Manuel Pégourié-Gonnard
85391f2a65
Add curve25519 to the benchmark program
2015-02-16 17:28:11 +00:00
Manuel Pégourié-Gonnard
e579dab5f0
Fix compile issue when buffer_alloc not available
2015-02-16 17:28:10 +00:00
Manuel Pégourié-Gonnard
71e75dc2f0
Fix unused variable issue in some configs
2015-02-16 17:28:10 +00:00
Manuel Pégourié-Gonnard
50da0482e0
Add heap usage for PK in benchmark
2015-02-16 17:28:10 +00:00
Manuel Pégourié-Gonnard
128657d645
Use memory_buffer_alloc() in benchmark if available
...
Allows to measure memory by primitive.
2015-02-16 17:24:57 +00:00
Manuel Pégourié-Gonnard
3b8926c9d1
Adapt mini-client for config-suite-b.h
2015-02-16 17:22:46 +00:00
Manuel Pégourié-Gonnard
a6fc5b2c6a
Add mini_client.c
2015-02-16 17:22:46 +00:00
Manuel Pégourié-Gonnard
ab025803ed
Merge remote-tracking branch 'rich/platform' into development
...
* rich/platform:
modify library/memory_buffer_alloc.c, benchmark.c and the tests main code to use polarssl_exit
modify programs/*.c to use polarssl_snprintf
2015-02-16 16:10:51 +00:00
Manuel Pégourié-Gonnard
aff2976d10
Merge branch 'build' into development
...
* build:
build: make: support windows cross compile
2015-02-16 15:26:09 +00:00
Manuel Pégourié-Gonnard
09eb14c01e
Revert "Require unix-utils in path for windows make"
...
This reverts commit 5d46cca09a
.
In preparation of merging an external contribution that superseedes this
Conflicts:
ChangeLog
2015-02-16 15:25:31 +00:00
Mansour Moufid
c531b4af3c
Apply the semantic patch rm-malloc-cast.cocci.
...
for dir in library programs; do
spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \
--in-place;
done
2015-02-16 10:43:52 +00:00
Manuel Pégourié-Gonnard
671589d9a2
Fix return code in cert_app
2015-02-16 09:24:08 +00:00
Manuel Pégourié-Gonnard
401caadebd
Align ssl_read in fork_server on ssl_server
...
It was the only program using a weird do while( 0 ) with a continue inside
2015-02-16 09:13:40 +00:00
Manuel Pégourié-Gonnard
f53df4fcd8
Fix unchecked return values in mpi_demo
2015-02-16 09:13:40 +00:00
Manuel Pégourié-Gonnard
5c078e17b9
Fix memory leak on bad arguments in ssl_server2
...
Not a big deal, but was annoying in coverity results.
2015-02-16 09:13:40 +00:00
Alon Bar-Lev
18ba0cce8b
build: make: support windows cross compile
...
Add WINDOWS_BUILD macro to enable Windows build on *NIX host.
Add optional suffix for executables.
Fix shared object suffix logic to support multiple suffixes.
Fix soname handling to always match output.
WINDOWS macro sets WINDOWS_BUILD.
WINDOWS_BUILD sets .exe executable suffix.
WINDOWS_BUILD shared mode creates dll import library.
WINDOWS_BUILD shared mode link against dll.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
2015-02-14 01:20:17 +02:00
Rich Evans
012acfc20f
modify library/memory_buffer_alloc.c, benchmark.c and the tests main code to use polarssl_exit
2015-02-13 16:52:49 +00:00
Rich Evans
b92965be74
modify programs/*.c to use polarssl_snprintf
2015-02-13 16:51:44 +00:00
Manuel Pégourié-Gonnard
ac1f76c362
Merge remote-tracking branch 'rich/platform' into development
...
