1028b74cff
Upgrade default DHM params size
2015-05-11 12:33:27 +02:00
8836994f6b
Move WANT_READ/WANT_WRITE codes to SSL
2015-05-11 12:33:26 +02:00
1b511f93c6
Rename ssl_set_bio_timeout() to set_bio()
...
Initially thought it was best to keep the old function around and add a new
one, but this so many ssl_set_xxx() functions are changing anyway...
2015-05-11 12:33:26 +02:00
97fd52c529
Split ssl_set_read_timeout() out of bio_timeout()
2015-05-11 12:33:26 +02:00
cc3195e81f
Fix misplaced #ifdef
2015-05-11 12:33:26 +02:00
8620f73cdc
Documentation tune-ups
2015-05-11 12:33:26 +02:00
bc2b771af4
Move ssl_set_ca_chain() to work on config
2015-05-11 12:33:26 +02:00
d0fa5ccbb0
Typos and doc additions
2015-05-11 10:44:11 +01:00
ba26c24769
Change how hostname is stored internally
2015-05-07 10:19:14 +01:00
2b49445876
Move session ticket keys to conf
...
This is temporary, they will soon be replaced by callbacks.
!!! In this intermediate step security is removed !!!
2015-05-07 10:19:13 +01:00
e51bba05cf
Make mfl_code a bitfield member
2015-05-07 10:19:13 +01:00
684b0592cb
Move ssl_set_fallback() to work on conf
...
Initially thought it would be per-connection, but since max_version is in conf
too, and you need to lower that for a fallback connection, the fallback flag
should be in the same place
2015-05-07 10:19:13 +01:00
6bf89d6ad9
Move ssl_set_max_fragment_len to work on conf
2015-05-07 10:19:13 +01:00
17eab2b65c
Move set_cbc_record_splitting() to conf
2015-05-07 10:19:13 +01:00
d36e33fc07
Move easy ssl_set_xxx() functions to work on conf
...
mbedtls_ssl_set_alpn_protocols
mbedtls_ssl_set_arc4_support
mbedtls_ssl_set_authmode
mbedtls_ssl_set_ciphersuites
mbedtls_ssl_set_ciphersuites_for_version
mbedtls_ssl_set_curves
mbedtls_ssl_set_dbg
mbedtls_ssl_set_dh_param
mbedtls_ssl_set_dh_param_ctx
mbedtls_ssl_set_dtls_anti_replay
mbedtls_ssl_set_dtls_badmac_limit
mbedtls_ssl_set_dtls_cookies
mbedtls_ssl_set_encrypt_then_mac
mbedtls_ssl_set_endpoint
mbedtls_ssl_set_extended_master_secret
mbedtls_ssl_set_handshake_timeout
mbedtls_ssl_legacy_renegotiation
mbedtls_ssl_set_max_version
mbedtls_ssl_set_min_version
mbedtls_ssl_set_psk_cb
mbedtls_ssl_set_renegotiation
mbedtls_ssl_set_renegotiation_enforced
mbedtls_ssl_set_renegotiation_period
mbedtls_ssl_set_session_cache
mbedtls_ssl_set_session_ticket_lifetime
mbedtls_ssl_set_sni
mbedtls_ssl_set_transport
mbedtls_ssl_set_truncated_hmac
mbedtls_ssl_set_verify
2015-05-07 10:19:13 +01:00
419d5ae419
Make endpoint+transport args of config_defaults()
2015-05-07 10:19:13 +01:00
def0bbe3ab
Allocate ssl_config out of ssl_setup()
2015-05-07 10:19:13 +01:00
cd523e2a5e
Introduce mbedtls_ssl_config_{init,defaults,free}()
2015-05-07 10:19:13 +01:00
d5a9e41296
Adapt test_suite_debug to recent changes
2015-05-07 10:19:13 +01:00
7ca4e4dc79
Move things to conf substructure
...
A simple series of sed invocations.
This is the first step, purely internal changes. The conf substructure is not
ready to be shared between contexts yet.
