Paul Bakker
|
9c94cddeae
|
Correctly handle CertificateRequest with empty DN list in <= TLS 1.1
|
2013-01-22 14:21:49 +01:00 |
|
Paul Bakker
|
21dca69ef0
|
Handle future version properly in ssl_write_certificate_request()
|
2013-01-03 11:41:08 +01:00 |
|
Paul Bakker
|
40628bad98
|
Memory leak when using RSA_PKCS_V21 operations fixed
|
2013-01-03 10:50:31 +01:00 |
|
Paul Bakker
|
fb1ba781b3
|
Updated for release 1.2.3
|
2012-11-26 16:28:25 +01:00 |
|
Paul Bakker
|
df5069cb97
|
Updated for 1.2.2 release
|
2012-11-24 12:20:19 +01:00 |
|
Paul Bakker
|
7c90da9e75
|
Amended ChangeLog for client authentication fix
|
2012-11-23 14:02:40 +01:00 |
|
Paul Bakker
|
e667c98fb1
|
Added p_hw_data to ssl_context for context specific hardware acceleration data
|
2012-11-20 13:50:22 +01:00 |
|
Paul Bakker
|
1492633e54
|
Updated date for release
|
2012-11-20 10:58:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
e44ec108be
|
Fixed segfault in mpi_shift_r()
Fixed memory leak in test_suite_mpi
Amended ChangeLog
|
2012-11-18 23:15:02 +01:00 |
|
Paul Bakker
|
34d8dbcc6d
|
- Depth that the certificate verify callback receives is now numbered bottom-up (Peer cert depth is 0)
|
2012-11-14 12:11:38 +00:00 |
|
Paul Bakker
|
b815682a48
|
- Updated Changelog for 1.2.1
|
2012-11-13 12:52:17 +00:00 |
|
Paul Bakker
|
9daf0d0651
|
- Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1
|
2012-11-13 12:13:27 +00:00 |
|
Paul Bakker
|
f02c5642d0
|
- Allow R and A to point to same mpi in mpi_div_mpi
|
2012-11-13 10:25:21 +00:00 |
|
Paul Bakker
|
d9374b05d6
|
- Moved mpi_inv_mod() outside POLARSSL_GENPRIME
|
2012-11-02 11:02:58 +00:00 |
|
Paul Bakker
|
7a2538ee38
|
- Fixes for MSVC6
|
2012-11-02 10:59:36 +00:00 |
|
Paul Bakker
|
c9c5df98de
|
- Updated for PolarSSL 1.2.0
|
2012-10-31 13:55:27 +00:00 |
|
Paul Bakker
|
645ce3a2b4
|
- Moved ciphersuite naming scheme to IANA reserved names
|
2012-10-31 12:32:41 +00:00 |
|
Paul Bakker
|
4f024b7ba9
|
- Fixed for SPARC64
|
2012-10-30 07:29:57 +00:00 |
|
Paul Bakker
|
d5834bb394
|
- Added release text for 1.1.4 to ChangeLog
|
2012-10-02 14:38:56 +00:00 |
|
Paul Bakker
|
5c2364c2ba
|
- Moved from unsigned long to uint32_t throughout code
|
2012-10-01 14:41:15 +00:00 |
|
Paul Bakker
|
1d29fb5e33
|
- Added option to add minimum accepted SSL/TLS protocol version
|
2012-09-28 13:28:45 +00:00 |
|
Paul Bakker
|
915275ba78
|
- Revamped x509_verify() and the SSL f_vrfy callback implementations
|
2012-09-28 07:10:55 +00:00 |
|
Paul Bakker
|
5701cdcd02
|
- Added ServerName extension parsing (SNI) at server side
|
2012-09-27 21:49:42 +00:00 |
|
Paul Bakker
|
eb2c658163
|
- Generalized external private key implementation handling (like PKCS#11) in SSL/TLS
|
2012-09-27 19:15:01 +00:00 |
|
Paul Bakker
|
0a59707523
|
- Added simple SSL session cache implementation
- Revamped session resumption handling
|
2012-09-25 21:55:46 +00:00 |
|
