Rezzect/syncplay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
2,030 Commits 2 Branches 2 Tags
Commit Graph

2030 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alberto Sottile
0add282db6 startTLS: set font size in dialog only on macOS 2019-02-16 00:07:11 +01:00
Alberto Sottile
b5f191bb68 startTLS: multilanguage strings in certificate dialog 2019-02-16 00:07:05 +01:00
Alberto Sottile
b35a4fec9d startTLS: add custom certificate info dialog 2019-02-16 00:06:57 +01:00
Alberto Sottile
3695c31ec7 startTLS: set lock button appearance on macOS 2019-02-16 00:06:50 +01:00
Etoh
466e8533d6 Add secure connection icon to press for cert details 2019-02-16 00:06:43 +01:00
Alberto Sottile
8d52acbd88 Get exact error value from Twisted if IPv6 listener is dual stack 2019-02-16 00:05:58 +01:00
Alberto Sottile
285428fb03 Check if the server is listening on either IPv4 or IPv6, avoid errors happening in dual stack configurations 2019-02-16 00:05:46 +01:00
Alberto Sottile
cb66180328 startTLS: import and cosmetic fixes 2019-02-16 00:05:25 +01:00
Alberto Sottile
23f4d686f2 startTLS: client-side verification of the certifi bundle 2019-02-16 00:05:15 +01:00
Alberto Sottile
24cb681acd startTLS: add link to 'startTLS-server-certificate-invalid' error message 2019-02-16 00:05:04 +01:00
Alberto Sottile
6dcaf21891 startTLS: drop connection if server certificate is not valid 2019-02-16 00:04:52 +01:00
Alberto Sottile
dbb2b1c9ff startTLS: add accepted ciphers list and remove DH params 2019-02-16 00:04:28 +01:00
Alberto Sottile
9721cf32e4 startTLS: change DH key parameter filename 2019-02-16 00:04:15 +01:00
Alberto Sottile
9b4338146e startTLS: enable Diffie-Hellman based key exchange on server 
Following the guidelines reported in the Twisted documentation
here https://twistedmatrix.com/documents/current/core/howto/ssl.html
this commit enables Diffie-Hellman based key exchange on the server.

Before launching the server, a parameters .pem file must be generated
as detailed in https://twistedmatrix.com/documents/18.9.0/api/twisted.internet.ssl.DiffieHellmanParameters.html
by running `openssl dhparam -out dh_param_1024.pem -2 1024`
on the server machine. This parameters file must be placed in the same
path that contains the server certificates.
 2019-02-16 00:04:05 +01:00
Alberto Sottile
b19f2eaaac startTLS: set minimum protocol version to TLS 1.2 2019-02-16 00:03:55 +01:00
Alberto Sottile
abaf178fa6 startTLS: get encrypted connection information after handshake 2019-02-16 00:03:44 +01:00
Alberto Sottile
9e59a8500b startTLS: get server certificate only after handshake 2019-02-16 00:03:33 +01:00
Alberto Sottile
e6912dc659 startTLS: separate not-supported messages for client and server 2019-02-16 00:03:23 +01:00
Alberto Sottile
ff3e49b87d startTLS: show negotiated TLS version 2019-02-16 00:02:18 +01:00
Alberto Sottile
3fc9dcf0af startTLS: handle ui messages 2019-02-16 00:02:06 +01:00
Alberto Sottile
0c46f54510 startTLS: making TLS support (and dependencies) optional 2019-02-16 00:01:55 +01:00
Alberto Sottile
2219bcf4dc startTLS: fix server cert loading function 2019-02-16 00:01:32 +01:00
Alberto Sottile
07fd1434ba startTLS: correct certificate loading and validation 2019-02-16 00:01:02 +01:00
Alberto Sottile
dc5c63a57c startTLS: fall back to TCP if server certificate is not validated 2019-02-16 00:00:23 +01:00
Alberto Sottile
f16ceed539 startTLS: support Let's Encrypt certificates 2019-02-16 00:00:14 +01:00
Alberto Sottile
81e0a20047 startTLS: avoid retrying TLS connection if hostname is an IP address 2019-02-16 00:00:04 +01:00
Alberto Sottile
7910ddec15 startTLS: added --tls [file] argument in server 2019-02-15 23:59:41 +01:00
Alberto Sottile
3eeaeed6dd startTLS: enabled on server and client, TCP stays as default 2019-02-15 23:59:24 +01:00
Alberto Sottile
d7e577ef04 TLS: server listens on both IPv4 and IPv6 2019-02-15 23:58:35 +01:00
Alberto Sottile
8bff90d809 TLS: client-server implementation with self-issued certs on IPv4 2019-02-15 23:58:20 +01:00
Alberto Sottile
7f9e694b04 TLS: server listens on TLS via IPv4 2019-02-15 23:57:54 +01:00
Alberto Sottile
00799faf1c Restore TCP4 and TCP6 server endpoints 2019-02-15 23:57:33 +01:00
Alberto Sottile
8e1f40341c startTLS: change DH key parameter filename 2019-02-15 23:54:37 +01:00
Alberto Sottile
70feed3305 startTLS: enable Diffie-Hellman based key exchange on server 
Following the guidelines reported in the Twisted documentation
here https://twistedmatrix.com/documents/current/core/howto/ssl.html
this commit enables Diffie-Hellman based key exchange on the server.

