Janos Follath
e609a08c2f
Fix issue #429 in ssl_fork_server.c
2016-05-03 15:43:31 +01:00
Janos Follath
582a461a49
Improves and makes pretty the ssl_fork_server output
2016-04-29 00:12:35 +01:00
Janos Follath
fe049db8ef
Fix issue #429 in ssl_fork_server.c
2016-04-29 00:12:19 +01:00
Simon Butcher
e4a46f696f
Merge branch 'development'
2016-04-27 18:44:37 +01:00
Simon Butcher
b2d5dd105d
Fixes X509 sample app and SSL test suite
...
Fixes the X.509 cert_app and the SSL test suite for the non-default
configs which don't build with if MBEDTLS_PLATFORM_C isn't defined.
2016-04-27 13:35:37 +01:00
Simon Butcher
d3138c35c6
Fixes SSL sample apps for non-default configs
...
Fixes the SSL sample applications to build for the non-default configs
which don't build if MBEDTLS_PLATFORM_C isn't defined.
2016-04-27 01:26:50 +01:00
SimonB
d5800b7761
Abstracts away time()/stdlib.h into platform
...
Substitutes time() into a configurable platform interface to allow it to be
easily substituted.
2016-04-26 14:49:59 +01:00
Janos Follath
0c539447c1
Fixes no return value warning in selftest.c
2016-04-18 09:59:16 +01:00
Simon Butcher
1ef918ddca
Add missing stdlib.h header to rsa sample programs
2016-04-13 11:56:27 +01:00
Nicholas Wilson
409401c044
Shut up a few clang-analyze warnings about use of uninitialized variables
...
The functions are all safe, Clang just isn't clever enough to realise
it.
2016-04-13 11:56:22 +01:00
Simon Butcher
6b46c62d77
Fixes error and exit paths in rsa sample programs
2016-04-12 13:25:08 +01:00
Janos Follath
f713b0a6ce
Fix memory leaks in example programs.
2016-04-11 23:32:39 +01:00
Simon Butcher
cd0ee5e499
Fixes following review of 'iotssl-682-selftest-ci-break'
2016-03-21 22:54:37 +00:00
Janos Follath
2e3aca2c9e
Fix test break in 'test-ref-configs.pl'
2016-03-18 16:25:52 +00:00
Simon Butcher
f1547632dc
Fixes to style following review
...
Made code spacing consistent with guidelines, and corrected the misnamed test
steps in basic-build-test.sh
2016-03-14 23:12:32 +00:00
SimonB
5a8afb848a
Fix exit code and add a count of the test suites
...
Now counts and displays the number of test suites executed, which can vary
depending on build configurations.
All tests are now executed as this is a sample and test program, rather than
exit on first failure.
Exit code now restricted to SUCCESS or FAILURE.
2016-03-14 23:12:29 +00:00
Manuel Pégourié-Gonnard
90ab4a45b5
Fix Unix detection in mini_client
...
fixes #398
2016-03-09 19:32:08 +00:00
Manuel Pégourié-Gonnard
644c2e0fdb
Add new program to gitignore
2015-11-02 06:34:29 +09:00
Manuel Pégourié-Gonnard
1c6f19aa47
Merge pull request #317 from Inikup/fix-issue-315
...
cert_write : fix "Destination buffer is too small" error
2015-11-02 05:52:26 +09:00
Manuel Pégourié-Gonnard
54eeecfff3
Merge pull request #316 from Inikup/help-key_cert_sign-fix
...
Fix help message for cert_req/cert_write programs
2015-10-30 14:50:42 +01:00
Simon Butcher
204606238c
Merge branch 'development' into misc
2015-10-27 16:57:34 +00:00
Manuel Pégourié-Gonnard
fadacb9d0b
Merge branch 'development' into iotssl-461-ecjpake-finalization
...
* development: (73 commits)
Bump yotta dependencies version
Fix typo in documentation
Corrected misleading fn description in ssl_cache.h
Corrected URL/reference to MPI library
Fix yotta dependencies
Fix minor spelling mistake in programs/pkey/gen_key.c
Bump version to 2.1.2
Fix CVE number in ChangeLog
Add 'inline' workaround where needed
Fix references to non-standard SIZE_T_MAX
Fix yotta version dependencies again
Upgrade yotta dependency versions
Fix compile error in net.c with musl libc
Add missing warning in doc
Remove inline workaround when not useful
Fix macroization of inline in C++
Changed attribution for Guido Vranken
Merge of IOTSSL-476 - Random malloc in pem_read()
Fix for IOTSSL-473 Double free error
Fix potential overflow in CertificateRequest
...
