Commit Graph

19 Commits

Author SHA1 Message Date
7a0593adeb [+] AuCrypto::CA::ICertificateStore
[+] AuCrypto::CA::INewCertificateStore
[+] AuCrypto::CA::IPinCertificate
[+] AuCrypto::CA::PinAlwaysFail
[+] AuCrypto::CA::PinAlwaysPass
[+] AuCrypto::CA::PinCheckOS
[+] AuCrypto::CA::PinCheckDefault
[+] AuCrypto::CA::PinCheckBuiltin
[+] AuCrypto::CA::PinCheckGlobal
[+] AuCrypto::CA::PinCheckTwoAnd
[+] AuCrypto::CA::PinCheckTwoOr
[+] AuCrypto::CA::SetGlobalTLSPinner
[*] Minor AuCrypto::X509 decoder work
[*] AuCrypto::X509: transition to memory views (x509 is bytebuffer era and earlier code, beri early)
[+] AuCrypto::IPrivateKeyProvider
[+] AuCrypto::IPrivateKeyPair
[+] AuCrypto::PrivateKeyPair
[+] AuCrypto::ImportPrivateKeyPair
[*] Refactor: AuCrypto::X509::GenerateCertificate(...)
[+] AuCrypto::X509::NewChainFromOneDer
[+] AuCrypto::X509::NewChainFromManyDer
[+] AuCrypto::X509::NewChainFromManyDerInStream
[+] AuCrypto::X509::NewChainFromOnePem
[+] AuCrypto::X509::NewChainFromManyPem
[+] AuCrypto::X509::NewChainFromManyPemInStream
[*] Fix TLS code that was abandoned since its introduction with the net code. mbedtls is a hairbrained mess. so many *blocking* github issues starting after 2017. so little progress.
[+] AuIO::TLS::TLSMeta::pKeyPairProvider
[+] AuIO::TLS::TLSServer::bAllowSNIToFallBackDefault
[+] AuIO::TLS::TLSServer::bAllowSNILessUseDefaultCert
2024-10-16 02:07:24 +01:00
76d3759295 [+] IProtocolPiece::GetPreviousPiece()
[+] IProtocolPiece::ReallocateSourceBuffer()
[*] IProtocolPiece::GetInputWriter()
[*] IProtocolPiece::GetNextWriter()
2023-12-10 14:06:10 +00:00
5ec28735ed [*] Improved AuProtocolStack API 2023-11-30 09:40:02 +00:00
5cf7533eab [*] Linux and UNIX QOL 2023-08-27 12:42:10 +01:00
4a584ce73a [+] Future proof IProtocolInterceptorEx with an optional pParent in the only Aurora Interface methods last argument 2023-06-10 20:33:19 +01:00
1fa433540b [*] Experimental lower-latency IO pipes
[*] revert win32 net tx hardening - do not use the Reset function to null pSocket
[*] fix a bytebuffer circular buffer path
[*] update how TLS protocol stacks can snap the stack
2023-05-11 16:05:00 +01:00
766be57a46 [+] Linux build [again]
[+] ProcessSectionViewReserved.Unix.cpp
[*] Fix missing ::Flush() member on ViewWriter
2022-12-16 00:41:01 +00:00
267c2216b0 [+] UDP over socket API via existing INetSrvDatagram layer
(...missing send)
[+] AuIO::Buffer::ViewReader
[+] AuIO::Buffer::ViewSeekableReadable
[+] AuIO::Buffer::ViewWriter
[*] Clean up AuCompression
[*[ AuLog messages must always crunch for memory
[*] Various bug fixes
[*] Refactor+clean up
2022-12-12 23:50:05 +00:00
033f7e2453 [+] Aurora::Crypto::X509::CertRequest
[+] Aurora::Crypto::X509::GenerateCertificate
[*] Fix lazily copied gen1 RSA code
[+] Aurora::Crypto::ECC::EECCCurve::eCurveSECP256R1
[+] Aurora::Crypto::ECC::EECCCurve::eCurveSECP256K1
[+] Aurora::Crypto::ECC::EECCCurve::eCurveSECP384R1
[+] Aurora::Crypto::ECC::EECCCurve::eCurveSECP521R1
[*] Unfuck ECC interop
[*] Tls pinning: use mbedtls_ssl_conf_verify for tls1.3 (when mbedtls is in a better state)
2022-11-18 21:03:11 +00:00
d9dd1182b9 [+] TLS pinning
[*] ISocket::Shutdown(*bool bNow*), allowing for flush of the send channel when false
[*] Fix StartRead and StartWrite after shutdown (NT)
[*] Amended dead-lock
2022-11-18 04:44:47 +00:00
051db40a1c [+] STATUS_ACCESS_DENIED error enum in AuNetError.cpp (required for filtered connects given the overlappeds internal field that uses the nt status codes)
[*] fixed: TLS now properly sends the encrypted frame down to the next piece instead of directly to the drain
2022-10-01 01:07:26 +01:00
2a3bd735ac [+] AuProtocol: PrependInterceptor[Ex]/AppendInterceptor[Ex] over now removed AddInterceptor[Ex]
(prepend makes sense for outbound stacks, where you might register the compression/crypto stages first, then return an object to the caller who may wish to prepend the input processors. http might need it.)
2022-09-04 01:18:05 +01:00
af03c5cbf3 [+] IProtocolStack::AddEndInterceptor (optimizes away the output stage buffer, instead of preallocating a massive ring buffer, when the AddInterceptorEx variant is supplied with a uOutputBufferSize of zero)
[*] Typo iServerBadMacLimit
2022-09-02 20:58:56 +01:00
ad4b4aa4ae [*] TLS init for later 2022-08-31 18:46:50 +01:00
f1ac21a379 [+] TLSErrorToString
[*] Send break should always perserve writeptr
2022-08-31 16:09:45 +01:00
2b72228b9e [*] TLS Stack: use new AuByteBuffer apis 2022-08-31 00:06:50 +01:00
d68fc7fc91 [+] ByteBuffer::GetNextLinearRead()
[+] ByteBuffer::GetNextLinearWrite()
[-] ByteBuffer::WriterTryGetWriteHeadFor
[+] ITLSPrivateKeyPair
[+] ITLSContext::GetFatalErrorCodeAsString()
[+] Begin to add certificate chains
[*] Clean up TLS
2022-08-30 22:18:15 +01:00
afa7c8f5f8 [+] TLS::GetDefaultCipherSuites
[+] TLS::GetSupportedCipherSuites
[+] TLS::CipherSuiteFromString
[+] TLS::CipherSuiteToString
[+] internal logic for setting up the ciphersuite array
2022-08-29 19:57:24 +01:00
67905a4192 [+] Network + Protocol + TLS - Initial Commit
=============================================================================
Network ]====================================================================
=============================================================================

