Nicholas Wilson
ca89d7f6d8
Add compile-time guard MBEDTLS_SSL_PREVERIFY_CB for pre-verify callback
2018-03-27 18:10:13 +01:00
Nicholas Wilson
536a22a409
Add a "pre-verify" callback to ssl_tls.c
...
This enables a client to populate the trust chain on-demand, rather than
loading all the trusted certificates up-front. This is useful on mobile
clients where the OS cert store contains >200 certificates, 199 of which
won't be used at any given time.
2018-03-27 18:08:46 +01:00
Gilles Peskine
fc458d0b9b
Merge remote-tracking branch 'myfork/pr_1073' into development-proposed
2018-03-22 21:53:12 +01:00
Gilles Peskine
a7b34c7810
Merge remote-tracking branch 'upstream-public/pr/1406' into development-proposed
2018-03-22 21:52:48 +01:00
Gilles Peskine
f15a8beacf
Merge remote-tracking branch 'upstream-public/pr/1256' into development-proposed
2018-03-22 21:51:53 +01:00
Gilles Peskine
0818540ff7
Merge branch 'pr_726' into development-proposed
2018-03-22 21:50:48 +01:00
Gilles Peskine
88c6df1ce8
Add ChangeLog entry
2018-03-22 21:48:28 +01:00
Gilles Peskine
5bdb671404
Merge branch 'pr_403' into development-proposed
2018-03-22 21:34:15 +01:00
Gilles Peskine
58afc39dd7
Add ChangeLog entry
2018-03-22 21:33:28 +01:00
Gilles Peskine
4b6b247512
Merge remote-tracking branch 'upstream-public/pr/1441' into development-proposed
2018-03-22 21:30:07 +01:00
Gilles Peskine
9b9cc616ca
Add ChangeLog entry
2018-03-22 17:03:45 +01:00
Jaeden Amero
8be0e6db41
Update version to 2.8.0
2018-03-16 16:25:12 +00:00
Jaeden Amero
79a5e72719
Merge remote-tracking branch 'upstream-restricted/pr/463' into development-restricted-proposed
2018-03-15 08:25:05 +00:00
Jaeden Amero
24b2d6fb6d
Merge remote-tracking branch 'upstream-restricted/pr/459' into development-restricted-proposed
2018-03-15 08:24:44 +00:00
Jaeden Amero
8e4ff12909
Merge branch 'development-proposed' into development-restricted-proposed
2018-03-15 08:23:55 +00:00
Jaeden Amero
ce183d994c
Merge remote-tracking branch 'upstream-public/pr/1448' into development-proposed
2018-03-15 08:23:53 +00:00
Jaeden Amero
d1fedc55d7
Merge remote-tracking branch 'upstream-public/pr/1440' into development-proposed
2018-03-15 08:23:35 +00:00
Jaeden Amero
95ad522ecc
Merge remote-tracking branch 'upstream-public/pr/1439' into development-proposed
2018-03-15 08:23:10 +00:00
Jaeden Amero
64293777eb
Merge remote-tracking branch 'upstream-public/pr/1423' into development-proposed
2018-03-15 08:22:48 +00:00
Jaeden Amero
a53d9abfe8
Merge remote-tracking branch 'upstream-public/pr/1051' into development-proposed
2018-03-15 08:22:48 +00:00
Manuel Pégourié-Gonnard
47a98d4e2c
fixup previous commit: add forgotten file
2018-03-14 14:08:57 +01:00
Manuel Pégourié-Gonnard
a63305d134
x509: CRL: add tests for non-critical extension
...
The 'critical' boolean can be set to false in two ways:
- by leaving it implicit (test data generated by openssl)
- by explicitly setting it to false (generated by hand)
2018-03-14 12:44:54 +01:00
Manuel Pégourié-Gonnard
0bdb050b2d
x509: CRL: add tests for malformed extensions
...
This covers all lines added in the previous commit. Coverage was tested using:
make CFLAGS='--coverage -g3 -O0'
(cd tests && ./test_suite_x509parse)
make lcov
firefox Coverage/index.html # then visual check
Test data was generated by taking a copy of tests/data_files/crl-idp.pem,
encoding it as hex, and then manually changing the values of some bytes to
achieve the desired errors, using https://lapo.it/asn1js/ for help in locating
the desired bytes.
