mono/mcs/class/System.ServiceModel/Mono.Security.Protocol.Tls/ChangeLog

2010-05-10  Sebastien Pouliot  <[email protected]>

	* CipherSuite.cs:
	* DebugHelper.cs:
	* RecordProtocol.cs:
	* SslClientStream.cs:
		Let them compile for Moonlight (where the files are 
		compiled inside System.dll)

2010-04-23 Gonzalo Paniagua Javier <[email protected]>

	* Context.cs:
	* SslStreamBase.cs:
	* RecordProtocol.cs: differentiate a received 'CloseNotify' alert from
	one that we sent. Disposing the stream will try to send the
	'CloseNotify' alert, if it hasn't already, and ignore any errors. This
	is needed for FTPS to work.

2010-03-11 Gonzalo Paniagua Javier <[email protected]>

	* SslStreamBase.cs:
	* SslClientStream.cs:
	* SslServerStream.cs: modify the 2.0 callback to return more info.

2010-03-01 Gonzalo Paniagua Javier <[email protected]>

	* HttpsClientStream.cs: use Address instead
	of RequestUri to get the right host name when the request is
	redirected.

	* SslStreamBase.cs:
	* SslClientStream.cs:
	* SslServerStream.cs:
	added a new callback for certificate validation that gets all the
	certificates received from the server/client. The callee should
	build the chain and validate it.

2009-10-20 Gonzalo Paniagua Javier <[email protected]>

	* ServerContext.cs:
	* SslServerStream.cs: add new parameter that forces sending the
	CertificateRequest record. Make sure we raise the client certificate
	validation event when it is requested or required.

2009-07-02 Gonzalo Paniagua Javier <[email protected]>

	* HttpsClientStream.cs: if there's only an ICertificatePolicy and no
	ServerCertificateValicationCallback, don't fail.

2009-07-02 Gonzalo Paniagua Javier <[email protected]>

	* HttpsClientStream.cs: invoke the ServerCertificateValidationCallback
	in the 2.0 profile. If there's a CertificatePolicy, it is run before
	the 2.0 callback.

2007-09-12  Sebastien Pouliot  <[email protected]>

	* Context.cs: Clear key info memory (not just nullify). Fix bug #82819

2007-08-16  Sebastien Pouliot  <[email protected]>

	* RecordProtocol.cs, SslStreamBase.cs: Ensure nothing (even the same
	thread) can confuse the record decoding code. Fix bug #82145 (LDAP) 
	which uses several thread over a single SslClientStream instance.

2007-05-23 Gonzalo Paniagua Javier <[email protected]>

	* Context.cs: fix the calculation of the unix time.

2007-05-09  Sebastien Pouliot  <[email protected]>

	* HttpsClientStream.cs: Add support for client certificates from
	HttpWebRequest if it uses X509Certificate2 instance (which requires
	using 2.0 profile) and if the private key is available.
	* SslStreamBase.cs: Fix warning in 2.0 because Stream now implements
	Dispose. Rework Close (in 2.0) to avoid infinite recursion.

2006-12-08  Sebastien Pouliot  <[email protected]> 

	* ClientSessionCache.cs: Fix cache to be really used. Original patch
	by Roy Versteeg. Fix bug #80175.

2006-12-08  Sebastien Pouliot  <[email protected]>

	* ClientSessionCache.cs: Check for a new environment variable to 
	control the cache validity period (MONO_TLS_SESSION_CACHE_TIMEOUT).
	Fix bug #80174.

