fe44643b0e
Rename website and repository
2015-03-06 13:17:10 +00:00
b199095ec9
Finish fixing memleak in ssl_server2 arg parsing
...
Fixes omission in 5c078e1
2015-02-18 09:32:06 +00:00
5c078e17b9
Fix memory leak on bad arguments in ssl_server2
...
Not a big deal, but was annoying in coverity results.
2015-02-16 09:13:40 +00:00
013bffe5a7
Style: add spaces before line continuation
2015-02-13 14:09:44 +00:00
85b05ec389
Cleanup programs further
...
removed casting of main args to void
2015-02-13 13:50:05 +00:00
18b78c7498
cleanup programs
...
Clean up the contents of programs, add more guards to includes, move all
defines to the top of the top of files, remove some unused includes
2015-02-13 13:50:05 +00:00
7e81e7003f
Fix left out printf's
2015-01-29 11:47:41 +00:00
860b51642d
Fix url again
2015-01-28 17:12:07 +00:00
f90016aade
Use platform layer in programs for consistency.
2015-01-28 15:28:28 +01:00
d43ccb66fb
Quit using deprecated header.
2015-01-23 17:38:09 +00:00
085ab040aa
Fix website url to use https.
2015-01-23 11:06:27 +00:00
9698f5852c
Remove maintainer line.
2015-01-23 10:59:00 +00:00
19f6b5dfaa
Remove redundant "all rights reserved"
2015-01-23 10:54:00 +00:00
a658a4051b
Update copyright
2015-01-23 09:55:24 +00:00
9169921271
Rename to mbed TLS in examples
2015-01-22 16:26:39 +00:00
967a2a5f8c
Change name to mbed TLS in the copyright notice
2015-01-22 14:28:16 +00:00
34377b1e1c
Fix send_close_notify usage.
2015-01-22 10:46:46 +00:00
6a0017b7c0
Rename variable for clarity
2015-01-22 10:33:29 +00:00
5b8f7eaa3e
Merge new security defaults for programs (RC4 disabled, SSL3 disabled)
2015-01-14 16:26:54 +01:00
c82b7e2003
Merge option to disable truncated hmac on the server-side
2015-01-14 16:16:55 +01:00
a92ed4845c
Fix stupid error in previous commit
...
Since ret is no longer update by close_notify(), we need to reset it to 0
after a successful write.
2015-01-14 10:46:53 +01:00
687f89beab
Don't check errors on ssl_close_notify()
...
Depending on timing we might get different errors (conn_reset, write failed)
and ignoring them all ends up being almost the same as just not checking
errors.
2015-01-13 21:48:12 +01:00
b2eaac154b
Stop assuming chars are signed
2015-01-13 17:15:31 +01:00
f6080b8557
Merge support for enabling / disabling renegotiation support at compile-time
2015-01-13 16:18:23 +01:00
d7e2483bfc
Merge miscellaneous fixes into development
2015-01-13 16:04:38 +01:00
bd47a58221
Add ssl_set_arc4_support()
...
Rationale: if people want to disable RC4 but otherwise keep the default suite
list, it was cumbersome. Also, since it uses a global array,
ssl_list_ciphersuite() is not a convenient place. So the SSL modules look like
the best place, even if it means temporarily adding one SSL setting.
2015-01-13 13:03:06 +01:00
448ea506bf
Set min version to TLS 1.0 in programs
2015-01-12 12:32:04 +01:00
e117a8fc0d
Make truncated hmac a runtime option server-side
...
Reading the documentation of ssl_set_truncated_hmac() may give the impression
I changed the default for clients but I didn't, the old documentation was
wrong.
2015-01-09 12:52:20 +01:00
590f416142
Add tests for periodic renegotiation
2014-12-02 10:40:55 +01:00
615e677c0b
Make renegotiation a compile-time option
2014-12-02 10:40:54 +01:00
85d915b81d
Add tests for renego security enforcement
2014-12-02 10:40:54 +01:00
f29e5de09d
Cosmetics in ssl_server2
2014-11-27 17:44:46 +01:00
3a3066c3ee
ssl_server2 now exits on signal during a read too
2014-11-17 12:50:34 +01:00
403a86f73d
ssl_server2: exit cleanly on SIGINT too
2014-11-17 12:46:49 +01:00
699cafaea2
Implement initial negotiation of EtM
...
Not implemented yet:
- actually using EtM
- conditions on renegotiation
2014-11-05 16:00:50 +01:00
367381fddd
Add negotiation of Extended Master Secret
...
(But not the actual thing yet.)
2014-11-05 16:00:49 +01:00
a8c0a0dbd0
Add "exchanges" option to test server and client
...
Goal is to test renegotiation better: we need more than one exchange for
server-initiated renego to work reliably (the previous hack for this wouldn't
work with non-blocking I/O and probably not with DTLS either).
Also check message termination in a semi-realistic way.
2014-08-19 13:26:05 +02:00
296e3b1174
Request renego before write in ssl_server2
...
Will be useful for:
- detecting termination of messages by other means than connection close
- DTLS (can be seen as a special case of the above: datagram-oriented)
2014-08-19 12:59:03 +02:00
e08660e612
Fix ssl_read() and close_notify error handling in programs
2014-08-19 10:34:37 +02:00
67686c42e6
Fix undocumented option in ssl_server2
2014-08-19 10:34:37 +02:00
250b1ca6f3
Fix ssl_server2 exiting on recoverable errors
2014-08-19 10:34:37 +02:00
bc3e54c70d
Fix overly rigorous defines in ssl_server2.c
2014-08-18 14:36:17 +02:00
c1283d3f4c
Only use signal() in ssl_server2 on non-Windows platforms
2014-08-18 11:05:51 +02:00
dcab293bd4
Get rid of SERVERQUIT code in ssl_{client,server}2
2014-08-14 18:33:00 +02:00
db49330e08
ssl_server2 aborts cleanly on SIGTERM
...
(while waiting for a new connection)
2014-08-14 18:33:00 +02:00
a317a98221
Adapt programs / test suites
2014-07-09 10:19:24 +02:00
c5fd391e04
Check return value of ssl_set_xxx() in programs
2014-07-08 14:20:26 +02:00
8fb99abaac
Merge changes for leaner memory footprint
2014-07-04 15:02:19 +02:00
481fcfde93
Make PSK_LEN configurable and adjust PMS size
2014-07-04 14:59:08 +02:00
fae355e8ee
Add tests for ssl_set_renegotiation_enforced()
2014-07-04 14:32:27 +02:00
