Manuel Pégourié-Gonnard
60182ef989
ssl_cli: write & parse session ticket extension
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
75d440192c
Introduce ticket field in session structure
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
5f280cc6cf
Implement saving peer cert as part of session.
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
aaa1eab55a
Add an option to reconnect in ssl_client2
...
Purpose: test resuming sessions.
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
747180391d
Add ssl_get_session() to save session on client
2013-08-14 14:08:03 +02:00
Paul Bakker
a8342398c8
Merge branch 'padding' into development
2013-08-14 14:03:59 +02:00
Paul Bakker
da4d1c35d1
Updated Changelog to reflect feature addition
2013-08-14 14:02:48 +02:00
Paul Bakker
48e93c84b7
Made padding modes configurable from config.h
2013-08-14 14:02:48 +02:00
Paul Bakker
1a45d91cf2
Restructured cipher_set_padding_mode() to use switch statement
2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard
ebdc413f44
Add 'no padding' mode
2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard
0e7d2c0f95
Add zero padding
2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
8d4291b52a
Add zeros-and-length (ANSI X.923) padding
2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
679f9e90ad
Add one-and-zeros (ISO/IEC 7816-4) padding
2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
6c9789932e
Adapt cipher tests to configurable padding
2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
b7d24bc7ca
Fix bug in get_pkcs_padding(): cannot be 0-length
2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
a640849b55
Add tests for get_padding() (PKCS#7)
2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
725680ffd2
Make cipher tests less dependant on padding size
2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
ac56a1aec4
Make cipher_set_padding() actually work
...
(Only one padding mode recognized yet.)
2013-08-14 14:02:46 +02:00
Manuel Pégourié-Gonnard
d5fdcaf9e5
Add cipher_set_padding() (no effect yet)
...
Fix pattern in tests/.gitignore along the way.
2013-08-14 14:02:46 +02:00
Paul Bakker
0f2f0bfc87
CAMELLIA-based PSK and DHE-PSK ciphersuites added
2013-07-26 15:04:03 +02:00
Paul Bakker
b548d773b3
Fixed memory leak in ecdh_compute_shared() in case of error
2013-07-26 14:22:19 +02:00
Paul Bakker
cca998a4c5
Fixed memory leak in ecdsa_sign() / ecdsa_verify() in case of error
2013-07-26 14:22:16 +02:00
Paul Bakker
1e6a175362
Support for AIX header locations in net.c module
2013-07-26 14:10:22 +02:00
Paul Bakker
66c4810ffe
Better handling of ciphersuite version range and forced version in
...
ssl_client2
2013-07-26 14:05:32 +02:00
Paul Bakker
6c85279719
Newline fixes in help text for ssl_client2 / ssl_server2
2013-07-26 14:02:13 +02:00
Paul Bakker
52cf16caeb
Fixed multiple use of GCM-context bug due to split-up of GCM functions
2013-07-26 13:56:22 +02:00
Paul Bakker
d6f41c5bcd
Fixed size of ctx_enc / ctx_dec in ssl for gcm_context size
2013-07-25 17:01:54 +02:00
Paul Bakker
524691c0a0
Added --modes option to tests/compat.sh
2013-07-25 17:01:20 +02:00
Paul Bakker
f16db18c55
Fixed header file comments on ciphersuites
2013-07-25 11:30:31 +02:00
Paul Bakker
d9ca94a677
Updated merged pk.c and x509parse.c changes with new memory allocation functions
2013-07-25 11:25:09 +02:00
Paul Bakker
dbd79ca617
ssl_client2 and ssl_server2 now exit with 1 on errors (shell
...
limitations)
2013-07-24 16:28:35 +02:00
Paul Bakker
f85778efb0
Updated Changelog for EC Key / Cert and RFC 6066 extensions
2013-07-19 14:55:25 +02:00
Paul Bakker
872c29b705
Merge branch 'truncated-hmac' into development
2013-07-19 14:52:07 +02:00
Paul Bakker
8c1ede655f
Changed prototype for ssl_set_truncated_hmac() to allow disabling
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
277f7f23e2
Implement hmac truncation
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
57c2852807
Added truncated hmac negociation (without effect)
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
e980a994f0
Add interface for truncated hmac
2013-07-19 14:51:47 +02:00
Paul Bakker
5b55b79021
Better handling of ciphersuite version range and forced version in
...
ssl_server2
2013-07-19 14:51:31 +02:00
Paul Bakker
bd5fd4d1da
RFC6229 ARC4 test vectors added to testsuite
2013-07-19 14:51:31 +02:00
Paul Bakker
accd4eb665
compat.sh now has -f command-line option to filter used ciphersuites
2013-07-19 14:51:31 +02:00
Paul Bakker
a7eaba5ef9
Merge branch 'maximum-fragment-length' into development
2013-07-19 14:51:13 +02:00
Manuel Pégourié-Gonnard
e048b67d0a
Misc minor fixes
...
- avoid "multi-line comment" warning in ssl_client2.c
- rm useless initialisation of mfl_code in ssl_init()
- const-correctness of ssl_parse_*_ext()
- a code formating issue
2013-07-19 12:56:08 +02:00
Manuel Pégourié-Gonnard
0c017a55e0
Add max_frag_len option in ssl_server2
...
Also reformat code and output more information in ssl_client2
2013-07-18 14:07:36 +02:00
Manuel Pégourié-Gonnard
ed4af8b57c
Move negotiated max fragment length to session
...
User-set max fragment length remains in ssl_context.
The min of the two is used for sizing fragments.
2013-07-18 14:07:09 +02:00
Manuel Pégourié-Gonnard
581e6b6d6c
Prepare migrating max fragment length to session
...
Remove max_frag_len member so that reseting session by memset()ing it to zero
does the right thing.
2013-07-18 12:32:27 +02:00
Paul Bakker
8e714d7aca
Modified LONG_RESPONSE and comments in ssl_server2
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
bd7ce63115
Adapt ssl_server2 to test sending long messages
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
6b4f237f6a
Forbid setting max_frag_len > MAX_CONTENT_LEN
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
30dc7ef3ad
Reset max_fragment_length in ssl_session_reset()
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
7bb7899121
Send max_fragment_length extension (server)
2013-07-18 11:23:48 +02:00