2006-09-11  Sebastien Pouliot  <[email protected]>

	* CipherSuite.cs: Avoid creating a CryptoStream and a MemoryStream in
	EncryptRecord (removing the need to do a keysetup each time). Add
	helper methods to write inside byte buffers. Decrypt the data in
	place (without allocating new memory) as the result will always be
	smaller than the original. Avoid TlsStream in CreatePremasterSecret 
	method. All HMAC access are done with the Negotiating parameters.
	* ClientRecordProtocol.cs: Set HandshakeState to None if we receive
	a HelloRequest during an existing session. Remove overidden method
	ProcessChangeCipherSpec. Skip memory allocation if possible.
	* Context.cs: Add new SecurityParameters for current, negotiating, 
	read and write (actually only two different instance exists). Change
	readSequenceNumber and writeSequenceNumber to ulong to match specs.
	Remove all properties that are moved/replaced with SecurityParameters.
	Added methods to Start and End a switch of the security parameters.
	* RecordProtocol.cs: Add code to ProcessChangeCipherSpec (not abstract
	anymore). Remove ReadShort and it's use. Deal with null alerts in 
	SendAlert method (internal error). Change code to deal with 
	SendChangeCipherSpec inside an existing (encrypted) session. Update 
	Cipher to use the correct one (mostly Read.Cipher or Negotiating.Cipher
	for ProcessCipherSpecV2Buffer method).
	* SecurityParameters.cs: New. Deal with all parameters that changes
	between negotiations.
	* ServerRecordProtocol.cs: Remove method ProcessChangeCipherSpec.
	* SslCipherSuite.cs: Don't use TlsStream when computing MAC. Set the
	MAC keys to the Negotiating security parameters.
	* SslClientStream.cs: Change calls from Cipher to Negotiating.Cipher.
	* SslServerStream.cs: Change calls from Cipher to Negotiating.Cipher.
	Remove debugging dead code (DateTime).
	* SslStreamBase.cs: Change calls from Cipher to Current.Cipher. Reuse
	existing memory buffer.
	* TlsCipherSuite.cs: Don't use TlsStream when computing MAC. Set the
	MAC keys to the Negotiating security parameters.
	* TlsClientSettings.cs: Comment code cause compiler warnings.
	* TlsStream.cs: Avoid/reduce memory allocations when reading or 
	writing small integer values to the stream.

2006-09-07  Sebastien Pouliot  <[email protected]>

	* HttpsClientStream.cs: Honor ServicePointManager.SecurityProtocol to
	select between SSL3, TLS1 or, by default, auto. Great for testing :)

2006-06-08  Sebastien Pouliot  <[email protected]>

	* ClientRecordProtocol.cs: Avoid a NRE when the server request a
	re-negotiation of the security parameters. Possible fix for #78597.

2006-04-21  Sebastien Pouliot  <[email protected]>

	* SslCipherSuite.cs: Enable abbreviated handshakes for SSL3 too.

2006-04-12  Sebastien Pouliot  <[email protected]>

	* ClientSessionCache.cs: Deal with empty (null) master secret, that 
	can find their ways into the cache, and treat them as invalid. Fix
	bug #78085.

2006-04-10  Sebastien Pouliot  <[email protected]>

	* ClientSessionCache.cs: The session id can be zero-length (like our 
	own server class).
	* SslServerStream.cs: Adapt code to fixes made in cipher suite and
	message processing changes in client code.

2006-03-16  Sebastien Pouliot  <[email protected]>
 
	* CipherSuiteFactory.cs: Fix bad key exchange values for non-export
	cihpers. Most certificates have "too much" usages by default so this
	was hidden from view.
	* SslStreamBase.cs: Safety net. Throw an exception if we're waiting 
	for more than five (5) minutes for an async read or write to complete.

2006-03-16  Sebastien Pouliot  <[email protected]>

	* ClientSessionCache.cs: New. Handle a client-side session cache to 
	enable the use of abbreviated handshake whenever possible. This will
	reduce the number of negotiation (a very CPU intensive process) done
	with the same host.
	* Context.cs: Add a property for AbbreviatedHandshake.
	* RecordProtocol.cs: Don't send Finished record from ChangeCipherSpec
	as this won't work if the message flow change.
	* SslClientStream.cs: Line endings.
	* SslServerStream.cs: Throw an exception if ReceiveRecord return null
	or an empty buffer (i.e. communication ended with client). Fix #76254.
	* SslStreamBase.cs: Re-add synchronous implementations for Read and 
	Write.
	* TlsCipherSuite.cs: Update the client-side session cache with the 
	mastersecret.
	* TlsStream.cs: Avoid possible buffer underun reading bytes (found by
	Gonzalo).

