Manuel Pégourié-Gonnard
8e4b3374d7
Fix some more warnings in reduced configs
2014-11-17 15:06:13 +01:00
Manuel Pégourié-Gonnard
be6ce835a2
Fix typo causing MSVC errors
2014-11-17 14:29:36 +01:00
Manuel Pégourié-Gonnard
3a3066c3ee
ssl_server2 now exits on signal during a read too
2014-11-17 12:50:34 +01:00
Manuel Pégourié-Gonnard
403a86f73d
ssl_server2: exit cleanly on SIGINT too
2014-11-17 12:46:49 +01:00
Manuel Pégourié-Gonnard
98aa19148c
Adjust warnings in different modes
2014-11-14 16:45:48 +01:00
Manuel Pégourié-Gonnard
e80083cafa
Add precision about cmake cache
2014-11-14 14:18:24 +01:00
Manuel Pégourié-Gonnard
052ae25e56
Avoid advertising private option
2014-11-14 13:09:41 +01:00
Manuel Pégourié-Gonnard
6cf11642a4
Update README to mention config.pl
2014-11-14 12:29:59 +01:00
Manuel Pégourié-Gonnard
ca89d89a10
Document build modes better
2014-11-13 13:56:05 +01:00
Manuel Pégourié-Gonnard
705b70f122
Add new build modes for sanitizers
2014-11-13 13:35:50 +01:00
Manuel Pégourié-Gonnard
fd60a5c621
Add script finding recursive functions
2014-11-13 12:42:12 +01:00
Manuel Pégourié-Gonnard
e5b0fc1847
Make malloc-init script a bit happier
2014-11-13 12:42:12 +01:00
Manuel Pégourié-Gonnard
5924f9f810
Add script to find malloc() not followed by init
2014-11-13 12:42:12 +01:00
Manuel Pégourié-Gonnard
f631bbc1da
Make x509_string_cmp() iterative
2014-11-13 12:42:06 +01:00
Manuel Pégourié-Gonnard
8a5e3d4a40
Forbid repeated X.509 extensions
2014-11-12 18:13:58 +01:00
Manuel Pégourié-Gonnard
d681443f69
Fix potential stack overflow
2014-11-12 01:25:31 +01:00
Manuel Pégourié-Gonnard
b134060f90
Fix memory leak with crafted X.509 certs
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
0369a5291b
Fix uninitialised pointer dereference
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
e9271e6835
Add a MemSan Cmake build type
...
Detects uninitialised memory reads. Available only with Clang on Linux x86_64
for now. Experimental but seems usable enough.
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
49aa99e653
Fix exit codes in cert_app
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
e959979621
Fix ECDSA sign buffer size
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
b31b61b9e8
Fix potential undefined behaviour in Camellia
2014-11-12 00:01:51 +01:00
Manuel Pégourié-Gonnard
d6197a37e0
Detect undefined behaviours too in ASan builds
2014-11-12 00:01:51 +01:00
Manuel Pégourié-Gonnard
54f6e562e6
Fix CFLAGS with cmake and gcc
2014-11-12 00:01:51 +01:00
Manuel Pégourié-Gonnard
de17125875
Update ChangeLog for pk_check_pair() & Co
2014-11-12 00:01:51 +01:00
Manuel Pégourié-Gonnard
7c13d69cb5
Fix dependency issues
2014-11-12 00:01:34 +01:00
Manuel Pégourié-Gonnard
a1efcb084f
Implement pk_check_pair() for RSA-alt
2014-11-08 18:00:22 +01:00
Manuel Pégourié-Gonnard
27e3edbe2c
Check key/cert pair in ssl_set_own_cert()
2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard
70bdadf54b
Add pk_check_pair()
2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard
30668d688d
Add ecp_check_pub_priv()
2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard
2f8d1f9fc3
Add rsa_check_pub_priv()
2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard
e10e06d863
Blind RSA operations even without CRT
2014-11-06 18:25:44 +01:00
Manuel Pégourié-Gonnard
d056ce0e3e
Use seq_num as AEAD nonce by default
2014-11-06 18:23:49 +01:00
Manuel Pégourié-Gonnard
f9d778d635
Merge branch 'etm' into dtls
...
* etm:
Fix warning in reduced config
Update Changelog for EtM
Keep EtM state across renegotiations
Adjust minimum length for EtM
Don't send back EtM extension if not using CBC
Fix for the RFC erratum
Implement EtM
Preparation for EtM
Implement initial negotiation of EtM
Conflicts:
include/polarssl/check_config.h
2014-11-06 01:36:32 +01:00
Manuel Pégourié-Gonnard
56d985d0a6
Merge branch 'session-hash' into dtls
...
* session-hash:
Update Changelog for session-hash
Make session-hash depend on TLS versions
Forbid extended master secret with SSLv3
compat.sh: allow git version of gnutls
compat.sh: make options a bit more robust
Implement extended master secret
Add negotiation of Extended Master Secret
Conflicts:
include/polarssl/check_config.h
programs/ssl/ssl_server2.c
2014-11-06 01:25:09 +01:00
Manuel Pégourié-Gonnard
9d7821d774
Fix warning in reduced config
2014-11-06 01:19:52 +01:00
Manuel Pégourié-Gonnard
fedba98ede
Merge branch 'fb-scsv' into dtls
...
* fb-scsv:
Update Changelog for FALLBACK_SCSV
Implement FALLBACK_SCSV server-side
Implement FALLBACK_SCSV client-side
2014-11-05 16:12:09 +01:00
Manuel Pégourié-Gonnard
c7647079fa
Merge branch 'development' into dtls
...
* development:
Include 1.2.12 release information in ChangeLog
2014-11-05 16:02:57 +01:00
Manuel Pégourié-Gonnard
b3c6a97b31
Update Changelog for session-hash
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
c122ae7612
Update Changelog for EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
769c6b6351
Make session-hash depend on TLS versions
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
1a03473576
Keep EtM state across renegotiations
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
b575b54cb9
Forbid extended master secret with SSLv3
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
169dd6a514
Adjust minimum length for EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
dd4592774b
compat.sh: allow git version of gnutls
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
78e745fc0a
Don't send back EtM extension if not using CBC
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
08558e5b46
Fix for the RFC erratum
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
313d796e80
Implement EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
0098e7dc70
Preparation for EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
699cafaea2
Implement initial negotiation of EtM
...
Not implemented yet:
- actually using EtM
- conditions on renegotiation
2014-11-05 16:00:50 +01:00