SSL: New Report and Keeping up with the Jones

Post by **dciliske** » Wed Oct 15, 2014 10:38 am

Just to let people know, we are aware of the report issued regarding SSL 3.0 and are investigating the process to implement TLS. Can't give y'all much more info than that at this time.

And if you are not aware of the SSL 3.0 report I'm referring to, here you go: http://googleonlinesecurity.blogspot.co ... sl-30.html

We will update you on the issue when we know more.

-Dan

kackle123 · Post by **kackle123** » Mon Nov 17, 2014 7:12 am

It's been one month; has NB made any decisions yet?

Post by **Forrest** » Mon Nov 17, 2014 3:11 pm

We are actively working on a TLS solution at this time.

kackle123 wrote:It's been one month; has NB made any decisions yet?

kackle123 · Post by **kackle123** » Sat Nov 22, 2014 8:39 am

Thank you, Forrest. Keep us posted.

dnishimura · Post by **dnishimura** » Tue Jan 06, 2015 3:03 pm

Do you anticipate the TLS solution to be released before mid-2015? Our products will require it since many servers have disabled SSLv3.

Post by **pbreed** » Tue Jan 06, 2015 4:01 pm

Dan will probably answer this as its his project...
He currently has TLS working in both server and client mode,
but is diagnosing some crashes and stability issues in some of the less used modes.
I would expect a TLS beta some time in Q1.

Post by **dciliske** » Wed Jan 07, 2015 8:50 am

Currently the core functionality is mostly working. The server and client modes are 95% there and correct. The main list of things that still need to be done are:

Remove the malloc calls.
Reduce the stack usage (Currently ~24KB of RAM).
Get client certs working again (somehow the cert sending got broken).
Make sure embedded cert chains are handled correctly (an issue that has been address in the previous library while working on the new one)

Items 1 and 2 are must haves before releasing the beta. Items 3 and 4 are Nice to Have's, but probably won't make it to the beta.

-Dan

Post by **dciliske** » Tue Jan 13, 2015 10:35 am

Malloc removed in all but one location, where there really is no alternative, and it's used as a last resort in the event that everything else is failing and you should never actually hit it... (Hitting it is a problem, and you should redo your app if you're triggering it, it just keeps you from crashing)
Stack usage was apparently screwed up because the size of BigNums got cranked waaaay up. Not sure why/when that happened, but it's pretty ok now.

Based on this we will likely start the beta by the end of the month.

-Dan

Post by **dciliske** » Wed Jan 14, 2015 2:01 pm

Main commit done, now to wait and see what the build system thinks about it...

NetBurner Community Forum

SSL: New Report and Keeping up with the Jones

SSL: New Report and Keeping up with the Jones

Re: SSL: New Report and Keeping up with the Jones

Re: SSL: New Report and Keeping up with the Jones

Re: SSL: New Report and Keeping up with the Jones

Re: SSL: New Report and Keeping up with the Jones

Re: SSL: New Report and Keeping up with the Jones

Re: SSL: New Report and Keeping up with the Jones

Re: SSL: New Report and Keeping up with the Jones

Re: SSL: New Report and Keeping up with the Jones