2006-03-08  Sebastien Pouliot  <[email protected]>
  
       * SslStreamBase.cs: Re-implemented the synchronous versions of Read
       and Write methods so they don't use the async code.

2006-03-07 Gonzalo Paniagua Javier <[email protected]>

	* SslStreamBase.cs: avoid creating the ManualResetEvent whenever
	possible. Don't lock on an instance of an object that the user can get.

2006-03-06 Gonzalo Paniagua Javier <[email protected]>

	* RecordProtocol.cs: avoid creating the ManualResetEvent whenever
	possible. Don't lock on an instance of an object that the user can get.

2006-03-02  Sebastien Pouliot  <[email protected]>

	* RecordProtocol.cs: Fix possible endless loop (#77663). Remove hack
	for an old, fixed, MCS bug (#67711).

2005-10-06  Sebastien Pouliot  <[email protected]>

	* ClientRecordProtocol.cs: Update HandshakeMessages after each 
	message. Fix bug #76258.
	* RecordProtocol.cs: Remove writing into the HandshakeMessages stream
	at this stage. We may need the data before that. Fix bug #76258.
	* ServerRecordProtocol.cs: Update HandshakeMessages after each 
	message. Fix bug #76258.
	* SslServerStream.cs: Changed check for the presence of client 
	certificates during handshake.

2005-09-02  Sebastien Pouliot  <[email protected]>

	* SslStreamBase.cs, ServerRecordProtocol.cs, SslClientStream.cs,
	ClientRecordProtocol.cs, RecordProtocol.cs, SslServerStream.cs:
	Re-written async support for Ssl[Client|Server]Stream from JD Conley
	<[email protected]> with minor changes. Fix bug #75687 (and a 
	lot of other known problems).

2005-07-01  Sebastien Pouliot  <[email protected]>

	* ServerContext.cs: Build the list of trusted certificates from all
	the trusted root for the current user and the local machine.
	* SslServerStream.cs: Add support for client certificate (and the 
	callback for optional mutual authentication with SSL3).

2005-06-22  Sebastien Pouliot  <[email protected]>

	* SslClientStream.cs: Removed failsafe timeout of 5 minutes as some
	protocols can go idle for longer than this.

2005-06-14  Sebastien Pouliot  <[email protected]>

	* SslClientStream.cs: Add support for _optional_ mutual authentication.
	SSL3 and TLS1 deals differently with this. SSL3 tested with OpenSSL,
	TSL1 tested with OpenSSL and LDAPS/AD.

2005-06-06  Sebastien Pouliot  <[email protected]>

	* Alert.cs: Add NoCertificate (41) which _should_ be used in SSL3
	if we don't want to send a certificate when requested by a server
	(e.g. in the case the mutual authentication is optional).
	* CipherSuite.cs: Fixed recursive property. Changed type to short so
	it can hold 256 bits (valid value). Fixed ctor so it doesn't assign
	the it's own value.

2005-05-13  Sebastien Pouliot  <[email protected]>

	* SslClientStream.cs: Forgot to set the event in the previous fix.

2005-05-10 Gonzalo Paniagua Javier <[email protected]>

	* SslClientStream.cs: check for the dispose in NetworkReadCallback.
	Patch by Sebastien "Cryptoman" Pouliot.

2005-04-14 Gonzalo Paniagua Javier <[email protected]>

	* SslClientStream.cs: gotta call EndInvoke, not EndRead.

