Commit graph

17 commits

Author SHA1 Message Date
Andreas Kling
c1dd67e792 LibCrypto+LibTLS: Use AK/Random.h
This makes it possible to build both of these on Linux.
2020-05-27 12:28:17 +02:00
Luke
8e6df3949d LibTLS: Add more TLS 1.2 error descriptions
Adds more TLS 1.2 error descriptions according to the specification:
https://tools.ietf.org/html/rfc5246#section-7.2.2

This changes the DecryptionFailed description, as the specification
says that this alert should NEVER be sent by a compliant server.
2020-05-27 11:11:56 +02:00
Andreas Kling
5049e41223 LibTLS: Put lots of debug spam behind TLS_DEBUG 2020-05-26 23:46:28 +02:00
AnotherTest
7d76299ca9 LibTLS: Do not call on_tls_finished until the client has read app data 2020-05-21 01:21:39 +02:00
AnotherTest
f9cffda0e0 LibTLS: Flush some packets as soon as more packets are written
This seems like a better compromise between throughput and latency, and
it doesn't _really_ affect the performance, so let's just compromise.
2020-05-20 08:30:51 +02:00
AnotherTest
379cb061d7 LibTLS: Only try to flush data when needed
This patchset drops the write notifier, and schedules writes only when
necessary.
As a result, the CPU utilisation no longer spikes to the skies :^)
2020-05-19 20:00:43 +02:00
Andreas Kling
4b202a3c79 LibCore+LibTLS: Don't keep a "ready to write" notifier on all Sockets
The "ready to write" notifier we set up in generic socket connection is
really only meant to detect a successful connection. Once we have a TCP
connection, for example, it will fire on every event loop iteration.

This was causing IRC Client to max out the CPU by getting this no-op
notifier callback over and over.

Since this was only used by TLSv12, I changed that code to create its
own notifier instead. It might be possible to improve TLS performance
by only processing writes when actually needed, but I didn't look very
closely at that for this patch. :^)
2020-05-18 20:16:52 +02:00
Sergey Bugaev
450a2a0f9c Build: Switch to CMake :^)
Closes https://github.com/SerenityOS/serenity/issues/2080
2020-05-14 20:15:18 +02:00
AnotherTest
af1ce6c33d LibTLS: Verify server certificate expiry date 2020-05-07 10:23:58 +02:00
AnotherTest
2a29e668bd LibTLS: Try to disambiguate errors in case of failure
Not particularly helpful, but better than nothing.
2020-05-05 11:20:42 +02:00
Andreas Kling
e7abbc6655 LibTLS: Put some debug spam behind an #ifdef 2020-05-03 19:14:50 +02:00
AnotherTest
b028a123b8 LibTLS: "Properly" handle the server dropping the connection
Contrary to popular belief, not every implementation of TLS follows the
specs.
Some of them just drop the connection without sending a proper
close_notify, and we should handle that gracefully.
2020-05-03 19:08:40 +02:00
AnotherTest
0da07c284e LibTLS: Implement build_alert() 2020-05-02 12:24:10 +02:00
AnotherTest
dace14e70d LibTLS: Split TLSv12 to sensible categorical files
This commit splits the TLSv12 file into multiple files, and also removes
some magic values, to make the code less horrible. :^)
2020-05-02 12:24:10 +02:00
AnotherTest
bb46e5f608 LibTLS: Switch to Hash::Manager for hashing and add SHA1
Now we can talk to google.com
2020-05-02 12:24:10 +02:00
AnotherTest
a1e1570552 LibCrypto+LibTLS: Generalise the use of IV length
This is in preparation for the upcoming Galois/Counter mode, which
conventionally has 12 bytes of IV as opposed to CBC's 16 bytes.

...Also fixes a lot of style issues, since the author finally found the
project's clang config file in the repository root :^)
2020-05-02 12:24:10 +02:00
AnotherTest
72d56b46b5 LibTLS: Make enough stuff work to have a demo run
...maybe, sometimes :^)
2020-05-02 12:24:10 +02:00