Commit Graph

191 Commits

Author SHA1 Message Date
Paul Bakker
993f02cda0 Added return value checking for correctness in programs 2014-07-08 18:28:29 +02:00
Paul Bakker
3cbaf1e379 Add ssl_close_notify() to servers that missed it 2014-07-08 14:30:35 +02:00
Paul Bakker
875548ce67 Disable renegotiation by default in example cli/srv 2014-07-08 12:21:41 +02:00
Manuel Pégourié-Gonnard
516eb623df Make auth_mode=required the default in ssl_client2 2014-07-08 11:13:15 +02:00
Paul Bakker
44e8b23462 Fixed file descriptor leak in generic_sum 2014-07-07 17:46:30 +02:00
Paul Bakker
af0ccc8fa0 SMTP lines are officially terminated with CRLF, ssl_mail_client fixed 2014-07-07 17:46:29 +02:00
Paul Bakker
0ed42d6159 Minor fixes to o_p_test.c (CMakeLists.txt and includes) 2014-07-07 16:04:16 +02:00
Paul Bakker
238be3a207 Removed dependency on unistd.h for MSVC in apps 2014-07-07 16:01:07 +02:00
Paul Bakker
0748895b68 Explicit conversions to int from size_t for MSVC (64-bit) in apps 2014-07-07 16:01:06 +02:00
Paul Bakker
256a4afb57 Removed making commandline arguments case insensitive 2014-07-07 15:54:04 +02:00
Paul Bakker
a91d41e7a4 Removed Windows auto-spawn client code 2014-07-07 14:37:05 +02:00
Manuel Pégourié-Gonnard
b9f6d507dd crypt_and_hash: check MAC earlier 2014-07-07 14:35:02 +02:00
Manuel Pégourié-Gonnard
79f1ff84ed Make all hash checking in programs constant-time 2014-07-07 14:07:23 +02:00
Paul Bakker
2a8c2881f4 Check HMAC in constant-time in crypt_and_hash 2014-07-07 14:06:58 +02:00
Paul Bakker
43f9799ce6 RSA blinding on CRT operations to counter timing attacks 2013-09-23 11:23:31 +02:00
Paul Bakker
e0225e4d7f Fixed const correctness issues in programs and tests 2013-06-06 12:58:12 +02:00
Paul Bakker
8fe40dcd7d Allow enabling of dummy error_strerror() to support some use-cases
Enable a dummy error function to make use of error_strerror() in
third party libraries easier.

Disable if you run into name conflicts and want to really remove the
error_strerror()
2013-02-02 12:43:08 +01:00
Paul Bakker
91ebfb5272 Made auth_mode as an command line option 2012-11-23 14:04:08 +01:00
Paul Bakker
1f9d02dc90 Added more notes / comments on own_cert, trust_ca purposes 2012-11-20 10:30:55 +01:00
Paul Bakker
25338d74ac Added proper gitignores for Linux CMake use 2012-11-18 22:56:39 +01:00
Paul Bakker
90f309ffe7 Added proper gitignores for linux compilation 2012-11-17 00:04:49 +01:00
Paul Bakker
75242c30fb Added checking of CA peer cert to ssl_client1 as sane default 2012-11-17 00:03:46 +01:00
Paul Bakker
580153573b - Do not free uninitialized ssl context 2012-11-14 12:15:41 +00:00
Paul Bakker
645ce3a2b4 - Moved ciphersuite naming scheme to IANA reserved names 2012-10-31 12:32:41 +00:00
Paul Bakker
b0550d90c9 - Added ssl_get_peer_cert() to SSL API 2012-10-30 07:51:03 +00:00
Paul Bakker
21654f392e - Smaller default values 2012-10-24 14:29:17 +00:00
Paul Bakker
520ea911f6 - Fixed to support 4096 bit DHM params as well 2012-10-24 14:17:01 +00:00
Paul Bakker
f1ab0ec1ff - Changed default compiler flags to include -O2 2012-10-23 12:12:53 +00:00
Paul Bakker
1d56958963 - Updated examples to use appropriate sizes for larger RSA keys (up to 16k) 2012-10-03 20:35:44 +00:00
Paul Bakker
3ad34d4110 - Added key_app_writer to CMakeLists.txt 2012-10-03 20:34:37 +00:00
Paul Bakker
3fad7b3fdd - Changed saved value to RCF 3526 2048 MODP group 2012-10-03 19:50:54 +00:00
Paul Bakker
5da01caa50 - Added warning about example use 2012-10-03 19:48:33 +00:00
Paul Bakker
1d29fb5e33 - Added option to add minimum accepted SSL/TLS protocol version 2012-09-28 13:28:45 +00:00
Paul Bakker
5d19f86fdd - Added comment 2012-09-28 07:33:00 +00:00
Paul Bakker
cbbd9998da - SSL/TLS now has default group 2012-09-28 07:32:06 +00:00
Paul Bakker
915275ba78 - Revamped x509_verify() and the SSL f_vrfy callback implementations 2012-09-28 07:10:55 +00:00
Paul Bakker
819370c7b7 - Removed lowercasing of parameters 2012-09-28 07:04:41 +00:00
Paul Bakker
5ef9db2ae3 - Added rsa_check_privkey() check to rsa_sign 2012-09-27 13:19:22 +00:00
Paul Bakker
db2509c9cd - Added password and password_file options for reading private keys 2012-09-27 12:44:31 +00:00
Paul Bakker
d43241060b - Removed clutter from my_dhm values 2012-09-26 08:29:38 +00:00
Paul Bakker
0a59707523 - Added simple SSL session cache implementation
- Revamped session resumption handling
2012-09-25 21:55:46 +00:00
Paul Bakker
4811b56524 - Added util/CMakelists.txt 2012-09-25 11:45:38 +00:00
Paul Bakker
29b64761fd - Added predefined DHM groups from RFC 5114 2012-09-25 09:36:44 +00:00
Paul Bakker
b60b95fd7f - Added first version of ssl_server2 example application 2012-09-25 09:05:17 +00:00
Paul Bakker
0f409a1911 - Added missing subdirectory line for util 2012-09-25 08:19:18 +00:00
Paul Bakker
d0f6fa7bdc - Sending of handshake_failures during renegotiation added
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
2012-09-17 09:18:12 +00:00
Paul Bakker
48916f9b67 - Added Secure Renegotiation (RFC 5746) 2012-09-16 19:57:18 +00:00
Paul Bakker
f518b16f97 - Added PKCS#5 PBKDF2 key derivation function 2012-08-23 13:03:18 +00:00
Paul Bakker
835b29e7c3 - Should not be debug_level 5 in repo (reset to 0) 2012-08-23 08:31:59 +00:00
Paul Bakker
3d58fe8af6 - Added Blowfish to benchmarks 2012-07-04 17:15:31 +00:00