README.chromium - chromium/src/third_party/tlslite - Git at Google

 Name: tlslite
 URL: http://trevp.net/tlslite/
 Version: 0.3.8
 Security Critical: No
 License: Public domain

 Local Modifications:

 - patches/close_notify.patch: tlslite/TLSRecordLayer.py was changed to force
   the socket to be closed when the SSL connection is closed. This is is
   necessary at this point since WinHTTP does not seem to react to the SSL
   close notify. It's also needed to prevent a hang on Linux.  See also
   http://sourceforge.net/mailarchive/forum.php?thread_name=41C9B18B.2010201%40ag.com&forum_name=tlslite-users
 - patches/python26.patch: Replace sha, md5 module imports with hashlib, as
   they are deprecated in Python 2.6
 - patches/ca_request.patch: tlslite/X509.py was changed to obtain the
   DER-encoded distinguished name for a certificate, without requiring any
   addition libraries.
   tlslite/utils/ASN1Parser.py was changed to allow obtaining the unparsed
   data for an element in a SEQUENCE, in addition to providing the parsed
   value (tag and length removed)
   tlslite/messages.py was changed from accepting/returning a single byte
   array in the CertificateRequest message for the CA names to accept a list
   of byte arrays, each containing a DER-encoded distinguished name.
   tlslite/TLSConnection.py was changed to take a list of such byte arrays
   when creating a TLS server that will request client authentication.
 - patches/send_certificate_types.patch: tlslite/message.py was changed to
   default to a certificate_types of [rsa_sign] in CertificateRequest. Apple's
   Secure Transport library rejects an empty list and raises an SSL protocol
   error.
 - patches/parse_chain.patch: tlslite/X509CertChain.py and tlslite/X509.py were
   updated to add a parseChain method, that can parse multiple certificates from
   a PEM string.
 - patches/tls_intolerant.patch: allow TLSLite to simulate a TLS-intolerant server.
 - patches/channel_id.patch: add basic ChannelID support. (Signatures are not
   checked.)
 - patches/signed_certificate_timestamps.patch: add support for sending Signed
   Certificate Timestamps over a TLS extension.
 - patches/fallback_scsv.patch: add support for TLS_FALLBACK_SCSV. See
   https://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01
	Name: tlslite
	URL: http://trevp.net/tlslite/
	Version: 0.3.8
	Security Critical: No
	License: Public domain

	Local Modifications:

	- patches/close_notify.patch: tlslite/TLSRecordLayer.py was changed to force
	the socket to be closed when the SSL connection is closed. This is is
	necessary at this point since WinHTTP does not seem to react to the SSL
	close notify. It's also needed to prevent a hang on Linux. See also
	http://sourceforge.net/mailarchive/forum.php?thread_name=41C9B18B.2010201%40ag.com&forum_name=tlslite-users
	- patches/python26.patch: Replace sha, md5 module imports with hashlib, as
	they are deprecated in Python 2.6
	- patches/ca_request.patch: tlslite/X509.py was changed to obtain the
	DER-encoded distinguished name for a certificate, without requiring any
	addition libraries.
	tlslite/utils/ASN1Parser.py was changed to allow obtaining the unparsed
	data for an element in a SEQUENCE, in addition to providing the parsed
	value (tag and length removed)
	tlslite/messages.py was changed from accepting/returning a single byte
	array in the CertificateRequest message for the CA names to accept a list
	of byte arrays, each containing a DER-encoded distinguished name.
	tlslite/TLSConnection.py was changed to take a list of such byte arrays
	when creating a TLS server that will request client authentication.
	- patches/send_certificate_types.patch: tlslite/message.py was changed to
	default to a certificate_types of [rsa_sign] in CertificateRequest. Apple's
	Secure Transport library rejects an empty list and raises an SSL protocol
	error.
	- patches/parse_chain.patch: tlslite/X509CertChain.py and tlslite/X509.py were
	updated to add a parseChain method, that can parse multiple certificates from
	a PEM string.
	- patches/tls_intolerant.patch: allow TLSLite to simulate a TLS-intolerant server.
	- patches/channel_id.patch: add basic ChannelID support. (Signatures are not
	checked.)
	- patches/signed_certificate_timestamps.patch: add support for sending Signed
	Certificate Timestamps over a TLS extension.
	- patches/fallback_scsv.patch: add support for TLS_FALLBACK_SCSV. See
	https://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01