Releases · Amebis/GEANTLink

17 Aug 09:57

rozmansi

1.0-alpha8 Pre-release

Pre-release

TLS revised
- Client explicitly refuses to accept change cipher spec if no or NULL cipher was proposed
- Hello requests are no longer included in the handshake hashing
- Support for encrypted change cipher spec messages added
- Explicit checks on server certificate chain added:
  - Certificate can not be self-signed: Cannot check trust against configured root CAs when server certificate is self-signed
  - Server can provide full certificate chain up-to and including root CA. Importing root CA to the store for certificate chain validation would implicitly trust this certificate chain. Thus, we skip all self-signed certificates on import.
- Session resumption issues resolved
Credential prompt has "Remember" checkbox initially selected when credentials originate from Windows Credential Manager
Last authentication attempt failure notice is more general now and no longer insinuate user credentials are the likely cause of the failure
Additional log messages added

Assets 6

16 Aug 15:02

rozmansi

1.0-alpha7 Pre-release

Pre-release

TLS code clean-up before testing

Assets 6

15 Aug 23:06

rozmansi

1.0-alpha6 Pre-release

Pre-release

Assets 6

23 Jun 15:27

rozmansi

1.0-alpha5 Pre-release

Pre-release

Configuration
- All configurations imported via XML are marked read-only now
- Provider's custom credential prompt labels are honored now (for password-based methods)
- Provider's contact info support added
Monitoring
- Event reporting finished
- EventMonitor utility introduced
Security
- Credential encryptrion method changed - the former didn't work between normal and UAC-elevated processes: stored credentials are no longer valid and should be reentered
- IPC BLOBs are encrypted now