2005-04-14 Gonzalo Paniagua Javier <[email protected]>

	* SslClientStream.cs: MemoryStream does not implement proper Begin*
	methods, so we need this to prevent infinite recursion if we have a
	callback that calls BeginRead.

2005-04-13  Sebastien Pouliot  <[email protected]>

	* RecordProtocol.cs: Some API changes so a record can be decoded from
	any supplied stream (not just the inner network stream).
	* SslClientStream.cs: BeginRead is now truly async if the Negotiate is
	called from BeginWrite (where it should be in most case).
	* SslServerStream.cs: Adapted to API changes in RecordProtocol.cs.

2005-04-12  Sebastien Pouliot  <[email protected]>

	* SslHandshakeHash.cs: Changed "SslHash" to "MD5SHA1". Fix #71696.

2005-04-10  Sebastien Pouliot  <[email protected]>

	* HttpsClientStream.cs: Added a TrustFailure property so a 
	WebException can now report TrustFailure correctly. Fix bug 74286.

2005-04-07  Sebastien Pouliot  <[email protected]>

	* SslCipherSuite.cs: Fix calculation (sequence number) for the server
	side stream. Patch by Brian Ritchie.

2005-02-04  Sebastien Pouliot  <[email protected]>

	* Reverting last changes in SslClientStream and RecordProtocol. This
	break when sending large files back and forth (echo test).

2005-02-02  Sebastien Pouliot  <[email protected]>

	* SslClientStream.cs: Throw exception when we receive a null record.
	* RecordProtocol.cs: Added code to avoid blocking and endless loops
	if the data is incomplete or missing - even in the case the server
	side doesn't close the connection (see new cutcli tool).

2004-12-15  Sebastien Pouliot  <[email protected]>

	* CipherSuite.cs: Removed unused MD5 and SHA1 instances created in 
	PRF method (fix compilation warnings).

2004-12-13  Sebastien Pouliot  <[email protected]>

	* SslClientStream.cs: New internal property, ServerCertificates, to
	"easily" retreive the server's certificate chain using reflection.

2004-11-23  Sebastien Pouliot  <[email protected]>

	* RecordProtocol.cs: Fixed ClientHelloV2 support.

2004-11-10  Sebastien Pouliot  <[email protected]>

	* CipherSuiteFactory.cs: Activated RSA_WITH_AES_256_CBC_SHA as it is
	supported by some browsers.
	* ContentType.cs: Removed ClientHelloV2 from the enum as it is not a
	"true" content type (it just looks so where we're processing it).
	* Context.cs: Added support to switch protocol (e.g. SSL2->SSL3 or 
	SSL2->TLS1). Contributed by Carlos Guzman Alvarez.
	* RecordProtocol.cs: Added support for ClientHelloV2 message 
	(contributed by Carlos Guzman Alvarez). This is	a Handshake message
	so it must be MACed. Also fixed the challenge length because some
	browsers implementation don't interpret "This value must be 32." as
	having 32 bytes.

2004-10-05  Sebastien Pouliot  <[email protected]>

	* SslClientStream.cs: Changed InputBuffer to internal (was protected).

2004-10-04 Gonzalo Paniagua Javier <[email protected]>

	* HttpsClientStream.cs: the .ctor receives a pre-read buffer now.
	* SslClientStream.cs: added InputBuffer property.

2004-09-23  Sebastien Pouliot  <[email protected]>

	* RecordProtocol.cs: Fix alert data that could leak into appplication 
	data (e.g. when closing the SSL session).

2004-07-14  Carlos Guzman Alvarez  <[email protected]>

	* Removed duplicate license header file from
	all source files.

2004-07-14  Sebastien Pouliot  <[email protected]>

	* SslClientStream.cs: Changed lock to "new object()" and not 
	String.Empty (as the read/write locks points becomes the same).
	* SslServerStream.cs: Changed lock to "new object()" and not 
	String.Empty (as the read/write locks points becomes the same).