2018-03-14 12:00:55 +01:00
Krzysztof Stachowiak
7fa1ae70c8
Add Changelog entry
2018-03-14 11:57:37 +01:00
Krzysztof Stachowiak
00bbf572af
Update change log
2018-03-14 11:14:13 +01:00
Manuel Pégourié-Gonnard
fd3e4fbae7
x509: CRL: reject unsupported critical extensions
2018-03-14 09:15:02 +01:00
Gilles Peskine
5f1932817c
Merge remote-tracking branch 'upstream-restricted/pr/398' into development-restricted-proposed
2018-03-13 17:18:06 +01:00
Gilles Peskine
553a06f08a
Merge remote-tracking branch 'upstream-restricted/pr/351' into development-restricted-proposed
...
Move the added ChangeLog entry to the bottom so that the list remains
in merge order.
2018-03-13 17:15:34 +01:00
Andrzej Kurek
ccbd8a4bbb
Add a missing bracket in ifdef for __cplusplus
2018-03-13 07:52:09 -04:00
Krzysztof Stachowiak
5224a7544c
Prevent arithmetic overflow on bounds check
2018-03-13 11:31:38 +01:00
Krzysztof Stachowiak
740b218386
Add bounds check before length read
2018-03-13 11:31:14 +01:00
Krzysztof Stachowiak
027f84c69f
Prevent arithmetic overflow on bounds check
2018-03-13 11:29:24 +01:00
Krzysztof Stachowiak
a1098f81c2
Add bounds check before signature length read
2018-03-13 11:28:49 +01:00
Gilles Peskine
f3ada4adb0
Merge branch 'pr_679' into development-proposed
2018-03-13 00:13:29 +01:00
Gilles Peskine
6dc4a31988
Add ChangeLog entry. Fixes #678
2018-03-13 00:13:06 +01:00
Gilles Peskine
13678d251f
Merge remote-tracking branch 'upstream-public/pr/922' into development-proposed
2018-03-13 00:10:07 +01:00
Gilles Peskine
d5f7d24e84
Merge branch 'pr_1064' into development-proposed
2018-03-13 00:08:05 +01:00
Gilles Peskine
3ff4a074af
Fix ChangeLog style. Fix #918
2018-03-13 00:06:19 +01:00
Gilles Peskine
a31d8206b1
Merge remote-tracking branch 'upstream-public/pr/778' into development-proposed
2018-03-12 23:45:08 +01:00
Gilles Peskine
69845ed00d
Merge remote-tracking branch 'upstream-public/pr/1241' into development-proposed
2018-03-12 23:43:30 +01:00
Gilles Peskine
b21a085bae
Show build modes in code font
...
This clarifies that it's the string to type and not just some
description of it.
2018-03-12 13:12:34 +01:00
Gilles Peskine
469b882947
Merge branch 'pr_1407' into development-proposed
2018-03-11 00:45:10 +01:00
Gilles Peskine
754768262b
Merge remote-tracking branch 'upstream-public/pr/1249' into development-proposed
2018-03-11 00:45:10 +01:00
Gilles Peskine
19c3862d0c
Merge remote-tracking branch 'upstream-public/pr/1079' into development-proposed
2018-03-11 00:45:10 +01:00
Gilles Peskine
34ba06fac8
Merge remote-tracking branch 'upstream-public/pr/1012' into development-proposed
2018-03-11 00:45:09 +01:00
Gilles Peskine
b4c571e603
Merge remote-tracking branch 'upstream-public/pr/1296' into HEAD
2018-03-11 00:44:14 +01:00
Gilles Peskine
3f1b89d251
This fixes #664
2018-03-11 00:35:39 +01:00
Gilles Peskine
08af538ec9
Fix grammar in ChangeLog entry
2018-03-11 00:20:08 +01:00
Gilles Peskine
29d7d4da2f
Merge remote-tracking branch 'upstream-public/pr/936' into development-proposed
2018-03-10 23:51:58 +01:00
Gilles Peskine
9c4f4038dd
Add changelog entry
2018-03-10 23:36:30 +01:00