1af6c8500b
Add ssl_set_hs_own_cert()
2015-05-11 14:35:41 +02:00
120fdbdb3d
Change ssl_set_psk() to act on ssl_config
2015-05-11 14:35:41 +02:00
4b68296626
Use a specific function in the PSK callback
2015-05-11 14:35:41 +02:00
750e4d7769
Move ssl_set_rng() to act on config
2015-05-11 12:33:27 +02:00
5cb3308e5f
Merge contexts for session cache
2015-05-11 12:33:27 +02:00
ae31914990
Rename ssl_legacy_renegotiation() to ssl_set_...
2015-05-11 12:33:27 +02:00
1028b74cff
Upgrade default DHM params size
2015-05-11 12:33:27 +02:00
8836994f6b
Move WANT_READ/WANT_WRITE codes to SSL
2015-05-11 12:33:26 +02:00
1b511f93c6
Rename ssl_set_bio_timeout() to set_bio()
...
Initially thought it was best to keep the old function around and add a new
one, but this so many ssl_set_xxx() functions are changing anyway...
2015-05-11 12:33:26 +02:00
97fd52c529
Split ssl_set_read_timeout() out of bio_timeout()
2015-05-11 12:33:26 +02:00
bc2b771af4
Move ssl_set_ca_chain() to work on config
2015-05-11 12:33:26 +02:00
2b49445876
Move session ticket keys to conf
...
This is temporary, they will soon be replaced by callbacks.
!!! In this intermediate step security is removed !!!
2015-05-07 10:19:13 +01:00
684b0592cb
Move ssl_set_fallback() to work on conf
...
Initially thought it would be per-connection, but since max_version is in conf
too, and you need to lower that for a fallback connection, the fallback flag
should be in the same place
2015-05-07 10:19:13 +01:00
6bf89d6ad9
Move ssl_set_max_fragment_len to work on conf
2015-05-07 10:19:13 +01:00
17eab2b65c
Move set_cbc_record_splitting() to conf
2015-05-07 10:19:13 +01:00
d36e33fc07
Move easy ssl_set_xxx() functions to work on conf
...
mbedtls_ssl_set_alpn_protocols
mbedtls_ssl_set_arc4_support
mbedtls_ssl_set_authmode
mbedtls_ssl_set_ciphersuites
mbedtls_ssl_set_ciphersuites_for_version
mbedtls_ssl_set_curves
mbedtls_ssl_set_dbg
mbedtls_ssl_set_dh_param
mbedtls_ssl_set_dh_param_ctx
mbedtls_ssl_set_dtls_anti_replay
mbedtls_ssl_set_dtls_badmac_limit
mbedtls_ssl_set_dtls_cookies
mbedtls_ssl_set_encrypt_then_mac
mbedtls_ssl_set_endpoint
mbedtls_ssl_set_extended_master_secret
mbedtls_ssl_set_handshake_timeout
mbedtls_ssl_legacy_renegotiation
mbedtls_ssl_set_max_version
mbedtls_ssl_set_min_version
mbedtls_ssl_set_psk_cb
mbedtls_ssl_set_renegotiation
mbedtls_ssl_set_renegotiation_enforced
mbedtls_ssl_set_renegotiation_period
mbedtls_ssl_set_session_cache
mbedtls_ssl_set_session_ticket_lifetime
mbedtls_ssl_set_sni
mbedtls_ssl_set_transport
mbedtls_ssl_set_truncated_hmac
mbedtls_ssl_set_verify
2015-05-07 10:19:13 +01:00
419d5ae419
Make endpoint+transport args of config_defaults()
2015-05-07 10:19:13 +01:00
def0bbe3ab
Allocate ssl_config out of ssl_setup()
2015-05-07 10:19:13 +01:00
ee6139caea
Fix doc issue in ssl_server2
2015-05-07 10:18:26 +01:00
e36d56419e
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
fix bug in ssl_mail_client
Adapt compat.sh to GnuTLS 3.4
Fix undefined behaviour in x509
Conflicts:
programs/ssl/ssl_mail_client.c
tests/compat.sh
2015-04-30 13:52:25 +02:00
fa950c9480
fix bug in ssl_mail_client
2015-04-30 12:50:22 +02:00
da61ed3346
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Include changes from the 1.2 branch
Remove unused headers in o_p_test
Add countermeasure against cache-based lucky 13
Make results of (ext)KeyUsage accessible
