| 
							
							
								 Manuel Pégourié-Gonnard | 5afb167e2c | Implement DTLS epochs | 2014-10-21 16:30:06 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 0619348288 | Add explicit counter in DTLS record header | 2014-10-21 16:30:06 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 507e1e410a | Prep: allow {in,out}_len != {in,out}_hdr + 3 | 2014-10-21 16:30:06 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 7ee6f0e6e5 | Preparation: allow {in,out}_ctr != {in,out}_buf | 2014-10-21 16:30:05 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | abc7e3b4ba | Handle DTLS version encoding and fix some checks | 2014-10-21 16:30:05 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 864a81fdc0 | More ssl_set_XXX() functions can return BAD_INPUT | 2014-10-21 16:30:04 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | b21ca2a69f | Adapt version-handling functions to DTLS | 2014-10-21 16:30:04 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 0b1ff29328 | Add basic flags for DTLS | 2014-10-21 16:30:03 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 82788fb63b | Fix minor style issues | 2014-10-20 13:59:19 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | a13500fdf7 | Fix bug with ssl_close_notify and non-blocking I/O | 2014-08-19 16:14:04 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | f07f421759 | Fix server-initiated renego with non-blocking I/O | 2014-08-19 13:32:15 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 6591962f06 | Allow delay on renego on client Currently unbounded: will be fixed later | 2014-08-19 12:50:30 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | f26a1e8602 | ssl_read() stops returning non-application data | 2014-08-19 12:28:50 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 55e4ff2ace | Tune comments | 2014-08-19 11:52:33 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 8d4ad07706 | SHA-2 ciphersuites now require TLS 1.x | 2014-08-14 11:34:34 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 968afaa06f | ssl_key_cert not available in all configurations | 2014-07-09 11:34:48 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 84bbeb58df | Adapt cipher and MD layer with _init() and _free() | 2014-07-09 10:19:24 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | accaffe2c3 | Restructure ssl_handshake_init() and small fixes | 2014-07-09 10:19:24 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 8f870b047c | Add dhm_init() | 2014-07-09 10:19:23 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 5b4af39a36 | Add _init() and _free() for hash modules | 2014-07-09 10:19:23 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | c7ea99af4f | Add _init() and _free() for cipher modules | 2014-07-09 10:19:22 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 8fb99abaac | Merge changes for leaner memory footprint | 2014-07-04 15:02:19 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 481fcfde93 | Make PSK_LEN configurable and adjust PMS size | 2014-07-04 14:59:08 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | a9964dbcd5 | Add ssl_set_renegotiation_enforced() | 2014-07-04 14:16:07 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | dd0c0f33c0 | Better usage of dhm_calc_secret in SSL | 2014-06-25 11:26:14 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 8df68632e8 | Fix bug in DHE-PSK PMS computation | 2014-06-25 11:26:14 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 03576887c2 | Remove misplaced debugging message | 2014-06-25 11:26:13 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | eaa76f7e20 | Fix computation of minlen for encrypted packets | 2014-06-25 11:26:12 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | e800cd81d7 | Re-arrange some code in ssl_derive_keys() | 2014-06-25 11:26:11 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 0bcc4e1df7 | Fix length checking for AEAD ciphersuites | 2014-06-25 11:26:10 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 4d2a8eb6ff | SSL modules now using x509_crt_parse_der() Avoid uselessly trying to decode PEM. | 2014-06-23 11:54:57 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 66d5d076f7 | Fix formatting in various code to match spacing from coding style | 2014-06-17 17:06:47 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | d8bb82665e | Fix code styling for return statements | 2014-06-17 14:06:49 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 3461772559 | Introduce polarssl_zeroize() instead of memset() for zeroization | 2014-06-14 16:46:03 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 7792198a46 | Normalize some error messages | 2014-06-12 21:15:44 +02:00 |  | 
			
				
					| 
							
							
								 Peter Vaskovic | c2bbac968b | Fix misplaced parenthesis. | 2014-05-28 11:06:31 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | b5212b436f | Merge CCM cipher mode and ciphersuites Conflicts:
	library/ssl_tls.c | 2014-05-22 15:30:31 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 8ff17c544c | Add missing DEBUG_RET on cipher failures | 2014-05-22 13:52:48 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 61edffef28 | Normalize "should never happen" messages/errors | 2014-05-22 13:52:47 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 2e5ee32033 | Implement CCM and CCM_8 ciphersuites | 2014-05-20 16:29:34 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 5efd772ef0 | Small readability improvement | 2014-05-14 14:10:37 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | de7bb44004 | Use cipher_auth_{en,de}crypt() in ssl_tls.c | 2014-05-14 14:10:36 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 8764d271fa | Use cipher_crypt() in ssl_tls.c | 2014-05-14 14:10:36 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | b9e4e2c97a | Fix formatting: fix some 'easy' > 80 length lines | 2014-05-01 14:18:25 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 9af723cee7 | Fix formatting: remove trailing spaces, #endif with comments (> 10 lines) | 2014-05-01 13:03:14 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 2a024ac86a | Merge dependency fixes | 2014-04-30 16:50:59 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | cef4ad2509 | Adapt sources to configurable config.h name | 2014-04-30 16:40:20 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 1a1fbba1ae | Sanity length checks in ssl_read_record() and ssl_fetch_input() Both are already covered in other places, but not in a clear fashion. So
for instance Coverity thinks the value is still tainted. | 2014-04-30 14:48:51 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 3a306b9067 | Fix misplaced #endif in ssl_tls.c | 2014-04-29 15:11:17 +02:00 |  | 
			
				
					| 
							
							
								 Paul Bakker | 61885c7f7f | Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites In case full SSL frames arrived, they were rejected because an overly
strict padding check. | 2014-04-25 12:59:51 +02:00 |  |