Commit Graph

7 Commits

Author SHA1 Message Date
Bryan White
ef99c1657f
TLS extension handling overhaul (#1458) 2019-03-25 22:52:12 +01:00
Bryan White
c607abf27c [V3-1147] Ensure certificate validation happens properly (#1403)
* add regression test & update transport tests

* separate client and server verificiation functions

* goimports
2019-03-06 09:42:34 -05:00
Bryan White
5742131941
tlsconfig refactor / cleanup (#1399) 2019-03-04 21:40:18 +01:00
Bryan White
675e0ef683 [V3-1320] fix empty node ID verification non-error (#1395)
* small identity refactor:

+ Optimize? iterative cert chain methods to use array instead of slice
+ Add `ToChain` helper for converting 1d to 2d cert chain
  TODO: replace literal declarations with this
+ rename `ChainRaw/RestChainRaw` to `RawChain/RawRestChain`
  (adjective noun, instead of nound adjective)

* add regression tests for V3-1320

* fix V3-1320

* separate `DialUnverifiedIDOption` from `DialOption`

* separate `PingNode` and `DialNode` from `PingAddress` and `DialAddress`

* update node ID while bootstrapping

* goimports & fix comment

* add test case
2019-03-04 15:03:33 -05:00
Bryan White
fde0020c68
dial node/address with bad server cert (#1342) 2019-02-26 19:35:16 +01:00
Bryan White
b652b6a522 use peer ca whitelist in testplanet (#1337) 2019-02-25 09:38:03 +02:00
JT Olio
2a59679766 pkg/transport: require tls configuration for dialing (#1286)
* separate TLS options from server options (because we need them for dialing too)
* stop creating transports in multiple places
* ensure that we actually check revocation, whitelists, certificate signing, etc, for all connections.
2019-02-11 13:17:32 +02:00