luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fa0ccd9f1f
curl/lib/vtls
History
Stefan Eissing fa0ccd9f1f
lib: TLS session ticket caching reworked 
Described in detail in internal doc TLS-SESSIONS.md

Main points:
- use a new `ssl_peer_key` for cache lookups by connection filters
- recognize differences between TLSv1.3 and other tickets
  * TLSv1.3 tickets are single-use, cache can hold several of them for a peer
  * TLSv1.2 are reused, keep only a single one per peer
- differentiate between ticket BLOB to store (that could be persisted) and object instances
- use put/take/return pattern for cache access
- remember TLS version, ALPN protocol, time received and lifetime of ticket
- auto-expire tickets after their lifetime

Closes #15774
2024-12-20 14:59:23 +01:00
..
.checksrc lib: enable strerror and strncpy checksrc warnings in subdirs 2024-09-09 16:51:21 +02:00
bearssl.c lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
bearssl.h
cipher_suite.c lib: use bool/TRUE/FALSE properly 2024-10-03 09:31:56 +02:00
cipher_suite.h rustls: add support for setting TLS version and ciphers 2024-08-16 09:55:02 +02:00
gtls.c lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
gtls.h lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
hostcheck.c code: language cleanup in comments 2024-07-01 22:58:55 +02:00
hostcheck.h code: language cleanup in comments 2024-07-01 22:58:55 +02:00
keylog.c lib: use bool/TRUE/FALSE properly 2024-10-03 09:31:56 +02:00
keylog.h
mbedtls_threadlock.c mbedtls: properly cleanup the thread-shared entropy 2024-03-12 03:09:37 -04:00
mbedtls_threadlock.h tidy-up: one comment and EOF newlines 2024-03-12 15:38:44 +00:00
mbedtls.c lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
mbedtls.h
openssl.c lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
openssl.h lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
rustls.c vtls: remove 'detach/attach' functions from TLS handler struct 2024-12-18 15:52:03 +01:00
rustls.h
schannel_int.h schannel: fix TLS cert verification by IP SAN 2024-10-31 08:59:37 +01:00
schannel_verify.c tool_getpass: restore UWP getpass_r(), fixup CI builds, fix UWP -Wnull-dereference 2024-11-26 13:01:57 +01:00
schannel.c lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
schannel.h build: do not publish HAVE_BORINGSSL, HAVE_AWSLC macros 2023-10-08 22:29:45 +00:00
sectransp.c lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
sectransp.h
vtls_int.h lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
vtls_scache.c lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
vtls_scache.h lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
vtls.c lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
vtls.h lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
wolfssl.c lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
wolfssl.h lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
x509asn1.c lib/src: white space edits to comply better with code style 2024-09-19 14:59:12 +02:00
x509asn1.h x509asn1: unittests and fixes for gtime2str 2024-07-30 23:08:59 +02:00