Conflicts:
include/mbedtls/ssl_internal.h
library/ssl_cli.c
2015-10-20 15:00:29 +02:00
Jonathan Leroy
bbc75d9791
cert_write : fix "Destination buffer is too small" error
...
This commit fixes the `Destination buffer is too small` error returned
by `mbedtls_cert_write` command when the values of `subject_name` or
`issuer_name` parameters exceed 128 characters.
I have increased the size of these varaibles from 128 to 256 characters,
but I don't know if it's the best way to solve this issue...
Fixes #315 .
2015-10-10 21:58:07 +02:00
Jonathan Leroy
81962c36e3
Fix help message for cert_req/cert_write programs
...
In cert_req and cert_write programs, "key_certificate_sign" is not an
allowed velue for "key_usage" parameter. The correct value is
"key_cert_sign".
See https://github.com/ARMmbed/mbedtls/blob/development/programs/x509/cert_req.c#L208
and https://github.com/ARMmbed/mbedtls/blob/development/programs/x509/cert_write.c#L323 .
2015-10-10 21:42:29 +02:00
Manuel Pégourié-Gonnard
3eb8c34e6a
Add example program for Curve25519
...
Getting a lot of questions about how to use it. This will hopefully get people
started.
2015-10-09 12:13:29 +01:00
Manuel Pégourié-Gonnard
262c137d8c
Merge pull request #311 from jcowgill/spelling-fix
...
Fix minor spelling mistake in programs/pkey/gen_key.c
2015-10-09 09:38:52 +01:00
James Cowgill
07a92d720a
Fix minor spelling mistake in programs/pkey/gen_key.c
2015-10-09 00:28:14 +01:00
Manuel Pégourié-Gonnard
70905a7855
Add ecjpake_pw option to ssl_client2/server2
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
2ed05a049a
Fix typos
2015-09-09 11:52:28 +02:00
Manuel Pégourié-Gonnard
22311ae62e
Improve help message of ssl_*2.c
2015-09-09 11:22:58 +02:00
Manuel Pégourié-Gonnard
3f09b6d4c2
Fix API
2015-09-08 11:58:14 +02:00
Manuel Pégourié-Gonnard
dbd23079d0
Add option reconnect_hard to ssl_client2
...
- interrupt the connection abruptly (no close_notify)
- reconnect from the same port while server sill has an active connection from
this port.
Some real-world clients do that, see section 4.2.8 of RFC 6347.
2015-09-08 10:39:06 +02:00
Manuel Pégourié-Gonnard
4d8685b4ff
Add skeleton for EC J-PAKE module
2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard
37ff14062e
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
Simon Butcher
ed51594337
Merge pull request #265 from ARMmbed/iotssl-460-bugfixes
...
Iotssl 460 bugfixes
2015-09-02 23:36:36 +01:00
Manuel Pégourié-Gonnard
a2cda6bfaf
Add mbedtls_ssl_get_max_frag_len()
...
This is not very useful for TLS as mbedtls_ssl_write() will automatically
fragment and return the length used, and the application should check for that
anyway, but this is useful for DTLS where mbedtls_ssl_write() returns an
error, and the application needs to be able to query the maximum length
instead of just guessing.
2015-08-31 20:47:04 +02:00
Manuel Pégourié-Gonnard
cf9ab63863
Fix error reporting in pkey/pk_* programs
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
ce7a08ba49
Fix more comments/outputs in verify programs
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
102a620c9a
Fix hash buffer size in pkey programs
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
d224ff1f63
Change default RSA key size in rsa_genkey
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
1d8f2da7df
Fix comments about filenames in some programs
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
d74c697035
Fix memory corruption in rsa sign/verify programs
...
We have no guarantee there is enough room in the argv strings.
Fixes #210
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
ea35666f50
Fix -Wshadow warnings
...
Checked that it is supported by gcc 4.2.1 (FreeBSD 9).
fixes #240
2015-08-31 10:34:26 +02:00
Manuel Pégourié-Gonnard
fa1304a51d
Use Unix line endings in wince_main.c too
...
The compiler needs to accept Unix line endings anyway, as this is what we use
everywhere, and it makes things more consistent.
2015-08-06 19:03:31 +02:00
Manuel Pégourié-Gonnard
d73896581b
Fix typos (found by Francesco Pompò)
...
