Manuel Pégourié-Gonnard
|
c16f4e1f78
|
Move RC4 ciphersuites down the list
|
2014-04-30 16:27:06 +02:00 |
|
Paul Bakker
|
8eab8d368b
|
Merge more portable AES-NI
|
2014-04-30 16:21:08 +02:00 |
|
Paul Bakker
|
33dc46b080
|
Fix bug with mpi_fill_random() on big-endian
|
2014-04-30 16:20:39 +02:00 |
|
Paul Bakker
|
f96f7b607a
|
On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings
|
2014-04-30 16:02:38 +02:00 |
|
Paul Bakker
|
6384440b13
|
Better support for the different Attribute Types from IETF PKIX (RFC 5280)
|
2014-04-30 15:34:12 +02:00 |
|
Paul Bakker
|
24f37ccaed
|
rsa_check_pubkey() now allows an E up to N
|
2014-04-30 13:43:51 +02:00 |
|
Paul Bakker
|
0f90d7d2b5
|
version_check_feature() added to check for compile-time options at run-time
|
2014-04-30 11:49:44 +02:00 |
|
Paul Bakker
|
a70366317d
|
Improve interop by not writing ext_len in ClientHello / ServerHello when 0
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
|
2014-04-30 10:16:16 +02:00 |
|
Manuel Pégourié-Gonnard
|
63a5bfe903
|
Update Changelog for AES-NI
|
2014-04-26 17:21:07 +02:00 |
|
Paul Bakker
|
c73079a78c
|
Add debug_set_threshold() and thresholding of messages
|
2014-04-25 16:58:16 +02:00 |
|
Paul Bakker
|
92478c37a6
|
Debug module only outputs full lines instead of parts
|
2014-04-25 16:58:15 +02:00 |
|
Paul Bakker
|
eaebbd5eaa
|
debug_set_log_mode() added to determine raw or full logging
|
2014-04-25 16:58:14 +02:00 |
|
Paul Bakker
|
61885c7f7f
|
Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites
In case full SSL frames arrived, they were rejected because an overly
strict padding check.
|
2014-04-25 12:59:51 +02:00 |
|
Paul Bakker
|
fdba46885b
|
cert_write app should use subject of issuer certificate as issuer of cert
|
2014-04-25 11:48:35 +02:00 |
|
Paul Bakker
|
4ffcd2f9c3
|
Typo in PKCS#11 module
|
2014-04-25 11:44:12 +02:00 |
|
Paul Bakker
|
10a9dd35ea
|
Typo in POLARSSL_PLATFORM_STD_FPRINTF in platform.c
|
2014-04-25 11:27:16 +02:00 |
|
Paul Bakker
|
088c5c5f18
|
POLARSSL_CONFIG_OPTIONS has been removed. Values are set individually
For the Platform module this requires the introduction of
POLARSSL_PLATFORM_NO_STD_FUNCTIONS to allow not performing the default
assignments.
|
2014-04-25 11:11:10 +02:00 |
|
Paul Bakker
|
e92f73d73b
|
Updated ChangeLog
|
2014-04-18 14:08:26 +02:00 |
|
Paul Bakker
|
784b04ff9a
|
Prepared for version 1.3.6
|
2014-04-11 15:33:59 +02:00 |
|
Manuel Pégourié-Gonnard
|
9655e4597a
|
Reject certificates with times not in UTC
|
2014-04-11 13:59:36 +02:00 |
|
Manuel Pégourié-Gonnard
|
0776a43788
|
Use UTC to heck certificate validity
|
2014-04-11 13:59:31 +02:00 |
|
Paul Bakker
|
52c5af7d2d
|
Merge support for verifying the extendedKeyUsage extension in X.509
|
2014-04-11 13:58:57 +02:00 |
|
Manuel Pégourié-Gonnard
|
78848375c0
|
Declare EC constants as 'const'
|
2014-04-11 13:58:41 +02:00 |
|
Paul Bakker
|
1630058dde
|
Potential buffer overwrite in pem_write_buffer() fixed
Length indication when given a too small buffer was off.
