| OLD | NEW |
|---|
| 1 Name: tlslite | 1 Name: tlslite |
| 2 URL: http://trevp.net/tlslite/ | 2 URL: http://trevp.net/tlslite/ |
| 3 | 3 |
| 4 Local Modifications: | 4 Local Modifications: |
| 5 | 5 |
| 6 - patches/close_notify.patch: tlslite/TLSRecordLayer.py was changed to force | 6 - patches/close_notify.patch: tlslite/TLSRecordLayer.py was changed to force |
| 7 the socket to be closed when the SSL connection is closed. This is is | 7 the socket to be closed when the SSL connection is closed. This is is |
| 8 necessary at this point since WinHTTP does not seem to react to the SSL | 8 necessary at this point since WinHTTP does not seem to react to the SSL |
| 9 close notify. It's also needed to prevent a hang on Linux. See also | 9 close notify. It's also needed to prevent a hang on Linux. See also |
| 10 http://sourceforge.net/mailarchive/forum.php?thread_name=41C9B18B.2010201%40ag
.com&forum_name=tlslite-users | 10 http://sourceforge.net/mailarchive/forum.php?thread_name=41C9B18B.2010201%40ag
.com&forum_name=tlslite-users |
| 11 - patches/python26.patch: Replace sha, md5 module imports with hashlib, as | 11 - patches/python26.patch: Replace sha, md5 module imports with hashlib, as |
| 12 they are deprecated in Python 2.6 | 12 they are deprecated in Python 2.6 |
| 13 - patches/ca_request.patch: tlslite/X509.py was changed to obtain the | 13 - patches/ca_request.patch: tlslite/X509.py was changed to obtain the |
| 14 DER-encoded distinguished name for a certificate, without requiring any | 14 DER-encoded distinguished name for a certificate, without requiring any |
| 15 addition libraries. | 15 addition libraries. |
| 16 tlslite/utils/ASN1Parser.py was changed to allow obtaining the unparsed | 16 tlslite/utils/ASN1Parser.py was changed to allow obtaining the unparsed |
| 17 data for an element in a SEQUENCE, in addition to providing the parsed | 17 data for an element in a SEQUENCE, in addition to providing the parsed |
| 18 value (tag and length removed) | 18 value (tag and length removed) |
| 19 tlslite/messages.py was changed from accepting/returning a single byte | 19 tlslite/messages.py was changed from accepting/returning a single byte |
| 20 array in the CertificateRequest message for the CA names to accept a list | 20 array in the CertificateRequest message for the CA names to accept a list |
| 21 of byte arrays, each containing a DER-encoded distinguished name. | 21 of byte arrays, each containing a DER-encoded distinguished name. |
| 22 tlslite/TLSConnection.py was changed to take a list of such byte arrays | 22 tlslite/TLSConnection.py was changed to take a list of such byte arrays |
| 23 when creating a TLS server that will request client authentication. | 23 when creating a TLS server that will request client authentication. |
| 24 - patches/send_certificate_types.patch: tlslite/message.py was changed to | 24 - patches/send_certificate_types.patch: tlslite/message.py was changed to |
| 25 default to a certificate_types of [rsa_sign] in CertificateRequest. Apple's | 25 default to a certificate_types of [rsa_sign] in CertificateRequest. Apple's |
| 26 Secure Transport library rejects an empty list and raises an SSL protocol | 26 Secure Transport library rejects an empty list and raises an SSL protocol |
| 27 error. | 27 error. |
| 28 - patches/tls-srp-rfc5054.patch: use RFC 5054's values for the SRP Client Hello |
| 29 extension and cipher suites, and use the unknown_psk_identity alert as |
| 30 described in RFC 5054 (instead of unknown_srp_username). |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6804032:
Add TLS-SRP (RFC 5054) support
Base URL: http://git.chromium.org/git/chromium.git@trunk