RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-19 02:15:08 +00:00
Code Issues Activity Actions
14148 commits 1 branch 0 tags 227 MiB
Commit graph

17 commits

Author SHA1 Message Date
AnotherTest
37c089fb7b LibTLS: (Almost) verify certificate chain against root CA certificates 
Also adds a very primitive systemwide ca_certs.ini file.
 2020-10-30 23:42:03 +01:00
AnotherTest
1746e6f9ca LibTLS: Also read out the Organisational Unit from the certificate 
This needs to be read out if we want to actually verify the cert chain.
 2020-10-30 23:42:03 +01:00
AnotherTest
a2186fd64a LibTLS: Move out Certificate to its own header file 2020-10-30 23:42:03 +01:00
Ben Wiederhake
2a2630edc9 Meta: Fix wrong 'using namespace X' usages 
Apart from causing All AK:: and Crypto:: symbols being suddenly visible even though
they might not be supposed to be, the style guide also says this is wrong:

https://github.com/SerenityOS/serenity/blob/master/Documentation/CodingStyle.md#using-statements
 2020-08-23 00:53:16 +02:00
AnotherTest
bc7a149039 LibCrypto+LibTLS+Kernel: Switch the Cipher::Mode interface to use Span 
This shaves 2.5 more runtime seconds off 'disasm /bin/id', and makes the
Mode<T> interface a lot more allocation-friendly.
 2020-08-11 21:37:10 +02:00
AnotherTest
97256ad977 ProtocolServer+LibTLS: Pipe certificate requests from LibTLS to clients 
This makes gemini.circumlunar.space (and some more gemini pages) work
again :^)
 2020-08-02 18:57:51 +02:00
AnotherTest
d54d2892a9 LibTLS: Avoid busy-wait between ClientHello and ServerHello 
This commit also adds a timeout timer to cancel the connection if the
server does not respond to the hello request in 10 seconds.
 2020-05-30 18:26:13 +02:00
Andreas Kling
5049e41223 LibTLS: Put lots of debug spam behind TLS_DEBUG 2020-05-26 23:46:28 +02:00
AnotherTest
7d76299ca9 LibTLS: Do not call on_tls_finished until the client has read app data 2020-05-21 01:21:39 +02:00
AnotherTest
379cb061d7 LibTLS: Only try to flush data when needed 
This patchset drops the write notifier, and schedules writes only when
necessary.
As a result, the CPU utilisation no longer spikes to the skies :^)
 2020-05-19 20:00:43 +02:00
Andreas Kling
4b202a3c79 LibCore+LibTLS: Don't keep a "ready to write" notifier on all Sockets 
The "ready to write" notifier we set up in generic socket connection is
really only meant to detect a successful connection. Once we have a TCP
connection, for example, it will fire on every event loop iteration.

This was causing IRC Client to max out the CPU by getting this no-op
notifier callback over and over.

Since this was only used by TLSv12, I changed that code to create its
own notifier instead. It might be possible to improve TLS performance
by only processing writes when actually needed, but I didn't look very
closely at that for this patch. :^)
 2020-05-18 20:16:52 +02:00
AnotherTest
af1ce6c33d LibTLS: Verify server certificate expiry date 2020-05-07 10:23:58 +02:00
AnotherTest
2a29e668bd LibTLS: Try to disambiguate errors in case of failure 
Not particularly helpful, but better than nothing.
 2020-05-05 11:20:42 +02:00
AnotherTest
dace14e70d LibTLS: Split TLSv12 to sensible categorical files 
This commit splits the TLSv12 file into multiple files, and also removes
some magic values, to make the code less horrible. :^)
 2020-05-02 12:24:10 +02:00
AnotherTest
bb46e5f608 LibTLS: Switch to Hash::Manager for hashing and add SHA1 
Now we can talk to google.com
 2020-05-02 12:24:10 +02:00
AnotherTest
a1e1570552 LibCrypto+LibTLS: Generalise the use of IV length 
This is in preparation for the upcoming Galois/Counter mode, which
conventionally has 12 bytes of IV as opposed to CBC's 16 bytes.

...Also fixes a lot of style issues, since the author finally found the
project's clang config file in the repository root :^)
 2020-05-02 12:24:10 +02:00
AnotherTest
72d56b46b5 LibTLS: Make enough stuff work to have a demo run 
...maybe, sometimes :^)
 2020-05-02 12:24:10 +02:00