2004-07-14 Gonzalo Paniagua Javier <[email protected]>

	* HttpsClientStream.cs: get an HttpWebRequest so that we can use the
	ServicePoint it has. No need to get the host now.

2004-05-09 Carlos Guzman Alvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/Alert.cs:
	* Mono.Security.Protocol.Tls/CipherSuite.cs:
	* Mono.Security.Protocol.Tls/CipherSuiteCollection.cs:
	* Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
	* Mono.Security.Protocol.Tls/Context.cs:
	* Mono.Security.Protocol.Tls/RecordProtocol.cs:
	* Mono.Security.Protocol.Tls/SecurityCompressionType.cs:
	* Mono.Security.Protocol.Tls/ServerRecordProtocol.cs:
	* Mono.Security.Protocol.Tls/SslServerStream.cs:
	* Mono.Security.Protocol.Tls/TlsClientSettings.cs:

		- Changes for fix FxCop Rules.

		- Reworked CipherSuiteCollection class.


2004-04-21 Carlos Guzman Alvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/DebugHelper.cs:

		- New class.

	* Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
	* Mono.Security.Protocol.Tls/RecordProtocol.cs:
	* Mono.Security.Protocol.Tls/Context.cs:
	* Mono.Security.Protocol.Tls/Context.cs:
	* Mono.Security.Protocol.Tls/SslCipherSuite.cs:
	* Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
	* Mono.Security.Protocol.Tls/SslClientStream.cs:

		- Added debug capabilities.

	* Mono.Security.Protocol.Tls/ServerContext.cs:

		- Added initialization of requested CertificateTypes and CA's

2004-04-16 Carlos Guzman Alvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/TlsException.cs:

		- Make it public until npgsql people can fix their sources.

2004-03-19 Carlos Guzman Alvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/TlsServerSettings.cs:

		- Added new CertificateRSA property.

		- Added new UpdateCertfificateRSA method.

	* Mono.Security.Protocol.Tls/CipherSuite.cs:

		- Removed CertificateRSA() method.	

2004-03-19  Sebastien Pouliot  <[email protected]>

	* CipherSuite.cs: Fixed PRF generation when secret is an odd number of 
	bytes (section 5 in RFC2246).
	* CipherSuiteFactory.cs: Added algorithms RSA_EXPORT_WITH_RC4_40_MD5,
	RSA_EXPORT_WITH_RC2_CBC_40_MD5, RSA_EXPORT_WITH_DES40_CBC_SHA,
	RSA_EXPORT_WITH_RC4_56_MD5, RSA_EXPORT_WITH_RC2_CBC_56_MD5,
	RSA_EXPORT_WITH_DES_CBC_56_SHA and RSA_EXPORT_WITH_RC4_56_SHA to both
	SSL3 and TLS1 protocols.
	* SslCipherSuite.cs: Fixed key generation for exportable ciphers.
	* TlsCipherSuite.cs: Fixed key generation for exportable ciphers.

2004-03-16 Carlos Guzman Alvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/SslCipherSuite.cs:

		- Added changes for allow it to work as server or client.

2004-03-15 Carlos Guzman Alvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/TlsStream.cs:
	* Mono.Security.Protocol.Tls/CipherSuite.cs:
	* Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
	* Mono.Security.Protocol.Tls/SslHandshakeHash.cs:
	* Mono.Security.Protocol.Tls/RecordProtocol.cs:

		- Use Buffer.BlockCopy instead of System.Array.Copy

2004-03-10 Carlos Guzman Alvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/Ciphersuite.cs:

		- Added generation of the Server encryption algorithms.

		- Modified encryption/decription methods for work
		as client or server as needed.

	* Mono.Security.Protocol.Tls/RecordProtocol.cs:
	* Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
	* Mono.Security.Protocol.Tls/ServerRecordProtocol.cs:

		- Added new ProcessChangeCipherSpec method.

