Manuel Pégourié-Gonnard
d14acbc31a
Test assumptions we make about the platform
...
Things that are not guaranteed by the standard but should be true of all
platforms of interest to us:
- 8-bit chars
- NULL pointers represented by all-bits-zero
2015-05-29 12:25:40 +02:00
Manuel Pégourié-Gonnard
f78e4de6f4
Fix warnings from -pedantic
2015-05-29 10:52:14 +02:00
Manuel Pégourié-Gonnard
009a2640f6
Add test build with -std=c99
2015-05-29 10:31:13 +02:00
Manuel Pégourié-Gonnard
f8b6fdedd9
Remove include that is no longer needed
2015-05-29 10:23:32 +02:00
Manuel Pégourié-Gonnard
864108daab
Move from gmtime_r to gmtime + mutexes
...
* gmtime_r is not standard so -std=c99 warns about it
* Anyway we need global mutexes in the threading layer, so better depend only
on that, rather that global mutexes + some _r functions
2015-05-29 10:18:09 +02:00
Manuel Pégourié-Gonnard
ba19432d2e
Move from asm to __asm by default
...
- GCC with -std=c99 warns about asm but likes __asm
_ armcc5 has __asm but not asm
2015-05-29 10:18:09 +02:00
Manuel Pégourié-Gonnard
cb46fd8216
Avoid non-standard strcasecmp()
2015-05-29 10:18:09 +02:00
Manuel Pégourié-Gonnard
2a84dfd747
Make ssl_cookie.c thread-safe
2015-05-28 17:28:39 +02:00
Manuel Pégourié-Gonnard
b48ef9cce9
Improve documentation about HelloVerifyRequest
2015-05-28 17:28:39 +02:00
Manuel Pégourié-Gonnard
398b206ff0
Update doc for ssl_conf_renegotiation
2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
6ad5d35ba9
Catch a few more likely typos
...
I often mistype MBEDLTS for MBEDTLS
2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
41b9c2b418
Remove individual mdX_file() and shaX_file()
2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
06d5d61302
Adapt programs to generic md_file()
2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
b327168e22
Remove non-generic md_file() programs
2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
bfffa908a6
Implement md_file in the MD layer
2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
eb0d8706ce
Add option for even smaller SHA-256
2015-05-28 16:45:23 +02:00
Manuel Pégourié-Gonnard
a7a3a5fe37
Make SHA-2 implementation smaller
...
Adjust the size/performance trade-off:
* Reduces size of sha256_process() from 7.4KB to 2KB on ARMv7-M
* Reduces performance by less than 14% on Cortex-M4
* Seems to even improve performance on my Core i7
2015-05-28 16:25:05 +02:00
Manuel Pégourié-Gonnard
6a8ca33fa5
Rename ERR_xxx_MALLOC_FAILED to ..._ALLOC_FAILED
2015-05-28 16:25:05 +02:00
Manuel Pégourié-Gonnard
160e384360
Fix bad name choice
2015-05-27 20:27:06 +02:00
Manuel Pégourié-Gonnard
a7f8033fa4
Fix oversights in s/malloc/calloc/
2015-05-27 20:26:40 +02:00
Manuel Pégourié-Gonnard
6c967b95ff
Fix typo in memory_buffer_alloc
2015-05-27 20:18:39 +02:00
Manuel Pégourié-Gonnard
944cfe8899
Allow use of global mutexes with threading_alt
2015-05-27 20:12:05 +02:00
Manuel Pégourié-Gonnard
f7c2eebfcf
Remove unused struct member in ssl_context
...
Actually belongs to ssl_session
2015-05-27 18:06:02 +02:00
Manuel Pégourié-Gonnard
2a1524ccb5
Manually merge 1.3 changelog
2015-05-27 17:59:46 +02:00
Manuel Pégourié-Gonnard
43b08574a6
Avoid memory leak with repeated [gc]ccm_setkey()
2015-05-27 17:23:30 +02:00
Manuel Pégourié-Gonnard
3a89559d71
Fix compile errors in pkcs11.c
2015-05-27 17:09:21 +02:00
Manuel Pégourié-Gonnard
c241b03527
Merge branch 'calloc' into development
...