Added regression test in test_suite_pem to detect this.
|
2014-04-11 13:58:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
b7fff0f9c6
|
Update Changelog for extendedKeyUsage
|
2014-04-11 11:32:39 +02:00 |
|
Paul Bakker
|
59366213cb
|
Updated ChangeLog for keyUsage merge
|
2014-04-09 15:55:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
2abed84225
|
Specific return code for PK sig length mismatch
|
2014-04-09 15:50:00 +02:00 |
|
Paul Bakker
|
1cfc45835f
|
Add option 'use_dev_random' to gen_key application
|
2014-04-09 15:49:58 +02:00 |
|
Paul Bakker
|
17b85cbd69
|
Merged additional tests and improved code coverage
Conflicts:
ChangeLog
|
2014-04-08 14:38:48 +02:00 |
|
Paul Bakker
|
0763a401a7
|
Merged support for the ALPN extension
|
2014-04-08 14:37:12 +02:00 |
|
Paul Bakker
|
4224bc0a4f
|
Prevent potential NULL pointer dereference in ssl_read_record()
|
2014-04-08 14:36:50 +02:00 |
|
Paul Bakker
|
27e36d342c
|
Support for the ALPN SSL extension (re-enabled in config.h)
|
2014-04-08 12:33:37 +02:00 |
|
Manuel Pégourié-Gonnard
|
8c045ef8e4
|
Fix embarrassing X.509 bug introduced in 9533765
|
2014-04-08 11:55:03 +02:00 |
|
Shuo Chen
|
95a0d118a9
|
Fix compile error when POLARSSL_ERROR_STRERROR_BC is undefined.
|
2014-04-08 10:53:51 +02:00 |
|
Manuel Pégourié-Gonnard
|
0148875cfc
|
Add tests and fix bugs for RSA-alt contexts
|
2014-04-04 17:46:46 +02:00 |
|
Manuel Pégourié-Gonnard
|
3fec220a33
|
Add test for dhm_parse_dhmfile
|
2014-04-04 16:42:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
7afdb88216
|
Test and fix x509_oid functions
|
2014-04-04 16:34:30 +02:00 |
|
Paul Bakker
|
4984d3c0b8
|
Updated ChangeLog for x509_crt_info() change
|
2014-04-04 15:39:37 +02:00 |
|
Manuel Pégourié-Gonnard
|
887aa5b381
|
Fix include path in ecdsa.h
|
2014-04-04 13:57:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
e442111e29
|
Fix typo which broke ENTROPY_FORCE_SHA256
|
2014-04-02 13:50:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
74bc68ac62
|
Fix default #define for malloc/free
|
2014-04-02 13:20:00 +02:00 |
|
Paul Bakker
|
75a2860f26
|
Potential memory leak in mpi_exp_mod() when error occurs during
calculation of RR.
|
2014-03-31 12:08:17 +02:00 |
|
Manuel Pégourié-Gonnard
|
dd75c3183b
|
Remove potential timing leak in ecdsa_sign()
|
2014-03-31 11:55:42 +02:00 |
|
Manuel Pégourié-Gonnard
|
6b0d268bc9
|
Add ssl_close_notify() to servers that missed it
|
2014-03-31 11:28:11 +02:00 |
|
Manuel Pégourié-Gonnard
|
969ccc6289
|
Fix length checking of various ClientKeyExchange's
|
2014-03-27 21:10:56 +01:00 |
|
Paul Bakker
|
96d5265315
|
Made ready for release 1.3.5
|
2014-03-26 16:55:50 +01:00 |
|
Paul Bakker
|
5fff23b92a
|
x509_get_current_time() uses localtime_r() to prevent thread issues
|
2014-03-26 15:34:54 +01:00 |
|
Paul Bakker
|
77f4f39ea6
|
Make sure no random pointer occur during failed malloc()'s
|
2014-03-26 15:30:20 +01:00 |
|
Paul Bakker
|
91c61bc4fd
|
Further tightened the padlen check to prevent underflow / overflow
|
2014-03-26 15:14:20 +01:00 |
|
Paul Bakker
|
674e0b015a
|
Improvements to tests/Makefile when using shared library
|
2014-03-26 13:26:52 +01:00 |
|