	* Mono.Security.Protocol.Tls/Context.cs:

		- Added new PrintBuffer method ( for debug ).

	* Mono.Security.Protocol.Tls/SslClientStream.cs:
	* Mono.Security.Protocol.Tls/SslServerStream.cs:

		- Callback cleanup.

2004-03-06 Carlos Guzman Alvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/SslServerStream.cs:

		- Initial implementation of the doHandshake method.

        - Added initial events implementation.

	* Mono.Security.Protocol.Tls/Ciphersuite.cs:
	* Mono.Security.Protocol.Tls/TlsCiphersuite.cs:
	* Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
	* Mono.Security.Protocol.Tls/ServerRecordProtocol.cs:
	* Mono.Security.Protocol.Tls/SslClientStream.cs:
	* Mono.Security.Protocol.Tls/TlsServerSettings.cs:
	* Mono.Security.Protocol.Tls/TlsClientSettings.cs:
	* Mono.Security.Protocol.Tls/ClientContext.cs:

		- Changes for make use of the renamed classes and enums.

	* Mono.Security.Protocol.Tls/TlsContentType.cs:

		- Renamed to ContentType.cs ( Enum and file )
 
	* Mono.Security.Protocol.Tls/TlsCiphersuiteCollection.cs:

		- Renamed to CiphersuiteCollection.cs ( Class and file )

	* Mono.Security.Protocol.Tls/TlsCiphersuiteFactory.cs:

		- Renamed to CiphersuiteCollection.cs ( Class and file )

	* Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs:

		- Renamed to SslHandshakeHash.cs ( Class and file )

	* Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:

		- Renamed to SslCipherSuite.cs ( Class and file )

2004-02-26 Carlos Guzman Alvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/HandshakeState.cs:

		- New file.

	* Mono.Security.Protocol.Tls/SslClientStream.cs:
	* Mono.Security.Protocol.Tls/SslServerStream.cs:
	* Mono.Security.Protocol.Tls/Context.cs:
	* Mono.Security.Protocol.Tls/ClientContext.cs:
	* Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:

		- Added changes for better handling of ClientHelloRequest messages.

2004-02-25  Sebastien Pouliot  <[email protected]>

	* HttpsClientStream.cs: New. Internal glue class between System.dll 
	WebConnection and SslClientStream to reduce reflection.
	* SslClientStream.cs: RaiseServerCertificateValidation is now virtual
	to allow HttpsClientStream to override it.

2004-02-24 Carlos Guzman Alvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/RecordProtocol.cs:
	* Mono.Security.Protocol.Tls/SslClientStream.cs:
	* Mono.Security.Protocol.Tls/SslServerStream.cs:

		- Reimplementation of TLS/SSL Alert Protocol.

2004-02-20 Carlos Guzmán Álvarez  <[email protected]>

	* Mono.Security.Protocol.Tls.Handshake.Client/SslClientCertificate.cs:

        - Improved exception handling.

2004-02-18 Carlos Guzmán Álvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/CipherAlgorithmType.cs:
	* Mono.Security.Protocol.Tls/HashAlgorithmType.cs:
	* Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs:

		- Added Serializable attribute.

	* Mono.Security.Protocol.Tls/CipherSuite.cs:
	* Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
	* Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
	* Mono.Security.Protocol.Tls/TlsContext.cs:

		- Added some optimizations proposed by Sebastien Pouliot.

	* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:

		- Changes on Common Name detection and certificate error handling ( Thanks to Sebastien Pouliot for his feedback ).

2004-02-18  Sebastien Pouliot  <[email protected]>

 	* SslClientStream.cs: Fixed (inverted) condition for ServerCertificate.
	* SecurityProtocolType.cs: Added [Serializable] to enum to match MS 
	implementation.

2004-02-17 Carlos Guzmán Álvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/SslClientStream.cs:

		- Added changes to security properties for check that the handshake is finished.

