| Name: tlslite |
| URL: http://trevp.net/tlslite/ |
| Version: 0.4.8 |
| Security Critical: No |
| License: Public domain and BSD |
| |
| Description: Python TLS implementation for use with test server. |
| |
| Source: https://pypi.python.org/packages/source/t/tlslite/tlslite-0.4.8.tar.gz |
| MD5: 36c13858ea63f262c4e4291c2f9ae38f |
| SHA-512: bdb42d005b7444667badc6febd38f5b74878c09218b418844c255920f0e6272f |
| 55f62b4ea21953953935f73e02657fce9874b44f73499267cf713ddbcd3d6a44 |
| |
| Local Modifications: |
| - Drop docs/ directory. |
| - patches/tls_intolerant.patch: allow TLSLite to simulate a TLS-intolerant server. |
| - patches/channel_id.patch: add basic ChannelID support. (Signatures are not |
| checked.) |
| - patches/signed_certificate_timestamps.patch: add support for sending Signed |
| Certificate Timestamps over a TLS extension. |
| - patches/fallback_scsv.patch: add support for TLS_FALLBACK_SCSV. See |
| https://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01 |
| - patches/status_request.patch: add support for sending stapled OCSP responses. |
| - patches/ssl3_padding.patch: SSL3 requires minimal padding in CBC mode. |
| - patches/fix_test_file.patch: Fix #! line in random test file to appease our |
| presubmit checks. |
| - patches/dhe_rsa.patch: Implement DHE_RSA-based cipher suites on the server. |
| - patches/req_cert_types.patch: Add a reqCertTypes parameter to populate the |
| certificate_types field of CertificateRequest. Also fixes type errors. |
| - patches/ignore_write_failure.patch: Don't invalidate sessions on write |
| failures. |
| - patches/intolerance_options.patch: Add an option to further control |
| simulated TLS version intolerance. |
| - patches/save_client_hello.patch: Save the parsed ClientHello on TLSConnection |
| so tests can query it. |
| - patches/certificate_request.patch: Fix client auth for TLS 1.2. |
| - patches/aes_gcm.patch: Implement AES-GCM and never select TLS 1.2 ciphers |
| unless >= TLS 1.2 is negotiated. |
| - patches/alert_after_handshake.patch: Add an option to send a fatal alert |
| immediately after the handshake completes. |
| - patches/ecdhe_rsa.patch: Implement ECDHE_RSA-based ciper suites on the server. |
| - patches/extended_master_secret.patch: Add server support for extended |
| master secret. |
| - patches/token_binding_negotiation.patch: Add server support for token |
| binding negotiation TLS extension (draft-ietf-tokbind-negotiation-02). |
| - patches/disable_channel_id.patch: Add flag to HandshakeSettings to allow |
| for disabling channel id. |
| - patches/exported_keying_material.patch: Add method to Session to get |
| exported keying material (RFC 5705) for use in e.g. Token Binding. |
| - patches/token_binding_resumption.patch: Fix token binding negotiation |
| extension to work on session resumption. |
| - patches/extension_number_update.patch: Update TLS extension numbers. |
| - patches/save_randoms.patch: Save client and server randoms when resuming |
| sessions. |
| - patches/alpn.path: Implement Application-Layer Protocol Negotiation Extension. |
| - patches/token_binding_version.patch: Update the Token Binding version number. |
| - patches/renegotiation_indication.patch: Implement the renegotiation |
| indication extension (RFC 5746) without supporting renegotiation. |
| - patches/tls13_intolerance.patch: Extend the intolerance simulation to TLS 1.3. |
| - patches/simulate_tls13_downgrade.patch: Add an option to simulate the TLS 1.3 |
| downgrade signal. |