gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity
1,185 Commits 1 Branch 126 Tags
674287a8f4491ca6429232fb63374c8dafd68f8e
Commit Graph

119 Commits

Author SHA1 Message Date
Marten Seemann
674287a8f4 add a method to generate a client nonce (NONC) 2017-01-14 18:45:17 +07:00
Marten Seemann
1031ad5288 read SHLOs in cryptoSetupCleint 2017-01-14 18:45:16 +07:00
Marten Seemann
17c5147aa4 add version to inchoate CHLO 2017-01-14 18:45:16 +07:00
Marten Seemann
214a37ac39 add tests for inchoate CHLO 2017-01-14 18:45:16 +07:00
Marten Seemann
651a0de9d3 implement parsing of server configs 2017-01-14 18:45:16 +07:00
Marten Seemann
23435253db create CryptoSetup for the client, use it in the Session 2017-01-14 18:45:15 +07:00
Marten Seemann
f662ce0705 log padding length of Handshake messages 2017-01-14 18:45:14 +07:00
Marten Seemann
2b7c67d297 create handshake.CryptoSetup interface 2017-01-14 18:45:14 +07:00
Marten Seemann
a86f31d789 implement a stream.Reset() method 
ref #380
 2017-01-09 09:49:44 +07:00
Marten Seemann
d0198c698a log REJs and SHLOs 2017-01-05 10:15:11 +07:00
Marten Seemann
863467f344 validate XLCT tag in client hello 
fixes #363
 2017-01-04 11:41:43 +07:00
Marten Seemann
d39c2a3027 validate version tag in CHLO to prevent version downgrade attacks 
fixes #360
 2016-12-23 15:31:52 +01:00
Marten Seemann
f72154e30b require version tag in CHLOs 
ref #360
 2016-12-23 15:31:52 +01:00
Marten Seemann
ebc053dbe0 create interface for the ConnectionParametersManager 2016-12-08 18:39:14 +07:00
Marten Seemann
5af50c8fd0 correctly read MIDS and MSPC parameter 
fixes #367
 2016-12-08 16:15:31 +07:00
Marten Seemann
f59544401b simplify truncated connection IDs in ConnectionParametersManager 2016-12-06 22:04:42 +07:00
Marten Seemann
4e8a2ee2b1 validate KEXS in client hellos 
fixes #364
 2016-12-03 14:24:55 +07:00
Marten Seemann
62a38f24d7 validate AEAD tag in client hellos 
fixes #365
 2016-12-03 14:16:54 +07:00
Marten Seemann
21c6a015de create ServerConfigs with random OBIT value 
fixes #356
 2016-11-28 19:52:23 +07:00
Marten Seemann
6602101288 verify OBIT value in client nonce 
fixes #350
 2016-11-28 19:26:46 +07:00
Marten Seemann
2ae196761b reject CHLOs with wrong length client nonces 
fixes #352
 2016-11-27 21:18:14 +07:00
Lucas Clemente
9e5bba7937 fix inchoate CHLO detection with missing STKs 
This fixes a STK-bypass security issue discovered by Alessandro Ghedini.
 2016-09-17 16:49:58 +02:00
Lucas Clemente
634a0eb78c add new timeout consts 
ref #320
 2016-09-08 13:28:44 +02:00
Lucas Clemente
bc54c50b7e replace CachingReader with io.TeeReader 2016-09-05 23:21:17 +02:00
Lucas Clemente
e3b8c413a5 simplify ParseHandshakeMessage signature 2016-09-05 23:19:46 +02:00
Lucas Clemente
10d0190be1 remove some v33 mentions 2016-09-01 20:26:31 +02:00
Lucas Clemente
5dda3b8e69 remove support for version 32 from crypto 2016-09-01 12:20:19 +02:00
Lucas Clemente
3a3295d911 add our server id to the REJ handshake message 2016-08-31 23:32:27 +02:00
Lucas Clemente
906114450e ignore undecryptable packets after the handshake is complete 
fixes #304
 2016-08-25 20:02:39 +02:00
Marten Seemann
b376f2f6f6 remove variable types from several server parameters 2016-08-24 00:52:34 +07:00
Lucas Clemente
c3832965d0 add max incoming dynamic streams to connection parameter mgr 
ref #281
 2016-08-23 17:09:51 +02:00
Lucas Clemente
126db938d0 fix some linter warnings 2016-08-23 12:24:33 +02:00
Lucas Clemente
4eb9077f1b simplify crypto/rand reading 2016-08-09 13:08:42 +02:00
Lucas Clemente
6868d70710 improve handshake package coverage 
ref #241
 2016-08-02 12:04:25 +02:00
Lucas Clemente
eb8dc31930 remove unneeded TagVER from SCFG 2016-08-02 10:03:23 +02:00
Lucas Clemente
1712a7388f drop support for v30 
fixes #213
 2016-07-29 15:22:56 +02:00
Lucas Clemente
c03e9448a1 don't send certificate chains to client requests without STK 
fixes #141
 2016-07-29 11:35:02 +02:00
Lucas Clemente
0fdf2934f1 improve ephermal key generation 2016-07-29 11:24:02 +02:00
Lucas Clemente
af56ff2aca cache the ephermal key for up to 1 min 
fixes #136
 2016-07-28 19:07:57 +02:00
Lucas Clemente
769655c43e delay server nonce generation until after the CHLO 
fixes the second part of #136
 2016-07-28 18:25:29 +02:00
Lucas Clemente
5c4a7a9ec1 delay diversification nonce generation until after the CHLO 
fixes the first part of #136
 2016-07-28 17:21:39 +02:00
Lucas Clemente
d5255a4075 update AEADs to allow in-place encryption and decryption 
ref #217
 2016-07-26 15:13:15 +02:00
Lucas Clemente
705da8fd00 switch to AES-GCM as symmetric cipher 
fixes #200
 2016-07-05 12:13:41 +02:00
Lucas Clemente
76f7a7d153 use spaces instead of \x00 in handshake message string serialization 2016-06-06 15:00:30 +02:00
Lucas Clemente
240946dfde replace version number literals with constants to make grepping easier 2016-06-03 11:09:48 +02:00
Marten Seemann
c6f4d9720f fix int overflow on 32 bit in handshake parsing 2016-06-02 23:28:13 +07:00
Lucas Clemente
5ed0182b67 fix a race condition in CryptoSetup 
CryptoSetup's AEADs were changed between calls to
DiversificationNonce() and Seal()
 2016-06-02 16:13:06 +02:00
Lucas Clemente
21db6f9270 move CHLO log to debug 2016-06-02 13:33:19 +02:00
Lucas Clemente
a4773eb5ff validate length of crypto message 
refs #123
 2016-05-27 23:25:51 +02:00
Lucas Clemente
c546f5c9dc enforce max streams per connection limit 
fixes #13
 2016-05-27 22:39:37 +02:00