* rich/platform:
Remove dependency on sscanf in lib x509
Fix extra guard in memory_buffer_alloc
rebase from development
implemented macro overriding for polarssl_* library functions
fix bug introduced by the addition of snprintf and assert macro which caused tests to fail without polarssl_platform_c defined
add initial symbols to config and checks to check_config to allow use of macros to define standard functions
reformat and arrange additions to config alphabetically
add missing checks to check_config
add macro definition of assert using polarssl_exit
modify library/memory_buffer_alloc.c, benchmark.c and the tests main code to use polarssl_exit
add POLARSSL_PLATFORM_EXIT_ALT
modify scripts/* and tests/* to use polarssl_snprintf
modify programs/*.c to use polarssl_snprintf
modify library/debug.c to use polarssl_snprintf
modify library/x509*.c to use polarssl_snprintf
modify library/net.c to use polarssl_snprintf
modify oid.c to use polarssl_snprintf
add platform_set_snprintf
Conflicts:
library/memory_buffer_alloc.c
programs/pkey/pk_sign.c
programs/pkey/pk_verify.c
programs/pkey/rsa_sign_pss.c
programs/pkey/rsa_verify_pss.c
programs/ssl/ssl_client2.c
programs/ssl/ssl_pthread_server.c
programs/test/benchmark.c
programs/test/ssl_cert_test.c
2015-02-13 15:11:24 +00:00
Manuel Pégourié-Gonnard
6c5abfa42b
Style: fix trailing spaces
2015-02-13 14:12:07 +00:00
Manuel Pégourié-Gonnard
013bffe5a7
Style: add spaces before line continuation
2015-02-13 14:09:44 +00:00
Rich Evans
77d3638497
modify library/memory_buffer_alloc.c, benchmark.c and the tests main code to use polarssl_exit
2015-02-13 13:50:26 +00:00
Rich Evans
783d9d1c3e
modify programs/*.c to use polarssl_snprintf
2015-02-13 13:50:26 +00:00
Rich Evans
85b05ec389
Cleanup programs further
...
removed casting of main args to void
2015-02-13 13:50:05 +00:00
Rich Evans
18b78c7498
cleanup programs
...
Clean up the contents of programs, add more guards to includes, move all
defines to the top of the top of files, remove some unused includes
2015-02-13 13:50:05 +00:00
Manuel Pégourié-Gonnard
5d46cca09a
Require unix-utils in path for windows make
2015-02-13 12:02:45 +00:00
Manuel Pégourié-Gonnard
1cc0a3405c
Fix missing includes in program
2015-02-10 12:18:15 +00:00
Manuel Pégourié-Gonnard
6f60cd848b
Move from SHA-1 to SHA-256 as default in programs
2015-02-10 11:31:58 +00:00
Manuel Pégourié-Gonnard
7e81e7003f
Fix left out printf's
2015-01-29 11:47:41 +00:00
Manuel Pégourié-Gonnard
860b51642d
Fix url again
2015-01-28 17:12:07 +00:00
Manuel Pégourié-Gonnard
3f738ca40a
Move some ignore patterns to subdirectories
2015-01-28 15:33:23 +00:00
veggie
64a5799637
Minor nits with stdout/stderr.
2015-01-28 15:21:42 +00:00
wslfa
cc334eff3e
aescrypt2.c local char array not initial
...
I change the main() function to a normal function, use many threads call it. so, in concurrent situation, these initial operation is necessary.
2015-01-28 15:28:30 +01:00
Manuel Pégourié-Gonnard
478fac4075
Fix usage string of ssl_client2
...
Found by Hannes Mehnert
2015-01-28 15:28:29 +01:00
Manuel Pégourié-Gonnard
7c9e75a836
Remove a few useless #defines
2015-01-28 15:28:29 +01:00
Rich Evans
f90016aade
Use platform layer in programs for consistency.
2015-01-28 15:28:28 +01:00
Manuel Pégourié-Gonnard
9014b6f227
Rename project in CMake
...
TODO: to create symlinks to the old names!
2015-01-27 15:44:46 +00:00
Manuel Pégourié-Gonnard
6a4ae35788
Link to new name in programs & tests Makefiles
2015-01-27 14:03:24 +01:00
Manuel Pégourié-Gonnard
d43ccb66fb
Quit using deprecated header.
2015-01-23 17:38:09 +00:00
Manuel Pégourié-Gonnard
c26a092b50
Rename static lib name with make
2015-01-23 12:57:33 +00:00
Manuel Pégourié-Gonnard
085ab040aa
Fix website url to use https.
2015-01-23 11:06:27 +00:00
Manuel Pégourié-Gonnard
9698f5852c
Remove maintainer line.
2015-01-23 10:59:00 +00:00
Manuel Pégourié-Gonnard
19f6b5dfaa
Remove redundant "all rights reserved"
2015-01-23 10:54:00 +00:00
Manuel Pégourié-Gonnard
a658a4051b
Update copyright
2015-01-23 09:55:24 +00:00
Manuel Pégourié-Gonnard
9169921271
Rename to mbed TLS in examples
2015-01-22 16:26:39 +00:00
Manuel Pégourié-Gonnard
b64d9a79a4
Remove old test certificates.
...