Before launching the server, a parameters .pem file must be generated
as detailed in https://twistedmatrix.com/documents/18.9.0/api/twisted.internet.ssl.DiffieHellmanParameters.html
by running `openssl dhparam -out dh_param_1024.pem -2 1024`
on the server machine. This parameters file must be placed in the same
path that contains the server certificates.
 2019-02-15 23:54:30 +01:00
Alberto Sottile
810a791332 startTLS: set minimum protocol version to TLS 1.2 2019-02-15 23:53:31 +01:00
Alberto Sottile
51902c8f8c startTLS: get encrypted connection information after handshake 2019-02-15 23:53:23 +01:00
Alberto Sottile
cecb8c9b7b startTLS: get server certificate only after handshake 2019-02-15 23:53:13 +01:00
Alberto Sottile
93052b4b95 startTLS: separate not-supported messages for client and server 2019-02-15 23:53:05 +01:00
Alberto Sottile
6d5a618767 startTLS: show negotiated TLS version 2019-02-15 23:52:57 +01:00
Alberto Sottile
014483b546 startTLS: handle ui messages 2019-02-15 23:52:47 +01:00
Alberto Sottile
18e39b4aae startTLS: making TLS support (and dependencies) optional 2019-02-15 23:52:37 +01:00
Alberto Sottile
7dfe9d2bdb startTLS: fix server cert loading function 2019-02-15 23:52:26 +01:00
Alberto Sottile
a055e3b881 startTLS: correct certificate loading and validation 2019-02-15 23:52:04 +01:00
Alberto Sottile
063a191e99 startTLS: fall back to TCP if server certificate is not validated 2019-02-15 23:51:55 +01:00
Alberto Sottile
fe11e66b29 startTLS: support Let's Encrypt certificates 2019-02-15 23:51:48 +01:00
Alberto Sottile
09b035e57d startTLS: avoid retrying TLS connection if hostname is an IP address 2019-02-15 23:51:40 +01:00
Alberto Sottile
cecd992fa8 startTLS: added --tls [file] argument in server 2019-02-15 23:51:31 +01:00
Alberto Sottile
58ccca5766 startTLS: enabled on server and client, TCP stays as default 2019-02-15 23:51:22 +01:00
Alberto Sottile
0890db8364 TLS: server listens on both IPv4 and IPv6 2019-02-15 23:50:28 +01:00
Alberto Sottile
13fb63b12f TLS: client-server implementation with self-issued certs on IPv4 2019-02-15 23:50:14 +01:00