blob: 916fd368c9645b9c626dff10d60922c389fd4d58 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
Name: tlslite
URL: http://trevp.net/tlslite/
Version: 0.3.8
Security Critical: No
Local Modifications:
- patches/close_notify.patch: tlslite/TLSRecordLayer.py was changed to force
the socket to be closed when the SSL connection is closed. This is is
necessary at this point since WinHTTP does not seem to react to the SSL
close notify. It's also needed to prevent a hang on Linux. See also
http://sourceforge.net/mailarchive/forum.php?thread_name=41C9B18B.2010201%40ag.com&forum_name=tlslite-users
- patches/python26.patch: Replace sha, md5 module imports with hashlib, as
they are deprecated in Python 2.6
- patches/ca_request.patch: tlslite/X509.py was changed to obtain the
DER-encoded distinguished name for a certificate, without requiring any
addition libraries.
tlslite/utils/ASN1Parser.py was changed to allow obtaining the unparsed
data for an element in a SEQUENCE, in addition to providing the parsed
value (tag and length removed)
tlslite/messages.py was changed from accepting/returning a single byte
array in the CertificateRequest message for the CA names to accept a list
of byte arrays, each containing a DER-encoded distinguished name.
tlslite/TLSConnection.py was changed to take a list of such byte arrays
when creating a TLS server that will request client authentication.
- patches/send_certificate_types.patch: tlslite/message.py was changed to
default to a certificate_types of [rsa_sign] in CertificateRequest. Apple's
Secure Transport library rejects an empty list and raises an SSL protocol
error.
- patches/parse_chain.patch: tlslite/X509CertChain.py and tlslite/X509.py were
updated to add a parseChain method, that can parse multiple certificates from
a PEM string.
- patches/tls_intolerant.patch: allow TLSLite to simulate a TLS-intolerant server.
|