Avoid duplication with those in tests/data_files
2015-01-22 16:25:32 +00:00
Manuel Pégourié-Gonnard
967a2a5f8c
Change name to mbed TLS in the copyright notice
2015-01-22 14:28:16 +00:00
Manuel Pégourié-Gonnard
34377b1e1c
Fix send_close_notify usage.
2015-01-22 10:46:46 +00:00
Manuel Pégourié-Gonnard
6a0017b7c0
Rename variable for clarity
2015-01-22 10:33:29 +00:00
Paul Bakker
5b8f7eaa3e
Merge new security defaults for programs (RC4 disabled, SSL3 disabled)
2015-01-14 16:26:54 +01:00
Paul Bakker
c82b7e2003
Merge option to disable truncated hmac on the server-side
2015-01-14 16:16:55 +01:00
Manuel Pégourié-Gonnard
a92ed4845c
Fix stupid error in previous commit
...
Since ret is no longer update by close_notify(), we need to reset it to 0
after a successful write.
2015-01-14 10:46:53 +01:00
Manuel Pégourié-Gonnard
687f89beab
Don't check errors on ssl_close_notify()
...
Depending on timing we might get different errors (conn_reset, write failed)
and ignoring them all ends up being almost the same as just not checking
errors.
2015-01-13 21:48:12 +01:00
Paul Bakker
b2eaac154b
Stop assuming chars are signed
2015-01-13 17:15:31 +01:00
Paul Bakker
f3561154ff
Merge support for 1/n-1 record splitting
2015-01-13 16:31:34 +01:00
Paul Bakker
f6080b8557
Merge support for enabling / disabling renegotiation support at compile-time
2015-01-13 16:18:23 +01:00
Paul Bakker
d7e2483bfc
Merge miscellaneous fixes into development
2015-01-13 16:04:38 +01:00
Paul Bakker
8b9bcecaae
Stop assuming chars are signed
2015-01-13 15:59:55 +01:00
Manuel Pégourié-Gonnard
5ba1d52f96
Add memory_buffer_alloc_self_test()
2015-01-13 14:58:00 +01:00
Paul Bakker
d9e2dd2bb0
Merge support for Encrypt-then-MAC
2015-01-13 14:23:56 +01:00
Manuel Pégourié-Gonnard
fa06581c73
Disable RC4 by default in example programs.
2015-01-13 13:03:06 +01:00
Manuel Pégourié-Gonnard
bd47a58221
Add ssl_set_arc4_support()
...
Rationale: if people want to disable RC4 but otherwise keep the default suite
list, it was cumbersome. Also, since it uses a global array,
ssl_list_ciphersuite() is not a convenient place. So the SSL modules look like
the best place, even if it means temporarily adding one SSL setting.
2015-01-13 13:03:06 +01:00
Manuel Pégourié-Gonnard
982865618a
Stop assuming chars are signed
...
(They aren't on ARM by default.)
2015-01-12 19:17:05 +01:00
Manuel Pégourié-Gonnard
448ea506bf
Set min version to TLS 1.0 in programs
2015-01-12 12:32:04 +01:00
Manuel Pégourié-Gonnard
265fe997ff
Use library default for trunc-hmac in ssl_client2
2015-01-09 12:53:19 +01:00
Manuel Pégourié-Gonnard
e117a8fc0d
Make truncated hmac a runtime option server-side
...
Reading the documentation of ssl_set_truncated_hmac() may give the impression
I changed the default for clients but I didn't, the old documentation was
wrong.
2015-01-09 12:52:20 +01:00
Manuel Pégourié-Gonnard
c82ee3555f
Fix tests that were failing with record splitting
2015-01-07 16:39:10 +01:00
Manuel Pégourié-Gonnard
590f416142
Add tests for periodic renegotiation
2014-12-02 10:40:55 +01:00
Manuel Pégourié-Gonnard
615e677c0b
Make renegotiation a compile-time option
2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard
85d915b81d
Add tests for renego security enforcement
2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard
d3b90f797d
Fix bug in ssl_client2 reconnect option
2014-11-27 17:44:46 +01:00
Manuel Pégourié-Gonnard
f29e5de09d
Cosmetics in ssl_server2
2014-11-27 17:44:46 +01:00
Manuel Pégourié-Gonnard
be6ce835a2
Fix typo causing MSVC errors
2014-11-17 14:29:36 +01:00
Manuel Pégourié-Gonnard
3a3066c3ee
ssl_server2 now exits on signal during a read too
2014-11-17 12:50:34 +01:00
Manuel Pégourié-Gonnard
403a86f73d
ssl_server2: exit cleanly on SIGINT too
2014-11-17 12:46:49 +01:00
Manuel Pégourié-Gonnard
49aa99e653
Fix exit codes in cert_app
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
699cafaea2
Implement initial negotiation of EtM
...
