Paul Bakker
|
04376b1419
|
Fixed memory leak in ssl_parse_server_key_exchange from missing
md_free_ctx()
|
2013-08-16 14:45:26 +02:00 |
|
Manuel Pégourié-Gonnard
|
b03de8bcbe
|
Add test for EC keys with all curves.
(Made possible by the OID fix.)
|
2013-08-16 14:00:52 +02:00 |
|
Manuel Pégourié-Gonnard
|
298aae4524
|
Adapt core OID functions to embeded null bytes
|
2013-08-16 14:00:52 +02:00 |
|
Manuel Pégourié-Gonnard
|
c13c0d4524
|
Add a length check in rsa_get_pubkey()
|
2013-08-16 14:00:52 +02:00 |
|
Manuel Pégourié-Gonnard
|
56a487a17f
|
Minor ecdsa cleanups
- point_format is of no use
- d was init'ed and free'd twice
|
2013-08-16 14:00:52 +02:00 |
|
Manuel Pégourié-Gonnard
|
686bfae244
|
Fix memory error in x509_get_attr_type_value
|
2013-08-16 14:00:52 +02:00 |
|
Manuel Pégourié-Gonnard
|
ba77bbf840
|
Fix memory error in asn1_get_alg()
|
2013-08-16 14:00:52 +02:00 |
|
Manuel Pégourié-Gonnard
|
06dab806ce
|
Fix memory error in asn1_get_bitstring_null()
When *len is 0, **p would be read, which is out of bounds.
|
2013-08-16 14:00:52 +02:00 |
|
Manuel Pégourié-Gonnard
|
0b2726732e
|
Fix ifdef conditions for EC-related extensions.
Was alternatively ECP_C and ECDH_C.
|
2013-08-16 13:56:17 +02:00 |
|
Manuel Pégourié-Gonnard
|
5734b2d358
|
Actually use the point format selected for ECDH
|
2013-08-16 13:56:16 +02:00 |
|
Manuel Pégourié-Gonnard
|
7b19c16b74
|
Handle suported_point_formats in ServerHello
|
2013-08-16 13:56:16 +02:00 |
|
Manuel Pégourié-Gonnard
|
6b8846d929
|
Stop advertising support for compressed points
(We can only write them, not read them.)
|
2013-08-16 13:56:16 +02:00 |
|
Paul Bakker
|
1f2bc6238b
|
Made support for the truncated_hmac extension configurable
|
2013-08-15 13:45:55 +02:00 |
|
Paul Bakker
|
05decb24c3
|
Made support for the max_fragment_length extension configurable
|
2013-08-15 13:33:48 +02:00 |
|
Paul Bakker
|
9f3478a37d
|
Merge branch 'session_tickets' into development
|
2013-08-15 11:44:40 +02:00 |
|
Paul Bakker
|
5d5d041fb5
|
Merge branch 'padding' into development
|
2013-08-15 11:44:28 +02:00 |
|
Paul Bakker
|
606b4ba20f
|
Session ticket expiration checked on server
|
2013-08-15 11:42:48 +02:00 |
|
Paul Bakker
|
51e73135ec
|
Fixed expected test result case for unknown padding modes
|
2013-08-15 11:41:39 +02:00 |
|
Paul Bakker
|
f0e39acb58
|
Fixed unitialized n when resuming a session
|
2013-08-15 11:40:48 +02:00 |
|
Paul Bakker
|
5994adc749
|
Merge branch 'session_tickets' into development
|
2013-08-14 14:27:12 +02:00 |
|
Paul Bakker
|
936539ad4b
|
Updated Changelog to reflect addition of session tickets
|
2013-08-14 14:26:03 +02:00 |
|
Paul Bakker
|
a503a63b85
|
Made session tickets support configurable from config.h
|
2013-08-14 14:26:03 +02:00 |
|
Manuel Pégourié-Gonnard
|
56dc9e8bba
|
Authenticate session tickets.
|
2013-08-14 14:08:07 +02:00 |
|
Manuel Pégourié-Gonnard
|
990c51a557
|
Encrypt session tickets
|
2013-08-14 14:08:07 +02:00 |
|
Manuel Pégourié-Gonnard
|
779e42982c
|
Start adding ticket keys (only key_name for now)
|
2013-08-14 14:08:06 +02:00 |
|
Manuel Pégourié-Gonnard
|
aa0d4d1aff
|
Add ssl_set_session_tickets()
|
2013-08-14 14:08:06 +02:00 |
|
Manuel Pégourié-Gonnard
|
306827e3bc
|
Prepare ticket structure for securing
|
2013-08-14 14:08:06 +02:00 |
|
Manuel Pégourié-Gonnard
|
06650f6a37
|
Fix reusing session more than once
|
2013-08-14 14:08:06 +02:00 |
|
Manuel Pégourié-Gonnard
|
cf2e97eae2
|
ssl_client2: allow reconnecting twice
|
2013-08-14 14:08:06 +02:00 |
|
Manuel Pégourié-Gonnard
|
593058e35e
|
Don't renew ticket when the current one is OK
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
c086cce3d3
|
Don't cache empty session ID nor resumed session
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
7cd5924cec
|
Rework NewSessionTicket handling in state machine
Fixes bug: NewSessionTicket was ommited in resumed sessions.
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
3ffa3db80b
|
Fix server session ID handling with ticket
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
72882b2079
|
Relax limit on ClientHello size
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
609bc81a76
|
ssl_srv: read & write ticket, unsecure for now
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
94f6a79cde
|
Auxiliary functions to (de)serialize ssl_session
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
7a358b8580
|
ssl_srv: write & parse session ticket ext & msg
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
6377e41ef5
|
Complete client support for session tickets
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
a5cc6025e7
|
Parse NewSessionTicket message
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
60182ef989
|
ssl_cli: write & parse session ticket extension
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
75d440192c
|
Introduce ticket field in session structure
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
5f280cc6cf
|
Implement saving peer cert as part of session.
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
aaa1eab55a
|
Add an option to reconnect in ssl_client2
Purpose: test resuming sessions.
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
747180391d
|
Add ssl_get_session() to save session on client
|
2013-08-14 14:08:03 +02:00 |
|
Paul Bakker
|
a8342398c8
|
Merge branch 'padding' into development
|
2013-08-14 14:03:59 +02:00 |
|
Paul Bakker
|
da4d1c35d1
|
Updated Changelog to reflect feature addition
|
2013-08-14 14:02:48 +02:00 |
|
Paul Bakker
|
48e93c84b7
|
Made padding modes configurable from config.h
|
2013-08-14 14:02:48 +02:00 |
|
Paul Bakker
|
1a45d91cf2
|
Restructured cipher_set_padding_mode() to use switch statement
|
2013-08-14 14:02:48 +02:00 |
|
Manuel Pégourié-Gonnard
|
ebdc413f44
|
Add 'no padding' mode
|
2013-08-14 14:02:48 +02:00 |
|
Manuel Pégourié-Gonnard
|
0e7d2c0f95
|
Add zero padding
|
2013-08-14 14:02:47 +02:00 |
|