Paul Bakker
|
d0f6fa7bdc
|
- Sending of handshake_failures during renegotiation added
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
|
2012-09-17 09:18:12 +00:00 |
|
Paul Bakker
|
17a9790918
|
- Added regression check for latest mpi_add_abs() issue
|
2012-09-17 08:44:35 +00:00 |
|
Paul Bakker
|
d4c2bd79fe
|
- Added bug
|
2012-09-16 21:35:30 +00:00 |
|
Paul Bakker
|
2d319fdfcb
|
- Fixed bug in mpi_add_abs with adding a small number to a large mpi with carry rollover.
|
2012-09-16 21:34:26 +00:00 |
|
Paul Bakker
|
48916f9b67
|
- Added Secure Renegotiation (RFC 5746)
|
2012-09-16 19:57:18 +00:00 |
|
Paul Bakker
|
b5b20f19e7
|
- Extra sanity check for input added
|
2012-09-16 15:07:49 +00:00 |
|
Paul Bakker
|
0c93d126bc
|
- Ability to define openssl at top
- Also add SHA256 ciphersuites in non-tls 1.2 modes
|
2012-09-13 14:26:09 +00:00 |
|
Paul Bakker
|
5f70b25c9b
|
- Correctly handle SHA256 ciphersuites in SSLv3
- Moved ssl3_prf to separate function (no exceptions)
|
2012-09-13 14:23:06 +00:00 |
|
Paul Bakker
|
ec636f3bdd
|
- Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation)
|
2012-09-09 19:17:02 +00:00 |
|
Paul Bakker
|
68b6d88f5e
|
- Clear all memory
|
2012-09-08 14:04:13 +00:00 |
|
Paul Bakker
|
94a6796179
|
- Correctly handle MS certificate's key usage bits
|
2012-08-23 13:03:52 +00:00 |
|
Paul Bakker
|
f518b16f97
|
- Added PKCS#5 PBKDF2 key derivation function
|
2012-08-23 13:03:18 +00:00 |
|
Paul Bakker
|
535e97dbab
|
- Better checking for reading over buffer boundaries
- Zeroize altSubjectName chain memory before use
|
2012-08-23 10:49:55 +00:00 |
|
Paul Bakker
|
9195662a4c
|
- Added test for no-subject certificates with altSubjectNames
|
2012-08-23 10:46:54 +00:00 |
|
Paul Bakker
|
894dece46c
|
- Cleaner return value (for C++)
|
2012-08-23 08:34:32 +00:00 |
|
Paul Bakker
|
b68cad6cc7
|
- Made cipersuites in ssl context const (no intention to modify)
- Adjusted ssl_set_ciphersuites() to match
|
2012-08-23 08:34:18 +00:00 |
|
Paul Bakker
|
835b29e7c3
|
- Should not be debug_level 5 in repo (reset to 0)
|
2012-08-23 08:31:59 +00:00 |
|
Paul Bakker
|
bb51f0cb3d
|
- Only include md.h if needed by POLARSSL_PKCS1_V21
|
2012-08-23 07:46:58 +00:00 |
|
Paul Bakker
|
6a2f857b08
|
- Added DragonflyBSD support
|
2012-08-23 07:45:37 +00:00 |
|
Paul Bakker
|
3c16db9a10
|
- Fixed potential memory zeroization on miscrafted RSA key
|
2012-07-05 13:58:08 +00:00 |
|
Paul Bakker
|
5552c8c0b3
|
- Updated documentation
|
2012-07-05 13:31:54 +00:00 |
|
Paul Bakker
|
3d58fe8af6
|
- Added Blowfish to benchmarks
|
2012-07-04 17:15:31 +00:00 |
|
Paul Bakker
|
6132d0aa93
|
- Added Blowfish to generic cipher layer
- Renamed POLARSSL_MODE_CFB128 to POLARSSL_MODE_CFB
|
2012-07-04 17:10:40 +00:00 |
|
Paul Bakker
|
26c4e3cb0b
|
- Made crypt_and_cipher more robust with other ciphers / hashes
|
2012-07-04 17:08:33 +00:00 |
|
Paul Bakker
|
83f00bba9c
|
