Commit Graph

2188 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
274a12e17c Fix bug with ssl_cache and max_entries=0 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
780d671f9d Add tests for renegotiation 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
de14378a53 Add tests for max fragment length extension 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
f7c52014ec Add basic tests for session resumption 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
eaadc508fb New ssl-opt.sh test script 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
2fc243d06a Rearrange help messages of example cli/srv 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
c57e98b5fa compat.sh: terminate ssl_server2 cleanly 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
5f593f07f7 compat.sh: rm a useless sleep 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
95957717f3 compat.sh: source cosmetics 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
330e4111cb compat.sh: factor code into run_client() function 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
304beef2ae compat.sh: function to start server 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
9ada01a70c compat.sh: regroup arguments even more 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
1b31d7fd97 compat.sh: remove useless server restart 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
48f196cda5 compat.sh refactoring: group ciphersuite lists 2014-03-14 08:40:59 +01:00
Manuel Pégourié-Gonnard
d941a796be compat.sh refectoring: regroup argument setting 2014-03-14 08:40:59 +01:00
Manuel Pégourié-Gonnard
e3b3d19e5a Improve doc of pk_parse_* functions 2014-03-13 19:27:34 +01:00
Manuel Pégourié-Gonnard
e2ce2112ac Update doc of ssl_set_authmode() 2014-03-13 19:25:07 +01:00
Manuel Pégourié-Gonnard
fcf2fc2960 Make auth_mode=required the default in ssl_client2 2014-03-13 19:25:07 +01:00
Manuel Pégourié-Gonnard
bb4dd37044 Add a warning against compression in config.h 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
14ed1a2934 Update changelog for cmake changes 2014-03-13 19:25:06 +01:00
hasufell
3c6409b066 CMake: allow to build both shared and static at once
This allows for more fine-grained control. Possible combinations:
  * static off, shared on
  * static on, shared off
  * static on, shared on

The static library is always called "libpolarssl.a" and is only used
for linking of tests and internal programs if the shared lib is
not being built.

Default is: only build static lib.
2014-03-13 19:25:06 +01:00
hasufell
7c4a553baf CMake: fix zlib include dir
ZLIB_INCLUDE_DIR was interpreted as a relative path from the
working directory.
2014-03-13 19:25:06 +01:00
hasufell
fcd362989c CMake: respect system cflags
Adding optimization level to CMAKE_C_FLAGS is intrusive and problematic
with policies of various distribution.
However, setting "-O2" in CMAKE_CFLAGS_RELEASE is fine and only
affects release build.
2014-03-13 19:25:06 +01:00
Alex Wilson
7349142ce7 Don't try to use MIPS32 asm macros on MIPS64
The MIPS32 bn_mul asm code causes segfaults on MIPS64 and failing
tests. Until someone has time to fix this up, MIPS64 platforms should
fall back to the C implementation (which works fine).
2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
9a6e93e7a4 Reserve -1 as an error code (used in programs) 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
c7a88a960d Fix more depend issues on specific curves 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
844a4c0aef Fix RSASSA-PSS example programs 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
83cdffc437 Forbid sequence number wrapping 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
3c599f11b0 Avoid possible segfault on bad server ciphersuite 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
9533765b25 Reject certs and CRLs from the future 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
6304f786e0 Add x509_time_future() 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
29dcc0b93c Fix depend issues in test suites for cipher modes 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
1ec220b002 Add missing #ifdefs in aes.h 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
648656a628 Fix error code in dhm_selftest() 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
796c6f3aff Countermeasure against "triple handshake" attack 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
fdf3f0e671 Avoid "unreachable code" warning 2014-03-11 13:47:05 +01:00
Paul Bakker
3d52ab76f6 Fixed CMake symlinking on out-of-source builds 2014-03-07 10:33:55 +01:00
Manuel Pégourié-Gonnard
e8bac683c2 Add -Wunreachable-code to check mode
See eg https://www.imperialviolet.org/2014/02/22/applebug.html
2014-02-24 10:49:27 +01:00
Manuel Pégourié-Gonnard
2a2ae642d8 Fix forgotten curves in #ifdef 2014-02-24 10:29:21 +01:00
Manuel Pégourié-Gonnard
47fc5ae400 Fxi typo 2014-02-20 15:56:43 +01:00
Manuel Pégourié-Gonnard
c580a00e3c Print protocol version in example cli/srv 2014-02-12 10:15:30 +01:00
Manuel Pégourié-Gonnard
6b1e207081 Fix verion-major intolerance 2014-02-12 10:14:54 +01:00
Manuel Pégourié-Gonnard
c9093085ed Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
This reverts commit ab50d8d30c, reversing
changes made to e31b1d992a.
2014-02-12 09:39:59 +01:00
Manuel Pégourié-Gonnard
6df09578bb Revert "Mutex call in x509_crt.c depended on PTHREAD specific instead of generic"
This reverts commit 9eae7aae80.
2014-02-12 09:29:05 +01:00
Paul Bakker
2ceda57989 Ability to force the Entropy module to use SHA-256 as its basis
By default the SHA-512 module is used if both are available. On some
systems, SHA-256 is the better choice.

Contributed by: Gergely Budai
2014-02-06 15:55:25 +01:00
Paul Bakker
cd6d69a414 Fixed testing with out-of-source builds using cmake 2014-02-06 15:44:11 +01:00
Paul Bakker
f2561b3f69 Ability to provide alternate timing implementation 2014-02-06 15:32:26 +01:00
Paul Bakker
64abd83b67 Fixed file descriptor leak in generic_sum 2014-02-06 15:03:06 +01:00
Paul Bakker
47703a0a80 More entropy functions made thread-safe (add_source, update_manual, gather) 2014-02-06 15:01:20 +01:00
Paul Bakker
9eae7aae80 Mutex call in x509_crt.c depended on PTHREAD specific instead of generic
threading
2014-02-06 14:51:53 +01:00