mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	b35fe5638a	Fix HelloVerifyRequest version handling	2014-10-21 16:30:20 +02:00
Manuel Pégourié-Gonnard	7d38d215b1	Allow disabling HelloVerifyRequest	2014-10-21 16:30:18 +02:00
Manuel Pégourié-Gonnard	232edd46be	Move cookie callbacks implementation to own module	2014-10-21 16:30:17 +02:00
Manuel Pégourié-Gonnard	d485d194f9	Move to a callback interface for DTLS cookies	2014-10-21 16:30:17 +02:00
Manuel Pégourié-Gonnard	d7f9bc5091	Refactor cookie to prepare for external callbacks Also adds flexibility to the verification process.	2014-10-21 16:30:16 +02:00
Manuel Pégourié-Gonnard	82202f0a9c	Make DTLS_HELLO_VERIFY a compile option	2014-10-21 16:30:16 +02:00
Manuel Pégourié-Gonnard	98545f128a	Generate random key for HelloVerifyRequest	2014-10-21 16:30:16 +02:00
Manuel Pégourié-Gonnard	dd3cdb0fbc	Start using client IP in HelloVerifyRequest Dummy fixed key for now.	2014-10-21 16:30:15 +02:00
Manuel Pégourié-Gonnard	43c021874d	Add ssl_set_client_transport_id()	2014-10-21 16:30:15 +02:00
Manuel Pégourié-Gonnard	2c9ee81f6e	Start adding srv support for hello verify request Dummy fixed content for now. Also, seems to be a race condition in the way the socket is closed and reopened, leading to a few "random" failures in compat.sh. A fix is planned for later.	2014-10-21 16:30:13 +02:00
Manuel Pégourié-Gonnard	a0e1632b79	Do not use compression with DTLS	2014-10-21 16:30:13 +02:00
Manuel Pégourié-Gonnard	5d53cbef3a	Fix length check in ssl_write_ticket()	2014-10-21 16:30:13 +02:00
Manuel Pégourié-Gonnard	b2f3be8757	Support multiple records in one datagram	2014-10-21 16:30:10 +02:00
Manuel Pégourié-Gonnard	d6b721c7ee	More ssl_parse_client_hello() adjustments	2014-10-21 16:30:08 +02:00
Manuel Pégourié-Gonnard	4128aa71ee	Add the 'cookie' field of DTLS ClientHello	2014-10-21 16:30:08 +02:00
Manuel Pégourié-Gonnard	8933a65d5c	Rework ssl_parse_client_hello() a bit - make it more linear - check lengths better - prepare for optional "cookie" field	2014-10-21 16:30:08 +02:00
Manuel Pégourié-Gonnard	e89bcf05da	Write new DTLS handshake fields correctly	2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard	ce441b3442	Add space for new DTLS fields in handshake	2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard	0619348288	Add explicit counter in DTLS record header	2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard	507e1e410a	Prep: allow {in,out}_len != {in,out}_hdr + 3	2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard	abc7e3b4ba	Handle DTLS version encoding and fix some checks	2014-10-21 16:30:05 +02:00
Manuel Pégourié-Gonnard	d66645130c	Add a ciphersuite NODTLS flag	2014-10-21 16:30:03 +02:00
Manuel Pégourié-Gonnard	43c3b28ca6	Fix memory leak with crafted ClientHello	2014-10-17 12:42:11 +02:00
Manuel Pégourié-Gonnard	480905d563	Fix selection of hash from sig_alg ClientHello ext.	2014-08-30 14:19:59 +02:00
Paul Bakker	84bbeb58df	Adapt cipher and MD layer with _init() and _free()	2014-07-09 10:19:24 +02:00
Paul Bakker	accaffe2c3	Restructure ssl_handshake_init() and small fixes	2014-07-09 10:19:24 +02:00
Paul Bakker	5b4af39a36	Add _init() and _free() for hash modules	2014-07-09 10:19:23 +02:00
Manuel Pégourié-Gonnard	d27680bd5e	Clarify code using PSK callback	2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard	14beb08542	Fix missing const	2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard	08e81e0c8f	Change selection of hash algorithm for TLS 1.2	2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard	dd0c0f33c0	Better usage of dhm_calc_secret in SSL	2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard	4d2a8eb6ff	SSL modules now using x509_crt_parse_der() Avoid uselessly trying to decode PEM.	2014-06-23 11:54:57 +02:00
Paul Bakker	66d5d076f7	Fix formatting in various code to match spacing from coding style	2014-06-17 17:06:47 +02:00
Paul Bakker	db20c10423	Add #endif comments for #endif more than 10 lines from #if / #else	2014-06-17 14:34:44 +02:00
Paul Bakker	3461772559	Introduce polarssl_zeroize() instead of memset() for zeroization	2014-06-14 16:46:03 +02:00
Paul Bakker	14877e6250	Remove unused 'ret' variable	2014-06-12 23:01:18 +02:00
Paul Bakker	14b16c62e9	Minor optimizations (original by Peter Vaskovic, modified by Paul Bakker) Move strlen out of for loop. Remove redundant null checks before free.	2014-05-28 11:34:33 +02:00
Paul Bakker	0f651c7422	Stricter check on SSL ClientHello internal sizes compared to actual packet size	2014-05-22 15:12:19 +02:00
Manuel Pégourié-Gonnard	61edffef28	Normalize "should never happen" messages/errors	2014-05-22 13:52:47 +02:00
Paul Bakker	b9e4e2c97a	Fix formatting: fix some 'easy' > 80 length lines	2014-05-01 14:18:25 +02:00
Paul Bakker	9af723cee7	Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)	2014-05-01 13:03:14 +02:00
Manuel Pégourié-Gonnard	cef4ad2509	Adapt sources to configurable config.h name	2014-04-30 16:40:20 +02:00
Paul Bakker	a70366317d	Improve interop by not writing ext_len in ClientHello / ServerHello when 0 The RFC also indicates that without any extensions, we should write a struct {} (empty) not an array of length zero.	2014-04-30 10:16:16 +02:00
Paul Bakker	c70e425a73	Only iterate over actual certificates in ssl_write_certificate_request()	2014-04-18 13:50:19 +02:00
Paul Bakker	4f42c11846	Remove arbitrary maximum length for cipher_list and content length	2014-04-17 15:37:39 +02:00
Paul Bakker	d893aef867	Force default value to curve parameter	2014-04-17 14:45:34 +02:00
Manuel Pégourié-Gonnard	7f2a07d7b2	Check keyUsage in SSL client and server	2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard	f6521de17b	Add ALPN tests to ssl-opt.sh Only self-op for now, required peer versions are a bit high: - OpenSSL 1.0.2-beta - GnuTLS 3.2.0 (released 2013-05-10) (gnutls-cli only)	2014-04-07 12:42:04 +02:00
Manuel Pégourié-Gonnard	89e35798ae	Implement ALPN server-side	2014-04-07 12:26:35 +02:00
Manuel Pégourié-Gonnard	969ccc6289	Fix length checking of various ClientKeyExchange's	2014-03-27 21:10:56 +01:00

... 6 7 8 9 10 ...

586 Commits