- Updated strerror codes for SSL Compression and Blowfish
|
2012-07-04 11:08:50 +00:00 |
|
Paul Bakker
|
a9379c0ed1
|
- Added base blowfish algorithm
|
2012-07-04 11:02:11 +00:00 |
|
Paul Bakker
|
92eeea4627
|
- Modified CMakeLists to support zlib
|
2012-07-03 15:10:33 +00:00 |
|
Paul Bakker
|
2770fbd651
|
- Added DEFLATE compression support as per RFC3749 (requires zlib)
|
2012-07-03 13:30:23 +00:00 |
|
Paul Bakker
|
4f9a7bb7fd
|
- Added Thumb assembly optimizations
|
2012-07-02 08:36:36 +00:00 |
|
Paul Bakker
|
cefb396a77
|
- Handle empty certificate subject names
|
2012-06-27 11:51:09 +00:00 |
|
Paul Bakker
|
e4791f3936
|
- Bugfix for Windows in cert path handling
|
2012-06-04 21:29:15 +00:00 |
|
Paul Bakker
|
67820bd38e
|
- Only include padlock header when POLARSSL_PADLOCK_C is defined
|
2012-06-04 12:47:23 +00:00 |
|
Paul Bakker
|
8d914583f3
|
- Added X509 CA Path support
|
2012-06-04 12:46:42 +00:00 |
|
Paul Bakker
|
e6ee41f932
|
- Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL)
- Handle encryption with private key and decryption with public key as per RFC 2313
|
2012-05-19 08:43:48 +00:00 |
|
Paul Bakker
|
50546921ac
|
- Moved to prevent uninitialized exit var
|
2012-05-19 08:40:49 +00:00 |
|
Paul Bakker
|
4248823f43
|
- Updated to handle x509parse_crtfile() positive return values
|
2012-05-16 08:21:05 +00:00 |
|
Paul Bakker
|
f6198c1513
|
- mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52)
|
2012-05-16 08:02:29 +00:00 |
|
Paul Bakker
|
5b37784f6d
|
- Updated with tickets
|
2012-05-16 07:57:36 +00:00 |
|
Paul Bakker
|
40dd5303c2
|
- Fixed test on Big Endian systems (Fixed Ticket #54)
|
2012-05-15 15:02:38 +00:00 |
|
Paul Bakker
|
2a5c7a87af
|
- Add Windows required library
|
2012-05-10 21:54:28 +00:00 |
|
Paul Bakker
|
62f88dc473
|
Makefile more compatible with WINDOWS environment
|
2012-05-10 21:26:28 +00:00 |
|
Paul Bakker
|
cd5b529d6d
|
- Added automatic WINDOWS define in Makefile
|
2012-05-10 20:49:10 +00:00 |
|
Paul Bakker
|
4d2c1243b1
|
- Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present.
|
2012-05-10 14:12:46 +00:00 |
|
Paul Bakker
|
d14cd35ece
|
- Adapted Makefile for buildbot
|
2012-05-08 15:39:50 +00:00 |
|
Paul Bakker
|
02adedb0b1
|
- Added casting to prevent warnings on some compilers
|
2012-05-08 13:35:48 +00:00 |
|
Paul Bakker
|
7e2c728178
|
- Updated to support NetBSD
|
2012-05-08 13:23:16 +00:00 |
|
Paul Bakker
|
186751d9dd
|
- Moved out_msg to out_hdr + 32 to support hardware acceleration
|
2012-05-08 13:16:14 +00:00 |
|
Paul Bakker
|
3aac1daf1d
|
- Added exception error parsing when FATAL ssl message is received
|
2012-05-08 13:12:27 +00:00 |
|
Paul Bakker
|
6b906e5095
|
- Const correctness mpi_get_bit()
- Documentation mpi_lsb(), mpi_msb()
|
2012-05-08 12:01:43 +00:00 |
|
Paul Bakker
|
05ef835b6a
|
- Added support for Hardware Acceleration hooking in SSL/TLS
|
2012-05-08 09:17:57 +00:00 |
|