Paul Bakker
b0af56334c
rsa_check_pubkey() now allows an E up to N
2014-07-08 18:28:36 +02:00
Paul Bakker
3dfa07b401
Clearer description for version_get_string_full() regarding 18 bytes
2014-07-08 18:28:35 +02:00
Paul Bakker
838ed3c74d
Improve interop by not writing ext_len in ClientHello when 0
...
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
2014-07-08 18:28:33 +02:00
Paul Bakker
6993284ece
Travis configuration file for 1.2 branch
2014-07-08 18:28:32 +02:00
Paul Bakker
d6d1f410e6
Cleaner initialization (values did not matter, but were uninitialized)
2014-07-08 18:28:31 +02:00
Paul Bakker
a2eabadb07
Actually increment the loop counter to quit in ssl_fork_server
2014-07-08 18:28:31 +02:00
Paul Bakker
3914840d78
Cleaned up location of init and free for some programs to prevent memory
...
leaks on incorrect arguments
2014-07-08 18:28:30 +02:00
Paul Bakker
993f02cda0
Added return value checking for correctness in programs
2014-07-08 18:28:29 +02:00
Paul Bakker
676093e253
Check setsockopt() return value in net_bind()
2014-07-08 18:28:29 +02:00
Paul Bakker
7890e62a1f
Added missing MPI_CHK around mpi functions
2014-07-08 18:28:29 +02:00
Paul Bakker
243d61894c
Reject certificates with times not in UTC
2014-07-08 14:40:58 +02:00
Paul Bakker
f48de9579f
Use UTC to heck certificate validity
2014-07-08 14:39:41 +02:00
Paul Bakker
dedce0c35c
Prevent potential NULL pointer dereference in ssl_read_record()
2014-07-08 14:36:12 +02:00
Paul Bakker
6995efe8be
Potential memory leak in mpi_exp_mod() when error occurs during
...
calculation of RR.
2014-07-08 14:32:35 +02:00
Paul Bakker
3cbaf1e379
Add ssl_close_notify() to servers that missed it
2014-07-08 14:30:35 +02:00
Paul Bakker
875548ce67
Disable renegotiation by default in example cli/srv
2014-07-08 12:21:41 +02:00
Paul Bakker
358a841b34
x509_get_current_time() uses localtime_r() to prevent thread issues
2014-07-08 12:14:37 +02:00
Paul Bakker
24aaf44120
Make sure no random pointer occur during failed malloc()'s
2014-07-08 11:39:19 +02:00
Paul Bakker
345316db65
Made building of programs optional in CMake
2014-07-08 11:32:40 +02:00
Paul Bakker
bc8984931c
Improvements to tests/Makefile when using shared library
2014-07-08 11:32:12 +02:00
Manuel Pégourié-Gonnard
c2262b58f6
Tune debug_print_ret format
2014-07-08 11:26:20 +02:00
Paul Bakker
ef3cf7088f
Provide no info from entropy_func() on future entropy
2014-07-08 11:25:51 +02:00
Paul Bakker
1e9423704a
Support for seed file writing and reading in Entropy
2014-07-08 11:20:25 +02:00
Paul Bakker
ec8e5db1cf
Updated documentation for seed functions w.r.t. return values
2014-07-08 11:18:41 +02:00
Paul Bakker
22a0ce0cef
Fix warning on MinGW and MSVC12
2014-07-08 11:17:50 +02:00
Paul Bakker
8cb73200e1
MinGW32 static build should link to windows libs and libz
2014-07-08 11:15:55 +02:00
Paul Bakker
b000f82d76
ssl_init() left a dirty in_ctr pointer on failed allocation of out_ctr
2014-07-08 11:15:18 +02:00
Manuel Pégourié-Gonnard
a9f86e03ed
Make the compiler work-around more specific
2014-07-08 11:13:59 +02:00
Manuel Pégourié-Gonnard
57291a7019
Work around a compiler bug on OS X.
2014-07-08 11:13:42 +02:00
Manuel Pégourié-Gonnard
516eb623df
Make auth_mode=required the default in ssl_client2
2014-07-08 11:13:15 +02:00
Manuel Pégourié-Gonnard
8a56d3044d
Update doc of ssl_set_authmode()
2014-07-08 11:11:45 +02:00
Manuel Pégourié-Gonnard
588b66f152
Add a warning against compression in config.h
2014-07-08 11:11:25 +02:00
Manuel Pégourié-Gonnard
3baeb15c79
Update changelog for cmake changes
2014-07-08 11:10:54 +02:00
hasufell
97a11c107e
CMake: allow to build both shared and static at once
...
This allows for more fine-grained control. Possible combinations:
* static off, shared on
* static on, shared off
* static on, shared on
The static library is always called "libpolarssl.a" and is only used
for linking of tests and internal programs if the shared lib is
not being built.
Default is: only build static lib.
2014-07-08 11:10:09 +02:00
hasufell
d113a9d60f
CMake: fix zlib include dir
...
ZLIB_INCLUDE_DIR was interpreted as a relative path from the
working directory.
2014-07-08 11:06:59 +02:00
hasufell
69ebf32725
CMake: respect system cflags
...
Adding optimization level to CMAKE_C_FLAGS is intrusive and problematic
with policies of various distribution.
However, setting "-O2" in CMAKE_CFLAGS_RELEASE is fine and only
affects release build.
2014-07-08 11:06:41 +02:00
Alex Wilson
e63560470e
Don't try to use MIPS32 asm macros on MIPS64
...
The MIPS32 bn_mul asm code causes segfaults on MIPS64 and failing
tests. Until someone has time to fix this up, MIPS64 platforms should
fall back to the C implementation (which works fine).
2014-07-08 11:06:05 +02:00
Manuel Pégourié-Gonnard
be04673c49
Forbid sequence number wrapping
2014-07-08 11:04:19 +02:00
Paul Bakker
50a5c53398
Reject certs and CRLs from the future
2014-07-08 10:59:10 +02:00
Paul Bakker
0d844dd650
Add x509parse_time_future()
2014-07-07 17:46:36 +02:00
Manuel Pégourié-Gonnard
963918b88f
Countermeasure against "triple handshake" attack
2014-07-07 17:46:35 +02:00
Manuel Pégourié-Gonnard
397858b81d
Avoid "unreachable code" warning
2014-07-07 17:46:33 +02:00
Paul Bakker
57ca5702fd
Fixed CMake symlinking on out-of-source builds
2014-07-07 17:46:32 +02:00
Manuel Pégourié-Gonnard
6d841c2c5c
Fix verion-major intolerance
2014-07-07 17:46:31 +02:00
Paul Bakker
e96bfbc6bd
Fixed testing with out-of-source builds using cmake
2014-07-07 17:46:30 +02:00
Paul Bakker
44e8b23462
Fixed file descriptor leak in generic_sum
2014-07-07 17:46:30 +02:00
Manuel Pégourié-Gonnard
c675e4bde5
Fix bug in RSA PKCS#1 v1.5 "reversed" operations
2014-07-07 17:46:29 +02:00
Paul Bakker
af0ccc8fa0
SMTP lines are officially terminated with CRLF, ssl_mail_client fixed
2014-07-07 17:46:29 +02:00
Paul Bakker
1e7c3d2500
net_is_block() renamed to net_would_block() and corrected behaviour on
...
non-blocking sockets
net_would_block() now does not return 1 if the socket is blocking.
2014-07-07 17:46:28 +02:00
Paul Bakker
1dc45f15a6
Added MPI_CHK around unguarded mpi calls
2014-07-07 17:46:25 +02:00