Manually merging as the pull requests are based on an old branch.
closes #215
closes #216
2015-08-06 18:22:26 +02:00
Manuel Pégourié-Gonnard
6fb8187279
Update date in copyright line
2015-07-28 17:11:58 +02:00
Manuel Pégourié-Gonnard
4f3368e31e
Fix bug in benchmark.c with DHM params
2015-07-19 15:01:28 +02:00
Manuel Pégourié-Gonnard
78ec2b049c
Cosmetics in Makefiles
2015-07-08 22:12:06 +01:00
Manuel Pégourié-Gonnard
a6dbddce0c
Fix benchmark.c for removal of small DH params
2015-07-06 11:20:33 +02:00
Manuel Pégourié-Gonnard
77c656217b
Update dh_genprime program
...
- default size 2048 bits
- make size a command-line argument
- remove warning about using own params
2015-07-03 16:57:52 +02:00
Manuel Pégourié-Gonnard
6755717f18
Fix stupid typo in ssl_server2.c
2015-07-02 11:15:48 +02:00
Manuel Pégourié-Gonnard
046589e424
Rm obsolete defines for snprintf in programs
...
Now centralized in the platform layer
2015-07-01 17:26:20 +02:00
Manuel Pégourié-Gonnard
9de64f5af1
Fix MSVC warnings in library and programs
2015-07-01 16:56:08 +02:00
Manuel Pégourié-Gonnard
052f28853b
Cosmetics in debug in ssl_{client,server}2.c
...
Print only the basename from the file, and print level too.
2015-07-01 12:01:13 +02:00
Manuel Pégourié-Gonnard
abc729e664
Simplify net_accept() with UDP sockets
...
This is made possible by the new API where net_accept() gets a pointer to
bind_ctx, so it can update it.
2015-07-01 01:28:24 +02:00
Manuel Pégourié-Gonnard
3d7d00ad23
Rename mbedtls_net_close() to mbedtls_net_free()
...
close() may be more meaningful, but free() is symmetric with _init(), and more
consistent with all other modules
2015-06-30 16:50:37 +02:00
Manuel Pégourié-Gonnard
5db64328ab
Adapt programs to the new NET API
2015-06-30 16:48:17 +02:00
Manuel Pégourié-Gonnard
a7c8903ca6
Add missing programs to Makefile
2015-06-29 19:14:04 +02:00
Manuel Pégourié-Gonnard
1c5b9fc19f
Avoid truncating peer cert info in ssl_server2
2015-06-27 14:38:51 +02:00
Manuel Pégourié-Gonnard
fc36708697
Use $(MAKE), not make
...
For the sake of systems where we want gmake.
2015-06-26 16:50:24 +02:00
Manuel Pégourié-Gonnard
633c6b6485
Run timing selftest on all platforms
...
Used to fail on our FreeBSD and Windows buildbots. Seems to be working at
least on my Darwin physical machine and on my Windows VM with MSYS2 now.
2015-06-26 16:17:30 +02:00
Manuel Pégourié-Gonnard
4b00f08e20
Fix snprintf test
...
Our Windows implementation based on vsnprintf_s( ..., _TRUNCATE ) sometimes
writes *two* terminating NULLs. Allow for that, but obviously bytes past the
end of the buffer mustn't be touched.
2015-06-26 14:10:13 +02:00
Manuel Pégourié-Gonnard
ea9556a76e
Fix mistaken changes in Makefile's clean target
...
I was a bit too trigger-happy with copy-pasting in a previous commit...
2015-06-25 14:19:25 +02:00
Manuel Pégourié-Gonnard
216a1831de
Fix whitespace in CMakeLists.txt
...
- all spaces no tabs
- indent with 4 spaces everywhere
2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
21e1ac205e
Fix linking order with make
...
GNU ld cares about the order in which static libs are mentioned on the command
line: if A depends on B then A must com first.
2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
5c59a4fea5
Split libs with make + general make cleanups
2015-06-25 10:59:56 +02:00
Manuel Pégourié-Gonnard
8d4a613cc5
Small Makefile improvements
...
- fix old build commands still using OFLAGS
- make everything work with --warn-undefined-variables, which can be useful
for debugging typos
2015-06-25 10:59:56 +02:00
Manuel Pégourié-Gonnard
61ee351af4
Adapt programs to the new debug API
2015-06-23 23:30:16 +02:00
Manuel Pégourié-Gonnard
c0d749418b
Make 'port' a string in NET module
...