* calloc:
Remove a few redundant memset after calloc.
Remove references to malloc in strings/names
Update ChangeLog for s/malloc/calloc
Adapt memory_buffer_alloc to calloc
Adapt the platform layer from malloc to calloc
Replace malloc with calloc
2015-05-27 17:01:45 +02:00
Manuel Pégourié-Gonnard
1b8de57827
Remove a few redundant memset after calloc.
...
Using the following semantic patch provided by Mansour Moufid:
@@
expression x;
@@
x = mbedtls_calloc(...)
...
- memset(x, 0, ...);
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard
b2a18a2a98
Remove references to malloc in strings/names
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard
5b9e5b19a1
Update ChangeLog for s/malloc/calloc
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard
200e73179e
Adapt memory_buffer_alloc to calloc
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard
b9ef1182f3
Adapt the platform layer from malloc to calloc
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard
7551cb9ee9
Replace malloc with calloc
...
- platform layer currently broken (not adapted yet)
- memmory_buffer_alloc too
2015-05-26 16:04:06 +02:00
Manuel Pégourié-Gonnard
065122cfe9
Move some defines to ssl_internal.h
2015-05-26 15:01:37 +02:00
Manuel Pégourié-Gonnard
56273daea0
Move some includes to ssl_internal.h
...
Also removed one from ssl.h and add it in programs where it belongs
2015-05-26 15:01:37 +02:00
Manuel Pégourié-Gonnard
cd4fcc6c8b
Move some structures to ssl_internal.h
2015-05-26 15:01:37 +02:00
Manuel Pégourié-Gonnard
5e94ddebbc
Create ssl_internal.h and move some functions
2015-05-26 11:57:05 +02:00
Manuel Pégourié-Gonnard
50518f4195
Rename _wrap headers to _internal
...
Makes it clearer that the user is not supposed to include them
2015-05-26 11:06:12 +02:00
Manuel Pégourié-Gonnard
866eb471da
Update Changelog for session ticket changes
2015-05-25 19:42:14 +02:00
Manuel Pégourié-Gonnard
4214e3a0eb
Update dependencies and documentation
2015-05-25 19:42:14 +02:00
Manuel Pégourié-Gonnard
1e9c4db524
Implement key rotation
2015-05-25 19:42:14 +02:00
Manuel Pégourié-Gonnard
887674a33b
Internal changes in preparation for key rotation
...
- two sets of keys
- separate function for key generation/update
2015-05-25 12:19:00 +02:00
Manuel Pégourié-Gonnard
a0adc1bbe4
Make cipher used in ssl tickets configurable
2015-05-25 10:35:16 +02:00
Manuel Pégourié-Gonnard
1041a39338
Use AES-GCM-256 for session ticket protection
2015-05-20 20:19:42 +02:00
Manuel Pégourié-Gonnard
8eff512274
Fix possible signedness issue in time comparison
2015-05-20 11:41:36 +02:00
Manuel Pégourié-Gonnard
0849a0a910
Make ssl ticket functions thread-safe
2015-05-20 11:34:54 +02:00
Manuel Pégourié-Gonnard
66b8e956bb
Add test build with all except ssl_cli/srv.c
2015-05-20 11:14:58 +02:00
Manuel Pégourié-Gonnard
e057d3bf6b
Relax some dependencies
...
- DTLS_HELLO_VERIFY no longer depends on SRV_C
- SSL_COOKIE_C no longer depends on DTLS_HELLO_VERIFY
Not that much work for us, and easier on users (esp. since it allows just
disabling SRV_C alone).
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
b596abfdc0
Refine cli/srv ifdefs for session tickets
...
- Only the server needs to generate/parse tickets
- Only the client needs to store them
Also adjust prototype of ssl_conf_session_tickets() while at it.
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
cf141ca7e7
Fix #ifdefs on ssl_cli.c or ssl_srv.c
...
Nothing to do with the current branch except I'm going to refine such #ifdefs
for tickets next and I want to start from a clean state
2015-05-20 11:14:57 +02:00