Paul Bakker
|
b00ca42f2a
|
- Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
|
2012-09-25 12:10:00 +00:00 |
|
Paul Bakker
|
29b64761fd
|
- Added predefined DHM groups from RFC 5114
|
2012-09-25 09:36:44 +00:00 |
|
Paul Bakker
|
995a215eac
|
- Added credits
|
2012-09-25 08:19:56 +00:00 |
|
Paul Bakker
|
d4c2bd79fe
|
- Added bug
|
2012-09-16 21:35:30 +00:00 |
|
Paul Bakker
|
48916f9b67
|
- Added Secure Renegotiation (RFC 5746)
|
2012-09-16 19:57:18 +00:00 |
|
Paul Bakker
|
ec636f3bdd
|
- Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation)
|
2012-09-09 19:17:02 +00:00 |
|
Paul Bakker
|
f518b16f97
|
- Added PKCS#5 PBKDF2 key derivation function
|
2012-08-23 13:03:18 +00:00 |
|
Paul Bakker
|
535e97dbab
|
- Better checking for reading over buffer boundaries
- Zeroize altSubjectName chain memory before use
|
2012-08-23 10:49:55 +00:00 |
|
Paul Bakker
|
3c16db9a10
|
- Fixed potential memory zeroization on miscrafted RSA key
|
2012-07-05 13:58:08 +00:00 |
|
Paul Bakker
|
6132d0aa93
|
- Added Blowfish to generic cipher layer
- Renamed POLARSSL_MODE_CFB128 to POLARSSL_MODE_CFB
|
2012-07-04 17:10:40 +00:00 |
|
Paul Bakker
|
a9379c0ed1
|
- Added base blowfish algorithm
|
2012-07-04 11:02:11 +00:00 |
|
Paul Bakker
|
2770fbd651
|
- Added DEFLATE compression support as per RFC3749 (requires zlib)
|
2012-07-03 13:30:23 +00:00 |
|
Paul Bakker
|
4f9a7bb7fd
|
- Added Thumb assembly optimizations
|
2012-07-02 08:36:36 +00:00 |
|
Paul Bakker
|
cefb396a77
|
- Handle empty certificate subject names
|
2012-06-27 11:51:09 +00:00 |
|
Paul Bakker
|
8d914583f3
|
- Added X509 CA Path support
|
2012-06-04 12:46:42 +00:00 |
|
Paul Bakker
|
e6ee41f932
|
- Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL)
- Handle encryption with private key and decryption with public key as per RFC 2313
|
2012-05-19 08:43:48 +00:00 |
|
Paul Bakker
|
f6198c1513
|
- mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52)
|
2012-05-16 08:02:29 +00:00 |
|
Paul Bakker
|
5b37784f6d
|
- Updated with tickets
|
2012-05-16 07:57:36 +00:00 |
|
Paul Bakker
|
4d2c1243b1
|
- Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present.
|
2012-05-10 14:12:46 +00:00 |
|
Paul Bakker
|
186751d9dd
|
- Moved out_msg to out_hdr + 32 to support hardware acceleration
|
2012-05-08 13:16:14 +00:00 |
|
Paul Bakker
|
6b906e5095
|
- Const correctness mpi_get_bit()
- Documentation mpi_lsb(), mpi_msb()
|
2012-05-08 12:01:43 +00:00 |
|
Paul Bakker
|
05ef835b6a
|
- Added support for Hardware Acceleration hooking in SSL/TLS
|
2012-05-08 09:17:57 +00:00 |
|
Paul Bakker
|
fad3893ead
|
- Added release notes for 1.1.2 and 1.1.3 to trunk
|
2012-05-08 09:04:04 +00:00 |
|
Paul Bakker
|
01cc394848
|
- Added commandline error code convertor (util/strerror)
|
2012-05-08 08:36:15 +00:00 |
|
Paul Bakker
|
430ffbe564
|
- Fixed potential heap corruption in x509_name allocation
|
2012-05-01 08:14:20 +00:00 |
|