[+] Added (very) early Aurora::IO::Net implementation
[+] AuNet::EHostnameType
[+] AuNet::EIPProtocol
[+] AuNet::ENetworkError
[+] AuNet::ETransportProtocol
[+] AuNet::INetInterface
[+] AuNet::INetSrvDatagram
[+] AuNet::INetSrvResolve
[+] AuNet::INetSrvSockets
[+] AuNet::INetSrvWorkers
[+] AuNet::INetWorker
[+] AuNet::IPAddress
[+] AuNet::IResolver
[+] AuNet::ISocket
[+] AuNet::IResolver
[+] AuNet::ISocketBase
[+] AuNet::ISocketChannel
[+] AuNet::ISocketDriver
[+] AuNet::ISocketDriverFactory
[+] AuNet::ISocketServer
[+] AuNet::ISocketServerDriver
[+] AuNet::NetEndpoint
[+] AuNet::NetError
[+] AuNet::NetHostname
(+implementation)

=============================================================================
Protocol ]===================================================================
=============================================================================

[+] IProtocolInterceptor
[+] IProtocolInterceptorEx
[+] IProtocolStack
(+implementation)

=============================================================================
TLS ]========================================================================
=============================================================================

[+] ITLSContext
[+] TLSProtocolRecv
[+] TLSProtocolSend
(+implementation)

=============================================================================
IO Bug Fixes ]===============================================================
=============================================================================

[*] IOProcessor::SubmitIOWorkItem should signal the CvEvent, forcing at least once future tick (wont optimize with if in tick & not yet dispatched work items)
[*] Split IOPipeWork in into IOPipeProcessor header
[+] IOPipeWork::GetBuffer (internal reallocation)
[*] Harden against IAsyncTransactions without a loop source
[*] Missing null `if (processor->listener)` in IOProcessor
[*] Solved some soft-lock conditions under Linux's LoopQueue (added deferred commits)
[*] Quick hack: IOProcessor::HasItems() should OR the early can-tick check function.

=============================================================================
Other ]======================================================================
=============================================================================

[+] Linux: LSSignalCatcher
[+] `static void AuResetMember(Aurora::Memory::ByteBuffer &ref)` for AuROXTL
[*] Attempt to enforce a normalization and don't overwrite-readptr-under-istreamwriters policy in ByteBuffer_ReadWrite (circular buffers)
[*] Bad ECC ctors

=============================================================================
Known issues ]===============================================================
=============================================================================

> Linux net is nowhere near done
> UDP socket emulation layer isn't implemented
> Ciphersuite API is a stub
> Private key API is a stub
> ...therefore no TLS servers
> Missing thread safety precautions under net
> Net implementation is still beri early
2022-08-28 20:02:06 +01:00