2015-05-07 10:19:13 +01:00
6df3196e7c
Fix typo in test name
2015-05-07 10:19:13 +01:00
fa6473d79b
Create structure ssl_config
2015-05-07 10:19:13 +01:00
ee6139caea
Fix doc issue in ssl_server2
2015-05-07 10:18:26 +01:00
5a74e8bf19
Make struct cipher_base_t opaque
2015-05-06 17:10:55 +01:00
3a3ae3d47e
Update changelog
2015-05-06 17:08:54 +01:00
9f145de4dc
Fix merge issue from 1.3 branch
2015-05-04 15:03:50 +02:00
e36d56419e
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
fix bug in ssl_mail_client
Adapt compat.sh to GnuTLS 3.4
Fix undefined behaviour in x509
Conflicts:
programs/ssl/ssl_mail_client.c
tests/compat.sh
2015-04-30 13:52:25 +02:00
fa950c9480
fix bug in ssl_mail_client
2015-04-30 12:50:22 +02:00
f52248a959
Adapt compat.sh to GnuTLS 3.4
2015-04-30 12:15:16 +02:00
159c524df8
Fix undefined behaviour in x509
2015-04-30 11:21:18 +02:00
da61ed3346
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Include changes from the 1.2 branch
Remove unused headers in o_p_test
Add countermeasure against cache-based lucky 13
Make results of (ext)KeyUsage accessible
Fix missing NULL check in MPI
Fix detection of getrandom()
Fix "make install" handling of symlinks
Fix bugs in programs displaying verify flags
Conflicts:
Makefile
include/polarssl/ssl.h
library/entropy_poll.c
library/ssl_srv.c
library/ssl_tls.c
programs/test/o_p_test.c
programs/test/ssl_cert_test.c
programs/x509/cert_app.c
2015-04-30 10:38:44 +02:00
7b12492c77
Include changes from the 1.2 branch
2015-04-30 10:16:19 +02:00
ac90673345
Remove unused headers in o_p_test
2015-04-30 10:09:50 +02:00
7d1e95c991
Add countermeasure against cache-based lucky 13
2015-04-29 17:07:31 +02:00
e16b62c3a9
Make results of (ext)KeyUsage accessible
2015-04-29 17:07:31 +02:00
770b5e1e9e
Fix missing NULL check in MPI
2015-04-29 17:02:01 +02:00
d97828e7af
Fix detection of getrandom()
2015-04-29 14:28:48 +02:00
f5203e0bb5
Fix "make install" handling of symlinks
2015-04-29 14:28:48 +02:00
637376c2fe
Fix bugs in programs displaying verify flags
2015-04-29 14:28:48 +02:00
8a81e84638
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Add countermeasure against cache-based lucky 13
Conflicts:
library/ssl_tls.c
2015-04-29 02:13:42 +02:00
1e2eae02cb
Adapt pthread implementation to recent changes
2015-04-29 02:08:34 +02:00
eab147c4d0
Rename pkcs11_xxx_init() to bind()
2015-04-29 02:08:34 +02:00
69a69cc5ae
memory_buffer_alloc_init() now returns void
2015-04-29 02:08:34 +02:00
41d479e7df
Split ssl_init() -> ssl_setup()
2015-04-29 02:08:34 +02:00
ec160c0f53
Update ctr_drbg_init() usage in programs
2015-04-29 02:08:34 +02:00
47fede0d6d
Add countermeasure against cache-based lucky 13
2015-04-29 01:35:48 +02:00
8d128efd48
Split mbedtls_ctr_drbg_init() -> seed()
2015-04-28 22:38:08 +02:00
f9e9481bc5
Split mbedtls_hmac_drbg_init() -> seed{,_buf}()
2015-04-28 22:07:14 +02:00
c34e8dd265
Split mbedtls_gcm_init() -> gcm_setkey()
2015-04-28 21:42:17 +02:00
6963ff0969
Split mbedtls_ccm_init() -> setkey()
2015-04-28 18:02:54 +02:00
