Manuel Pégourié-Gonnard
0edee5e386
Update copyright notice
2015-01-26 15:29:40 +00:00
Manuel Pégourié-Gonnard
aa02dc1ed8
Add support for cleanly exiting ssl_server2
...
Useful for memory testing
2014-11-20 17:28:18 +01:00
Alfred Klomp
9afec5f8ec
ssl_mail_client.c: silence warning, check base64_encode() status
...
Found with Clang's `scan-build` tool.
ssl_mail_client.c does a dead store by assigning the return value of
base64_encode() to `len` and not using the value. This causes
scan-build to issue a warning.
Instead of storing the return value into `len`, store it to `ret`, since
base64_encode() returns a status code, not a length. Also check if the
return value is nonzero and print an error; this silences scan-build.
2014-10-23 15:36:17 +02:00
Alfred Klomp
185962114a
ssl_test.c: remove dead store, assign at declaration
...
Found with Clang's `scan-build` tool.
The store to `ret` is not used, it's overwritten shortly after. Assign
the value of 1 at declaration time instead to silence scan-build.
2014-10-23 15:35:39 +02:00
Manuel Pégourié-Gonnard
982eda385f
Don't print uninitialised buffer in ssl_mail_client
2014-10-23 15:20:26 +02:00
Paul Bakker
a16e7f24f0
Proper initialization and checks for rare cases
2014-07-09 14:58:11 +02:00
Paul Bakker
d6d1f410e6
Cleaner initialization (values did not matter, but were uninitialized)
2014-07-08 18:28:31 +02:00
Paul Bakker
a2eabadb07
Actually increment the loop counter to quit in ssl_fork_server
2014-07-08 18:28:31 +02:00
Paul Bakker
3914840d78
Cleaned up location of init and free for some programs to prevent memory
...
leaks on incorrect arguments
2014-07-08 18:28:30 +02:00
Paul Bakker
993f02cda0
Added return value checking for correctness in programs
2014-07-08 18:28:29 +02:00
Paul Bakker
3cbaf1e379
Add ssl_close_notify() to servers that missed it
2014-07-08 14:30:35 +02:00
Paul Bakker
875548ce67
Disable renegotiation by default in example cli/srv
2014-07-08 12:21:41 +02:00
Manuel Pégourié-Gonnard
516eb623df
Make auth_mode=required the default in ssl_client2
2014-07-08 11:13:15 +02:00
Paul Bakker
44e8b23462
Fixed file descriptor leak in generic_sum
2014-07-07 17:46:30 +02:00
Paul Bakker
af0ccc8fa0
SMTP lines are officially terminated with CRLF, ssl_mail_client fixed
2014-07-07 17:46:29 +02:00
Paul Bakker
0ed42d6159
Minor fixes to o_p_test.c (CMakeLists.txt and includes)
2014-07-07 16:04:16 +02:00
Paul Bakker
238be3a207
Removed dependency on unistd.h for MSVC in apps
2014-07-07 16:01:07 +02:00
Paul Bakker
0748895b68
Explicit conversions to int from size_t for MSVC (64-bit) in apps
2014-07-07 16:01:06 +02:00
Paul Bakker
256a4afb57
Removed making commandline arguments case insensitive
2014-07-07 15:54:04 +02:00
Paul Bakker
a91d41e7a4
Removed Windows auto-spawn client code
2014-07-07 14:37:05 +02:00
Manuel Pégourié-Gonnard
b9f6d507dd
crypt_and_hash: check MAC earlier
2014-07-07 14:35:02 +02:00
Manuel Pégourié-Gonnard
79f1ff84ed
Make all hash checking in programs constant-time
2014-07-07 14:07:23 +02:00
Paul Bakker
2a8c2881f4
Check HMAC in constant-time in crypt_and_hash
2014-07-07 14:06:58 +02:00
Paul Bakker
43f9799ce6
RSA blinding on CRT operations to counter timing attacks
2013-09-23 11:23:31 +02:00
Paul Bakker
e0225e4d7f
Fixed const correctness issues in programs and tests
2013-06-06 12:58:12 +02:00
Paul Bakker
8fe40dcd7d
Allow enabling of dummy error_strerror() to support some use-cases
...
Enable a dummy error function to make use of error_strerror() in
third party libraries easier.
Disable if you run into name conflicts and want to really remove the
error_strerror()
2013-02-02 12:43:08 +01:00
Paul Bakker
91ebfb5272
Made auth_mode as an command line option
2012-11-23 14:04:08 +01:00
Paul Bakker
1f9d02dc90
Added more notes / comments on own_cert, trust_ca purposes
2012-11-20 10:30:55 +01:00
Paul Bakker
25338d74ac
Added proper gitignores for Linux CMake use
2012-11-18 22:56:39 +01:00
Paul Bakker
90f309ffe7
Added proper gitignores for linux compilation
2012-11-17 00:04:49 +01:00
Paul Bakker
75242c30fb
Added checking of CA peer cert to ssl_client1 as sane default
2012-11-17 00:03:46 +01:00
Paul Bakker
580153573b
- Do not free uninitialized ssl context
2012-11-14 12:15:41 +00:00
Paul Bakker
645ce3a2b4
- Moved ciphersuite naming scheme to IANA reserved names
2012-10-31 12:32:41 +00:00
Paul Bakker
b0550d90c9
- Added ssl_get_peer_cert() to SSL API
2012-10-30 07:51:03 +00:00
Paul Bakker
21654f392e
- Smaller default values
2012-10-24 14:29:17 +00:00
Paul Bakker
520ea911f6
- Fixed to support 4096 bit DHM params as well
2012-10-24 14:17:01 +00:00
Paul Bakker
f1ab0ec1ff
- Changed default compiler flags to include -O2
2012-10-23 12:12:53 +00:00
Paul Bakker
1d56958963
- Updated examples to use appropriate sizes for larger RSA keys (up to 16k)
2012-10-03 20:35:44 +00:00
Paul Bakker
3ad34d4110
- Added key_app_writer to CMakeLists.txt
2012-10-03 20:34:37 +00:00
Paul Bakker
3fad7b3fdd
- Changed saved value to RCF 3526 2048 MODP group
2012-10-03 19:50:54 +00:00
Paul Bakker
5da01caa50
- Added warning about example use
2012-10-03 19:48:33 +00:00
Paul Bakker
1d29fb5e33
- Added option to add minimum accepted SSL/TLS protocol version
2012-09-28 13:28:45 +00:00
Paul Bakker
5d19f86fdd
- Added comment
2012-09-28 07:33:00 +00:00
Paul Bakker
cbbd9998da
- SSL/TLS now has default group
2012-09-28 07:32:06 +00:00
Paul Bakker
915275ba78
- Revamped x509_verify() and the SSL f_vrfy callback implementations
2012-09-28 07:10:55 +00:00
Paul Bakker
819370c7b7
- Removed lowercasing of parameters
2012-09-28 07:04:41 +00:00
Paul Bakker
5ef9db2ae3
- Added rsa_check_privkey() check to rsa_sign
2012-09-27 13:19:22 +00:00
Paul Bakker
db2509c9cd
- Added password and password_file options for reading private keys
2012-09-27 12:44:31 +00:00
Paul Bakker
d43241060b
- Removed clutter from my_dhm values
2012-09-26 08:29:38 +00:00
Paul Bakker
0a59707523
- Added simple SSL session cache implementation
...
- Revamped session resumption handling
2012-09-25 21:55:46 +00:00