçon
2010-12-27Avoid more valgrind warnings.Remko Tronçon
2010-12-19Disabling timer in BenchTool.Remko Tronçon
2010-12-13Load ssl certificate store on Un*x.Remko Tronçon
2010-12-11Added SCRAM-SHA-1-PLUS support.Remko Tronçon
Release-Notes: Swift now supports SCRAM-SHA-1-PLUS authentication.
2010-12-05Added plumbing for persistent certificate trust checking.Remko Tronçon
2010-11-15Fixed OpenSSL compilation.Remko Tronçon
2010-11-15Fix compilation on OS XKevin Smith
2010-11-12Add Windows trust anchors to OpenSSL context.Remko Tronçon
2010-11-11Added CertificateVerificationError::ref.Remko Tronçon
2010-11-11Handle null OpenSSL X509 cert pointers better.Remko Tronçon
2010-11-11Changed misleading test name.Remko Tronçon
2010-11-11Added server identity check.Remko Tronçon
2010-11-09Added Doxygen documentation for some certificate APIs.Remko Tronçon
2010-11-09Certificate::getCommonName -> getCommonNames.Remko Tronçon
2010-11-09Created CertificateFactory.Remko Tronçon
2010-11-09Implement DER conversion to/from certificates.Remko Tronçon
2010-11-09Fixed windows compilation.Remko Tronçon
2010-11-07Refactoring certificates & certificate checking.Remko Tronçon