Not implemented yet:
- actually using EtM
- conditions on renegotiation
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
367381fddd
Add negotiation of Extended Master Secret
...
(But not the actual thing yet.)
2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
1cbd39dbeb
Implement FALLBACK_SCSV client-side
2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
f138874811
Properly send close_notify in ssl_client2
2014-08-19 16:14:36 +02:00
Manuel Pégourié-Gonnard
a8c0a0dbd0
Add "exchanges" option to test server and client
...
Goal is to test renegotiation better: we need more than one exchange for
server-initiated renego to work reliably (the previous hack for this wouldn't
work with non-blocking I/O and probably not with DTLS either).
Also check message termination in a semi-realistic way.
2014-08-19 13:26:05 +02:00
Manuel Pégourié-Gonnard
296e3b1174
Request renego before write in ssl_server2
...
Will be useful for:
- detecting termination of messages by other means than connection close
- DTLS (can be seen as a special case of the above: datagram-oriented)
2014-08-19 12:59:03 +02:00
Manuel Pégourié-Gonnard
e08660e612
Fix ssl_read() and close_notify error handling in programs
2014-08-19 10:34:37 +02:00
Manuel Pégourié-Gonnard
67686c42e6
Fix undocumented option in ssl_server2
2014-08-19 10:34:37 +02:00
Manuel Pégourié-Gonnard
250b1ca6f3
Fix ssl_server2 exiting on recoverable errors
2014-08-19 10:34:37 +02:00
Paul Bakker
bc3e54c70d
Fix overly rigorous defines in ssl_server2.c
2014-08-18 14:36:17 +02:00
Paul Bakker
d153ef335f
Missing dependencies on POLARSSL_ECP_C fixed
2014-08-18 12:00:28 +02:00
Paul Bakker
09c9dd80ef
Revert 42cc641
. Issue already fixed in 333fdec
.
2014-08-18 11:06:56 +02:00
Paul Bakker
c1283d3f4c
Only use signal() in ssl_server2 on non-Windows platforms
2014-08-18 11:05:51 +02:00
Manuel Pégourié-Gonnard
dcab293bd4
Get rid of SERVERQUIT code in ssl_{client,server}2
2014-08-14 18:33:00 +02:00
Manuel Pégourié-Gonnard
db49330e08
ssl_server2 aborts cleanly on SIGTERM
...
(while waiting for a new connection)
2014-08-14 18:33:00 +02:00
Manuel Pégourié-Gonnard
a39416ff38
Fix bounds and error checking in gen_key.c
2014-08-14 11:34:35 +02:00
Alfred Klomp
7c03424d1c
ssl_mail_client.c: silence warning, check base64_encode() status
...
Found with Clang's `scan-build` tool.
ssl_mail_client.c does a dead store by assigning the return value of
base64_encode() to `len` and not using the value. This causes
scan-build to issue a warning.
Instead of storing the return value into `len`, store it to `ret`, since
base64_encode() returns a status code, not a length. Also check if the
return value is nonzero and print an error; this silences scan-build.
2014-08-14 11:34:35 +02:00
Alfred Klomp
5b78f219d0
ssl_test.c: remove dead store, assign at declaration
...
Found with Clang's `scan-build` tool.
The store to `ret` is not used, it's overwritten shortly after. Assign
the value of 1 at declaration time instead to silence scan-build.
2014-08-14 11:34:34 +02:00
Alfred Klomp
1d42b3ea7e
pem2der.c: fix double-free bug
...
Found with Clang's `scan-build` tool.
load_file() allocates memory to a char** parameter. It then tries to fread() a
file, and if that fails, frees the memory and returns to caller. However, the
char** is not reset to NULL, which causes a double-free error when the caller
later passes it to free().
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
42cc641159
Don't print uninitialized buffer in ssl_mail_client
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
9dbe7c5f17
Remove unreachable code from ssl_pthread_server
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
955028f858
Fix compile error in ssl_pthread_server
2014-08-14 11:34:33 +02:00
Paul Bakker
333fdeca3a
Properly initialize buf
2014-08-04 12:12:09 +02:00
Paul Bakker
3966d71fa8
gen_key should open file as binary for writing DER keys
2014-07-10 15:27:09 +02:00