- avoids dependency on snprintf
- allows using "smtps" instead of "456" if desired
2015-06-23 13:09:11 +02:00
Manuel Pégourié-Gonnard
07894338a0
Rename M255 to Curve25519
2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
6ea831dcf4
Add tests for mbedtls_set_hs_ca_chain()
2015-06-22 17:30:18 +02:00
Manuel Pégourié-Gonnard
4d6f178376
Add support for SNI CA and authmode in ssl_server2
2015-06-22 14:52:40 +02:00
Manuel Pégourié-Gonnard
7b6dcbe993
Add tests for snprintf
...
- Added in each tests program to be sure they are run (putting them in a test
suite/function specific to the platform layer would cause them to be skipped
when PLATFORM_C is not defined).
- Platforms have already moved from a standard to a broken snprintf in the
past [1], so make sure to catch that if it ever happens again.
[1]: http://sourceforge.net/p/mingw-w64/mailman/message/31241434/
2015-06-22 14:42:04 +02:00
Manuel Pégourié-Gonnard
7580ba475d
Add a concept of entropy source strength.
...
The main goal is, we want and error if cycle counter is the only source.
2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard
c0696c216b
Rename mbedtls_mpi_msb to mbedtls_mpi_bitlen
2015-06-18 16:49:37 +02:00
Manuel Pégourié-Gonnard
797f48ace6
Rename ecp_curve_info.size to bit_size
2015-06-18 15:45:05 +02:00
Manuel Pégourié-Gonnard
898e0aa210
Rename key_length in cipher_info
2015-06-18 15:31:10 +02:00
Manuel Pégourié-Gonnard
b31c5f68b1
Add SSL presets.
...
No need to use a separate profile as in X.509, everything we need is already
in ssl_config. Just load appropriate values.
2015-06-17 14:59:27 +02:00
Manuel Pégourié-Gonnard
9096682352
Add dhmlen option in ssl_client2.c
2015-06-17 11:37:04 +02:00
Manuel Pégourié-Gonnard
bf27eaac79
Fix help string in ssl_client2.c
2015-06-12 11:22:02 +02:00
Manuel Pégourié-Gonnard
ba56136b5c
Avoid in-out length in base64
2015-06-02 16:30:35 +01:00
Manuel Pégourié-Gonnard
3335205a21
Avoid in-out length in dhm_calc_secret()
2015-06-02 16:17:08 +01:00
Manuel Pégourié-Gonnard
d14acbc31a
Test assumptions we make about the platform
...
Things that are not guaranteed by the standard but should be true of all
platforms of interest to us:
- 8-bit chars
- NULL pointers represented by all-bits-zero
2015-05-29 12:25:40 +02:00
Manuel Pégourié-Gonnard
06d5d61302
Adapt programs to generic md_file()
2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
b327168e22
Remove non-generic md_file() programs
2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
b2a18a2a98
Remove references to malloc in strings/names
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard
7551cb9ee9
Replace malloc with calloc
...
- platform layer currently broken (not adapted yet)
- memmory_buffer_alloc too
2015-05-26 16:04:06 +02:00
Manuel Pégourié-Gonnard
56273daea0
Move some includes to ssl_internal.h
...
Also removed one from ssl.h and add it in programs where it belongs
2015-05-26 15:01:37 +02:00
Manuel Pégourié-Gonnard
a0adc1bbe4
Make cipher used in ssl tickets configurable
2015-05-25 10:35:16 +02:00
Manuel Pégourié-Gonnard
b596abfdc0
Refine cli/srv ifdefs for session tickets
...
- Only the server needs to generate/parse tickets
- Only the client needs to store them
Also adjust prototype of ssl_conf_session_tickets() while at it.
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
d59675d92c
Move to callback for session tickets
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
53ebe138c6
Fix copyright lines still mentioning Brainspark
2015-05-15 12:01:12 +02:00
Manuel Pégourié-Gonnard
0b104b056b
Adapt prototype of net_accept() for explicit size
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
d9e6a3ac10
Rename pk_init_ctx() -> pk_setup()
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
d4f04dba42
net.c now depends on select() unconditionally
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
a63bc94a2d
Remove timing_m_sleep() -> net_usleep()
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
151dc77732
Fix some old names that remained
...
- most in doxygen doc that was never renamed
- some re-introduced in comments/doc/strings by me
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
8473f87984
Rename cipher_init_ctx() to cipher_setup()
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
66dc5555f0
mbedtls_ssl_conf_arc4_support() depends on ARC4_C
2015-05-14 12:31:10 +02:00
Manuel Pégourié-Gonnard
d2377e7e78
ssl_client/server2 shouln't depend on timing.c
...
Would break test-ref-configs.pl.
2015-05-13 13:58:56 +02:00