Fix missing NULL check in MPI
Fix detection of getrandom()
Fix "make install" handling of symlinks
Fix bugs in programs displaying verify flags
Conflicts:
Makefile
include/polarssl/ssl.h
library/entropy_poll.c
library/ssl_srv.c
library/ssl_tls.c
programs/test/o_p_test.c
programs/test/ssl_cert_test.c
programs/x509/cert_app.c
2015-04-30 10:38:44 +02:00
ac90673345
Remove unused headers in o_p_test
2015-04-30 10:09:50 +02:00
637376c2fe
Fix bugs in programs displaying verify flags
2015-04-29 14:28:48 +02:00
41d479e7df
Split ssl_init() -> ssl_setup()
2015-04-29 02:08:34 +02:00
ec160c0f53
Update ctr_drbg_init() usage in programs
2015-04-29 02:08:34 +02:00
8d128efd48
Split mbedtls_ctr_drbg_init() -> seed()
2015-04-28 22:38:08 +02:00
f9e9481bc5
Split mbedtls_hmac_drbg_init() -> seed{,_buf}()
2015-04-28 22:07:14 +02:00
c34e8dd265
Split mbedtls_gcm_init() -> gcm_setkey()
2015-04-28 21:42:17 +02:00
6963ff0969
Split mbedtls_ccm_init() -> setkey()
2015-04-28 18:02:54 +02:00
7cfbaf05b3
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Fix bugs in programs displaying verify flags
Conflicts:
programs/test/ssl_cert_test.c
programs/x509/cert_app.c
2015-04-24 14:10:04 +02:00
9ce1bdc151
Fix bugs in programs displaying verify flags
2015-04-24 14:07:07 +02:00
e6028c93f5
Fix some X509 macro names
...
For some reason, during the great renaming, some names that should have been
prefixed with MBEDTLS_X509_ have only been prefixed with MBEDTLS_
2015-04-20 12:19:02 +01:00
89addc43db
manually merge 0c6ce2f use x509_crt_verify_info()
2015-04-20 11:23:11 +01:00
0c6ce2f536
Use x509_crt_verify_info() in programs
2015-04-17 19:57:21 +02:00
b85725c958
Fix merge issue
2015-04-15 11:58:31 +02:00
862d503c01
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Fix typos in Changelog
Fix macro name from wrong branch
Fix bug in pk_parse_key()
Fixed typos
Updated Travis CI config for mbedtls project
Conflicts:
include/mbedtls/ecp.h
include/polarssl/compat-1.2.h
include/polarssl/openssl.h
include/polarssl/platform.h
library/pkparse.c
programs/pkey/mpi_demo.c
2015-04-15 11:30:46 +02:00
6152b0267c
Fixed typos
2015-04-14 15:00:09 +02:00
2cf5a7c98e
The Great Renaming
...
A simple execution of tmp/invoke-rename.pl
2015-04-08 13:25:31 +02:00
6c7af4c200
Fix a few internal name choices
2015-04-03 18:46:55 +02:00
932e3934bd
Fix typos & Co
2015-04-03 18:46:55 +02:00
26c9f90cae
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Add missing depends in x509 programs
Simplify ifdef checks in programs/x509
Fix thread safety issue in RSA operations
Add test certificate for bitstring in DN
Add support for X.520 uniqueIdentifier
Accept bitstrings in X.509 names
2015-03-31 17:56:15 +02:00
0878a0d884
Add missing depends in x509 programs
2015-03-31 15:14:37 +02:00
8d649c66b3
Simplify ifdef checks in programs/x509
2015-03-31 15:10:03 +02:00
8c8be1ebbb
Change default min TLS version to TLS 1.0
2015-03-31 14:22:30 +02:00
32076e66be
Fix programs for recent ECDSA changes
2015-03-31 13:32:39 +02:00
fa44f20b9f
Change authmode default to Required on client
2015-03-27 17:52:25 +01:00
4b3e5ef59a
Avoid duplicate #ifdefs in programs/ssl
2015-03-27 11:24:27 +01:00
b5410dbd96
Depend on PEM_PARsE_C when using test_cas_pem
2015-03-27 11:08:49 +01:00
a958d69a70
Rename test_ca_list to test_cas_pem
2015-03-27 10:29:25 +01:00