 	* Mono.Security.Protocol.Tls/SslClientStream.cs:

        - Added changes for bring async methods to work ( Thanks to Sebastien Pouliot )

        - Reworked the record fragmentation.

        - Fix for send the close notify alert in the Close method
        only if the Handshake is fully negotiated.


2004-02-16 Carlos Guzmán Álvarez  <[email protected]>

 	* Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs:

        - Changed ciphersuites order of preference ( Thanks to Sebastien Pouliot for his feedback ).

2004-02-15 Carlos Guzmán Álvarez  <[email protected]>
 
 	* Mono.Security.Protocol.Tls/SslClientStream.cs:
 
 		- Added specific control od available data for Network Streams
 		on Read ( Thanks to Francisco Figueiredo Jr. for his feedback ).
 
 		- Removed test code.

2004-02-14 Carlos Guzmán Álvarez  <[email protected]>

    * Mono.Security.Protocol.Tls/SslClientStream.cs:

        - Removed test code.

2003-11-17 Carlos Guzmán Álvarez  <[email protected]>

	* Mono.Security.Protocol.Tls/SslClientStream.cs:

		Removed ReadByte method, use innerStream.ReadByte() method instead.

2003-11-13 Carlos Guzmán Álvarez  <[email protected]>

	* Added implementation of an SslClientStream class similar to the MS .NET Framework 1.2 documentation.

		The next files are no more needed:

			- TlsSession.cs

			- TlsNetworkStream.cs

			- TlsSocket.cs

			- TlsSessionState.cs

		The next files are renamed:

			- TlsSessionSettings.cs -> TlsClientSettings.cs

			- TlsSessionContext.cs -> TlsContext.cs

		The next files are new:

			- SslClientStream.cs ( the name is non definitive yet )

		The next files where changed to reflect the new canges:

			- TlsHandshakeMessage.cs

			- TlsClientCertificate.cs

			- TlsClientCertificateVerify.cs

			- TlsClientFinished.cs

			- TlsClientHello.cs

			- TlsClientKeyExchange.cs

			- TlsServerCertificate.cs

			- TlsServerCertificateRequest.cs

			- TlsServerFinished.cs

			- TlsServerHello.cs

			- TlsServerHelloDone.cs

			- TlsServerKeyExchange.cs

			- TlsAlert.cs

			- TlsCloseNotifyAlert.cs

		
2003-11-12 Carlos Guzmán Álvarez  <[email protected]>

	* Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:
	
		- Changes for give full error message only in debug mode ( Thanks to Sebastién Pouliot. )
		
	* Mono.Security.Protocol.Tls/TlsProtocol.cs:
	
		- Renamed to SecurityProtocolType.cs ( for match .NET 1.2 )
	
	* Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
	
		- Renamed to MD5SHA1.cs ( Thanks to Sebastién Pouliot. )
		
	* Mono.Security.Cryptography/TlsCompressionMethod.cs:
	
		- Renamed to SecurityCompressionType.
		
	* Mono.Security.Protocol.Tls/CipherAlgorithmType.cs:
	* Mono.Security.Protocol.Tls/HashAlgorithmType.cs:
	* Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs:
	
		- New enumerations that matches .NET 1.2 definitions with some minor differences.
	
	* Mono.Security.Protocol.Tls/CipherSuite.cs:
	* Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
	* Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
	* Mono.Security.Protocol.Tls/TlsSessionContext.cs:
	
		- Added changes for make use of new enumerations.
	
	* Mono.Security.Protocol.Tls/TlsClientStream.cs:
	
		- Added new informative properties that matches .NET 1.2 SslClientStream
		( Not all the properties are implemented yet ).


2003-11-10 Carlos Guzmán Álvarez  <[email protected]>

	* Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:

		- Fixed invalid alert message.

