Attila Molnar
c7b8e3af53
Fix minor doc issue
2016-05-05 17:50:17 +01:00
Janos Follath
542ee5d8f3
Update default configuration
...
Change the default settings for SSL and modify the tests accordingly.
2016-03-07 16:34:25 +00:00
Manuel Pégourié-Gonnard
5ae028550f
Make check-names.sh happy
2016-01-08 15:08:49 +01:00
Manuel Pégourié-Gonnard
7715e669f1
Avoid build errors with -O0 due to assembly
2016-01-08 14:52:55 +01:00
Simon Butcher
543e4366bc
Change version number to 2.1.4
...
Changed version for library files and yotta module
2016-01-04 22:41:11 +00:00
Manuel Pégourié-Gonnard
4c9916b094
Fix doxygen warnings for generic names in config.h
...
When we use the same documentation for a list of #defines, we used to use a
generic name in the \def command. Use the first name of the list instead so
that doxygen stops complaining, and mention the generic name in the longer
description.
This is not entirely satisfactory as the full list of macros will not be
included in the generated doc, but it's still an improvement as at least the
first macro is documented now, with a hint that there are others.
2016-01-04 15:49:47 +00:00
Manuel Pégourié-Gonnard
3bd5eb7567
Reintroduce line deleted by accident
2016-01-04 15:48:43 +00:00
Simon Butcher
a02fe7c2cc
Various fixes to doxygen API generation
...
* Fixed incorrect file definitions
* Corrected function naming in X.509 module definition
2016-01-04 15:48:12 +00:00
Simon Butcher
6189175900
Fix for MPI divide on MSVC
...
Resolves multiple platform issues when building bignum.c with Microsoft
Visual Studio.
2016-01-03 20:32:46 +00:00
Simon Butcher
aa4114910a
Merge 'iotssl-558-2.1-md5-tls-sigs-restricted'
2015-12-23 18:52:18 +00:00
Simon Butcher
e82ac57ef6
Merge remote-tracking branch 'origin/misc-2.1' into mbedtls-2.1
2015-12-22 19:36:17 +00:00
Manuel Pégourié-Gonnard
7da96958a6
Make documentation more explicit on TLS errors
...
fixes #358
2015-12-10 15:07:46 +01:00
Manuel Pégourié-Gonnard
b39528e2e8
Disable MD5 in handshake signatures by default
2015-12-04 15:13:36 +01:00
Manuel Pégourié-Gonnard
013198f30f
DTLS: avoid dropping too many records
...
When the peer retransmits a flight with many record in the same datagram, and
we already saw one of the records in that datagram, we used to drop the whole
datagram, resulting in interoperability failure (spurious handshake timeouts,
due to ignoring record retransmitted by the peer) with some implementations
(issues with Chrome were reported).
So in those cases, we want to only drop the current record, and look at the
following records (if any) in the same datagram. OTOH, this is not something
we always want to do, as sometime the header of the current record is not
reliable enough.
This commit introduces a new return code for ssl_parse_header() that allows to
distinguish if we should drop only the current record or the whole datagram,
and uses it in mbedtls_ssl_read_record()
fixes #345
2015-12-03 19:22:55 +01:00
Simon Butcher
ef43d41f67
Changed version number to 2.1.3
...
Changed for library
2015-11-04 22:08:33 +00:00
Manuel Pégourié-Gonnard
7a40dc686f
Disable reportedly broken assembly of Sparc(64)
...
fixes #292
2015-11-02 05:57:49 +09:00
Manuel Pégourié-Gonnard
9f44a80ea3
Try to prevent some misuse of RSA functions
...
fixes #331
2015-10-30 10:57:43 +01:00
Manuel Pégourié-Gonnard
93080dfacf
Fix missing check for RSA key length on EE certs
...
- also adapt tests to use lesser requirement for compatibility with old
testing material
2015-10-28 13:22:32 +01:00
Manuel Pégourié-Gonnard
f9945bc283
Fix #ifdef inconsistency
...
fixes #310
Actually all key exchanges that use a certificate use signatures too, and
there is no key exchange that uses signatures but no cert, so merge those two
flags.
Conflicts:
ChangeLog
2015-10-28 13:16:33 +01:00
Manuel Pégourié-Gonnard
1cb668cf0f
ECHDE-PSK does not use a certificate
...
fixes #270
2015-10-28 13:15:12 +01:00
Manuel Pégourié-Gonnard
d113b8e89d
Move all KEY_EXCHANGE__ definitions in one place
2015-10-28 13:15:01 +01:00
Manuel Pégourié-Gonnard
a6925c502d
Fix typo in documentation
2015-10-27 10:28:49 +01:00
Simon Butcher
759b6d9df6
Corrected misleading fn description in ssl_cache.h
...
Mistake in comments spotted by Andris Mednis
2015-10-27 10:28:24 +01:00
Manuel Pégourié-Gonnard
c4e7d8a381
Bump version to 2.1.2
...
