summaryrefslogtreecommitdiff
path: root/third_party/tlslite/README.chromium
blob: c2d1f271d3f1cb3b4a54d44a1d5809b8f6b18b05 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
Name: tlslite
URL: http://trevp.net/tlslite/
Version: 0.4.8
Security Critical: No
License: Public domain and BSD

Description: Python TLS implementation for use with test server.

Source: https://pypi.python.org/packages/source/t/tlslite/tlslite-0.4.8.tar.gz
MD5: 36c13858ea63f262c4e4291c2f9ae38f
SHA-512: bdb42d005b7444667badc6febd38f5b74878c09218b418844c255920f0e6272f
         55f62b4ea21953953935f73e02657fce9874b44f73499267cf713ddbcd3d6a44

Local Modifications:
- Drop docs/ directory.
- patches/tls_intolerant.patch: allow TLSLite to simulate a TLS-intolerant server.
- patches/channel_id.patch: add basic ChannelID support. (Signatures are not
  checked.)
- patches/signed_certificate_timestamps.patch: add support for sending Signed
  Certificate Timestamps over a TLS extension.
- patches/fallback_scsv.patch: add support for TLS_FALLBACK_SCSV. See
  https://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01
- patches/status_request.patch: add support for sending stapled OCSP responses.
- patches/ssl3_padding.patch: SSL3 requires minimal padding in CBC mode.
- patches/fix_test_file.patch: Fix #! line in random test file to appease our
  presubmit checks.
- patches/dhe_rsa.patch: Implement DHE_RSA-based cipher suites on the server.
- patches/req_cert_types.patch: Add a reqCertTypes parameter to populate the
  certificate_types field of CertificateRequest. Also fixes type errors.
- patches/ignore_write_failure.patch: Don't invalidate sessions on write
  failures.
- patches/intolerance_options.patch: Add an option to further control
  simulated TLS version intolerance.
- patches/save_client_hello.patch: Save the parsed ClientHello on TLSConnection
  so tests can query it.
- patches/certificate_request.patch: Fix client auth for TLS 1.2.
- patches/aes_gcm.patch: Implement AES-GCM and never select TLS 1.2 ciphers
  unless >= TLS 1.2 is negotiated.
- patches/alert_after_handshake.patch: Add an option to send a fatal alert
  immediately after the handshake completes.
- patches/ecdhe_rsa.patch: Implement ECDHE_RSA-based ciper suites on the server.
- patches/extended_master_secret.patch: Add server support for extended
  master secret.
- patches/token_binding_negotiation.patch: Add server support for token
  binding negotiation TLS extension (draft-ietf-tokbind-negotiation-02).
- patches/disable_channel_id.patch: Add flag to HandshakeSettings to allow
  for disabling channel id.
- patches/exported_keying_material.patch: Add method to Session to get
  exported keying material (RFC 5705) for use in e.g. Token Binding.
- patches/token_binding_resumption.patch: Fix token binding negotiation
  extension to work on session resumption.
- patches/extension_number_update.patch: Update TLS extension numbers.
- patches/save_randoms.patch: Save client and server randoms when resuming
  sessions.
- patches/alpn.path: Implement Application-Layer Protocol Negotiation Extension.
- patches/token_binding_version.patch: Update Token Binding version number.
- patches/renegotiation_indication.patch: Implement the renegotiation
  indication extension (RFC 5746) without supporting renegotiation.