	* Mono.Security.Protocol.Tls/CipherSuite.cs:
	* Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
	* Mono.Security.Cryptography/HMAC.cs:
	* Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:

		- Changed ( Thanks to Sebastién Pouliot for his feedback )

			SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider();
			MD5CryptoServiceProvider sha = new MD5CryptoServiceProvider();

			to

			HashAlgorithm sha = SHA1.Create();
			HashAlgorithm md5 = MD5.Create(); 

2003-11-04 Carlos Guzmán Álvarez <[email protected]>

	* Mono.Security.Protocol.Tls/CipherSuite.cs:

		- Added custom padding for record encryption.


2003-11-03 Carlos Guzmán Álvarez <[email protected]>

	* Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessages.cs:
	
		- Removed file.

	* Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs:
	
		- New class for handshake hashes calculation on SSL3 protocol.

	* Mono.Security.Protocol.Tls/TlsSessionContext.cs:
	
		- Fixed mac keys clearing for SSL3 protocol.

	* Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
	
		- Added changes for make use of new TlsSslHandshakeHash class.
	
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
	
		- Added initial implementation for SSL3 protocol.
	
	* Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
	
		- New class for md5-sha hash calculation.
							
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs:
	
		- Make use of new MD5SHA1CryptoServiceProvider class.
		
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
	
		- Added initial implementation (not finished).
			
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
	
		- Minor change to message processing.

		- Changed verify method name to verifySignature.
			
	* Mono.Security.Protocol.Tls/TlsSessionContext.cs:
	
		- Changed handshakeHashes member to be an TlsStream.

2003-10-28 Carlos Guzmán Álvarez <[email protected]>

	* Mono.Security.Protocol.Tls/CipherSuite.cs:
	* Mono.Security.Protocol.Tls/TlsSessionSettings.cs:
	* Mono.Security.Protocol.Tls/TlsServerSettings.cs:
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs:
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
	* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:

		- Added changes for make use of X509 classes from mono.

2003-10-23 Carlos Guzmán Álvarez <[email protected]>

	* Added partial implementation of SSL3 protocol ( not finished yet ).

	* TlsAbstractCipherSuite.cs: Renamed to CipherSuite.cs.

	* Removed AssemblyInfo.cs file.

2003-10-21 Carlos Guzmán Álvarez <[email protected]>

	TlsCipherSuiteFactory.cs: Changed names of private methods.

	TlsSslCipherSuite.cs: Replaced implementations of key generation methods with a throw new NotSupportedException().


2003-10-20  Carlos Guzmán Álvarez  <[email protected]>

	TlsCupherSuite.cs: Fixed padding length calculation on record encryption.
	
	TlsSessionContext.cs: 	Added new CompressionMethod property.
					Added new MAX_FRAGMENT_SIZE constant.

	TlsSession.cs: Removed MaxFragmentSize property.

	TlsSocket.cs: Replaced use of TlsSesison.MaxFragmentSize by TlsSessionContext.MAX_FAGMENT_SIZE
	
	TlsSessionSettings.cs: Added new CompressionMethod property.

	* Abstracted CipherSuite classes for allow work with other protocol versions.

	* Added new files :

		TlsAbstractCipherSuite.cs 
			
		TlsSslCipherSuite.cs

		TlsCipherSuiteFactory.cs

		TlsCompressionMethod.cs

	* Added new cipher suites definitions based on RFC3268 - (http://www.ietf.org/rfc/rfc3268.txt)

	* Added two new supported ciphersuites for TLS protocol:

		TLS_RSA_WITH_AES_256_CBC_SHA

		TLS_RSA_WITH_AES_128_CBC_SHA

	* Moved key generation stuff to specific cipher suite classes.

2003-10-20  Pedro Martínez Juliá  <[email protected]>

	* AssemblyInfo.cs: commented out KeyFile reference.

	* TlsSession.cs: changed Math.Pow for System.Math.Pow because of MCS
	bug with namespace resolving.