Yotta version bumped to 2.1.3, as we had to do one more patch release to the
yotta registry to accommodate for dependencies updates.
2015-10-05 19:13:36 +01:00
Manuel Pégourié-Gonnard
c80a74f734
Merge branch 'development' into development-restricted
...
* development:
Add 'inline' workaround where needed
2015-10-05 16:30:53 +01:00
Manuel Pégourié-Gonnard
2ac9c60838
Add 'inline' workaround where needed
...
Was previously using the workaround from md.h
2015-10-05 16:18:23 +01:00
Manuel Pégourié-Gonnard
a97ab2c8a6
Merge branch 'development' into development-restricted
...
* development:
Remove inline workaround when not useful
Fix macroization of inline in C++
2015-10-05 15:48:09 +01:00
Simon Butcher
7776fc36d3
Fix for #279 macroisation of 'inline' keyword
2015-10-05 15:44:18 +01:00
Manuel Pégourié-Gonnard
2d7083435d
Fix references to non-standard SIZE_T_MAX
...
Turns out C99 doesn't define SIZE_T_MAX, so let's not use it.
2015-10-05 15:23:11 +01:00
Manuel Pégourié-Gonnard
899ac849d0
Merge branch 'development' into development-restricted
...
* development:
Upgrade yotta dependency versions
Fix compile error in net.c with musl libc
Add missing warning in doc
2015-10-05 14:47:43 +01:00
Manuel Pégourié-Gonnard
cb6af00e2a
Add missing warning in doc
...
Found by Nicholas Wilson
fixes #288
2015-10-05 12:12:39 +01:00
Manuel Pégourié-Gonnard
5a2e389811
Remove inline workaround when not useful
...
This header doesn't have nay inline function any more
2015-10-05 11:55:39 +01:00
Manuel Pégourié-Gonnard
0223ab9d38
Fix macroization of inline in C++
...
When compiling as C++, MSVC complains about our macroization of a keyword.
Stop doing that as we know inline is always available in C++
2015-10-05 11:41:36 +01:00
Simon Butcher
6418ffaadb
Merge fix for IOTSSL-480 - base64 overflow issue
2015-10-05 09:54:11 +01:00
Manuel Pégourié-Gonnard
ef388f168d
Merge branch 'development' into development-restricted
...
* development:
Updated ChangeLog with credit
Fix a fairly common typo in comments
Make config check include for configs examples more consistent
2015-10-02 12:44:39 +02:00
Manuel Pégourié-Gonnard
0aa45c209a
Fix potential overflow in base64_encode
2015-09-30 16:37:49 +02:00
Simon Butcher
9f81231fb8
Revised hostname length check from review
2015-09-28 19:22:33 +01:00
Simon Butcher
89f77623b8
Added max length checking of hostname
2015-09-27 22:50:49 +01:00
Tillmann Karras
588ad50c5a
Fix a fairly common typo in comments
2015-09-25 04:27:22 +02:00
Manuel Pégourié-Gonnard
8cea8ad8b8
Bump version to 2.1.1
2015-09-17 11:58:45 +02:00
Simon Butcher
5793e7ef01
Merge 'development' into iotssl-411-port-reuse
...
Conflicts:
ChangeLog
2015-09-16 15:25:53 +01:00
Simon Butcher
1a57af1607
Update ssl.h
...
Typo
2015-09-11 17:14:16 +01:00
Simon Butcher
4f6882a8a3
Update config.h
...
Typo in RFC x-ref comment.
2015-09-11 17:12:46 +01:00
Manuel Pégourié-Gonnard
ddfe5d20d1
Tune dependencies
...
Don't depend on srv.c in config.h, but add explicit checks. This is more
in line with other options that only make sense server-side, and also it
allows to test full config minus srv.c more easily.
2015-09-09 12:46:16 +02:00
Manuel Pégourié-Gonnard
62c74bb78a
Stop wasting resources
...
Use a custom function that minimally parses the message an creates a reply
without the overhead of a full SSL context.
Also fix dependencies: needs DTLS_HELLO_VERIFY for the cookie types, and let's
also depend on SRV_C as is doesn't make sense on client.
2015-09-09 11:22:52 +02:00
Nicholas Wilson
2088e2ebd9
fix const-ness of argument to mbedtls_ssl_conf_cert_profile
...
Otherwise, it's impossible to pass in a pointer to
mbedtls_x509_crt_profile_next!
2015-09-08 16:53:18 +01:00
Manuel Pégourié-Gonnard
222cb8db22
Tune related documentation while at it
2015-09-08 15:43:59 +02:00
Manuel Pégourié-Gonnard
3a2a4485d4
Update documentation
2015-09-08 15:36:09 +02:00
Manuel Pégourié-Gonnard
be619c1264
Clean up error codes
2015-09-08 11:21:21 +02:00
Manuel Pégourié-Gonnard
26d227ddfc
Add config flag for support of client port reuse
2015-09-08 10:39:06 +02:00