| 
							
							
								 Paul Bakker | beccd9f226 | Explicit void pointer cast for buggy MS compiler | 2013-10-11 15:20:27 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 1677033bc8 | TLS compression only allocates working buffer once | 2013-10-11 09:59:44 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | ca9c87ed2b | Removed possible cache-timing difference for pad check | 2013-09-25 18:52:37 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 8372454615 | Rework SNI to fix memory issues | 2013-09-24 22:30:56 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 705fcca409 | Adapt support for SNI to recent changes | 2013-09-24 21:25:54 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | d09453c88c | Check our ECDSA cert(s) against supported curves | 2013-09-24 21:25:53 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | f71e587c5e | Fix memory leak in ssl cipher usage | 2013-09-24 21:25:53 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 3ebb2cdb52 | Add support for multiple server certificates | 2013-09-24 21:25:53 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 834ea8587f | Change internal structs for multi-cert support | 2013-09-24 21:25:53 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 1a483833b3 | SSL_TLS doesn't depend on PK any more (But PK does depend on RSA or ECP.) | 2013-09-20 12:29:15 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 5ad403f5b5 | Prepared for 1.3.0 RC0 | 2013-09-18 21:21:30 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 6db455e6e3 | PSK callback added to SSL server | 2013-09-18 21:14:58 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | a310459f5c | Fix a few things that broke with RSA compiled out | 2013-09-18 15:37:44 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | b6b0956631 | Rm of memset instead of x509_crt_init() | 2013-09-18 14:32:52 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | c559c7a680 | Renamed x509_cert structure to x509_crt for consistency | 2013-09-18 14:32:52 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | ddf26b4e38 | Renamed x509parse_* functions to new form e.g. x509parse_crtfile -> x509_crt_parse_file | 2013-09-18 13:46:23 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 7c6b2c320e | Split up X509 files into smaller modules | 2013-09-16 21:41:54 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 2292d1fad0 | Fixed warnings in case POLARSSL_X509_PARSE_C is not defined | 2013-09-15 17:06:49 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | f7dc378ead | Make CBC an option, step 1: ssl ciphersuites | 2013-09-13 15:37:03 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | bfb355c33b | Fix memory leak on missed session reuse | 2013-09-08 20:08:36 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | d13a4099dd | GCM ciphersuites using only cipher layer | 2013-09-05 17:06:10 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | b8bd593741 | Restrict cipher_update() for GCM | 2013-09-05 17:06:10 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 226d5da1fc | GCM ciphersuites partially using cipher layer | 2013-09-05 17:06:10 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 45125bc160 | Changes to handle merged enhancements | 2013-09-04 16:48:22 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | ea6ad3f6e5 | ARC4 ciphersuites using only cipher layer | 2013-09-02 14:57:01 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | cca5b81d18 | All CBC ciphersuites via the cipher layer | 2013-08-31 17:40:26 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | da02a7f45e | AES_CBC ciphersuites now run purely via cipher layer | 2013-08-31 17:25:14 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | c852a68b96 | More robust selection of ctx_enc size | 2013-08-28 13:13:30 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 577e006c2f | Merged ECDSA-based key-exchange and ciphersuites into development Conflicts:
	include/polarssl/config.h
	library/ssl_cli.c
	library/ssl_srv.c
	library/ssl_tls.c | 2013-08-28 11:58:40 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 2fb15f694c | Un-rename ssl_set_own_cert_alt() | 2013-08-27 22:21:21 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | a20c58c6f1 | Use convert functions for SSL_SIG_* and SSL_HASH_* | 2013-08-27 22:21:20 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 0d42049440 | Merge code for RSA and ECDSA in SSL | 2013-08-27 22:21:20 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 070cc7fd21 | Use the new PK RSA-alt interface | 2013-08-27 22:21:20 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 8df2769178 | Introduce pk_sign() and use it in ssl | 2013-08-27 22:21:20 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | ac75523593 | Adapt ssl_set_own_cert() to generic keys | 2013-08-27 22:21:20 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 0be444a8b1 | Ability to disable server_name extension (RFC 6066) | 2013-08-27 21:55:01 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | d2f068e071 | Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 individually | 2013-08-27 21:19:20 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | fb08fd2e23 | Entropy collector and CTR-DRBG now also work on SHA-256 if SHA-512 not available | 2013-08-27 15:06:54 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 38d1eba3b5 | Move verify_result from ssl_context to session | 2013-08-26 14:26:02 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 75c1a6f97c | Fixed potential heap buffer overflow on large hostname setting | 2013-08-19 14:25:29 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 5fd4917d97 | Add missing ifdefs in ssl modules | 2013-08-19 13:30:28 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 1f2bc6238b | Made support for the truncated_hmac extension configurable | 2013-08-15 13:45:55 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 05decb24c3 | Made support for the max_fragment_length extension configurable | 2013-08-15 13:33:48 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 606b4ba20f | Session ticket expiration checked on server | 2013-08-15 11:42:48 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | a503a63b85 | Made session tickets support configurable from config.h | 2013-08-14 14:26:03 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 56dc9e8bba | Authenticate session tickets. | 2013-08-14 14:08:07 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 990c51a557 | Encrypt session tickets | 2013-08-14 14:08:07 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 779e42982c | Start adding ticket keys (only key_name for now) | 2013-08-14 14:08:06 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | aa0d4d1aff | Add ssl_set_session_tickets() | 2013-08-14 14:08:06 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 06650f6a37 | Fix reusing session more than once | 2013-08-14 14:08:06 +02:00 |  |